def __init__(self, scope: Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
source_artifact = codepipeline.Artifact()
cloud_assembly_artifact = codepipeline.Artifact()
pipeline = CdkPipeline(self, "Pipeline",
pipeline_name="WebinarPipeline",
cloud_assembly_artifact=cloud_assembly_artifact,
source_action=codepipeline_actions.GitHubSourceAction(
action_name="GitHub",
output=source_artifact,
oauth_token=SecretValue.secrets_manager("github-token"),
trigger=codepipeline_actions.GitHubTrigger.POLL,
# Replace these with your actual GitHub project info
owner="rcouso",
repo="cdkpipeline",
branch="main"),
synth_action=SimpleSynthAction(
source_artifact=source_artifact,
cloud_assembly_artifact=cloud_assembly_artifact,
# Use this if you need a build step (if you're not using ts-node
# or if you have TypeScript Lambdas that need to be compiled).
install_command="npm install -g aws-cdk && pip install -r requirements.txt",
build_command="pytest pipelines_webinar/unittests",
synth_command="cdk synth"
)
)
# PRE STAGE
pre_prod_app = WebServiceStage(self, 'Pre-Prod', env={
'account': '282334958158',
'region' : 'eu-west-1'
})
pre_prod_stage = pipeline.add_application_stage(pre_prod_app)
pre_prod_stage.add_actions(ShellScriptAction(
action_name="Integ",
run_order=pre_prod_stage.next_sequential_run_order(),
additional_artifacts=[source_artifact],
commands=[
"pip install -r requirements.txt",
"pytest pipelines_webinar/integtests",
],
use_outputs={
"SERVICE_URL": pipeline.stack_output(pre_prod_app.url_output)
}))
# pre_prod_stage.add_manual_approval_action(action_name='PromoteToPro')
pipeline.add_application_stage(WebServiceStage(self, 'Prod', env={
'account': '282334958158',
'region' : 'eu-west-1'
}))
def __init__(self, scope: cdk.Construct, construct_id: str,
**kwargs) -> None:
super().__init__(scope, construct_id, **kwargs)
source_artifact = codepipeline.Artifact()
cloud_assembly_artifact = codepipeline.Artifact()
pipeline = CdkPipeline.CdkPipeline(
self,
'Pipeline',
pipeline_name='MyAppPipeline',
cloud_assembly_artifact=cloud_assembly_artifact,
source_action=cpa.GitHubSourceAction(
action_name='Github',
output=source_artifact,
oauth_token=cdk.SecretValue.secrets_manager(
'GITHUB_TOKEN_NAME'),
trigger=cpa.GitHubTrigger.POLL,
owner='cbohara',
repo='aws_projects'),
synth_action=SimpleSynthAction.standard_npm_synth(
source_artifact=source_artifact,
cloud_assembly_artifact=cloud_assembly_artifact))
def __init__(self, scope: Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
source_artifact = codepipeline.Artifact()
cloud_assembly_artifact = codepipeline.Artifact()
github_token_secret_name = os.getenv('GITHUB_TOKEN', '')
pipeline = CdkPipeline(
self,
"Pipeline",
pipeline_name="SharedPipeline",
cloud_assembly_artifact=cloud_assembly_artifact,
source_action=codepipeline_actions.GitHubSourceAction(
action_name="GitHub",
output=source_artifact,
oauth_token=SecretValue.secrets_manager(
github_token_secret_name),
trigger=codepipeline_actions.GitHubTrigger.POLL,
owner="srethira",
repo="cdk-pipeline-shared"),
synth_action=SimpleSynthAction(
source_artifact=source_artifact,
cloud_assembly_artifact=cloud_assembly_artifact,
install_command=
"npm install -g aws-cdk && pip install -r requirements.txt",
# build_command="mvn package",
synth_command="cdk synth",
copy_environment_variables=["GITHUB_TOKEN"]))
pipeline.add_application_stage(
SharedStage(self,
'Testing',
env=Environment(account="462864815626",
region="us-west-1")))
# Do this as many times as necessary with any account and region
# Account and region may be different from the pipeline's.
pipeline.add_application_stage(
SharedStage(self,
'Prod',
env=Environment(account="462864815626",
region="us-west-2")))
def __init__(self, scope: Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
source_artifact = codepipeline.Artifact()
cloud_assembly_artifact = codepipeline.Artifact()
github_token_secret_name = os.getenv('GITHUB_TOKEN', '')
pipeline = CdkPipeline(
self,
"Pipeline",
pipeline_name="MyAppPipeline",
cloud_assembly_artifact=cloud_assembly_artifact,
source_action=codepipeline_actions.GitHubSourceAction(
action_name="GitHub",
output=source_artifact,
oauth_token=SecretValue.secrets_manager(
github_token_secret_name),
trigger=codepipeline_actions.GitHubTrigger.POLL,
owner="srethira",
repo="cdk-pipeline-ecs",
branch="master"),
# Current limitation: generate CodeBuild reports within @aws-cdk/cdk-pipelines
# https://github.com/aws/aws-cdk/issues/10464
synth_action=SimpleSynthAction(
source_artifact=source_artifact,
cloud_assembly_artifact=cloud_assembly_artifact,
# enable privileged mode for docker-in-docker (for asset bundling)
environment=dict(privileged=True),
install_command="pipeline/bin/install.sh",
build_command="python -m unittest test/test_*",
synth_command="cdk synth",
copy_environment_variables=["GITHUB_TOKEN"]))
# Do this as many times as necessary with any account and region for testing
# Account and region may be different from the pipeline's.
test = ApplicationStage(self,
'Testing',
env=Environment(account="462864815626",
region="us-west-1"))
test_stage = pipeline.add_application_stage(test)
test_stage.add_actions(
ShellScriptAction(
action_name='validate',
commands=['curl -Ssf $ENDPOINT_URL/container'],
use_outputs=dict(ENDPOINT_URL=pipeline.stack_output(
test.load_balancer_address))))
test_stage.add_actions(
ShellScriptAction(action_name='integration',
commands=['python -m unittest test/test_*'],
additional_artifacts=[source_artifact]))
# Do this as many times as necessary with any account and region for prod
prod = ApplicationStage(self,
'Prod',
env=Environment(account="462864815626",
region="us-west-2"))
prod_stage = pipeline.add_application_stage(prod)
prod_stage.add_actions(
ShellScriptAction(
action_name='validate',
commands=['curl -Ssf $ENDPOINT_URL/container'],
use_outputs=dict(ENDPOINT_URL=pipeline.stack_output(
prod.load_balancer_address))))
prod_stage.add_actions(
ShellScriptAction(action_name='integration',
commands=['python -m unittest test/test_*'],
additional_artifacts=[source_artifact]))
def __init__(self, scope: Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
source_artifact = codepipeline.Artifact()
cloud_assembly_artifact = codepipeline.Artifact()
pipeline = CdkPipeline(
self,
"Pipeline",
pipeline_name="WebinarPipeline",
cloud_assembly_artifact=cloud_assembly_artifact,
source_action=codepipeline_actions.GitHubSourceAction(
action_name="GitHub",
output=source_artifact,
oauth_token=SecretValue.secrets_manager("github-token"),
trigger=codepipeline_actions.GitHubTrigger.POLL,
# Replace these with your actual GitHub project info
owner="rcouso",
repo="cdkpipeline",
branch="main"),
synth_action=SimpleSynthAction(
source_artifact=source_artifact,
cloud_assembly_artifact=cloud_assembly_artifact,
# Use this if you need a build step (if you're not using ts-node
# or if you have TypeScript Lambdas that need to be compiled).
install_command=
"npm install -g aws-cdk && pip install -r requirements.txt",
build_command="pytest pipelines_webinar/unittests",
synth_command="cdk synth"))
# DEV STAGE
dev_app = WebServiceStage(self,
'Dev',
env={
'account': '722610601746',
'region': 'eu-west-1'
})
dev_stage = pipeline.add_application_stage(dev_app)
dev_stage.add_actions(
ShellScriptAction(
action_name="Integ",
run_order=dev_stage.next_sequential_run_order(),
additional_artifacts=[source_artifact],
environment=BuildEnvironment(
environment_variables={
'CODECOV_TOKEN':
aws_codebuild.BuildEnvironmentVariable(
value='9e4d7998-7a8e-45a2-81fe-8a9c761cb03a')
}),
commands=[
"pip install -r requirements.txt",
"pytest pipelines_webinar/integtests",
"echo 'TOKEN='$CODECOV_TOKEN"
# coverage
# "pip install coverage",
# "coverage run -a --source pipelines_webinar/unittests",
# "coverage run -a --source pipelines_webinar/integtests",
# "bash pipelines_webinar/coverage.sh"
],
use_outputs={
"SERVICE_URL": pipeline.stack_output(dev_app.url_output)
}))
dev_stage.add_manual_approval_action(action_name='PromoteToPro')
