@rio-cloud/cdk-v2-constructs 6.13.4 → 6.15.0-alpha.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.jsii +226 -41
- package/docs/API.md +174 -13
- package/docs/changelog.md +21 -0
- package/lib/contributions/team-transport-two/pipeline/buildspecs.d.ts +5 -0
- package/lib/contributions/team-transport-two/pipeline/buildspecs.js +191 -0
- package/lib/contributions/team-transport-two/pipeline/pipeline-stack.d.ts +55 -2
- package/lib/contributions/team-transport-two/pipeline/pipeline-stack.js +123 -37
- package/package.json +5 -4
- package/version.json +1 -1
- package/lib/contributions/team-transport-two/pipeline/buildspecs/buildspec-vulnerability-checks.yaml +0 -23
- package/lib/contributions/team-transport-two/pipeline/buildspecs/buildspec.yaml +0 -61
- package/lib/contributions/team-transport-two/pipeline/buildspecs/buildspec_infrastructure.yaml +0 -14
- package/lib/contributions/team-transport-two/pipeline/buildspecs/buildspec_kafka.yaml +0 -64
package/docs/API.md
CHANGED
|
@@ -14271,6 +14271,136 @@ The threshold that needs to be set.
|
|
|
14271
14271
|
|
|
14272
14272
|
---
|
|
14273
14273
|
|
|
14274
|
+
### PipelineFeatures <a name="PipelineFeatures" id="@rio-cloud/cdk-v2-constructs.PipelineFeatures"></a>
|
|
14275
|
+
|
|
14276
|
+
#### Initializer <a name="Initializer" id="@rio-cloud/cdk-v2-constructs.PipelineFeatures.Initializer"></a>
|
|
14277
|
+
|
|
14278
|
+
```typescript
|
|
14279
|
+
import { PipelineFeatures } from '@rio-cloud/cdk-v2-constructs'
|
|
14280
|
+
|
|
14281
|
+
const pipelineFeatures: PipelineFeatures = { ... }
|
|
14282
|
+
```
|
|
14283
|
+
|
|
14284
|
+
#### Properties <a name="Properties" id="Properties"></a>
|
|
14285
|
+
|
|
14286
|
+
| **Name** | **Type** | **Description** |
|
|
14287
|
+
| --- | --- | --- |
|
|
14288
|
+
| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineFeatures.property.additionalBuildCommands">additionalBuildCommands</a></code> | <code>string[]</code> | Additional build commands for main and branch pipeline. |
|
|
14289
|
+
| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineFeatures.property.branchPipeline">branchPipeline</a></code> | <code>boolean</code> | Create a branch pipeline used by renovate. |
|
|
14290
|
+
| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineFeatures.property.frontendBucketName">frontendBucketName</a></code> | <code>string</code> | S3 Bucket to deploy frontend to. |
|
|
14291
|
+
| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineFeatures.property.gradleBuild">gradleBuild</a></code> | <code>boolean</code> | Run a standard gradle build in the repository root. |
|
|
14292
|
+
| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineFeatures.property.kafkaIntegration">kafkaIntegration</a></code> | <code>boolean</code> | Add required steps and permissions to support Kafka. |
|
|
14293
|
+
| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineFeatures.property.npmBuild">npmBuild</a></code> | <code>boolean</code> | Run a standard npm build in the repository root. |
|
|
14294
|
+
| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineFeatures.property.vulnerabilityPipeline">vulnerabilityPipeline</a></code> | <code>boolean</code> | Create a vulnerability pipeline to scan dependencies for vulnerabilities. |
|
|
14295
|
+
|
|
14296
|
+
---
|
|
14297
|
+
|
|
14298
|
+
##### `additionalBuildCommands`<sup>Optional</sup> <a name="additionalBuildCommands" id="@rio-cloud/cdk-v2-constructs.PipelineFeatures.property.additionalBuildCommands"></a>
|
|
14299
|
+
|
|
14300
|
+
```typescript
|
|
14301
|
+
public readonly additionalBuildCommands: string[];
|
|
14302
|
+
```
|
|
14303
|
+
|
|
14304
|
+
- *Type:* string[]
|
|
14305
|
+
|
|
14306
|
+
Additional build commands for main and branch pipeline.
|
|
14307
|
+
|
|
14308
|
+
Will be added after all build & test commands, before the infrastructure build.
|
|
14309
|
+
|
|
14310
|
+
---
|
|
14311
|
+
|
|
14312
|
+
##### `branchPipeline`<sup>Optional</sup> <a name="branchPipeline" id="@rio-cloud/cdk-v2-constructs.PipelineFeatures.property.branchPipeline"></a>
|
|
14313
|
+
|
|
14314
|
+
```typescript
|
|
14315
|
+
public readonly branchPipeline: boolean;
|
|
14316
|
+
```
|
|
14317
|
+
|
|
14318
|
+
- *Type:* boolean
|
|
14319
|
+
|
|
14320
|
+
Create a branch pipeline used by renovate.
|
|
14321
|
+
|
|
14322
|
+
Defaults to `true`.
|
|
14323
|
+
|
|
14324
|
+
---
|
|
14325
|
+
|
|
14326
|
+
##### `frontendBucketName`<sup>Optional</sup> <a name="frontendBucketName" id="@rio-cloud/cdk-v2-constructs.PipelineFeatures.property.frontendBucketName"></a>
|
|
14327
|
+
|
|
14328
|
+
```typescript
|
|
14329
|
+
public readonly frontendBucketName: string;
|
|
14330
|
+
```
|
|
14331
|
+
|
|
14332
|
+
- *Type:* string
|
|
14333
|
+
|
|
14334
|
+
S3 Bucket to deploy frontend to.
|
|
14335
|
+
|
|
14336
|
+
Requires `npmBuild` to be set to `true`. If set, the output of the npm build is deployed to the provided bucket.
|
|
14337
|
+
|
|
14338
|
+
---
|
|
14339
|
+
|
|
14340
|
+
##### `gradleBuild`<sup>Optional</sup> <a name="gradleBuild" id="@rio-cloud/cdk-v2-constructs.PipelineFeatures.property.gradleBuild"></a>
|
|
14341
|
+
|
|
14342
|
+
```typescript
|
|
14343
|
+
public readonly gradleBuild: boolean;
|
|
14344
|
+
```
|
|
14345
|
+
|
|
14346
|
+
- *Type:* boolean
|
|
14347
|
+
|
|
14348
|
+
Run a standard gradle build in the repository root.
|
|
14349
|
+
|
|
14350
|
+
Defaults to `false`:
|
|
14351
|
+
- build and test of the artifact via command "./gradlew clean build"
|
|
14352
|
+
- license-check and upload of license-check-file via command "./gradlew checkLicenses"
|
|
14353
|
+
- create a self-signed certificate to make TLS communication possible, e.g. with a loadbalancer
|
|
14354
|
+
- build the container image via command "./gradlew jibBuildTar"
|
|
14355
|
+
|
|
14356
|
+
---
|
|
14357
|
+
|
|
14358
|
+
##### `kafkaIntegration`<sup>Optional</sup> <a name="kafkaIntegration" id="@rio-cloud/cdk-v2-constructs.PipelineFeatures.property.kafkaIntegration"></a>
|
|
14359
|
+
|
|
14360
|
+
```typescript
|
|
14361
|
+
public readonly kafkaIntegration: boolean;
|
|
14362
|
+
```
|
|
14363
|
+
|
|
14364
|
+
- *Type:* boolean
|
|
14365
|
+
|
|
14366
|
+
Add required steps and permissions to support Kafka.
|
|
14367
|
+
|
|
14368
|
+
Currently, this requires `gradleBuild` to be set to `true`. Defaults to `false`.
|
|
14369
|
+
|
|
14370
|
+
---
|
|
14371
|
+
|
|
14372
|
+
##### `npmBuild`<sup>Optional</sup> <a name="npmBuild" id="@rio-cloud/cdk-v2-constructs.PipelineFeatures.property.npmBuild"></a>
|
|
14373
|
+
|
|
14374
|
+
```typescript
|
|
14375
|
+
public readonly npmBuild: boolean;
|
|
14376
|
+
```
|
|
14377
|
+
|
|
14378
|
+
- *Type:* boolean
|
|
14379
|
+
|
|
14380
|
+
Run a standard npm build in the repository root.
|
|
14381
|
+
|
|
14382
|
+
Defaults to `false`:
|
|
14383
|
+
- run linter via command "npm run lint"
|
|
14384
|
+
- run tests via command "npm run test:ci"
|
|
14385
|
+
- run a license check by calling the script "check-oss-licenses.sh" (from the RIO frontend template)
|
|
14386
|
+
- build the artifact via command "npm run build"
|
|
14387
|
+
|
|
14388
|
+
---
|
|
14389
|
+
|
|
14390
|
+
##### `vulnerabilityPipeline`<sup>Optional</sup> <a name="vulnerabilityPipeline" id="@rio-cloud/cdk-v2-constructs.PipelineFeatures.property.vulnerabilityPipeline"></a>
|
|
14391
|
+
|
|
14392
|
+
```typescript
|
|
14393
|
+
public readonly vulnerabilityPipeline: boolean;
|
|
14394
|
+
```
|
|
14395
|
+
|
|
14396
|
+
- *Type:* boolean
|
|
14397
|
+
|
|
14398
|
+
Create a vulnerability pipeline to scan dependencies for vulnerabilities.
