Documentation ¶
Index ¶
- Variables
- func AWSEnvironment(profile string) runner.Feature
- func FileCache(workingDir string, fileCaching FileCaching, ...) runner.Feature
- func InputArtifacts(in []string, artifactPlans map[string]string, cacheDir string) runner.Feature
- func InputVariableHandler(inputs map[string]string) runner.Feature
- func NewWorkflowFeaturesProvider(params *NewWorkflowFeaturesProviderParams) (runner.FeaturesProvider, error)
- func NewWorkflowPlansProvider(params *NewWorkflowPlansProviderParams) runner.PlansProvider
- func OutputArtifacts(planID string, out []*OutputArtifact, artifactPlans map[string]string, ...) runner.Feature
- func ReplaceVariableHandler(planOutputs map[string]map[string]string, secrets SecretProvider) runner.Feature
- func ReportProcessor(report *Report, successCriteria *SuccessCriteria, reportDir string) runner.Feature
- func Run(ctx context.Context, params *RunParams) error
- type Action
- type ActionGroup
- type ActionOrGroup
- type FileCacheDirProvider
- type FileCaching
- type FileCachingEntry
- type Location
- type NewWorkflowFeaturesProviderParams
- type NewWorkflowPlansProviderParams
- type OutputArtifact
- type OutputMode
- type Report
- type Result
- type RunParams
- type SecretProvider
- type SuccessCriteria
- type Suppression
- type Vulnerability
- type VulnerabilitySeverity
- type Workflow
Constants ¶
This section is empty.
Variables ¶
var ActionVersions = map[string]string{
"aws/kubernetes-deploy": "1.0.0",
"aws/ecs-render-task-definition": "1.0.4",
"aws/cfn-deploy": "1.0.5",
"aws/ecs-deploy": "1.0.5",
"aws/cdk-deploy": "1.0.13",
"aws/cdk-bootstrap": "1.0.8",
"aws/s3-publish": "1.0.5",
"aws/lambda-invoke": "1.0.8",
"codecatalyst-labs/provision-with-terraform-community": "1.0.0",
"codecatalyst-labs/scan-with-codeguru-security": "1.0.0",
"codecatalyst-labs/deploy-to-cloudfront-s3": "1.0.1",
"codecatalyst-labs/publish-to-codeartifact": "1.0.1",
"codecatalyst-labs/invalidate-cloudfront-cache": "1.0.0",
"codecatalyst-labs/publish-to-sns": "1.0.0",
"codecatalyst-labs/deploy-to-app-runner": "1.0.3",
"codecatalyst-labs/outgoing-webhook": "1.0.1",
"codecatalyst-labs/deploy-with-sam": "1.0.1",
"codecatalyst-labs/push-to-ecr": "1.0.3",
"codecatalyst-labs/deploy-to-amplify-hosting": "1.0.1",
"mend/mendsca": "1.0.9",
}
var ActionsUrlTemplate = "https://amazon-codecatalyst-public-action-source-us-west-2.s3.us-west-2.amazonaws.com/us-west-2/%s/%s/action-repo.zip"
Functions ¶
func AWSEnvironment ¶
AWSEnvironment is a feature that will assume a role in AWS.
func FileCache ¶
func FileCache(workingDir string, fileCaching FileCaching, cacheDirProvider FileCacheDirProvider) runner.Feature
FileCache paths within actons
func InputArtifacts ¶
InputArtifacts imports artifacts from a directory into the container
func InputVariableHandler ¶
InputVariableHandler converts the provided inputs into environment variables
func NewWorkflowFeaturesProvider ¶
func NewWorkflowFeaturesProvider(params *NewWorkflowFeaturesProviderParams) (runner.FeaturesProvider, error)
NewWorkflowFeaturesProvider creates a FeaturesProvider for Workflow
func NewWorkflowPlansProvider ¶
func NewWorkflowPlansProvider(params *NewWorkflowPlansProviderParams) runner.PlansProvider
NewWorkflowPlansProvider creates a plan provider based on [Workflow]s
func OutputArtifacts ¶
func OutputArtifacts(planID string, out []*OutputArtifact, artifactPlans map[string]string, cacheDir string) runner.Feature
OutputArtifacts stores artifacts from the execution
func ReplaceVariableHandler ¶
func ReplaceVariableHandler(planOutputs map[string]map[string]string, secrets SecretProvider) runner.Feature
ReplaceVariableHandler converts the variables to outputs
func ReportProcessor ¶
func ReportProcessor( report *Report, successCriteria *SuccessCriteria, reportDir string, ) runner.Feature
ReportProcessor looks for reports created by the action and fails if they dont meet the successCriteria. Results are saved in the provided report parameter.
