in cdk-stacks/lib/pipeline/cdk-pipeline-stack.ts [17:114]
constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
super(scope, id, props);
const outputHierarchy = `${configParams.hierarchy}outputParameters`;
const ssmParams = loadSSMParams(this);
/**
*** STEP 1: CREATE A CODECOMMIT REPO _OR_ IMPORT FROM AN EXISTING ONE ***
**/
let repository: codecommit.IRepository;
if (ssmParams.cdkPipelineCreateNewRepository) {
repository = new codecommit.Repository(this, `${configParams['CdkAppName']}-Repository`, {
repositoryName: fixDummyValueString(ssmParams.cdkPipelineRepositoryName)
});
// *** CREATE AN IAM USER WITH CREDENTIALS TO THE CODECOMMIT REPO ***
const repositoryUser = new iam.User(this, `${configParams['CdkAppName']}-RepositoryUser`, {
userName: `codecommit-user-${ssmParams.cdkPipelineRepositoryName}`
});
repositoryUser.addToPolicy(
new iam.PolicyStatement({
effect: iam.Effect.ALLOW,
resources: [repository.repositoryArn],
actions: ["codecommit:GitPull", "codecommit:GitPush"],
})
);
// *** STORE OUTPUTS FROM IAM FOR SETTING UP REPOSITORY MIRRORING ***
const repositoryUsername = new ssm.StringParameter(this, 'RepositoryUsername', {
parameterName: `${outputHierarchy}/RepositoryUsername`,
stringValue: repositoryUser.userName,
description: `The username created to access the CodeCommit repo. The username & password of this user should be used for repository mirroring.`
});
const repositoryUserURL = new ssm.StringParameter(this, 'RepositoryUserURL', {
parameterName: `${outputHierarchy}/RepositoryUserURL`,
stringValue: `https://console.aws.amazon.com/iam/home?region=${this.region}#/users/${repositoryUser.userName}?section=security_credentials`,
description: `URL of the page where you should create the HTTPS Git credentials for AWS CodeCommit. The username & password should then be used for repository mirroring.`
});
const repositoryURL = new ssm.StringParameter(this, 'RepositoryURL', {
parameterName: `${outputHierarchy}/RepositoryURL`,
stringValue: `https://${repositoryUser.userName}-at-${this.account}@git-codecommit.${this.region}.amazonaws.com/v1/repos/${repository.repositoryName}`,
description: `Use this URL for your repository mirroring`
});
}
else {
// *** IMPORT A REPOSITORY ***
// This imports an existing CodeCommit repository (if you have created it already)
repository = codecommit.Repository.fromRepositoryName(this, `${configParams['CdkAppName']}-Repository`, fixDummyValueString(ssmParams.cdkPipelineRepositoryName));
}
/**
*** STEP 2: SET UP A CDK PIPELINE ***
**/
const cdkPipeline = new pipelines.CodePipeline(this, `${configParams['CdkAppName']}-Pipeline`, {
pipelineName: `${configParams['CdkAppName']}-Pipeline`,
synth: new pipelines.CodeBuildStep('Synth', {
input: pipelines.CodePipelineSource.codeCommit(repository, ssmParams.cdkPipelineRepositoryBranchName),
installCommands: [
"npm install -g npm@8",
"cd cdk-stacks",
"npm run install:all"
],
commands: [
"npm run build:frontend",
"npm run cdk:remove:context",
"npx cdk synth"
],
primaryOutputDirectory: "cdk-stacks/cdk.out",
rolePolicyStatements: [
new iam.PolicyStatement({
actions: ["ssm:GetParameter"],
resources: [`arn:aws:ssm:${this.region}:${this.account}:parameter${configParams.hierarchy}*`]
}),
new iam.PolicyStatement({
actions: ["ec2:DescribeAvailabilityZones"],
resources: ["*"]
})
]
})
});
/* *** DEFINE APPLICATION STAGES **** */
cdkPipeline.addStage(new CdkPipelineStage(this, fixDummyValueString(`${configParams['CdkAppName']}-${ssmParams.cdkPipelineStageName}`), {
env: {
account: process.env.CDK_DEFAULT_ACCOUNT,
region: process.env.CDK_DEFAULT_REGION
},
deployRecordingStack: ssmParams.deployRecordingStack
}));
}