|
|
14399
|
+
|
|
14400
|
+
Defaults to `true`.
|
|
14401
|
+
|
|
14402
|
+
---
|
|
14403
|
+
|
|
14274
14404
|
### PipelineSchedulesProps <a name="PipelineSchedulesProps" id="@rio-cloud/cdk-v2-constructs.PipelineSchedulesProps"></a>
|
|
14275
14405
|
|
|
14276
14406
|
#### Initializer <a name="Initializer" id="@rio-cloud/cdk-v2-constructs.PipelineSchedulesProps.Initializer"></a>
|
|
@@ -14336,12 +14466,14 @@ const pipelineStackProps: PipelineStackProps = { ... }
|
|
|
14336
14466
|
| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.tags">tags</a></code> | <code>{[ key: string ]: string}</code> | Stack tags that will be applied to all the taggable resources and the stack itself. |
|
|
14337
14467
|
| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.terminationProtection">terminationProtection</a></code> | <code>boolean</code> | Whether to enable termination protection for this stack. |
|
|
14338
14468
|
| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.appStackFactory">appStackFactory</a></code> | <code><a href="#@rio-cloud/cdk-v2-constructs.IAppStackFactory">IAppStackFactory</a></code> | Provider for appStack to be deployed. |
|
|
14339
|
-
| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.pipelineType">pipelineType</a></code> | <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineType">PipelineType</a></code> | Defines which kind of pipeline is deployed. |
|
|
14340
14469
|
| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.serviceName">serviceName</a></code> | <code>string</code> | The name of the service - This has to be the same name as the repository as the s3 trigger file created by the bitbucket-integration uses this as a prefix - The serviceName is available as an environment variable SERVICE_NAME in the CodeBuildStep - The serviceName is available in the AppStackProps in the appStackFactory - The serviceName is available as stackName property in the AppStackProps in the appStackFactory. |
|
|
14341
14470
|
| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.codeBuildOptions">codeBuildOptions</a></code> | <code><a href="#@rio-cloud/cdk-v2-constructs.CodeBuildOptions">CodeBuildOptions</a></code> | CodeBuild options overriding the rio-specific defaults. |
|
|
14471
|
+
| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.codePipelineType">codePipelineType</a></code> | <code>aws-cdk-lib.aws_codepipeline.PipelineType</code> | CodePipeline PipelineType (V1 or V2). |
|
|
14342
14472
|
| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.datadogAlertType">datadogAlertType</a></code> | <code>string</code> | *No description.* |
|
|
14473
|
+
| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.features">features</a></code> | <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineFeatures">PipelineFeatures</a></code> | Defines which kind of pipeline is deployed. |
|
|
14343
14474
|
| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.monitoringDeployStepProps">monitoringDeployStepProps</a></code> | <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackRioMonitoringDeployStepProps">PipelineStackRioMonitoringDeployStepProps</a></code> | If present, the capability monitoring deploy step is added to the pipeline. |
|
|
14344
14475
|
| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.pipelineSchedules">pipelineSchedules</a></code> | <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineSchedulesProps">PipelineSchedulesProps</a></code> | Defines how often the pipeline is triggered automatically. Is defined via a cron expression. |
|
|
14476
|
+
| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.pipelineType">pipelineType</a></code> | <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineType">PipelineType</a></code> | *No description.* |
|
|
14345
14477
|
| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.secretsDeployStepProps">secretsDeployStepProps</a></code> | <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackRioSecretsDeployStepProps">PipelineStackRioSecretsDeployStepProps</a></code> | Path to secrets file containing encrypted secrets. |
|
|
14346
14478
|
| <code><a href="#@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.vulnerabilityNotification">vulnerabilityNotification</a></code> | <code>@rio-cloud/cdk-v2-constructs.datadogv2.INotification</code> | Notification type for the auto-generated vulnerability pipeline monitor. |
|
|
14347
14479
|
|
|
@@ -14584,18 +14716,6 @@ This acts as a wrapper for all resources you want to deploy via the pipeline.
|
|
|
14584
14716
|
|
|
14585
14717
|
---
|
|
14586
14718
|
|
|
14587
|
-
##### `pipelineType`<sup>Required</sup> <a name="pipelineType" id="@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.pipelineType"></a>
|
|
14588
|
-
|
|
14589
|
-
```typescript
|
|
14590
|
-
public readonly pipelineType: PipelineType;
|
|
14591
|
-
```
|
|
14592
|
-
|
|
14593
|
-
- *Type:* <a href="#@rio-cloud/cdk-v2-constructs.PipelineType">PipelineType</a>
|
|
14594
|
-
|
|
14595
|
-
Defines which kind of pipeline is deployed.
|
|
14596
|
-
|
|
14597
|
-
---
|
|
14598
|
-
|
|
14599
14719
|
##### `serviceName`<sup>Required</sup> <a name="serviceName" id="@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.serviceName"></a>
|
|
14600
14720
|
|
|
14601
14721
|
```typescript
|
|
@@ -14624,6 +14744,20 @@ CodeBuild options overriding the rio-specific defaults.
|
|
|
14624
14744
|
|
|
14625
14745
|
---
|
|
14626
14746
|
|
|
14747
|
+
##### `codePipelineType`<sup>Optional</sup> <a name="codePipelineType" id="@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.codePipelineType"></a>
|
|
14748
|
+
|
|
14749
|
+
```typescript
|
|
14750
|
+
public readonly codePipelineType: PipelineType;
|
|
14751
|
+
```
|
|
14752
|
+
|
|
14753
|
+
- *Type:* aws-cdk-lib.aws_codepipeline.PipelineType
|
|
14754
|
+
|
|
14755
|
+
CodePipeline PipelineType (V1 or V2).
|
|
14756
|
+
|
|
14757
|
+
Defaults to V1.
|
|
14758
|
+
|
|
14759
|
+
---
|
|
14760
|
+
|
|
14627
14761
|
##### ~~`datadogAlertType`~~<sup>Optional</sup> <a name="datadogAlertType" id="@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.datadogAlertType"></a>
|
|
14628
14762
|
|
|
14629
14763
|
- *Deprecated:* Please use the `vulnerabilityNotification` property instead.
|
|
@@ -14637,6 +14771,20 @@ public readonly datadogAlertType: string;
|
|
|
14637
14771
|
|
|
14638
14772
|
---
|
|
14639
14773
|
|
|
14774
|
+
##### `features`<sup>Optional</sup> <a name="features" id="@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.features"></a>
|
|
14775
|
+
|
|
14776
|
+
```typescript
|
|
14777
|
+
public readonly features: PipelineFeatures;
|
|
14778
|
+
```
|
|
14779
|
+
|
|
14780
|
+
- *Type:* <a href="#@rio-cloud/cdk-v2-constructs.PipelineFeatures">PipelineFeatures</a>
|
|
14781
|
+
|
|
14782
|
+
Defines which kind of pipeline is deployed.
|
|
14783
|
+
|
|
14784
|
+
Use the features to combine different opinionated, RIO-specific pipeline features such as adding a branch pipeline or supporting Kafka.
|
|
14785
|
+
|
|
14786
|
+
---
|
|
14787
|
+
|
|
14640
14788
|
##### `monitoringDeployStepProps`<sup>Optional</sup> <a name="monitoringDeployStepProps" id="@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.monitoringDeployStepProps"></a>
|
|
14641
14789
|
|
|
14642
14790
|
```typescript
|
|
@@ -14667,6 +14815,19 @@ Default values:
|
|
|
14667
14815
|
|
|
14668
14816
|
---
|
|
14669
14817
|
|
|
14818
|
+
##### ~~`pipelineType`~~<sup>Optional</sup> <a name="pipelineType" id="@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.pipelineType"></a>
|
|
14819
|
+
|
|
14820
|
+
- *Deprecated:* Use the `features` property instead. For now, the pipeline types are mapped to the features.
|
|
14821
|
+
Defines which kind of pipeline is deployed.
|
|
14822
|
+
|
|
14823
|
+
```typescript
|
|
14824
|
+
public readonly pipelineType: PipelineType;
|
|
14825
|
+
```
|
|
14826
|
+
|
|
14827
|
+
- *Type:* <a href="#@rio-cloud/cdk-v2-constructs.PipelineType">PipelineType</a>
|
|
14828
|
+
|
|
14829
|
+
---
|
|
14830
|
+
|
|
14670
14831
|
##### `secretsDeployStepProps`<sup>Optional</sup> <a name="secretsDeployStepProps" id="@rio-cloud/cdk-v2-constructs.PipelineStackProps.property.secretsDeployStepProps"></a>
|
|
14671
14832
|
|
|
14672
14833
|
```typescript
|
package/docs/changelog.md
CHANGED
|
@@ -2,6 +2,27 @@
|
|
|
2
2
|
|
|
3
3
|
All notable changes to this project will be documented in this file. See [commit-and-tag-version](https://github.com/absolute-version/commit-and-tag-version) for commit guidelines.
