npm - @ndlib/ndlib-cdk2 - Versions diffs - 1.0.39 → 1.0.40 - Mend

@ndlib/ndlib-cdk2 1.0.39 → 1.0.40

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/README.md CHANGED Viewed

@@ -307,38 +307,6 @@ new PipelineS3Sync(this, 'S3SyncProd', {
 })
 ```
-## Source Watcher
-The SourceWatcher construct creates necessary resources to monitor a GitHub repository for changes. Based on the changes that are made, one or more pipelines may be invoked according to the configuration. This is similar to how CodePipelines can have a Webhook on the source action, except that it allows for _conditional_ triggering depending on where the changes reside within the repo. Therefore, if multiple pipelines share a repo, a change to files which only impact one do not have to trigger the unmodified pipeline.
-Example:
-```typescript
-import { Stack }from 'aws-cdk-lib'
-import { SourceWatcher } from '@ndlib/ndlib-cdk2'
-const stack = new Stack()
-new SourceWatcher(stack, 'TestProject', {
-  triggers: [
-    {
-      triggerPatterns: ['my/test/**/pattern.js', 'example/*.*'],
-      pipelineStackName: 'pipeline-a',
-    },
-    {
-      triggerPatterns: ['src/anotherExample.ts'],
-      pipelineStackName: 'pipeline-b',
-    },
-  ],
-  targetRepo: 'ndlib/myRepo',
-  targetBranch: 'main',
-  gitTokenPath: '/all/github/ndlib-git',
-  webhookResourceStackName: 'github-webhook-custom-resource-prod',
-})
-```
-NOTE: `webhookResourceStackName` refers to a stack which will manage contains the backend for a CustomResource webhook. Prior to using this construct, an instance of [ndlib/aws-github-webhook](https://github.com/ndlib/aws-github-webhook) should be deployed to the AWS account. One stack can be used for any number of SourceWatcher constructs.
 ## EC2 server with access rules
 The EC2withDatabase construct builds an EC2 server. The basic concept is to build the server with security group access to, possibly, several AWS RDS database servers. The server is built within an existing VPC. Parameters allow for AMI ID, instance type, root disk storage, networking, and security group rules for the server upon build. The server is created with the OS only; further configuration will need to be performed, often using ansible.

package/lib/https-alb.js CHANGED Viewed

@@ -30,12 +30,6 @@ class HttpsAlb extends aws_cdk_lib_1.aws_elasticloadbalancingv2.ApplicationLoadB
             sslPolicy: aws_cdk_lib_1.aws_elasticloadbalancingv2.SslPolicy.TLS13_RES,
         });
         this.defaultListener.addAction('Default404', { action: aws_cdk_lib_1.aws_elasticloadbalancingv2.ListenerAction.fixedResponse(404) });
-        // Adding an output of the dns name for convenience when looking at this
-        // in the console/cli.
-        new aws_cdk_lib_1.CfnOutput(scope, 'PublicLoadBalancerDNSName', {
-            description: 'The DNS name of the load balancer',
-            value: this.loadBalancerDnsName,
-        });
     }
     addHttpRedirect() {
         // Add a listener to redirect http to https

package/lib/index.d.ts CHANGED Viewed

@@ -15,5 +15,4 @@ export * from './slack-pipeline-status-notifications';
 export * from './slos/alarms';
 export * from './slos/alarms-dashboard';
 export * from './slos/performance-dashboard';
-export * from './source-watcher';
 export * from './stack-tags';

package/lib/index.js CHANGED Viewed

@@ -31,5 +31,4 @@ __exportStar(require("./slack-pipeline-status-notifications"), exports);
 __exportStar(require("./slos/alarms"), exports);
 __exportStar(require("./slos/alarms-dashboard"), exports);
 __exportStar(require("./slos/performance-dashboard"), exports);
-__exportStar(require("./source-watcher"), exports);
 __exportStar(require("./stack-tags"), exports);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@ndlib/ndlib-cdk2",
-  "version": "1.0.39",
+  "version": "1.0.40",
   "description": "Reusable CDK2 modules used within Hesburgh Libraries of Notre Dame",
   "main": "lib/index.js",
   "types": "lib/index.d.ts",
