use directly the interested ELB Listener ARN via env vars; get rid of functions that we don't need; consistency clean-up

Author: Soxasora

.env.development

@@ -179,7 +179,8 @@ PERSISTENCE=1
 SKIP_SSL_CERT_DOWNLOAD=1
 # custom domain ACM, ELBv2
 LOCALSTACK_ENDPOINT=http://aws:4566
-ELB_NAME=mock-lb
+ELB_NAME=sndev-lb
+ELB_LISTENER_ARN=arn:aws:elasticloadbalancing:us-east-1:123456789012:listener/app/sndev-lb/1234567890abcdef/1234567890abcdef
 
 # tor proxy
 TOR_PROXY=http://tor:7050/

api/elb/index.js

@@ -1,66 +1,26 @@
 import AWS from 'aws-sdk'
 import { MockELBv2 } from './mocks'
 
+const ELB_LISTENER_ARN = process.env.ELB_LISTENER_ARN
+
 AWS.config.update({
   region: 'us-east-1'
 })
 
-async function getElb () {
-  try {
-    // get the load balancer
-    const elbv2 = process.env.NODE_ENV === 'development'
-      ? new MockELBv2() // use the mocked elb for local development
-      : new AWS.ELBv2()
-    const { LoadBalancers } = await elbv2.describeLoadBalancers({ Names: [process.env.ELB_NAME] }).promise()
-    console.log('[elbv2] LoadBalancers', LoadBalancers)
-
-    if (!LoadBalancers?.length) {
-      throw new Error('Cannot find a load balancer, check the .env file')
-    }
-
-    return LoadBalancers[0]
-  } catch (error) {
-    console.error('[elbv2] Error getting elb', error)
-    throw error
-  }
-}
-
-async function getElbListener (elbArn) {
-  try {
-    const elbv2 = process.env.NODE_ENV === 'development'
-      ? new MockELBv2() // use the mocked elb for local development
-      : new AWS.ELBv2()
-    const { Listeners } = await elbv2.describeListeners({ LoadBalancerArn: elbArn, Filters: [{ Name: 'protocol', Values: ['HTTPS'] }] }).promise()
-    console.log('[elbv2] Listeners', Listeners)
-
-    if (!Listeners?.length) {
-      throw new Error('Cannot find a listener, check the .env file')
-    }
-
-    return Listeners[0]
-  } catch (error) {
-    console.error('[elbv2] Error getting elb listener', error)
-    throw error
-  }
-}
-
 // attach a certificate to the elb listener
 async function attachCertificateToElb (certificateArn) {
   const elbv2 = process.env.NODE_ENV === 'development'
     ? new MockELBv2() // use the mocked elb for local development
     : new AWS.ELBv2()
-  const elb = await getElb()
-  const elbListener = await getElbListener(elb.LoadBalancerArn)
-  const elbListenerArn = elbListener.ListenerArn
 
   // attach the certificate
   // AWS doesn't throw an error if the certificate is already attached to the listener
   await elbv2.addListenerCertificates({
-    ListenerArn: elbListenerArn,
+    ListenerArn: ELB_LISTENER_ARN,
     Certificates: [{ CertificateArn: certificateArn }]
   }).promise()
 
-  console.log('[elbv2] Certificate', certificateArn, 'attached to listener', elbListenerArn)
+  console.log('[elbv2] Certificate', certificateArn, 'attached to listener', ELB_LISTENER_ARN)
   return true
 }
 
@@ -69,18 +29,15 @@ async function detachCertificateFromElb (certificateArn) {
   const elbv2 = process.env.NODE_ENV === 'development'
     ? new MockELBv2() // use the mocked elb for local development
     : new AWS.ELBv2()
-  const elb = await getElb()
-  const elbListener = await getElbListener(elb.LoadBalancerArn)
-  const elbListenerArn = elbListener.ListenerArn
 
   // detach the certificate
   // AWS doesn't throw an error if the certificate is not attached to the listener
   await elbv2.removeListenerCertificates({
-    ListenerArn: elbListenerArn,
+    ListenerArn: ELB_LISTENER_ARN,
     Certificates: [{ CertificateArn: certificateArn }]
   }).promise()
 