|
|
4
4
|
|
|
5
|
+
## [6.15.0-alpha.0](https://bitbucket.collaboration-man.com/projects/RIODEV/repos/cdk-v2-constructs/compare/commits?targetBranch=refs%2Ftags%2Fv6.14.0&sourceBranch=refs%2Ftags%2Fv6.15.0-alpha.0) (2024-11-19)
|
|
6
|
+
|
|
7
|
+
|
|
8
|
+
### Features
|
|
9
|
+
|
|
10
|
+
* **pipeline:** Add frontend deploy step ([56b7f05](https://bitbucket.collaboration-man.com/projects/RIODEV/repos/cdk-v2-constructs/commits/56b7f05752f6d59d243220fa95c3759706221a94))
|
|
11
|
+
* **pipeline:** Allow to configure pipeline features in a modular way ([f773cc6](https://bitbucket.collaboration-man.com/projects/RIODEV/repos/cdk-v2-constructs/commits/f773cc6e8a5c21039572ca4fd63134f07f4f865d))
|
|
12
|
+
* **pipeline:** Remove now unused buildspecs ([a6e4bdc](https://bitbucket.collaboration-man.com/projects/RIODEV/repos/cdk-v2-constructs/commits/a6e4bdc65a1bc35102aaae96a58b422bf78b282f))
|
|
13
|
+
|
|
14
|
+
|
|
15
|
+
### Bug Fixes
|
|
16
|
+
|
|
17
|
+
* **pipeline:** Fix typo in test ([65f1f5d](https://bitbucket.collaboration-man.com/projects/RIODEV/repos/cdk-v2-constructs/commits/65f1f5d10f7f174317173454402b1e98f732b2c2))
|
|
18
|
+
|
|
19
|
+
## [6.14.0](https://bitbucket.collaboration-man.com/projects/RIODEV/repos/cdk-v2-constructs/compare/commits?targetBranch=refs%2Ftags%2Fv6.13.4&sourceBranch=refs%2Ftags%2Fv6.14.0) (2024-11-18)
|
|
20
|
+
|
|
21
|
+
|
|
22
|
+
### Features
|
|
23
|
+
|
|
24
|
+
* **pipeline:** Make CodePipeline type configurable (V1 / V2), defaulting to V1. ([0c28db5](https://bitbucket.collaboration-man.com/projects/RIODEV/repos/cdk-v2-constructs/commits/0c28db577103e99d50e92e0fcf8eed91f0c0ef28))
|
|
25
|
+
|
|
5
26
|
## [6.13.4](https://bitbucket.collaboration-man.com/projects/RIODEV/repos/cdk-v2-constructs/compare/commits?targetBranch=refs%2Ftags%2Fv6.13.3&sourceBranch=refs%2Ftags%2Fv6.13.4) (2024-11-15)
|
|
6
27
|
|
|
7
28
|
## [6.13.3](https://bitbucket.collaboration-man.com/projects/RIODEV/repos/cdk-v2-constructs/compare/commits?targetBranch=refs%2Ftags%2Fv6.13.2&sourceBranch=refs%2Ftags%2Fv6.13.3) (2024-11-12)
|
|
@@ -0,0 +1,5 @@
|
|
|
1
|
+
import { BuildSpec } from 'aws-cdk-lib/aws-codebuild';
|
|
2
|
+
import { PipelineFeatures } from './pipeline-stack';
|
|
3
|
+
export declare const createMainBuildSpec: (features: PipelineFeatures) => BuildSpec;
|
|
4
|
+
export declare const createVulnerabilityBuildSpec: (features: PipelineFeatures) => BuildSpec;
|
|
5
|
+
export declare const logCommitHash: () => string[];
|
|
@@ -0,0 +1,191 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.logCommitHash = exports.createVulnerabilityBuildSpec = exports.createMainBuildSpec = void 0;
|
|
4
|
+
const aws_codebuild_1 = require("aws-cdk-lib/aws-codebuild");
|
|
5
|
+
const createMainBuildSpec = (features) => {
|
|
6
|
+
const env = {};
|
|
7
|
+
const buildCommands = [];
|
|
8
|
+
if (features.gradleBuild) {
|
|
9
|
+
buildCommands.push(...gradleBuildCommands(features.kafkaIntegration ?? false));
|
|
10
|
+
env['parameter-store'] = {
|
|
11
|
+
SERVICE_KEYSTORE_PASSWORD: '/config/${SERVICE_NAME}/service-keystore-password',
|
|
12
|
+
LICENSE_BUCKET_NAME: '/config/oss-licenses/bucket-name',
|
|
13
|
+
ACCOUNT_NAME: '/config/account/name',
|
|
14
|
+
};
|
|
15
|
+
}
|
|
16
|
+
if (features.kafkaIntegration) {
|
|
17
|
+
env['parameter-store'] = {
|
|
18
|
+
...env['parameter-store'] ?? {},
|
|
19
|
+
CREATE_AND_SIGN_CERTIFICATE_SCRIPT_S3_LOCATION: '/config/kafka/create-and-sign-certificate-script-s3-location',
|
|
20
|
+
};
|
|
21
|
+
}
|
|
22
|
+
if (features.npmBuild) {
|
|
23
|
+
env.variables = {
|
|
24
|
+
CI: 'true',
|
|
25
|
+
};
|
|
26
|
+
buildCommands.push(...npmBuildCommands());
|
|
27
|
+
}
|
|
28
|
+
if (features.additionalBuildCommands) {
|
|
29
|
+
buildCommands.push('### ADDITIONAL BUILD COMMANDS ###', ...features.additionalBuildCommands);
|
|
30
|
+
}
|
|
31
|
+
buildCommands.push(...infrastructureBuildCommands());
|
|
32
|
+
return aws_codebuild_1.BuildSpec.fromObject({
|
|
33
|
+
version: '0.2',
|
|
34
|
+
env,
|
|
35
|
+
phases: {
|
|
36
|
+
install: {
|
|
37
|
+
'runtime-versions': getRuntimes(features),
|
|
38
|
+
},
|
|
39
|
+
pre_build: {
|
|
40
|
+
commands: (0, exports.logCommitHash)(),
|
|
41
|
+
},
|
|
42
|
+
build: {
|
|
43
|
+
commands: buildCommands,
|
|
44
|
+
},
|
|
45
|
+
post_build: {
|
|
46
|
+
commands: (0, exports.logCommitHash)(),
|
|
47
|
+
},
|
|
48
|
+
},
|
|
49
|
+
reports: createReports(features),
|
|
50
|
+
cache: {
|
|
51
|
+
paths: cachePaths(),
|
|
52
|
+
},
|
|
53
|
+
});
|
|
54
|
+
};
|
|
55
|
+
exports.createMainBuildSpec = createMainBuildSpec;
|
|
56
|
+
const createVulnerabilityBuildSpec = (features) => {
|
|
57
|
+
const env = {};
|
|
58
|
+
const buildCommands = [];
|
|
59
|
+
if (features.gradleBuild) {
|
|
60
|
+
env['parameter-store'] = {
|
|
61
|
+
NIST_DATA_MIRROR_URL: '/config/nist-data-mirror/url',
|
|
62
|
+
};
|
|
63
|
+
buildCommands.push(...[
|
|
64
|
+
'### GRADLE VULNERABILITY CHECK ###',
|
|
65
|
+
'./gradlew -Dorg.gradle.jvmargs=-Xmx4g dependencyCheckAnalyze',
|
|
66
|
+
]);
|
|
67
|
+
}
|
|
68
|
+
if (features.npmBuild) {
|
|
69
|
+
buildCommands.push(...[
|
|
70
|
+
'### NPM VULNERABILITY CHECK ###',
|
|
71
|
+
'npm audit --registry https://registry.npmjs.org --audit-level moderate --parseable --omit=dev',
|
|
72
|
+
]);
|
|
73
|
+
}
|
|
74
|
+
buildCommands.push(...[
|
|
75
|
+
'### INFRASTRUCTURE VULNERABILITY CHECK ###',
|
|
76
|
+
'cd infrastructure',
|
|
77
|
+
'npm audit --registry https://registry.npmjs.org --audit-level moderate --parseable --omit=dev',
|
|
78
|
+
'cd ..',
|
|
79
|
+
]);
|
|
80
|
+
return aws_codebuild_1.BuildSpec.fromObject({
|
|
81
|
+
version: '0.2',
|
|
82
|
+
env,
|
|
83
|
+
phases: {
|
|
84
|
+
install: {
|
|
85
|
+
'runtime-versions': getRuntimes(features),
|
|
86
|
+
},
|
|
87
|
+
pre_build: {
|
|
88
|
+
commands: (0, exports.logCommitHash)(),
|
|
89
|
+
},
|
|
90
|
+
build: {
|
|
91
|
+
commands: buildCommands,
|
|
92
|
+
},
|
|
93
|
+
post_build: {
|
|
94
|
+
commands: (0, exports.logCommitHash)(),
|
|
95
|
+
},
|
|
96
|
+
},
|
|
97
|
+
cache: {
|
|
98
|
+
paths: cachePathsVulnerability(),
|
|
99
|
+
},
|
|
100
|
+
});
|
|
101
|
+
};
|
|
102
|
+
exports.createVulnerabilityBuildSpec = createVulnerabilityBuildSpec;
|
|
103
|
+
const getRuntimes = (features) => {
|
|
104
|
+
const runtimes = {};
|
|
105
|
+
if (features.gradleBuild) {
|
|
106
|
+
runtimes.java = 'corretto17';
|
|
107
|
+
}
|
|
108
|
+
runtimes.nodejs = '20';
|
|
109
|
+
return runtimes;
|
|
110
|
+
};
|
|
111
|
+
const logCommitHash = () => [
|
|
112
|
+
'(echo "Build triggered by commit " && git log --pretty=format:"%h%x09%an%x09%s" -n 1 ) | tr -d "\\n"',
|
|
113
|
+
];
|
|
114
|
+
exports.logCommitHash = logCommitHash;
|
|
115
|
+
const infrastructureBuildCommands = () => [
|
|
116
|
+
'### INFRASTRUCTURE BUILD ###',
|
|
117
|
+
'cd infrastructure',
|
|
118
|
+
'npm ci',
|
|
119
|
+
'npm run cdk synth 1> /dev/null',
|
|
120
|
+
// In pipeline: Error parsing reference: is not a valid repository/tag: invalid reference format.
