@flit/cdk-pipeline 1.0.9 → 1.0.11

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@flit/cdk-pipeline",
-  "version": "1.0.9",
+  "version": "1.0.11",
   "license": "Apache-2.0",
   "description": "A highly customizable and extensible CI/CD pipeline intended as alternative to CDK's native CodePipeline",
   "homepage": "https://p-mercury.github.io/jumper-de/modules/_flit_cdk_pipeline",
@@ -15,7 +15,8 @@
   ],
   "author": {
     "name": "Luis Vierroth",
-    "email": "luis@jumper.de"
+    "email": "luis@jumper.de",
+    "url": "https://github.com/p-mercury"
   },
   "repository": {
     "type": "git",
@@ -25,10 +26,12 @@
   "main": "./lib/index.js",
   "types": "./lib/index.d.ts",
   "typedoc": {
-    "entryPoint": "./src/index.ts"
+    "entryPoint": "./src/index.ts",
+    "readmeFile": "./TYPEDOC.md"
   },
   "files": [
     "lib",
+    "src",
     ".jsii",
     "README.md"
   ],
@@ -41,9 +44,9 @@
   },
   "dependencies": {},
   "devDependencies": {
-    "@types/node": "18.15.10",
+    "@types/node": "18.15.11",
     "path": "^0.12.7",
-    "aws-cdk": "2.70.0",
+    "aws-cdk": "2.72.0",
     "cdk-aws-lambda-powertools-layer": "3.3.0",
     "jest": "29.5.0",
     "jsii": "5.0.1",
@@ -51,12 +54,12 @@
     "ts-jest": "29.0.5",
     "ts-node": "10.9.1",
     "typescript": "5.0.2",
-    "aws-cdk-lib": "2.70.0",
-    "constructs": "10.1.293"
+    "aws-cdk-lib": "2.72.0",
+    "constructs": "10.1.296"
   },
   "peerDependencies": {
-    "aws-cdk-lib": "2.70.0",
-    "constructs": "10.1.293"
+    "aws-cdk-lib": "2.72.0",
+    "constructs": "10.1.296"
   },
   "bundledDependencies": [
     "path"

package/src/artifact.ts

@@ -0,0 +1,24 @@
+import { Artifact as AwsArtifact } from "aws-cdk-lib/aws-codepipeline";
+
+import { Segment } from "./segment";
+
+export class Artifact extends AwsArtifact {
+  private producer?: Segment;
+  private consumers: Segment[] = [];
+  constructor() {
+    super();
+  }
+  produce(producer: Segment) {
+    if (this.producer) throw new Error("Artifact is already produced");
+    this.producer = producer;
+  }
+  consume(producer: Segment) {
+    this.consumers.push(producer);
+  }
+  obtainProducer(): Segment | undefined {
+    return this.producer;
+  }
+  obtainConsumers(): Segment[] {
+    return this.consumers;
+  }
+}

package/src/code-commit-source-segment.ts

@@ -0,0 +1,62 @@
+import { IAction } from "aws-cdk-lib/aws-codepipeline";
+import {
+  CodeCommitSourceAction,
+  CodeCommitTrigger,
+} from "aws-cdk-lib/aws-codepipeline-actions";
+import { IRepository } from "aws-cdk-lib/aws-codecommit";
+
+import { Pipeline } from "./pipeline";
+import { Artifact } from "./artifact";
+import { SegmentConstructed } from "./segment";
+import { SourceSegment, SourceSegmentProps } from "./source-segment";
+
+export interface CodeCommitSourceSegmentProps extends SourceSegmentProps {
+  readonly repository: IRepository;
+  readonly branch?: string;
+  readonly trigger?: CodeCommitTrigger;
+  readonly variablesNamespace?: string;
+}
+
+/**
+ * @category Segments
+ */
+export class CodeCommitSourceSegment extends SourceSegment {
+  private props: CodeCommitSourceSegmentProps;
+  constructor(props: CodeCommitSourceSegmentProps) {
+    super(props);
+    this.props = props;
+  }
+  construct(scope: Pipeline): SegmentConstructed {
+    return new CodeCommitSourceSegmentConstructed(
+      scope,
+      this.props.repository.repositoryName,
+      {
+        ...this.props,
+        actionName: this.props.repository.repositoryName,
+      }
+    );
+  }
+}
+
+export interface CodeCommitSourceSegmentConstructedProps {
+  readonly output: Artifact;
+  readonly actionName: string;
+  readonly repository: IRepository;
+  readonly branch?: string;
+  readonly trigger?: CodeCommitTrigger;
+  readonly variablesNamespace?: string;
+}
+
+export class CodeCommitSourceSegmentConstructed extends SegmentConstructed {
+  readonly name: string;
+  readonly actions: IAction[];
+  constructor(
+    scope: Pipeline,
+    id: string,
+    props: CodeCommitSourceSegmentConstructedProps
+  ) {
+    super(scope, id);
+    this.name = "Source";
+    this.actions = [new CodeCommitSourceAction(props)];
+  }
+}

package/src/git-hub-source-segment.ts

@@ -0,0 +1,64 @@
+import { IAction } from "aws-cdk-lib/aws-codepipeline";
+import {
+  GitHubSourceAction,
+  GitHubTrigger,
+} from "aws-cdk-lib/aws-codepipeline-actions";
+import { SecretValue } from "aws-cdk-lib";
+
+import { Pipeline } from "./pipeline";
+import { Artifact } from "./artifact";
+import { SegmentConstructed } from "./segment";
+import { SourceSegment, SourceSegmentProps } from "./source-segment";
+
+export interface GitHubSourceSegmentProps extends SourceSegmentProps {
+  readonly oauthToken: SecretValue;
+  readonly owner: string;
+  readonly repository: string;
+  readonly branch?: string;
+  readonly trigger?: GitHubTrigger;
+  readonly variablesNamespace?: string;
+}
+
+/**
+ * @category Segments
+ */
+export class GitHubSourceSegment extends SourceSegment {
+  private props: GitHubSourceSegmentProps;
+  constructor(props: GitHubSourceSegmentProps) {
+    super(props);
+    this.props = props;
+  }
+  construct(scope: Pipeline): SegmentConstructed {
+    return new GitHubSourceSegmentConstructed(scope, this.props.repository, {
+      ...this.props,
+      actionName: this.props.repository,
+      repo: this.props.repository,
+    });
+  }
+}
+
+export interface GitHubSourceSegmentConstructedProps {
+  readonly output: Artifact;
+  readonly actionName: string;
+  readonly oauthToken: SecretValue;
+  readonly owner: string;
+  readonly repo: string;
+  readonly branch?: string;
+  readonly runOrder?: number;
+  readonly trigger?: GitHubTrigger;
+  readonly variablesNamespace?: string;
+}
+
+export class GitHubSourceSegmentConstructed extends SegmentConstructed {
+  readonly name: string;
+  readonly actions: IAction[];
+  constructor(
+    scope: Pipeline,
+    id: string,
+    props: GitHubSourceSegmentConstructedProps
+  ) {
+    super(scope, id);
+    this.name = "Source";
+    this.actions = [new GitHubSourceAction(props)];
+  }
+}

package/src/index.ts

@@ -0,0 +1,10 @@
+export * from "./artifact";
+export * from "./code-commit-source-segment";
+export * from "./git-hub-source-segment";
+export * from "./pipeline-segment";
+export * from "./pipeline";
+export * from "./publish-assets-action";
+export * from "./s3-source-segment";
+export * from "./segment";
+export * from "./source-segment";
+export * from "./stack-segment";

package/src/pipeline-segment.ts

@@ -0,0 +1,68 @@
+import { BuildEnvironmentVariable } from "aws-cdk-lib/aws-codebuild";
+
+import { Artifact } from "./artifact";
+import { Segment, SegmentConstructed } from "./segment";
+import { StackSegmentConstructed } from "./stack-segment";
+import { Pipeline } from "./pipeline";
+
+export interface PipelineSegmentProps {
+  /**
+   * The input arfifact for the build stage.
+   */
+  readonly input: Artifact | Artifact[];
+  /**
+   * The command(s) to build the stack.
+   * @example "cdk synth StackName --strict --exclusively"
+   */
+  readonly command: string | string[];
+  /**
+   * The environmental variables for the build stage.
+   */
+  readonly environmentVariables?: { [key: string]: BuildEnvironmentVariable };
+  /**
+   * The name of the stack to apply this action to.
+   * @deafult The name of the given stack.
+   */
+  readonly stackName?: string;
+  /**
+   * The AWS account this Action is supposed to operate in.
+   */
+  readonly account?: string;
+  /**
+   * The AWS region the given Action resides in.
+   */
+  readonly region?: string;
+
+  /**
+   * The artifact to hold the stack deployment output file.
+   * @default no output artifact
+   */
+  readonly output?: Artifact;
+  /**
+   * Does this stage require manual approval of the change set?
+   * @default false
+   */
+  readonly manualApproval?: Boolean;
+}
+
+/**
+ * @category Segments
+ */
+export class PipelineSegment extends Segment {
+  readonly isPipeline: boolean = true;
+  readonly props: PipelineSegmentProps;
+
+  constructor(props: PipelineSegmentProps) {
+    super(props);
+    this.props = props;
+  }
+
+  construct(scope: Pipeline): SegmentConstructed {
+    return new StackSegmentConstructed(scope, `Deploy${scope.stackName}`, {
+      ...this.props,
+      stack: scope,
+      input: this.inputs[0],
+      extraInputs: this.inputs.slice(1),
+    });
+  }
+}

package/src/pipeline.ts

@@ -0,0 +1,94 @@
+import { App, Stack, StackProps } from "aws-cdk-lib";
+import { Construct } from "constructs";
+import { Pipeline as AwsPipeline, IAction } from "aws-cdk-lib/aws-codepipeline";
+import * as path from "path";
+
+import { Artifact } from "./artifact";
+import { Segment } from "./segment";
+import { SourceSegment } from "./source-segment";
+import { PipelineSegment } from "./pipeline-segment";
+
+export interface PipelineProps extends StackProps {
+  /**
+   * The name of the generated pipeline.
+   * @default Stack ID
+   */
+  readonly pipelineName?: string;
+  /**
+   * The path to the cdk projects root directory containing the cdk.json file
+   * relative to the asset root
+   */
+  readonly rootDir: string;
+  /**
+   * The segments to populating the pipeline.
+   */
+  readonly segments: Segment[];
+}
+
+/**
+ * @category Constructs
+ */
+export class Pipeline extends Stack {
+  readonly pipelineName: string;
+  readonly rootDir: string;
+  readonly buildDir: string;
+
+  constructor(scope: Construct, id: string, readonly props: PipelineProps) {
+    super(scope, id, props);
+
+    this.pipelineName = props.pipelineName ? props.pipelineName : id;
+    this.rootDir = props.rootDir;
+    this.buildDir = path.join(this.rootDir, (this.node.root as App).outdir);
+
+    if (!this.bundlingRequired) return;
+
+    props.segments.forEach((segment: Segment) => {
+      segment.inputs.forEach((artifact: Artifact) => {
+        if (!artifact.obtainProducer())
+          throw new Error("Artifact consumed but never produced.");
+      });
+    });
+
+    const sourceSegments: SourceSegment[] = props.segments.filter(
+      (segment: Segment) => segment.isSource
+    ) as SourceSegment[];
+
+    const pipelineSegment: PipelineSegment | undefined = props.segments.find(
+      (segment: Segment) => segment.isPipeline
+    ) as PipelineSegment;
+
+    const segments: Segment[] = props.segments.filter(
+      (segment: Segment) => !segment.isSource && !segment.isPipeline
+    );
+
+    new AwsPipeline(this, "Pipeline", {
+      pipelineName: props.pipelineName,
+      restartExecutionOnUpdate: true,
+      stages: [
+        {
+          stageName: "Source",
+          actions: [
+            ...sourceSegments.reduce(
+              (actions: IAction[], segment: SourceSegment) => [
+                ...actions,
+                ...segment.construct(this).actions,
+              ],
+              []
+            ),
+          ],
+        },
+        {
+          stageName: "Pipeline",
+          actions: [...pipelineSegment.construct(this).actions],
+        },
+        ...segments.map((segment: Segment) => {
+          const build = segment.construct(this);
+          return {
+            stageName: build.name,
+            actions: build.actions,
+          };
+        }),
+      ],
+    });
+  }
+}

