Trigger resources stack as a stage in the pipeline
0
I'm having an issue with the resources stack in my pipeline Need a was to get new stage to setup and deploy the resources as a step before building the code Here i need to create a S3 bucket to hold the build artifacts, the bucket name should be related to the branch name triggering the pipeline like deploy/username_new_branch
Here's where I'm at right now
from constructs import Construct
from aws_cdk import (
Tags,
Stack,
aws_s3 as s3,
RemovalPolicy,
aws_iam as iam,
aws_codebuild as codebuild,
aws_codepipeline as codepipeline,
aws_codepipeline_actions as codepipeline_actions,
)
import yaml
with open('dev-config.yaml') as f:
var = yaml.safe_load(f)
class PipelineStack(Stack):
def __init__(self, scope: Construct, id: str, branch: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
source_output = codepipeline.Artifact()
output_Website = codepipeline.Artifact()
pipeline = codepipeline.Pipeline(self, "Pipeline",
pipeline_name=f"{branch}-build-pipeline-{var['environment']['suffix']}",
)
pipeline.add_stage(
stage_name="SourceCode",
actions=[
codepipeline_actions.CodeStarConnectionsSourceAction(
action_name="GitLab_Source",
owner="demo-pipeline4",
repo="frontend",
branch=var['build']['branchName'],
output=source_output,
connection_arn=var['build']['gitlabConnection'],
)
]
)
bucket = s3.Bucket(self,
f"{branch}-{var['environment']['prefix']}-{var['build']['project']}-bucket",
versioned=True,
bucket_name=f"{branch}-{var['environment']['prefix']}-react-{var['environment']['suffix']}",
removal_policy=RemovalPolicy.DESTROY,
block_public_access=s3.BlockPublicAccess.BLOCK_ALL)
Tags.of(bucket).add("branch", branch)
policy_statement = iam.PolicyStatement(
effect=iam.Effect.ALLOW,
actions=[
"s3:PutObject",
"s3:ListBucket",
],
resources=[
f"arn:aws:s3:::{branch}-{var['environment']['prefix']}-react-{var['environment']['suffix']}/*",
f"arn:aws:s3:::{branch}-{var['environment']['prefix']}-react-{var['environment']['suffix']}",
]
)
policy_document = iam.PolicyDocument(statements=[policy_statement])
pipeline.add_stage(
stage_name="BuildReact",
actions=[
codepipeline_actions.CodeBuildAction(
action_name="CodeBuild",
project=codebuild.PipelineProject(self,
"Project",
build_spec=codebuild.BuildSpec.from_object({
"version": "0.2",
"phases": {
"build": {
"commands": [
"npm install",
"npm run build",
f"aws s3 cp --recursive ./build s3://{branch}-{var['environment']['prefix']}-react-{var['environment']['suffix']}",
]
}
}
}),
environment=codebuild.BuildEnvironment(
build_image=codebuild.LinuxBuildImage.STANDARD_7_0,
),
role=iam.Role(self, "CodeBuildRole",
assumed_by=iam.ServicePrincipal("codebuild.amazonaws.com"),
inline_policies={
"S3AccessPolicy": policy_document
}
)
),
input=source_output,
outputs=[output_Website],
)
]
)
Sprache
English
gefragt vor 4 Monaten105 Aufrufe
Keine Antworten
- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
Relevanter Inhalt
AWS OFFICIALAktualisiert vor 2 Jahren- AWS OFFICIALAktualisiert vor 3 Jahren