@@ -40,35 +40,32 @@
     "aws-cdk-lib": "^2.206.0"
   },
   "devDependencies": {
-    "@types/jest": "^29.5.14",
-    "@types/node": "^24.0.11",
-    "@typescript-eslint/eslint-plugin": "^8.36.0",
-    "@typescript-eslint/parser": "^8.36.0",
+    "@types/jest": "^30.0.0",
+    "@types/node": "^24.5.2",
+    "@typescript-eslint/eslint-plugin": "^8.44.1",
+    "@typescript-eslint/parser": "^8.44.1",
     "auto-changelog": "^2.5.0",
     "aws-sdk-client-mock": "^4.1.0",
-    "eslint": "^9.30.1",
+    "eslint": "^9.36.0",
     "eslint-plugin-import": "^2.32.0",
     "eslint-plugin-jest": "^29.0.1",
-    "eslint-plugin-n": "^17.21.0",
+    "eslint-plugin-n": "^17.23.1",
     "eslint-plugin-node": "^11.1.0",
     "eslint-plugin-promise": "^7.2.1",
-    "jest": "^29.7.0",
-    "jest-mock": "^30.0.2",
+    "jest": "^30.1.3",
+    "jest-mock": "^30.0.5",
     "prettier": "^3.6.2",
-    "ts-jest": "^29.4.0",
+    "ts-jest": "^29.4.4",
     "tsc-watch": "^7.1.1",
-    "typescript": "^5.8.3"
+    "typescript": "^5.9.2"
   },
   "files": [
     "lib/**/*"
   ],
   "dependencies": {
-    "aws-cdk-lib": "^2.206.0",
+    "aws-cdk-lib": "^2.216.0",
     "constructs": "^10.4.2"
   },
-  "workspaces": [
-    "src/internal-lambdas/sourceWatcherLambda/src"
-  ],
   "engines": {
     "node": ">=22.0.0"
   }

package/lib/source-watcher.d.ts DELETED Viewed

@@ -1,50 +0,0 @@
-import { aws_apigateway, aws_lambda } from 'aws-cdk-lib';
-import { Construct } from 'constructs';
-export interface IPipelineTrigger {
-    /**
-     * List of file system glob patterns. If a commit changes any matching file, pipeline will be triggered.
-     */
-    readonly triggerPatterns: string[];
-    /**
-     * Name of the pipeline stack. Informs the lambda which pipeline to trigger when a matching change occurs.
-     */
-    readonly pipelineStackName: string;
-}
-export interface ISourceWatcherProps {
-    /**
-     * Used to configure the SourceWatcher with a file patterns and the appropriate pipelines that they should trigger.
-     */
-    readonly triggers: IPipelineTrigger[];
-    /**
-     * Name of repository to watch for changes. (Ex: "owner/my-repo-name")
-     */
-    readonly targetRepo: string;
-    /**
-     * Branch to watch for changes on. All other branches will be ignored and WON'T trigger pipeline execution.
-     */
-    readonly targetBranch: string;
-    /**
-     * SecretsManager path to secret with credentials for accessing the GitHub repo.
-     */
-    readonly gitTokenPath: string;
-    /**
-     * Stack name for aws-github-webhook. Needed in order to create a webhook on targetRepo.
-     */
-    readonly webhookResourceStackName?: string;
-    readonly webhookResourceArnParameterPath?: string;
-}
-export declare class SourceWatcher extends Construct {
-    /**
-     * The Lambda Function which handles a GitHub event payload and triggers a pipeline.
-     */
-    readonly lambdaFunction: aws_lambda.Function;
-    /**
-     * API which routes requests to the lambdaFunction.
-     */
-    readonly api: aws_apigateway.LambdaRestApi;
-    /**
-     * Reference which will resolve to the ID of the webhook created on the GitHub repo.
-     */
-    readonly webhookId: string;
-    constructor(scope: Construct, id: string, props: ISourceWatcherProps);
-}

package/lib/source-watcher.js DELETED Viewed

@@ -1,95 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.SourceWatcher = void 0;
-const aws_cdk_lib_1 = require("aws-cdk-lib");
-const constructs_1 = require("constructs");
-const aws_ssm_1 = require("aws-cdk-lib/aws-ssm");
-const path = require("path");
-class SourceWatcher extends constructs_1.Construct {
-    constructor(scope, id, props) {
-        super(scope, id);
-        const stack = aws_cdk_lib_1.Stack.of(this);
-        // Each trigger will create a StringList parameter in SSM. This way the lambda can get a dynamic list based on
-        // the infrastructure instead of hardcoding in the lambda itself.
