The highest tagged major version is
README
¶
CDK Pipelines
A construct library for painless Continuous Delivery of CDK applications.
CDK Pipelines is an opinionated construct library. It is purpose-built to deploy one or more copies of your CDK applications using CloudFormation with a minimal amount of effort on your part. It is not intended to support arbitrary deployment pipelines, and very specifically it is not built to use CodeDeploy to applications to instances, or deploy your custom-built ECR images to an ECS cluster directly: use CDK file assets with CloudFormation Init for instances, or CDK container assets for ECS clusters instead.
Give the CDK Pipelines way of doing things a shot first: you might find it does
everything you need. If you want or need more control, we recommend you drop
down to using the aws-codepipeline construct library directly.
This module contains two sets of APIs: an original and a modern version of CDK Pipelines. The modern API has been updated to be easier to work with and customize, and will be the preferred API going forward. The original version of the API is still available for backwards compatibility, but we recommend migrating to the new version if possible.
Compared to the original API, the modern API: has more sensible defaults; is more flexible; supports parallel deployments; supports multiple synth inputs; allows more control of CodeBuild project generation; supports deployment engines other than CodePipeline.
The README for the original API, as well as a migration guide, can be found in our GitHub repository.
At a glance
Deploying your application continuously starts by defining a
MyApplicationStage, a subclass of Stage that contains the stacks that make
up a single copy of your application.
You then define a Pipeline, instantiate as many instances of
MyApplicationStage as you want for your test and production environments, with
different parameters for each, and calling pipeline.addStage() for each of
them. You can deploy to the same account and Region, or to a different one,
with the same amount of code. The CDK Pipelines library takes care of the
details.
CDK Pipelines supports multiple deployment engines (see
Using a different deployment engine),
and comes with a deployment engine that deploys CDK apps using AWS CodePipeline.
To use the CodePipeline engine, define a CodePipeline construct. The following
example creates a CodePipeline that deploys an application from GitHub:
/** The stacks for our app are minimally defined here. The internals of these
* stacks aren't important, except that DatabaseStack exposes an attribute
* "table" for a database table it defines, and ComputeStack accepts a reference
* to this table in its properties.
*/
type databaseStack struct {
stack
table table
}
func newDatabaseStack(scope construct, id *string) *databaseStack {
this := &databaseStack{}
newStack_Override(this, scope, id)
this.table = dynamodb.NewTable(this, jsii.String("Table"), &tableProps{
partitionKey: &attribute{
name: jsii.String("id"),
type: dynamodb.attributeType_STRING,
},
})
return this
}
type computeProps struct {
table *table
}
type computeStack struct {
stack
}
func newComputeStack(scope construct, id *string, props computeProps) *computeStack {
this := &computeStack{}
newStack_Override(this, scope, id)
return this
}
/**
* Stack to hold the pipeline
*/
type myPipelineStack struct {
stack
}
func newMyPipelineStack(scope construct, id *string, props stackProps) *myPipelineStack {
this := &myPipelineStack{}
newStack_Override(this, scope, id, props)
pipeline := pipelines.NewCodePipeline(this, jsii.String("Pipeline"), &codePipelineProps{
synth: pipelines.NewShellStep(jsii.String("Synth"), &shellStepProps{
// Use a connection created using the AWS console to authenticate to GitHub
// Other sources are available.
input: pipelines.codePipelineSource.connection(jsii.String("my-org/my-app"), jsii.String("main"), &connectionSourceOptions{
connectionArn: jsii.String("arn:aws:codestar-connections:us-east-1:222222222222:connection/7d2469ff-514a-4e4f-9003-5ca4a43cdc41"),
}),
commands: []*string{
jsii.String("npm ci"),
jsii.String("npm run build"),
jsii.String("npx cdk synth"),
},
}),
})
// 'MyApplication' is defined below. Call `addStage` as many times as
// necessary with any account and region (may be different from the
// pipeline's).
pipeline.addStage(NewMyApplication(this, jsii.String("Prod"), &stageProps{
env: &environment{
account: jsii.String("123456789012"),
region: jsii.String("eu-west-1"),
},
}))
return this
}
/**
* Your application
*
* May consist of one or more Stacks (here, two)
*
* By declaring our DatabaseStack and our ComputeStack inside a Stage,
* we make sure they are deployed together, or not at all.
*/
type myApplication struct {
stage
}
func newMyApplication(scope construct, id *string, props stageProps) *myApplication {
this := &myApplication{}
newStage_Override(this, scope, id, props)
dbStack := NewDatabaseStack(this, jsii.String("Database"))
NewComputeStack(this, jsii.String("Compute"), &computeProps{
table: dbStack.table,
})
return this
}
// In your main file
// In your main file
NewMyPipelineStack(this, jsii.String("PipelineStack"), &stackProps{
env: &environment{
account: jsii.String("123456789012"),
region: jsii.String("eu-west-1"),
},
})
The pipeline is self-mutating, which means that if you add new
application stages in the source code, or new stacks to MyApplication, the
pipeline will automatically reconfigure itself to deploy those new stages and
stacks.
(Note that you have to bootstrap all environments before the above code will work, and switch on "Modern synthesis" if you are using CDKv1. See the section CDK Environment Bootstrapping below for more information).
Provisioning the pipeline
To provision the pipeline you have defined, make sure the target environment
has been bootstrapped (see below), and then execute deploying the
PipelineStack once. Afterwards, the pipeline will keep itself up-to-date.
Important: be sure to
git commitandgit pushbefore deploying the Pipeline stack usingcdk deploy!The reason is that the pipeline will start deploying and self-mutating right away based on the sources in the repository, so the sources it finds in there should be the ones you want it to find.
Run the following commands to get the pipeline going:
$ git commit -a
$ git push
$ cdk deploy PipelineStack
Administrative permissions to the account are only necessary up until this point. We recommend you remove access to these credentials after doing this.
Working on the pipeline
The self-mutation feature of the Pipeline might at times get in the way
of the pipeline development workflow. Each change to the pipeline must be pushed
to git, otherwise, after the pipeline was updated using cdk deploy, it will
automatically revert to the state found in git.
To make the development more convenient, the self-mutation feature can be turned
off temporarily, by passing selfMutation: false property, example:
// Modern API
modernPipeline := pipelines.NewCodePipeline(this, jsii.String("Pipeline"), &codePipelineProps{
selfMutation: jsii.Boolean(false),
synth: pipelines.NewShellStep(jsii.String("Synth"), &shellStepProps{
input: pipelines.codePipelineSource.connection(jsii.String("my-org/my-app"), jsii.String("main"), &connectionSourceOptions{
connectionArn: jsii.String("arn:aws:codestar-connections:us-east-1:222222222222:connection/7d2469ff-514a-4e4f-9003-5ca4a43cdc41"),
}),
commands: []*string{
jsii.String("npm ci"),
jsii.String("npm run build"),
jsii.String("npx cdk synth"),
},
}),
})
// Original API
cloudAssemblyArtifact := codepipeline.NewArtifact()
originalPipeline := pipelines.NewCdkPipeline(this, jsii.String("Pipeline"), &cdkPipelineProps{
selfMutating: jsii.Boolean(false),
cloudAssemblyArtifact: cloudAssemblyArtifact,
})
Definining the pipeline
This section of the documentation describes the AWS CodePipeline engine, which comes with this library. If you want to use a different deployment engine, read the section Using a different deployment enginebelow.
Synth and sources
To define a pipeline, instantiate a CodePipeline construct from the
@aws-cdk/pipelines module. It takes one argument, a synth step, which is
expected to produce the CDK Cloud Assembly as its single output (the contents of
the cdk.out directory after running cdk synth). "Steps" are arbitrary
actions in the pipeline, typically used to run scripts or commands.
For the synth, use a ShellStep and specify the commands necessary to install
dependencies, the CDK CLI, build your project and run cdk synth; the specific
commands required will depend on the programming language you are using. For a
typical NPM-based project, the synth will look like this:
var source iFileSetProducer
// the repository source
pipeline := pipelines.NewCodePipeline(this, jsii.String("Pipeline"), &codePipelineProps{
synth: pipelines.NewShellStep(jsii.String("Synth"), &shellStepProps{
input: source,
commands: []*string{
jsii.String("npm ci"),
jsii.String("npm run build"),
jsii.String("npx cdk synth"),
},
}),
})
The pipeline assumes that your ShellStep will produce a cdk.out
directory in the root, containing the CDK cloud assembly. If your
CDK project lives in a subdirectory, be sure to adjust the
primaryOutputDirectory to match:
var source iFileSetProducer
// the repository source
pipeline := pipelines.NewCodePipeline(this, jsii.String("Pipeline"), &codePipelineProps{
synth: pipelines.NewShellStep(jsii.String("Synth"), &shellStepProps{
input: source,
commands: []*string{
jsii.String("cd mysubdir"),
jsii.String("npm ci"),
jsii.String("npm run build"),
jsii.String("npx cdk synth"),
},
primaryOutputDirectory: jsii.String("mysubdir/cdk.out"),
}),
})
The underlying @aws-cdk/aws-codepipeline.Pipeline construct will be produced
when app.synth() is called. You can also force it to be produced
earlier by calling pipeline.buildPipeline(). After you've called
that method, you can inspect the constructs that were produced by
accessing the properties of the pipeline object.
Commands for other languages and package managers
The commands you pass to new ShellStep will be very similar to the commands
you run on your own workstation to install dependencies and synth your CDK
project. Here are some (non-exhaustive) examples for what those commands might
look like in a number of different situations.
For Yarn, the install commands are different:
var source iFileSetProducer
// the repository source
pipeline := pipelines.NewCodePipeline(this, jsii.String("Pipeline"), &codePipelineProps{
synth: pipelines.NewShellStep(jsii.String("Synth"), &shellStepProps{
input: source,
commands: []*string{
jsii.String("yarn install --frozen-lockfile"),
jsii.String("yarn build"),
jsii.String("npx cdk synth"),
},
}),
})
For Python projects, remember to install the CDK CLI globally (as
there is no package.json to automatically install it for you):
var source iFileSetProducer
// the repository source
pipeline := pipelines.NewCodePipeline(this, jsii.String("Pipeline"), &codePipelineProps{
synth: pipelines.NewShellStep(jsii.String("Synth"), &shellStepProps{
input: source,
commands: []*string{
jsii.String("pip install -r requirements.txt"),
jsii.String("npm install -g aws-cdk"),
jsii.String("cdk synth"),
},
}),
})
For Java projects, remember to install the CDK CLI globally (as
there is no package.json to automatically install it for you),
and the Maven compilation step is automatically executed for you
as you run cdk synth:
var source iFileSetProducer
// the repository source
pipeline := pipelines.NewCodePipeline(this, jsii.String("Pipeline"), &codePipelineProps{
synth: pipelines.NewShellStep(jsii.String("Synth"), &shellStepProps{
input: source,
commands: []*string{
jsii.String("npm install -g aws-cdk"),
jsii.String("cdk synth"),
},
}),
})
You can adapt these examples to your own situation.
Migrating from buildspec.yml files
You may currently have the build instructions for your CodeBuild Projects in a
buildspec.yml file in your source repository. In addition to your build
commands, the CodeBuild Project's buildspec also controls some information that
CDK Pipelines manages for you, like artifact identifiers, input artifact
locations, Docker authorization, and exported variables.
Since there is no way in general for CDK Pipelines to modify the file in your
resource repository, CDK Pipelines configures the BuildSpec directly on the
CodeBuild Project, instead of loading it from the buildspec.yml file.
This requires a pipeline self-mutation to update.
To avoid this, put your build instructions in a separate script, for example
build.sh, and call that script from the build commands array:
var source iFileSetProducer
pipeline := pipelines.NewCodePipeline(this, jsii.String("Pipeline"), &codePipelineProps{
synth: pipelines.NewShellStep(jsii.String("Synth"), &shellStepProps{
input: source,
commands: []*string{
jsii.String("./build.sh"),
},
}),
})
Doing so keeps your exact build instructions in sync with your source code in the source repository where it belongs, and provides a convenient build script for developers at the same time.
CodePipeline Sources
In CodePipeline, Sources define where the source of your application lives.
When a change to the source is detected, the pipeline will start executing.
Source objects can be created by factory methods on the CodePipelineSource class:
GitHub, GitHub Enterprise, BitBucket using a connection
The recommended way of connecting to GitHub or BitBucket is by using a connection. You will first use the AWS Console to authenticate to the source control provider, and then use the connection ARN in your pipeline definition:
pipelines.codePipelineSource.connection(jsii.String("org/repo"), jsii.String("branch"), &connectionSourceOptions{
connectionArn: jsii.String("arn:aws:codestar-connections:us-east-1:222222222222:connection/7d2469ff-514a-4e4f-9003-5ca4a43cdc41"),
})
GitHub using OAuth
You can also authenticate to GitHub using a personal access token. This expects that you've created a personal access token and stored it in Secrets Manager. By default, the source object will look for a secret named github-token, but you can change the name. The token should have the repo and admin:repo_hook scopes.
pipelines.codePipelineSource.gitHub(jsii.String("org/repo"), jsii.String("branch"), &gitHubSourceOptions{
// This is optional
authentication: cdk.secretValue.secretsManager(jsii.String("my-token")),
})
CodeCommit
You can use a CodeCommit repository as the source. Either create or import
that the CodeCommit repository and then use CodePipelineSource.codeCommit
to reference it:
repository := codecommit.repository.fromRepositoryName(this, jsii.String("Repository"), jsii.String("my-repository"))
pipelines.codePipelineSource.codeCommit(repository, jsii.String("main"))
S3
You can use a zip file in S3 as the source of the pipeline. The pipeline will be triggered every time the file in S3 is changed:
bucket := s3.bucket.fromBucketName(this, jsii.String("Bucket"), jsii.String("my-bucket"))
pipelines.codePipelineSource.s3(bucket, jsii.String("my/source.zip"))
ECR
You can use a Docker image in ECR as the source of the pipeline. The pipeline will be triggered every time an image is pushed to ECR:
repository := ecr.NewRepository(this, jsii.String("Repository"))
pipelines.codePipelineSource.ecr(repository)
Additional inputs
ShellStep allows passing in more than one input: additional
inputs will be placed in the directories you specify. Any step that produces an
output file set can be used as an input, such as a CodePipelineSource, but
also other ShellStep:
prebuild := pipelines.NewShellStep(jsii.String("Prebuild"), &shellStepProps{
input: pipelines.codePipelineSource.gitHub(jsii.String("myorg/repo1"), jsii.String("main")),
primaryOutputDirectory: jsii.String("./build"),
commands: []*string{
jsii.String("./build.sh"),
},
})
pipeline := pipelines.NewCodePipeline(this, jsii.String("Pipeline"), &codePipelineProps{
synth: pipelines.NewShellStep(jsii.String("Synth"), &shellStepProps{
input: pipelines.*codePipelineSource.gitHub(jsii.String("myorg/repo2"), jsii.String("main")),
additionalInputs: map[string]iFileSetProducer{
"subdir": pipelines.*codePipelineSource.gitHub(jsii.String("myorg/repo3"), jsii.String("main")),
"../siblingdir": prebuild,
},
commands: []*string{
jsii.String("./build.sh"),
},
}),
})
CDK application deployments
After you have defined the pipeline and the synth step, you can add one or
more CDK Stages which will be deployed to their target environments. To do
so, call pipeline.addStage() on the Stage object:
var pipeline codePipeline
// Do this as many times as necessary with any account and region
// Account and region may different from the pipeline's.
pipeline.addStage(NewMyApplicationStage(this, jsii.String("Prod"), &stageProps{
env: &environment{
account: jsii.String("123456789012"),
region: jsii.String("eu-west-1"),
},
}))
CDK Pipelines will automatically discover all Stacks in the given Stage
object, determine their dependency order, and add appropriate actions to the
pipeline to publish the assets referenced in those stacks and deploy the stacks
in the right order.
If the Stacks are targeted at an environment in a different AWS account or
Region and that environment has been
bootstrapped
, CDK Pipelines will transparently make sure the IAM roles are set up
correctly and any requisite replication Buckets are created.
Deploying in parallel
By default, all applications added to CDK Pipelines by calling addStage() will
be deployed in sequence, one after the other. If you have a lot of stages, you can
speed up the pipeline by choosing to deploy some stages in parallel. You do this
by calling addWave() instead of addStage(): a wave is a set of stages that
are all deployed in parallel instead of sequentially. Waves themselves are still
deployed in sequence. For example, the following will deploy two copies of your
application to eu-west-1 and eu-central-1 in parallel:
var pipeline codePipeline
europeWave := pipeline.addWave(jsii.String("Europe"))
europeWave.addStage(NewMyApplicationStage(this, jsii.String("Ireland"), &stageProps{
env: &environment{
region: jsii.String("eu-west-1"),
},
}))
europeWave.addStage(NewMyApplicationStage(this, jsii.String("Germany"), &stageProps{
env: &environment{
region: jsii.String("eu-central-1"),
},
}))
Deploying to other accounts / encrypting the Artifact Bucket
CDK Pipelines can transparently deploy to other Regions and other accounts
(provided those target environments have been
bootstrapped).
However, deploying to another account requires one additional piece of
configuration: you need to enable crossAccountKeys: true when creating the
pipeline.
This will encrypt the artifact bucket(s), but incurs a cost for maintaining the KMS key.
Example:
pipeline := pipelines.NewCodePipeline(this, jsii.String("Pipeline"), &codePipelineProps{
// Encrypt artifacts, required for cross-account deployments
crossAccountKeys: jsii.Boolean(true),
synth: pipelines.NewShellStep(jsii.String("Synth"), &shellStepProps{
input: pipelines.codePipelineSource.connection(jsii.String("my-org/my-app"), jsii.String("main"), &connectionSourceOptions{
connectionArn: jsii.String("arn:aws:codestar-connections:us-east-1:222222222222:connection/7d2469ff-514a-4e4f-9003-5ca4a43cdc41"),
}),
commands: []*string{
jsii.String("npm ci"),
jsii.String("npm run build"),
jsii.String("npx cdk synth"),
},
}),
})
Validation
Every addStage() and addWave() command takes additional options. As part of these options,
you can specify pre and post steps, which are arbitrary steps that run before or after
the contents of the stage or wave, respectively. You can use these to add validations like
manual or automated gates to your pipeline. We recommend putting manual approval gates in the set of pre steps, and automated approval gates in
the set of post steps.
The following example shows both an automated approval in the form of a ShellStep, and
a manual approval in the form of a ManualApprovalStep added to the pipeline. Both must
pass in order to promote from the PreProd to the Prod environment:
var pipeline codePipeline
preprod := NewMyApplicationStage(this, jsii.String("PreProd"))
prod := NewMyApplicationStage(this, jsii.String("Prod"))
pipeline.addStage(preprod, &addStageOpts{
post: []step{
pipelines.NewShellStep(jsii.String("Validate Endpoint"), &shellStepProps{
commands: []*string{
jsii.String("curl -Ssf https://my.webservice.com/"),
},
}),
},
})
pipeline.addStage(prod, &addStageOpts{
pre: []*step{
pipelines.NewManualApprovalStep(jsii.String("PromoteToProd")),
},
})
You can also specify steps to be executed at the stack level. To achieve this, you can specify the stack and step via the stackSteps property:
var pipeline codePipeline
type myStacksStage struct {
stage
stack1 *stack
stack2 *stack
}
func newMyStacksStage(scope construct, id *string, props stageProps) *myStacksStage {
this := &myStacksStage{}
newStage_Override(this, scope, id, props)
this.stack1 = awscdk.Newstack(this, jsii.String("stack1"))
this.stack2 = awscdk.Newstack(this, jsii.String("stack2"))
return this
}
prod := NewMyStacksStage(this, jsii.String("Prod"))
pipeline.addStage(prod, &addStageOpts{
stackSteps: []stackSteps{
&stackSteps{
stack: prod.stack1,
pre: []step{
pipelines.NewManualApprovalStep(jsii.String("Pre-Stack Check")),
},
// Executed before stack is prepared
changeSet: []*step{
pipelines.NewManualApprovalStep(jsii.String("ChangeSet Approval")),
},
// Executed after stack is prepared but before the stack is deployed
post: []*step{
pipelines.NewManualApprovalStep(jsii.String("Post-Deploy Check")),
},
},
&stackSteps{
stack: prod.stack2,
post: []*step{
pipelines.NewManualApprovalStep(jsii.String("Post-Deploy Check")),
},
},
},
})
If you specify multiple steps, they will execute in parallel by default. You can add dependencies between them
to if you wish to specify an order. To add a dependency, call step.addStepDependency():
firstStep := pipelines.NewManualApprovalStep(jsii.String("A"))
secondStep := pipelines.NewManualApprovalStep(jsii.String("B"))
secondStep.addStepDependency(firstStep)
For convenience, Step.sequence() will take an array of steps and dependencies between adjacent steps,
so that the whole list executes in order:
// Step A will depend on step B and step B will depend on step C
orderedSteps := pipelines.step.sequence([]step{
pipelines.NewManualApprovalStep(jsii.String("A")),
pipelines.NewManualApprovalStep(jsii.String("B")),
pipelines.NewManualApprovalStep(jsii.String("C")),
})
Using CloudFormation Stack Outputs in approvals
Because many CloudFormation deployments result in the generation of resources with unpredictable names, validations have support for reading back CloudFormation Outputs after a deployment. This makes it possible to pass (for example) the generated URL of a load balancer to the test set.
To use Stack Outputs, expose the CfnOutput object you're interested in, and
pass it to envFromCfnOutputs of the ShellStep:
var pipeline codePipeline
type myOutputStage struct {
stage
loadBalancerAddress cfnOutput
}
func newMyOutputStage(scope construct, id *string, props stageProps) *myOutputStage {
this := &myOutputStage{}
newStage_Override(this, scope, id, props)
this.loadBalancerAddress = awscdk.NewCfnOutput(this, jsii.String("Output"), &cfnOutputProps{
value: jsii.String("value"),
})
return this
}
lbApp := NewMyOutputStage(this, jsii.String("MyApp"))
pipeline.addStage(lbApp, &addStageOpts{
post: []step{
pipelines.NewShellStep(jsii.String("HitEndpoint"), &shellStepProps{
envFromCfnOutputs: map[string]*cfnOutput{
// Make the load balancer address available as $URL inside the commands
"URL": lbApp.loadBalancerAddress,
},
commands: []*string{
jsii.String("curl -Ssf $URL"),
},
}),
},
})
Running scripts compiled during the synth step
As part of a validation, you probably want to run a test suite that's more
elaborate than what can be expressed in a couple of lines of shell script.
You can bring additional files into the shell script validation by supplying
the input or additionalInputs property of ShellStep. The input can
be produced by the Synth step, or come from a source or any other build
step.
Here's an example that captures an additional output directory in the synth step and runs tests from there:
var synth shellStep
stage := NewMyApplicationStage(this, jsii.String("MyApplication"))
pipeline := pipelines.NewCodePipeline(this, jsii.String("Pipeline"), &codePipelineProps{
synth: synth,
})
pipeline.addStage(stage, &addStageOpts{
post: []step{
pipelines.NewShellStep(jsii.String("Approve"), &shellStepProps{
// Use the contents of the 'integ' directory from the synth step as the input
input: synth.addOutputDirectory(jsii.String("integ")),
commands: []*string{
jsii.String("cd integ && ./run.sh"),
},
}),
},
})
Customizing CodeBuild Projects
CDK pipelines will generate CodeBuild projects for each ShellStep you use, and it
will also generate CodeBuild projects to publish assets and perform the self-mutation
of the pipeline. To control the various aspects of the CodeBuild projects that get
generated, use a CodeBuildStep instead of a ShellStep. This class has a number
of properties that allow you to customize various aspects of the projects:
var vpc vpc
var mySecurityGroup securityGroup
pipelines.NewCodeBuildStep(jsii.String("Synth"), &codeBuildStepProps{
// ...standard ShellStep props...
commands: []*string{
},
env: map[string]interface{}{
},
// If you are using a CodeBuildStep explicitly, set the 'cdk.out' directory
// to be the synth step's output.
primaryOutputDirectory: jsii.String("cdk.out"),
// Control the name of the project
projectName: jsii.String("MyProject"),
// Control parts of the BuildSpec other than the regular 'build' and 'install' commands
partialBuildSpec: codebuild.buildSpec.fromObject(map[string]interface{}{
"version": jsii.String("0.2"),
}),
// Control the build environment
buildEnvironment: &buildEnvironment{
computeType: codebuild.computeType_LARGE,
},
timeout: awscdk.Duration.minutes(jsii.Number(90)),
// Control Elastic Network Interface creation
vpc: vpc,
subnetSelection: &subnetSelection{
subnetType: ec2.subnetType_PRIVATE_WITH_NAT,
},
securityGroups: []iSecurityGroup{
mySecurityGroup,
},
// Additional policy statements for the execution role
rolePolicyStatements: []policyStatement{
iam.NewPolicyStatement(&policyStatementProps{
}),
},
})
You can also configure defaults for all CodeBuild projects by passing codeBuildDefaults,
or just for the synth, asset publishing, and self-mutation projects by passing synthCodeBuildDefaults,
assetPublishingCodeBuildDefaults, or selfMutationCodeBuildDefaults:
var vpc vpc
var mySecurityGroup securityGroup
pipelines.NewCodePipeline(this, jsii.String("Pipeline"), &codePipelineProps{
// Standard CodePipeline properties
synth: pipelines.NewShellStep(jsii.String("Synth"), &shellStepProps{
input: pipelines.codePipelineSource.connection(jsii.String("my-org/my-app"), jsii.String("main"), &connectionSourceOptions{
connectionArn: jsii.String("arn:aws:codestar-connections:us-east-1:222222222222:connection/7d2469ff-514a-4e4f-9003-5ca4a43cdc41"),
}),
commands: []*string{
jsii.String("npm ci"),
jsii.String("npm run build"),
jsii.String("npx cdk synth"),
},
}),
// Defaults for all CodeBuild projects
codeBuildDefaults: &codeBuildOptions{
// Prepend commands and configuration to all projects
partialBuildSpec: codebuild.buildSpec.fromObject(map[string]interface{}{
"version": jsii.String("0.2"),
}),
// Control the build environment
buildEnvironment: &buildEnvironment{
computeType: codebuild.computeType_LARGE,
},
// Control Elastic Network Interface creation
vpc: vpc,
subnetSelection: &subnetSelection{
subnetType: ec2.subnetType_PRIVATE_WITH_NAT,
},
securityGroups: []iSecurityGroup{
mySecurityGroup,
},
// Additional policy statements for the execution role
rolePolicy: []policyStatement{
iam.NewPolicyStatement(&policyStatementProps{
}),
},
},
synthCodeBuildDefaults: &codeBuildOptions{
},
assetPublishingCodeBuildDefaults: &codeBuildOptions{
},
selfMutationCodeBuildDefaults: &codeBuildOptions{
},
})
Arbitrary CodePipeline actions
If you want to add a type of CodePipeline action to the CDK Pipeline that
doesn't have a matching class yet, you can define your own step class that extends
Step and implements ICodePipelineActionFactory.
Here's an example that adds a Jenkins step:
type myJenkinsStep struct {
step
}
func newMyJenkinsStep(provider jenkinsProvider, input fileSet) *myJenkinsStep {
this := &myJenkinsStep{}
pipelines.NewStep_Override(this, jsii.String("MyJenkinsStep"))
// This is necessary if your step accepts parametres, like environment variables,
// that may contain outputs from other steps. It doesn't matter what the
// structure is, as long as it contains the values that may contain outputs.
this.discoverReferencedOutputs(map[string]map[string]interface{}{
"env": map[string]interface{}{
},
})
return this
}
func (this *myJenkinsStep) produceAction(stage iStage, options produceActionOptions) codePipelineActionFactoryResult {
// This is where you control what type of Action gets added to the
// CodePipeline
*stage.addAction(cpactions.NewJenkinsAction(&jenkinsActionProps{
// Copy 'actionName' and 'runOrder' from the options
actionName: options.actionName,
runOrder: options.runOrder,
// Jenkins-specific configuration
type: cpactions.jenkinsActionType_TEST,
jenkinsProvider: this.provider,
projectName: jsii.String("MyJenkinsProject"),
// Translate the FileSet into a codepipeline.Artifact
inputs: []artifact{
options.artifacts.toCodePipeline(this.input),
},
}))
return &codePipelineActionFactoryResult{
runOrdersConsumed: jsii.Number(1),
}
}
Using Docker in the pipeline
Docker can be used in 3 different places in the pipeline:
- If you are using Docker image assets in your application stages: Docker will run in the asset publishing projects.
- If you are using Docker image assets in your stack (for example as images for your CodeBuild projects): Docker will run in the self-mutate project.
- If you are using Docker to bundle file assets anywhere in your project (for
example, if you are using such construct libraries as
@aws-cdk/aws-lambda-nodejs): Docker will run in the synth project.
For the first case, you don't need to do anything special. For the other two cases, you need to make sure that privileged mode is enabled on the correct CodeBuild projects, so that Docker can run correctly. The follow sections describe how to do that.
You may also need to authenticate to Docker registries to avoid being throttled. See the section Authenticating to Docker registries below for information on how to do that.
Using Docker image assets in the pipeline
If your PipelineStack is using Docker image assets (as opposed to the application
stacks the pipeline is deploying), for example by the use of LinuxBuildImage.fromAsset(),
you need to pass dockerEnabledForSelfMutation: true to the pipeline. For example:
pipeline := pipelines.NewCodePipeline(this, jsii.String("Pipeline"), &codePipelineProps{
synth: pipelines.NewShellStep(jsii.String("Synth"), &shellStepProps{
input: pipelines.codePipelineSource.connection(jsii.String("my-org/my-app"), jsii.String("main"), &connectionSourceOptions{
connectionArn: jsii.String("arn:aws:codestar-connections:us-east-1:222222222222:connection/7d2469ff-514a-4e4f-9003-5ca4a43cdc41"),
}),
commands: []*string{
jsii.String("npm ci"),
jsii.String("npm run build"),
jsii.String("npx cdk synth"),
},
}),
// Turn this on because the pipeline uses Docker image assets
dockerEnabledForSelfMutation: jsii.Boolean(true),
})
pipeline.addWave(jsii.String("MyWave"), &waveOptions{
post: []step{
pipelines.NewCodeBuildStep(jsii.String("RunApproval"), &codeBuildStepProps{
commands: []*string{
jsii.String("command-from-image"),
},
buildEnvironment: &buildEnvironment{
// The user of a Docker image asset in the pipeline requires turning on
// 'dockerEnabledForSelfMutation'.
buildImage: codebuild.linuxBuildImage.fromAsset(this, jsii.String("Image"), &dockerImageAssetProps{
directory: jsii.String("./docker-image"),
}),
},
}),
},
})
Important: You must turn on the
dockerEnabledForSelfMutationflag, commit and allow the pipeline to self-update before adding the actual Docker asset.
Using bundled file assets
If you are using asset bundling anywhere (such as automatically done for you
if you add a construct like @aws-cdk/aws-lambda-nodejs), you need to pass
dockerEnabledForSynth: true to the pipeline. For example:
pipeline := pipelines.NewCodePipeline(this, jsii.String("Pipeline"), &codePipelineProps{
synth: pipelines.NewShellStep(jsii.String("Synth"), &shellStepProps{
input: pipelines.codePipelineSource.connection(jsii.String("my-org/my-app"), jsii.String("main"), &connectionSourceOptions{
connectionArn: jsii.String("arn:aws:codestar-connections:us-east-1:222222222222:connection/7d2469ff-514a-4e4f-9003-5ca4a43cdc41"),
}),
commands: []*string{
jsii.String("npm ci"),
jsii.String("npm run build"),
jsii.String("npx cdk synth"),
},
}),
// Turn this on because the application uses bundled file assets
dockerEnabledForSynth: jsii.Boolean(true),
})
Important: You must turn on the
dockerEnabledForSynthflag, commit and allow the pipeline to self-update before adding the actual Docker asset.
Authenticating to Docker registries
You can specify credentials to use for authenticating to Docker registries as part of the pipeline definition. This can be useful if any Docker image assets — in the pipeline or any of the application stages — require authentication, either due to being in a different environment (e.g., ECR repo) or to avoid throttling (e.g., DockerHub).
dockerHubSecret := secretsmanager.secret.fromSecretCompleteArn(this, jsii.String("DHSecret"), jsii.String("arn:aws:..."))
customRegSecret := secretsmanager.secret.fromSecretCompleteArn(this, jsii.String("CRSecret"), jsii.String("arn:aws:..."))
repo1 := ecr.repository.fromRepositoryArn(this, jsii.String("Repo"), jsii.String("arn:aws:ecr:eu-west-1:0123456789012:repository/Repo1"))
repo2 := ecr.repository.fromRepositoryArn(this, jsii.String("Repo"), jsii.String("arn:aws:ecr:eu-west-1:0123456789012:repository/Repo2"))
pipeline := pipelines.NewCodePipeline(this, jsii.String("Pipeline"), &codePipelineProps{
dockerCredentials: []dockerCredential{
pipelines.*dockerCredential.dockerHub(dockerHubSecret),
pipelines.*dockerCredential.customRegistry(jsii.String("dockerregistry.example.com"), customRegSecret),
pipelines.*dockerCredential.ecr([]iRepository{
repo1,
repo2,
}),
},
synth: pipelines.NewShellStep(jsii.String("Synth"), &shellStepProps{
input: pipelines.codePipelineSource.connection(jsii.String("my-org/my-app"), jsii.String("main"), &connectionSourceOptions{
connectionArn: jsii.String("arn:aws:codestar-connections:us-east-1:222222222222:connection/7d2469ff-514a-4e4f-9003-5ca4a43cdc41"),
}),
commands: []*string{
jsii.String("npm ci"),
jsii.String("npm run build"),
jsii.String("npx cdk synth"),
},
}),
})
For authenticating to Docker registries that require a username and password combination
(like DockerHub), create a Secrets Manager Secret with fields named username
and secret, and import it (the field names change be customized).
Authentication to ECR repostories is done using the execution role of the relevant CodeBuild job. Both types of credentials can be provided with an optional role to assume before requesting the credentials.
By default, the Docker credentials provided to the pipeline will be available to
the Synth, Self-Update, and Asset Publishing actions within the
*pipeline. The scope of the credentials can be limited via the DockerCredentialUsage option.
dockerHubSecret := secretsmanager.secret.fromSecretCompleteArn(this, jsii.String("DHSecret"), jsii.String("arn:aws:..."))
// Only the image asset publishing actions will be granted read access to the secret.
creds := pipelines.dockerCredential.dockerHub(dockerHubSecret, &externalDockerCredentialOptions{
usages: []dockerCredentialUsage{
pipelines.*dockerCredentialUsage_ASSET_PUBLISHING,
},
})
CDK Environment Bootstrapping
An environment is an (account, region) pair where you want to deploy a CDK stack (see Environments in the CDK Developer Guide). In a Continuous Deployment pipeline, there are at least two environments involved: the environment where the pipeline is provisioned, and the environment where you want to deploy the application (or different stages of the application). These can be the same, though best practices recommend you isolate your different application stages from each other in different AWS accounts or regions.
Before you can provision the pipeline, you have to bootstrap the environment you want to create it in. If you are deploying your application to different environments, you also have to bootstrap those and be sure to add a trust relationship.
After you have bootstrapped an environment and created a pipeline that deploys to it, it's important that you don't delete the stack or change its Qualifier, or future deployments to this environment will fail. If you want to upgrade the bootstrap stack to a newer version, do that by updating it in-place.
This library requires the modern bootstrapping stack which has been updated specifically to support cross-account continuous delivery.
If you are using CDKv2, you do not need to do anything else. Modern bootstrapping and modern stack synthesis (also known as "default stack synthesis") is the default.
If you are using CDKv1, you need to opt in to modern bootstrapping and modern stack synthesis using a feature flag. Make sure
cdk.jsonincludes:{ "context": { "@aws-cdk/core:newStyleStackSynthesis": true } }And be sure to run
cdk bootstrapin the same directory as thecdk.jsonfile.
To bootstrap an environment for provisioning the pipeline:
$ npx cdk bootstrap \
[--profile admin-profile-1] \
--cloudformation-execution-policies arn:aws:iam::aws:policy/AdministratorAccess \
aws://111111111111/us-east-1
To bootstrap a different environment for deploying CDK applications into using
a pipeline in account 111111111111:
$ npx cdk bootstrap \
[--profile admin-profile-2] \
--cloudformation-execution-policies arn:aws:iam::aws:policy/AdministratorAccess \
--trust 11111111111 \
aws://222222222222/us-east-2
If you only want to trust an account to do lookups (e.g, when your CDK application has a
Vpc.fromLookup() call), use the option --trust-for-lookup:
$ npx cdk bootstrap \
[--profile admin-profile-2] \
--cloudformation-execution-policies arn:aws:iam::aws:policy/AdministratorAccess \
--trust-for-lookup 11111111111 \
aws://222222222222/us-east-2
These command lines explained:
npx: means to use the CDK CLI from the current NPM install. If you are using a global install of the CDK CLI, leave this out.--profile: should indicate a profile with administrator privileges that has permissions to provision a pipeline in the indicated account. You can leave this flag out if either the AWS default credentials or theAWS_*environment variables confer these permissions.--cloudformation-execution-policies: ARN of the managed policy that future CDK deployments should execute with. By default this isAdministratorAccess, but if you also specify the--trustflag to give another Account permissions to deploy into the current account, you must specify a value here.--trust: indicates which other account(s) should have permissions to deploy CDK applications into this account. In this case we indicate the Pipeline's account, but you could also use this for developer accounts (don't do that for production application accounts though!).--trust-for-lookup: gives a more limited set of permissions to the trusted account, only allowing it to look up values such as availability zones, EC2 images and VPCs.--trust-for-lookupdoes not give permissions to modify anything in the account. Note that--trustimplies--trust-for-lookup, so you don't need to specify the same acocunt twice.aws://222222222222/us-east-2: the account and region we're bootstrapping.
Be aware that anyone who has access to the trusted Accounts effectively has all permissions conferred by the configured CloudFormation execution policies, allowing them to do things like read arbitrary S3 buckets and create arbitrary infrastructure in the bootstrapped account. Restrict the list of
--trusted Accounts, or restrict the policies configured by--cloudformation-execution-policies.
Security tip: we recommend that you use administrative credentials to an account only to bootstrap it and provision the initial pipeline. Otherwise, access to administrative credentials should be dropped as soon as possible.
On the use of AdministratorAccess: The use of the
AdministratorAccesspolicy ensures that your pipeline can deploy every type of AWS resource to your account. Make sure you trust all the code and dependencies that make up your CDK app. Check with the appropriate department within your organization to decide on the proper policy to use.If your policy includes permissions to create on attach permission to a role, developers can escalate their privilege with more permissive permission. Thus, we recommend implementing permissions boundary in the CDK Execution role. To do this, you can bootstrap with the
--templateoption with a customized template that contains a permission boundary.
Migrating from old bootstrap stack
The bootstrap stack is a CloudFormation stack in your account named CDKToolkit that provisions a set of resources required for the CDK to deploy into that environment.
The "new" bootstrap stack (obtained by running cdk bootstrap with
CDK_NEW_BOOTSTRAP=1) is slightly more elaborate than the "old" stack. It
contains:
- An S3 bucket and ECR repository with predictable names, so that we can reference assets in these storage locations without the use of CloudFormation template parameters.
- A set of roles with permissions to access these asset locations and to execute
CloudFormation, assumable from whatever accounts you specify under
--trust.
It is possible and safe to migrate from the old bootstrap stack to the new bootstrap stack. This will create a new S3 file asset bucket in your account and orphan the old bucket. You should manually delete the orphaned bucket after you are sure you have redeployed all CDK applications and there are no more references to the old asset bucket.
Context Lookups
You might be using CDK constructs that need to look up runtime
context,
which is information from the target AWS Account and Region the CDK needs to
synthesize CloudFormation templates appropriate for that environment. Examples
of this kind of context lookups are the number of Availability Zones available
to you, a Route53 Hosted Zone ID, or the ID of an AMI in a given region. This
information is automatically looked up when you run cdk synth.
By default, a cdk synth performed in a pipeline will not have permissions
to perform these lookups, and the lookups will fail. This is by design.
Our recommended way of using lookups is by running cdk synth on the
developer workstation and checking in the cdk.context.json file, which
contains the results of the context lookups. This will make sure your
synthesized infrastructure is consistent and repeatable. If you do not commit
cdk.context.json, the results of the lookups may suddenly be different in
unexpected ways, and even produce results that cannot be deployed or will cause
data loss. To give an account permissions to perform lookups against an
environment, without being able to deploy to it and make changes, run
cdk bootstrap --trust-for-lookup=<account>.
If you want to use lookups directly from the pipeline, you either need to accept
the risk of nondeterminism, or make sure you save and load the
cdk.context.json file somewhere between synth runs. Finally, you should
give the synth CodeBuild execution role permissions to assume the bootstrapped
lookup roles. As an example, doing so would look like this:
pipelines.NewCodePipeline(this, jsii.String("Pipeline"), &codePipelineProps{
synth: pipelines.NewCodeBuildStep(jsii.String("Synth"), &codeBuildStepProps{
input: pipelines.codePipelineSource.connection(jsii.String("my-org/my-app"), jsii.String("main"), &connectionSourceOptions{
connectionArn: jsii.String("arn:aws:codestar-connections:us-east-1:222222222222:connection/7d2469ff-514a-4e4f-9003-5ca4a43cdc41"),
}),
commands: []*string{
jsii.String("..."),
jsii.String("npm ci"),
jsii.String("npm run build"),
jsii.String("npx cdk synth"),
jsii.String("..."),
},
rolePolicyStatements: []policyStatement{
iam.NewPolicyStatement(&policyStatementProps{
actions: []*string{
jsii.String("sts:AssumeRole"),
},
resources: []*string{
jsii.String("*"),
},
conditions: map[string]interface{}{
"StringEquals": map[string]*string{
"iam:ResourceTag/aws-cdk:bootstrap-role": jsii.String("lookup"),
},
},
}),
},
}),
})
The above example requires that the target environments have all
been bootstrapped with bootstrap stack version 8, released with
CDK CLI 1.114.0.
Security Considerations
It's important to stay safe while employing Continuous Delivery. The CDK Pipelines library comes with secure defaults to the best of our ability, but by its very nature the library cannot take care of everything.
We therefore expect you to mind the following:
- Maintain dependency hygiene and vet 3rd-party software you use. Any software you run on your build machine has the ability to change the infrastructure that gets deployed. Be careful with the software you depend on.
- Use dependency locking to prevent accidental upgrades! The default
CdkSynthsthat come with CDK Pipelines will expectpackage-lock.jsonandyarn.lockto ensure your dependencies are the ones you expect. - Credentials to production environments should be short-lived. After bootstrapping and the initial pipeline provisioning, there is no more need for developers to have access to any of the account credentials; all further changes can be deployed through git. Avoid the chances of credentials leaking by not having them in the first place!
Confirm permissions broadening
To keep tabs on the security impact of changes going out through your pipeline, you can insert a security check before any stage deployment. This security check will check if the upcoming deployment would add any new IAM permissions or security group rules, and if so pause the pipeline and require you to confirm the changes.
The security check will appear as two distinct actions in your pipeline: first
a CodeBuild project that runs cdk diff on the stage that's about to be deployed,
followed by a Manual Approval action that pauses the pipeline. If it so happens
that there no new IAM permissions or security group rules will be added by the deployment,
the manual approval step is automatically satisfied. The pipeline will look like this:
Pipeline
├── ...
├── MyApplicationStage
│ ├── MyApplicationSecurityCheck // Security Diff Action
│ ├── MyApplicationManualApproval // Manual Approval Action
│ ├── Stack.Prepare
│ └── Stack.Deploy
└── ...
You can insert the security check by using a ConfirmPermissionsBroadening step:
var pipeline codePipeline
stage := NewMyApplicationStage(this, jsii.String("MyApplication"))
pipeline.addStage(stage, &addStageOpts{
pre: []step{
pipelines.NewConfirmPermissionsBroadening(jsii.String("Check"), &permissionsBroadeningCheckProps{
stage: stage,
}),
},
})
To get notified when there is a change that needs your manual approval,
create an SNS Topic, subscribe your own email address, and pass it in as
as the notificationTopic property:
var pipeline codePipeline
topic := sns.NewTopic(this, jsii.String("SecurityChangesTopic"))
topic.addSubscription(subscriptions.NewEmailSubscription(jsii.String("test@email.com")))
stage := NewMyApplicationStage(this, jsii.String("MyApplication"))
pipeline.addStage(stage, &addStageOpts{
pre: []step{
pipelines.NewConfirmPermissionsBroadening(jsii.String("Check"), &permissionsBroadeningCheckProps{
stage: stage,
notificationTopic: topic,
}),
},
})
Note: Manual Approvals notifications only apply when an application has security check enabled.
Using a different deployment engine
CDK Pipelines supports multiple deployment engines, but this module vends a construct for only one such engine: AWS CodePipeline. It is also possible to use CDK Pipelines to build pipelines backed by other deployment engines.
Here is a list of CDK Libraries that integrate CDK Pipelines with alternative deployment engines:
- GitHub Workflows:
cdk-pipelines-github
Troubleshooting
Here are some common errors you may encounter while using this library.
Pipeline: Internal Failure
If you see the following error during deployment of your pipeline:
CREATE_FAILED | AWS::CodePipeline::Pipeline | Pipeline/Pipeline
Internal Failure
There's something wrong with your GitHub access token. It might be missing, or not have the right permissions to access the repository you're trying to access.
Key: Policy contains a statement with one or more invalid principals
If you see the following error during deployment of your pipeline:
CREATE_FAILED | AWS::KMS::Key | Pipeline/Pipeline/ArtifactsBucketEncryptionKey
Policy contains a statement with one or more invalid principals.
One of the target (account, region) environments has not been bootstrapped with the new bootstrap stack. Check your target environments and make sure they are all bootstrapped.
Message: no matching base directory path found for cdk.out
If you see this error during the Synth step, it means that CodeBuild
is expecting to find a cdk.out directory in the root of your CodeBuild project,
but the directory wasn't there. There are two common causes for this:
cdk synthis not being executed:cdk synthused to be run implicitly for you, but you now have to explicitly include the command. For NPM-based projects, addnpx cdk synthto the end of thecommandsproperty, for other languages addnpm install -g aws-cdkandcdk synth.- Your CDK project lives in a subdirectory: you added a
cd <somedirectory>command to the list of commands; don't forget to tell theScriptStepabout the different location ofcdk.out, by passingprimaryOutputDirectory: '<somedirectory>/cdk.out'.
is in ROLLBACK_COMPLETE state and can not be updated
If you see the following error during execution of your pipeline:
Stack ... is in ROLLBACK_COMPLETE state and can not be updated. (Service:
AmazonCloudFormation; Status Code: 400; Error Code: ValidationError; Request
ID: ...)
The stack failed its previous deployment, and is in a non-retryable state. Go into the CloudFormation console, delete the stack, and retry the deployment.
Cannot find module 'xxxx' or its corresponding type declarations
You may see this if you are using TypeScript or other NPM-based languages,
when using NPM 7 on your workstation (where you generate package-lock.json)
and NPM 6 on the CodeBuild image used for synthesizing.
It looks like NPM 7 has started writing less information to package-lock.json,
leading NPM 6 reading that same file to not install all required packages anymore.
Make sure you are using the same NPM version everywhere, either downgrade your workstation's version or upgrade the CodeBuild version.
Cannot find module '.../check-node-version.js' (MODULE_NOT_FOUND)
The above error may be produced by npx when executing the CDK CLI, or any
project that uses the AWS SDK for JavaScript, without the target application
having been installed yet. For example, it can be triggered by npx cdk synth
if aws-cdk is not in your package.json.
Work around this by either installing the target application using NPM before
running npx, or set the environment variable NPM_CONFIG_UNSAFE_PERM=true.
Cannot connect to the Docker daemon at unix:///var/run/docker.sock
If, in the 'Synth' action (inside the 'Build' stage) of your pipeline, you get an error like this:
stderr: docker: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?.
See 'docker run --help'.
It means that the AWS CodeBuild project for 'Synth' is not configured to run in privileged mode,
which prevents Docker builds from happening. This typically happens if you use a CDK construct
that bundles asset using tools run via Docker, like aws-lambda-nodejs, aws-lambda-python,
aws-lambda-go and others.
Make sure you set the privileged environment variable to true in the synth definition:
sourceArtifact := codepipeline.NewArtifact()
cloudAssemblyArtifact := codepipeline.NewArtifact()
pipeline := pipelines.NewCdkPipeline(this, jsii.String("MyPipeline"), &cdkPipelineProps{
cloudAssemblyArtifact: cloudAssemblyArtifact,
synthAction: pipelines.simpleSynthAction.standardNpmSynth(&standardNpmSynthOptions{
sourceArtifact: sourceArtifact,
cloudAssemblyArtifact: cloudAssemblyArtifact,
environment: &buildEnvironment{
privileged: jsii.Boolean(true),
},
}),
})
After turning on privilegedMode: true, you will need to do a one-time manual cdk deploy of your
pipeline to get it going again (as with a broken 'synth' the pipeline will not be able to self
update to the right state).
S3 error: Access Denied
An "S3 Access Denied" error can have two causes:
- Asset hashes have changed, but self-mutation has been disabled in the pipeline.
- You have deleted and recreated the bootstrap stack, or changed its qualifier.
Self-mutation step has been removed
Some constructs, such as EKS clusters, generate nested stacks. When CloudFormation tries to deploy those stacks, it may fail with this error:
S3 error: Access Denied For more information check http://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html
This happens because the pipeline is not self-mutating and, as a consequence, the FileAssetX
build projects get out-of-sync with the generated templates. To fix this, make sure the
selfMutating property is set to true:
cloudAssemblyArtifact := codepipeline.NewArtifact()
pipeline := pipelines.NewCdkPipeline(this, jsii.String("MyPipeline"), &cdkPipelineProps{
selfMutating: jsii.Boolean(true),
cloudAssemblyArtifact: cloudAssemblyArtifact,
})
Bootstrap roles have been renamed or recreated
While attempting to deploy an application stage, the "Prepare" or "Deploy" stage may fail with a cryptic error like:
Action execution failed Access Denied (Service: Amazon S3; Status Code: 403; Error Code: AccessDenied; Request ID: 0123456ABCDEFGH; S3 Extended Request ID: 3hWcrVkhFGxfiMb/rTJO0Bk7Qn95x5ll4gyHiFsX6Pmk/NT+uX9+Z1moEcfkL7H3cjH7sWZfeD0=; Proxy: null)
This generally indicates that the roles necessary to deploy have been deleted (or deleted and re-created);
for example, if the bootstrap stack has been deleted and re-created, this scenario will happen. Under the hood,
the resources that rely on these roles (e.g., cdk-$qualifier-deploy-role-$account-$region) point to different
canonical IDs than the recreated versions of these roles, which causes the errors. There are no simple solutions
to this issue, and for that reason we strongly recommend that bootstrap stacks not be deleted and re-created
once created.
The most automated way to solve the issue is to introduce a secondary bootstrap stack. By changing the qualifier that the pipeline stack looks for, a change will be detected and the impacted policies and resources will be updated. A hypothetical recovery workflow would look something like this:
- First, for all impacted environments, create a secondary bootstrap stack:
$ env CDK_NEW_BOOTSTRAP=1 npx cdk bootstrap \
--qualifier random1234 \
--toolkit-stack-name CDKToolkitTemp \
aws://111111111111/us-east-1
- Update all impacted stacks in the pipeline to use this new qualifier. See https://docs.aws.amazon.com/cdk/latest/guide/bootstrapping.html for more info.
awscdk.Newstack(this, jsii.String("MyStack"), &stackProps{
// Update this qualifier to match the one used above.
synthesizer: cdk.NewDefaultStackSynthesizer(&defaultStackSynthesizerProps{
qualifier: jsii.String("randchars1234"),
}),
})
-
Deploy the updated stacks. This will update the stacks to use the roles created in the new bootstrap stack.
-
(Optional) Restore back to the original state:
- Revert the change made in step #2 above
- Re-deploy the pipeline to use the original qualifier.
- Delete the temporary bootstrap stack(s)
Manual Alternative
Alternatively, the errors can be resolved by finding each impacted resource and policy, and correcting the policies
by replacing the canonical IDs (e.g., AROAYBRETNYCYV6ZF2R93) with the appropriate ARNs. As an example, the KMS
encryption key policy for the artifacts bucket may have a statement that looks like the following:
{
"Effect" : "Allow",
"Principal" : {
// "AWS" : "AROAYBRETNYCYV6ZF2R93" // Indicates this issue; replace this value
"AWS": "arn:aws:iam::0123456789012:role/cdk-hnb659fds-deploy-role-0123456789012-eu-west-1", // Correct value
},
"Action" : [ "kms:Decrypt", "kms:DescribeKey" ],
"Resource" : "*"
}
Any resource or policy that references the qualifier (hnb659fds by default) will need to be updated.
This CDK CLI is not compatible with the CDK library used by your application
The CDK CLI version used in your pipeline is too old to read the Cloud Assembly produced by your CDK app.
Most likely this happens in the SelfMutate action, you are passing the cliVersion
parameter to control the version of the CDK CLI, and you just updated the CDK
framework version that your application uses. You either forgot to change the
cliVersion parameter, or changed the cliVersion in the same commit in which
you changed the framework version. Because a change to the pipeline settings needs
a successful run of the SelfMutate step to be applied, the next iteration of the
SelfMutate step still executes with the old CLI version, and that old CLI version
is not able to read the cloud assembly produced by the new framework version.
Solution: change the cliVersion first, commit, push and deploy, and only then
change the framework version.
We recommend you avoid specifying the cliVersion parameter at all. By default
the pipeline will use the latest CLI version, which will support all cloud assembly
versions.
Known Issues
There are some usability issues that are caused by underlying technology, and cannot be remedied by CDK at this point. They are reproduced here for completeness.
- Console links to other accounts will not work: the AWS CodePipeline console will assume all links are relative to the current account. You will not be able to use the pipeline console to click through to a CloudFormation stack in a different account.
- If a change set failed to apply the pipeline must restarted: if a change set failed to apply, it cannot be retried. The pipeline must be restarted from the top by clicking Release Change.
- A stack that failed to create must be deleted manually: if a stack failed to create on the first attempt, you must delete it using the CloudFormation console before starting the pipeline again by clicking Release Change.
Documentation
¶
Index ¶
- func CdkPipeline_IsConstruct(x interface{}) *bool
- func CdkStage_IsConstruct(x interface{}) *bool
- func CodeBuildStep_Sequence(steps *[]Step) *[]Step
- func CodePipelineSource_Sequence(steps *[]Step) *[]Step
- func CodePipeline_IsConstruct(x interface{}) *bool
- func ConfirmPermissionsBroadening_Sequence(steps *[]Step) *[]Step
- func ManualApprovalStep_Sequence(steps *[]Step) *[]Step
- func NewArtifactMap_Override(a ArtifactMap)
- func NewCdkPipeline_Override(c CdkPipeline, scope constructs.Construct, id *string, props *CdkPipelineProps)deprecated
- func NewCdkStage_Override(c CdkStage, scope constructs.Construct, id *string, props *CdkStageProps)deprecated
- func NewCodeBuildStep_Override(c CodeBuildStep, id *string, props *CodeBuildStepProps)
- func NewCodePipelineSource_Override(c CodePipelineSource, id *string)
- func NewCodePipeline_Override(c CodePipeline, scope constructs.Construct, id *string, ...)
- func NewConfirmPermissionsBroadening_Override(c ConfirmPermissionsBroadening, id *string, ...)
- func NewDeployCdkStackAction_Override(d DeployCdkStackAction, props *DeployCdkStackActionProps)deprecated
- func NewDockerCredential_Override(d DockerCredential, usages *[]DockerCredentialUsage)
- func NewFileSet_Override(f FileSet, id *string, producer Step)
- func NewManualApprovalStep_Override(m ManualApprovalStep, id *string, props *ManualApprovalStepProps)
- func NewPipelineBase_Override(p PipelineBase, scope constructs.Construct, id *string, ...)
