Skip to content

Instantly share code, notes, and snippets.

@miere

miere/DockerConsumingSSMParameterStore.md

Created October 29, 2019 08:02
Show Gist options
  • Save miere/094ee4f86a785b04a54a612c3f2c5ff0 to your computer and use it in GitHub Desktop.
Save miere/094ee4f86a785b04a54a612c3f2c5ff0 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
DockerConsumingSSMParameterStore.md

Consuming SSM Parameter Store from Docker image

This example is based on NodeJs 10.

Requirements

In the following example you gonna need the following env vars defined:

  • APP_NAME: the application name.
  • AWS_REGION: region where the parameters has been stored

Building the image

$ npm install
$ docker build \
    -t ${APP_NAME} \
    --build-arg "AWS_REGION=${AWS_REGION}" \
    --build-arg "APP_NAME=${APP_NAME}" \
    .

Granting permission

  • Running on ECS: Attach an IAM Role to the Task
  • Running inside EC2: Attach an IAM Role to the instance
  • Running locally: you might have to either:
    1. define the AWS ENV Vars manually in the docker build command line
    2. create a valid credentials file and copy it to /root/.aws/credentials inside your image
Raw
Dockerfile
FROM node:10-alpine
ARG AWS_REGION
ENV AWS_REGION=${AWS_REGION}
ENV CHAMBER_URL="https://github.com/segmentio/chamber/releases/download/v2.5.0/chamber-v2.5.0-linux-amd64"
EXPOSE 8080
ADD entrypoint.sh /opt/application/entrypoint.sh
# It assumes you've build your app before generate the Docker image
ADD ./dist/ /opt/application/
RUN apk add curl \
&& curl -o /usr/bin/chamber -LOs ${CHAMBER_URL} \
&& chmod +x /opt/cammy/entrypoint.sh /usr/bin/chamber
WORKDIR /opt/application
CMD /opt/application/entrypoint.sh
Raw
entrypoint.sh
#!/bin/sh
# This is an entrypoint script designed to retrieve variables from AWS SSM Parameter Store.
# It relies on Chamber to download all the parameters and expose them as BASH ENV VARIABLES.
# It will download all variables related to "global" application and those which the
# prefix matches the variable APP_NAME.
#
# For details look at: https://github.com/segmentio/chamber
## FUNCTIONS
load_parameter_store_variables(){
chamber export --format dotenv global | sed 's/\(.*\)/export \1/;s/\\\!/\!/g'
chamber export --format dotenv "${APP_NAME}" | sed 's/\(.*\)/export \1/;s/\\\!/\!/g'
}
## VARIBLES
APP_NAME=${APP_NAME:-"my-app"}
## MAIN
eval $(load_parameter_store_variables)
# TODO: move npm commands to the Dockerfile
node server.js
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment