aws-cdk-lib 2.186.0__py3-none-any.whl → 2.188.0__py3-none-any.whl

aws_cdk/aws_codebuild/__init__.py

@@ -3470,6 +3470,7 @@ class CfnProject(
                 type="type",
         
                 # the properties below are optional
+                cache_namespace="cacheNamespace",
                 location="location",
                 modes=["modes"]
             ),
@@ -5276,19 +5277,26 @@ class CfnProject(
     @jsii.data_type(
         jsii_type="aws-cdk-lib.aws_codebuild.CfnProject.ProjectCacheProperty",
         jsii_struct_bases=[],
-        name_mapping={"type": "type", "location": "location", "modes": "modes"},
+        name_mapping={
+            "type": "type",
+            "cache_namespace": "cacheNamespace",
+            "location": "location",
+            "modes": "modes",
+        },
     )
     class ProjectCacheProperty:
         def __init__(
             self,
             *,
             type: builtins.str,
+            cache_namespace: typing.Optional[builtins.str] = None,
             location: typing.Optional[builtins.str] = None,
             modes: typing.Optional[typing.Sequence[builtins.str]] = None,
         ) -> None:
             '''``ProjectCache`` is a property of the `AWS CodeBuild Project <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codebuild-project.html>`_ resource that specifies information about the cache for the build project. If ``ProjectCache`` is not specified, then both of its properties default to ``NO_CACHE`` .
 
             :param type: The type of cache used by the build project. Valid values include:. - ``NO_CACHE`` : The build project does not use any cache. - ``S3`` : The build project reads and writes from and to S3. - ``LOCAL`` : The build project stores a cache locally on a build host that is only available to that build host.
+            :param cache_namespace: 
             :param location: Information about the cache location:. - ``NO_CACHE`` or ``LOCAL`` : This value is ignored. - ``S3`` : This is the S3 bucket name/prefix.
             :param modes: An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for ``LOCAL`` cache types. Possible values are: - **LOCAL_SOURCE_CACHE** - Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored. - **LOCAL_DOCKER_LAYER_CACHE** - Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network. .. epigraph:: - You can use a Docker layer cache in the Linux environment only. - The ``privileged`` flag must be set so that your project has the required Docker permissions. - You should consider the security implications before you use a Docker layer cache. - **LOCAL_CUSTOM_CACHE** - Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache: - Only directories can be specified for caching. You cannot specify individual files. - Symlinks are used to reference cached directories. - Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.
 
@@ -5305,6 +5313,7 @@ class CfnProject(
                     type="type",
                 
                     # the properties below are optional
+                    cache_namespace="cacheNamespace",
                     location="location",
                     modes=["modes"]
                 )
@@ -5312,11 +5321,14 @@ class CfnProject(
             if __debug__:
                 type_hints = typing.get_type_hints(_typecheckingstub__1f7b942816ca448d0a1e5b046754abe3bbf6042e79982a46edfd284c87941f59)
                 check_type(argname="argument type", value=type, expected_type=type_hints["type"])
+                check_type(argname="argument cache_namespace", value=cache_namespace, expected_type=type_hints["cache_namespace"])
                 check_type(argname="argument location", value=location, expected_type=type_hints["location"])
                 check_type(argname="argument modes", value=modes, expected_type=type_hints["modes"])
             self._values: typing.Dict[builtins.str, typing.Any] = {
                 "type": type,
             }
+            if cache_namespace is not None:
+                self._values["cache_namespace"] = cache_namespace
             if location is not None:
                 self._values["location"] = location
             if modes is not None:
@@ -5336,6 +5348,14 @@ class CfnProject(
             assert result is not None, "Required property 'type' is missing"
             return typing.cast(builtins.str, result)
 
+        @builtins.property
+        def cache_namespace(self) -> typing.Optional[builtins.str]:
+            '''
+            :see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codebuild-project-projectcache.html#cfn-codebuild-project-projectcache-cachenamespace
+            '''
+            result = self._values.get("cache_namespace")
+            return typing.cast(typing.Optional[builtins.str], result)
+
         @builtins.property
         def location(self) -> typing.Optional[builtins.str]:
             '''Information about the cache location:.
@@ -6812,6 +6832,7 @@ class CfnProjectProps:
                     type="type",
             
