WIP

Yuriy Bezsonov · Yuriy Bezsonov · commit fa2011c176bd · 2025-12-14T05:57:29.000+01:00
diff --git a/infra/cdk/src/main/java/sample/com/constructs/Ide.java b/infra/cdk/src/main/java/sample/com/constructs/Ide.java
@@ -104,6 +104,17 @@ public Ide(final Construct scope, final String id, final IdeProps props) {
             ))
             .build();
 
+        // Add CloudFormation signaling permissions
+        PolicyStatement cfnSignalPermissions = PolicyStatement.Builder.create()
+            .effect(Effect.ALLOW)
+            .actions(List.of(
+                "cloudformation:SignalResource"
+            ))
+            .resources(List.of("*"))
+            .build();
+
+        workshopRole.addToPolicy(cfnSignalPermissions);
+
         // Load additional IAM policy from file
         var policyDocumentJson = loadFile("/iam-policy.json");
         if (policyDocumentJson != null) {
@@ -151,7 +162,7 @@ public Ide(final Construct scope, final String id, final IdeProps props) {
 
         // Create CloudFront prefix list lookup Lambda function
         var prefixListLookup = new Lambda(this, "PrefixListLookup",
-            "/lambda/cloudfront-prefix-lookup.py", Aws.STACK_NAME + "-cloudfront-prefix-lookup", Duration.minutes(3), lambdaRole);
+            "/lambda/cloudfront-prefix-lookup.py", "ide-cloudfront-prefix-lookup", Duration.minutes(3), lambdaRole);
         var prefixListFunction = prefixListLookup.getFunction();
 
         // Add EC2 permissions for prefix list lookup
@@ -357,7 +368,7 @@ public Ide(final Construct scope, final String id, final IdeProps props) {
 
         // Create instance launcher Lambda with multi-AZ and multi-instance-type failover
         var instanceLauncher = new Lambda(this, "InstanceLauncher",
-            "/lambda/ec2-launcher.py", Aws.STACK_NAME + "-ec2-launcher", Duration.minutes(5), lambdaRole);
+            "/lambda/ec2-launcher.py", "ide-ec2-launcher", Duration.minutes(5), lambdaRole);
         var instanceLauncherFunction = instanceLauncher.getFunction();
 
         // Create EC2 instance via Custom Resource with intelligent failover
diff --git a/infra/scripts/ide/vscode.sh b/infra/scripts/ide/vscode.sh
@@ -43,7 +43,7 @@ run_as_user() {
 }
 
 echo "Installing code-server..."
-codeServer=$(dnf list installed code-server | wc -l)
+codeServer=$(dnf list installed code-server 2>/dev/null | wc -l)
 if [ "$codeServer" -eq "0" ]; then
   # Install as ec2-user with retry logic - pass version as environment variable
   retry_critical "sudo -u ec2-user bash -c 'curl -fsSL https://code-server.dev/install.sh | sh -s -- --version $VSCODE_VERSION'"
diff --git a/infra/workshop-template.yaml b/infra/workshop-template.yaml
@@ -245,6 +245,9 @@ Resources:
     Properties:
       PolicyDocument:
         Statement:
+          - Action: cloudformation:SignalResource
+            Effect: Allow
+            Resource: "*"
           - Action:
               - secretsmanager:DescribeSecret
               - secretsmanager:GetSecretValue
@@ -456,11 +459,7 @@ Resources:
                       responseData = {'Error': tb_err}
                   finally:
                       cfnresponse.send(event, context, status, responseData, 'CustomResourcePhysicalID')
-      FunctionName:
-        Fn::Join:
-          - ""
-          - - Ref: AWS::StackName
-            - -cloudfront-prefix-lookup
+      FunctionName: ide-cloudfront-prefix-lookup
       Handler: index.lambda_handler
       Role:
         Fn::GetAtt:
@@ -697,11 +696,7 @@ Resources:
                   responseData = {'Error': tb_err}
 