- func NewPublishAssetsAction_Override(p PublishAssetsAction, scope constructs.Construct, id *string, ...)deprecated
- func NewShellScriptAction_Override(s ShellScriptAction, props *ShellScriptActionProps)deprecated
- func NewShellStep_Override(s ShellStep, id *string, props *ShellStepProps)
- func NewSimpleSynthAction_Override(s SimpleSynthAction, props *SimpleSynthActionProps)deprecated
- func NewStackOutput_Override(s StackOutput, artifactFile awscodepipeline.ArtifactPath, outputName *string)
- func NewStep_Override(s Step, id *string)
- func NewUpdatePipelineAction_Override(u UpdatePipelineAction, scope constructs.Construct, id *string, ...)deprecated
- func NewWave_Override(w Wave, id *string, props *WaveProps)
- func PipelineBase_IsConstruct(x interface{}) *bool
- func PublishAssetsAction_IsConstruct(x interface{}) *bool
- func ShellStep_Sequence(steps *[]Step) *[]Step
- func Step_Sequence(steps *[]Step) *[]Step
- func UpdatePipelineAction_IsConstruct(x interface{}) *bool
- type AddManualApprovalOptionsdeprecated
- type AddStackOptionsdeprecated
- type AddStageOptionsdeprecated
- type AddStageOpts
- type AdditionalArtifactdeprecated
- type ArtifactMap
- type AssetPublishingCommanddeprecated
- type AssetType
- type BaseStageOptionsdeprecated
- type CdkPipelinedeprecated
- type CdkPipelinePropsdeprecated
- type CdkStackActionFromArtifactOptionsdeprecated
- type CdkStagedeprecated
- type CdkStagePropsdeprecated
- type CodeBuildOptions
- type CodeBuildStep
- type CodeBuildStepProps
- type CodeCommitSourceOptions
- type CodePipeline
- type CodePipelineActionFactoryResult
- type CodePipelineFileSet
- type CodePipelineProps
- type CodePipelineSource
- func CodePipelineSource_CodeCommit(repository awscodecommit.IRepository, branch *string, ...) CodePipelineSource
- func CodePipelineSource_Connection(repoString *string, branch *string, props *ConnectionSourceOptions) CodePipelineSource
- func CodePipelineSource_Ecr(repository awsecr.IRepository, props *ECRSourceOptions) CodePipelineSource
- func CodePipelineSource_GitHub(repoString *string, branch *string, props *GitHubSourceOptions) CodePipelineSource
- func CodePipelineSource_S3(bucket awss3.IBucket, objectKey *string, props *S3SourceOptions) CodePipelineSource
- type ConfirmPermissionsBroadening
- type ConnectionSourceOptions
- type DeployCdkStackActiondeprecated
- type DeployCdkStackActionOptionsdeprecated
- type DeployCdkStackActionPropsdeprecated
- type DockerCredential
- func DockerCredential_CustomRegistry(registryDomain *string, secret awssecretsmanager.ISecret, ...) DockerCredential
- func DockerCredential_DockerHub(secret awssecretsmanager.ISecret, opts *ExternalDockerCredentialOptions) DockerCredential
- func DockerCredential_Ecr(repositories *[]awsecr.IRepository, opts *EcrDockerCredentialOptions) DockerCredential
- type DockerCredentialUsage
- type ECRSourceOptions
- type EcrDockerCredentialOptions
- type ExternalDockerCredentialOptions
- type FileSet
- type FileSetLocation
- type FromStackArtifactOptionsdeprecated
- type GitHubSourceOptions
- type ICodePipelineActionFactory
- type IFileSetProducer
- type IStageHost
- type ManualApprovalStep
- type ManualApprovalStepProps
- type PermissionsBroadeningCheckProps
- type PipelineBase
- type PipelineBaseProps
- type ProduceActionOptions
- type PublishAssetsActiondeprecated
- type PublishAssetsActionPropsdeprecated
- type S3SourceOptions
- type ShellScriptActiondeprecated
- type ShellScriptActionPropsdeprecated
- type ShellStep
- type ShellStepProps
- type SimpleSynthActiondeprecated
- type SimpleSynthActionPropsdeprecated
- type SimpleSynthOptionsdeprecated
- type StackAsset
- type StackDeployment
- type StackDeploymentProps
- type StackOutputdeprecated
- type StackOutputReference
- type StackSteps
- type StageDeployment
- type StageDeploymentProps
- type StandardNpmSynthOptionsdeprecated
- type StandardYarnSynthOptionsdeprecated
- type Step
- type UpdatePipelineActiondeprecated
- type UpdatePipelineActionPropsdeprecated
- type Wave
- type WaveOptions
- type WaveProps
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CdkPipeline_IsConstruct ¶
func CdkPipeline_IsConstruct(x interface{}) *bool
Return whether the given object is a Construct. Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
func CdkStage_IsConstruct ¶
func CdkStage_IsConstruct(x interface{}) *bool
Return whether the given object is a Construct. Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
func CodeBuildStep_Sequence ¶
Define a sequence of steps to be executed in order.
If you need more fine-grained step ordering, use the `addStepDependency()` API. For example, if you want `secondStep` to occur after `firstStep`, call `secondStep.addStepDependency(firstStep)`. Experimental.
func CodePipelineSource_Sequence ¶
Define a sequence of steps to be executed in order.
If you need more fine-grained step ordering, use the `addStepDependency()` API. For example, if you want `secondStep` to occur after `firstStep`, call `secondStep.addStepDependency(firstStep)`. Experimental.
func CodePipeline_IsConstruct ¶
func CodePipeline_IsConstruct(x interface{}) *bool
Return whether the given object is a Construct. Experimental.
func ConfirmPermissionsBroadening_Sequence ¶
Define a sequence of steps to be executed in order.
If you need more fine-grained step ordering, use the `addStepDependency()` API. For example, if you want `secondStep` to occur after `firstStep`, call `secondStep.addStepDependency(firstStep)`. Experimental.
func ManualApprovalStep_Sequence ¶
Define a sequence of steps to be executed in order.
If you need more fine-grained step ordering, use the `addStepDependency()` API. For example, if you want `secondStep` to occur after `firstStep`, call `secondStep.addStepDependency(firstStep)`. Experimental.
func NewCdkPipeline_Override
deprecated
func NewCdkPipeline_Override(c CdkPipeline, scope constructs.Construct, id *string, props *CdkPipelineProps)
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
func NewCdkStage_Override
deprecated
func NewCdkStage_Override(c CdkStage, scope constructs.Construct, id *string, props *CdkStageProps)
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
func NewCodeBuildStep_Override ¶
func NewCodeBuildStep_Override(c CodeBuildStep, id *string, props *CodeBuildStepProps)
Experimental.
func NewCodePipelineSource_Override ¶
func NewCodePipelineSource_Override(c CodePipelineSource, id *string)
Experimental.
func NewCodePipeline_Override ¶
func NewCodePipeline_Override(c CodePipeline, scope constructs.Construct, id *string, props *CodePipelineProps)
Experimental.
func NewConfirmPermissionsBroadening_Override ¶
func NewConfirmPermissionsBroadening_Override(c ConfirmPermissionsBroadening, id *string, props *PermissionsBroadeningCheckProps)
Experimental.
func NewDeployCdkStackAction_Override
deprecated
func NewDeployCdkStackAction_Override(d DeployCdkStackAction, props *DeployCdkStackActionProps)
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
func NewDockerCredential_Override ¶
func NewDockerCredential_Override(d DockerCredential, usages *[]DockerCredentialUsage)
Experimental.
func NewFileSet_Override ¶
Experimental.
func NewManualApprovalStep_Override ¶
func NewManualApprovalStep_Override(m ManualApprovalStep, id *string, props *ManualApprovalStepProps)
Experimental.
func NewPipelineBase_Override ¶
func NewPipelineBase_Override(p PipelineBase, scope constructs.Construct, id *string, props *PipelineBaseProps)
Experimental.
func NewPublishAssetsAction_Override
deprecated
func NewPublishAssetsAction_Override(p PublishAssetsAction, scope constructs.Construct, id *string, props *PublishAssetsActionProps)
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
func NewShellScriptAction_Override
deprecated
func NewShellScriptAction_Override(s ShellScriptAction, props *ShellScriptActionProps)
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
func NewShellStep_Override ¶
func NewShellStep_Override(s ShellStep, id *string, props *ShellStepProps)
Experimental.
func NewSimpleSynthAction_Override
deprecated
func NewSimpleSynthAction_Override(s SimpleSynthAction, props *SimpleSynthActionProps)
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
func NewStackOutput_Override ¶
func NewStackOutput_Override(s StackOutput, artifactFile awscodepipeline.ArtifactPath, outputName *string)
Build a StackOutput from a known artifact and an output name. Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
func NewUpdatePipelineAction_Override
deprecated
func NewUpdatePipelineAction_Override(u UpdatePipelineAction, scope constructs.Construct, id *string, props *UpdatePipelineActionProps)
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
func PipelineBase_IsConstruct ¶
func PipelineBase_IsConstruct(x interface{}) *bool
Return whether the given object is a Construct. Experimental.
func PublishAssetsAction_IsConstruct ¶
func PublishAssetsAction_IsConstruct(x interface{}) *bool
Return whether the given object is a Construct. Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
func ShellStep_Sequence ¶
Define a sequence of steps to be executed in order.
If you need more fine-grained step ordering, use the `addStepDependency()` API. For example, if you want `secondStep` to occur after `firstStep`, call `secondStep.addStepDependency(firstStep)`. Experimental.
func Step_Sequence ¶
Define a sequence of steps to be executed in order.
If you need more fine-grained step ordering, use the `addStepDependency()` API. For example, if you want `secondStep` to occur after `firstStep`, call `secondStep.addStepDependency(firstStep)`. Experimental.
func UpdatePipelineAction_IsConstruct ¶
func UpdatePipelineAction_IsConstruct(x interface{}) *bool
Return whether the given object is a Construct. Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Types ¶
type AddManualApprovalOptions
deprecated
type AddManualApprovalOptions struct {
// The name of the manual approval action.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ActionName *string `field:"optional" json:"actionName" yaml:"actionName"`
// The runOrder for this action.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
RunOrder *float64 `field:"optional" json:"runOrder" yaml:"runOrder"`
}
Options for addManualApproval.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
addManualApprovalOptions := &addManualApprovalOptions{
actionName: jsii.String("actionName"),
runOrder: jsii.Number(123),
}
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
type AddStackOptions
deprecated
type AddStackOptions struct {
// Base runorder.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ExecuteRunOrder *float64 `field:"optional" json:"executeRunOrder" yaml:"executeRunOrder"`
// Base runorder.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
RunOrder *float64 `field:"optional" json:"runOrder" yaml:"runOrder"`
}
Additional options for adding a stack deployment.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
addStackOptions := &addStackOptions{
executeRunOrder: jsii.Number(123),
runOrder: jsii.Number(123),
}
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
type AddStageOptions
deprecated
type AddStageOptions struct {
// Runs a `cdk diff --security-only --fail` to pause the pipeline if there are any security changes.
//
// If the stage is configured with `confirmBroadeningPermissions` enabled, you can use this
// property to override the stage configuration. For example, Pipeline Stage
// "Prod" has confirmBroadeningPermissions enabled, with applications "A", "B", "C". All three
// applications will run a security check, but if we want to disable the one for "C",
// we run `stage.addApplication(C, { confirmBroadeningPermissions: false })` to override the pipeline
// stage behavior.
//
// Adds 1 to the run order space.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ConfirmBroadeningPermissions *bool `field:"optional" json:"confirmBroadeningPermissions" yaml:"confirmBroadeningPermissions"`
// Optional SNS topic to send notifications to when the security check registers changes within the application.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
SecurityNotificationTopic awssns.ITopic `field:"optional" json:"securityNotificationTopic" yaml:"securityNotificationTopic"`
// Add room for extra actions.
//
// You can use this to make extra room in the runOrder sequence between the
// changeset 'prepare' and 'execute' actions and insert your own actions there.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ExtraRunOrderSpace *float64 `field:"optional" json:"extraRunOrderSpace" yaml:"extraRunOrderSpace"`
// Add manual approvals before executing change sets.
//
// This gives humans the opportunity to confirm the change set looks alright
// before deploying it.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ManualApprovals *bool `field:"optional" json:"manualApprovals" yaml:"manualApprovals"`
}
Options for adding an application stage to a pipeline.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var topic topic
addStageOptions := &addStageOptions{
confirmBroadeningPermissions: jsii.Boolean(false),
extraRunOrderSpace: jsii.Number(123),
manualApprovals: jsii.Boolean(false),
securityNotificationTopic: topic,
}
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
type AddStageOpts ¶
type AddStageOpts struct {
// Additional steps to run after all of the stacks in the stage.
// Experimental.
Post *[]Step `field:"optional" json:"post" yaml:"post"`
// Additional steps to run before any of the stacks in the stage.
// Experimental.
Pre *[]Step `field:"optional" json:"pre" yaml:"pre"`
// Instructions for stack level steps.
// Experimental.
StackSteps *[]*StackSteps `field:"optional" json:"stackSteps" yaml:"stackSteps"`
}
Options to pass to `addStage`.
Example:
var pipeline codePipeline
preprod := NewMyApplicationStage(this, jsii.String("PreProd"))
prod := NewMyApplicationStage(this, jsii.String("Prod"))
pipeline.addStage(preprod, &addStageOpts{
post: []step{
pipelines.NewShellStep(jsii.String("Validate Endpoint"), &shellStepProps{
commands: []*string{
jsii.String("curl -Ssf https://my.webservice.com/"),
},
}),
},
})
pipeline.addStage(prod, &addStageOpts{
pre: []*step{
pipelines.NewManualApprovalStep(jsii.String("PromoteToProd")),
},
})
Experimental.
type AdditionalArtifact
deprecated
type AdditionalArtifact struct {
// Artifact to represent the build directory in the pipeline.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Artifact awscodepipeline.Artifact `field:"required" json:"artifact" yaml:"artifact"`
// Directory to be packaged.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Directory *string `field:"required" json:"directory" yaml:"directory"`
}
Specification of an additional artifact to generate.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var artifact artifact
additionalArtifact := &additionalArtifact{
artifact: artifact,
directory: jsii.String("directory"),
}
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
type ArtifactMap ¶
type ArtifactMap interface {
// Return the matching CodePipeline artifact for a FileSet.
// Experimental.
ToCodePipeline(x FileSet) awscodepipeline.Artifact
}
Translate FileSets to CodePipeline Artifacts.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" artifactMap := awscdk.Pipelines.NewArtifactMap()
Experimental.
type AssetPublishingCommand
deprecated
type AssetPublishingCommand struct {
// Asset identifier.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
AssetId *string `field:"required" json:"assetId" yaml:"assetId"`
// Asset manifest path.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
AssetManifestPath *string `field:"required" json:"assetManifestPath" yaml:"assetManifestPath"`
// ARN of the IAM Role used to publish this asset.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
AssetPublishingRoleArn *string `field:"required" json:"assetPublishingRoleArn" yaml:"assetPublishingRoleArn"`
// Asset selector to pass to `cdk-assets`.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
AssetSelector *string `field:"required" json:"assetSelector" yaml:"assetSelector"`
// Type of asset to publish.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
AssetType AssetType `field:"required" json:"assetType" yaml:"assetType"`
}
Instructions to publish certain assets.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
assetPublishingCommand := &assetPublishingCommand{
assetId: jsii.String("assetId"),
assetManifestPath: jsii.String("assetManifestPath"),
assetPublishingRoleArn: jsii.String("assetPublishingRoleArn"),
assetSelector: jsii.String("assetSelector"),
assetType: awscdk.Pipelines.assetType_FILE,
}
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
type BaseStageOptions
deprecated
type BaseStageOptions struct {
// Runs a `cdk diff --security-only --fail` to pause the pipeline if there are any security changes.
//
// If the stage is configured with `confirmBroadeningPermissions` enabled, you can use this
// property to override the stage configuration. For example, Pipeline Stage
// "Prod" has confirmBroadeningPermissions enabled, with applications "A", "B", "C". All three
// applications will run a security check, but if we want to disable the one for "C",
// we run `stage.addApplication(C, { confirmBroadeningPermissions: false })` to override the pipeline
// stage behavior.
//
// Adds 1 to the run order space.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ConfirmBroadeningPermissions *bool `field:"optional" json:"confirmBroadeningPermissions" yaml:"confirmBroadeningPermissions"`
// Optional SNS topic to send notifications to when the security check registers changes within the application.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
SecurityNotificationTopic awssns.ITopic `field:"optional" json:"securityNotificationTopic" yaml:"securityNotificationTopic"`
}
Base options for a pipelines stage.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var topic topic
baseStageOptions := &baseStageOptions{
confirmBroadeningPermissions: jsii.Boolean(false),
securityNotificationTopic: topic,
}
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
type CdkPipeline
deprecated
type CdkPipeline interface {
awscdk.Construct
// The underlying CodePipeline object.
//
// You can use this to add more Stages to the pipeline, or Actions
// to Stages.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
CodePipeline() awscodepipeline.Pipeline
// The construct tree node associated with this construct.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Node() awscdk.ConstructNode
// Add pipeline stage that will deploy the given application stage.
//
// The application construct should subclass `Stage` and can contain any
// number of `Stacks` inside it that may have dependency relationships
// on one another.
//
// All stacks in the application will be deployed in the appropriate order,
// and all assets found in the application will be added to the asset
// publishing stage.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
AddApplicationStage(appStage awscdk.Stage, options *AddStageOptions) CdkStage
// Add a new, empty stage to the pipeline.
//
// Prefer to use `addApplicationStage` if you are intended to deploy a CDK
// application, but you can use this method if you want to add other kinds of
// Actions to a pipeline.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
AddStage(stageName *string, options *BaseStageOptions) CdkStage
// Perform final modifications before synthesis.
//
// This method can be implemented by derived constructs in order to perform
// final changes before synthesis. prepare() will be called after child
// constructs have been prepared.
//
// This is an advanced framework feature. Only use this if you
// understand the implications.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
OnPrepare()
// Allows this construct to emit artifacts into the cloud assembly during synthesis.
//
// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
// as they participate in synthesizing the cloud assembly.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
OnSynthesize(session constructs.ISynthesisSession)
// Validate the current construct.
//
// This method can be implemented by derived constructs in order to perform
// validation logic. It is called on all constructs before synthesis.
//
// Returns: An array of validation error messages, or an empty array if the construct is valid.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
OnValidate() *[]*string
// Perform final modifications before synthesis.
//
// This method can be implemented by derived constructs in order to perform
// final changes before synthesis. prepare() will be called after child
// constructs have been prepared.
//
// This is an advanced framework feature. Only use this if you
// understand the implications.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Prepare()
// Get the StackOutput object that holds this CfnOutput's value in this pipeline.
//
// `StackOutput` can be used in validation actions later in the pipeline.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
StackOutput(cfnOutput awscdk.CfnOutput) StackOutput
// Access one of the pipeline's stages by stage name.
//
// You can use this to add more Actions to a stage.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Stage(stageName *string) awscodepipeline.IStage
// Allows this construct to emit artifacts into the cloud assembly during synthesis.
//
// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
// as they participate in synthesizing the cloud assembly.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Synthesize(session awscdk.ISynthesisSession)
// Returns a string representation of this construct.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ToString() *string
// Validate that we don't have any stacks violating dependency order in the pipeline.
//
// Our own convenience methods will never generate a pipeline that does that (although
// this is a nice verification), but a user can also add the stacks by hand.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Validate() *[]*string
}
A Pipeline to deploy CDK apps.
Defines an AWS CodePipeline-based Pipeline to deploy CDK applications.
Automatically manages the following:
- Stack dependency order. - Asset publishing. - Keeping the pipeline up-to-date as the CDK apps change. - Using stack outputs later on in the pipeline.
Example:
sourceArtifact := codepipeline.NewArtifact()
cloudAssemblyArtifact := codepipeline.NewArtifact()
pipeline := pipelines.NewCdkPipeline(this, jsii.String("MyPipeline"), &cdkPipelineProps{
cloudAssemblyArtifact: cloudAssemblyArtifact,
synthAction: pipelines.simpleSynthAction.standardNpmSynth(&standardNpmSynthOptions{
sourceArtifact: sourceArtifact,
cloudAssemblyArtifact: cloudAssemblyArtifact,
environment: &buildEnvironment{
privileged: jsii.Boolean(true),
},
}),
})
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
func NewCdkPipeline
deprecated
func NewCdkPipeline(scope constructs.Construct, id *string, props *CdkPipelineProps) CdkPipeline
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
type CdkPipelineProps
deprecated
type CdkPipelineProps struct {
// The artifact you have defined to be the artifact to hold the cloudAssemblyArtifact for the synth action.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
CloudAssemblyArtifact awscodepipeline.Artifact `field:"required" json:"cloudAssemblyArtifact" yaml:"cloudAssemblyArtifact"`
// Custom BuildSpec that is merged with generated one (for asset publishing actions).
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
AssetBuildSpec awscodebuild.BuildSpec `field:"optional" json:"assetBuildSpec" yaml:"assetBuildSpec"`
// Additional commands to run before installing cdk-assets during the asset publishing step Use this to setup proxies or npm mirrors.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
AssetPreInstallCommands *[]*string `field:"optional" json:"assetPreInstallCommands" yaml:"assetPreInstallCommands"`
// CDK CLI version to use in pipeline.
//
// Some Actions in the pipeline will download and run a version of the CDK
// CLI. Specify the version here.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
CdkCliVersion *string `field:"optional" json:"cdkCliVersion" yaml:"cdkCliVersion"`
// Existing CodePipeline to add deployment stages to.
//
// Use this if you want more control over the CodePipeline that gets created.
// You can choose to not pass this value, in which case a new CodePipeline is
// created with default settings.
//
// If you pass an existing CodePipeline, it should have been created
// with `restartExecutionOnUpdate: true`.
//
// [disable-awslint:ref-via-interface].
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
CodePipeline awscodepipeline.Pipeline `field:"optional" json:"codePipeline" yaml:"codePipeline"`
// Create KMS keys for cross-account deployments.
//
// This controls whether the pipeline is enabled for cross-account deployments.
//
// Can only be set if `codePipeline` is not set.
//
// By default cross-account deployments are enabled, but this feature requires
// that KMS Customer Master Keys are created which have a cost of $1/month.
//
// If you do not need cross-account deployments, you can set this to `false` to
// not create those keys and save on that cost (the artifact bucket will be
// encrypted with an AWS-managed key). However, cross-account deployments will
// no longer be possible.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
CrossAccountKeys *bool `field:"optional" json:"crossAccountKeys" yaml:"crossAccountKeys"`
// A list of credentials used to authenticate to Docker registries.
//
// Specify any credentials necessary within the pipeline to build, synth, update, or publish assets.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
DockerCredentials *[]DockerCredential `field:"optional" json:"dockerCredentials" yaml:"dockerCredentials"`
// Enables KMS key rotation for cross-account keys.
//
// Cannot be set if `crossAccountKeys` was set to `false`.
//
// Key rotation costs $1/month when enabled.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
EnableKeyRotation *bool `field:"optional" json:"enableKeyRotation" yaml:"enableKeyRotation"`
// Name of the pipeline.
//
// Can only be set if `codePipeline` is not set.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
PipelineName *string `field:"optional" json:"pipelineName" yaml:"pipelineName"`
// Whether the pipeline will update itself.
//
// This needs to be set to `true` to allow the pipeline to reconfigure
// itself when assets or stages are being added to it, and `true` is the
// recommended setting.
//
// You can temporarily set this to `false` while you are iterating
// on the pipeline itself and prefer to deploy changes using `cdk deploy`.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
SelfMutating *bool `field:"optional" json:"selfMutating" yaml:"selfMutating"`
// Custom BuildSpec that is merged with generated one (for self-mutation stage).
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
SelfMutationBuildSpec awscodebuild.BuildSpec `field:"optional" json:"selfMutationBuildSpec" yaml:"selfMutationBuildSpec"`
// Whether this pipeline creates one asset upload action per asset type or one asset upload per asset.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
SinglePublisherPerType *bool `field:"optional" json:"singlePublisherPerType" yaml:"singlePublisherPerType"`
// The CodePipeline action used to retrieve the CDK app's source.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
SourceAction awscodepipeline.IAction `field:"optional" json:"sourceAction" yaml:"sourceAction"`
// Which subnets to use.
//
// Only used if 'vpc' is supplied.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
SubnetSelection *awsec2.SubnetSelection `field:"optional" json:"subnetSelection" yaml:"subnetSelection"`
// Whether the pipeline needs to build Docker images in the UpdatePipeline stage.
//
// If the UpdatePipeline stage tries to build a Docker image and this flag is not
// set to `true`, the build step will run in non-privileged mode and consequently
// will fail with a message like:
//
// > Cannot connect to the Docker daemon at unix:///var/run/docker.sock.
// > Is the docker daemon running?
//
// This flag has an effect only if `selfMutating` is also `true`.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
SupportDockerAssets *bool `field:"optional" json:"supportDockerAssets" yaml:"supportDockerAssets"`
// The CodePipeline action build and synthesis step of the CDK app.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
SynthAction awscodepipeline.IAction `field:"optional" json:"synthAction" yaml:"synthAction"`
// The VPC where to execute the CdkPipeline actions.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Vpc awsec2.IVpc `field:"optional" json:"vpc" yaml:"vpc"`
}
Properties for a CdkPipeline.
Example:
sourceArtifact := codepipeline.NewArtifact()
cloudAssemblyArtifact := codepipeline.NewArtifact()
pipeline := pipelines.NewCdkPipeline(this, jsii.String("MyPipeline"), &cdkPipelineProps{
cloudAssemblyArtifact: cloudAssemblyArtifact,
synthAction: pipelines.simpleSynthAction.standardNpmSynth(&standardNpmSynthOptions{
sourceArtifact: sourceArtifact,
cloudAssemblyArtifact: cloudAssemblyArtifact,
environment: &buildEnvironment{
privileged: jsii.Boolean(true),
},
}),
})
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
type CdkStackActionFromArtifactOptions
deprecated
type CdkStackActionFromArtifactOptions struct {
// The CodePipeline artifact that holds the Cloud Assembly.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
CloudAssemblyInput awscodepipeline.Artifact `field:"required" json:"cloudAssemblyInput" yaml:"cloudAssemblyInput"`
// Base name of the action.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
BaseActionName *string `field:"optional" json:"baseActionName" yaml:"baseActionName"`
// Name of the change set to create and deploy.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ChangeSetName *string `field:"optional" json:"changeSetName" yaml:"changeSetName"`
// Run order for the Execute action.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ExecuteRunOrder *float64 `field:"optional" json:"executeRunOrder" yaml:"executeRunOrder"`
// Artifact to write Stack Outputs to.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Output awscodepipeline.Artifact `field:"optional" json:"output" yaml:"output"`
// Filename in output to write Stack outputs to.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
OutputFileName *string `field:"optional" json:"outputFileName" yaml:"outputFileName"`
// Run order for the Prepare action.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
PrepareRunOrder *float64 `field:"optional" json:"prepareRunOrder" yaml:"prepareRunOrder"`
// The name of the stack that should be created/updated.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
StackName *string `field:"optional" json:"stackName" yaml:"stackName"`
}
Options for the 'fromStackArtifact' operation.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var artifact artifact
cdkStackActionFromArtifactOptions := &cdkStackActionFromArtifactOptions{
cloudAssemblyInput: artifact,
// the properties below are optional
baseActionName: jsii.String("baseActionName"),
changeSetName: jsii.String("changeSetName"),
executeRunOrder: jsii.Number(123),
output: artifact,
outputFileName: jsii.String("outputFileName"),
prepareRunOrder: jsii.Number(123),
stackName: jsii.String("stackName"),
}
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
type CdkStage
deprecated
type CdkStage interface {
awscdk.Construct
// The construct tree node associated with this construct.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Node() awscdk.ConstructNode
// Add one or more CodePipeline Actions.
//
// You need to make sure it is created with the right runOrder. Call `nextSequentialRunOrder()`
// for every action to get actions to execute in sequence.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
AddActions(actions ...awscodepipeline.IAction)
// Add all stacks in the application Stage to this stage.
//
// The application construct should subclass `Stage` and can contain any
// number of `Stacks` inside it that may have dependency relationships
// on one another.
//
// All stacks in the application will be deployed in the appropriate order,
// and all assets found in the application will be added to the asset
// publishing stage.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
AddApplication(appStage awscdk.Stage, options *AddStageOptions)
// Add a manual approval action.
//
// If you need more flexibility than what this method offers,
// use `addAction` with a `ManualApprovalAction`.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
AddManualApprovalAction(options *AddManualApprovalOptions)
// Add a deployment action based on a stack artifact.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
AddStackArtifactDeployment(stackArtifact cxapi.CloudFormationStackArtifact, options *AddStackOptions)
// Whether this Stage contains an action to deploy the given stack, identified by its artifact ID.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
DeploysStack(artifactId *string) *bool
// Return the runOrder number necessary to run the next Action in sequence with the rest.
//
// FIXME: This is here because Actions are immutable and can't be reordered
// after creation, nor is there a way to specify relative priorities, which
// is a limitation that we should take away in the base library.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
NextSequentialRunOrder(count *float64) *float64
// Perform final modifications before synthesis.
//
// This method can be implemented by derived constructs in order to perform
// final changes before synthesis. prepare() will be called after child
// constructs have been prepared.
//
// This is an advanced framework feature. Only use this if you
// understand the implications.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
OnPrepare()
// Allows this construct to emit artifacts into the cloud assembly during synthesis.
//
// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
// as they participate in synthesizing the cloud assembly.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
OnSynthesize(session constructs.ISynthesisSession)
// Validate the current construct.
//
// This method can be implemented by derived constructs in order to perform
// validation logic. It is called on all constructs before synthesis.
//
// Returns: An array of validation error messages, or an empty array if the construct is valid.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
OnValidate() *[]*string
// Perform final modifications before synthesis.
//
// This method can be implemented by derived constructs in order to perform
// final changes before synthesis. prepare() will be called after child
// constructs have been prepared.
//
// This is an advanced framework feature. Only use this if you
// understand the implications.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Prepare()
// Allows this construct to emit artifacts into the cloud assembly during synthesis.
//
// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
// as they participate in synthesizing the cloud assembly.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Synthesize(session awscdk.ISynthesisSession)
// Returns a string representation of this construct.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ToString() *string
// Validate the current construct.
//
// This method can be implemented by derived constructs in order to perform
// validation logic. It is called on all constructs before synthesis.
//
// Returns: An array of validation error messages, or an empty array if the construct is valid.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Validate() *[]*string
}
Stage in a CdkPipeline.
