serverless.yml

service: abstractplay

plugins:
  - serverless-dotnet
  - serverless-aws-documentation
  - serverless-reqvalidator-plugin
  - serverless-domain-manager
  # - serverless-pseudo-parameters

# You can pin your service to only deploy with a specific Serverless version
# Check out our docs for more details
# frameworkVersion: "=X.X.X"

provider:
  name: aws
  runtime: dotnetcore2.1
  memorySize: 512
  timeout: 30
  versionFunctions: false
  environment:
    COMPlus_TieredCompilation : 1
    # sns_mutator: ${self:custom.snsMutatorArn}
    # sns_pinger: ${self:custom.snsPingerArn}
    # sns_maker: ${self:custom.snsMakerArn}
    # sns_mover: ${self:custom.snsMoverArn}
    url_games: ${file(../apsecrets.yml):domains.games.${self:custom.stage}.domain}

  stage: dev
  region: us-east-2

functions:
  GraphQLPublic:
    handler: abstractplay::abstractplay.DBFunctions::GraphQL
    environment:
      db_server: ${file(../apsecrets.yml):db_server}
      db_database: ${file(../apsecrets.yml):db_database}
      db_username: ${file(../apsecrets.yml):db_username}
      db_password: ${file(../apsecrets.yml):db_password}
    vpc:
      securityGroupIds:
        - ${file(../apsecrets.yml):secGroup}
      subnetIds:
        - ${file(../apsecrets.yml):subnet1}
        - ${file(../apsecrets.yml):subnet2}
        - ${file(../apsecrets.yml):subnet3}
    events:
      - http:
          path: /graphql
          method: get
          cors: true
          reqValidatorName: 'xRequestValidateQuery'
          request:
            parameters:
              querystrings:
                query: true
          documentation:
            summary: "GraphQL entry point (read only)"
            description: "This is how clients are to request data from the service. It is read only! Changes are made through other endpoints."

  GraphQLAuthGet:
    handler: abstractplay::abstractplay.DBFunctions::GraphQLAuth
    environment:
      db_server: ${file(../apsecrets.yml):db_server}
      db_database: ${file(../apsecrets.yml):db_database}
      db_username: ${file(../apsecrets.yml):db_username}
      db_password: ${file(../apsecrets.yml):db_password}
    vpc:
      securityGroupIds:
        - ${file(../apsecrets.yml):secGroup}
      subnetIds:
        - ${file(../apsecrets.yml):subnet1}
        - ${file(../apsecrets.yml):subnet2}
        - ${file(../apsecrets.yml):subnet3}
    events:
      - http:
          path: /graphqlauth
          method: get
          cors: true
          authorizer:
            arn: ${file(../apsecrets.yml):cognitoarn}
          reqValidatorName: 'xRequestValidateQuery'
          request:
            parameters:
              querystrings:
                query: true
          documentation:
            summary: "Authenticated GraphQL entry point (read only)"
            description: "This is how authenticated clients are to request data from the service. Mutation requests can only be made via POST."

  GraphQLAuthPost:
    handler: abstractplay::abstractplay.DBFunctions::GraphQLAuth
    environment:
      db_server: ${file(../apsecrets.yml):db_server}
      db_database: ${file(../apsecrets.yml):db_database}
      db_username: ${file(../apsecrets.yml):db_username}
      db_password: ${file(../apsecrets.yml):db_password}
    vpc:
      securityGroupIds:
        - ${file(../apsecrets.yml):secGroup}
      subnetIds:
        - ${file(../apsecrets.yml):subnet1}
        - ${file(../apsecrets.yml):subnet2}
        - ${file(../apsecrets.yml):subnet3}
    events:
      - http:
          path: /graphqlauth
          method: post
          cors: true
          authorizer:
            arn: ${file(../apsecrets.yml):cognitoarn}
          reqValidatorName: 'xRequestValidateBody'
          documentation:
            summary: "Authenticated GraphQL entry point (read/write)"
            description: "This is how authenticated clients are to mutate data."
            requestModels:
              "application/json": "RequestGraphQLPost"

  GetGuid:
    handler: abstractplay::abstractplay.Functions::GetSequentialGuid
    events:
      - http:
          path: /debug/guid
          method: get
          cors: true
          authorizer:
            arn: ${file(../apsecrets.yml):cognitoarn}
          documentation:
            summary: "Generate a new sequential GUID"
            description: "Generate a new sequential GUID"

# you can add CloudFormation resource templates here
resources:
  Resources:
    xRequestValidateBody:
      Type: "AWS::ApiGateway::RequestValidator"
      Properties:
        Name: 'reqvalidator-body'
        RestApiId: 
          Ref: ApiGatewayRestApi
        ValidateRequestBody: true
        ValidateRequestParameters: false
    xRequestValidateQuery:
      Type: "AWS::ApiGateway::RequestValidator"
      Properties:
        Name: 'reqvalidator-params'
        RestApiId: 
          Ref: ApiGatewayRestApi
        ValidateRequestBody: false
        ValidateRequestParameters: true

custom:
  stage: ${opt:stage, self:provider.stage}
  stageConfig: ${file(../apsecrets.yml):domains.api.${self:custom.stage}}
  region: ${opt:region, self:provider.region}
  dotnet:
    slndir: sln/abstractplay
  customDomain:
    domainName: ${self:custom.stageConfig.domain}
    certificateName: ${self:custom.stageConfig.cert}
    basepath: ''
    stage: ${self:custom.stage}
    createRoute53Record: false
    endpointType: "edge"
  documentation:
    info:
      version: "1"
      title: "Abstract Play API"
      description: "The primary Abstract Play API"
      termsOfService: "https://www.abstractplay.com/terms"
    models:
      -
        name: "RequestGraphQLPost"
        description: "Required body content when POSTing to GraphQL endpoints"
        contentType: "application/json"
        schema: ${file(models/request_graphql_post.json)}