               cfnresponse.send(event, context, status, responseData, physical_id)
-      FunctionName:
-        Fn::Join:
-          - ""
-          - - Ref: AWS::StackName
-            - -ec2-launcher
+      FunctionName: ide-ec2-launcher
       Handler: index.lambda_handler
       Role:
         Fn::GetAtt:
@@ -719,6 +714,30 @@ Resources:
         Fn::GetAtt:
           - IdeInstanceLauncherFunction803C5A2A
           - Arn
+      ImageId:
+        Ref: SsmParameterValueawsserviceamiamazonlinuxlatestal2023amikernel61x8664C96584B6F00A464EAD1953AFF4B05118Parameter
+      SecurityGroupIds:
+        Fn::Join:
+          - ""
+          - - Fn::GetAtt:
+                - IdeIdeSecurityGroup5C503C8A
+                - GroupId
+            - ","
+            - Fn::GetAtt:
+                - IdeIdeInternalSecurityGroupD5D3B421
+                - GroupId
+      SubnetIds:
+        Fn::Join:
+          - ""
+          - - Ref: VpcWorkshopVpcPublicSubnet1SubnetBCB45C45
+            - ","
+            - Ref: VpcWorkshopVpcPublicSubnet2SubnetF8F9426F
+      VolumeSize: "50"
+      IamInstanceProfileArn:
+        Fn::GetAtt:
+          - IdeIdeInstanceProfile8BD997EA
+          - Arn
+      InstanceName: ide
       InstanceTypes: m5.xlarge,m6i.xlarge,t3.xlarge
       UserData:
         Fn::Base64:
@@ -838,30 +857,6 @@ Resources:
                     /opt/aws/bin/cfn-signal -e 1 --stack "$STACK_NAME" --resource IdeBootstrapWaitCondition --region "$AWS_REGION"
                     exit 1
                 fi
-      ImageId:
-        Ref: SsmParameterValueawsserviceamiamazonlinuxlatestal2023amikernel61x8664C96584B6F00A464EAD1953AFF4B05118Parameter
-      SecurityGroupIds:
-        Fn::Join:
-          - ""
-          - - Fn::GetAtt:
-                - IdeIdeSecurityGroup5C503C8A
-                - GroupId
-            - ","
-            - Fn::GetAtt:
-                - IdeIdeInternalSecurityGroupD5D3B421
-                - GroupId
-      SubnetIds:
-        Fn::Join:
-          - ""
-          - - Ref: VpcWorkshopVpcPublicSubnet1SubnetBCB45C45
-            - ","
-            - Ref: VpcWorkshopVpcPublicSubnet2SubnetF8F9426F
-      VolumeSize: "50"
-      IamInstanceProfileArn:
-        Fn::GetAtt:
-          - IdeIdeInstanceProfile8BD997EA
-          - Arn
-      InstanceName: ide
     UpdateReplacePolicy: Delete
     DeletionPolicy: Delete
   IdeIdeEipAssociation6C6C215D:
@@ -1334,12 +1329,12 @@ Resources:
       Description: base-setup build complete
       EventPattern:
         detail:
+          project-name:
+            - Ref: CodeBuildProjectA0FF5539
           build-status:
             - SUCCEEDED
             - FAILED
             - STOPPED
-          project-name:
-            - Ref: CodeBuildProjectA0FF5539
         detail-type:
           - CodeBuild Build State Change
         source:
@@ -1377,7 +1372,7 @@ Resources:
           - Arn
       ProjectName:
         Ref: CodeBuildProjectA0FF5539
-      ContentHash: "1765687186152"
+      ContentHash: "1765688217799"
     DependsOn:
       - CodeBuildBuildCompleteRuleAllowEventRuleWorkshopStackCodeBuildReportLambdaFunctionD77C6091DA4A4BD8
       - CodeBuildBuildCompleteRule06AAF17D

Original file line number	Diff line number	Diff line change
`@@ -43,7 +43,7 @@ run_as_user() {`
`43`	`43`	`}`
`44`	`44`
`45`	`45`	`echo "Installing code-server..."`
`46`		`-codeServer=$(dnf list installed code-server \| wc -l)`
	`46`	`+codeServer=$(dnf list installed code-server 2>/dev/null \| wc -l)`
`47`	`47`	`if [ "$codeServer" -eq "0" ]; then`
`48`	`48`	`# Install as ec2-user with retry logic - pass version as environment variable`
`49`	`49`	`retry_critical "sudo -u ec2-user bash -c 'curl -fsSL https://code-server.dev/install.sh \| sh -s -- --version $VSCODE_VERSION'"`