|
|
121
|
+
// workaround due to https://github.com/aws/aws-cdk/issues/18044',
|
|
122
|
+
'find ./ -type f -name "*DeployApplicationStacks*.assets.json" -print0 | xargs -0 sed --in-place \'s|docker load -i asset.|docker load -i ../asset.|g\'',
|
|
123
|
+
'cd ..',
|
|
124
|
+
];
|
|
125
|
+
const gradleBuildCommands = (kafkaIntegration) => {
|
|
126
|
+
const commands = [];
|
|
127
|
+
commands.push(...[
|
|
128
|
+
'### GRADLE BUILD ###',
|
|
129
|
+
'./gradlew clean build',
|
|
130
|
+
'# license check',
|
|
131
|
+
'set -u; aws s3 cp s3://${LICENSE_BUCKET_NAME}/whitelist-gradle.txt licenses/approved_licenses.txt',
|
|
132
|
+
'./gradlew checkLicenses',
|
|
133
|
+
'set -u; aws s3 cp licenses/licenses.txt s3://${LICENSE_BUCKET_NAME}/reports/${ACCOUNT_NAME}/${SERVICE_NAME}.txt',
|
|
134
|
+
'# self signed certificate',
|
|
135
|
+
'set -u; keytool -genkey -alias InternalServiceCertificate -keyalg RSA -keystore containerfiles/service-keystore.p12 -validity 3650 -storetype PKCS12 -dname "CN=internal.service.${SERVICE_NAME}.${HOSTED_ZONE}, OU=Logistics, O=Rio, L=Munich, ST=BY, C=DE" -keypass ${SERVICE_KEYSTORE_PASSWORD} -storepass ${SERVICE_KEYSTORE_PASSWORD}',
|
|
136
|
+
]);
|
|
137
|
+
if (kafkaIntegration) {
|
|
138
|
+
commands.push(...[
|
|
139
|
+
'# kafka certificate',
|
|
140
|
+
'set -u; aws s3 cp --quiet s3://${CREATE_AND_SIGN_CERTIFICATE_SCRIPT_S3_LOCATION} create-and-sign-certificate',
|
|
141
|
+
'chmod +x create-and-sign-certificate',
|
|
142
|
+
'set -u; ./create-and-sign-certificate --keystore-password ${SERVICE_KEYSTORE_PASSWORD} --fqdn ${SERVICE_NAME}.${HOSTED_ZONE}',
|
|
143
|
+
'cp /cert/certificate.p12 containerfiles/kafka-keystore.p12',
|
|
144
|
+
]);
|
|
145
|
+
}
|
|
146
|
+
commands.push(...[
|
|
147
|
+
'# docker image build',
|
|
148
|
+
'./gradlew jibBuildTar --quiet',
|
|
149
|
+
]);
|
|
150
|
+
return commands;
|
|
151
|
+
};
|
|
152
|
+
const npmBuildCommands = () => [
|
|
153
|
+
'### NPM BUILD ###',
|
|
154
|
+
'npm ci',
|
|
155
|
+
'npm run lint',
|
|
156
|
+
'npm run test:ci',
|
|
157
|
+
'./check-oss-licenses.sh',
|
|
158
|
+
'npm run build',
|
|
159
|
+
];
|
|
160
|
+
const cachePaths = () => [
|
|
161
|
+
'/cert/**/*',
|
|
162
|
+
'/root/.cache/**/*',
|
|
163
|
+
'/root/.npm/**/*',
|
|
164
|
+
'/root/.gradle/caches/**/*',
|
|
165
|
+
'/root/.gradle/wrapper/**/*',
|
|
166
|
+
'/root/google-cloud-tools-java/jib/**/*',
|
|
167
|
+
'target/jib-cache/**/*',
|
|
168
|
+
];
|
|
169
|
+
const cachePathsVulnerability = () => [
|
|
170
|
+
'/root/.cache/**/*',
|
|
171
|
+
'/root/.gradle/caches/**/*',
|
|
172
|
+
'/root/.gradle/wrapper/**/*',
|
|
173
|
+
'/root/.gradle/dependency-check-data/**/*',
|
|
174
|
+
];
|
|
175
|
+
const createReports = (features) => {
|
|
176
|
+
const reports = {};
|
|
177
|
+
if (features.gradleBuild) {
|
|
178
|
+
reports.GradleBuildTestResults = {
|
|
179
|
+
'files': ['**/*'],
|
|
180
|
+
'base-directory': 'build/test-results',
|
|
181
|
+
};
|
|
182
|
+
}
|
|
183
|
+
if (features.npmBuild) {
|
|
184
|
+
reports.NpmBuildTestResults = {
|
|
185
|
+
'files': ['**/*'],
|
|
186
|
+
'base-directory': 'results',
|
|
187
|
+
};
|
|
188
|
+
}
|
|
189
|
+
return reports;
|
|
190
|
+
};
|
|
191
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYnVpbGRzcGVjcy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3NyYy9jb250cmlidXRpb25zL3RlYW0tdHJhbnNwb3J0LXR3by9waXBlbGluZS9idWlsZHNwZWNzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLDZEQUFzRDtBQUkvQyxNQUFNLG1CQUFtQixHQUFHLENBQUMsUUFBMEIsRUFBYSxFQUFFO0lBQzNFLE1BQU0sR0FBRyxHQUEyQyxFQUFFLENBQUM7SUFDdkQsTUFBTSxhQUFhLEdBQWEsRUFBRSxDQUFDO0lBRW5DLElBQUksUUFBUSxDQUFDLFdBQVcsRUFBRSxDQUFDO1FBQ3pCLGFBQWEsQ0FBQyxJQUFJLENBQUMsR0FBRyxtQkFBbUIsQ0FBQyxRQUFRLENBQUMsZ0JBQWdCLElBQUksS0FBSyxDQUFDLENBQUMsQ0FBQztRQUMvRSxHQUFHLENBQUMsaUJBQWlCLENBQUMsR0FBRztZQUN2Qix5QkFBeUIsRUFBRSxtREFBbUQ7WUFDOUUsbUJBQW1CLEVBQUUsa0NBQWtDO1lBQ3ZELFlBQVksRUFBRSxzQkFBc0I7U0FDckMsQ0FBQztJQUNKLENBQUM7SUFDRCxJQUFJLFFBQVEsQ0FBQyxnQkFBZ0IsRUFBRSxDQUFDO1FBQzlCLEdBQUcsQ0FBQyxpQkFBaUIsQ0FBQyxHQUFHO1lBQ3ZCLEdBQUcsR0FBRyxDQUFDLGlCQUFpQixDQUFDLElBQUksRUFBRTtZQUMvQiw4Q0FBOEMsRUFBRSw4REFBOEQ7U0FDL0csQ0FBQztJQUNKLENBQUM7SUFDRCxJQUFJLFFBQVEsQ0FBQyxRQUFRLEVBQUUsQ0FBQztRQUN0QixHQUFHLENBQUMsU0FBUyxHQUFHO1lBQ2QsRUFBRSxFQUFFLE1BQU07U0FDWCxDQUFDO1FBQ0YsYUFBYSxDQUFDLElBQUksQ0FBQyxHQUFHLGdCQUFnQixFQUFFLENBQUMsQ0FBQztJQUM1QyxDQUFDO0lBQ0QsSUFBSSxRQUFRLENBQUMsdUJBQXVCLEVBQUUsQ0FBQztRQUNyQyxhQUFhLENBQUMsSUFBSSxDQUFDLG1DQUFtQyxFQUFFLEdBQUcsUUFBUSxDQUFDLHVCQUF1QixDQUFDLENBQUM7SUFDL0YsQ0FBQztJQUVELGFBQWEsQ0FBQyxJQUFJLENBQUMsR0FBRywyQkFBMkIsRUFBRSxDQUFDLENBQUM7SUFFckQsT0FBTyx5QkFBUyxDQUFDLFVBQVUsQ0FBQztRQUMxQixPQUFPLEVBQUUsS0FBSztRQUNkLEdBQUc7UUFDSCxNQUFNLEVBQUU7WUFDTixPQUFPLEVBQUU7Z0JBQ1Asa0JBQWtCLEVBQUUsV0FBVyxDQUFDLFFBQVEsQ0FBQzthQUMxQztZQUNELFNBQVMsRUFBRTtnQkFDVCxRQUFRLEVBQUUsSUFBQSxxQkFBYSxHQUFFO2FBQzFCO1lBQ0QsS0FBSyxFQUFFO2dCQUNMLFFBQVEsRUFBRSxhQUFhO2FBQ3hCO1lBQ0QsVUFBVSxFQUFFO2dCQUNWLFFBQVEsRUFBRSxJQUFBLHFCQUFhLEdBQUU7YUFDMUI7U0FDRjtRQUNELE9BQU8sRUFBRSxhQUFhLENBQUMsUUFBUSxDQUFDO1FBQ2hDLEtBQUssRUFBRTtZQUNMLEtBQUssRUFBRSxVQUFVLEVBQUU7U0FDcEI7S0FDRixDQUFDLENBQUM7QUFDTCxDQUFDLENBQUM7QUFwRFcsUUFBQSxtQkFBbUIsdUJBb0Q5QjtBQUdLLE1BQU0sNEJBQTRCLEdBQUcsQ0FBQyxRQUEwQixFQUFFLEVBQUU7SUFDekUsTUFBTSxHQUFHLEdBQTJDLEVBQUUsQ0FBQztJQUN2RCxNQUFNLGFBQWEsR0FBYSxFQUFFLENBQUM7SUFFbkMsSUFBSSxRQUFRLENBQUMsV0FBVyxFQUFFLENBQUM7UUFDekIsR0FBRyxDQUFDLGlCQUFpQixDQUFDLEdBQUc7WUFDdkIsb0JBQW9CLEVBQUUsOEJBQThCO1NBQ3JELENBQUM7UUFDRixhQUFhLENBQUMsSUFBSSxDQUFDLEdBQUc7WUFDcEIsb0NBQW9DO1lBQ3BDLDhEQUE4RDtTQUMvRCxDQUFDLENBQUM7SUFDTCxDQUFDO0lBQ0QsSUFBSSxRQUFRLENBQUMsUUFBUSxFQUFFLENBQUM7UUFDdEIsYUFBYSxDQUFDLElBQUksQ0FBQyxHQUFHO1lBQ3BCLGlDQUFpQztZQUNqQywrRkFBK0Y7U0FDaEcsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUNELGFBQWEsQ0FBQyxJQUFJLENBQUMsR0FBRztRQUNwQiw0Q0FBNEM7UUFDNUMsbUJBQW1CO1FBQ25CLCtGQUErRjtRQUMvRixPQUFPO0tBQ1IsQ0FBQyxDQUFDO0lBRUgsT0FBTyx5QkFBUyxDQUFDLFVBQVUsQ0FBQztRQUMxQixPQUFPLEVBQUUsS0FBSztRQUNkLEdBQUc7UUFDSCxNQUFNLEVBQUU7WUFDTixPQUFPLEVBQUU7Z0JBQ1Asa0JBQWtCLEVBQUUsV0FBVyxDQUFDLFFBQVEsQ0FBQzthQUMxQztZQUNELFNBQVMsRUFBRTtnQkFDVCxRQUFRLEVBQUUsSUFBQSxxQkFBYSxHQUFFO2FBQzFCO1lBQ0QsS0FBSyxFQUFFO2dCQUNMLFFBQVEsRUFBRSxhQUFhO2FBQ3hCO1lBQ0QsVUFBVSxFQUFFO2dCQUNWLFFBQVEsRUFBRSxJQUFBLHFCQUFhLEdBQUU7YUFDMUI7U0FDRjtRQUNELEtBQUssRUFBRTtZQUNMLEtBQUssRUFBRSx1QkFBdUIsRUFBRTtTQUNqQztLQUNGLENBQUMsQ0FBQztBQUNMLENBQUMsQ0FBQztBQS9DVyxRQUFBLDRCQUE0QixnQ0ErQ3ZDO0FBRUYsTUFBTSxXQUFXLEdBQUcsQ0FBQyxRQUEwQixFQUFFLEVBQUU7SUFDakQsTUFBTSxRQUFRLEdBQTJCLEVBQUUsQ0FBQztJQUM1QyxJQUFJLFFBQVEsQ0FBQyxXQUFXLEVBQUUsQ0FBQztRQUN6QixRQUFRLENBQUMsSUFBSSxHQUFHLFlBQVksQ0FBQztJQUMvQixDQUFDO0lBQ0QsUUFBUSxDQUFDLE1BQU0sR0FBRyxJQUFJLENBQUM7SUFDdkIsT0FBTyxRQUFRLENBQUM7QUFDbEIsQ0FBQyxDQUFDO0FBRUssTUFBTSxhQUFhLEdBQUcsR0FBRyxFQUFFLENBQUM7SUFDakMsc0dBQXNHO0NBQ3ZHLENBQUM7QUFGVyxRQUFBLGFBQWEsaUJBRXhCO0FBRUYsTUFBTSwyQkFBMkIsR0FBRyxHQUFHLEVBQUUsQ0FBQztJQUN4Qyw4QkFBOEI7SUFDOUIsbUJBQW1CO0lBQ25CLFFBQVE7SUFDUixnQ0FBZ0M7SUFDaEMsaUdBQWlHO0lBQ2pHLGtFQUFrRTtJQUNsRSx5SkFBeUo7SUFDekosT0FBTztDQUNSLENBQUM7QUFFRixNQUFNLG1CQUFtQixHQUFHLENBQUMsZ0JBQXlCLEVBQUUsRUFBRTtJQUN4RCxNQUFNLFFBQVEsR0FBYSxFQUFFLENBQUM7SUFDOUIsUUFBUSxDQUFDLElBQUksQ0FBQyxHQUFHO1FBQ2Ysc0JBQXNCO1FBQ3RCLHVCQUF1QjtRQUN2QixpQkFBaUI7UUFDakIsbUdBQW1HO1FBQ25HLHlCQUF5QjtRQUN6QixpSEFBaUg7UUFDakgsMkJBQTJCO1FBQzNCLDRVQUE0VTtLQUM3VSxDQUFDLENBQUM7SUFDSCxJQUFJLGdCQUFnQixFQUFFLENBQUM7UUFDckIsUUFBUSxDQUFDLElBQUksQ0FBQyxHQUFHO1lBQ2YscUJBQXFCO1lBQ3JCLDhHQUE4RztZQUM5RyxzQ0FBc0M7WUFDdEMsOEhBQThIO1lBQzlILDREQUE0RDtTQUM3RCxDQUFDLENBQUM7SUFDTCxDQUFDO0lBQ0QsUUFBUSxDQUFDLElBQUksQ0FBQyxHQUFHO1FBQ2Ysc0JBQXNCO1FBQ3RCLCtCQUErQjtLQUNoQyxDQUFDLENBQUM7SUFDSCxPQUFPLFFBQVEsQ0FBQztBQUNsQixDQUFDLENBQUM7QUFFRixNQUFNLGdCQUFnQixHQUFHLEdBQUcsRUFBRSxDQUFDO0lBQzdCLG1CQUFtQjtJQUNuQixRQUFRO0lBQ1IsY0FBYztJQUNkLGlCQUFpQjtJQUNqQix5QkFBeUI7SUFDekIsZUFBZTtDQUNoQixDQUFDO0FBRUYsTUFBTSxVQUFVLEdBQUcsR0FBRyxFQUFFLENBQUM7SUFDdkIsWUFBWTtJQUNaLG1CQUFtQjtJQUNuQixpQkFBaUI7SUFDakIsMkJBQTJCO0lBQzNCLDRCQUE0QjtJQUM1Qix3Q0FBd0M7SUFDeEMsdUJBQXVCO0NBQ3hCLENBQUM7QUFFRixNQUFNLHVCQUF1QixHQUFHLEdBQUcsRUFBRSxDQUFDO0lBQ3BDLG1CQUFtQjtJQUNuQiwyQkFBMkI7SUFDM0IsNEJBQTRCO0lBQzVCLDBDQUEwQztDQUMzQyxDQUFDO0FBRUYsTUFBTSxhQUFhLEdBQUcsQ0FBQyxRQUEwQixFQUFFLEVBQUU7SUFDbkQsTUFBTSxPQUFPLEdBQXdCLEVBQUUsQ0FBQztJQUN4QyxJQUFJLFFBQVEsQ0FBQyxXQUFXLEVBQUUsQ0FBQztRQUN6QixPQUFPLENBQUMsc0JBQXNCLEdBQUc7WUFDL0IsT0FBTyxFQUFFLENBQUMsTUFBTSxDQUFDO1lBQ2pCLGdCQUFnQixFQUFFLG9CQUFvQjtTQUN2QyxDQUFDO0lBQ0osQ0FBQztJQUNELElBQUksUUFBUSxDQUFDLFFBQVEsRUFBRSxDQUFDO1FBQ3RCLE9BQU8sQ0FBQyxtQkFBbUIsR0FBRztZQUM1QixPQUFPLEVBQUUsQ0FBQyxNQUFNLENBQUM7WUFDakIsZ0JBQWdCLEVBQUUsU0FBUztTQUM1QixDQUFDO0lBQ0osQ0FBQztJQUNELE9BQU8sT0FBTyxDQUFDO0FBQ2pCLENBQUMsQ0FBQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IEJ1aWxkU3BlYyB9IGZyb20gJ2F3cy1jZGstbGliL2F3cy1jb2RlYnVpbGQnO1xuaW1wb3J0IHsgUGlwZWxpbmVGZWF0dXJlcyB9IGZyb20gJy4vcGlwZWxpbmUtc3RhY2snO1xuXG5cbmV4cG9ydCBjb25zdCBjcmVhdGVNYWluQnVpbGRTcGVjID0gKGZlYXR1cmVzOiBQaXBlbGluZUZlYXR1cmVzKTogQnVpbGRTcGVjID0+IHtcbiAgY29uc3QgZW52OiBSZWNvcmQ8c3RyaW5nLCBSZWNvcmQ8c3RyaW5nLCBzdHJpbmc+PiA9IHt9O1xuICBjb25zdCBidWlsZENvbW1hbmRzOiBzdHJpbmdbXSA9IFtdO1xuXG4gIGlmIChmZWF0dXJlcy5ncmFkbGVCdWlsZCkge1xuICAgIGJ1aWxkQ29tbWFuZHMucHVzaCguLi5ncmFkbGVCdWlsZENvbW1hbmRzKGZlYXR1cmVzLmthZmthSW50ZWdyYXRpb24gPz8gZmFsc2UpKTtcbiAgICBlbnZbJ3BhcmFtZXRlci1zdG9yZSddID0ge1xuICAgICAgU0VSVklDRV9LRVlTVE9SRV9QQVNTV09SRDogJy9jb25maWcvJHtTRVJWSUNFX05BTUV9L3NlcnZpY2Uta2V5c3RvcmUtcGFzc3dvcmQnLFxuICAgICAgTElDRU5TRV9CVUNLRVRfTkFNRTogJy9jb25maWcvb3NzLWxpY2Vuc2VzL2J1Y2tldC1uYW1lJyxcbiAgICAgIEFDQ09VTlRfTkFNRTogJy9jb25maWcvYWNjb3VudC9uYW1lJyxcbiAgICB9O1xuICB9XG4gIGlmIChmZWF0dXJlcy5rYWZrYUludGVncmF0aW9uKSB7XG4gICAgZW52WydwYXJhbWV0ZXItc3RvcmUnXSA9IHtcbiAgICAgIC4uLmVudlsncGFyYW1ldGVyLXN0b3JlJ10gPz8ge30sXG4gICAgICBDUkVBVEVfQU5EX1NJR05fQ0VSVElGSUNBVEVfU0NSSVBUX1MzX0xPQ0FUSU9OOiAnL2NvbmZpZy9rYWZrYS9jcmVhdGUtYW5kLXNpZ24tY2VydGlmaWNhdGUtc2NyaXB0LXMzLWxvY2F0aW9uJyxcbiAgICB9O1xuICB9XG4gIGlmIChmZWF0dXJlcy5ucG1CdWlsZCkge1xuICAgIGVudi52YXJpYWJsZXMgPSB7XG4gICAgICBDSTogJ3RydWUnLFxuICAgIH07XG4gICAgYnVpbGRDb21tYW5kcy5wdXNoKC4uLm5wbUJ1aWxkQ29tbWFuZHMoKSk7XG4gIH1cbiAgaWYgKGZlYXR1cmVzLmFkZGl0aW9uYWxCdWlsZENvbW1hbmRzKSB7XG4gICAgYnVpbGRDb21tYW5kcy5wdXNoKCcjIyMgQURESVRJT05BTCBCVUlMRCBDT01NQU5EUyAjIyMnLCAuLi5mZWF0dXJlcy5hZGRpdGlvbmFsQnVpbGRDb21tYW5kcyk7XG4gIH1cblxuICBidWlsZENvbW1hbmRzLnB1c2goLi4uaW5mcmFzdHJ1Y3R1cmVCdWlsZENvbW1hbmRzKCkpO1xuXG4gIHJldHVybiBCdWlsZFNwZWMuZnJvbU9iamVjdCh7XG4gICAgdmVyc2lvbjogJzAuMicsXG4gICAgZW52LFxuICAgIHBoYXNlczoge1xuICAgICAgaW5zdGFsbDoge1xuICAgICAgICAncnVudGltZS12ZXJzaW9ucyc6IGdldFJ1bnRpbWVzKGZlYXR1cmVzKSxcbiAgICAgIH0sXG4gICAgICBwcmVfYnVpbGQ6IHtcbiAgICAgICAgY29tbWFuZHM6IGxvZ0NvbW1pdEhhc2goKSxcbiAgICAgIH0sXG4gICAgICBidWlsZDoge1xuICAgICAgICBjb21tYW5kczogYnVpbGRDb21tYW5kcyxcbiAgICAgIH0sXG4gICAgICBwb3N0X2J1aWxkOiB7XG4gICAgICAgIGNvbW1hbmRzOiBsb2dDb21taXRIYXNoKCksXG4gICAgICB9LFxuICAgIH0sXG4gICAgcmVwb3J0czogY3JlYXRlUmVwb3J0cyhmZWF0dXJlcyksXG4gICAgY2FjaGU6IHtcbiAgICAgIHBhdGhzOiBjYWNoZVBhdGhzKCksXG4gICAgfSxcbiAgfSk7XG59O1xuXG5cbmV4cG9ydCBjb25zdCBjcmVhdGVWdWxuZXJhYmlsaXR5QnVpbGRTcGVjID0gKGZlYXR1cmVzOiBQaXBlbGluZUZlYXR1cmVzKSA9PiB7XG4gIGNvbnN0IGVudjogUmVjb3JkPHN0cmluZywgUmVjb3JkPHN0cmluZywgc3RyaW5nPj4gPSB7fTtcbiAgY29uc3QgYnVpbGRDb21tYW5kczogc3RyaW5nW10gPSBbXTtcblxuICBpZiAoZmVhdHVyZXMuZ3JhZGxlQnVpbGQpIHtcbiAgICBlbnZbJ3BhcmFtZXRlci1zdG9yZSddID0ge1xuICAgICAgTklTVF9EQVRBX01JUlJPUl9VUkw6ICcvY29uZmlnL25pc3QtZGF0YS1taXJyb3IvdXJsJyxcbiAgICB9O1xuICAgIGJ1aWxkQ29tbWFuZHMucHVzaCguLi5bXG4gICAgICAnIyMjIEdSQURMRSBWVUxORVJBQklMSVRZIENIRUNLICMjIycsXG4gICAgICAnLi9ncmFkbGV3IC1Eb3JnLmdyYWRsZS5qdm1hcmdzPS1YbXg0ZyBkZXBlbmRlbmN5Q2hlY2tBbmFseXplJyxcbiAgICBdKTtcbiAgfVxuICBpZiAoZmVhdHVyZXMubnBtQnVpbGQpIHtcbiAgICBidWlsZENvbW1hbmRzLnB1c2goLi4uW1xuICAgICAgJyMjIyBOUE0gVlVMTkVSQUJJTElUWSBDSEVDSyAjIyMnLFxuICAgICAgJ25wbSBhdWRpdCAtLXJlZ2lzdHJ5IGh0dHBzOi8vcmVnaXN0cnkubnBtanMub3JnIC0tYXVkaXQtbGV2ZWwgbW9kZXJhdGUgLS1wYXJzZWFibGUgLS1vbWl0PWRldicsXG4gICAgXSk7XG4gIH1cbiAgYnVpbGRDb21tYW5kcy5wdXNoKC4uLltcbiAgICAnIyMjIElORlJBU1RSVUNUVVJFIFZVTE5FUkFCSUxJVFkgQ0hFQ0sgIyMjJyxcbiAgICAnY2QgaW5mcmFzdHJ1Y3R1cmUnLFxuICAgICducG0gYXVkaXQgLS1yZWdpc3RyeSBodHRwczovL3JlZ2lzdHJ5Lm5wbWpzLm9yZyAtLWF1ZGl0LWxldmVsIG1vZGVyYXRlIC0tcGFyc2VhYmxlIC0tb21pdD1kZXYnLFxuICAgICdjZCAuLicsXG4gIF0pO1xuXG4gIHJldHVybiBCdWlsZFNwZWMuZnJvbU9iamVjdCh7XG4gICAgdmVyc2lvbjogJzAuMicsXG4gICAgZW52LFxuICAgIHBoYXNlczoge1xuICAgICAgaW5zdGFsbDoge1xuICAgICAgICAncnVudGltZS12ZXJzaW9ucyc6IGdldFJ1bnRpbWVzKGZlYXR1cmVzKSxcbiAgICAgIH0sXG4gICAgICBwcmVfYnVpbGQ6IHtcbiAgICAgICAgY29tbWFuZHM6IGxvZ0NvbW1pdEhhc2goKSxcbiAgICAgIH0sXG4gICAgICBidWlsZDoge1xuICAgICAgICBjb21tYW5kczogYnVpbGRDb21tYW5kcyxcbiAgICAgIH0sXG4gICAgICBwb3N0X2J1aWxkOiB7XG4gICAgICAgIGNvbW1hbmRzOiBsb2dDb21taXRIYXNoKCksXG4gICAgICB9LFxuICAgIH0sXG4gICAgY2FjaGU6IHtcbiAgICAgIHBhdGhzOiBjYWNoZVBhdGhzVnVsbmVyYWJpbGl0eSgpLFxuICAgIH0sXG4gIH0pO1xufTtcblxuY29uc3QgZ2V0UnVudGltZXMgPSAoZmVhdHVyZXM6IFBpcGVsaW5lRmVhdHVyZXMpID0+IHtcbiAgY29uc3QgcnVudGltZXM6IFJlY29yZDxzdHJpbmcsIHN0cmluZz4gPSB7fTtcbiAgaWYgKGZlYXR1cmVzLmdyYWRsZUJ1aWxkKSB7XG4gICAgcnVudGltZXMuamF2YSA9ICdjb3JyZXR0bzE3JztcbiAgfVxuICBydW50aW1lcy5ub2RlanMgPSAnMjAnO1xuICByZXR1cm4gcnVudGltZXM7XG59O1xuXG5leHBvcnQgY29uc3QgbG9nQ29tbWl0SGFzaCA9ICgpID0+IFtcbiAgJyhlY2hvIFwiQnVpbGQgdHJpZ2dlcmVkIGJ5IGNvbW1pdCBcIiAmJiBnaXQgbG9nIC0tcHJldHR5PWZvcm1hdDpcIiVoJXgwOSVhbiV4MDklc1wiIC1uIDEgKSB8IHRyIC1kIFwiXFxcXG5cIicsXG5dO1xuXG5jb25zdCBpbmZyYXN0cnVjdHVyZUJ1aWxkQ29tbWFuZHMgPSAoKSA9PiBbXG4gICcjIyMgSU5GUkFTVFJVQ1RVUkUgQlVJTEQgIyMjJyxcbiAgJ2NkIGluZnJhc3RydWN0dXJlJyxcbiAgJ25wbSBjaScsXG4gICducG0gcnVuIGNkayBzeW50aCAxPiAvZGV2L251bGwnLFxuICAvLyBJbiBwaXBlbGluZTogRXJyb3IgcGFyc2luZyByZWZlcmVuY2U6IGlzIG5vdCBhIHZhbGlkIHJlcG9zaXRvcnkvdGFnOiBpbnZhbGlkIHJlZmVyZW5jZSBmb3JtYXQuXG4gIC8vIHdvcmthcm91bmQgZHVlIHRvIGh0dHBzOi8vZ2l0aHViLmNvbS9hd3MvYXdzLWNkay9pc3N1ZXMvMTgwNDQnLFxuICAnZmluZCAuLyAtdHlwZSBmIC1uYW1lIFwiKkRlcGxveUFwcGxpY2F0aW9uU3RhY2tzKi5hc3NldHMuanNvblwiIC1wcmludDAgfCB4YXJncyAtMCAgc2VkIC0taW4tcGxhY2UgXFwnc3xkb2NrZXIgbG9hZCAtaSBhc3NldC58ZG9ja2VyIGxvYWQgLWkgLi4vYXNzZXQufGdcXCcnLFxuICAnY2QgLi4nLFxuXTtcblxuY29uc3QgZ3JhZGxlQnVpbGRDb21tYW5kcyA9IChrYWZrYUludGVncmF0aW9uOiBib29sZWFuKSA9PiB7XG4gIGNvbnN0IGNvbW1hbmRzOiBzdHJpbmdbXSA9IFtdO1xuICBjb21tYW5kcy5wdXNoKC4uLltcbiAgICAnIyMjIEdSQURMRSBCVUlMRCAjIyMnLFxuICAgICcuL2dyYWRsZXcgY2xlYW4gYnVpbGQnLFxuICAgICcjIGxpY2Vuc2UgY2hlY2snLFxuICAgICdzZXQgLXU7IGF3cyBzMyBjcCBzMzovLyR7TElDRU5TRV9CVUNLRVRfTkFNRX0vd2hpdGVsaXN0LWdyYWRsZS50eHQgbGljZW5zZXMvYXBwcm92ZWRfbGljZW5zZXMudHh0JyxcbiAgICAnLi9ncmFkbGV3IGNoZWNrTGljZW5zZXMnLFxuICAgICdzZXQgLXU7IGF3cyBzMyBjcCBsaWNlbnNlcy9saWNlbnNlcy50eHQgczM6Ly8ke0xJQ0VOU0VfQlVDS0VUX05BTUV9L3JlcG9ydHMvJHtBQ0NPVU5UX05BTUV9LyR7U0VSVklDRV9OQU1FfS50eHQnLFxuICAgICcjIHNlbGYgc2lnbmVkIGNlcnRpZmljYXRlJyxcbiAgICAnc2V0IC11OyBrZXl0b29sIC1nZW5rZXkgLWFsaWFzIEludGVybmFsU2VydmljZUNlcnRpZmljYXRlIC1rZXlhbGcgUlNBIC1rZXlzdG9yZSBjb250YWluZXJmaWxlcy9zZXJ2aWNlLWtleXN0b3JlLnAxMiAtdmFsaWRpdHkgMzY1MCAtc3RvcmV0eXBlIFBLQ1MxMiAtZG5hbWUgXCJDTj1pbnRlcm5hbC5zZXJ2aWNlLiR7U0VSVklDRV9OQU1FfS4ke0hPU1RFRF9aT05FfSwgT1U9TG9naXN0aWNzLCBPPVJpbywgTD1NdW5pY2gsIFNUPUJZLCBDPURFXCIgLWtleXBhc3MgJHtTRVJWSUNFX0tFWVNUT1JFX1BBU1NXT1JEfSAtc3RvcmVwYXNzICR7U0VSVklDRV9LRVlTVE9SRV9QQVNTV09SRH0nLFxuICBdKTtcbiAgaWYgKGthZmthSW50ZWdyYXRpb24pIHtcbiAgICBjb21tYW5kcy5wdXNoKC4uLltcbiAgICAgICcjIGthZmthIGNlcnRpZmljYXRlJyxcbiAgICAgICdzZXQgLXU7IGF3cyBzMyBjcCAtLXF1aWV0IHMzOi8vJHtDUkVBVEVfQU5EX1NJR05fQ0VSVElGSUNBVEVfU0NSSVBUX1MzX0xPQ0FUSU9OfSBjcmVhdGUtYW5kLXNpZ24tY2VydGlmaWNhdGUnLFxuICAgICAgJ2NobW9kICt4IGNyZWF0ZS1hbmQtc2lnbi1jZXJ0aWZpY2F0ZScsXG4gICAgICAnc2V0IC11OyAuL2NyZWF0ZS1hbmQtc2lnbi1jZXJ0aWZpY2F0ZSAtLWtleXN0b3JlLXBhc3N3b3JkICR7U0VSVklDRV9LRVlTVE9SRV9QQVNTV09SRH0gLS1mcWRuICR7U0VSVklDRV9OQU1FfS4ke0hPU1RFRF9aT05FfScsXG4gICAgICAnY3AgL2NlcnQvY2VydGlmaWNhdGUucDEyIGNvbnRhaW5lcmZpbGVzL2thZmthLWtleXN0b3JlLnAxMicsXG4gICAgXSk7XG4gIH1cbiAgY29tbWFuZHMucHVzaCguLi5bXG4gICAgJyMgZG9ja2VyIGltYWdlIGJ1aWxkJyxcbiAgICAnLi9ncmFkbGV3IGppYkJ1aWxkVGFyIC0tcXVpZXQnLFxuICBdKTtcbiAgcmV0dXJuIGNvbW1hbmRzO1xufTtcblxuY29uc3QgbnBtQnVpbGRDb21tYW5kcyA9ICgpID0+IFtcbiAgJyMjIyBOUE0gQlVJTEQgIyMjJyxcbiAgJ25wbSBjaScsXG4gICducG0gcnVuIGxpbnQnLFxuICAnbnBtIHJ1biB0ZXN0OmNpJyxcbiAgJy4vY2hlY2stb3NzLWxpY2Vuc2VzLnNoJyxcbiAgJ25wbSBydW4gYnVpbGQnLFxuXTtcblxuY29uc3QgY2FjaGVQYXRocyA9ICgpID0+IFtcbiAgJy9jZXJ0LyoqLyonLFxuICAnL3Jvb3QvLmNhY2hlLyoqLyonLFxuICAnL3Jvb3QvLm5wbS8qKi8qJyxcbiAgJy9yb290Ly5ncmFkbGUvY2FjaGVzLyoqLyonLFxuICAnL3Jvb3QvLmdyYWRsZS93cmFwcGVyLyoqLyonLFxuICAnL3Jvb3QvZ29vZ2xlLWNsb3VkLXRvb2xzLWphdmEvamliLyoqLyonLFxuICAndGFyZ2V0L2ppYi1jYWNoZS8qKi8qJyxcbl07XG5cbmNvbnN0IGNhY2hlUGF0aHNWdWxuZXJhYmlsaXR5ID0gKCkgPT4gW1xuICAnL3Jvb3QvLmNhY2hlLyoqLyonLFxuICAnL3Jvb3QvLmdyYWRsZS9jYWNoZXMvKiovKicsXG4gICcvcm9vdC8uZ3JhZGxlL3dyYXBwZXIvKiovKicsXG4gICcvcm9vdC8uZ3JhZGxlL2RlcGVuZGVuY3ktY2hlY2stZGF0YS8qKi8qJyxcbl07XG5cbmNvbnN0IGNyZWF0ZVJlcG9ydHMgPSAoZmVhdHVyZXM6IFBpcGVsaW5lRmVhdHVyZXMpID0+IHtcbiAgY29uc3QgcmVwb3J0czogUmVjb3JkPHN0cmluZywgYW55PiA9IHt9O1xuICBpZiAoZmVhdHVyZXMuZ3JhZGxlQnVpbGQpIHtcbiAgICByZXBvcnRzLkdyYWRsZUJ1aWxkVGVzdFJlc3VsdHMgPSB7XG4gICAgICAnZmlsZXMnOiBbJyoqLyonXSxcbiAgICAgICdiYXNlLWRpcmVjdG9yeSc6ICdidWlsZC90ZXN0LXJlc3VsdHMnLFxuICAgIH07XG4gIH1cbiAgaWYgKGZlYXR1cmVzLm5wbUJ1aWxkKSB7XG4gICAgcmVwb3J0cy5OcG1CdWlsZFRlc3RSZXN1bHRzID0ge1xuICAgICAgJ2ZpbGVzJzogWycqKi8qJ10sXG4gICAgICAnYmFzZS1kaXJlY3RvcnknOiAncmVzdWx0cycsXG4gICAgfTtcbiAgfVxuICByZXR1cm4gcmVwb3J0cztcbn07XG4iXX0=
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import * as cdk from 'aws-cdk-lib';
|
|
2
2
|
import { Stack, StackProps } from 'aws-cdk-lib';
|
|
3
3
|
import { BuildEnvironment } from 'aws-cdk-lib/aws-codebuild';
|
|
4
|
+
import * as codepipeline from 'aws-cdk-lib/aws-codepipeline';
|
|
4
5
|
import { CodeBuildStep } from 'aws-cdk-lib/pipelines';
|
|
5
6
|
import { Construct } from 'constructs';
|
|
6
7
|
import { DatadogAlertType } from '../../../datadog';
|
|
@@ -30,9 +31,16 @@ export interface PipelineStackProps extends StackProps {
|
|
|
30
31
|
*/
|
|
31
32
|
readonly appStackFactory: IAppStackFactory;
|
|
32
33
|
/**
|
|
34
|
+
* Defines which kind of pipeline is deployed.
|
|
35
|
+
*
|
|
36
|
+
* Use the features to combine different opinionated, RIO-specific pipeline features such as adding a branch pipeline or supporting Kafka.
|
|
37
|
+
*/
|
|
38
|
+
readonly features?: PipelineFeatures;
|
|
39
|
+
/**
|
|
40
|
+
* @deprecated Use the `features` property instead. For now, the pipeline types are mapped to the features.
|
|
33
41
|
* Defines which kind of pipeline is deployed.
|
|
34
42
|
*/
|
|
35
|
-
readonly pipelineType
|
|
43
|
+
readonly pipelineType?: PipelineType;
|
|
36
44
|
/**
|
|
37
45
|
