in supplemental/initial-commit/initial-commit.py [0:0]
def handler(event, context):
print("log -- Event: %s " % json.dumps(event))
codecommit = boto3.client('codecommit')
#sechub = boto3.client('securityhub')
# Variables
repo = event['ResourceProperties']['Repo']
repoConfig = event['ResourceProperties']['RepoConfig']
masterbranch = 'master'
devbranch = 'development'
# Enable Security Hub
#try:
# sechub.enable_security_hub()
# print('Enabled Security Hub')
#except ClientError as e:
# print('Security Hub is already enabled')
if event['RequestType'] == 'Create':
print("log -- Create Event ")
try:
# Read in files for Dockerfile Analysis
buildspecPath = os.environ['LAMBDA_TASK_ROOT'] + "/buildspec_dockerfile.yml"
buildspec = open(buildspecPath).read()
hadolintConfigPath = os.environ['LAMBDA_TASK_ROOT'] + "/hadolint.yml"
hadolintConfig = open(hadolintConfigPath).read()
# Read in files for Secrets Analysis
buildspecPathSecrets = os.environ['LAMBDA_TASK_ROOT'] + "/buildspec_secrets.yml"
buildspecSecrets = open(buildspecPathSecrets).read()
secretsConfigPath = os.environ['LAMBDA_TASK_ROOT'] + "/secrets_config.json"
secretsConfig = open(secretsConfigPath).read()
# Read in files for Push Stage
buildspecPathPush = os.environ['LAMBDA_TASK_ROOT'] + "/buildspec_push.yml"
buildspecPush = open(buildspecPathPush).read()
# Read in file for Python app
DockerfilePath = os.environ['LAMBDA_TASK_ROOT'] + "/Dockerfile"
Dockerfile = open(DockerfilePath).read()
AppPath = os.environ['LAMBDA_TASK_ROOT'] + "/index.py"
App = open(AppPath).read()
ReqPath = os.environ['LAMBDA_TASK_ROOT'] + "/requirements.txt"
Req = open(ReqPath).read()
# Add Dockerfile buildspec file to configs repo
commit = codecommit.put_file(
repositoryName=repoConfig,
branchName=masterbranch,
fileContent=buildspec,
filePath='buildspec_dockerfile.yml',
commitMessage='Initial Commit',
name='Your Lambda Helper'
)
commit2 = codecommit.put_file(
repositoryName=repoConfig,
branchName=masterbranch,
parentCommitId=commit['commitId'],
fileContent=hadolintConfig,
filePath='hadolint.yml',
commitMessage='Added Hadolint Configuration',
name='Your Lambda Helper'
)
commit3 = codecommit.put_file(
repositoryName=repoConfig,
branchName=masterbranch,
parentCommitId=commit2['commitId'],
fileContent=buildspecSecrets,
filePath='buildspec_secrets.yml',
commitMessage='Added Secrets BuildSpec file',
name='Your Lambda Helper'
)
commit4 = codecommit.put_file(
repositoryName=repoConfig,
branchName=masterbranch,
parentCommitId=commit3['commitId'],
fileContent=secretsConfig,
filePath='secrets_config.json',
commitMessage='Added Secrets Configuration file',
name='Your Lambda Helper'
)
codecommit.put_file(
repositoryName=repoConfig,
branchName=masterbranch,
parentCommitId=commit4['commitId'],
fileContent=buildspecPush,
filePath='buildspec_push.yml',
commitMessage='Added Push BuildSpec file',
name='Your Lambda Helper'
)
# Add Dockerfile to application repo
commit2 = codecommit.put_file(
repositoryName=repo,
branchName=devbranch,
fileContent=Dockerfile,
filePath='Dockerfile',
commitMessage='Initial Commit',
name='Your Lambda Helper'
)
commit2a = codecommit.put_file(
repositoryName=repo,
branchName=devbranch,
parentCommitId=commit2['commitId'],
fileContent=App,
filePath='/app/index.py',
commitMessage='Added Python App file',
name='Your Lambda Helper'
)
codecommit.put_file(
repositoryName=repo,
branchName=devbranch,
parentCommitId=commit2a['commitId'],
fileContent=Req,
filePath='requirements.txt',
commitMessage='Added requirements file',
name='Your Lambda Helper'
)
codecommit.create_branch(
repositoryName=repo,
branchName=masterbranch,
commitId=commit2['commitId']
)
codecommit.update_default_branch(
repositoryName=repo,
defaultBranchName=devbranch
)
response = sendResponse(event, context, "SUCCESS", { "Message": "Initial commits - Success" })
except ClientError as e:
print(e)
response = sendResponse(event, context, "SUCCESS", { "Message": "Initial commits - Error" })
elif event['RequestType'] == 'Update':
print("log -- Update Event")
try:
response = sendResponse(event, context, "SUCCESS", { "Message": "Initial commits - Success" })
except ClientError as e:
print(e)
response = sendResponse(event, context, "SUCCESS", { "Message": "Initial commits - Error" })
elif event['RequestType'] == 'Delete':
print("log -- Delete Event")
response = sendResponse(event, context, "SUCCESS", { "Message": "Deletion successful!" })
else:
print("log -- FAILED")
response = sendResponse(event, context, "FAILED", { "Message": "Unexpected event received from CloudFormation" })
return response