in infra/src/custom_constructs/ci_pipeline_construct.py [0:0]
def __init__(self, scope: core.Construct, id: str, repo_type: str, buildspec: str, build_image: str) -> None:
super().__init__(scope, id,
restart_execution_on_update=True)
# Source
repo_factory_locator = RepoFactoryLocator()
repo_action = repo_factory_locator.get(repo_type, self)
self.add_stage(stage_name="Source", actions=[repo_action])
# Build Test
build_test_actions, _ = GenericStageCodeBuild().get_stage_actions(scope, "BuildTest",
repo_action.action_properties.outputs,
buildspec_file=buildspec,
build_image=build_image)
self.add_stage(stage_name="BuildTest", actions=build_test_actions)
# Publish artifacts
outputs = []
for build_action in build_test_actions:
outputs.extend(build_action.action_properties.outputs)
publish_action = aws_codepipeline_actions.S3DeployAction(bucket=self.artifact_bucket,
object_key="BuildArtifacts",
action_name="PublishArtifacts", input=outputs[0],
extract=True
)
self.add_stage(stage_name="PublishArtifacts", actions=[publish_action])
# Add decrypt permissions
self.artifact_bucket.encryption_key.add_to_resource_policy(
PolicyStatement(principals=[AccountPrincipal(Stack.of(self).account)],
actions=["kms:Decrypt"]
, resources=["*"]
)
)