feat(cdk-dasm): wip: generate cdk code from cloudformation (#2244)

(not fully functional yet) Converts AWS CloudFormation templates to CDK TypeScript code that synthesizes the same output.
aws · Apr 11, 2019 · b707782 · b707782
1 parent aebcde5
commit b707782
Show file tree

Hide file tree

Showing 13 changed files with 5,914 additions and 0 deletions.
diff --git a/packages/cdk-dasm/.gitignore b/packages/cdk-dasm/.gitignore
@@ -0,0 +1,5 @@
+*.js
+*.d.ts
+!deps.js
+test/fixture/.jsii
+cdk.schema.json
diff --git a/packages/cdk-dasm/README.md b/packages/cdk-dasm/README.md
@@ -0,0 +1,114 @@
+# CDK CloudFormation Disassembler
+
+[![experimental](http://badges.github.io/stability-badges/dist/experimental.svg)](http://github.com/badges/stability-badges)
+
+----
+
+## __WIP__ - this module is still not fully functional:
+
+- [ ] Does not handle intrinsic functions
+- [ ] Only handles the "Resources" section (parameters, outputs, mappings,
+  conditions, ...)
+- [ ] Keys in JSON blobs (such as IAM policies) are converted to camel case
+  (instead of remain as pascal case).
+- [ ] Only TypeScript is supported
+
+-----
+
+Converts an AWS CloudFormation template into AWS CDK code which synthesizes the
+same exact template.
+
+## Why you should not use this tool?
+
+Generally, this is not a recommended approach when using the AWS CDK, but some
+people may find this useful as a means to get started or migrate an existing
+template.
+
+Using this method means that you will have to use the low-level resources (e.g.
+`s3.CfnBucket` instead of `s3.Bucket`). This means that you lose a substantial
+portion of the value of the CDK, which abstracts away much of the boilerplate
+and glue logic required to work with AWS resources.
+
+For example, this is how you would define an S3 bucket encrypted with a KMS key
+with high-level resources:
+
+```ts
+new s3.Bucket(this, 'MyBucket', {
+  encryption: s3.BucketEncryption.Kms
+});
+```
+
+And this is how the same exact configuration will be defined using low-level
+resources:
+
+```ts
+new kms.CfnKey(this, 'MyBucketKeyC17130CF', {
+    keyPolicy: {
+      "statement": [
+        {
+          "action": [ "kms:Create*", "kms:Describe*", "kms:Enable*", "kms:List*", "kms:Put*", "kms:Update*", "kms:Revoke*", "kms:Disable*", "kms:Get*", "kms:Delete*", "kms:ScheduleKeyDeletion", "kms:CancelKeyDeletion" ],
+          "effect": "Allow",
+          "principal": {
+            "aws": { "Fn::Join": [ "", [ "arn:", { "Ref": "AWS::Partition" }, ":iam::", { "Ref": "AWS::AccountId" }, ":root" ] ] }
+          },
+          "resource": "*"
+        }
+      ],
+      "version": "2012-10-17"
+    }
+});
+
+new s3.CfnBucket(this, 'MyBucketF68F3FF0', {
+    bucketEncryption: {
+      "serverSideEncryptionConfiguration": [
+        {
+          "serverSideEncryptionByDefault": {
+            "kmsMasterKeyId": Fn.getAtt('MyBucketKeyC17130CF', 'Arn').toString(),
+            "sseAlgorithm": "aws:kms"
+          }
+        }
+      ]
+    },
+});
+```
+As you can see, there are a lot of details here that you really don't want to
+care about (like the value to put under `sseAlgorithm` or which actions are
+required in the key policy so the key can be managed by administrators. Also,
+this is actually one of the more simple examples we have in the CDK.
+
+The AWS Construct Library includes a very large amount of "undifferentiated
+heavy lifting" that you can only enjoy if you use the high level resources which
+encapsulate all this goodness for you behind a nice clean object-oriented API.
+
+Therefore, we encourage you to use the high-level constructs in the AWS
+Construct Library as much as possible. If you encounter a gap or missing
+capability or resource, take a look at the [Escape
+Hatches](https://docs.aws.amazon.com/CDK/latest/userguide/cfn_layer.html)
+section of the User Guide.
+
+## Usage
+
+```console
+$ cdk-dasm < my-stack-template.json > my-stack.ts
+```
+
+For example, given:
+
+```json
+{
+  "Resources": {
+    "MyTopic": {
+      "Type": "AWS::SNS::Topic",
+      "Properties": {
+        "DisplayName": "YoTopic"
+      }
+    }
+  }
+}
+```
+
+The output will be:
+
+```ts
+
+```
diff --git a/packages/cdk-dasm/bin/cdk-dasm b/packages/cdk-dasm/bin/cdk-dasm
@@ -0,0 +1,2 @@
+#!/usr/bin/env node
+require('./cdk-dasm.js');
diff --git a/packages/cdk-dasm/bin/cdk-dasm.ts b/packages/cdk-dasm/bin/cdk-dasm.ts
@@ -0,0 +1,14 @@
+import YAML = require('yaml');
+import { dasmTypeScript } from '../lib';
+
+let s = '';
+process.stdin.resume();
+process.stdin.on('data', data => {
+  s += data.toString('utf-8');
+});
+
+process.stdin.on('end', () => {
+  dasmTypeScript(YAML.parse(s)).then(out => {
+    process.stdout.write(out);
+  });
+});
diff --git a/packages/cdk-dasm/jest.config.js b/packages/cdk-dasm/jest.config.js
@@ -0,0 +1,180 @@
+// For a detailed explanation regarding each configuration property, visit:
+// https://jestjs.io/docs/en/configuration.html
+
+module.exports = {
+  // All imported modules in your tests should be mocked automatically
+  // automock: false,
+
+  // Stop running tests after `n` failures
+  // bail: 0,
+
+  // Respect "browser" field in package.json when resolving modules
+  // browser: false,
+
+  // The directory where Jest should store its cached dependency information
+  // cacheDirectory: "/private/var/folders/n2/6v4_tbz97ws0h4bn5gbyvzb0m8vcjb/T/jest_b92skr",
+
+  // Automatically clear mock calls and instances between every test
+  // clearMocks: false,
+
