Skip to content

Commit

Permalink
feat: physical names, and cross-environment references.
Browse files Browse the repository at this point in the history
  • Loading branch information
@skinny85
skinny85 committed Apr 30, 2019
1 parent 71d694f commit c440f86
Show file tree
Hide file tree
Showing 31 changed files with 1,273 additions and 248 deletions.
2 changes: 1 addition & 1 deletion packages/@aws-cdk/aws-apigateway/lib/restapi.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -377,7 +377,7 @@ export enum EndpointType {
Private = 'PRIVATE'
}

class ImportedRestApi extends Construct implements IRestApi {
class ImportedRestApi extends Resource implements IRestApi {
public restApiId: string;

constructor(scope: Construct, id: string, private readonly props: RestApiImportProps) {
Expand Down
2 changes: 1 addition & 1 deletion packages/@aws-cdk/aws-certificatemanager/lib/certificate.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -122,7 +122,7 @@ export class Certificate extends Resource implements ICertificate {
/**
* A Certificate that has been imported from another stack
*/
class ImportedCertificate extends Construct implements ICertificate {
class ImportedCertificate extends Resource implements ICertificate {
public readonly certificateArn: string;

constructor(scope: Construct, id: string, private readonly props: CertificateImportProps) {
Expand Down
2 changes: 1 addition & 1 deletion packages/@aws-cdk/aws-certificatemanager/lib/dns-validated-certificate.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ export interface DnsValidatedCertificateProps extends CertificateProps {
* A certificate managed by AWS Certificate Manager. Will be automatically
* validated using DNS validation against the specified Route 53 hosted zone.
*/
export class DnsValidatedCertificate extends cdk.Construct implements ICertificate {
export class DnsValidatedCertificate extends cdk.Resource implements ICertificate {
public readonly certificateArn: string;
private normalizedZoneName: string;
private hostedZoneId: string;
Expand Down
34 changes: 30 additions & 4 deletions packages/@aws-cdk/aws-codebuild/lib/project.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,15 @@ import events = require('@aws-cdk/aws-events');
import iam = require('@aws-cdk/aws-iam');
import kms = require('@aws-cdk/aws-kms');
import s3 = require('@aws-cdk/aws-s3');
import { Aws, CfnOutput, Construct, Fn, IResource, Resource, Token } from '@aws-cdk/cdk';
import {
Aws,
CfnOutput,
Construct,
Fn,
IResource, PhysicalName,
Resource, ResourceIdentifiers,
Token
} from '@aws-cdk/cdk';
import { BuildArtifacts, CodePipelineBuildArtifacts, NoBuildArtifacts } from './artifacts';
import { CfnProject } from './codebuild.generated';
import { BuildSource, NoSource, SourceType } from './source';
Expand Down Expand Up @@ -455,6 +463,8 @@ export interface CommonProjectProps {
*/
readonly projectName?: string;

readonly physicalName?: PhysicalName;

/**
* VPC network to place codebuild network interfaces
*
Expand Down Expand Up @@ -583,6 +593,7 @@ export class Project extends ProjectBase {
}

this.role = props.role || new iam.Role(this, 'Role', {
physicalName: PhysicalName.deployTimeOrAssigned(),
assumedBy: new iam.ServicePrincipal('codebuild.amazonaws.com')
});
this.grantPrincipal = this.role;
Expand Down Expand Up @@ -657,6 +668,10 @@ export class Project extends ProjectBase {

this.validateCodePipelineSettings(artifacts);

const physicalName = props.physicalName
? props.physicalName
: (props.projectName ? PhysicalName.fixed(props.projectName) : PhysicalName.deployTime());

const resource = new CfnProject(this, 'Resource', {
description: props.description,
source: renderSource(),
Expand All @@ -666,16 +681,27 @@ export class Project extends ProjectBase {
encryptionKey: props.encryptionKey && props.encryptionKey.keyArn,
badgeEnabled: props.badge,
cache,
name: props.projectName,
name: physicalName.asString(),
timeoutInMinutes: props.timeout,
secondarySources: new Token(() => this.renderSecondarySources()),
secondaryArtifacts: new Token(() => this.renderSecondaryArtifacts()),
triggers: this.source.buildTriggers(),
vpcConfig: this.configureVpc(props),
});

this.projectArn = resource.projectArn;
this.projectName = resource.projectName;
const resourceIdentifiers = new ResourceIdentifiers({
resource: this,
resourceSimpleArn: resource.projectArn,
resourceSimpleName: resource.projectName,
physicalName,
arnComponents: {
service: 'codebuild',
resource: 'project',
resourceName: physicalName.asString(),
},
});
this.projectArn = resourceIdentifiers.arn;
this.projectName = resourceIdentifiers.name;

