async execute()

in addons/addon-stack-policy/packages/stack-policy/lib/steps/update-cfn-stack-policy.js [58:137]

• 63 lines of code
• 15 McCabe index (conditional complexity)

  async execute() {
    const enableEgressStore = this.settings.getBoolean(settingKeys.enableEgressStore);
    const isEgressStoreEnabled = enableEgressStore;
    const isAppStreamEnabled = this.settings.getBoolean(settingKeys.isAppStreamEnabled);

    if (!isEgressStoreEnabled && !isAppStreamEnabled) {
      this.log.info('AppStream and EgressStore disabled. CFN stack policy does not need updates');
      return;
    }

    // When code reaches here, either AppStream or EgressStore is enabled
    try {
      // fetch the current cloudformation stack policy
      const backendStackName = this.settings.get(settingKeys.backendStackName);
      const existingStackPolicy = await this.cfn.getStackPolicy({ StackName: backendStackName }).promise();
      const existingStackPolicyBody = existingStackPolicy.StackPolicyBody;
      let isEmptyPolicy = _.isEmpty(existingStackPolicyBody);
      let finalPolicyBody = {};

      if (!isEmptyPolicy) {
        finalPolicyBody = JSON.parse(existingStackPolicyBody);
      }

      if (!finalPolicyBody.Statement) {
        finalPolicyBody.Statement = [];
      }

      isEmptyPolicy = isEmptyPolicy || finalPolicyBody.Statement.length === 0;

      if (isEmptyPolicy) {
        finalPolicyBody.Statement.push(baseAllowStatement);
        if (isEgressStoreEnabled) finalPolicyBody.Statement.push(egressStoreStatement);
        if (isAppStreamEnabled) finalPolicyBody.Statement.push(appStreamStatement);

        await this.cfn
          .setStackPolicy({
            StackName: backendStackName,
            StackPolicyBody: JSON.stringify(finalPolicyBody),
          })
          .promise();
      } else {
        // If EgressStore was enabled during this installation round
        // and statement corresponding to EgressStore was not found, add it
        if (
          isEgressStoreEnabled &&
          !_.find(finalPolicyBody.Statement, {
            Resource: 'LogicalResourceId/EgressStore*',
          })
        )
          finalPolicyBody.Statement.push(egressStoreStatement);

        // If AppStream was enabled during this installation round
        // and statement corresponding to AppStream was not found, add it
        if (
          isAppStreamEnabled &&
          !_.find(finalPolicyBody.Statement, {
            Resource: 'LogicalResourceId/AppStream*',
          })
        )
          finalPolicyBody.Statement.push(appStreamStatement);

        // Before making the update call, lets check if this is the same as the existing policy
        if (_.isEqual(finalPolicyBody, JSON.parse(existingStackPolicyBody))) {
          this.log.info('Backend stack policy up to date. No changes needed.');
          return;
        }

        await this.cfn
          .setStackPolicy({
            StackName: backendStackName,
            StackPolicyBody: JSON.stringify(finalPolicyBody),
          })
          .promise();
      }
      this.log.info('Finished updating backend stack policy');
    } catch (error) {
      this.log.info({ error });
      throw new Error('Updating CloudFormation Stacks failed. See the previous log message for more details.');
    }
  }