package/src/publish-assets-action.ts

@@ -0,0 +1,126 @@
+import { Stack } from "aws-cdk-lib";
+import { Construct } from "constructs";
+import {
+  ActionBindOptions,
+  ActionConfig,
+  ActionProperties,
+  Artifact,
+  IAction,
+  IStage,
+} from "aws-cdk-lib/aws-codepipeline";
+import { BuildSpec, LinuxBuildImage, Project } from "aws-cdk-lib/aws-codebuild";
+import { CodeBuildAction } from "aws-cdk-lib/aws-codepipeline-actions";
+import {
+  AccountPrincipal,
+  CompositePrincipal,
+  PolicyDocument,
+  PolicyStatement,
+  Role,
+  ServicePrincipal,
+} from "aws-cdk-lib/aws-iam";
+import { IRuleTarget, RuleProps, Rule } from "aws-cdk-lib/aws-events";
+import * as path from "path";
+
+export interface PublishAssetsActionProps {
+  readonly actionName: string;
+  readonly input: Artifact;
+  readonly manifestPath: string;
+  readonly runOrder?: number;
+}
+
+export class PublishAssetsAction extends Construct implements IAction {
+  public readonly actionProperties: ActionProperties;
+
+  bound(
+    scope: Construct,
+    stage: IStage,
+    options: ActionBindOptions
+  ): ActionConfig {
+    throw new Error(`Method not implemented.${!scope && !stage! && options}`);
+  }
+
+  bind(
+    scope: Construct,
+    stage: IStage,
+    options: ActionBindOptions
+  ): ActionConfig {
+    throw new Error(`Method not implemented.${!scope && !stage! && options}`);
+  }
+
+  onStateChange(
+    name: string,
+    target?: IRuleTarget | undefined,
+    options?: RuleProps | undefined
+  ): Rule {
+    throw new Error(`Method not implemented.${!name && !target! && options}`);
+  }
+
+  constructor(scope: Construct, id: string, props: PublishAssetsActionProps) {
+    super(scope, id);
+    const codeBuild = new CodeBuildAction({
+      ...props,
+      input: props.input,
+      project: new Project(this, id, {
+        environment: {
+          buildImage: LinuxBuildImage.AMAZON_LINUX_2_4,
+        },
+        role: new Role(this, "UpdatePipelineCodeCuildRole", {
+          assumedBy: new CompositePrincipal(
+            new ServicePrincipal("codebuild.amazonaws.com"),
+            new AccountPrincipal(Stack.of(this).account)
+          ),
+          inlinePolicies: {
+            selfMutation: new PolicyDocument({
+              statements: [
+                new PolicyStatement({
+                  actions: ["sts:AssumeRole"],
+                  resources: [`arn:*:iam::${Stack.of(this).account}:role/*`],
+                  conditions: {
+                    "ForAnyValue:StringEquals": {
+                      "iam:ResourceTag/aws-cdk:bootstrap-role": [
+                        "image-publishing",
+                        "file-publishing",
+                        "deploy",
+                      ],
+                    },
+                  },
+                }),
+              ],
+            }),
+          },
+        }),
+        buildSpec: BuildSpec.fromObject({
+          version: "0.2",
+          phases: {
+            install: {
+              "runtime-versions": {
+                nodejs: 18,
+              },
+              commands: [
+                "npm install -g npm@latest",
+                "npm i -g @flit/publish-cdk-assets@latest",
+              ],
+            },
+            build: {
+              commands: `pca ${
+                props.manifestPath ? path.normalize(props.manifestPath) : "."
+              }`,
+            },
+          },
+        }),
+      }),
+    });
+
+    this.actionProperties = codeBuild.actionProperties;
+    this.bind = (
+      scope: Construct,
+      stage: IStage,
+      options: ActionBindOptions
+    ): ActionConfig => codeBuild.bind(scope, stage, options);
+    this.onStateChange = (
+      name: string,
+      target?: IRuleTarget,
+      options?: RuleProps
+    ): Rule => codeBuild.onStateChange(name, target, options);
+  }
+}