You don't need to instantiate this class directly. Use `cdkPipeline.addStage()` instead.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var artifact artifact
var stage iStage
var stageHost iStageHost
var topic topic
cdkStage := awscdk.Pipelines.NewCdkStage(this, jsii.String("MyCdkStage"), &cdkStageProps{
cloudAssemblyArtifact: artifact,
host: stageHost,
pipelineStage: stage,
stageName: jsii.String("stageName"),
// the properties below are optional
confirmBroadeningPermissions: jsii.Boolean(false),
securityNotificationTopic: topic,
})
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
func NewCdkStage
deprecated
func NewCdkStage(scope constructs.Construct, id *string, props *CdkStageProps) CdkStage
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
type CdkStageProps
deprecated
type CdkStageProps struct {
// The CodePipeline Artifact with the Cloud Assembly.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
CloudAssemblyArtifact awscodepipeline.Artifact `field:"required" json:"cloudAssemblyArtifact" yaml:"cloudAssemblyArtifact"`
// Features the Stage needs from its environment.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Host IStageHost `field:"required" json:"host" yaml:"host"`
// The underlying Pipeline Stage associated with thisCdkStage.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
PipelineStage awscodepipeline.IStage `field:"required" json:"pipelineStage" yaml:"pipelineStage"`
// Name of the stage that should be created.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
StageName *string `field:"required" json:"stageName" yaml:"stageName"`
// Run a security check before every application prepare/deploy actions.
//
// Note: Stage level security check can be overriden per application as follows:
// `stage.addApplication(app, { confirmBroadeningPermissions: false })`
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ConfirmBroadeningPermissions *bool `field:"optional" json:"confirmBroadeningPermissions" yaml:"confirmBroadeningPermissions"`
// Optional SNS topic to send notifications to when any security check registers changes within a application.
//
// Note: The Stage Notification Topic can be overriden per application as follows:
// `stage.addApplication(app, { securityNotificationTopic: newTopic })`
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
SecurityNotificationTopic awssns.ITopic `field:"optional" json:"securityNotificationTopic" yaml:"securityNotificationTopic"`
}
Construction properties for a CdkStage.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var artifact artifact
var stage iStage
var stageHost iStageHost
var topic topic
cdkStageProps := &cdkStageProps{
cloudAssemblyArtifact: artifact,
host: stageHost,
pipelineStage: stage,
stageName: jsii.String("stageName"),
// the properties below are optional
confirmBroadeningPermissions: jsii.Boolean(false),
securityNotificationTopic: topic,
}
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
type CodeBuildOptions ¶
type CodeBuildOptions struct {
// Partial build environment, will be combined with other build environments that apply.
// Experimental.
BuildEnvironment *awscodebuild.BuildEnvironment `field:"optional" json:"buildEnvironment" yaml:"buildEnvironment"`
// Partial buildspec, will be combined with other buildspecs that apply.
//
// The BuildSpec must be available inline--it cannot reference a file
// on disk.
// Experimental.
PartialBuildSpec awscodebuild.BuildSpec `field:"optional" json:"partialBuildSpec" yaml:"partialBuildSpec"`
// Policy statements to add to role.
// Experimental.
RolePolicy *[]awsiam.PolicyStatement `field:"optional" json:"rolePolicy" yaml:"rolePolicy"`
// Which security group(s) to associate with the project network interfaces.
//
// Only used if 'vpc' is supplied.
// Experimental.
SecurityGroups *[]awsec2.ISecurityGroup `field:"optional" json:"securityGroups" yaml:"securityGroups"`
// Which subnets to use.
//
// Only used if 'vpc' is supplied.
// Experimental.
SubnetSelection *awsec2.SubnetSelection `field:"optional" json:"subnetSelection" yaml:"subnetSelection"`
// The number of minutes after which AWS CodeBuild stops the build if it's not complete.
//
// For valid values, see the timeoutInMinutes field in the AWS
// CodeBuild User Guide.
// Experimental.
Timeout awscdk.Duration `field:"optional" json:"timeout" yaml:"timeout"`
// The VPC where to create the CodeBuild network interfaces in.
// Experimental.
Vpc awsec2.IVpc `field:"optional" json:"vpc" yaml:"vpc"`
}
Options for customizing a single CodeBuild project.
Example:
var vpc vpc
var mySecurityGroup securityGroup
pipelines.NewCodePipeline(this, jsii.String("Pipeline"), &codePipelineProps{
// Standard CodePipeline properties
synth: pipelines.NewShellStep(jsii.String("Synth"), &shellStepProps{
input: pipelines.codePipelineSource.connection(jsii.String("my-org/my-app"), jsii.String("main"), &connectionSourceOptions{
connectionArn: jsii.String("arn:aws:codestar-connections:us-east-1:222222222222:connection/7d2469ff-514a-4e4f-9003-5ca4a43cdc41"),
}),
commands: []*string{
jsii.String("npm ci"),
jsii.String("npm run build"),
jsii.String("npx cdk synth"),
},
}),
// Defaults for all CodeBuild projects
codeBuildDefaults: &codeBuildOptions{
// Prepend commands and configuration to all projects
partialBuildSpec: codebuild.buildSpec.fromObject(map[string]interface{}{
"version": jsii.String("0.2"),
}),
// Control the build environment
buildEnvironment: &buildEnvironment{
computeType: codebuild.computeType_LARGE,
},
// Control Elastic Network Interface creation
vpc: vpc,
subnetSelection: &subnetSelection{
subnetType: ec2.subnetType_PRIVATE_WITH_NAT,
},
securityGroups: []iSecurityGroup{
mySecurityGroup,
},
// Additional policy statements for the execution role
rolePolicy: []policyStatement{
iam.NewPolicyStatement(&policyStatementProps{
}),
},
},
synthCodeBuildDefaults: &codeBuildOptions{
},
assetPublishingCodeBuildDefaults: &codeBuildOptions{
},
selfMutationCodeBuildDefaults: &codeBuildOptions{
},
})
Experimental.
type CodeBuildStep ¶
type CodeBuildStep interface {
ShellStep
// Custom execution role to be used for the Code Build Action.
// Experimental.
ActionRole() awsiam.IRole
// Build environment.
// Experimental.
BuildEnvironment() *awscodebuild.BuildEnvironment
// Commands to run.
// Experimental.
Commands() *[]*string
// Return the steps this step depends on, based on the FileSets it requires.
// Experimental.
Dependencies() *[]Step
// The list of FileSets consumed by this Step.
// Experimental.
DependencyFileSets() *[]FileSet
// Environment variables to set.
// Experimental.
Env() *map[string]*string
// Set environment variables based on Stack Outputs.
// Experimental.
EnvFromCfnOutputs() *map[string]StackOutputReference
// The CodeBuild Project's principal.
// Experimental.
GrantPrincipal() awsiam.IPrincipal
// Identifier for this step.
// Experimental.
Id() *string
// Input FileSets.
//
// A list of `(FileSet, directory)` pairs, which are a copy of the
// input properties. This list should not be modified directly.
// Experimental.
Inputs() *[]*FileSetLocation
// Installation commands to run before the regular commands.
//
// For deployment engines that support it, install commands will be classified
// differently in the job history from the regular `commands`.
// Experimental.
InstallCommands() *[]*string
// Whether or not this is a Source step.
//
// What it means to be a Source step depends on the engine.
// Experimental.
IsSource() *bool
// Output FileSets.
//
// A list of `(FileSet, directory)` pairs, which are a copy of the
// input properties. This list should not be modified directly.
// Experimental.
Outputs() *[]*FileSetLocation
// Additional configuration that can only be configured via BuildSpec.
//
// Contains exported variables.
// Experimental.
PartialBuildSpec() awscodebuild.BuildSpec
// The primary FileSet produced by this Step.
//
// Not all steps produce an output FileSet--if they do
// you can substitute the `Step` object for the `FileSet` object.
// Experimental.
PrimaryOutput() FileSet
// CodeBuild Project generated for the pipeline.
//
// Will only be available after the pipeline has been built.
// Experimental.
Project() awscodebuild.IProject
// Name for the generated CodeBuild project.
// Experimental.
ProjectName() *string
// Custom execution role to be used for the CodeBuild project.
// Experimental.
Role() awsiam.IRole
// Policy statements to add to role used during the synth.
// Experimental.
RolePolicyStatements() *[]awsiam.PolicyStatement
// Which security group to associate with the script's project network interfaces.
// Experimental.
SecurityGroups() *[]awsec2.ISecurityGroup
// Which subnets to use.
// Experimental.
SubnetSelection() *awsec2.SubnetSelection
// The number of minutes after which AWS CodeBuild stops the build if it's not complete.
//
// For valid values, see the timeoutInMinutes field in the AWS
// CodeBuild User Guide.
// Experimental.
Timeout() awscdk.Duration
// The VPC where to execute the SimpleSynth.
// Experimental.
Vpc() awsec2.IVpc
// Add an additional FileSet to the set of file sets required by this step.
//
// This will lead to a dependency on the producer of that file set.
// Experimental.
AddDependencyFileSet(fs FileSet)
// Add an additional output FileSet based on a directory.
//
// After running the script, the contents of the given directory
// will be exported as a `FileSet`. Use the `FileSet` as the
// input to another step.
//
// Multiple calls with the exact same directory name string (not normalized)
// will return the same FileSet.
// Experimental.
AddOutputDirectory(directory *string) FileSet
// Add a dependency on another step.
// Experimental.
AddStepDependency(step Step)
// Configure the given FileSet as the primary output of this step.
// Experimental.
ConfigurePrimaryOutput(fs FileSet)
// Crawl the given structure for references to StepOutputs and add dependencies on all steps found.
//
// Should be called in the constructor of subclasses based on what the user
// passes in as construction properties. The format of the structure passed in
// here does not have to correspond exactly to what gets rendered into the
// engine, it just needs to contain the same data.
// Experimental.
DiscoverReferencedOutputs(structure interface{})
// Reference a CodePipeline variable defined by the CodeBuildStep.
//
// The variable must be set in the shell of the CodeBuild step when
// it finishes its `post_build` phase.
//
// Example:
// // Access the output of one CodeBuildStep in another CodeBuildStep
// var pipeline codePipeline
//
//
// step1 := pipelines.NewCodeBuildStep(jsii.String("Step1"), &codeBuildStepProps{
// commands: []*string{
// jsii.String("export MY_VAR=hello"),
// },
// })
//
// step2 := pipelines.NewCodeBuildStep(jsii.String("Step2"), &codeBuildStepProps{
// env: map[string]*string{
// "IMPORTED_VAR": step1.exportedVariable(jsii.String("MY_VAR")),
// },
// commands: []*string{
// jsii.String("echo $IMPORTED_VAR"),
// },
// })
//
// Experimental.
ExportedVariable(variableName *string) *string
// Configure the given output directory as primary output.
//
// If no primary output has been configured yet, this directory
// will become the primary output of this ShellStep, otherwise this
// method will throw if the given directory is different than the
// currently configured primary output directory.
// Experimental.
PrimaryOutputDirectory(directory *string) FileSet
// Return a string representation of this Step.
// Experimental.
ToString() *string
}
Run a script as a CodeBuild Project.
The BuildSpec must be available inline--it cannot reference a file on disk. If your current build instructions are in a file like `buildspec.yml` in your repository, extract them to a script (say, `build.sh`) and invoke that script as part of the build:
```ts
new pipelines.CodeBuildStep('Synth', {
commands: ['./build.sh'],
});
```.
Example:
pipelines.NewCodePipeline(this, jsii.String("Pipeline"), &codePipelineProps{
synth: pipelines.NewCodeBuildStep(jsii.String("Synth"), &codeBuildStepProps{
input: pipelines.codePipelineSource.connection(jsii.String("my-org/my-app"), jsii.String("main"), &connectionSourceOptions{
connectionArn: jsii.String("arn:aws:codestar-connections:us-east-1:222222222222:connection/7d2469ff-514a-4e4f-9003-5ca4a43cdc41"),
}),
commands: []*string{
jsii.String("..."),
jsii.String("npm ci"),
jsii.String("npm run build"),
jsii.String("npx cdk synth"),
jsii.String("..."),
},
rolePolicyStatements: []policyStatement{
iam.NewPolicyStatement(&policyStatementProps{
actions: []*string{
jsii.String("sts:AssumeRole"),
},
resources: []*string{
jsii.String("*"),
},
conditions: map[string]interface{}{
"StringEquals": map[string]*string{
"iam:ResourceTag/aws-cdk:bootstrap-role": jsii.String("lookup"),
},
},
}),
},
}),
})
Experimental.
func NewCodeBuildStep ¶
func NewCodeBuildStep(id *string, props *CodeBuildStepProps) CodeBuildStep
Experimental.
type CodeBuildStepProps ¶
type CodeBuildStepProps struct {
// Commands to run.
// Experimental.
Commands *[]*string `field:"required" json:"commands" yaml:"commands"`
// Additional FileSets to put in other directories.
//
// Specifies a mapping from directory name to FileSets. During the
// script execution, the FileSets will be available in the directories
// indicated.
//
// The directory names may be relative. For example, you can put
// the main input and an additional input side-by-side with the
// following configuration:
//
// “`ts
// const script = new pipelines.ShellStep('MainScript', {
// commands: ['npm ci','npm run build','npx cdk synth'],
// input: pipelines.CodePipelineSource.gitHub('org/source1', 'main'),
// additionalInputs: {
// '../siblingdir': pipelines.CodePipelineSource.gitHub('org/source2', 'main'),
// }
// });
// “`.
// Experimental.
AdditionalInputs *map[string]IFileSetProducer `field:"optional" json:"additionalInputs" yaml:"additionalInputs"`
// Environment variables to set.
// Experimental.
Env *map[string]*string `field:"optional" json:"env" yaml:"env"`
// Set environment variables based on Stack Outputs.
//
// `ShellStep`s following stack or stage deployments may
// access the `CfnOutput`s of those stacks to get access to
// --for example--automatically generated resource names or
// endpoint URLs.
// Experimental.
EnvFromCfnOutputs *map[string]awscdk.CfnOutput `field:"optional" json:"envFromCfnOutputs" yaml:"envFromCfnOutputs"`
// FileSet to run these scripts on.
//
// The files in the FileSet will be placed in the working directory when
// the script is executed. Use `additionalInputs` to download file sets
// to other directories as well.
// Experimental.
Input IFileSetProducer `field:"optional" json:"input" yaml:"input"`
// Installation commands to run before the regular commands.
//
// For deployment engines that support it, install commands will be classified
// differently in the job history from the regular `commands`.
// Experimental.
InstallCommands *[]*string `field:"optional" json:"installCommands" yaml:"installCommands"`
// The directory that will contain the primary output fileset.
//
// After running the script, the contents of the given directory
// will be treated as the primary output of this Step.
// Experimental.
PrimaryOutputDirectory *string `field:"optional" json:"primaryOutputDirectory" yaml:"primaryOutputDirectory"`
// Custom execution role to be used for the Code Build Action.
// Experimental.
ActionRole awsiam.IRole `field:"optional" json:"actionRole" yaml:"actionRole"`
// Changes to environment.
//
// This environment will be combined with the pipeline's default
// environment.
// Experimental.
BuildEnvironment *awscodebuild.BuildEnvironment `field:"optional" json:"buildEnvironment" yaml:"buildEnvironment"`
// Additional configuration that can only be configured via BuildSpec.
//
// You should not use this to specify output artifacts; those
// should be supplied via the other properties of this class, otherwise
// CDK Pipelines won't be able to inspect the artifacts.
//
// Set the `commands` to an empty array if you want to fully specify
// the BuildSpec using this field.
//
// The BuildSpec must be available inline--it cannot reference a file
// on disk.
// Experimental.
PartialBuildSpec awscodebuild.BuildSpec `field:"optional" json:"partialBuildSpec" yaml:"partialBuildSpec"`
// Name for the generated CodeBuild project.
// Experimental.
ProjectName *string `field:"optional" json:"projectName" yaml:"projectName"`
// Custom execution role to be used for the CodeBuild project.
// Experimental.
Role awsiam.IRole `field:"optional" json:"role" yaml:"role"`
// Policy statements to add to role used during the synth.
//
// Can be used to add acces to a CodeArtifact repository etc.
// Experimental.
RolePolicyStatements *[]awsiam.PolicyStatement `field:"optional" json:"rolePolicyStatements" yaml:"rolePolicyStatements"`
// Which security group to associate with the script's project network interfaces.
//
// If no security group is identified, one will be created automatically.
//
// Only used if 'vpc' is supplied.
// Experimental.
SecurityGroups *[]awsec2.ISecurityGroup `field:"optional" json:"securityGroups" yaml:"securityGroups"`
// Which subnets to use.
//
// Only used if 'vpc' is supplied.
// Experimental.
SubnetSelection *awsec2.SubnetSelection `field:"optional" json:"subnetSelection" yaml:"subnetSelection"`
// The number of minutes after which AWS CodeBuild stops the build if it's not complete.
//
// For valid values, see the timeoutInMinutes field in the AWS
// CodeBuild User Guide.
// Experimental.
Timeout awscdk.Duration `field:"optional" json:"timeout" yaml:"timeout"`
// The VPC where to execute the SimpleSynth.
// Experimental.
Vpc awsec2.IVpc `field:"optional" json:"vpc" yaml:"vpc"`
}
Construction props for a CodeBuildStep.
Example:
pipelines.NewCodePipeline(this, jsii.String("Pipeline"), &codePipelineProps{
synth: pipelines.NewCodeBuildStep(jsii.String("Synth"), &codeBuildStepProps{
input: pipelines.codePipelineSource.connection(jsii.String("my-org/my-app"), jsii.String("main"), &connectionSourceOptions{
connectionArn: jsii.String("arn:aws:codestar-connections:us-east-1:222222222222:connection/7d2469ff-514a-4e4f-9003-5ca4a43cdc41"),
}),
commands: []*string{
jsii.String("..."),
jsii.String("npm ci"),
jsii.String("npm run build"),
jsii.String("npx cdk synth"),
jsii.String("..."),
},
rolePolicyStatements: []policyStatement{
iam.NewPolicyStatement(&policyStatementProps{
actions: []*string{
jsii.String("sts:AssumeRole"),
},
resources: []*string{
jsii.String("*"),
},
conditions: map[string]interface{}{
"StringEquals": map[string]*string{
"iam:ResourceTag/aws-cdk:bootstrap-role": jsii.String("lookup"),
},
},
}),
},
}),
})
Experimental.
type CodeCommitSourceOptions ¶
type CodeCommitSourceOptions struct {
// If this is set, the next CodeBuild job clones the repository (instead of CodePipeline downloading the files).
//
// This provides access to repository history, and retains symlinks (symlinks would otherwise be
// removed by CodePipeline).
//
// **Note**: if this option is true, only CodeBuild jobs can use the output artifact.
// See: https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference-CodeCommit.html
//
// Experimental.
CodeBuildCloneOutput *bool `field:"optional" json:"codeBuildCloneOutput" yaml:"codeBuildCloneOutput"`
// Role to be used by on commit event rule.
//
// Used only when trigger value is CodeCommitTrigger.EVENTS.
// Experimental.
EventRole awsiam.IRole `field:"optional" json:"eventRole" yaml:"eventRole"`
// How should CodePipeline detect source changes for this Action.
// Experimental.
Trigger awscodepipelineactions.CodeCommitTrigger `field:"optional" json:"trigger" yaml:"trigger"`
}
Configuration options for a CodeCommit source.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var role role
codeCommitSourceOptions := &codeCommitSourceOptions{
codeBuildCloneOutput: jsii.Boolean(false),
eventRole: role,
trigger: awscdk.Aws_codepipeline_actions.codeCommitTrigger_NONE,
}
Experimental.
type CodePipeline ¶
type CodePipeline interface {
PipelineBase
// The FileSet tha contains the cloud assembly.
//
// This is the primary output of the synth step.
// Experimental.
CloudAssemblyFileSet() FileSet
// The construct tree node associated with this construct.
// Experimental.
Node() awscdk.ConstructNode
// The CodePipeline pipeline that deploys the CDK app.
//
// Only available after the pipeline has been built.
// Experimental.
Pipeline() awscodepipeline.Pipeline
// The build step that produces the CDK Cloud Assembly.
// Experimental.
Synth() IFileSetProducer
// The CodeBuild project that performs the Synth.
//
// Only available after the pipeline has been built.
// Experimental.
SynthProject() awscodebuild.IProject
// The waves in this pipeline.
// Experimental.
Waves() *[]Wave
// Deploy a single Stage by itself.
//
// Add a Stage to the pipeline, to be deployed in sequence with other
// Stages added to the pipeline. All Stacks in the stage will be deployed
// in an order automatically determined by their relative dependencies.
// Experimental.
AddStage(stage awscdk.Stage, options *AddStageOpts) StageDeployment
// Add a Wave to the pipeline, for deploying multiple Stages in parallel.
//
// Use the return object of this method to deploy multiple stages in parallel.
//
// Example:
//
// “`ts
// declare const pipeline: pipelines.CodePipeline;
//
// const wave = pipeline.addWave('MyWave');
// wave.addStage(new MyApplicationStage(this, 'Stage1'));
// wave.addStage(new MyApplicationStage(this, 'Stage2'));
// “`.
// Experimental.
AddWave(id *string, options *WaveOptions) Wave
// Send the current pipeline definition to the engine, and construct the pipeline.
//
// It is not possible to modify the pipeline after calling this method.
// Experimental.
BuildPipeline()
// Implemented by subclasses to do the actual pipeline construction.
// Experimental.
DoBuildPipeline()
// Perform final modifications before synthesis.
//
// This method can be implemented by derived constructs in order to perform
// final changes before synthesis. prepare() will be called after child
// constructs have been prepared.
//
// This is an advanced framework feature. Only use this if you
// understand the implications.
// Experimental.
OnPrepare()
// Allows this construct to emit artifacts into the cloud assembly during synthesis.
//
// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
// as they participate in synthesizing the cloud assembly.
// Experimental.
OnSynthesize(session constructs.ISynthesisSession)
// Validate the current construct.
//
// This method can be implemented by derived constructs in order to perform
// validation logic. It is called on all constructs before synthesis.
//
// Returns: An array of validation error messages, or an empty array if the construct is valid.
// Experimental.
OnValidate() *[]*string
// Perform final modifications before synthesis.
//
// This method can be implemented by derived constructs in order to perform
// final changes before synthesis. prepare() will be called after child
// constructs have been prepared.
//
// This is an advanced framework feature. Only use this if you
// understand the implications.
// Experimental.
Prepare()
// Allows this construct to emit artifacts into the cloud assembly during synthesis.
//
// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
// as they participate in synthesizing the cloud assembly.
// Experimental.
Synthesize(session awscdk.ISynthesisSession)
// Returns a string representation of this construct.
// Experimental.
ToString() *string
// Validate the current construct.
//
// This method can be implemented by derived constructs in order to perform
// validation logic. It is called on all constructs before synthesis.
//
// Returns: An array of validation error messages, or an empty array if the construct is valid.
// Experimental.
Validate() *[]*string
}
A CDK Pipeline that uses CodePipeline to deploy CDK apps.
This is a `Pipeline` with its `engine` property set to `CodePipelineEngine`, and exists for nicer ergonomics for users that don't need to switch out engines.
Example:
// Modern API
modernPipeline := pipelines.NewCodePipeline(this, jsii.String("Pipeline"), &codePipelineProps{
selfMutation: jsii.Boolean(false),
synth: pipelines.NewShellStep(jsii.String("Synth"), &shellStepProps{
input: pipelines.codePipelineSource.connection(jsii.String("my-org/my-app"), jsii.String("main"), &connectionSourceOptions{
connectionArn: jsii.String("arn:aws:codestar-connections:us-east-1:222222222222:connection/7d2469ff-514a-4e4f-9003-5ca4a43cdc41"),
}),
commands: []*string{
jsii.String("npm ci"),
jsii.String("npm run build"),
jsii.String("npx cdk synth"),
},
}),
})
// Original API
cloudAssemblyArtifact := codepipeline.NewArtifact()
originalPipeline := pipelines.NewCdkPipeline(this, jsii.String("Pipeline"), &cdkPipelineProps{
selfMutating: jsii.Boolean(false),
cloudAssemblyArtifact: cloudAssemblyArtifact,
})
Experimental.
func NewCodePipeline ¶
func NewCodePipeline(scope constructs.Construct, id *string, props *CodePipelineProps) CodePipeline
Experimental.
type CodePipelineActionFactoryResult ¶
type CodePipelineActionFactoryResult struct {
// How many RunOrders were consumed.
//
// If you add 1 action, return the value 1 here.
// Experimental.
RunOrdersConsumed *float64 `field:"required" json:"runOrdersConsumed" yaml:"runOrdersConsumed"`
// If a CodeBuild project got created, the project.
// Experimental.
Project awscodebuild.IProject `field:"optional" json:"project" yaml:"project"`
}
The result of adding actions to the pipeline.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var project project
codePipelineActionFactoryResult := &codePipelineActionFactoryResult{
runOrdersConsumed: jsii.Number(123),
// the properties below are optional
project: project,
}
Experimental.
type CodePipelineFileSet ¶
type CodePipelineFileSet interface {
FileSet
// Human-readable descriptor for this file set (does not need to be unique).
// Experimental.
Id() *string
// The primary output of a file set producer.
//
// The primary output of a FileSet is itself.
// Experimental.
PrimaryOutput() FileSet
// The Step that produces this FileSet.
// Experimental.
Producer() Step
// Mark the given Step as the producer for this FileSet.
//
// This method can only be called once.
// Experimental.
ProducedBy(producer Step)
// Return a string representation of this FileSet.
// Experimental.
ToString() *string
}
A FileSet created from a CodePipeline artifact.
You only need to use this if you want to add CDK Pipeline stages add the end of an existing CodePipeline, which should be very rare.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" import "github.com/aws/aws-cdk-go/awscdk" var artifact artifact codePipelineFileSet := awscdk.Pipelines.codePipelineFileSet.fromArtifact(artifact)
Experimental.
func CodePipelineFileSet_FromArtifact ¶
func CodePipelineFileSet_FromArtifact(artifact awscodepipeline.Artifact) CodePipelineFileSet
Turn a CodePipeline Artifact into a FileSet. Experimental.
type CodePipelineProps ¶
type CodePipelineProps struct {
// The build step that produces the CDK Cloud Assembly.
//
// The primary output of this step needs to be the `cdk.out` directory
// generated by the `cdk synth` command.
//
// If you use a `ShellStep` here and you don't configure an output directory,
// the output directory will automatically be assumed to be `cdk.out`.
// Experimental.
Synth IFileSetProducer `field:"required" json:"synth" yaml:"synth"`
// Additional customizations to apply to the asset publishing CodeBuild projects.
// Experimental.
AssetPublishingCodeBuildDefaults *CodeBuildOptions `field:"optional" json:"assetPublishingCodeBuildDefaults" yaml:"assetPublishingCodeBuildDefaults"`
// CDK CLI version to use in self-mutation and asset publishing steps.
//
// If you want to lock the CDK CLI version used in the pipeline, by steps
// that are automatically generated for you, specify the version here.
//
// We recommend you do not specify this value, as not specifying it always
// uses the latest CLI version which is backwards compatible with old versions.
//
// If you do specify it, be aware that this version should always be equal to or higher than the
// version of the CDK framework used by the CDK app, when the CDK commands are
// run during your pipeline execution. When you change this version, the *next
// time* the `SelfMutate` step runs it will still be using the CLI of the the
// *previous* version that was in this property: it will only start using the
// new version after `SelfMutate` completes successfully. That means that if
// you want to update both framework and CLI version, you should update the
// CLI version first, commit, push and deploy, and only then update the
// framework version.
// Experimental.
CliVersion *string `field:"optional" json:"cliVersion" yaml:"cliVersion"`
// Customize the CodeBuild projects created for this pipeline.
// Experimental.
CodeBuildDefaults *CodeBuildOptions `field:"optional" json:"codeBuildDefaults" yaml:"codeBuildDefaults"`
// An existing Pipeline to be reused and built upon.
//
// [disable-awslint:ref-via-interface].
// Experimental.
CodePipeline awscodepipeline.Pipeline `field:"optional" json:"codePipeline" yaml:"codePipeline"`
// Create KMS keys for the artifact buckets, allowing cross-account deployments.
//
// The artifact buckets have to be encrypted to support deploying CDK apps to
// another account, so if you want to do that or want to have your artifact
// buckets encrypted, be sure to set this value to `true`.
//
// Be aware there is a cost associated with maintaining the KMS keys.
// Experimental.
CrossAccountKeys *bool `field:"optional" json:"crossAccountKeys" yaml:"crossAccountKeys"`
// A list of credentials used to authenticate to Docker registries.
//
// Specify any credentials necessary within the pipeline to build, synth, update, or publish assets.
// Experimental.
DockerCredentials *[]DockerCredential `field:"optional" json:"dockerCredentials" yaml:"dockerCredentials"`
// Enable Docker for the self-mutate step.
//
// Set this to true if the pipeline itself uses Docker container assets
// (for example, if you use `LinuxBuildImage.fromAsset()` as the build
// image of a CodeBuild step in the pipeline).
//
// You do not need to set it if you build Docker image assets in the
// application Stages and Stacks that are *deployed* by this pipeline.