* Defines how often the pipeline is triggered automatically. Is defined via a cron expression.
|
|
38
46
|
*
|
|
@@ -68,6 +76,10 @@ export interface PipelineStackProps extends StackProps {
|
|
|
68
76
|
* Notification type for the auto-generated vulnerability pipeline monitor. Defaults to slack.
|
|
69
77
|
*/
|
|
70
78
|
readonly vulnerabilityNotification?: INotification;
|
|
79
|
+
/**
|
|
80
|
+
* CodePipeline PipelineType (V1 or V2). Defaults to V1.
|
|
81
|
+
*/
|
|
82
|
+
readonly codePipelineType?: codepipeline.PipelineType;
|
|
71
83
|
}
|
|
72
84
|
/**
|
|
73
85
|
* Provider interface to create the AppStack within the specific scope
|
|
@@ -126,6 +138,44 @@ export interface PipelineStackRioMonitoringDeployStepProps {
|
|
|
126
138
|
[directory: string]: string[];
|
|
127
139
|
};
|
|
128
140
|
}
|
|
141
|
+
export interface PipelineFeatures {
|
|
142
|
+
/**
|
|
143
|
+
* Create a branch pipeline used by renovate. Defaults to `true`.
|
|
144
|
+
*/
|
|
145
|
+
readonly branchPipeline?: boolean;
|
|
146
|
+
/**
|
|
147
|
+
* Create a vulnerability pipeline to scan dependencies for vulnerabilities. Defaults to `true`.
|
|
148
|
+
*/
|
|
149
|
+
readonly vulnerabilityPipeline?: boolean;
|
|
150
|
+
/**
|
|
151
|
+
* Run a standard gradle build in the repository root. Defaults to `false`:
|
|
152
|
+
* - build and test of the artifact via command "./gradlew clean build"
|
|
153
|
+
* - license-check and upload of license-check-file via command "./gradlew checkLicenses"
|
|
154
|
+
* - create a self-signed certificate to make TLS communication possible, e.g. with a loadbalancer
|
|
155
|
+
* - build the container image via command "./gradlew jibBuildTar"
|
|
156
|
+
*/
|
|
157
|
+
readonly gradleBuild?: boolean;
|
|
158
|
+
/**
|
|
159
|
+
* Run a standard npm build in the repository root. Defaults to `false`:
|
|
160
|
+
* - run linter via command "npm run lint"
|
|
161
|
+
* - run tests via command "npm run test:ci"
|
|
162
|
+
* - run a license check by calling the script "check-oss-licenses.sh" (from the RIO frontend template)
|
|
163
|
+
* - build the artifact via command "npm run build"
|
|
164
|
+
*/
|
|
165
|
+
readonly npmBuild?: boolean;
|
|
166
|
+
/**
|
|
167
|
+
* Add required steps and permissions to support Kafka. Currently, this requires `gradleBuild` to be set to `true`. Defaults to `false`.
|
|
168
|
+
*/
|
|
169
|
+
readonly kafkaIntegration?: boolean;
|
|
170
|
+
/**
|
|
171
|
+
* S3 Bucket to deploy frontend to. Requires `npmBuild` to be set to `true`. If set, the output of the npm build is deployed to the provided bucket.
|
|
172
|
+
*/
|
|
173
|
+
readonly frontendBucketName?: string;
|
|
174
|
+
/**
|
|
175
|
+
* Additional build commands for main and branch pipeline. Will be added after all build & test commands, before the infrastructure build.
|
|
176
|
+
*/
|
|
177
|
+
readonly additionalBuildCommands?: string[];
|
|
178
|
+
}
|
|
129
179
|
export declare enum PipelineType {
|
|
130
180
|
/**
|
|
131
181
|
* Self-mutating codepipeline deploying the provided AppStack. Be aware: The provided service won't have access to Kafka.
|
|
@@ -176,6 +226,7 @@ export interface CodeBuildOptions {
|
|
|
176
226
|
readonly buildEnvironment?: BuildEnvironment;
|
|
177
227
|
}
|
|
178
228
|
export declare class PipelineStack extends Stack {
|
|
229
|
+
private readonly _features;
|
|
179
230
|
private readonly _mainCodeBuildProject;
|
|
180
231
|
private readonly _branchCodeBuildProject;
|
|
181
232
|
private readonly _bucket;
|
|
@@ -188,9 +239,11 @@ export declare class PipelineStack extends Stack {
|
|
|
188
239
|
private readonly _serviceKeystorePassword;
|
|
189
240
|
private readonly _accountNameParameter;
|
|
190
241
|
private readonly _nistDataMirrorUrl;
|
|
242
|
+
private readonly _codePipelineType;
|
|
191
243
|
constructor(scope: Construct, id: string, props: PipelineStackProps);
|
|
192
244
|
get mainCodebuildProject(): cdk.pipelines.CodeBuildStep;
|
|
193
245
|
get branchCodeBuildProject(): CodeBuildStep;
|
|
246
|
+
private parseFeatures;
|
|
194
247
|
private createRioCodeBuildProject;
|
|
195
248
|
private addMainPipeline;
|
|
196
249
|
private addBranchPipeline;
|
|
@@ -198,7 +251,7 @@ export declare class PipelineStack extends Stack {
|
|
|
198
251
|
private createStripAssetsStep;
|
|
199
252
|
private createCapabilityMonitoringDeployStep;
|
|
200
253
|
private createSecretsDeployStep;
|
|
201
|
-
private
|
|
254
|
+
private createDeployFrontendDeployStep;
|
|
202
255
|
private grantPermissionsForKafkaIntegration;
|
|
203
256
|
private loadBuildSpecFromFile;
|
|
204
257
|
private renamePipelineToLowerCase;
|