public constructor()

in packages/pipeline/src/pdk-pipeline.ts [311:481]

• 153 lines of code
• 27 McCabe index (conditional complexity)

  public constructor(
    scope: Construct,
    id: string,
    props: BasePDKPipelineProps
  ) {
    super(scope, id);

    this.node.setContext(
      "@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy",
      true
    );

    let source: CodePipelineSource;

    const branch =
      process.env.BRANCH || props.defaultBranchName || DEFAULT_BRANCH_NAME;

    if (props.useCodeCommit) {
      let codeRepository: IRepository;
      const repositoryName = props.repositoryName || "";
      if (
        BasePDKPipeline.isDefaultBranch({
          node: this.node,
          defaultBranchName: props.defaultBranchName,
        })
      ) {
        // In the default branch, create a CodeCommit repository
        codeRepository = new Repository(this, "CodeRepository", {
          repositoryName,
        });
        codeRepository.applyRemovalPolicy(
          props.codeCommitRemovalPolicy ?? RemovalPolicy.RETAIN
        );
      } else {
        // In a non-default branch, use an existing CodeCommit repository
        codeRepository = Repository.fromRepositoryName(
          scope,
          "CodeRepository",
          repositoryName
        );
      }

      source = CodePipelineSource.codeCommit(codeRepository, branch);

      this.codeRepository = codeRepository;
    } else {
      const repositoryOwnerAndName = props.repositoryOwnerAndName || "";
      const codeConnectionArn = props.codeConnectionArn || "";
      source = CodePipelineSource.connection(
        repositoryOwnerAndName,
        props.defaultBranchName || DEFAULT_BRANCH_NAME,
        {
          connectionArn: codeConnectionArn,
        }
      );
    }

    const accessLogsBucket = new Bucket(this, "AccessLogsBucket", {
      versioned: false,
      enforceSSL: true,
      autoDeleteObjects: true,
      removalPolicy: RemovalPolicy.DESTROY,
      encryption: BucketEncryption.S3_MANAGED,
      objectOwnership: ObjectOwnership.OBJECT_WRITER,
      publicReadAccess: false,
      blockPublicAccess: BlockPublicAccess.BLOCK_ALL,
    });

    const artifactBucket = new Bucket(this, "ArtifactsBucket", {
      enforceSSL: true,
      autoDeleteObjects: true,
      removalPolicy: RemovalPolicy.DESTROY,
      encryption: props.crossAccountKeys
        ? BucketEncryption.KMS
        : BucketEncryption.S3_MANAGED,
      encryptionKey: props.crossAccountKeys
        ? new Key(this, "ArtifactKey", {
            enableKeyRotation: true,
            removalPolicy: RemovalPolicy.DESTROY,
          })
        : undefined,
      objectOwnership: ObjectOwnership.BUCKET_OWNER_ENFORCED,
      publicReadAccess: false,
      blockPublicAccess: BlockPublicAccess.BLOCK_ALL,
      serverAccessLogsPrefix: "access-logs",
      serverAccessLogsBucket: accessLogsBucket,
    });

    const codePipeline = new Pipeline(this, "CodePipeline", {
      enableKeyRotation: props.crossAccountKeys,
      restartExecutionOnUpdate: true,
      crossAccountKeys: props.crossAccountKeys,
      artifactBucket,
      pipelineType: PipelineType.V1,
    });

    const {
      input,
      primaryOutputDirectory,
      commands,
      ...synthShellStepPartialProps
    } = props.synthShellStepPartialProps || {};

    const synthShellStep = new ShellStep("Synth", {
      input: source,
      env:
        props.branchNamePrefixes && props.branchNamePrefixes.length > 0
          ? {
              BRANCH: branch,
            }
          : undefined,
      installCommands: ["npm install -g aws-cdk pnpm", "npx projen install"],
      commands:
        commands && commands.length > 0 ? commands : ["npx projen build"],
      primaryOutputDirectory: props.primarySynthDirectory,
      ...(synthShellStepPartialProps || {}),
    });

    synthShellStep.addOutputDirectory(".");

    const codePipelineProps: CodePipelineProps = {
      codePipeline,
      ...props,
      crossAccountKeys: undefined,
      synth: synthShellStep,
    };

    this.codePipeline = new CodePipeline(this, id, codePipelineProps);
    this.sonarCodeScannerConfig = props.sonarCodeScannerConfig
      ? {
          cdkOutDir: props.primarySynthDirectory,
          ...props.sonarCodeScannerConfig,
        }
      : undefined;
    this.branchNamePrefixes = props.branchNamePrefixes;
    this.defaultBranchName = props.defaultBranchName;
    this.repositoryName =
      (props.useCodeCommit
        ? props.repositoryName
        : props.repositoryOwnerAndName) || "";

    if (this.codeRepository && props.branchNamePrefixes) {
      if (
        PDKPipeline.isDefaultBranch({
          node: this.node,
          defaultBranchName: props.defaultBranchName,
        })
      ) {
        new FeatureBranches(this, "FeatureBranchPipelines", {
          codeRepository: this.codeRepository,
          cdkSrcDir:
            props.cdkSrcDir || path.dirname(props.primarySynthDirectory),
          synthShellStepPartialProps: props.synthShellStepPartialProps,
          cdkCommand: props.cdkCommand,
          branchNamePrefixes: props.branchNamePrefixes,
          defaultBranchName: props.defaultBranchName || DEFAULT_BRANCH_NAME,
          codeBuildDefaults: props.codeBuildDefaults,
          dockerEnabledForSynth: props.dockerEnabledForSynth,
        });
      } else {
        Tags.of(Stack.of(this)).add("FeatureBranch", branch);
        Tags.of(Stack.of(this)).add("RepoName", this.repositoryName);
      }
    }

    if (props.useCodeCommit && this.codeRepository) {
      new CfnOutput(this, "CodeRepositoryGRCUrl", {
        value: this.codeRepository.repositoryCloneUrlGrc,
      });
    }
  }