# PRO STAGE
pipeline.add_application_stage(
WebServiceStage(self,
'Prod',
env={
'account': '807034265755',
'region': 'eu-west-1'
}))
def __init__(self, scope: Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
CODECOMMIT_REPO_NAME = cdk.CfnParameter(
self,
"CodeCommitRepoName",
type="String",
default="serverless-api-pipeline-cdk",
description="CodeCommit repository with the project code"
).value_as_string
PIPELINE_NAME = "serverless-api-pipeline-cdk"
source_artifact = codepipeline.Artifact()
cloud_assembly_artifact = codepipeline.Artifact()
pipeline = CdkPipeline(
self,
"Pipeline",
pipeline_name=PIPELINE_NAME,
cloud_assembly_artifact=cloud_assembly_artifact,
source_action=codepipeline_actions.CodeCommitSourceAction(
action_name="CodeCommit",
output=source_artifact,
branch='main',
trigger=codepipeline_actions.CodeCommitTrigger.POLL,
repository=codecommit.Repository(
self,
'ServerlessApiRepository',
repository_name=CODECOMMIT_REPO_NAME)),
synth_action=SimpleSynthAction.standard_npm_synth(
source_artifact=source_artifact,
cloud_assembly_artifact=cloud_assembly_artifact,
environment={'privileged': True},
install_command=
'cd ./serverless-rest-api/python-http-cdk; npm install -g aws-cdk; pip install -r requirements.txt; pip install -r ./src/api/requirements.txt ',
synth_command='cdk synth --output $CODEBUILD_SRC_DIR/cdk.out'))
# Add testing stage to the pipeline and testing activity with permissions necessary to run integration tests
testing_stage = AppStage(self,
'serverless-api-pipeline-cdk-Testing',
cognito_stack_name='Cognito')
pipeline_testing_stage = pipeline.add_application_stage(testing_stage)
testing_action = ShellScriptAction(
action_name='IntegrationTest',
additional_artifacts=[source_artifact],
commands=[
'cd ./serverless-rest-api/python-http-cdk',
'pip install -r ./tests/requirements.txt',
'pip install -r ./src/api/requirements.txt',
'python -m pytest tests/integration -v'
],
use_outputs={
'TEST_APPLICATION_STACK_NAME':
pipeline.stack_output(testing_stage.api_stack_name)
},
)
pipeline_testing_stage.add_actions(testing_action)
testing_action.project.add_to_role_policy(
iam.PolicyStatement(
effect=iam.Effect.ALLOW,
actions=[
'cognito-idp:AdminDeleteUser',
'cognito-idp:AdminConfirmSignUp',
'cognito-idp:AdminAddUserToGroup'
],
resources=[
f'arn:aws:cognito-idp:{cdk.Aws.REGION}:{cdk.Aws.ACCOUNT_ID}:userpool/*'
],
))
testing_action.project.add_to_role_policy(
iam.PolicyStatement(
effect=iam.Effect.ALLOW,
actions=['secretsmanager:GetRandomPassword'],
resources=['*'],
))
testing_action.project.add_to_role_policy(
iam.PolicyStatement(
effect=iam.Effect.ALLOW,
actions=['dynamodb:*'],
resources=[
f'arn:aws:dynamodb:{cdk.Aws.REGION}:{cdk.Aws.ACCOUNT_ID}:table/{testing_stage.stage_name}*'
],
))
testing_action.project.add_to_role_policy(
iam.PolicyStatement(
effect=iam.Effect.ALLOW,
actions=['cloudformation:DescribeStacks'],
resources=[
f'arn:aws:cloudformation:{cdk.Aws.REGION}:{cdk.Aws.ACCOUNT_ID}:stack/{testing_stage.stage_name}*/*',
f'arn:aws:cloudformation:{cdk.Aws.REGION}:{cdk.Aws.ACCOUNT_ID}:stack/{testing_stage.cognito_stack_name}/*'
],
))
# Create production deployment stage to the pipeline with manual approval action
deployment_stage = AppStage(self,
'serverless-api-pipeline-cdk-Deployment',
cognito_stack_name='Cognito')
pipeline_deployment_stage = pipeline.add_application_stage(
deployment_stage)
pipeline_deployment_stage.add_actions(
codepipeline_actions.ManualApprovalAction(
action_name='ApproveProductionDeployment', run_order=1))
def __init__(self, scope: Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
repo = codecommit.Repository.from_repository_name(
self, "ImportedRepo", "cdk-pipeline-demo")
test_account = self.node.try_get_context("testAccount")
prod_account = self.node.try_get_context("prodAccount")
source_artifact = codepipeline.Artifact()
cloud_assembly_artifact = codepipeline.Artifact()
pipeline = CdkPipeline(
self,
"LambdaPipeline",
pipeline_name="MyLambdaPipeline",
cloud_assembly_artifact=cloud_assembly_artifact,
source_action=codepipeline_actions.CodeCommitSourceAction(
action_name="CodeCommit",
repository=repo,
output=source_artifact),
# Current limitation: generate CodeBuild reports within @aws-cdk/cdk-pipelines
# https://github.com/aws/aws-cdk/issues/10464
synth_action=SimpleSynthAction(
source_artifact=source_artifact,
cloud_assembly_artifact=cloud_assembly_artifact,
# enable privileged mode for docker-in-docker (for asset bundling)
environment=dict(privileged=True),
install_command="pipeline/bin/install.sh",
synth_command="cdk synth",
))
