aws

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 16, 2026 License: MIT Imports: 17 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Client 

type Client struct {
	Config aws.Config
	SSM    *ssm.Client
	ECR    *ecr.Client
	ECS    *ecs.Client
}

Client holds AWS service clients

func NewClient 

func NewClient(ctx context.Context, region string) (*Client, error)

NewClient creates a new AWS client with the specified region

func (*Client) NewECSClient 

func (c *Client) NewECSClient() *ECSClient

NewECSClient creates a new ECS client

func (*Client) NewLambdaClient 

func (c *Client) NewLambdaClient() *LambdaClient

NewLambdaClient returns a Lambda client bound to the citadel AWS config.

func (*Client) NewLogsClient 

func (c *Client) NewLogsClient() *LogsClient

NewLogsClient creates a new CloudWatch Logs client

func (*Client) SyncSecrets 

func (c *Client) SyncSecrets(ctx context.Context, cfg *config.DeployConfig, envName, envFile string, dryRun bool) (*SyncResult, error)

SyncSecrets synchronizes secrets from .env file to the env-namespaced SSM prefix "/<name>-<envName>/<KEY>" (see DeployConfig.ResolvedName), so dev and prod secrets stay isolated even when they share one AWS account. The envName parameter is named to avoid shadowing the imported "env" package below.

type ECSClient 

type ECSClient struct {
	// contains filtered or unexported fields
}

ECSClient wraps ECS operations

func (*ECSClient) DiscoverLogGroup 

func (ec *ECSClient) DiscoverLogGroup(ctx context.Context, cfg *config.DeployConfig, env string) (string, error)

DiscoverLogGroup resolves the CloudWatch log group an ECS service writes to by inspecting its task definition's awslogs log driver. This works for any running service regardless of whether Citadel deployed it.

It first looks up the env-namespaced "<name>-<env>" service. If that service isn't found and the config uses no explicit ecs: override, it falls back to the legacy un-namespaced "<name>" service, so the logs daemon keeps working for deployments made before env-namespacing (until they are redeployed).

func (*ECSClient) GetServiceStatus 

func (ec *ECSClient) GetServiceStatus(ctx context.Context, cfg *config.DeployConfig, env string) error

GetServiceStatus returns the current status of an ECS service

func (*ECSClient) UpdateService 

func (ec *ECSClient) UpdateService(ctx context.Context, cfg *config.DeployConfig, env string) error

UpdateService triggers a new deployment for an ECS service

func (*ECSClient) WaitForStableService 

func (ec *ECSClient) WaitForStableService(ctx context.Context, cfg *config.DeployConfig, env string) error

WaitForStableService waits for a service to reach a stable state

type FilterEventsPage 

type FilterEventsPage struct {
	Events    []cwtypes.FilteredLogEvent
	NextToken *string
}

FilterEventsPage is one page of results from FilterLogEvents, used by the citadel-logs ingest loop. Events are NOT pre-sorted; callers should respect the Timestamp on each event when persisting cursors.

type LambdaClient 

type LambdaClient struct {
	// contains filtered or unexported fields
}

LambdaClient wraps the AWS Lambda SDK operations the daemon needs.

func (*LambdaClient) ResolveLogGroup 

func (lc *LambdaClient) ResolveLogGroup(ctx context.Context, functionName string) (string, error)

ResolveLogGroup returns "/aws/lambda/<functionName>" after verifying the function exists in the configured account/region. We resolve eagerly so a typo in citadel.yml fails fast at daemon startup rather than producing empty polls forever.

func (*LambdaClient) UpdateFunctionCode 

func (lc *LambdaClient) UpdateFunctionCode(ctx context.Context, functionName, imageURI string) error

UpdateFunctionCode points the Lambda function at a new container image and returns once AWS accepts the update request (status is then polled via WaitForFunctionUpdated).

func (*LambdaClient) WaitForFunctionUpdated 

func (lc *LambdaClient) WaitForFunctionUpdated(ctx context.Context, functionName string) error

WaitForFunctionUpdated blocks until the function's LastUpdateStatus is Successful (or returns an error if it becomes Failed or the timeout elapses).

type LogsClient 

type LogsClient struct {
	// contains filtered or unexported fields
}

LogsClient wraps CloudWatch Logs operations

func (*LogsClient) FilterEvents 

func (lc *LogsClient) FilterEvents(ctx context.Context, logGroup string, startMs, endMs int64, limit int32, nextToken *string) (*FilterEventsPage, error)

FilterEvents fetches one page of events from logGroup with ts >= startMs and ts < endMs. nextToken is forwarded transparently for pagination. Limit is clamped to the CloudWatch maximum (10000); 0 means default (1000).

func (*LogsClient) GetRecentLogs 

func (lc *LogsClient) GetRecentLogs(ctx context.Context, logGroupName string, lines int) error

GetRecentLogs fetches the most recent log lines (non-streaming, for status command)

func (*LogsClient) StreamLogs 

func (lc *LogsClient) StreamLogs(ctx context.Context, logGroupName string, tailLines int) error

StreamLogs tails CloudWatch logs for the given log group.

It uses FilterLogEvents, which spans every stream in the group, so streams created after tailing starts (e.g. the new task started by a deploy) are picked up automatically — unlike a fixed per-stream poll, which silently goes stale once the running task rotates.

type SyncResult 

type SyncResult struct {
	Updated int
	Skipped int
	Missing []string
}

SyncResult holds the results of a secret sync operation

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.