                     # the properties below are optional
+                    cache_namespace="cacheNamespace",
                     location="location",
                     modes=["modes"]
                 ),
@@ -12108,6 +12129,7 @@ class LinuxBuildImage(
         cache_disabled: typing.Optional[builtins.bool] = None,
         cache_from: typing.Optional[typing.Sequence[typing.Union[_DockerCacheOption_58ef18ca, typing.Dict[builtins.str, typing.Any]]]] = None,
         cache_to: typing.Optional[typing.Union[_DockerCacheOption_58ef18ca, typing.Dict[builtins.str, typing.Any]]] = None,
+        display_name: typing.Optional[builtins.str] = None,
         file: typing.Optional[builtins.str] = None,
         invalidation: typing.Optional[typing.Union[_DockerImageAssetInvalidationOptions_4deb8d45, typing.Dict[builtins.str, typing.Any]]] = None,
         network_mode: typing.Optional[_NetworkMode_897e5081] = None,
@@ -12131,6 +12153,7 @@ class LinuxBuildImage(
         :param cache_disabled: Disable the cache and pass ``--no-cache`` to the ``docker build`` command. Default: - cache is used
         :param cache_from: Cache from options to pass to the ``docker build`` command. Default: - no cache from options are passed to the build command
         :param cache_to: Cache to options to pass to the ``docker build`` command. Default: - no cache to options are passed to the build command
+        :param display_name: A display name for this asset. If supplied, the display name will be used in locations where the asset identifier is printed, like in the CLI progress information. If the same asset is added multiple times, the display name of the first occurrence is used. If ``assetName`` is given, it will also be used as the default ``displayName``. Otherwise, the default is the construct path of the ImageAsset construct, with respect to the enclosing stack. If the asset is produced by a construct helper function (such as ``lambda.Code.fromAssetImage()``), this will look like ``MyFunction/AssetImage``. We use the stack-relative construct path so that in the common case where you have multiple stacks with the same asset, we won't show something like ``/MyBetaStack/MyFunction/Code`` when you are actually deploying to production. Default: - Stack-relative construct path
         :param file: Path to the Dockerfile (relative to the directory). Default: 'Dockerfile'
         :param invalidation: Options to control which parameters are used to invalidate the asset hash. Default: - hash all parameters
         :param network_mode: Networking mode for the RUN commands during build. Support docker API 1.25+. Default: - no networking mode specified (the default networking mode ``NetworkMode.DEFAULT`` will be used)
@@ -12155,6 +12178,7 @@ class LinuxBuildImage(
             cache_disabled=cache_disabled,
             cache_from=cache_from,
             cache_to=cache_to,
+            display_name=display_name,
             file=file,
             invalidation=invalidation,
             network_mode=network_mode,
@@ -12807,6 +12831,7 @@ class MacBuildImage(
                     "params_key": "params"
                 }
             ),
+            display_name="displayName",
             exclude=["exclude"],
             extra_hash="extraHash",
             file="file",
@@ -12846,6 +12871,7 @@ class MacBuildImage(
         cache_disabled: typing.Optional[builtins.bool] = None,
         cache_from: typing.Optional[typing.Sequence[typing.Union[_DockerCacheOption_58ef18ca, typing.Dict[builtins.str, typing.Any]]]] = None,
         cache_to: typing.Optional[typing.Union[_DockerCacheOption_58ef18ca, typing.Dict[builtins.str, typing.Any]]] = None,
+        display_name: typing.Optional[builtins.str] = None,
         file: typing.Optional[builtins.str] = None,
         invalidation: typing.Optional[typing.Union[_DockerImageAssetInvalidationOptions_4deb8d45, typing.Dict[builtins.str, typing.Any]]] = None,
         network_mode: typing.Optional[_NetworkMode_897e5081] = None,