this.addToRolePolicy(this.createLoggingPermission());
}
Expand Down
1 change: 1 addition & 0 deletions packages/@aws-cdk/aws-codepipeline-actions/lib/codebuild/build-action.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,7 @@ export class CodeBuildAction extends codepipeline.Action {
artifactBounds: { minInputs: 1, maxInputs: 5, minOutputs: 0, maxOutputs: 5 },
inputs: [props.input, ...props.extraInputs || []],
outputs: getOutputs(props),
resource: props.project,
configuration: {
ProjectName: props.project.projectName,
},
Expand Down
2 changes: 1 addition & 1 deletion packages/@aws-cdk/aws-codepipeline-actions/test/cloudformation/test.pipeline-actions.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -301,7 +301,7 @@ function _stackArn(stackName: string, scope: cdk.IConstruct): string {
});
}

class PipelineDouble extends cdk.Construct implements codepipeline.IPipeline {
class PipelineDouble extends cdk.Resource implements codepipeline.IPipeline {
public readonly pipelineName: string;
public readonly pipelineArn: string;
public readonly role: iam.Role;
Expand Down
190 changes: 95 additions & 95 deletions .../@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-cfn-wtih-action-role.expected.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,59 +8,6 @@
}
}
},
"ActionRole60B0EDF7": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Statement": [
{
"Action": "sts:AssumeRole",
"Effect": "Allow",
"Principal": {
"AWS": {
"Fn::Join": [
"",
[
"arn:",
{
"Ref": "AWS::Partition"
},
":iam::",
{
"Ref": "AWS::AccountId"
},
":root"
]
]
}
}
}
],
"Version": "2012-10-17"
}
}
},
"ActionRoleDefaultPolicyCA33BE56": {
"Type": "AWS::IAM::Policy",
"Properties": {
"PolicyDocument": {
"Statement": [
{
"Action": "sqs:*",
"Effect": "Allow",
"Resource": "*"
}
],
"Version": "2012-10-17"
},
"PolicyName": "ActionRoleDefaultPolicyCA33BE56",
"Roles": [
{
"Ref": "ActionRole60B0EDF7"
}
]
}
},
"MyPipelineRoleC0D47CA4": {
"Type": "AWS::IAM::Role",
"Properties": {
Expand Down Expand Up @@ -156,48 +103,6 @@
}
]
},
{
"Action": "iam:PassRole",
"Effect": "Allow",
"Resource": {
"Fn::GetAtt": [
"MyPipelineCFNCFNDeployRole9CC99B3F",
"Arn"
]
}
},
{
"Action": [
"cloudformation:CreateStack",
"cloudformation:DescribeStack*",
"cloudformation:GetStackPolicy",
"cloudformation:GetTemplate*",
"cloudformation:SetStackPolicy",
"cloudformation:UpdateStack",
"cloudformation:ValidateTemplate"
],
"Effect": "Allow",
"Resource": {
"Fn::Join": [
"",
[
"arn:",
{
"Ref": "AWS::Partition"
},
":cloudformation:",
{
"Ref": "AWS::Region"
},
":",
{
"Ref": "AWS::AccountId"
},
":stack/aws-cdk-codepipeline-cross-region-deploy-stack/*"
]
]
}
},
{
"Action": [
"sts:AssumeRole",
Expand Down Expand Up @@ -305,6 +210,101 @@
"MyPipelineRoleC0D47CA4"
]
},
"ActionRole60B0EDF7": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Statement": [
{
"Action": "sts:AssumeRole",
"Effect": "Allow",
"Principal": {
"AWS": {
"Fn::Join": [
"",
[
"arn:",
{
"Ref": "AWS::Partition"
},
":iam::",
{
"Ref": "AWS::AccountId"
},
":root"
]
]
}
}
}
],
"Version": "2012-10-17"
}
}
},
"ActionRoleDefaultPolicyCA33BE56": {
"Type": "AWS::IAM::Policy",
"Properties": {
"PolicyDocument": {
"Statement": [
{
"Action": "sqs:*",
"Effect": "Allow",
"Resource": "*"
},
{
"Action": "iam:PassRole",
"Effect": "Allow",
"Resource": {
"Fn::GetAtt": [
"MyPipelineCFNCFNDeployRole9CC99B3F",
"Arn"
]
}
},
{
"Action": [
"cloudformation:CreateStack",
"cloudformation:DescribeStack*",
"cloudformation:GetStackPolicy",
"cloudformation:GetTemplate*",
"cloudformation:SetStackPolicy",
"cloudformation:UpdateStack",
"cloudformation:ValidateTemplate"
],
"Effect": "Allow",
"Resource": {
"Fn::Join": [
"",
[
"arn:",
{
"Ref": "AWS::Partition"
},
":cloudformation:",
{
"Ref": "AWS::Region"
},
":",
{
"Ref": "AWS::AccountId"
},
":stack/aws-cdk-codepipeline-cross-region-deploy-stack/*"
]
]
}
}
],
"Version": "2012-10-17"
},
"PolicyName": "ActionRoleDefaultPolicyCA33BE56",
"Roles": [
{
"Ref": "ActionRole60B0EDF7"
}
]
}
},
"MyPipelineCFNCFNDeployRole9CC99B3F": {
"Type": "AWS::IAM::Role",
"Properties": {
Expand Down
Loading

0 comments on commit c440f86

Please sign in to comment.