constructor()

in lib/aws-service-catalog.ts [30:189]


    constructor(scope: core.Construct, id: string, props: CdkCloudFormationProductProps) {
        super(scope, id);
        

        const codeRepo = new codecommit.CfnRepository(this, 'ccRepo', {
           repositoryName:  props.githubRepo,
           repositoryDescription: `Repo for ${props.productName}`,
           code: {
               branchName: 'main',
               s3: {
                   bucket: props.TargetCatalog.EmptyRepoZipAsset.bucket.bucketName,
                   key: props.TargetCatalog.EmptyRepoZipAsset.s3ObjectKey
               }
           } 
            
        });
        
        
        const pipeline = new codepipeline.Pipeline(this, `${props.githubRepo}-pipeline`, {
            pipelineName: `${props.githubRepo}-pipeline`,
        });
        
        const sourceOutput = new codepipeline.Artifact();

        
        pipeline.addStage({
            stageName: 'Source',
            actions: [ new codepipelineactions.CodeCommitSourceAction({
                actionName: 'InitRepo',
                repository: codecommit.Repository.fromRepositoryName(this, 'stagedRepo', props.githubRepo),
                output: sourceOutput,
                branch: 'main',
                codeBuildCloneOutput: true
            })
          ],
        });

        var installCommands = [
             'npm -g install typescript'
            ,'npm install -g aws-cdk'
            ,'git config --global user.email "quickstart@amazon.com"'
            ,'git config --global user.name "Blueprint Pipeline"'
            ,`git pull https://github.com/${props.githubOwner}/${props.githubRepo} --allow-unrelated-histories`
            
        ];
        
        if(props.cdkLanguage == CdkCloudFormationProduct.CdkLanguage.Typescript){
            installCommands.push('npm install')
        }
        if(props.cdkLanguage == CdkCloudFormationProduct.CdkLanguage.Python){
            installCommands.push('pip install -r requirements.txt')
        }
        
        var buildCommands = [
        ];
        
        if(props.cdkLanguage == CdkCloudFormationProduct.CdkLanguage.Typescript){
            buildCommands.push('npm run build')
        }
        if(props.cdkLanguage == CdkCloudFormationProduct.CdkLanguage.Python){
        }
        
        buildCommands.push('cdk deploy --require-approval never')

        
        const codeBuildProjectRole = new iam.Role(this, 'codeBuildProjectRole', {
            assumedBy: new iam.ServicePrincipal('codebuild.amazonaws.com'),    
        
        })


        const cdkMinPolicy = {
            "Version": "2012-10-17",
            "Statement": [
                {
                    "Sid": "resourceWidePermissions",
                    "Effect": "Allow",
                    "Action": [
                        "ec2:DescribeImages",
                        "iam:GetRole",
                        "iam:GetAccountPasswordPolicy",
                        "cloudformation:ListStacks",
                        "cloudformation:DescribeStackEvents",
                        "health:DescribeEventAggregates",
                        "ec2:DescribeAvailabilityZones",
                        "iam:ListAccountAliases",
                        "iam:ListRoles",
                        "ec2:DescribePrefixLists",
                        "cloudformation:DescribeStacks",
                        "iam:GetAccountSummary"
                    ],
                    "Resource": "*"
                } ,               
                {
                    "Sid": "assumeRolePermission",
                    "Effect": "Allow",
                    "Action": [
                        "sts:AssumeRole",
                    ],
                    "Resource": [
                        'arn:aws:iam::*:role/cdk-readOnlyRole',
                        'arn:aws:iam::*:role/cdk-hnb659fds-deploy-role-*',
                        'arn:aws:iam::*:role/cdk-hnb659fds-file-publishing-*'
                    ]
                }
                
            ]
        };
        
        const cdkMinPolicyDocument = iam.PolicyDocument.fromJson(cdkMinPolicy);
        

        const cdkMinManagedPolicy = new iam.ManagedPolicy(this, 'cdkMinPolicy', {
          document: cdkMinPolicyDocument
        });
        
        
        cdkMinManagedPolicy.attachToRole(codeBuildProjectRole);
        
        

        //const codeBuildPipeProject = new codebuild.PipelineProject(this, 'Pipeline');
        const codeBuildPipeProject = new codebuild.PipelineProject(this, 'Pipeline', {
            environment: {
                buildImage: codebuild.LinuxBuildImage.STANDARD_2_0,
            },
            buildSpec: codebuild.BuildSpec.fromObject({
                version: '0.2',
                phases: {
                    install: {
                        commands: installCommands
                    },
                    build: {
                        commands: buildCommands
                    },
                },
            }),
            role: codeBuildProjectRole
        });
        
        
        pipeline.addStage({
            stageName: 'Build',
            actions: [ 
                new codepipelineactions.CodeBuildAction({
                  actionName: 'CodeBuild',
                  project: codeBuildPipeProject,
                  input: sourceOutput,
                  outputs: [new codepipeline.Artifact()], // optional
                  executeBatchBuild: false // optional, defaults to false
                })
            ]
        });
        
        

        
        
        
    }