@@ -12869,6 +12895,7 @@ class MacBuildImage(
         :param cache_disabled: Disable the cache and pass ``--no-cache`` to the ``docker build`` command. Default: - cache is used
         :param cache_from: Cache from options to pass to the ``docker build`` command. Default: - no cache from options are passed to the build command
         :param cache_to: Cache to options to pass to the ``docker build`` command. Default: - no cache to options are passed to the build command
+        :param display_name: A display name for this asset. If supplied, the display name will be used in locations where the asset identifier is printed, like in the CLI progress information. If the same asset is added multiple times, the display name of the first occurrence is used. If ``assetName`` is given, it will also be used as the default ``displayName``. Otherwise, the default is the construct path of the ImageAsset construct, with respect to the enclosing stack. If the asset is produced by a construct helper function (such as ``lambda.Code.fromAssetImage()``), this will look like ``MyFunction/AssetImage``. We use the stack-relative construct path so that in the common case where you have multiple stacks with the same asset, we won't show something like ``/MyBetaStack/MyFunction/Code`` when you are actually deploying to production. Default: - Stack-relative construct path
         :param file: Path to the Dockerfile (relative to the directory). Default: 'Dockerfile'
         :param invalidation: Options to control which parameters are used to invalidate the asset hash. Default: - hash all parameters
         :param network_mode: Networking mode for the RUN commands during build. Support docker API 1.25+. Default: - no networking mode specified (the default networking mode ``NetworkMode.DEFAULT`` will be used)
@@ -12893,6 +12920,7 @@ class MacBuildImage(
             cache_disabled=cache_disabled,
             cache_from=cache_from,
             cache_to=cache_to,
+            display_name=display_name,
             file=file,
             invalidation=invalidation,
             network_mode=network_mode,
@@ -19075,6 +19103,7 @@ def _typecheckingstub__bd7a159b208cebb3cbebac16a64724eaec87e10d0a867f62bf9021489
 def _typecheckingstub__1f7b942816ca448d0a1e5b046754abe3bbf6042e79982a46edfd284c87941f59(
     *,
     type: builtins.str,
+    cache_namespace: typing.Optional[builtins.str] = None,
     location: typing.Optional[builtins.str] = None,
     modes: typing.Optional[typing.Sequence[builtins.str]] = None,
 ) -> None:
@@ -19797,6 +19826,7 @@ def _typecheckingstub__c4ce5766deb0a7d190b79fe8c16f4eb758ab6db30a15dc2ea68692833
     cache_disabled: typing.Optional[builtins.bool] = None,
     cache_from: typing.Optional[typing.Sequence[typing.Union[_DockerCacheOption_58ef18ca, typing.Dict[builtins.str, typing.Any]]]] = None,
     cache_to: typing.Optional[typing.Union[_DockerCacheOption_58ef18ca, typing.Dict[builtins.str, typing.Any]]] = None,
+    display_name: typing.Optional[builtins.str] = None,
     file: typing.Optional[builtins.str] = None,
     invalidation: typing.Optional[typing.Union[_DockerImageAssetInvalidationOptions_4deb8d45, typing.Dict[builtins.str, typing.Any]]] = None,
     network_mode: typing.Optional[_NetworkMode_897e5081] = None,
@@ -19864,6 +19894,7 @@ def _typecheckingstub__aa924aa0600b9706b95a62c612f337f8dde0f0df7d5d3b8c5b48b7279
     cache_disabled: typing.Optional[builtins.bool] = None,
     cache_from: typing.Optional[typing.Sequence[typing.Union[_DockerCacheOption_58ef18ca, typing.Dict[builtins.str, typing.Any]]]] = None,
     cache_to: typing.Optional[typing.Union[_DockerCacheOption_58ef18ca, typing.Dict[builtins.str, typing.Any]]] = None,
+    display_name: typing.Optional[builtins.str] = None,
     file: typing.Optional[builtins.str] = None,
     invalidation: typing.Optional[typing.Union[_DockerImageAssetInvalidationOptions_4deb8d45, typing.Dict[builtins.str, typing.Any]]] = None,
     network_mode: typing.Optional[_NetworkMode_897e5081] = None,