# Do this as many times as necessary with any account and region for testing
# Account and region may be different from the pipeline's.
test = ApplicationStage(self,
'Test',
env=Environment(
account=test_account["account"],
region=test_account["region"]))
test_stage = pipeline.add_application_stage(test)
test_stage.add_actions(
ShellScriptAction(
action_name='validate',
commands=[
'curl -X POST -H "Content-Type: application/json" -d "{\"option\":\"date\",\"period\":\"today\"}" $ENDPOINT_URL/'
],
use_outputs=dict(
ENDPOINT_URL=pipeline.stack_output(test.gateway_url))))
# Do this as many times as necessary with any account and region for prod
prod = ApplicationStage(self,
'Prod',
env=Environment(
account=prod_account["account"],
region=prod_account["region"]))
prod_stage = pipeline.add_application_stage(prod)
prod_stage.add_actions(
ShellScriptAction(
action_name='validate',
commands=[
'curl -X POST -H "Content-Type: application/json" -d "{\"option\":\"date\",\"period\":\"today\"}" $ENDPOINT_URL/container'
],
use_outputs=dict(
ENDPOINT_URL=pipeline.stack_output(prod.gateway_url))))
def __init__(self, scope: core.Construct, construct_id: str, **kwargs) -> None:
super().__init__(scope, construct_id, **kwargs)
self.source_output = code_pipeline.Artifact()
source_action = codepipeline_actions.GitHubSourceAction(action_name="GitHub_Source",
owner=startuptoolbag_config.github_user,
repo=startuptoolbag_config.github_repo,
oauth_token=core.SecretValue.secrets_manager(
'startuptoolbag-github-oath-token'),
output=self.source_output,
branch='master')
# Note - this is an additional artifact per https://gist.github.com/JelsB/cff41685f12613d23a00951ce1531dbb
application_code = code_pipeline.Artifact('application_code')
cloud_assembly_artifact = code_pipeline.Artifact('cloudformation_output')
synth_action = SimpleSynthAction(
source_artifact=self.source_output,
cloud_assembly_artifact=cloud_assembly_artifact,
install_command='npm install -g aws-cdk && pip install -r requirements.txt',
synth_command='cdk synth',
additional_artifacts=[{'artifact': application_code, 'directory': './'}])
self.cdk_pipeline = CdkPipeline(self, "startuptoolbag-pipeline-project",
cloud_assembly_artifact=cloud_assembly_artifact,
source_action=source_action,
synth_action=synth_action)
# Can not be updated as it is in use by the sub stack
bucket_name = startuptoolbag_config.website_domain_name if startuptoolbag_config.website_domain_name != "" else None
www_site_bucket = s3.Bucket(
self,
f'WWW2_Bucket_{startuptoolbag_config.website_domain_name}',
bucket_name=bucket_name,
website_index_document='index.html',
website_error_document='error.html',
public_read_access=True,
removal_policy=core.RemovalPolicy.DESTROY
)
# Creates infrastructure including cloudfront and the public facing bucket
ub_stage = CDKStage(self, "cdk-stage")
cdk_stage = self.cdk_pipeline.add_application_stage(ub_stage)
# Now need to build react and deploy
# Challenges
# 1. Cant get the bucket out of the stage
# 2. Cant put the codebuild into the stage
# 3. Cant create react build as a separate stage
# 4. Cant export the bucket as a variable because the import attempts to run before the stage is synthesized
build_output_artifact = code_pipeline.Artifact()
codebuild_project = codebuild.PipelineProject(
self, "startuptoolbag-CDKCodebuild",
project_name="startuptoolbag-CodebuildProject",
build_spec=codebuild.BuildSpec.from_source_filename(filename='buildspec.yml'),
environment=codebuild.BuildEnvironment(privileged=True),
description='React Build',
timeout=core.Duration.minutes(60),
)
self.build_action = codepipeline_actions.CodeBuildAction(action_name="ReactBuild",
project=codebuild_project,
input=application_code,
outputs=[build_output_artifact])
self.s3_deploy = codepipeline_actions.S3DeployAction(action_name="ReactS3Push",
input=build_output_artifact,
bucket=www_site_bucket)
self.cdk_pipeline.code_pipeline.add_stage(stage_name="ReactBuild", actions=[self.build_action])
self.cdk_pipeline.code_pipeline.add_stage(stage_name="ReactDeploy", actions=[self.s3_deploy])
self.output = core.CfnOutput(
self, "WWWSITEBUCKETNAME", export_name="WWWSITEBUCKETNAME",
value=www_site_bucket.bucket_name
)
props = {'namespace': 'cdk-example-pipeline'}
self.output_props = props.copy()
self.output_props['WWWSITEBUCKETNAME'] = www_site_bucket