//
// Configures privileged mode for the self-mutation CodeBuild action.
//
// If you are about to turn this on in an already-deployed Pipeline,
// set the value to `true` first, commit and allow the pipeline to
// self-update, and only then use the Docker asset in the pipeline.
// Experimental.
DockerEnabledForSelfMutation *bool `field:"optional" json:"dockerEnabledForSelfMutation" yaml:"dockerEnabledForSelfMutation"`
// Enable Docker for the 'synth' step.
//
// Set this to true if you are using file assets that require
// "bundling" anywhere in your application (meaning an asset
// compilation step will be run with the tools provided by
// a Docker image), both for the Pipeline stack as well as the
// application stacks.
//
// A common way to use bundling assets in your application is by
// using the `@aws-cdk/aws-lambda-nodejs` library.
//
// Configures privileged mode for the synth CodeBuild action.
//
// If you are about to turn this on in an already-deployed Pipeline,
// set the value to `true` first, commit and allow the pipeline to
// self-update, and only then use the bundled asset.
// Experimental.
DockerEnabledForSynth *bool `field:"optional" json:"dockerEnabledForSynth" yaml:"dockerEnabledForSynth"`
// The name of the CodePipeline pipeline.
// Experimental.
PipelineName *string `field:"optional" json:"pipelineName" yaml:"pipelineName"`
// Publish assets in multiple CodeBuild projects.
//
// If set to false, use one Project per type to publish all assets.
//
// Publishing in parallel improves concurrency and may reduce publishing
// latency, but may also increase overall provisioning time of the CodeBuild
// projects.
//
// Experiment and see what value works best for you.
// Experimental.
PublishAssetsInParallel *bool `field:"optional" json:"publishAssetsInParallel" yaml:"publishAssetsInParallel"`
// Reuse the same cross region support stack for all pipelines in the App.
// Experimental.
ReuseCrossRegionSupportStacks *bool `field:"optional" json:"reuseCrossRegionSupportStacks" yaml:"reuseCrossRegionSupportStacks"`
// Whether the pipeline will update itself.
//
// This needs to be set to `true` to allow the pipeline to reconfigure
// itself when assets or stages are being added to it, and `true` is the
// recommended setting.
//
// You can temporarily set this to `false` while you are iterating
// on the pipeline itself and prefer to deploy changes using `cdk deploy`.
// Experimental.
SelfMutation *bool `field:"optional" json:"selfMutation" yaml:"selfMutation"`
// Additional customizations to apply to the self mutation CodeBuild projects.
// Experimental.
SelfMutationCodeBuildDefaults *CodeBuildOptions `field:"optional" json:"selfMutationCodeBuildDefaults" yaml:"selfMutationCodeBuildDefaults"`
// Additional customizations to apply to the synthesize CodeBuild projects.
// Experimental.
SynthCodeBuildDefaults *CodeBuildOptions `field:"optional" json:"synthCodeBuildDefaults" yaml:"synthCodeBuildDefaults"`
}
Properties for a `CodePipeline`.
Example:
// Modern API
modernPipeline := pipelines.NewCodePipeline(this, jsii.String("Pipeline"), &codePipelineProps{
selfMutation: jsii.Boolean(false),
synth: pipelines.NewShellStep(jsii.String("Synth"), &shellStepProps{
input: pipelines.codePipelineSource.connection(jsii.String("my-org/my-app"), jsii.String("main"), &connectionSourceOptions{
connectionArn: jsii.String("arn:aws:codestar-connections:us-east-1:222222222222:connection/7d2469ff-514a-4e4f-9003-5ca4a43cdc41"),
}),
commands: []*string{
jsii.String("npm ci"),
jsii.String("npm run build"),
jsii.String("npx cdk synth"),
},
}),
})
// Original API
cloudAssemblyArtifact := codepipeline.NewArtifact()
originalPipeline := pipelines.NewCdkPipeline(this, jsii.String("Pipeline"), &cdkPipelineProps{
selfMutating: jsii.Boolean(false),
cloudAssemblyArtifact: cloudAssemblyArtifact,
})
Experimental.
type CodePipelineSource ¶
type CodePipelineSource interface {
Step
ICodePipelineActionFactory
// Return the steps this step depends on, based on the FileSets it requires.
// Experimental.
Dependencies() *[]Step
// The list of FileSets consumed by this Step.
// Experimental.
DependencyFileSets() *[]FileSet
// Identifier for this step.
// Experimental.
Id() *string
// Whether or not this is a Source step.
//
// What it means to be a Source step depends on the engine.
// Experimental.
IsSource() *bool
// The primary FileSet produced by this Step.
//
// Not all steps produce an output FileSet--if they do
// you can substitute the `Step` object for the `FileSet` object.
// Experimental.
PrimaryOutput() FileSet
// Add an additional FileSet to the set of file sets required by this step.
//
// This will lead to a dependency on the producer of that file set.
// Experimental.
AddDependencyFileSet(fs FileSet)
// Add a dependency on another step.
// Experimental.
AddStepDependency(step Step)
// Configure the given FileSet as the primary output of this step.
// Experimental.
ConfigurePrimaryOutput(fs FileSet)
// Crawl the given structure for references to StepOutputs and add dependencies on all steps found.
//
// Should be called in the constructor of subclasses based on what the user
// passes in as construction properties. The format of the structure passed in
// here does not have to correspond exactly to what gets rendered into the
// engine, it just needs to contain the same data.
// Experimental.
DiscoverReferencedOutputs(structure interface{})
// Experimental.
GetAction(output awscodepipeline.Artifact, actionName *string, runOrder *float64, variablesNamespace *string) awscodepipelineactions.Action
// Create the desired Action and add it to the pipeline.
// Experimental.
ProduceAction(stage awscodepipeline.IStage, options *ProduceActionOptions) *CodePipelineActionFactoryResult
// Return an attribute of the current source revision.
//
// These values can be passed into the environment variables of pipeline steps,
// so your steps can access information about the source revision.
//
// Pipeline synth step has some source attributes predefined in the environment.
// If these suffice, you don't need to use this method for the synth step.
//
// Example:
// // Access the CommitId of a GitHub source in the synth
// source := pipelines.codePipelineSource.gitHub(jsii.String("owner/repo"), jsii.String("main"))
//
// pipeline := pipelines.NewCodePipeline(*scope, jsii.String("MyPipeline"), &codePipelineProps{
// synth: pipelines.NewShellStep(jsii.String("Synth"), &shellStepProps{
// input: source,
// commands: []*string{
// },
// env: map[string]*string{
// "COMMIT_ID": source.sourceAttribute(jsii.String("CommitId")),
// },
// }),
// })
//
// See: https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-variables.html#reference-variables-list
//
// Experimental.
SourceAttribute(name *string) *string
// Return a string representation of this Step.
// Experimental.
ToString() *string
}
Factory for CodePipeline source steps.
This class contains a number of factory methods for the different types of sources that CodePipeline supports.
Example:
// Access the CommitId of a GitHub source in the synth
source := pipelines.codePipelineSource.gitHub(jsii.String("owner/repo"), jsii.String("main"))
pipeline := pipelines.NewCodePipeline(*scope, jsii.String("MyPipeline"), &codePipelineProps{
synth: pipelines.NewShellStep(jsii.String("Synth"), &shellStepProps{
input: source,
commands: []*string{
},
env: map[string]*string{
"COMMIT_ID": source.sourceAttribute(jsii.String("CommitId")),
},
}),
})
Experimental.
func CodePipelineSource_CodeCommit ¶
func CodePipelineSource_CodeCommit(repository awscodecommit.IRepository, branch *string, props *CodeCommitSourceOptions) CodePipelineSource
Returns a CodeCommit source.
If you need access to symlinks or the repository history, be sure to set `codeBuildCloneOutput`.
Example:
var repository iRepository
pipelines.codePipelineSource.codeCommit(repository, jsii.String("main"))
Experimental.
func CodePipelineSource_Connection ¶
func CodePipelineSource_Connection(repoString *string, branch *string, props *ConnectionSourceOptions) CodePipelineSource
Returns a CodeStar connection source.
A CodeStar connection allows AWS CodePipeline to access external resources, such as repositories in GitHub, GitHub Enterprise or BitBucket.
To use this method, you first need to create a CodeStar connection using the AWS console. In the process, you may have to sign in to the external provider -- GitHub, for example -- to authorize AWS to read and modify your repository. Once you have done this, copy the connection ARN and use it to create the source.
Example:
```ts
pipelines.CodePipelineSource.connection('owner/repo', 'main', {
connectionArn: 'arn:aws:codestar-connections:us-east-1:222222222222:connection/7d2469ff-514a-4e4f-9003-5ca4a43cdc41', // Created using the AWS console
});
```
If you need access to symlinks or the repository history, be sure to set `codeBuildCloneOutput`. See: https://docs.aws.amazon.com/dtconsole/latest/userguide/welcome-connections.html
Experimental.
func CodePipelineSource_Ecr ¶
func CodePipelineSource_Ecr(repository awsecr.IRepository, props *ECRSourceOptions) CodePipelineSource
Returns an ECR source.
Example:
var repository iRepository
pipelines.codePipelineSource.ecr(repository, &eCRSourceOptions{
imageTag: jsii.String("latest"),
})
Experimental.
func CodePipelineSource_GitHub ¶
func CodePipelineSource_GitHub(repoString *string, branch *string, props *GitHubSourceOptions) CodePipelineSource
Returns a GitHub source, using OAuth tokens to authenticate with GitHub and a separate webhook to detect changes.
This is no longer the recommended method. Please consider using `connection()` instead.
Pass in the owner and repository in a single string, like this:
```ts pipelines.CodePipelineSource.gitHub('owner/repo', 'main'); ```
Authentication will be done by a secret called `github-token` in AWS Secrets Manager (unless specified otherwise).
The token should have these permissions:
* **repo** - to read the repository * **admin:repo_hook** - if you plan to use webhooks (true by default)
If you need access to symlinks or the repository history, use a source of type `connection` instead. Experimental.
func CodePipelineSource_S3 ¶
func CodePipelineSource_S3(bucket awss3.IBucket, objectKey *string, props *S3SourceOptions) CodePipelineSource
Returns an S3 source.
Example:
var bucket bucket
pipelines.codePipelineSource.s3(bucket, jsii.String("path/to/file.zip"))
Experimental.
type ConfirmPermissionsBroadening ¶
type ConfirmPermissionsBroadening interface {
Step
ICodePipelineActionFactory
// Return the steps this step depends on, based on the FileSets it requires.
// Experimental.
Dependencies() *[]Step
// The list of FileSets consumed by this Step.
// Experimental.
DependencyFileSets() *[]FileSet
// Identifier for this step.
// Experimental.
Id() *string
// Whether or not this is a Source step.
//
// What it means to be a Source step depends on the engine.
// Experimental.
IsSource() *bool
// The primary FileSet produced by this Step.
//
// Not all steps produce an output FileSet--if they do
// you can substitute the `Step` object for the `FileSet` object.
// Experimental.
PrimaryOutput() FileSet
// Add an additional FileSet to the set of file sets required by this step.
//
// This will lead to a dependency on the producer of that file set.
// Experimental.
AddDependencyFileSet(fs FileSet)
// Add a dependency on another step.
// Experimental.
AddStepDependency(step Step)
// Configure the given FileSet as the primary output of this step.
// Experimental.
ConfigurePrimaryOutput(fs FileSet)
// Crawl the given structure for references to StepOutputs and add dependencies on all steps found.
//
// Should be called in the constructor of subclasses based on what the user
// passes in as construction properties. The format of the structure passed in
// here does not have to correspond exactly to what gets rendered into the
// engine, it just needs to contain the same data.
// Experimental.
DiscoverReferencedOutputs(structure interface{})
// Create the desired Action and add it to the pipeline.
// Experimental.
ProduceAction(stage awscodepipeline.IStage, options *ProduceActionOptions) *CodePipelineActionFactoryResult
// Return a string representation of this Step.
// Experimental.
ToString() *string
}
Pause the pipeline if a deployment would add IAM permissions or Security Group rules.
This step is only supported in CodePipeline pipelines.
Example:
var pipeline codePipeline
stage := NewMyApplicationStage(this, jsii.String("MyApplication"))
pipeline.addStage(stage, &addStageOpts{
pre: []step{
pipelines.NewConfirmPermissionsBroadening(jsii.String("Check"), &permissionsBroadeningCheckProps{
stage: stage,
}),
},
})
Experimental.
func NewConfirmPermissionsBroadening ¶
func NewConfirmPermissionsBroadening(id *string, props *PermissionsBroadeningCheckProps) ConfirmPermissionsBroadening
Experimental.
type ConnectionSourceOptions ¶
type ConnectionSourceOptions struct {
// The ARN of the CodeStar Connection created in the AWS console that has permissions to access this GitHub or BitBucket repository.
//
// Example:
// "arn:aws:codestar-connections:us-east-1:123456789012:connection/12345678-abcd-12ab-34cdef5678gh"
//
// See: https://docs.aws.amazon.com/codepipeline/latest/userguide/connections-create.html
//
// Experimental.
ConnectionArn *string `field:"required" json:"connectionArn" yaml:"connectionArn"`
// If this is set, the next CodeBuild job clones the repository (instead of CodePipeline downloading the files).
//
// This provides access to repository history, and retains symlinks (symlinks would otherwise be
// removed by CodePipeline).
//
// **Note**: if this option is true, only CodeBuild jobs can use the output artifact.
// See: https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference-CodestarConnectionSource.html#action-reference-CodestarConnectionSource-config
//
// Experimental.
CodeBuildCloneOutput *bool `field:"optional" json:"codeBuildCloneOutput" yaml:"codeBuildCloneOutput"`
// Controls automatically starting your pipeline when a new commit is made on the configured repository and branch.
//
// If unspecified,
// the default value is true, and the field does not display by default.
// See: https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference-CodestarConnectionSource.html
//
// Experimental.
TriggerOnPush *bool `field:"optional" json:"triggerOnPush" yaml:"triggerOnPush"`
}
Configuration options for CodeStar source.
Example:
pipeline := pipelines.NewCodePipeline(this, jsii.String("Pipeline"), &codePipelineProps{
synth: pipelines.NewShellStep(jsii.String("Synth"), &shellStepProps{
input: pipelines.codePipelineSource.connection(jsii.String("my-org/my-app"), jsii.String("main"), &connectionSourceOptions{
connectionArn: jsii.String("arn:aws:codestar-connections:us-east-1:222222222222:connection/7d2469ff-514a-4e4f-9003-5ca4a43cdc41"),
}),
commands: []*string{
jsii.String("npm ci"),
jsii.String("npm run build"),
jsii.String("npx cdk synth"),
},
}),
// Turn this on because the pipeline uses Docker image assets
dockerEnabledForSelfMutation: jsii.Boolean(true),
})
pipeline.addWave(jsii.String("MyWave"), &waveOptions{
post: []step{
pipelines.NewCodeBuildStep(jsii.String("RunApproval"), &codeBuildStepProps{
commands: []*string{
jsii.String("command-from-image"),
},
buildEnvironment: &buildEnvironment{
// The user of a Docker image asset in the pipeline requires turning on
// 'dockerEnabledForSelfMutation'.
buildImage: codebuild.linuxBuildImage.fromAsset(this, jsii.String("Image"), &dockerImageAssetProps{
directory: jsii.String("./docker-image"),
}),
},
}),
},
})
Experimental.
type DeployCdkStackAction
deprecated
type DeployCdkStackAction interface {
awscodepipeline.IAction
// Exists to implement IAction.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ActionProperties() *awscodepipeline.ActionProperties
// Artifact ids of the artifact this stack artifact depends on.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
DependencyStackArtifactIds() *[]*string
// The runorder for the execute action.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ExecuteRunOrder() *float64
// The runorder for the prepare action.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
PrepareRunOrder() *float64
// Artifact id of the artifact this action was based on.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
StackArtifactId() *string
// Name of the deployed stack.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
StackName() *string
// Exists to implement IAction.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Bind(scope awscdk.Construct, stage awscodepipeline.IStage, options *awscodepipeline.ActionBindOptions) *awscodepipeline.ActionConfig
// Exists to implement IAction.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
OnStateChange(name *string, target awsevents.IRuleTarget, options *awsevents.RuleProps) awsevents.Rule
}
Action to deploy a CDK Stack.
Adds two CodePipeline Actions to the pipeline: one to create a ChangeSet and one to execute it.
You do not need to instantiate this action yourself -- it will automatically be added by the pipeline when you add stack artifacts or entire stages.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var artifact artifact
var role role
deployCdkStackAction := awscdk.Pipelines.NewDeployCdkStackAction(&deployCdkStackActionProps{
actionRole: role,
cloudAssemblyInput: artifact,
stackName: jsii.String("stackName"),
templatePath: jsii.String("templatePath"),
// the properties below are optional
baseActionName: jsii.String("baseActionName"),
changeSetName: jsii.String("changeSetName"),
cloudFormationExecutionRole: role,
dependencyStackArtifactIds: []*string{
jsii.String("dependencyStackArtifactIds"),
},
executeRunOrder: jsii.Number(123),
output: artifact,
outputFileName: jsii.String("outputFileName"),
prepareRunOrder: jsii.Number(123),
region: jsii.String("region"),
stackArtifactId: jsii.String("stackArtifactId"),
templateConfigurationPath: jsii.String("templateConfigurationPath"),
})
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
func DeployCdkStackAction_FromStackArtifact ¶
func DeployCdkStackAction_FromStackArtifact(scope constructs.Construct, artifact cxapi.CloudFormationStackArtifact, options *CdkStackActionFromArtifactOptions) DeployCdkStackAction
Construct a DeployCdkStackAction from a Stack artifact. Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
func NewDeployCdkStackAction
deprecated
func NewDeployCdkStackAction(props *DeployCdkStackActionProps) DeployCdkStackAction
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
type DeployCdkStackActionOptions
deprecated
type DeployCdkStackActionOptions struct {
// The CodePipeline artifact that holds the Cloud Assembly.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
CloudAssemblyInput awscodepipeline.Artifact `field:"required" json:"cloudAssemblyInput" yaml:"cloudAssemblyInput"`
// Base name of the action.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
BaseActionName *string `field:"optional" json:"baseActionName" yaml:"baseActionName"`
// Name of the change set to create and deploy.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ChangeSetName *string `field:"optional" json:"changeSetName" yaml:"changeSetName"`
// Run order for the Execute action.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ExecuteRunOrder *float64 `field:"optional" json:"executeRunOrder" yaml:"executeRunOrder"`
// Artifact to write Stack Outputs to.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Output awscodepipeline.Artifact `field:"optional" json:"output" yaml:"output"`
// Filename in output to write Stack outputs to.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
OutputFileName *string `field:"optional" json:"outputFileName" yaml:"outputFileName"`
// Run order for the Prepare action.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
PrepareRunOrder *float64 `field:"optional" json:"prepareRunOrder" yaml:"prepareRunOrder"`
}
Customization options for a DeployCdkStackAction.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var artifact artifact
deployCdkStackActionOptions := &deployCdkStackActionOptions{
cloudAssemblyInput: artifact,
// the properties below are optional
baseActionName: jsii.String("baseActionName"),
changeSetName: jsii.String("changeSetName"),
executeRunOrder: jsii.Number(123),
output: artifact,
outputFileName: jsii.String("outputFileName"),
prepareRunOrder: jsii.Number(123),
}
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
type DeployCdkStackActionProps
deprecated
type DeployCdkStackActionProps struct {
// The CodePipeline artifact that holds the Cloud Assembly.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
CloudAssemblyInput awscodepipeline.Artifact `field:"required" json:"cloudAssemblyInput" yaml:"cloudAssemblyInput"`
// Base name of the action.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
BaseActionName *string `field:"optional" json:"baseActionName" yaml:"baseActionName"`
// Name of the change set to create and deploy.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ChangeSetName *string `field:"optional" json:"changeSetName" yaml:"changeSetName"`
// Run order for the Execute action.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ExecuteRunOrder *float64 `field:"optional" json:"executeRunOrder" yaml:"executeRunOrder"`
// Artifact to write Stack Outputs to.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Output awscodepipeline.Artifact `field:"optional" json:"output" yaml:"output"`
// Filename in output to write Stack outputs to.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
OutputFileName *string `field:"optional" json:"outputFileName" yaml:"outputFileName"`
// Run order for the Prepare action.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
PrepareRunOrder *float64 `field:"optional" json:"prepareRunOrder" yaml:"prepareRunOrder"`
// Role for the action to assume.
//
// This controls the account to deploy into.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ActionRole awsiam.IRole `field:"required" json:"actionRole" yaml:"actionRole"`
// The name of the stack that should be created/updated.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
StackName *string `field:"required" json:"stackName" yaml:"stackName"`
// Relative path of template in the input artifact.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
TemplatePath *string `field:"required" json:"templatePath" yaml:"templatePath"`
// Role to execute CloudFormation under.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
CloudFormationExecutionRole awsiam.IRole `field:"optional" json:"cloudFormationExecutionRole" yaml:"cloudFormationExecutionRole"`
// Artifact ID for the stacks this stack depends on.
//
// Used for pipeline order checking.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
DependencyStackArtifactIds *[]*string `field:"optional" json:"dependencyStackArtifactIds" yaml:"dependencyStackArtifactIds"`
// Region to deploy into.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Region *string `field:"optional" json:"region" yaml:"region"`
// Artifact ID for the stack deployed here.
//
// Used for pipeline order checking.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
StackArtifactId *string `field:"optional" json:"stackArtifactId" yaml:"stackArtifactId"`
// Template configuration path relative to the input artifact.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
TemplateConfigurationPath *string `field:"optional" json:"templateConfigurationPath" yaml:"templateConfigurationPath"`
}
Properties for a DeployCdkStackAction.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var artifact artifact
var role role
deployCdkStackActionProps := &deployCdkStackActionProps{
actionRole: role,
cloudAssemblyInput: artifact,
stackName: jsii.String("stackName"),
templatePath: jsii.String("templatePath"),
// the properties below are optional
baseActionName: jsii.String("baseActionName"),
changeSetName: jsii.String("changeSetName"),
cloudFormationExecutionRole: role,
dependencyStackArtifactIds: []*string{
jsii.String("dependencyStackArtifactIds"),
},
executeRunOrder: jsii.Number(123),
output: artifact,
outputFileName: jsii.String("outputFileName"),
prepareRunOrder: jsii.Number(123),
region: jsii.String("region"),
stackArtifactId: jsii.String("stackArtifactId"),
templateConfigurationPath: jsii.String("templateConfigurationPath"),
}
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
type DockerCredential ¶
type DockerCredential interface {
// Experimental.
Usages() *[]DockerCredentialUsage
// Grant read-only access to the registry credentials.
//
// This grants read access to any secrets, and pull access to any repositories.
// Experimental.
GrantRead(grantee awsiam.IGrantable, usage DockerCredentialUsage)
}
Represents credentials used to access a Docker registry.
Example:
dockerHubSecret := secretsmanager.secret.fromSecretCompleteArn(this, jsii.String("DHSecret"), jsii.String("arn:aws:..."))
customRegSecret := secretsmanager.secret.fromSecretCompleteArn(this, jsii.String("CRSecret"), jsii.String("arn:aws:..."))
repo1 := ecr.repository.fromRepositoryArn(this, jsii.String("Repo"), jsii.String("arn:aws:ecr:eu-west-1:0123456789012:repository/Repo1"))
repo2 := ecr.repository.fromRepositoryArn(this, jsii.String("Repo"), jsii.String("arn:aws:ecr:eu-west-1:0123456789012:repository/Repo2"))
pipeline := pipelines.NewCodePipeline(this, jsii.String("Pipeline"), &codePipelineProps{
dockerCredentials: []dockerCredential{
pipelines.*dockerCredential.dockerHub(dockerHubSecret),
pipelines.*dockerCredential.customRegistry(jsii.String("dockerregistry.example.com"), customRegSecret),
pipelines.*dockerCredential.ecr([]iRepository{
repo1,
repo2,
}),
},
synth: pipelines.NewShellStep(jsii.String("Synth"), &shellStepProps{
input: pipelines.codePipelineSource.connection(jsii.String("my-org/my-app"), jsii.String("main"), &connectionSourceOptions{
connectionArn: jsii.String("arn:aws:codestar-connections:us-east-1:222222222222:connection/7d2469ff-514a-4e4f-9003-5ca4a43cdc41"),
}),
commands: []*string{
jsii.String("npm ci"),
jsii.String("npm run build"),
jsii.String("npx cdk synth"),
},
}),
})
Experimental.
func DockerCredential_CustomRegistry ¶
func DockerCredential_CustomRegistry(registryDomain *string, secret awssecretsmanager.ISecret, opts *ExternalDockerCredentialOptions) DockerCredential
Creates a DockerCredential for a registry, based on its domain name (e.g., 'www.example.com'). Experimental.
func DockerCredential_DockerHub ¶
func DockerCredential_DockerHub(secret awssecretsmanager.ISecret, opts *ExternalDockerCredentialOptions) DockerCredential
Creates a DockerCredential for DockerHub.
Convenience method for `customRegistry('https://index.docker.io/v1/', opts)`. Experimental.
func DockerCredential_Ecr ¶
func DockerCredential_Ecr(repositories *[]awsecr.IRepository, opts *EcrDockerCredentialOptions) DockerCredential
Creates a DockerCredential for one or more ECR repositories.
NOTE - All ECR repositories in the same account and region share a domain name (e.g., 0123456789012.dkr.ecr.eu-west-1.amazonaws.com), and can only have one associated set of credentials (and DockerCredential). Attempting to associate one set of credentials with one ECR repo and another with another ECR repo in the same account and region will result in failures when using these credentials in the pipeline. Experimental.
type DockerCredentialUsage ¶
type DockerCredentialUsage string
Defines which stages of a pipeline require the specified credentials.
Example:
dockerHubSecret := secretsmanager.secret.fromSecretCompleteArn(this, jsii.String("DHSecret"), jsii.String("arn:aws:..."))
// Only the image asset publishing actions will be granted read access to the secret.
creds := pipelines.dockerCredential.dockerHub(dockerHubSecret, &externalDockerCredentialOptions{
usages: []dockerCredentialUsage{
pipelines.*dockerCredentialUsage_ASSET_PUBLISHING,
},
})
Experimental.
const ( // Synth/Build. // Experimental. DockerCredentialUsage_SYNTH DockerCredentialUsage = "SYNTH" // Self-update. // Experimental. DockerCredentialUsage_SELF_UPDATE DockerCredentialUsage = "SELF_UPDATE" // Asset publishing. // Experimental. DockerCredentialUsage_ASSET_PUBLISHING DockerCredentialUsage = "ASSET_PUBLISHING" )
type ECRSourceOptions ¶
type ECRSourceOptions struct {
// The action name used for this source in the CodePipeline.
// Experimental.
ActionName *string `field:"optional" json:"actionName" yaml:"actionName"`
// The image tag that will be checked for changes.
// Experimental.
ImageTag *string `field:"optional" json:"imageTag" yaml:"imageTag"`
}
Options for ECR sources.
Example:
var repository iRepository
pipelines.codePipelineSource.ecr(repository, &eCRSourceOptions{
imageTag: jsii.String("latest"),
})
Experimental.
type EcrDockerCredentialOptions ¶
type EcrDockerCredentialOptions struct {
// An IAM role to assume prior to accessing the secret.
// Experimental.
AssumeRole awsiam.IRole `field:"optional" json:"assumeRole" yaml:"assumeRole"`
// Defines which stages of the pipeline should be granted access to these credentials.
// Experimental.
Usages *[]DockerCredentialUsage `field:"optional" json:"usages" yaml:"usages"`
}
Options for defining access for a Docker Credential composed of ECR repos.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var role role
ecrDockerCredentialOptions := &ecrDockerCredentialOptions{
assumeRole: role,
usages: []dockerCredentialUsage{
awscdk.Pipelines.*dockerCredentialUsage_SYNTH,
},
}
Experimental.
type ExternalDockerCredentialOptions ¶
type ExternalDockerCredentialOptions struct {
// An IAM role to assume prior to accessing the secret.
// Experimental.
AssumeRole awsiam.IRole `field:"optional" json:"assumeRole" yaml:"assumeRole"`
// The name of the JSON field of the secret which contains the secret/password.
// Experimental.
SecretPasswordField *string `field:"optional" json:"secretPasswordField" yaml:"secretPasswordField"`
// The name of the JSON field of the secret which contains the user/login name.
// Experimental.
SecretUsernameField *string `field:"optional" json:"secretUsernameField" yaml:"secretUsernameField"`
// Defines which stages of the pipeline should be granted access to these credentials.
// Experimental.
Usages *[]DockerCredentialUsage `field:"optional" json:"usages" yaml:"usages"`
}
Options for defining credentials for a Docker Credential.
Example:
dockerHubSecret := secretsmanager.secret.fromSecretCompleteArn(this, jsii.String("DHSecret"), jsii.String("arn:aws:..."))
