Skip to content

Commit

Permalink
feat(aws-codedeploy): CodeDeploy Pipeline Action using the L2 Deploym…
Browse files Browse the repository at this point in the history
…entGroup Construct. (#1085)

BREAKING CHANGE: this changes the API of the CodeDeploy Pipeline Action
to take the DeploymentGroup AWS Construct as an argument instead of the names
of the Application and Deployment Group.
  • Loading branch information
skinny85 authored and Rico Huijbers committed Nov 6, 2018
1 parent eac5370 commit a951aa1
Show file tree
Hide file tree
Showing 3 changed files with 37 additions and 44 deletions.
49 changes: 13 additions & 36 deletions packages/@aws-cdk/aws-codedeploy/lib/pipeline-action.ts
Original file line number Diff line number Diff line change
@@ -1,27 +1,17 @@
import codepipeline = require('@aws-cdk/aws-codepipeline-api');
import iam = require('@aws-cdk/aws-iam');
import cdk = require('@aws-cdk/cdk');
import { ServerDeploymentGroupRef } from './deployment-group';

/**
* Construction properties of the {@link PipelineDeployAction CodeDeploy deploy CodePipeline Action}.
*/
export interface PipelineDeployActionProps extends codepipeline.CommonActionProps,
codepipeline.CommonActionConstructProps {
/**
* The name of the CodeDeploy application to deploy to.
*
* @note this will most likely be changed to a proper CodeDeploy AWS Construct reference
* once that functionality has been implemented for CodeDeploy
*/
applicationName: string;

/**
* The name of the CodeDeploy deployment group to deploy to.
*
* @note this will most likely be changed to a proper CodeDeploy AWS Construct reference
* once that functionality has been implemented for CodeDeploy
* The CodeDeploy Deployment Group to deploy to.
*/
deploymentGroupName: string;
deploymentGroup: ServerDeploymentGroupRef;

/**
* The source to use as input for deployment.
Expand All @@ -40,50 +30,37 @@ export class PipelineDeployAction extends codepipeline.DeployAction {
provider: 'CodeDeploy',
inputArtifact: props.inputArtifact,
configuration: {
ApplicationName: props.applicationName,
DeploymentGroupName: props.deploymentGroupName,
ApplicationName: props.deploymentGroup.application.applicationName,
DeploymentGroupName: props.deploymentGroup.deploymentGroupName,
},
});

// permissions, based on:
// https://docs.aws.amazon.com/codedeploy/latest/userguide/auth-and-access-control-permissions-reference.html

const applicationArn = cdk.ArnUtils.fromComponents({
service: 'codedeploy',
resource: 'application',
resourceName: props.applicationName,
sep: ':',
});
props.stage.pipeline.role.addToPolicy(new iam.PolicyStatement()
.addResource(applicationArn)
.addResource(props.deploymentGroup.application.applicationArn)
.addActions(
'codedeploy:GetApplicationRevision',
'codedeploy:RegisterApplicationRevision',
));

const deploymentGroupArn = cdk.ArnUtils.fromComponents({
service: 'codedeploy',
resource: 'deploymentgroup',
resourceName: `${props.applicationName}/${props.deploymentGroupName}`,
sep: ':',
});
props.stage.pipeline.role.addToPolicy(new iam.PolicyStatement()
.addResource(deploymentGroupArn)
.addResource(props.deploymentGroup.deploymentGroupArn)
.addActions(
'codedeploy:CreateDeployment',
'codedeploy:GetDeployment',
));

const deployConfigArn = cdk.ArnUtils.fromComponents({
service: 'codedeploy',
resource: 'deploymentconfig',
resourceName: '*',
sep: ':',
});
props.stage.pipeline.role.addToPolicy(new iam.PolicyStatement()
.addResource(deployConfigArn)
.addResource(props.deploymentGroup.deploymentConfig.deploymentConfigArn)
.addActions(
'codedeploy:GetDeploymentConfig',
));

// grant the ASG Role permissions to read from the Pipeline Bucket
for (const asg of props.deploymentGroup.autoScalingGroups || []) {
props.stage.pipeline.grantBucketRead(asg.role);
}
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -175,7 +175,10 @@
{
"Ref": "AWS::AccountId"
},
":application:IntegTestDeployApp"
":application:",
{
"Ref": "CodeDeployApplicationE587C27C"
}
]
]
}
Expand All @@ -202,7 +205,14 @@
{
"Ref": "AWS::AccountId"
},
":deploymentgroup:IntegTestDeployApp/IntegTestDeploymentGroup"
":deploymentgroup:",
{
"Ref": "CodeDeployApplicationE587C27C"
},
"/",
{
"Ref": "CodeDeployGroup58220FC8"
}
]
]
}
Expand All @@ -226,7 +236,10 @@
{
"Ref": "AWS::AccountId"
},
":deploymentconfig:*"
":deploymentconfig:",
{
"Ref": "CustomDeployConfig52EEBC13"
}
]
]
}
Expand Down Expand Up @@ -296,8 +309,12 @@
"Version": "1"
},
"Configuration": {
"ApplicationName": "IntegTestDeployApp",
"DeploymentGroupName": "IntegTestDeploymentGroup"
"ApplicationName": {
"Ref": "CodeDeployApplicationE587C27C"
},
"DeploymentGroupName": {
"Ref": "CodeDeployGroup58220FC8"
}
},
"InputArtifacts": [
{
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ const deploymentConfig = new codedeploy.ServerDeploymentConfig(stack, 'CustomDep
minHealthyHostCount: 0,
});

new codedeploy.ServerDeploymentGroup(stack, 'CodeDeployGroup', {
const deploymentGroup = new codedeploy.ServerDeploymentGroup(stack, 'CodeDeployGroup', {
application,
deploymentGroupName: 'IntegTestDeploymentGroup',
deploymentConfig,
Expand All @@ -38,8 +38,7 @@ bucket.addToPipeline(sourceStage, 'S3Source', {
const deployStage = new codepipeline.Stage(stack, 'Deploy', { pipeline });
new codedeploy.PipelineDeployAction(stack, 'CodeDeploy', {
stage: deployStage,
applicationName: 'IntegTestDeployApp',
deploymentGroupName: 'IntegTestDeploymentGroup',
deploymentGroup,
});

app.run();

0 comments on commit a951aa1

Please sign in to comment.