-  console.log('[elbv2] Certificate', certificateArn, 'detached from listener', elbListenerArn)
+  console.log('[elbv2] Certificate', certificateArn, 'detached from listener', ELB_LISTENER_ARN)
   return true
 }
 

api/elb/mocks.js

@@ -2,16 +2,16 @@
 const mockedElb = {
   loadBalancers: [
     {
-      LoadBalancerArn: 'arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/app/mock-lb/1234567890abcdef',
-      DNSName: 'mock-lb.us-east-1.elb.amazonaws.com',
-      LoadBalancerName: 'mock-lb',
+      LoadBalancerArn: 'arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/app/sndev-lb/1234567890abcdef',
+      DNSName: 'sndev-lb.us-east-1.elb.amazonaws.com',
+      LoadBalancerName: 'sndev-lb',
       Type: 'application'
     }
   ],
   listeners: [
     {
-      ListenerArn: 'arn:aws:elasticloadbalancing:us-east-1:123456789012:listener/app/mock-lb/1234567890abcdef/1234567890abcdef',
-      LoadBalancerArn: 'arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/app/mock-lb/1234567890abcdef',
+      ListenerArn: 'arn:aws:elasticloadbalancing:us-east-1:123456789012:listener/app/sndev-lb/1234567890abcdef/1234567890abcdef',
+      LoadBalancerArn: 'arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/app/sndev-lb/1234567890abcdef',
       Protocol: 'HTTPS',
       Port: 443
     }

lib/domain-verification.js

@@ -56,11 +56,11 @@ export async function getValidationValues (certificateArn) {
 // Attach a certificate to the ELB listener
 export async function attachDomainCertificate (certificateArn) {
   try {
-    const result = await attachCertificateToElb(certificateArn)
-    return { result, error: null }
+    await attachCertificateToElb(certificateArn)
+    return { error: null }
   } catch (error) {
     console.error(`Failed to attach certificate to elb: ${error.message}`)
-    return { result: null, error: error.message }
+    return { error: error.message }
   }
 }
 
@@ -120,24 +120,24 @@ export async function verifyDNSRecord (type, recordName, recordValue) {
   return result
 }
 
-// Delete a certificate for a custom domain
-export async function deleteDomainCertificate (certificateArn) {
+// Detach a certificate from the elb listener
+export async function detachDomainCertificate (certificateArn) {
   try {
-    await deleteCertificate(certificateArn)
+    await detachCertificateFromElb(certificateArn)
     return { error: null }
   } catch (error) {
-    console.error(`Failed to delete certificate: ${error.message}`)
+    console.error(`Failed to detach certificate from elb: ${error.message}`)
     return { error: error.message }
   }
 }
 
-// Detach a certificate from the elb listener
-export async function detachDomainCertificate (certificateArn) {
+// Delete a certificate for a custom domain
+export async function deleteDomainCertificate (certificateArn) {
   try {
-    await detachCertificateFromElb(certificateArn)
+    await deleteCertificate(certificateArn)
     return { error: null }
   } catch (error) {
-    console.error(`Failed to detach certificate from elb: ${error.message}`)
+    console.error(`Failed to delete certificate: ${error.message}`)
     return { error: error.message }
   }
 }

worker/domainVerification.js

@@ -252,14 +252,14 @@ async function attachACMCertificateToELB (domain, models, certificateArn) {
   let message = null
 
   // attach the certificate to the ELB listener
-  const { result, error } = await attachDomainCertificate(certificateArn)
-  if (result) {
+  const { error } = await attachDomainCertificate(certificateArn)
+  if (!error) {
     message = `Certificate ${certificateArn} is now attached to ELB listener`
   } else {
     message = `Could not attach certificate ${certificateArn} to ELB listener: ${error.message}`
   }
 
-  const status = result ? 'VERIFIED' : 'FAILED'
+  const status = !error ? 'VERIFIED' : 'FAILED'
   await logAttempt({ domain, models, stage: 'ELB_ATTACH_CERTIFICATE', status, message })
   return status !== 'FAILED'
 }
@@ -307,9 +307,9 @@ export async function deleteCertificateExternal ({ data: { certificateArn } }) {
   }
 
   // delete the certificate from ACM
-  const { error } = await deleteDomainCertificate(certificateArn)
-  if (error) {
-    console.error(`couldn't delete certificate with ARN ${certificateArn}: ${error.message}`)
-    throw error
+  const { error: deleteError } = await deleteDomainCertificate(certificateArn)
+  if (deleteError) {
+    console.error(`couldn't delete certificate with ARN ${certificateArn}: ${deleteError.message}`)
+    throw deleteError
   }
 }