// Only the image asset publishing actions will be granted read access to the secret.
creds := pipelines.dockerCredential.dockerHub(dockerHubSecret, &externalDockerCredentialOptions{
usages: []dockerCredentialUsage{
pipelines.*dockerCredentialUsage_ASSET_PUBLISHING,
},
})
Experimental.
type FileSet ¶
type FileSet interface {
IFileSetProducer
// Human-readable descriptor for this file set (does not need to be unique).
// Experimental.
Id() *string
// The primary output of a file set producer.
//
// The primary output of a FileSet is itself.
// Experimental.
PrimaryOutput() FileSet
// The Step that produces this FileSet.
// Experimental.
Producer() Step
// Mark the given Step as the producer for this FileSet.
//
// This method can only be called once.
// Experimental.
ProducedBy(producer Step)
// Return a string representation of this FileSet.
// Experimental.
ToString() *string
}
A set of files traveling through the deployment pipeline.
Individual steps in the pipeline produce or consume `FileSet`s.
Example:
type myJenkinsStep struct {
step
}
func newMyJenkinsStep(provider jenkinsProvider, input fileSet) *myJenkinsStep {
this := &myJenkinsStep{}
pipelines.NewStep_Override(this, jsii.String("MyJenkinsStep"))
// This is necessary if your step accepts parametres, like environment variables,
// that may contain outputs from other steps. It doesn't matter what the
// structure is, as long as it contains the values that may contain outputs.
this.discoverReferencedOutputs(map[string]map[string]interface{}{
"env": map[string]interface{}{
},
})
return this
}
func (this *myJenkinsStep) produceAction(stage iStage, options produceActionOptions) codePipelineActionFactoryResult {
// This is where you control what type of Action gets added to the
// CodePipeline
*stage.addAction(cpactions.NewJenkinsAction(&jenkinsActionProps{
// Copy 'actionName' and 'runOrder' from the options
actionName: options.actionName,
runOrder: options.runOrder,
// Jenkins-specific configuration
type: cpactions.jenkinsActionType_TEST,
jenkinsProvider: this.provider,
projectName: jsii.String("MyJenkinsProject"),
// Translate the FileSet into a codepipeline.Artifact
inputs: []artifact{
options.artifacts.toCodePipeline(this.input),
},
}))
return &codePipelineActionFactoryResult{
runOrdersConsumed: jsii.Number(1),
}
}
Experimental.
type FileSetLocation ¶
type FileSetLocation struct {
// The (relative) directory where the FileSet is found.
// Experimental.
Directory *string `field:"required" json:"directory" yaml:"directory"`
// The FileSet object.
// Experimental.
FileSet FileSet `field:"required" json:"fileSet" yaml:"fileSet"`
}
Location of a FileSet consumed or produced by a ShellStep.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
var fileSet fileSet
fileSetLocation := &fileSetLocation{
directory: jsii.String("directory"),
fileSet: fileSet,
}
Experimental.
type FromStackArtifactOptions
deprecated
type FromStackArtifactOptions struct {
// The CodePipeline artifact that holds the Cloud Assembly.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
CloudAssemblyInput awscodepipeline.Artifact `field:"required" json:"cloudAssemblyInput" yaml:"cloudAssemblyInput"`
// Run order for the Execute action.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ExecuteRunOrder *float64 `field:"optional" json:"executeRunOrder" yaml:"executeRunOrder"`
// Artifact to write Stack Outputs to.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Output awscodepipeline.Artifact `field:"optional" json:"output" yaml:"output"`
// Filename in output to write Stack outputs to.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
OutputFileName *string `field:"optional" json:"outputFileName" yaml:"outputFileName"`
// Run order for the 2 actions that will be created.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
PrepareRunOrder *float64 `field:"optional" json:"prepareRunOrder" yaml:"prepareRunOrder"`
}
Options for CdkDeployAction.fromStackArtifact.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var artifact artifact
fromStackArtifactOptions := &fromStackArtifactOptions{
cloudAssemblyInput: artifact,
// the properties below are optional
executeRunOrder: jsii.Number(123),
output: artifact,
outputFileName: jsii.String("outputFileName"),
prepareRunOrder: jsii.Number(123),
}
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
type GitHubSourceOptions ¶
type GitHubSourceOptions struct {
// A GitHub OAuth token to use for authentication.
//
// It is recommended to use a Secrets Manager `Secret` to obtain the token:
//
// “`ts
// const oauth = cdk.SecretValue.secretsManager('my-github-token');
// “`
//
// The GitHub Personal Access Token should have these scopes:
//
// * **repo** - to read the repository
// * **admin:repo_hook** - if you plan to use webhooks (true by default).
// See: https://docs.aws.amazon.com/codepipeline/latest/userguide/GitHub-create-personal-token-CLI.html
//
// Experimental.
Authentication awscdk.SecretValue `field:"optional" json:"authentication" yaml:"authentication"`
// How AWS CodePipeline should be triggered.
//
// With the default value "WEBHOOK", a webhook is created in GitHub that triggers the action.
// With "POLL", CodePipeline periodically checks the source for changes.
// With "None", the action is not triggered through changes in the source.
//
// To use `WEBHOOK`, your GitHub Personal Access Token should have
// **admin:repo_hook** scope (in addition to the regular **repo** scope).
// Experimental.
Trigger awscodepipelineactions.GitHubTrigger `field:"optional" json:"trigger" yaml:"trigger"`
}
Options for GitHub sources.
Example:
pipelines.codePipelineSource.gitHub(jsii.String("org/repo"), jsii.String("branch"), &gitHubSourceOptions{
// This is optional
authentication: cdk.secretValue.secretsManager(jsii.String("my-token")),
})
Experimental.
type ICodePipelineActionFactory ¶
type ICodePipelineActionFactory interface {
// Create the desired Action and add it to the pipeline.
// Experimental.
ProduceAction(stage awscodepipeline.IStage, options *ProduceActionOptions) *CodePipelineActionFactoryResult
}
Factory for explicit CodePipeline Actions.
If you have specific types of Actions you want to add to a CodePipeline, write a subclass of `Step` that implements this interface, and add the action or actions you want in the `produce` method.
There needs to be a level of indirection here, because some aspects of the Action creation need to be controlled by the workflow engine (name and runOrder). All the rest of the properties are controlled by the factory. Experimental.
type IFileSetProducer ¶
type IFileSetProducer interface {
// The `FileSet` produced by this file set producer.
// Experimental.
PrimaryOutput() FileSet
}
Any class that produces, or is itself, a `FileSet`.
Steps implicitly produce a primary FileSet as an output. Experimental.
type IStageHost ¶
type IStageHost interface {
// Make sure all the assets from the given manifest are published.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
PublishAsset(command *AssetPublishingCommand)
// Return the Artifact the given stack has to emit its outputs into, if any.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
StackOutputArtifact(stackArtifactId *string) awscodepipeline.Artifact
}
Features that the Stage needs from its environment. Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
type ManualApprovalStep ¶
type ManualApprovalStep interface {
Step
// The comment associated with this manual approval.
// Experimental.
Comment() *string
// Return the steps this step depends on, based on the FileSets it requires.
// Experimental.
Dependencies() *[]Step
// The list of FileSets consumed by this Step.
// Experimental.
DependencyFileSets() *[]FileSet
// Identifier for this step.
// Experimental.
Id() *string
// Whether or not this is a Source step.
//
// What it means to be a Source step depends on the engine.
// Experimental.
IsSource() *bool
// The primary FileSet produced by this Step.
//
// Not all steps produce an output FileSet--if they do
// you can substitute the `Step` object for the `FileSet` object.
// Experimental.
PrimaryOutput() FileSet
// Add an additional FileSet to the set of file sets required by this step.
//
// This will lead to a dependency on the producer of that file set.
// Experimental.
AddDependencyFileSet(fs FileSet)
// Add a dependency on another step.
// Experimental.
AddStepDependency(step Step)
// Configure the given FileSet as the primary output of this step.
// Experimental.
ConfigurePrimaryOutput(fs FileSet)
// Crawl the given structure for references to StepOutputs and add dependencies on all steps found.
//
// Should be called in the constructor of subclasses based on what the user
// passes in as construction properties. The format of the structure passed in
// here does not have to correspond exactly to what gets rendered into the
// engine, it just needs to contain the same data.
// Experimental.
DiscoverReferencedOutputs(structure interface{})
// Return a string representation of this Step.
// Experimental.
ToString() *string
}
A manual approval step.
If this step is added to a Pipeline, the Pipeline will be paused waiting for a human to resume it
Only engines that support pausing the deployment will support this step type.
Example:
var pipeline codePipeline
preprod := NewMyApplicationStage(this, jsii.String("PreProd"))
prod := NewMyApplicationStage(this, jsii.String("Prod"))
pipeline.addStage(preprod, &addStageOpts{
post: []step{
pipelines.NewShellStep(jsii.String("Validate Endpoint"), &shellStepProps{
commands: []*string{
jsii.String("curl -Ssf https://my.webservice.com/"),
},
}),
},
})
pipeline.addStage(prod, &addStageOpts{
pre: []*step{
pipelines.NewManualApprovalStep(jsii.String("PromoteToProd")),
},
})
Experimental.
func NewManualApprovalStep ¶
func NewManualApprovalStep(id *string, props *ManualApprovalStepProps) ManualApprovalStep
Experimental.
type ManualApprovalStepProps ¶
type ManualApprovalStepProps struct {
// The comment to display with this manual approval.
// Experimental.
Comment *string `field:"optional" json:"comment" yaml:"comment"`
}
Construction properties for a `ManualApprovalStep`.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
manualApprovalStepProps := &manualApprovalStepProps{
comment: jsii.String("comment"),
}
Experimental.
type PermissionsBroadeningCheckProps ¶
type PermissionsBroadeningCheckProps struct {
// The CDK Stage object to check the stacks of.
//
// This should be the same Stage object you are passing to `addStage()`.
// Experimental.
Stage awscdk.Stage `field:"required" json:"stage" yaml:"stage"`
// Topic to send notifications when a human needs to give manual confirmation.
// Experimental.
NotificationTopic awssns.ITopic `field:"optional" json:"notificationTopic" yaml:"notificationTopic"`
}
Properties for a `PermissionsBroadeningCheck`.
Example:
var pipeline codePipeline
stage := NewMyApplicationStage(this, jsii.String("MyApplication"))
pipeline.addStage(stage, &addStageOpts{
pre: []step{
pipelines.NewConfirmPermissionsBroadening(jsii.String("Check"), &permissionsBroadeningCheckProps{
stage: stage,
}),
},
})
Experimental.
type PipelineBase ¶
type PipelineBase interface {
awscdk.Construct
// The FileSet tha contains the cloud assembly.
//
// This is the primary output of the synth step.
// Experimental.
CloudAssemblyFileSet() FileSet
// The construct tree node associated with this construct.
// Experimental.
Node() awscdk.ConstructNode
// The build step that produces the CDK Cloud Assembly.
// Experimental.
Synth() IFileSetProducer
// The waves in this pipeline.
// Experimental.
Waves() *[]Wave
// Deploy a single Stage by itself.
//
// Add a Stage to the pipeline, to be deployed in sequence with other
// Stages added to the pipeline. All Stacks in the stage will be deployed
// in an order automatically determined by their relative dependencies.
// Experimental.
AddStage(stage awscdk.Stage, options *AddStageOpts) StageDeployment
// Add a Wave to the pipeline, for deploying multiple Stages in parallel.
//
// Use the return object of this method to deploy multiple stages in parallel.
//
// Example:
//
// “`ts
// declare const pipeline: pipelines.CodePipeline;
//
// const wave = pipeline.addWave('MyWave');
// wave.addStage(new MyApplicationStage(this, 'Stage1'));
// wave.addStage(new MyApplicationStage(this, 'Stage2'));
// “`.
// Experimental.
AddWave(id *string, options *WaveOptions) Wave
// Send the current pipeline definition to the engine, and construct the pipeline.
//
// It is not possible to modify the pipeline after calling this method.
// Experimental.
BuildPipeline()
// Implemented by subclasses to do the actual pipeline construction.
// Experimental.
DoBuildPipeline()
// Perform final modifications before synthesis.
//
// This method can be implemented by derived constructs in order to perform
// final changes before synthesis. prepare() will be called after child
// constructs have been prepared.
//
// This is an advanced framework feature. Only use this if you
// understand the implications.
// Experimental.
OnPrepare()
// Allows this construct to emit artifacts into the cloud assembly during synthesis.
//
// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
// as they participate in synthesizing the cloud assembly.
// Experimental.
OnSynthesize(session constructs.ISynthesisSession)
// Validate the current construct.
//
// This method can be implemented by derived constructs in order to perform
// validation logic. It is called on all constructs before synthesis.
//
// Returns: An array of validation error messages, or an empty array if the construct is valid.
// Experimental.
OnValidate() *[]*string
// Perform final modifications before synthesis.
//
// This method can be implemented by derived constructs in order to perform
// final changes before synthesis. prepare() will be called after child
// constructs have been prepared.
//
// This is an advanced framework feature. Only use this if you
// understand the implications.
// Experimental.
Prepare()
// Allows this construct to emit artifacts into the cloud assembly during synthesis.
//
// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
// as they participate in synthesizing the cloud assembly.
// Experimental.
Synthesize(session awscdk.ISynthesisSession)
// Returns a string representation of this construct.
// Experimental.
ToString() *string
// Validate the current construct.
//
// This method can be implemented by derived constructs in order to perform
// validation logic. It is called on all constructs before synthesis.
//
// Returns: An array of validation error messages, or an empty array if the construct is valid.
// Experimental.
Validate() *[]*string
}
A generic CDK Pipelines pipeline.
Different deployment systems will provide subclasses of `Pipeline` that generate the deployment infrastructure necessary to deploy CDK apps, specific to that system.
This library comes with the `CodePipeline` class, which uses AWS CodePipeline to deploy CDK apps.
The actual pipeline infrastructure is constructed (by invoking the engine) when `buildPipeline()` is called, or when `app.synth()` is called (whichever happens first). Experimental.
type PipelineBaseProps ¶
type PipelineBaseProps struct {
// The build step that produces the CDK Cloud Assembly.
//
// The primary output of this step needs to be the `cdk.out` directory
// generated by the `cdk synth` command.
//
// If you use a `ShellStep` here and you don't configure an output directory,
// the output directory will automatically be assumed to be `cdk.out`.
// Experimental.
Synth IFileSetProducer `field:"required" json:"synth" yaml:"synth"`
}
Properties for a `Pipeline`.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
var fileSetProducer iFileSetProducer
pipelineBaseProps := &pipelineBaseProps{
synth: fileSetProducer,
}
Experimental.
type ProduceActionOptions ¶
type ProduceActionOptions struct {
// Name the action should get.
// Experimental.
ActionName *string `field:"required" json:"actionName" yaml:"actionName"`
// Helper object to translate FileSets to CodePipeline Artifacts.
// Experimental.
Artifacts ArtifactMap `field:"required" json:"artifacts" yaml:"artifacts"`
// The pipeline the action is being generated for.
// Experimental.
Pipeline CodePipeline `field:"required" json:"pipeline" yaml:"pipeline"`
// RunOrder the action should get.
// Experimental.
RunOrder *float64 `field:"required" json:"runOrder" yaml:"runOrder"`
// Scope in which to create constructs.
// Experimental.
Scope constructs.Construct `field:"required" json:"scope" yaml:"scope"`
// Whether or not this action is inserted before self mutation.
//
// If it is, the action should take care to reflect some part of
// its own definition in the pipeline action definition, to
// trigger a restart after self-mutation (if necessary).
// Experimental.
BeforeSelfMutation *bool `field:"optional" json:"beforeSelfMutation" yaml:"beforeSelfMutation"`
// If this action factory creates a CodeBuild step, default options to inherit.
// Experimental.
CodeBuildDefaults *CodeBuildOptions `field:"optional" json:"codeBuildDefaults" yaml:"codeBuildDefaults"`
// An input artifact that CodeBuild projects that don't actually need an input artifact can use.
//
// CodeBuild Projects MUST have an input artifact in order to be added to the Pipeline. If
// the Project doesn't actually care about its input (it can be anything), it can use the
// Artifact passed here.
// Experimental.
FallbackArtifact awscodepipeline.Artifact `field:"optional" json:"fallbackArtifact" yaml:"fallbackArtifact"`
// If this step is producing outputs, the variables namespace assigned to it.
//
// Pass this on to the Action you are creating.
// Experimental.
VariablesNamespace *string `field:"optional" json:"variablesNamespace" yaml:"variablesNamespace"`
}
Options for the `CodePipelineActionFactory.produce()` method.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import constructs "github.com/aws/constructs-go/constructs"
import monocdk "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var artifact artifact
var artifactMap artifactMap
var bucket bucket
var buildImage iBuildImage
var buildSpec buildSpec
var codePipeline codePipeline
var construct construct
var duration duration
var policyStatement policyStatement
var securityGroup securityGroup
var subnet subnet
var subnetFilter subnetFilter
var value interface{}
var vpc vpc
produceActionOptions := &produceActionOptions{
actionName: jsii.String("actionName"),
artifacts: artifactMap,
pipeline: codePipeline,
runOrder: jsii.Number(123),
scope: construct,
// the properties below are optional
beforeSelfMutation: jsii.Boolean(false),
codeBuildDefaults: &codeBuildOptions{
buildEnvironment: &buildEnvironment{
buildImage: buildImage,
certificate: &buildEnvironmentCertificate{
bucket: bucket,
objectKey: jsii.String("objectKey"),
},
computeType: awscdk.Aws_codebuild.computeType_SMALL,
environmentVariables: map[string]buildEnvironmentVariable{
"environmentVariablesKey": &buildEnvironmentVariable{
"value": value,
// the properties below are optional
"type": awscdk.*Aws_codebuild.BuildEnvironmentVariableType_PLAINTEXT,
},
},
privileged: jsii.Boolean(false),
},
partialBuildSpec: buildSpec,
rolePolicy: []*policyStatement{
policyStatement,
},
securityGroups: []iSecurityGroup{
securityGroup,
},
subnetSelection: &subnetSelection{
availabilityZones: []*string{
jsii.String("availabilityZones"),
},
onePerAz: jsii.Boolean(false),
subnetFilters: []*subnetFilter{
subnetFilter,
},
subnetGroupName: jsii.String("subnetGroupName"),
subnetName: jsii.String("subnetName"),
subnets: []iSubnet{
subnet,
},
subnetType: awscdk.Aws_ec2.subnetType_ISOLATED,
},
timeout: duration,
vpc: vpc,
},
fallbackArtifact: artifact,
variablesNamespace: jsii.String("variablesNamespace"),
}
Experimental.
type PublishAssetsAction
deprecated
type PublishAssetsAction interface {
awscdk.Construct
awscodepipeline.IAction
// Exists to implement IAction.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ActionProperties() *awscodepipeline.ActionProperties
// The construct tree node associated with this construct.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Node() awscdk.ConstructNode
// Add a single publishing command.
//
// Manifest path should be relative to the root Cloud Assembly.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
AddPublishCommand(relativeManifestPath *string, assetSelector *string)
// Exists to implement IAction.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Bind(scope awscdk.Construct, stage awscodepipeline.IStage, options *awscodepipeline.ActionBindOptions) *awscodepipeline.ActionConfig
// Perform final modifications before synthesis.
//
// This method can be implemented by derived constructs in order to perform
// final changes before synthesis. prepare() will be called after child
// constructs have been prepared.
//
// This is an advanced framework feature. Only use this if you
// understand the implications.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
OnPrepare()
// Exists to implement IAction.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
OnStateChange(name *string, target awsevents.IRuleTarget, options *awsevents.RuleProps) awsevents.Rule
// Allows this construct to emit artifacts into the cloud assembly during synthesis.
//
// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
// as they participate in synthesizing the cloud assembly.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
OnSynthesize(session constructs.ISynthesisSession)
// Validate the current construct.
//
// This method can be implemented by derived constructs in order to perform
// validation logic. It is called on all constructs before synthesis.
//
// Returns: An array of validation error messages, or an empty array if the construct is valid.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
OnValidate() *[]*string
// Perform final modifications before synthesis.
//
// This method can be implemented by derived constructs in order to perform
// final changes before synthesis. prepare() will be called after child
// constructs have been prepared.
//
// This is an advanced framework feature. Only use this if you
// understand the implications.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Prepare()
// Allows this construct to emit artifacts into the cloud assembly during synthesis.
//
// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
// as they participate in synthesizing the cloud assembly.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Synthesize(session awscdk.ISynthesisSession)
// Returns a string representation of this construct.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ToString() *string
// Validate the current construct.
//
// This method can be implemented by derived constructs in order to perform
// validation logic. It is called on all constructs before synthesis.
//
// Returns: An array of validation error messages, or an empty array if the construct is valid.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Validate() *[]*string
}
Action to publish an asset in the pipeline.
Creates a CodeBuild project which will use the CDK CLI to prepare and publish the asset.
You do not need to instantiate this action -- it will automatically be added by the pipeline when you add stacks that use assets.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import monocdk "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var artifact artifact
var buildSpec buildSpec
var dependable iDependable
var role role
var subnet subnet
var subnetFilter subnetFilter
var vpc vpc
publishAssetsAction := awscdk.Pipelines.NewPublishAssetsAction(this, jsii.String("MyPublishAssetsAction"), &publishAssetsActionProps{
actionName: jsii.String("actionName"),
assetType: awscdk.*Pipelines.assetType_FILE,
cloudAssemblyInput: artifact,
// the properties below are optional
buildSpec: buildSpec,
cdkCliVersion: jsii.String("cdkCliVersion"),
createBuildspecFile: jsii.Boolean(false),
dependable: dependable,
preInstallCommands: []*string{
jsii.String("preInstallCommands"),
},
projectName: jsii.String("projectName"),
role: role,
subnetSelection: &subnetSelection{
availabilityZones: []*string{
jsii.String("availabilityZones"),
},
onePerAz: jsii.Boolean(false),
subnetFilters: []*subnetFilter{
subnetFilter,
},
subnetGroupName: jsii.String("subnetGroupName"),
subnetName: jsii.String("subnetName"),
subnets: []iSubnet{
subnet,
},
subnetType: awscdk.Aws_ec2.subnetType_ISOLATED,
},
vpc: vpc,
})
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
func NewPublishAssetsAction
deprecated
func NewPublishAssetsAction(scope constructs.Construct, id *string, props *PublishAssetsActionProps) PublishAssetsAction
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
type PublishAssetsActionProps
deprecated
type PublishAssetsActionProps struct {
// Name of publishing action.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ActionName *string `field:"required" json:"actionName" yaml:"actionName"`
// AssetType we're publishing.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
AssetType AssetType `field:"required" json:"assetType" yaml:"assetType"`
// The CodePipeline artifact that holds the Cloud Assembly.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
CloudAssemblyInput awscodepipeline.Artifact `field:"required" json:"cloudAssemblyInput" yaml:"cloudAssemblyInput"`
// Custom BuildSpec that is merged with generated one.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
BuildSpec awscodebuild.BuildSpec `field:"optional" json:"buildSpec" yaml:"buildSpec"`
// Version of CDK CLI to 'npm install'.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
CdkCliVersion *string `field:"optional" json:"cdkCliVersion" yaml:"cdkCliVersion"`
// Use a file buildspec written to the cloud assembly instead of an inline buildspec.
//
// This prevents size limitation errors as inline specs have a max length of 25600 characters.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
CreateBuildspecFile *bool `field:"optional" json:"createBuildspecFile" yaml:"createBuildspecFile"`
// Any Dependable construct that the CodeBuild project needs to take a dependency on.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Dependable awscdk.IDependable `field:"optional" json:"dependable" yaml:"dependable"`
// Additional commands to run before installing cdk-assert Use this to setup proxies or npm mirrors.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
PreInstallCommands *[]*string `field:"optional" json:"preInstallCommands" yaml:"preInstallCommands"`
// Name of the CodeBuild project.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ProjectName *string `field:"optional" json:"projectName" yaml:"projectName"`
// Role to use for CodePipeline and CodeBuild to build and publish the assets.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Role awsiam.IRole `field:"optional" json:"role" yaml:"role"`
// Which subnets to use.
//
// Only used if 'vpc' is supplied.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
SubnetSelection *awsec2.SubnetSelection `field:"optional" json:"subnetSelection" yaml:"subnetSelection"`
// The VPC where to execute the PublishAssetsAction.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Vpc awsec2.IVpc `field:"optional" json:"vpc" yaml:"vpc"`
}
Props for a PublishAssetsAction.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import monocdk "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var artifact artifact
var buildSpec buildSpec
var dependable iDependable
var role role
var subnet subnet
var subnetFilter subnetFilter
var vpc vpc
publishAssetsActionProps := &publishAssetsActionProps{
actionName: jsii.String("actionName"),
assetType: awscdk.Pipelines.assetType_FILE,
cloudAssemblyInput: artifact,
// the properties below are optional
buildSpec: buildSpec,
cdkCliVersion: jsii.String("cdkCliVersion"),
createBuildspecFile: jsii.Boolean(false),
dependable: dependable,
preInstallCommands: []*string{
jsii.String("preInstallCommands"),
},
projectName: jsii.String("projectName"),
role: role,
subnetSelection: &subnetSelection{
availabilityZones: []*string{
jsii.String("availabilityZones"),
},
onePerAz: jsii.Boolean(false),
subnetFilters: []*subnetFilter{
subnetFilter,
},
subnetGroupName: jsii.String("subnetGroupName"),
subnetName: jsii.String("subnetName"),
subnets: []iSubnet{
subnet,
},
subnetType: awscdk.Aws_ec2.subnetType_ISOLATED,
},
vpc: vpc,
}
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
type S3SourceOptions ¶
type S3SourceOptions struct {
// The action name used for this source in the CodePipeline.
// Experimental.
ActionName *string `field:"optional" json:"actionName" yaml:"actionName"`
// How should CodePipeline detect source changes for this Action.
//
// Note that if this is S3Trigger.EVENTS, you need to make sure to include the source Bucket in a CloudTrail Trail,
// as otherwise the CloudWatch Events will not be emitted.
// See: https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/log-s3-data-events.html
//
// Experimental.
Trigger awscodepipelineactions.S3Trigger `field:"optional" json:"trigger" yaml:"trigger"`
}
Options for S3 sources.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
s3SourceOptions := &s3SourceOptions{
actionName: jsii.String("actionName"),
trigger: awscdk.Aws_codepipeline_actions.s3Trigger_NONE,
}
Experimental.
type ShellScriptAction
deprecated
type ShellScriptAction interface {
awscodepipeline.IAction
awsiam.IGrantable
// Exists to implement IAction.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ActionProperties() *awscodepipeline.ActionProperties
// The CodeBuild Project's principal.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
GrantPrincipal() awsiam.IPrincipal
// Project generated to run the shell script in.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Project() awscodebuild.IProject
// Exists to implement IAction.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Bind(scope awscdk.Construct, stage awscodepipeline.IStage, options *awscodepipeline.ActionBindOptions) *awscodepipeline.ActionConfig
// Exists to implement IAction.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
OnStateChange(name *string, target awsevents.IRuleTarget, options *awsevents.RuleProps) awsevents.Rule
}
Validate a revision using shell commands.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var artifact artifact
var bucket bucket
var buildImage iBuildImage
var policyStatement policyStatement
var securityGroup securityGroup
var stackOutput stackOutput
var subnet subnet
var subnetFilter subnetFilter
var value interface{}
var vpc vpc
shellScriptAction := awscdk.Pipelines.NewShellScriptAction(&shellScriptActionProps{
actionName: jsii.String("actionName"),
commands: []*string{
jsii.String("commands"),
},
// the properties below are optional
additionalArtifacts: []*artifact{
artifact,
},
bashOptions: jsii.String("bashOptions"),
environment: &buildEnvironment{
buildImage: buildImage,
certificate: &buildEnvironmentCertificate{
bucket: bucket,
objectKey: jsii.String("objectKey"),
},
computeType: awscdk.Aws_codebuild.computeType_SMALL,
environmentVariables: map[string]buildEnvironmentVariable{
"environmentVariablesKey": &buildEnvironmentVariable{
"value": value,
// the properties below are optional
"type": awscdk.*Aws_codebuild.BuildEnvironmentVariableType_PLAINTEXT,
},
},
privileged: jsii.Boolean(false),
},
environmentVariables: map[string]*buildEnvironmentVariable{
"environmentVariablesKey": &buildEnvironmentVariable{
"value": value,
// the properties below are optional
"type": awscdk.*Aws_codebuild.BuildEnvironmentVariableType_PLAINTEXT,
},
},
rolePolicyStatements: []*policyStatement{
policyStatement,
},
runOrder: jsii.Number(123),
securityGroups: []iSecurityGroup{
securityGroup,
},
subnetSelection: &subnetSelection{
availabilityZones: []*string{
jsii.String("availabilityZones"),
},
onePerAz: jsii.Boolean(false),
subnetFilters: []*subnetFilter{
subnetFilter,
},
subnetGroupName: jsii.String("subnetGroupName"),
subnetName: jsii.String("subnetName"),
subnets: []iSubnet{
subnet,
},
subnetType: awscdk.Aws_ec2.subnetType_ISOLATED,
},
useOutputs: map[string]*stackOutput{
"useOutputsKey": stackOutput,
},
vpc: vpc,
})
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
func NewShellScriptAction
deprecated
func NewShellScriptAction(props *ShellScriptActionProps) ShellScriptAction
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
type ShellScriptActionProps
deprecated
type ShellScriptActionProps struct {
// Name of the validation action in the pipeline.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ActionName *string `field:"required" json:"actionName" yaml:"actionName"`
// Commands to run.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Commands *[]*string `field:"required" json:"commands" yaml:"commands"`
// Additional artifacts to use as input for the CodeBuild project.