package/src/s3-source-segment.ts

@@ -0,0 +1,60 @@
+import { IAction } from "aws-cdk-lib/aws-codepipeline";
+import {
+  S3SourceAction,
+  S3Trigger,
+} from "aws-cdk-lib/aws-codepipeline-actions";
+import { SecretValue } from "aws-cdk-lib";
+import { IBucket } from "aws-cdk-lib/aws-s3";
+
+import { Pipeline } from "./pipeline";
+import { Artifact } from "./artifact";
+import { SegmentConstructed } from "./segment";
+import { SourceSegment, SourceSegmentProps } from "./source-segment";
+
+export interface S3SourceSegmentProps extends SourceSegmentProps {
+  readonly oauthToken: SecretValue;
+  readonly bucket: IBucket;
+  readonly bucketKey: string;
+  readonly trigger?: S3Trigger;
+  readonly variablesNamespace?: string;
+}
+
+/**
+ * @category Segments
+ */
+export class S3SourceSegment extends SourceSegment {
+  private props: S3SourceSegmentProps;
+  constructor(props: S3SourceSegmentProps) {
+    super(props);
+    this.props = props;
+  }
+  construct(scope: Pipeline): SegmentConstructed {
+    return new S3SourceSegmentConstructed(scope, this.props.bucket.bucketName, {
+      ...this.props,
+      actionName: this.props.bucket.bucketName,
+    });
+  }
+}
+
+export interface S3SourceSegmentConstructedProps {
+  readonly output: Artifact;
+  readonly actionName: string;
+  readonly bucket: IBucket;
+  readonly bucketKey: string;
+  readonly trigger?: S3Trigger;
+  readonly variablesNamespace?: string;
+}
+
+export class S3SourceSegmentConstructed extends SegmentConstructed {
+  readonly name: string;
+  readonly actions: IAction[];
+  constructor(
+    scope: Pipeline,
+    id: string,
+    props: S3SourceSegmentConstructedProps
+  ) {
+    super(scope, id);
+    this.name = "Source";
+    this.actions = [new S3SourceAction(props)];
+  }
+}

package/src/segment.ts

@@ -0,0 +1,45 @@
+import { Construct } from "constructs";
+import { Stack } from "aws-cdk-lib";
+import { IAction } from "aws-cdk-lib/aws-codepipeline";
+
+import { Artifact } from "./artifact";
+import { Pipeline } from "./pipeline";
+
+export interface SegmentProps {
+  readonly input?: Artifact | Artifact[];
+  readonly output?: Artifact | Artifact[];
+}
+
+export abstract class Segment {
+  readonly isSource: boolean = false;
+  readonly isPipeline: boolean = false;
+  readonly dependencies?: Stack[];
+  readonly inputs: Artifact[] = [];
+  readonly outputs: Artifact[] = [];
+  constructor(props: SegmentProps) {
+    if (props.input) {
+      this.inputs = (
+        props.input.constructor.name === "Array" ? props.input : [props.input]
+      ) as Artifact[];
+      this.inputs.forEach((artifact: Artifact) => {
+        artifact.consume(this);
+      }, this);
+    }
+    if (props.output) {
+      this.outputs = (
+        props.output.constructor.name === "Array"
+          ? props.output
+          : [props.output]
+      ) as Artifact[];
+      this.outputs.forEach((artifact: Artifact) => {
+        artifact.produce(this);
+      }, this);
+    }
+  }
+  abstract construct(scope: Pipeline): SegmentConstructed;
+}
+
+export abstract class SegmentConstructed extends Construct {
+  readonly name: string = "";
+  readonly actions: IAction[] = [];
+}

package/src/source-segment.ts

@@ -0,0 +1,10 @@
+import { Artifact } from "./artifact";
+import { Segment } from "./segment";
+
+export interface SourceSegmentProps {
+  readonly output: Artifact;
+}
+
+export abstract class SourceSegment extends Segment {
+  readonly isSource: boolean = true;
+}