+  // Indicates whether the coverage information should be collected while executing the test
+  // collectCoverage: false,
+
+  // An array of glob patterns indicating a set of files for which coverage information should be collected
+  // collectCoverageFrom: null,
+
+  // The directory where Jest should output its coverage files
+  coverageDirectory: "coverage",
+
+  // An array of regexp pattern strings used to skip coverage collection
+  // coveragePathIgnorePatterns: [
+  //   "/node_modules/"
+  // ],
+
+  // A list of reporter names that Jest uses when writing coverage reports
+  // coverageReporters: [
+  //   "json",
+  //   "text",
+  //   "lcov",
+  //   "clover"
+  // ],
+
+  // An object that configures minimum threshold enforcement for coverage results
+  // coverageThreshold: null,
+
+  // A path to a custom dependency extractor
+  // dependencyExtractor: null,
+
+  // Make calling deprecated APIs throw helpful error messages
+  // errorOnDeprecated: false,
+
+  // Force coverage collection from ignored files using an array of glob patterns
+  // forceCoverageMatch: [],
+
+  // A path to a module which exports an async function that is triggered once before all test suites
+  // globalSetup: null,
+
+  // A path to a module which exports an async function that is triggered once after all test suites
+  // globalTeardown: null,
+
+  // A set of global variables that need to be available in all test environments
+  // globals: {},
+
+  // An array of directory names to be searched recursively up from the requiring module's location
+  // moduleDirectories: [
+  //   "node_modules"
+  // ],
+
+  // An array of file extensions your modules use
+  moduleFileExtensions: [
+     "js"
+  ],
+
+  // A map from regular expressions to module names that allow to stub out resources with a single module
+  // moduleNameMapper: {},
+
+  // An array of regexp pattern strings, matched against all module paths before considered 'visible' to the module loader
+  // modulePathIgnorePatterns: [],
+
+  // Activates notifications for test results
+  // notify: false,
+
+  // An enum that specifies notification mode. Requires { notify: true }
+  // notifyMode: "failure-change",
+
+  // A preset that is used as a base for Jest's configuration
+  // preset: null,
+
+  // Run tests from one or more projects
+  // projects: null,
+
+  // Use this configuration option to add custom reporters to Jest
+  // reporters: undefined,
+
+  // Automatically reset mock state between every test
+  // resetMocks: false,
+
+  // Reset the module registry before running each individual test
+  // resetModules: false,
+
+  // A path to a custom resolver
+  // resolver: null,
+
+  // Automatically restore mock state between every test
+  // restoreMocks: false,
+
+  // The root directory that Jest should scan for tests and modules within
+  // rootDir: null,
+
+  // A list of paths to directories that Jest should use to search for files in
+  // roots: [
+  //   "<rootDir>"
+  // ],
+
+  // Allows you to use a custom runner instead of Jest's default test runner
+  // runner: "jest-runner",
+
+  // The paths to modules that run some code to configure or set up the testing environment before each test
+  // setupFiles: [],
+
+  // A list of paths to modules that run some code to configure or set up the testing framework before each test
+  // setupFilesAfterEnv: [],
+
+  // A list of paths to snapshot serializer modules Jest should use for snapshot testing
+  // snapshotSerializers: [],
+
+  // The test environment that will be used for testing
+  testEnvironment: "node",
+
+  // Options that will be passed to the testEnvironment
+  // testEnvironmentOptions: {},
+
+  // Adds a location field to test results
+  // testLocationInResults: false,
+
+  // The glob patterns Jest uses to detect test files
+  // testMatch: [
+  //   "**/__tests__/**/*.[jt]s?(x)",
+  //   "**/?(*.)+(spec|test).[tj]s?(x)"
+  // ],
+
+  // An array of regexp pattern strings that are matched against all test paths, matched tests are skipped
+  // testPathIgnorePatterns: [
+  //   "/node_modules/"
+  // ],
+
+  // The regexp pattern or array of patterns that Jest uses to detect test files
+  // testRegex: [],
+
+  // This option allows the use of a custom results processor
+  // testResultsProcessor: null,
+
+  // This option allows use of a custom test runner
+  // testRunner: "jasmine2",
+
+  // This option sets the URL for the jsdom environment. It is reflected in properties such as location.href
+  // testURL: "http://localhost",
+
+  // Setting this value to "fake" allows the use of fake timers for functions such as "setTimeout"
+  // timers: "real",
+
+  // A map from regular expressions to paths to transformers
+  // transform: null,
+
+  // An array of regexp pattern strings that are matched against all source file paths, matched files will skip transformation
+  // transformIgnorePatterns: [
+  //   "/node_modules/"
+  // ],
+
+  // An array of regexp pattern strings that are matched against all modules before the module loader will automatically return a mock for them
+  // unmockedModulePathPatterns: undefined,
+
+  // Indicates whether each individual test should be reported during the run
+  // verbose: null,
+
+  // An array of regexp patterns that are matched against all source file paths before re-running tests in watch mode
+  // watchPathIgnorePatterns: [],
+
+  // Whether to use watchman for file crawling
+  // watchman: true,
+};