//
// You can use these files to load more complex test sets into the
// shellscript build environment.
//
// The files artifact given here will be unpacked into the current
// working directory, the other ones will be unpacked into directories
// which are available through the environment variables
// $CODEBUILD_SRC_DIR_<artifactName>.
//
// The CodeBuild job must have at least one input artifact, so you
// must provide either at least one additional artifact here or one
// stack output using `useOutput`.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
AdditionalArtifacts *[]awscodepipeline.Artifact `field:"optional" json:"additionalArtifacts" yaml:"additionalArtifacts"`
// Bash options to set at the start of the script.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
BashOptions *string `field:"optional" json:"bashOptions" yaml:"bashOptions"`
// The CodeBuild environment where scripts are executed.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Environment *awscodebuild.BuildEnvironment `field:"optional" json:"environment" yaml:"environment"`
// Environment variables to send into build.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
EnvironmentVariables *map[string]*awscodebuild.BuildEnvironmentVariable `field:"optional" json:"environmentVariables" yaml:"environmentVariables"`
// Additional policy statements to add to the execution role.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
RolePolicyStatements *[]awsiam.PolicyStatement `field:"optional" json:"rolePolicyStatements" yaml:"rolePolicyStatements"`
// RunOrder for this action.
//
// Use this to sequence the shell script after the deployments.
//
// The default value is 100 so you don't have to supply the value if you just
// want to run this after the application stacks have been deployed, and you
// don't have more than 100 stacks.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
RunOrder *float64 `field:"optional" json:"runOrder" yaml:"runOrder"`
// Which security group to associate with the script's project network interfaces.
//
// If no security group is identified, one will be created automatically.
//
// Only used if 'vpc' is supplied.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
SecurityGroups *[]awsec2.ISecurityGroup `field:"optional" json:"securityGroups" yaml:"securityGroups"`
// Which subnets to use.
//
// Only used if 'vpc' is supplied.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
SubnetSelection *awsec2.SubnetSelection `field:"optional" json:"subnetSelection" yaml:"subnetSelection"`
// Stack outputs to make available as environment variables.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
UseOutputs *map[string]StackOutput `field:"optional" json:"useOutputs" yaml:"useOutputs"`
// The VPC where to execute the specified script.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Vpc awsec2.IVpc `field:"optional" json:"vpc" yaml:"vpc"`
}
Properties for ShellScriptAction.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var artifact artifact
var bucket bucket
var buildImage iBuildImage
var policyStatement policyStatement
var securityGroup securityGroup
var stackOutput stackOutput
var subnet subnet
var subnetFilter subnetFilter
var value interface{}
var vpc vpc
shellScriptActionProps := &shellScriptActionProps{
actionName: jsii.String("actionName"),
commands: []*string{
jsii.String("commands"),
},
// the properties below are optional
additionalArtifacts: []*artifact{
artifact,
},
bashOptions: jsii.String("bashOptions"),
environment: &buildEnvironment{
buildImage: buildImage,
certificate: &buildEnvironmentCertificate{
bucket: bucket,
objectKey: jsii.String("objectKey"),
},
computeType: awscdk.Aws_codebuild.computeType_SMALL,
environmentVariables: map[string]buildEnvironmentVariable{
"environmentVariablesKey": &buildEnvironmentVariable{
"value": value,
// the properties below are optional
"type": awscdk.*Aws_codebuild.BuildEnvironmentVariableType_PLAINTEXT,
},
},
privileged: jsii.Boolean(false),
},
environmentVariables: map[string]*buildEnvironmentVariable{
"environmentVariablesKey": &buildEnvironmentVariable{
"value": value,
// the properties below are optional
"type": awscdk.*Aws_codebuild.BuildEnvironmentVariableType_PLAINTEXT,
},
},
rolePolicyStatements: []*policyStatement{
policyStatement,
},
runOrder: jsii.Number(123),
securityGroups: []iSecurityGroup{
securityGroup,
},
subnetSelection: &subnetSelection{
availabilityZones: []*string{
jsii.String("availabilityZones"),
},
onePerAz: jsii.Boolean(false),
subnetFilters: []*subnetFilter{
subnetFilter,
},
subnetGroupName: jsii.String("subnetGroupName"),
subnetName: jsii.String("subnetName"),
subnets: []iSubnet{
subnet,
},
subnetType: awscdk.Aws_ec2.subnetType_ISOLATED,
},
useOutputs: map[string]*stackOutput{
"useOutputsKey": stackOutput,
},
vpc: vpc,
}
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
type ShellStep ¶
type ShellStep interface {
Step
// Commands to run.
// Experimental.
Commands() *[]*string
// Return the steps this step depends on, based on the FileSets it requires.
// Experimental.
Dependencies() *[]Step
// The list of FileSets consumed by this Step.
// Experimental.
DependencyFileSets() *[]FileSet
// Environment variables to set.
// Experimental.
Env() *map[string]*string
// Set environment variables based on Stack Outputs.
// Experimental.
EnvFromCfnOutputs() *map[string]StackOutputReference
// Identifier for this step.
// Experimental.
Id() *string
// Input FileSets.
//
// A list of `(FileSet, directory)` pairs, which are a copy of the
// input properties. This list should not be modified directly.
// Experimental.
Inputs() *[]*FileSetLocation
// Installation commands to run before the regular commands.
//
// For deployment engines that support it, install commands will be classified
// differently in the job history from the regular `commands`.
// Experimental.
InstallCommands() *[]*string
// Whether or not this is a Source step.
//
// What it means to be a Source step depends on the engine.
// Experimental.
IsSource() *bool
// Output FileSets.
//
// A list of `(FileSet, directory)` pairs, which are a copy of the
// input properties. This list should not be modified directly.
// Experimental.
Outputs() *[]*FileSetLocation
// The primary FileSet produced by this Step.
//
// Not all steps produce an output FileSet--if they do
// you can substitute the `Step` object for the `FileSet` object.
// Experimental.
PrimaryOutput() FileSet
// Add an additional FileSet to the set of file sets required by this step.
//
// This will lead to a dependency on the producer of that file set.
// Experimental.
AddDependencyFileSet(fs FileSet)
// Add an additional output FileSet based on a directory.
//
// After running the script, the contents of the given directory
// will be exported as a `FileSet`. Use the `FileSet` as the
// input to another step.
//
// Multiple calls with the exact same directory name string (not normalized)
// will return the same FileSet.
// Experimental.
AddOutputDirectory(directory *string) FileSet
// Add a dependency on another step.
// Experimental.
AddStepDependency(step Step)
// Configure the given FileSet as the primary output of this step.
// Experimental.
ConfigurePrimaryOutput(fs FileSet)
// Crawl the given structure for references to StepOutputs and add dependencies on all steps found.
//
// Should be called in the constructor of subclasses based on what the user
// passes in as construction properties. The format of the structure passed in
// here does not have to correspond exactly to what gets rendered into the
// engine, it just needs to contain the same data.
// Experimental.
DiscoverReferencedOutputs(structure interface{})
// Configure the given output directory as primary output.
//
// If no primary output has been configured yet, this directory
// will become the primary output of this ShellStep, otherwise this
// method will throw if the given directory is different than the
// currently configured primary output directory.
// Experimental.
PrimaryOutputDirectory(directory *string) FileSet
// Return a string representation of this Step.
// Experimental.
ToString() *string
}
Run shell script commands in the pipeline.
This is a generic step designed to be deployment engine agnostic.
Example:
// Modern API
modernPipeline := pipelines.NewCodePipeline(this, jsii.String("Pipeline"), &codePipelineProps{
selfMutation: jsii.Boolean(false),
synth: pipelines.NewShellStep(jsii.String("Synth"), &shellStepProps{
input: pipelines.codePipelineSource.connection(jsii.String("my-org/my-app"), jsii.String("main"), &connectionSourceOptions{
connectionArn: jsii.String("arn:aws:codestar-connections:us-east-1:222222222222:connection/7d2469ff-514a-4e4f-9003-5ca4a43cdc41"),
}),
commands: []*string{
jsii.String("npm ci"),
jsii.String("npm run build"),
jsii.String("npx cdk synth"),
},
}),
})
// Original API
cloudAssemblyArtifact := codepipeline.NewArtifact()
originalPipeline := pipelines.NewCdkPipeline(this, jsii.String("Pipeline"), &cdkPipelineProps{
selfMutating: jsii.Boolean(false),
cloudAssemblyArtifact: cloudAssemblyArtifact,
})
Experimental.
type ShellStepProps ¶
type ShellStepProps struct {
// Commands to run.
// Experimental.
Commands *[]*string `field:"required" json:"commands" yaml:"commands"`
// Additional FileSets to put in other directories.
//
// Specifies a mapping from directory name to FileSets. During the
// script execution, the FileSets will be available in the directories
// indicated.
//
// The directory names may be relative. For example, you can put
// the main input and an additional input side-by-side with the
// following configuration:
//
// “`ts
// const script = new pipelines.ShellStep('MainScript', {
// commands: ['npm ci','npm run build','npx cdk synth'],
// input: pipelines.CodePipelineSource.gitHub('org/source1', 'main'),
// additionalInputs: {
// '../siblingdir': pipelines.CodePipelineSource.gitHub('org/source2', 'main'),
// }
// });
// “`.
// Experimental.
AdditionalInputs *map[string]IFileSetProducer `field:"optional" json:"additionalInputs" yaml:"additionalInputs"`
// Environment variables to set.
// Experimental.
Env *map[string]*string `field:"optional" json:"env" yaml:"env"`
// Set environment variables based on Stack Outputs.
//
// `ShellStep`s following stack or stage deployments may
// access the `CfnOutput`s of those stacks to get access to
// --for example--automatically generated resource names or
// endpoint URLs.
// Experimental.
EnvFromCfnOutputs *map[string]awscdk.CfnOutput `field:"optional" json:"envFromCfnOutputs" yaml:"envFromCfnOutputs"`
// FileSet to run these scripts on.
//
// The files in the FileSet will be placed in the working directory when
// the script is executed. Use `additionalInputs` to download file sets
// to other directories as well.
// Experimental.
Input IFileSetProducer `field:"optional" json:"input" yaml:"input"`
// Installation commands to run before the regular commands.
//
// For deployment engines that support it, install commands will be classified
// differently in the job history from the regular `commands`.
// Experimental.
InstallCommands *[]*string `field:"optional" json:"installCommands" yaml:"installCommands"`
// The directory that will contain the primary output fileset.
//
// After running the script, the contents of the given directory
// will be treated as the primary output of this Step.
// Experimental.
PrimaryOutputDirectory *string `field:"optional" json:"primaryOutputDirectory" yaml:"primaryOutputDirectory"`
}
Construction properties for a `ShellStep`.
Example:
// Modern API
modernPipeline := pipelines.NewCodePipeline(this, jsii.String("Pipeline"), &codePipelineProps{
selfMutation: jsii.Boolean(false),
synth: pipelines.NewShellStep(jsii.String("Synth"), &shellStepProps{
input: pipelines.codePipelineSource.connection(jsii.String("my-org/my-app"), jsii.String("main"), &connectionSourceOptions{
connectionArn: jsii.String("arn:aws:codestar-connections:us-east-1:222222222222:connection/7d2469ff-514a-4e4f-9003-5ca4a43cdc41"),
}),
commands: []*string{
jsii.String("npm ci"),
jsii.String("npm run build"),
jsii.String("npx cdk synth"),
},
}),
})
// Original API
cloudAssemblyArtifact := codepipeline.NewArtifact()
originalPipeline := pipelines.NewCdkPipeline(this, jsii.String("Pipeline"), &cdkPipelineProps{
selfMutating: jsii.Boolean(false),
cloudAssemblyArtifact: cloudAssemblyArtifact,
})
Experimental.
type SimpleSynthAction
deprecated
type SimpleSynthAction interface {
awscodepipeline.IAction
awsiam.IGrantable
// Exists to implement IAction.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ActionProperties() *awscodepipeline.ActionProperties
// The CodeBuild Project's principal.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
GrantPrincipal() awsiam.IPrincipal
// Project generated to run the synth command.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Project() awscodebuild.IProject
// Exists to implement IAction.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Bind(scope awscdk.Construct, stage awscodepipeline.IStage, options *awscodepipeline.ActionBindOptions) *awscodepipeline.ActionConfig
// Exists to implement IAction.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
OnStateChange(name *string, target awsevents.IRuleTarget, options *awsevents.RuleProps) awsevents.Rule
}
A standard synth with a generated buildspec.
Example:
sourceArtifact := codepipeline.NewArtifact()
cloudAssemblyArtifact := codepipeline.NewArtifact()
pipeline := pipelines.NewCdkPipeline(this, jsii.String("MyPipeline"), &cdkPipelineProps{
cloudAssemblyArtifact: cloudAssemblyArtifact,
synthAction: pipelines.simpleSynthAction.standardNpmSynth(&standardNpmSynthOptions{
sourceArtifact: sourceArtifact,
cloudAssemblyArtifact: cloudAssemblyArtifact,
environment: &buildEnvironment{
privileged: jsii.Boolean(true),
},
}),
})
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
func NewSimpleSynthAction
deprecated
func NewSimpleSynthAction(props *SimpleSynthActionProps) SimpleSynthAction
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
func SimpleSynthAction_StandardNpmSynth ¶
func SimpleSynthAction_StandardNpmSynth(options *StandardNpmSynthOptions) SimpleSynthAction
Create a standard NPM synth action.
Uses `npm ci` to install dependencies and `npx cdk synth` to synthesize.
If you need a build step, add `buildCommand: 'npm run build'`. Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
func SimpleSynthAction_StandardYarnSynth ¶
func SimpleSynthAction_StandardYarnSynth(options *StandardYarnSynthOptions) SimpleSynthAction
Create a standard Yarn synth action.
Uses `yarn install --frozen-lockfile` to install dependencies and `npx cdk synth` to synthesize.
If you need a build step, add `buildCommand: 'yarn build'`. Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
type SimpleSynthActionProps
deprecated
type SimpleSynthActionProps struct {
// The artifact where the CloudAssembly should be emitted.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
CloudAssemblyArtifact awscodepipeline.Artifact `field:"required" json:"cloudAssemblyArtifact" yaml:"cloudAssemblyArtifact"`
// The source artifact of the CodePipeline.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
SourceArtifact awscodepipeline.Artifact `field:"required" json:"sourceArtifact" yaml:"sourceArtifact"`
// Name of the build action.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ActionName *string `field:"optional" json:"actionName" yaml:"actionName"`
// Produce additional output artifacts after the build based on the given directories.
//
// Can be used to produce additional artifacts during the build step,
// separate from the cloud assembly, which can be used further on in the
// pipeline.
//
// Directories are evaluated with respect to `subdirectory`.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
AdditionalArtifacts *[]*AdditionalArtifact `field:"optional" json:"additionalArtifacts" yaml:"additionalArtifacts"`
// custom BuildSpec that is merged with the generated one.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
BuildSpec awscodebuild.BuildSpec `field:"optional" json:"buildSpec" yaml:"buildSpec"`
// Environment variables to copy over from parent env.
//
// These are environment variables that are being used by the build.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
CopyEnvironmentVariables *[]*string `field:"optional" json:"copyEnvironmentVariables" yaml:"copyEnvironmentVariables"`
// Build environment to use for CodeBuild job.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Environment *awscodebuild.BuildEnvironment `field:"optional" json:"environment" yaml:"environment"`
// Environment variables to send into build.
//
// NOTE: You may run into the 1000-character limit for the Action configuration if you have a large
// number of variables or if their names or values are very long.
// If you do, pass them to the underlying CodeBuild project directly in `environment` instead.
// However, you will not be able to use CodePipeline Variables in this case.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
EnvironmentVariables *map[string]*awscodebuild.BuildEnvironmentVariable `field:"optional" json:"environmentVariables" yaml:"environmentVariables"`
// Name of the CodeBuild project.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ProjectName *string `field:"optional" json:"projectName" yaml:"projectName"`
// Policy statements to add to role used during the synth.
//
// Can be used to add acces to a CodeArtifact repository etc.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
RolePolicyStatements *[]awsiam.PolicyStatement `field:"optional" json:"rolePolicyStatements" yaml:"rolePolicyStatements"`
// Directory inside the source where package.json and cdk.json are located.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Subdirectory *string `field:"optional" json:"subdirectory" yaml:"subdirectory"`
// Which subnets to use.
//
// Only used if 'vpc' is supplied.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
SubnetSelection *awsec2.SubnetSelection `field:"optional" json:"subnetSelection" yaml:"subnetSelection"`
// The VPC where to execute the SimpleSynth.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Vpc awsec2.IVpc `field:"optional" json:"vpc" yaml:"vpc"`
// The synth command.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
SynthCommand *string `field:"required" json:"synthCommand" yaml:"synthCommand"`
// The build command.
//
// If your programming language requires a compilation step, put the
// compilation command here.
// Deprecated: Use `buildCommands` instead.
BuildCommand *string `field:"optional" json:"buildCommand" yaml:"buildCommand"`
// The build commands.
//
// If your programming language requires a compilation step, put the
// compilation command here.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
BuildCommands *[]*string `field:"optional" json:"buildCommands" yaml:"buildCommands"`
// The install command.
//
// If not provided by the build image or another dependency
// management tool, at least install the CDK CLI here using
// `npm install -g aws-cdk`.
// Deprecated: Use `installCommands` instead.
InstallCommand *string `field:"optional" json:"installCommand" yaml:"installCommand"`
// Install commands.
//
// If not provided by the build image or another dependency
// management tool, at least install the CDK CLI here using
// `npm install -g aws-cdk`.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
InstallCommands *[]*string `field:"optional" json:"installCommands" yaml:"installCommands"`
// Test commands.
//
// These commands are run after the build commands but before the
// synth command.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
TestCommands *[]*string `field:"optional" json:"testCommands" yaml:"testCommands"`
}
Construction props for SimpleSynthAction.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var artifact artifact
var bucket bucket
var buildImage iBuildImage
var buildSpec buildSpec
var policyStatement policyStatement
var subnet subnet
var subnetFilter subnetFilter
var value interface{}
var vpc vpc
simpleSynthActionProps := &simpleSynthActionProps{
cloudAssemblyArtifact: artifact,
sourceArtifact: artifact,
synthCommand: jsii.String("synthCommand"),
// the properties below are optional
actionName: jsii.String("actionName"),
additionalArtifacts: []additionalArtifact{
&additionalArtifact{
artifact: artifact,
directory: jsii.String("directory"),
},
},
buildCommand: jsii.String("buildCommand"),
buildCommands: []*string{
jsii.String("buildCommands"),
},
buildSpec: buildSpec,
copyEnvironmentVariables: []*string{
jsii.String("copyEnvironmentVariables"),
},
environment: &buildEnvironment{
buildImage: buildImage,
certificate: &buildEnvironmentCertificate{
bucket: bucket,
objectKey: jsii.String("objectKey"),
},
computeType: awscdk.Aws_codebuild.computeType_SMALL,
environmentVariables: map[string]buildEnvironmentVariable{
"environmentVariablesKey": &buildEnvironmentVariable{
"value": value,
// the properties below are optional
"type": awscdk.*Aws_codebuild.BuildEnvironmentVariableType_PLAINTEXT,
},
},
privileged: jsii.Boolean(false),
},
environmentVariables: map[string]*buildEnvironmentVariable{
"environmentVariablesKey": &buildEnvironmentVariable{
"value": value,
// the properties below are optional
"type": awscdk.*Aws_codebuild.BuildEnvironmentVariableType_PLAINTEXT,
},
},
installCommand: jsii.String("installCommand"),
installCommands: []*string{
jsii.String("installCommands"),
},
projectName: jsii.String("projectName"),
rolePolicyStatements: []*policyStatement{
policyStatement,
},
subdirectory: jsii.String("subdirectory"),
subnetSelection: &subnetSelection{
availabilityZones: []*string{
jsii.String("availabilityZones"),
},
onePerAz: jsii.Boolean(false),
subnetFilters: []*subnetFilter{
subnetFilter,
},
subnetGroupName: jsii.String("subnetGroupName"),
subnetName: jsii.String("subnetName"),
subnets: []iSubnet{
subnet,
},
subnetType: awscdk.Aws_ec2.subnetType_ISOLATED,
},
testCommands: []*string{
jsii.String("testCommands"),
},
vpc: vpc,
}
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
type SimpleSynthOptions
deprecated
type SimpleSynthOptions struct {
// The artifact where the CloudAssembly should be emitted.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
CloudAssemblyArtifact awscodepipeline.Artifact `field:"required" json:"cloudAssemblyArtifact" yaml:"cloudAssemblyArtifact"`
// The source artifact of the CodePipeline.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
SourceArtifact awscodepipeline.Artifact `field:"required" json:"sourceArtifact" yaml:"sourceArtifact"`
// Name of the build action.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ActionName *string `field:"optional" json:"actionName" yaml:"actionName"`
// Produce additional output artifacts after the build based on the given directories.
//
// Can be used to produce additional artifacts during the build step,
// separate from the cloud assembly, which can be used further on in the
// pipeline.
//
// Directories are evaluated with respect to `subdirectory`.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
AdditionalArtifacts *[]*AdditionalArtifact `field:"optional" json:"additionalArtifacts" yaml:"additionalArtifacts"`
// custom BuildSpec that is merged with the generated one.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
BuildSpec awscodebuild.BuildSpec `field:"optional" json:"buildSpec" yaml:"buildSpec"`
// Environment variables to copy over from parent env.
//
// These are environment variables that are being used by the build.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
CopyEnvironmentVariables *[]*string `field:"optional" json:"copyEnvironmentVariables" yaml:"copyEnvironmentVariables"`
// Build environment to use for CodeBuild job.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Environment *awscodebuild.BuildEnvironment `field:"optional" json:"environment" yaml:"environment"`
// Environment variables to send into build.
//
// NOTE: You may run into the 1000-character limit for the Action configuration if you have a large
// number of variables or if their names or values are very long.
// If you do, pass them to the underlying CodeBuild project directly in `environment` instead.
// However, you will not be able to use CodePipeline Variables in this case.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
EnvironmentVariables *map[string]*awscodebuild.BuildEnvironmentVariable `field:"optional" json:"environmentVariables" yaml:"environmentVariables"`
// Name of the CodeBuild project.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ProjectName *string `field:"optional" json:"projectName" yaml:"projectName"`
// Policy statements to add to role used during the synth.
//
// Can be used to add acces to a CodeArtifact repository etc.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
RolePolicyStatements *[]awsiam.PolicyStatement `field:"optional" json:"rolePolicyStatements" yaml:"rolePolicyStatements"`
// Directory inside the source where package.json and cdk.json are located.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Subdirectory *string `field:"optional" json:"subdirectory" yaml:"subdirectory"`
// Which subnets to use.
//
// Only used if 'vpc' is supplied.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
SubnetSelection *awsec2.SubnetSelection `field:"optional" json:"subnetSelection" yaml:"subnetSelection"`
// The VPC where to execute the SimpleSynth.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Vpc awsec2.IVpc `field:"optional" json:"vpc" yaml:"vpc"`
}
Configuration options for a SimpleSynth.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var artifact artifact
var bucket bucket
var buildImage iBuildImage
var buildSpec buildSpec
var policyStatement policyStatement
var subnet subnet
var subnetFilter subnetFilter
var value interface{}
var vpc vpc
simpleSynthOptions := &simpleSynthOptions{
cloudAssemblyArtifact: artifact,
sourceArtifact: artifact,
// the properties below are optional
actionName: jsii.String("actionName"),
additionalArtifacts: []additionalArtifact{
&additionalArtifact{
artifact: artifact,
directory: jsii.String("directory"),
},
},
buildSpec: buildSpec,
copyEnvironmentVariables: []*string{
jsii.String("copyEnvironmentVariables"),
},
environment: &buildEnvironment{
buildImage: buildImage,
certificate: &buildEnvironmentCertificate{
bucket: bucket,
objectKey: jsii.String("objectKey"),
},
computeType: awscdk.Aws_codebuild.computeType_SMALL,
environmentVariables: map[string]buildEnvironmentVariable{
"environmentVariablesKey": &buildEnvironmentVariable{
"value": value,
// the properties below are optional
"type": awscdk.*Aws_codebuild.BuildEnvironmentVariableType_PLAINTEXT,
},
},
privileged: jsii.Boolean(false),
},
environmentVariables: map[string]*buildEnvironmentVariable{
"environmentVariablesKey": &buildEnvironmentVariable{
"value": value,
// the properties below are optional
"type": awscdk.*Aws_codebuild.BuildEnvironmentVariableType_PLAINTEXT,
},
},
projectName: jsii.String("projectName"),
rolePolicyStatements: []*policyStatement{
policyStatement,
},
subdirectory: jsii.String("subdirectory"),
subnetSelection: &subnetSelection{
availabilityZones: []*string{
jsii.String("availabilityZones"),
},
onePerAz: jsii.Boolean(false),
subnetFilters: []*subnetFilter{
subnetFilter,
},
subnetGroupName: jsii.String("subnetGroupName"),
subnetName: jsii.String("subnetName"),
subnets: []iSubnet{
subnet,
},
subnetType: awscdk.Aws_ec2.subnetType_ISOLATED,
},
vpc: vpc,
}
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
type StackAsset ¶
type StackAsset struct {
// Asset identifier.
// Experimental.
AssetId *string `field:"required" json:"assetId" yaml:"assetId"`
// Absolute asset manifest path.
//
// This needs to be made relative at a later point in time, but when this
// information is parsed we don't know about the root cloud assembly yet.
// Experimental.
AssetManifestPath *string `field:"required" json:"assetManifestPath" yaml:"assetManifestPath"`
// Asset selector to pass to `cdk-assets`.
// Experimental.
AssetSelector *string `field:"required" json:"assetSelector" yaml:"assetSelector"`
// Type of asset to publish.
// Experimental.
AssetType AssetType `field:"required" json:"assetType" yaml:"assetType"`
// Does this asset represent the CloudFormation template for the stack.
// Experimental.
IsTemplate *bool `field:"required" json:"isTemplate" yaml:"isTemplate"`
// Role ARN to assume to publish.
// Experimental.
AssetPublishingRoleArn *string `field:"optional" json:"assetPublishingRoleArn" yaml:"assetPublishingRoleArn"`
}
An asset used by a Stack.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
stackAsset := &stackAsset{
assetId: jsii.String("assetId"),
assetManifestPath: jsii.String("assetManifestPath"),
assetSelector: jsii.String("assetSelector"),
assetType: awscdk.Pipelines.assetType_FILE,
isTemplate: jsii.Boolean(false),
// the properties below are optional
assetPublishingRoleArn: jsii.String("assetPublishingRoleArn"),
}
Experimental.
type StackDeployment ¶
type StackDeployment interface {
// Template path on disk to CloudAssembly.
// Experimental.
AbsoluteTemplatePath() *string
// Account where the stack should be deployed.
// Experimental.
Account() *string
// Assets referenced by this stack.
// Experimental.
Assets() *[]*StackAsset
// Role to assume before deploying this stack.
// Experimental.
AssumeRoleArn() *string
// Steps that take place after stack is prepared but before stack deploys.
//
// Your pipeline engine may not disable `prepareStep`.
// Experimental.
ChangeSet() *[]Step
// Construct path for this stack.
// Experimental.
ConstructPath() *string
// Execution role to pass to CloudFormation.
// Experimental.
ExecutionRoleArn() *string
// Steps to execute after stack deploys.
// Experimental.
Post() *[]Step
// Steps that take place before stack is prepared.
//
// If your pipeline engine disables 'prepareStep', then this will happen before stack deploys.
// Experimental.
Pre() *[]Step
// Region where the stack should be deployed.
// Experimental.
Region() *string
// Artifact ID for this stack.
// Experimental.
StackArtifactId() *string
// Other stacks this stack depends on.
// Experimental.
StackDependencies() *[]StackDeployment
// Name for this stack.
// Experimental.
StackName() *string
// Tags to apply to the stack.
// Experimental.
Tags() *map[string]*string
// The asset that represents the CloudFormation template for this stack.
// Experimental.
TemplateAsset() *StackAsset
// The S3 URL which points to the template asset location in the publishing bucket.
//
// This is `undefined` if the stack template is not published. Use the
// `DefaultStackSynthesizer` to ensure it is.
//
// Example value: `https://bucket.s3.amazonaws.com/object/key`
// Experimental.
TemplateUrl() *string
// Add a dependency on another stack.
// Experimental.
AddStackDependency(stackDeployment StackDeployment)
// Adds steps to each phase of the stack.