aws_cdk/aws_codepipeline/__init__.py

@@ -818,13 +818,11 @@ codepipeline.Pipeline(self, "Pipeline",
 
 Conditions are used for specific types of expressions and each has specific options for results available as follows:
 
-```
 Entry - The conditions for making checks that, if met, allow entry to a stage. Rules are engaged with the following result options: Fail or Skip
 
 On Failure - The conditions for making checks for the stage when it fails. Rules are engaged with the following result option: Rollback
 
 On Success - The conditions for making checks for the stage when it succeeds. Rules are engaged with the following result options: Rollback or Fail
-```
 
 Conditions are supported by a set of rules for each type of condition.
 
@@ -894,6 +892,10 @@ codepipeline.Pipeline(self, "Pipeline",
 )
 ```
 
+## Use pipeline service role as default action role in pipeline
+
+You could enable this field to use pipeline service role as default action role in Codepipeline by set `usePipelineServiceRoleForActions` as true if no action role provided.
+
 ## Migrating a pipeline type from V1 to V2
 
 To migrate your pipeline type from V1 to V2, you just need to update the `pipelineType` property to `PipelineType.V2`.
@@ -1540,39 +1542,32 @@ class Artifact(
 
     Example::
 
-        # later:
-        # project: codebuild.PipelineProject
-        lambda_invoke_action = codepipeline_actions.LambdaInvokeAction(
-            action_name="Lambda",
-            lambda_=lambda_.Function(self, "Func",
-                runtime=lambda_.Runtime.NODEJS_LATEST,
-                handler="index.handler",
-                code=lambda_.Code.from_inline("""
-                            const { CodePipeline } = require('@aws-sdk/client-codepipeline');
+        # pipeline: codepipeline.Pipeline
+        
         
-                            exports.handler = async function(event, context) {
-                                const codepipeline = new AWS.CodePipeline();
-                                await codepipeline.putJobSuccessResult({
-                                    jobId: event['CodePipeline.job'].id,
-                                    outputVariables: {
-                                        MY_VAR: "some value",
-                                    },
-                                });
-                            }
-                        """)
-            ),
-            variables_namespace="MyNamespace"
-        )
         source_output = codepipeline.Artifact()
-        codepipeline_actions.CodeBuildAction(
-            action_name="CodeBuild",
-            project=project,
+        source_action = codepipeline_actions.CodeStarConnectionsSourceAction(
+            action_name="CodeStarConnectionsSourceAction",
+            output=source_output,
+            connection_arn="your-connection-arn",
+            owner="your-owner",
+            repo="your-repo"
+        )
+        
+        scan_output = codepipeline.Artifact()
+        scan_action = codepipeline_actions.InspectorSourceCodeScanAction(
+            action_name="InspectorSourceCodeScanAction",
             input=source_output,
-            environment_variables={
-                "MyVar": codebuild.BuildEnvironmentVariable(
-                    value=lambda_invoke_action.variable("MY_VAR")
-                )
-            }
+            output=scan_output
+        )
+        
+        pipeline.add_stage(
+            stage_name="Source",
+            actions=[source_action]
+        )
+        pipeline.add_stage(
+            stage_name="Scan",
+            actions=[scan_action]
         )
     '''
 
@@ -9307,6 +9302,7 @@ class Pipeline(
         role: typing.Optional[_IRole_235f5d8e] = None,
         stages: typing.Optional[typing.Sequence[typing.Union["StageProps", typing.Dict[builtins.str, typing.Any]]]] = None,
         triggers: typing.Optional[typing.Sequence[typing.Union["TriggerProps", typing.Dict[builtins.str, typing.Any]]]] = None,
+        use_pipeline_role_for_actions: typing.Optional[builtins.bool] = None,
         variables: typing.Optional[typing.Sequence["Variable"]] = None,
     ) -> None:
         '''
@@ -9324,6 +9320,7 @@ class Pipeline(
         :param role: The IAM role to be assumed by this Pipeline. Default: a new IAM role will be created.
         :param stages: The list of Stages, in order, to create this Pipeline with. You can always add more Stages later by calling ``Pipeline#addStage``. Default: - None.
         :param triggers: The trigger configuration specifying a type of event, such as Git tags, that starts the pipeline. When a trigger configuration is specified, default change detection for repository and branch commits is disabled. ``triggers`` can only be used when ``pipelineType`` is set to ``PipelineType.V2``. You can always add more triggers later by calling ``Pipeline#addTrigger``. Default: - No triggers
+        :param use_pipeline_role_for_actions: Use pipeline service role for actions if no action role configured. Default: - false
         :param variables: A list that defines the pipeline variables for a pipeline resource. ``variables`` can only be used when ``pipelineType`` is set to ``PipelineType.V2``. You can always add more variables later by calling ``Pipeline#addVariable``. Default: - No variables
         '''
