in hybrid-nodes-cdk/lib/nodeadm-stack.ts [177:233]
createNodeadmBuild(goproxySecretArn: string, eksReleaseManifestHost: string) {
if (this.nodeadmBinaryBucket === undefined) {
throw new Error('`nodeadmBinaryBucket` is not defined');
}
if (this.githubSourceOutput === undefined) {
throw new Error('`githubSourceOutput` is not defined');
}
const codeBuildProject = new codebuild.PipelineProject(this, 'nodeadm-build', {
projectName: 'nodeadm-build',
buildSpec: codebuild.BuildSpec.fromSourceFilename('buildspecs/build-nodeadm.yml'),
environmentVariables: {
GOPROXY: {
type: codebuild.BuildEnvironmentVariableType.SECRETS_MANAGER,
value: `${goproxySecretArn}:endpoint`,
},
ARTIFACTS_BUCKET: {
type: codebuild.BuildEnvironmentVariableType.PLAINTEXT,
value: this.nodeadmBinaryBucket.bucketName,
},
MANIFEST_HOST: {
type: codebuild.BuildEnvironmentVariableType.PLAINTEXT,
value: eksReleaseManifestHost,
},
},
environment: {
buildImage: codebuild.LinuxBuildImage.fromDockerRegistry(constants.builderBaseImage),
computeType: codebuild.ComputeType.LARGE,
},
});
codeBuildProject.role!.addToPrincipalPolicy(
new iam.PolicyStatement({
effect: iam.Effect.ALLOW,
actions: ['s3:PutObject*', 's3:ListBucket'],
resources: [this.nodeadmBinaryBucket.bucketArn, `${this.nodeadmBinaryBucket.bucketArn}/*`],
}),
);
this.nodeadmVersionVariable = new codepipeline.Variable({
variableName: 'nodeadmVersion',
description: 'semantic version for nodeadm',
defaultValue: 'v1.0.4-dev',
});
this.nodeadmBuildOutput = new codepipeline.Artifact();
this.nodeadmBuildAction = new codepipeline_actions.CodeBuildAction({
actionName: 'Build',
input: this.githubSourceOutput,
outputs: [this.nodeadmBuildOutput],
project: codeBuildProject,
environmentVariables: {
GIT_VERSION: {
value: '#{variables.nodeadmVersion}',
},
},
});
}