// Experimental.
AddStackSteps(pre *[]Step, changeSet *[]Step, post *[]Step)
}
Deployment of a single Stack.
You don't need to instantiate this class -- it will be automatically instantiated as necessary when you add a `Stage` to a pipeline.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" import "github.com/aws/aws-cdk-go/awscdk" var cloudFormationStackArtifact cloudFormationStackArtifact stackDeployment := awscdk.Pipelines.stackDeployment.fromArtifact(cloudFormationStackArtifact)
Experimental.
func StackDeployment_FromArtifact ¶
func StackDeployment_FromArtifact(stackArtifact cxapi.CloudFormationStackArtifact) StackDeployment
Build a `StackDeployment` from a Stack Artifact in a Cloud Assembly. Experimental.
type StackDeploymentProps ¶
type StackDeploymentProps struct {
// Template path on disk to cloud assembly (cdk.out).
// Experimental.
AbsoluteTemplatePath *string `field:"required" json:"absoluteTemplatePath" yaml:"absoluteTemplatePath"`
// Construct path for this stack.
// Experimental.
ConstructPath *string `field:"required" json:"constructPath" yaml:"constructPath"`
// Artifact ID for this stack.
// Experimental.
StackArtifactId *string `field:"required" json:"stackArtifactId" yaml:"stackArtifactId"`
// Name for this stack.
// Experimental.
StackName *string `field:"required" json:"stackName" yaml:"stackName"`
// Account where the stack should be deployed.
// Experimental.
Account *string `field:"optional" json:"account" yaml:"account"`
// Assets referenced by this stack.
// Experimental.
Assets *[]*StackAsset `field:"optional" json:"assets" yaml:"assets"`
// Role to assume before deploying this stack.
// Experimental.
AssumeRoleArn *string `field:"optional" json:"assumeRoleArn" yaml:"assumeRoleArn"`
// Execution role to pass to CloudFormation.
// Experimental.
ExecutionRoleArn *string `field:"optional" json:"executionRoleArn" yaml:"executionRoleArn"`
// Region where the stack should be deployed.
// Experimental.
Region *string `field:"optional" json:"region" yaml:"region"`
// Tags to apply to the stack.
// Experimental.
Tags *map[string]*string `field:"optional" json:"tags" yaml:"tags"`
// The S3 URL which points to the template asset location in the publishing bucket.
// Experimental.
TemplateS3Uri *string `field:"optional" json:"templateS3Uri" yaml:"templateS3Uri"`
}
Properties for a `StackDeployment`.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
stackDeploymentProps := &stackDeploymentProps{
absoluteTemplatePath: jsii.String("absoluteTemplatePath"),
constructPath: jsii.String("constructPath"),
stackArtifactId: jsii.String("stackArtifactId"),
stackName: jsii.String("stackName"),
// the properties below are optional
account: jsii.String("account"),
assets: []stackAsset{
&stackAsset{
assetId: jsii.String("assetId"),
assetManifestPath: jsii.String("assetManifestPath"),
assetSelector: jsii.String("assetSelector"),
assetType: awscdk.Pipelines.assetType_FILE,
isTemplate: jsii.Boolean(false),
// the properties below are optional
assetPublishingRoleArn: jsii.String("assetPublishingRoleArn"),
},
},
assumeRoleArn: jsii.String("assumeRoleArn"),
executionRoleArn: jsii.String("executionRoleArn"),
region: jsii.String("region"),
tags: map[string]*string{
"tagsKey": jsii.String("tags"),
},
templateS3Uri: jsii.String("templateS3Uri"),
}
Experimental.
type StackOutput
deprecated
type StackOutput interface {
// The artifact and file the output is stored in.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ArtifactFile() awscodepipeline.ArtifactPath
// The name of the output in the JSON object in the file.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
OutputName() *string
}
A single output of a Stack.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var artifactPath artifactPath
stackOutput := awscdk.Pipelines.NewStackOutput(artifactPath, jsii.String("outputName"))
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
func NewStackOutput ¶
func NewStackOutput(artifactFile awscodepipeline.ArtifactPath, outputName *string) StackOutput
Build a StackOutput from a known artifact and an output name. Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
type StackOutputReference ¶
type StackOutputReference interface {
// Output name of the producing stack.
// Experimental.
OutputName() *string
// A human-readable description of the producing stack.
// Experimental.
StackDescription() *string
// Whether or not this stack output is being produced by the given Stack deployment.
// Experimental.
IsProducedBy(stack StackDeployment) *bool
}
A Reference to a Stack Output.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import monocdk "github.com/aws/aws-cdk-go/awscdk" import "github.com/aws/aws-cdk-go/awscdk" var cfnOutput cfnOutput stackOutputReference := awscdk.Pipelines.stackOutputReference.fromCfnOutput(cfnOutput)
Experimental.
func StackOutputReference_FromCfnOutput ¶
func StackOutputReference_FromCfnOutput(output awscdk.CfnOutput) StackOutputReference
Create a StackOutputReference that references the given CfnOutput. Experimental.
type StackSteps ¶
type StackSteps struct {
// The stack you want the steps to run in.
// Experimental.
Stack awscdk.Stack `field:"required" json:"stack" yaml:"stack"`
// Steps that execute after stack is prepared but before stack is deployed.
// Experimental.
ChangeSet *[]Step `field:"optional" json:"changeSet" yaml:"changeSet"`
// Steps that execute after stack is deployed.
// Experimental.
Post *[]Step `field:"optional" json:"post" yaml:"post"`
// Steps that execute before stack is prepared.
// Experimental.
Pre *[]Step `field:"optional" json:"pre" yaml:"pre"`
}
Instructions for additional steps that are run at stack level.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import monocdk "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var stack stack
var step step
stackSteps := &stackSteps{
stack: stack,
// the properties below are optional
changeSet: []*step{
step,
},
post: []*step{
step,
},
pre: []*step{
step,
},
}
Experimental.
type StageDeployment ¶
type StageDeployment interface {
// Additional steps that are run after all of the stacks in the stage.
// Experimental.
Post() *[]Step
// Additional steps that are run before any of the stacks in the stage.
// Experimental.
Pre() *[]Step
// The stacks deployed in this stage.
// Experimental.
Stacks() *[]StackDeployment
// Instructions for additional steps that are run at stack level.
// Experimental.
StackSteps() *[]*StackSteps
// The display name of this stage.
// Experimental.
StageName() *string
// Add an additional step to run after all of the stacks in this stage.
// Experimental.
AddPost(steps ...Step)
// Add an additional step to run before any of the stacks in this stage.
// Experimental.
AddPre(steps ...Step)
}
Deployment of a single `Stage`.
A `Stage` consists of one or more `Stacks`, which will be deployed in dependency order.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import monocdk "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var stack stack
var stage stage
var step step
stageDeployment := awscdk.Pipelines.stageDeployment.fromStage(stage, &stageDeploymentProps{
post: []*step{
step,
},
pre: []*step{
step,
},
stackSteps: []stackSteps{
&stackSteps{
stack: stack,
// the properties below are optional
changeSet: []*step{
step,
},
post: []*step{
step,
},
pre: []*step{
step,
},
},
},
stageName: jsii.String("stageName"),
})
Experimental.
func StageDeployment_FromStage ¶
func StageDeployment_FromStage(stage awscdk.Stage, props *StageDeploymentProps) StageDeployment
Create a new `StageDeployment` from a `Stage`.
Synthesizes the target stage, and deployes the stacks found inside in dependency order. Experimental.
type StageDeploymentProps ¶
type StageDeploymentProps struct {
// Additional steps to run after all of the stacks in the stage.
// Experimental.
Post *[]Step `field:"optional" json:"post" yaml:"post"`
// Additional steps to run before any of the stacks in the stage.
// Experimental.
Pre *[]Step `field:"optional" json:"pre" yaml:"pre"`
// Instructions for additional steps that are run at the stack level.
// Experimental.
StackSteps *[]*StackSteps `field:"optional" json:"stackSteps" yaml:"stackSteps"`
// Stage name to use in the pipeline.
// Experimental.
StageName *string `field:"optional" json:"stageName" yaml:"stageName"`
}
Properties for a `StageDeployment`.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import monocdk "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var stack stack
var step step
stageDeploymentProps := &stageDeploymentProps{
post: []*step{
step,
},
pre: []*step{
step,
},
stackSteps: []stackSteps{
&stackSteps{
stack: stack,
// the properties below are optional
changeSet: []*step{
step,
},
post: []*step{
step,
},
pre: []*step{
step,
},
},
},
stageName: jsii.String("stageName"),
}
Experimental.
type StandardNpmSynthOptions
deprecated
type StandardNpmSynthOptions struct {
// The artifact where the CloudAssembly should be emitted.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
CloudAssemblyArtifact awscodepipeline.Artifact `field:"required" json:"cloudAssemblyArtifact" yaml:"cloudAssemblyArtifact"`
// The source artifact of the CodePipeline.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
SourceArtifact awscodepipeline.Artifact `field:"required" json:"sourceArtifact" yaml:"sourceArtifact"`
// Name of the build action.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ActionName *string `field:"optional" json:"actionName" yaml:"actionName"`
// Produce additional output artifacts after the build based on the given directories.
//
// Can be used to produce additional artifacts during the build step,
// separate from the cloud assembly, which can be used further on in the
// pipeline.
//
// Directories are evaluated with respect to `subdirectory`.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
AdditionalArtifacts *[]*AdditionalArtifact `field:"optional" json:"additionalArtifacts" yaml:"additionalArtifacts"`
// custom BuildSpec that is merged with the generated one.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
BuildSpec awscodebuild.BuildSpec `field:"optional" json:"buildSpec" yaml:"buildSpec"`
// Environment variables to copy over from parent env.
//
// These are environment variables that are being used by the build.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
CopyEnvironmentVariables *[]*string `field:"optional" json:"copyEnvironmentVariables" yaml:"copyEnvironmentVariables"`
// Build environment to use for CodeBuild job.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Environment *awscodebuild.BuildEnvironment `field:"optional" json:"environment" yaml:"environment"`
// Environment variables to send into build.
//
// NOTE: You may run into the 1000-character limit for the Action configuration if you have a large
// number of variables or if their names or values are very long.
// If you do, pass them to the underlying CodeBuild project directly in `environment` instead.
// However, you will not be able to use CodePipeline Variables in this case.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
EnvironmentVariables *map[string]*awscodebuild.BuildEnvironmentVariable `field:"optional" json:"environmentVariables" yaml:"environmentVariables"`
// Name of the CodeBuild project.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ProjectName *string `field:"optional" json:"projectName" yaml:"projectName"`
// Policy statements to add to role used during the synth.
//
// Can be used to add acces to a CodeArtifact repository etc.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
RolePolicyStatements *[]awsiam.PolicyStatement `field:"optional" json:"rolePolicyStatements" yaml:"rolePolicyStatements"`
// Directory inside the source where package.json and cdk.json are located.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Subdirectory *string `field:"optional" json:"subdirectory" yaml:"subdirectory"`
// Which subnets to use.
//
// Only used if 'vpc' is supplied.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
SubnetSelection *awsec2.SubnetSelection `field:"optional" json:"subnetSelection" yaml:"subnetSelection"`
// The VPC where to execute the SimpleSynth.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Vpc awsec2.IVpc `field:"optional" json:"vpc" yaml:"vpc"`
// The build command.
//
// By default, we assume NPM projects are either written in JavaScript or are
// using `ts-node`, so don't need a build command.
//
// Otherwise, put the build command here, for example `npm run build`.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
BuildCommand *string `field:"optional" json:"buildCommand" yaml:"buildCommand"`
// The install command.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
InstallCommand *string `field:"optional" json:"installCommand" yaml:"installCommand"`
// The synth command.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
SynthCommand *string `field:"optional" json:"synthCommand" yaml:"synthCommand"`
// Test commands.
//
// These commands are run after the build commands but before the
// synth command.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
TestCommands *[]*string `field:"optional" json:"testCommands" yaml:"testCommands"`
}
Options for a convention-based synth using NPM.
Example:
sourceArtifact := codepipeline.NewArtifact()
cloudAssemblyArtifact := codepipeline.NewArtifact()
pipeline := pipelines.NewCdkPipeline(this, jsii.String("MyPipeline"), &cdkPipelineProps{
cloudAssemblyArtifact: cloudAssemblyArtifact,
synthAction: pipelines.simpleSynthAction.standardNpmSynth(&standardNpmSynthOptions{
sourceArtifact: sourceArtifact,
cloudAssemblyArtifact: cloudAssemblyArtifact,
environment: &buildEnvironment{
privileged: jsii.Boolean(true),
},
}),
})
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
type StandardYarnSynthOptions
deprecated
type StandardYarnSynthOptions struct {
// The artifact where the CloudAssembly should be emitted.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
CloudAssemblyArtifact awscodepipeline.Artifact `field:"required" json:"cloudAssemblyArtifact" yaml:"cloudAssemblyArtifact"`
// The source artifact of the CodePipeline.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
SourceArtifact awscodepipeline.Artifact `field:"required" json:"sourceArtifact" yaml:"sourceArtifact"`
// Name of the build action.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ActionName *string `field:"optional" json:"actionName" yaml:"actionName"`
// Produce additional output artifacts after the build based on the given directories.
//
// Can be used to produce additional artifacts during the build step,
// separate from the cloud assembly, which can be used further on in the
// pipeline.
//
// Directories are evaluated with respect to `subdirectory`.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
AdditionalArtifacts *[]*AdditionalArtifact `field:"optional" json:"additionalArtifacts" yaml:"additionalArtifacts"`
// custom BuildSpec that is merged with the generated one.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
BuildSpec awscodebuild.BuildSpec `field:"optional" json:"buildSpec" yaml:"buildSpec"`
// Environment variables to copy over from parent env.
//
// These are environment variables that are being used by the build.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
CopyEnvironmentVariables *[]*string `field:"optional" json:"copyEnvironmentVariables" yaml:"copyEnvironmentVariables"`
// Build environment to use for CodeBuild job.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Environment *awscodebuild.BuildEnvironment `field:"optional" json:"environment" yaml:"environment"`
// Environment variables to send into build.
//
// NOTE: You may run into the 1000-character limit for the Action configuration if you have a large
// number of variables or if their names or values are very long.
// If you do, pass them to the underlying CodeBuild project directly in `environment` instead.
// However, you will not be able to use CodePipeline Variables in this case.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
EnvironmentVariables *map[string]*awscodebuild.BuildEnvironmentVariable `field:"optional" json:"environmentVariables" yaml:"environmentVariables"`
// Name of the CodeBuild project.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ProjectName *string `field:"optional" json:"projectName" yaml:"projectName"`
// Policy statements to add to role used during the synth.
//
// Can be used to add acces to a CodeArtifact repository etc.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
RolePolicyStatements *[]awsiam.PolicyStatement `field:"optional" json:"rolePolicyStatements" yaml:"rolePolicyStatements"`
// Directory inside the source where package.json and cdk.json are located.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Subdirectory *string `field:"optional" json:"subdirectory" yaml:"subdirectory"`
// Which subnets to use.
//
// Only used if 'vpc' is supplied.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
SubnetSelection *awsec2.SubnetSelection `field:"optional" json:"subnetSelection" yaml:"subnetSelection"`
// The VPC where to execute the SimpleSynth.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Vpc awsec2.IVpc `field:"optional" json:"vpc" yaml:"vpc"`
// The build command.
//
// By default, we assume NPM projects are either written in JavaScript or are
// using `ts-node`, so don't need a build command.
//
// Otherwise, put the build command here, for example `npm run build`.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
BuildCommand *string `field:"optional" json:"buildCommand" yaml:"buildCommand"`
// The install command.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
InstallCommand *string `field:"optional" json:"installCommand" yaml:"installCommand"`
// The synth command.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
SynthCommand *string `field:"optional" json:"synthCommand" yaml:"synthCommand"`
// Test commands.
//
// These commands are run after the build commands but before the
// synth command.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
TestCommands *[]*string `field:"optional" json:"testCommands" yaml:"testCommands"`
}
Options for a convention-based synth using Yarn.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var artifact artifact
var bucket bucket
var buildImage iBuildImage
var buildSpec buildSpec
var policyStatement policyStatement
var subnet subnet
var subnetFilter subnetFilter
var value interface{}
var vpc vpc
standardYarnSynthOptions := &standardYarnSynthOptions{
cloudAssemblyArtifact: artifact,
sourceArtifact: artifact,
// the properties below are optional
actionName: jsii.String("actionName"),
additionalArtifacts: []additionalArtifact{
&additionalArtifact{
artifact: artifact,
directory: jsii.String("directory"),
},
},
buildCommand: jsii.String("buildCommand"),
buildSpec: buildSpec,
copyEnvironmentVariables: []*string{
jsii.String("copyEnvironmentVariables"),
},
environment: &buildEnvironment{
buildImage: buildImage,
certificate: &buildEnvironmentCertificate{
bucket: bucket,
objectKey: jsii.String("objectKey"),
},
computeType: awscdk.Aws_codebuild.computeType_SMALL,
environmentVariables: map[string]buildEnvironmentVariable{
"environmentVariablesKey": &buildEnvironmentVariable{
"value": value,
// the properties below are optional
"type": awscdk.*Aws_codebuild.BuildEnvironmentVariableType_PLAINTEXT,
},
},
privileged: jsii.Boolean(false),
},
environmentVariables: map[string]*buildEnvironmentVariable{
"environmentVariablesKey": &buildEnvironmentVariable{
"value": value,
// the properties below are optional
"type": awscdk.*Aws_codebuild.BuildEnvironmentVariableType_PLAINTEXT,
},
},
installCommand: jsii.String("installCommand"),
projectName: jsii.String("projectName"),
rolePolicyStatements: []*policyStatement{
policyStatement,
},
subdirectory: jsii.String("subdirectory"),
subnetSelection: &subnetSelection{
availabilityZones: []*string{
jsii.String("availabilityZones"),
},
onePerAz: jsii.Boolean(false),
subnetFilters: []*subnetFilter{
subnetFilter,
},
subnetGroupName: jsii.String("subnetGroupName"),
subnetName: jsii.String("subnetName"),
subnets: []iSubnet{
subnet,
},
subnetType: awscdk.Aws_ec2.subnetType_ISOLATED,
},
synthCommand: jsii.String("synthCommand"),
testCommands: []*string{
jsii.String("testCommands"),
},
vpc: vpc,
}
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
type Step ¶
type Step interface {
IFileSetProducer
// Return the steps this step depends on, based on the FileSets it requires.
// Experimental.
Dependencies() *[]Step
// The list of FileSets consumed by this Step.
// Experimental.
DependencyFileSets() *[]FileSet
// Identifier for this step.
// Experimental.
Id() *string
// Whether or not this is a Source step.
//
// What it means to be a Source step depends on the engine.
// Experimental.
IsSource() *bool
// The primary FileSet produced by this Step.
//
// Not all steps produce an output FileSet--if they do
// you can substitute the `Step` object for the `FileSet` object.
// Experimental.
PrimaryOutput() FileSet
// Add an additional FileSet to the set of file sets required by this step.
//
// This will lead to a dependency on the producer of that file set.
// Experimental.
AddDependencyFileSet(fs FileSet)
// Add a dependency on another step.
// Experimental.
AddStepDependency(step Step)
// Configure the given FileSet as the primary output of this step.
// Experimental.
ConfigurePrimaryOutput(fs FileSet)
// Crawl the given structure for references to StepOutputs and add dependencies on all steps found.
//
// Should be called in the constructor of subclasses based on what the user
// passes in as construction properties. The format of the structure passed in
// here does not have to correspond exactly to what gets rendered into the
// engine, it just needs to contain the same data.
// Experimental.
DiscoverReferencedOutputs(structure interface{})
// Return a string representation of this Step.
// Experimental.
ToString() *string
}
A generic Step which can be added to a Pipeline.
Steps can be used to add Sources, Build Actions and Validations to your pipeline.
This class is abstract. See specific subclasses of Step for useful steps to add to your Pipeline.
Example:
// Step A will depend on step B and step B will depend on step C
orderedSteps := pipelines.step.sequence([]step{
pipelines.NewManualApprovalStep(jsii.String("A")),
pipelines.NewManualApprovalStep(jsii.String("B")),
pipelines.NewManualApprovalStep(jsii.String("C")),
})
Experimental.
type UpdatePipelineAction
deprecated
type UpdatePipelineAction interface {
awscdk.Construct
awscodepipeline.IAction
// Exists to implement IAction.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ActionProperties() *awscodepipeline.ActionProperties
// The construct tree node associated with this construct.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Node() awscdk.ConstructNode
// Exists to implement IAction.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Bind(scope awscdk.Construct, stage awscodepipeline.IStage, options *awscodepipeline.ActionBindOptions) *awscodepipeline.ActionConfig
// Perform final modifications before synthesis.
//
// This method can be implemented by derived constructs in order to perform
// final changes before synthesis. prepare() will be called after child
// constructs have been prepared.
//
// This is an advanced framework feature. Only use this if you
// understand the implications.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
OnPrepare()
// Exists to implement IAction.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
OnStateChange(name *string, target awsevents.IRuleTarget, options *awsevents.RuleProps) awsevents.Rule
// Allows this construct to emit artifacts into the cloud assembly during synthesis.
//
// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
// as they participate in synthesizing the cloud assembly.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
OnSynthesize(session constructs.ISynthesisSession)
// Validate the current construct.
//
// This method can be implemented by derived constructs in order to perform
// validation logic. It is called on all constructs before synthesis.
//
// Returns: An array of validation error messages, or an empty array if the construct is valid.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
OnValidate() *[]*string
// Perform final modifications before synthesis.
//
// This method can be implemented by derived constructs in order to perform
// final changes before synthesis. prepare() will be called after child
// constructs have been prepared.
//
// This is an advanced framework feature. Only use this if you
// understand the implications.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Prepare()
// Allows this construct to emit artifacts into the cloud assembly during synthesis.
//
// This method is usually implemented by framework-level constructs such as `Stack` and `Asset`
// as they participate in synthesizing the cloud assembly.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Synthesize(session awscdk.ISynthesisSession)
// Returns a string representation of this construct.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ToString() *string
// Validate the current construct.
//
// This method can be implemented by derived constructs in order to perform
// validation logic. It is called on all constructs before synthesis.
//
// Returns: An array of validation error messages, or an empty array if the construct is valid.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Validate() *[]*string
}
Action to self-mutate the pipeline.
Creates a CodeBuild project which will use the CDK CLI to deploy the pipeline stack.
You do not need to instantiate this action -- it will automatically be added by the pipeline.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var artifact artifact
var buildSpec buildSpec
var dockerCredential dockerCredential
updatePipelineAction := awscdk.Pipelines.NewUpdatePipelineAction(this, jsii.String("MyUpdatePipelineAction"), &updatePipelineActionProps{
cloudAssemblyInput: artifact,
pipelineStackHierarchicalId: jsii.String("pipelineStackHierarchicalId"),
// the properties below are optional
buildSpec: buildSpec,
cdkCliVersion: jsii.String("cdkCliVersion"),
dockerCredentials: []*dockerCredential{
dockerCredential,
},
pipelineStackName: jsii.String("pipelineStackName"),
privileged: jsii.Boolean(false),
projectName: jsii.String("projectName"),
})
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
func NewUpdatePipelineAction
deprecated
func NewUpdatePipelineAction(scope constructs.Construct, id *string, props *UpdatePipelineActionProps) UpdatePipelineAction
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
type UpdatePipelineActionProps
deprecated
type UpdatePipelineActionProps struct {
// The CodePipeline artifact that holds the Cloud Assembly.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
CloudAssemblyInput awscodepipeline.Artifact `field:"required" json:"cloudAssemblyInput" yaml:"cloudAssemblyInput"`
// Hierarchical id of the pipeline stack.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
PipelineStackHierarchicalId *string `field:"required" json:"pipelineStackHierarchicalId" yaml:"pipelineStackHierarchicalId"`
// Custom BuildSpec that is merged with generated one.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
BuildSpec awscodebuild.BuildSpec `field:"optional" json:"buildSpec" yaml:"buildSpec"`
// Version of CDK CLI to 'npm install'.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
CdkCliVersion *string `field:"optional" json:"cdkCliVersion" yaml:"cdkCliVersion"`
// Docker registries and associated credentials necessary during the pipeline self-update stage.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
DockerCredentials *[]DockerCredential `field:"optional" json:"dockerCredentials" yaml:"dockerCredentials"`
// Name of the pipeline stack.
// Deprecated: - Use `pipelineStackHierarchicalId` instead.
PipelineStackName *string `field:"optional" json:"pipelineStackName" yaml:"pipelineStackName"`
// Whether the build step should run in privileged mode.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
Privileged *bool `field:"optional" json:"privileged" yaml:"privileged"`
// Name of the CodeBuild project.
// Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
ProjectName *string `field:"optional" json:"projectName" yaml:"projectName"`
}
Props for the UpdatePipelineAction.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
var artifact artifact
var buildSpec buildSpec
var dockerCredential dockerCredential
updatePipelineActionProps := &updatePipelineActionProps{
cloudAssemblyInput: artifact,
pipelineStackHierarchicalId: jsii.String("pipelineStackHierarchicalId"),
// the properties below are optional
buildSpec: buildSpec,
cdkCliVersion: jsii.String("cdkCliVersion"),
dockerCredentials: []*dockerCredential{
dockerCredential,
},
pipelineStackName: jsii.String("pipelineStackName"),
privileged: jsii.Boolean(false),
projectName: jsii.String("projectName"),
}
Deprecated: This class is part of the old API. Use the API based on the `CodePipeline` class instead
type Wave ¶
type Wave interface {
// Identifier for this Wave.
// Experimental.
Id() *string
// Additional steps that are run after all of the stages in the wave.
// Experimental.
Post() *[]Step
// Additional steps that are run before any of the stages in the wave.
// Experimental.
Pre() *[]Step
// The stages that are deployed in this wave.
// Experimental.
Stages() *[]StageDeployment
// Add an additional step to run after all of the stages in this wave.
// Experimental.
AddPost(steps ...Step)
// Add an additional step to run before any of the stages in this wave.
// Experimental.
AddPre(steps ...Step)
// Add a Stage to this wave.
//
// It will be deployed in parallel with all other stages in this
// wave.
// Experimental.
AddStage(stage awscdk.Stage, options *AddStageOpts) StageDeployment
}
Multiple stages that are deployed in parallel.
Example:
var pipeline codePipeline
europeWave := pipeline.addWave(jsii.String("Europe"))
europeWave.addStage(NewMyApplicationStage(this, jsii.String("Ireland"), &stageProps{
env: &environment{
region: jsii.String("eu-west-1"),
},
}))
europeWave.addStage(NewMyApplicationStage(this, jsii.String("Germany"), &stageProps{
env: &environment{
region: jsii.String("eu-central-1"),
},
}))
Experimental.
type WaveOptions ¶
type WaveOptions struct {
// Additional steps to run after all of the stages in the wave.
// Experimental.
Post *[]Step `field:"optional" json:"post" yaml:"post"`
// Additional steps to run before any of the stages in the wave.
// Experimental.
Pre *[]Step `field:"optional" json:"pre" yaml:"pre"`
}
Options to pass to `addWave`.
Example:
pipeline := pipelines.NewCodePipeline(this, jsii.String("Pipeline"), &codePipelineProps{
synth: pipelines.NewShellStep(jsii.String("Synth"), &shellStepProps{
input: pipelines.codePipelineSource.connection(jsii.String("my-org/my-app"), jsii.String("main"), &connectionSourceOptions{
connectionArn: jsii.String("arn:aws:codestar-connections:us-east-1:222222222222:connection/7d2469ff-514a-4e4f-9003-5ca4a43cdc41"),
}),
commands: []*string{
jsii.String("npm ci"),
jsii.String("npm run build"),
jsii.String("npx cdk synth"),
},
}),
// Turn this on because the pipeline uses Docker image assets
dockerEnabledForSelfMutation: jsii.Boolean(true),
})
pipeline.addWave(jsii.String("MyWave"), &waveOptions{
post: []step{
pipelines.NewCodeBuildStep(jsii.String("RunApproval"), &codeBuildStepProps{
commands: []*string{
jsii.String("command-from-image"),
},
buildEnvironment: &buildEnvironment{
// The user of a Docker image asset in the pipeline requires turning on
// 'dockerEnabledForSelfMutation'.
buildImage: codebuild.linuxBuildImage.fromAsset(this, jsii.String("Image"), &dockerImageAssetProps{
directory: jsii.String("./docker-image"),
}),
},
}),
},
})
Experimental.
type WaveProps ¶
type WaveProps struct {
// Additional steps to run after all of the stages in the wave.
// Experimental.
Post *[]Step `field:"optional" json:"post" yaml:"post"`
// Additional steps to run before any of the stages in the wave.
// Experimental.
Pre *[]Step `field:"optional" json:"pre" yaml:"pre"`
}
Construction properties for a `Wave`.
Example:
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
var step step
waveProps := &waveProps{
post: []*step{
step,
},
pre: []*step{
step,
},
}
Experimental.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.