         if __debug__:
@@ -9343,6 +9340,7 @@ class Pipeline(
             role=role,
             stages=stages,
             triggers=triggers,
+            use_pipeline_role_for_actions=use_pipeline_role_for_actions,
             variables=variables,
         )
 
@@ -9970,6 +9968,7 @@ class PipelineNotifyOnOptions(_NotificationRuleOptions_dff73281):
         "role": "role",
         "stages": "stages",
         "triggers": "triggers",
+        "use_pipeline_role_for_actions": "usePipelineRoleForActions",
         "variables": "variables",
     },
 )
@@ -9989,6 +9988,7 @@ class PipelineProps:
         role: typing.Optional[_IRole_235f5d8e] = None,
         stages: typing.Optional[typing.Sequence[typing.Union["StageProps", typing.Dict[builtins.str, typing.Any]]]] = None,
         triggers: typing.Optional[typing.Sequence[typing.Union["TriggerProps", typing.Dict[builtins.str, typing.Any]]]] = None,
+        use_pipeline_role_for_actions: typing.Optional[builtins.bool] = None,
         variables: typing.Optional[typing.Sequence["Variable"]] = None,
     ) -> None:
         '''
@@ -10004,6 +10004,7 @@ class PipelineProps:
         :param role: The IAM role to be assumed by this Pipeline. Default: a new IAM role will be created.
         :param stages: The list of Stages, in order, to create this Pipeline with. You can always add more Stages later by calling ``Pipeline#addStage``. Default: - None.
         :param triggers: The trigger configuration specifying a type of event, such as Git tags, that starts the pipeline. When a trigger configuration is specified, default change detection for repository and branch commits is disabled. ``triggers`` can only be used when ``pipelineType`` is set to ``PipelineType.V2``. You can always add more triggers later by calling ``Pipeline#addTrigger``. Default: - No triggers
+        :param use_pipeline_role_for_actions: Use pipeline service role for actions if no action role configured. Default: - false
         :param variables: A list that defines the pipeline variables for a pipeline resource. ``variables`` can only be used when ``pipelineType`` is set to ``PipelineType.V2``. You can always add more variables later by calling ``Pipeline#addVariable``. Default: - No variables
 
         :exampleMetadata: infused
@@ -10057,6 +10058,7 @@ class PipelineProps:
             check_type(argname="argument role", value=role, expected_type=type_hints["role"])
             check_type(argname="argument stages", value=stages, expected_type=type_hints["stages"])
             check_type(argname="argument triggers", value=triggers, expected_type=type_hints["triggers"])
+            check_type(argname="argument use_pipeline_role_for_actions", value=use_pipeline_role_for_actions, expected_type=type_hints["use_pipeline_role_for_actions"])
             check_type(argname="argument variables", value=variables, expected_type=type_hints["variables"])
         self._values: typing.Dict[builtins.str, typing.Any] = {}
         if artifact_bucket is not None:
@@ -10083,6 +10085,8 @@ class PipelineProps:
             self._values["stages"] = stages
         if triggers is not None:
             self._values["triggers"] = triggers
+        if use_pipeline_role_for_actions is not None:
+            self._values["use_pipeline_role_for_actions"] = use_pipeline_role_for_actions
         if variables is not None:
             self._values["variables"] = variables
 
@@ -10229,6 +10233,15 @@ class PipelineProps:
         result = self._values.get("triggers")
         return typing.cast(typing.Optional[typing.List["TriggerProps"]], result)
 
+    @builtins.property
+    def use_pipeline_role_for_actions(self) -> typing.Optional[builtins.bool]:
+        '''Use pipeline service role for actions if no action role configured.
+
+        :default: - false
+        '''
+        result = self._values.get("use_pipeline_role_for_actions")
+        return typing.cast(typing.Optional[builtins.bool], result)
+
     @builtins.property
     def variables(self) -> typing.Optional[typing.List["Variable"]]:
         '''A list that defines the pipeline variables for a pipeline resource.
@@ -12729,6 +12742,7 @@ def _typecheckingstub__dccc82ea9bcac61a3fb8c34055734a04a1bee7f59ee6675fdade2d8b5
     role: typing.Optional[_IRole_235f5d8e] = None,
     stages: typing.Optional[typing.Sequence[typing.Union[StageProps, typing.Dict[builtins.str, typing.Any]]]] = None,
     triggers: typing.Optional[typing.Sequence[typing.Union[TriggerProps, typing.Dict[builtins.str, typing.Any]]]] = None,
+    use_pipeline_role_for_actions: typing.Optional[builtins.bool] = None,
     variables: typing.Optional[typing.Sequence[Variable]] = None,
 ) -> None:
     """Type checking stubs"""
@@ -12876,6 +12890,7 @@ def _typecheckingstub__22f00fc379808105702c3f59369205afd36025a51e45bcaf5d1cec0a3
     role: typing.Optional[_IRole_235f5d8e] = None,
     stages: typing.Optional[typing.Sequence[typing.Union[StageProps, typing.Dict[builtins.str, typing.Any]]]] = None,
     triggers: typing.Optional[typing.Sequence[typing.Union[TriggerProps, typing.Dict[builtins.str, typing.Any]]]] = None,
+    use_pipeline_role_for_actions: typing.Optional[builtins.bool] = None,
     variables: typing.Optional[typing.Sequence[Variable]] = None,
 ) -> None:
     """Type checking stubs"""