Types ¶
type Action ¶
type Action struct { Identifier string `yaml:"Identifier"` DependsOn []string `yaml:"DependsOn"` Configuration map[string]any `yaml:"Configuration"` Inputs struct { Sources []string `yaml:"Sources"` Artifacts []string `yaml:"Artifacts"` Variables []struct { Name string `yaml:"Name"` Value string `yaml:"Value"` } `yaml:"Variables"` } `yaml:"Inputs"` Outputs struct { Sources []string `yaml:"Sources"` Artifacts []*OutputArtifact `yaml:"Artifacts"` Variables []string `yaml:"Variables"` } `yaml:"Outputs"` Caching struct { FileCaching FileCaching `yaml:"FileCaching"` } `yaml:"Caching"` Environment struct { Name string `yaml:"Name"` Connections []struct { Name string `yaml:"Name"` Role string `yaml:"Role"` } `yaml:"Connections"` } `yaml:"Environment"` }
Action defines a single action to run
type ActionGroup ¶
ActionGroup is a grouping of Actions
type ActionOrGroup ¶
type ActionOrGroup struct { Action `yaml:",inline"` ActionGroup `yaml:",inline"` }
ActionOrGroup is a union of types Action and ActionGroup. Only 1 should be present
type FileCacheDirProvider ¶
type FileCaching ¶
type FileCaching map[string]FileCachingEntry
FileCaching contains a map of FileCachingEntry
type FileCachingEntry ¶
type FileCachingEntry struct { Path string `yaml:"Path"` // Path to cache RestoreKeys []string `yaml:"RestoreKeys"` // Fallback cache keys if this one misses }
FileCachingEntry describes a cache configuration
type Location ¶
type Location struct { URI string // uri of the location StartLine *int `json:",omitempty"` // first line number of a location EndLine *int `json:",omitempty"` // last line number of a location Snippet string // portion of the artifact identified in the location }
Location of a vulnerability
type NewWorkflowFeaturesProviderParams ¶
type NewWorkflowFeaturesProviderParams struct { runner.EnvironmentConfiguration // The configuration of the environments OutputMode OutputMode // Mode to use for output NoOutput bool // Disable output from the action execution NoCache bool // Disable file caches Dryrun bool // Dryrun skips execution of the action BindWorkingDir bool // BindWorkingDir will mount the working directory into the container, rather than copying EnvironmentProfiles map[string]string // Map of workflow environment names to AWS CLI profile names Workflow *Workflow // Workflow to load features for SecretProvider SecretProvider // Secret provider to use for secrets }
NewWorkflowFeaturesProviderParams contains the params to create a new FeaturesProvider
type NewWorkflowPlansProviderParams ¶
type NewWorkflowPlansProviderParams struct { ExecutionType runner.ExecutionType // The [ExecutionType] to use in the created plans WorkingDir string // The working directory to use for each plan Action string // the name of the action to run Workflow *Workflow // The [Workflow] to use }
NewWorkflowPlansProviderParams contains the parameters to create a new action plans provider
type OutputArtifact ¶
type OutputArtifact struct { Name string `yaml:"Name"` // Name of the output artifact Files any `yaml:"Files"` // List of file patterns to include }
OutputArfifact describes an artifact to collect at the end of a plan execution
type OutputMode ¶
type OutputMode string
const ( OutputModeText OutputMode = "text" OutputModeTUI OutputMode = "tui" )
type Report ¶
type Report struct { Result Result `json:"codecatalyst_action_result"` // result of the report PassRate *float32 `json:"codecatalyst_action_passRate,omitempty"` // number between 0 and 100 representing the percentage of tests that passed LineCoverage *float32 `json:"codecatalyst_action_lineCoverage,omitempty"` // number between 0 and 100 representing the percentage of lines that were covered by tests BranchCoverage *float32 `json:"codecatalyst_action_branchCoverage,omitempty"` // number between 0 and 100 representing the percentage of branches that were covered by tests Vulnerabilities []Vulnerability `json:"codecatalyst_action_vulnerabilities"` // list of vulnerabilities found }
Report object is the aggregation of all reports detected in the action
type RunParams ¶
type RunParams struct { NewWorkflowPlansProviderParams NewWorkflowFeaturesProviderParams Concurrency int WorkflowPath string WorkflowName string }
type SecretProvider ¶
type SuccessCriteria ¶
type SuccessCriteria struct { PassRate float32 `yaml:"passRate"` // number between 0 and 100 representing the percentage of tests that must pass LineCoverage float32 `yaml:"lineCoverage"` // number between 0 and 100 representing the percentage of lines that must be covered by tests BranchCoverage float32 `yaml:"branchCoverage"` // number between 0 and 100 representing the percentage of branches that must be covered by tests VulnerabilityThreshold VulnerabilitySeverity `yaml:"vulnerabilityThreshold"` // the max severity of the vulnerabilities allowed }
SuccessCriteria defines the required results of test reports for an action to pass
type Suppression ¶
type Suppression struct { Kind string // type of suppression, one of: inSource or external Justification string // user-supplied string explaining why the result was suppressed }
Suppression object describes a request to suppress a result
type Vulnerability ¶
type Vulnerability struct { Severity VulnerabilitySeverity // severity of the vulnerability RuleID string // ID of the rule that found the vulnerability Message string // description of the vulnerability Locations []Location // locations of the vulnerability Suppressions []Suppression // list of suppressions applied to the vulnerability }
Vulnerability found during an execution of an action
type VulnerabilitySeverity ¶
type VulnerabilitySeverity string
VulnerabilitySeverity describes the severity of a vulnerability
const ( // VulnerabilitySeverityCritical is critical severity VulnerabilitySeverityCritical VulnerabilitySeverity = "CRITICAL" // VulnerabilitySeverityHigh is high severity VulnerabilitySeverityHigh VulnerabilitySeverity = "HIGH" // VulnerabilitySeverityMedium is medium severity VulnerabilitySeverityMedium VulnerabilitySeverity = "MEDIUM" // VulnerabilitySeverityLow is low severity VulnerabilitySeverityLow VulnerabilitySeverity = "LOW" // VulnerabilitySeverityInformational is informational severity VulnerabilitySeverityInformational VulnerabilitySeverity = "INFORMATIONAL" )