-        const triggersSsmPath = `/all/stacks/${stack.stackName}/triggers`;
-        props.triggers.forEach(trigger => {
-            new aws_cdk_lib_1.aws_ssm.StringListParameter(this, `TriggerParam_${trigger.pipelineStackName}`, {
-                parameterName: `${triggersSsmPath}/${trigger.pipelineStackName}`,
-                description: 'Glob patterns for file paths in the infrastructure repo which will trigger the pipeline.',
-                stringListValue: trigger.triggerPatterns,
-            });
-        });
-        // Get the secret which is used to validate the signature of the event payload
-        const webhookSecret = aws_cdk_lib_1.SecretValue.secretsManager(props.gitTokenPath, { jsonField: 'webhook-secret' });
-        this.lambdaFunction = new aws_cdk_lib_1.aws_lambda.Function(this, 'SourceWatcherLambda', {
-            code: aws_cdk_lib_1.aws_lambda.Code.fromAsset(path.join(__dirname, './internal-lambdas/sourceWatcherLambda/src')),
-            description: 'Checks if git push changed certain files and triggers pipeline(s) accordingly.',
-            handler: 'index.handler',
-            runtime: aws_cdk_lib_1.aws_lambda.Runtime.NODEJS_22_X,
-            timeout: aws_cdk_lib_1.Duration.minutes(1),
-            environment: {
-                WEBHOOK_SECRET: webhookSecret.toString(),
-                TRIGGER_PARAMS_PATH: triggersSsmPath,
-                GIT_REPO: props.targetRepo,
-                GIT_BRANCH: props.targetBranch,
-            },
-        });
-        // Allow lambda to read params we created specifying the trigger metadata.
-        this.lambdaFunction.addToRolePolicy(new aws_cdk_lib_1.aws_iam.PolicyStatement({
-            resources: [
-                aws_cdk_lib_1.Fn.sub('arn:aws:ssm:${AWS::Region}:${AWS::AccountId}:parameter' + triggersSsmPath + '/*'),
-            ].concat(props.triggers.map(trigger => aws_cdk_lib_1.Fn.sub('arn:aws:ssm:${AWS::Region}:${AWS::AccountId}:parameter/all/stacks/' +
-                trigger.pipelineStackName +
-                '/pipeline-name'))),
-            actions: ['ssm:GetParameter', 'ssm:GetParameters'],
-        }));
-        this.lambdaFunction.addToRolePolicy(new aws_cdk_lib_1.aws_iam.PolicyStatement({
-            resources: [aws_cdk_lib_1.Fn.sub('arn:aws:ssm:${AWS::Region}:${AWS::AccountId}:parameter' + triggersSsmPath)],
-            actions: ['ssm:GetParametersByPath'],
-        }));
-        this.lambdaFunction.addToRolePolicy(new aws_cdk_lib_1.aws_iam.PolicyStatement({
-            resources: ['*'],
-            actions: ['codepipeline:StartPipelineExecution'],
-        }));
-        // The API gateway will serve an endpoint which we can hit in a github webhook to trigger the lambda
-        this.api = new aws_cdk_lib_1.aws_apigateway.LambdaRestApi(this, 'SourceWatcherApi', {
-            handler: this.lambdaFunction,
-            proxy: true,
-        });
-        // Added the following code to get the WebhookLambdaArn from either a parameter store path or a stack name.  (Used to be only from stack name)
-        let githubWebhookLambdaArn = '';
-        if (props.webhookResourceArnParameterPath) {
-            githubWebhookLambdaArn = aws_ssm_1.StringParameter.valueForStringParameter(this, props.webhookResourceArnParameterPath);
-        }
-        if (!githubWebhookLambdaArn && props.webhookResourceStackName) {
-            githubWebhookLambdaArn = aws_cdk_lib_1.Fn.importValue(`${props.webhookResourceStackName}:LambdaArn`);
-        }
-        if (!githubWebhookLambdaArn) {
-            throw new Error('You must provide a webhookResourceArnParameterPath or webhookResourceStackName to create a GitHub webhook.');
-        }
-        // Finally, create the Webhook on GitHub to route push events to the API!
-        const webhookLambda = aws_cdk_lib_1.aws_lambda.Function.fromFunctionAttributes(this, 'GithubWebhookLambda', {
-            functionArn: githubWebhookLambdaArn,
-            skipPermissions: true,
-        });
-        const resourceProvider = new aws_cdk_lib_1.custom_resources.Provider(this, 'WebhookProvider', {
-            onEventHandler: webhookLambda,
-            logRetention: aws_cdk_lib_1.aws_logs.RetentionDays.ONE_WEEK,
-        });
-        const webhook = new aws_cdk_lib_1.CustomResource(this, 'GithubWebhook', {
-            resourceType: 'Custom::GitHubWebhook',
-            serviceToken: resourceProvider.serviceToken,
-            properties: {
-                Repo: props.targetRepo,
-                Events: 'push',
-                Endpoint: this.api.url,
-            },
-        });
-        this.webhookId = webhook.getAtt('WebhookId').toString();
-        new aws_cdk_lib_1.CfnOutput(this, 'WebhookId', {
-            description: 'ID used by provider (GitHub) to identify the webhook.',
-            value: this.webhookId,
-        });
-    }
-}
-exports.SourceWatcher = SourceWatcher;