feat(aws-ecr): add an ECR Repository source CodePipeline Action. (#1255)

aws · Nov 28, 2018 · 01cc8a2 · 01cc8a2
1 parent 3208457
commit 01cc8a2
Show file tree

Hide file tree

Showing 9 changed files with 464 additions and 4 deletions.
diff --git a/packages/@aws-cdk/aws-codepipeline/package.json b/packages/@aws-cdk/aws-codepipeline/package.json
@@ -63,6 +63,7 @@
  "@aws-cdk/aws-codebuild": "^0.18.1",
  "@aws-cdk/aws-codecommit": "^0.18.1",
  "@aws-cdk/aws-codedeploy": "^0.18.1",
+ "@aws-cdk/aws-ecr": "^0.18.1",
  "@aws-cdk/aws-lambda": "^0.18.1",
  "@aws-cdk/aws-sns": "^0.18.1",
  "cdk-build-tools": "^0.18.1",
@@ -85,4 +86,4 @@
  "@aws-cdk/aws-s3": "^0.18.1",
  "@aws-cdk/cdk": "^0.18.1"
  }
-}
+}
diff --git a/packages/@aws-cdk/aws-codepipeline/test/integ.pipeline-ecr-source.expected.json b/packages/@aws-cdk/aws-codepipeline/test/integ.pipeline-ecr-source.expected.json
@@ -0,0 +1,269 @@
+{
+ "Resources": {
+ "MyBucketF68F3FF0": {
+ "Type": "AWS::S3::Bucket"
+ },
+ "MyPipelineRoleC0D47CA4": {
+ "Type": "AWS::IAM::Role",
+ "Properties": {
+ "AssumeRolePolicyDocument": {
+ "Statement": [
+ {
+ "Action": "sts:AssumeRole",
+ "Effect": "Allow",
+ "Principal": {
+ "Service": "codepipeline.amazonaws.com"
+ }
+ }
+ ],
+ "Version": "2012-10-17"
+ }
+ }
+ },
+ "MyPipelineRoleDefaultPolicy34F09EFA": {
+ "Type": "AWS::IAM::Policy",
+ "Properties": {
+ "PolicyDocument": {
+ "Statement": [
+ {
+ "Action": [
+ "s3:GetObject*",
+ "s3:GetBucket*",
+ "s3:List*",
+ "s3:DeleteObject*",
+ "s3:PutObject*",
+ "s3:Abort*"
+ ],
+ "Effect": "Allow",
+ "Resource": [
+ {
+ "Fn::GetAtt": [
+ "MyBucketF68F3FF0",
+ "Arn"
+ ]
+ },
+ {
+ "Fn::Join": [
+ "",
+ [
+ {
+ "Fn::GetAtt": [
+ "MyBucketF68F3FF0",
+ "Arn"
+ ]
+ },
+ "/*"
+ ]
+ ]
+ }
+ ]
+ },
+ {
+ "Action": "ecr:DescribeImages",
+ "Effect": "Allow",
+ "Resource": {
+ "Fn::GetAtt": [
+ "MyEcrRepo767466D0",
+ "Arn"
+ ]
+ }
+ }
+ ],
+ "Version": "2012-10-17"
+ },
+ "PolicyName": "MyPipelineRoleDefaultPolicy34F09EFA",
+ "Roles": [
+ {
+ "Ref": "MyPipelineRoleC0D47CA4"
+ }
+ ]
+ }
+ },
+ "MyPipelineAED38ECF": {
+ "Type": "AWS::CodePipeline::Pipeline",
+ "Properties": {
+ "RoleArn": {
+ "Fn::GetAtt": [
+ "MyPipelineRoleC0D47CA4",
+ "Arn"
+ ]
+ },
+ "Stages": [
+ {
+ "Actions": [
+ {
+ "ActionTypeId": {
+ "Category": "Source",
+ "Owner": "AWS",
+ "Provider": "ECR",
+ "Version": "1"
+ },
+ "Configuration": {
+ "RepositoryName": {
+ "Ref": "MyEcrRepo767466D0"
+ }
+ },
+ "InputArtifacts": [],
+ "Name": "ECR_Source",
+ "OutputArtifacts": [
+ {
+ "Name": "Artifact_awscdkcodepipelineecrsourceMyEcrRepoECRSource8525F033"
+ }
+ ],
+ "RunOrder": 1
+ }
+ ],
+ "Name": "Source"
+ },
+ {
+ "Actions": [
+ {
+ "ActionTypeId": {
+ "Category": "Approval",
+ "Owner": "AWS",
+ "Provider": "Manual",
+ "Version": "1"
+ },
+ "InputArtifacts": [],
+ "Name": "ManualApproval",
+ "OutputArtifacts": [],
+ "RunOrder": 1
+ }
+ ],
+ "Name": "Approve"
+ }
+ ],
+ "ArtifactStore": {
+ "Location": {
+ "Ref": "MyBucketF68F3FF0"
+ },
+ "Type": "S3"
+ }
+ },
+ "DependsOn": [
+ "MyPipelineRoleC0D47CA4",
+ "MyPipelineRoleDefaultPolicy34F09EFA"
+ ]
+ },
+ "MyPipelineEventsRoleFAB99F32": {
+ "Type": "AWS::IAM::Role",
+ "Properties": {
+ "AssumeRolePolicyDocument": {
+ "Statement": [
+ {
+ "Action": "sts:AssumeRole",
+ "Effect": "Allow",
+ "Principal": {
+ "Service": "events.amazonaws.com"
+ }
+ }
+ ],
+ "Version": "2012-10-17"
+ }
+ }
+ },
+ "MyPipelineEventsRoleDefaultPolicyF045F033": {
+ "Type": "AWS::IAM::Policy",
+ "Properties": {
+ "PolicyDocument": {
+ "Statement": [
+ {
+ "Action": "codepipeline:StartPipelineExecution",
+ "Effect": "Allow",
+ "Resource": {
+ "Fn::Join": [
+ "",
+ [
+ "arn:",
+ {
+ "Ref": "AWS::Partition"
+ },
+ ":codepipeline:",
+ {
+ "Ref": "AWS::Region"
+ },
+ ":",
+ {
+ "Ref": "AWS::AccountId"
+ },
+ ":",
+ {
+ "Ref": "MyPipelineAED38ECF"
+ }
+ ]
+ ]
+ }
+ }
+ ],
+ "Version": "2012-10-17"
+ },
+ "PolicyName": "MyPipelineEventsRoleDefaultPolicyF045F033",
+ "Roles": [
+ {
+ "Ref": "MyPipelineEventsRoleFAB99F32"
+ }
+ ]
+ }
+ },
+ "MyEcrRepo767466D0": {
+ "Type": "AWS::ECR::Repository"
+ },
+ "MyEcrRepoawscdkcodepipelineecrsourceMyPipeline63CF3194SourceEventRule911FDB6D": {
+ "Type": "AWS::Events::Rule",
+ "Properties": {
+ "EventPattern": {
+ "source": [
+ "aws.ecr"
+ ],
+ "detail": {
+ "eventName": [
+ "PutImage"
+ ],
+ "requestParameters": {
+ "repositoryName": [
+ {
+ "Ref": "MyEcrRepo767466D0"
+ }
+ ]
+ }
+ }
+ },
+ "State": "ENABLED",
+ "Targets": [
+ {
+ "Arn": {
+ "Fn::Join": [
+ "",
+ [
+ "arn:",
+ {
+ "Ref": "AWS::Partition"
+ },
+ ":codepipeline:",
+ {
+ "Ref": "AWS::Region"
+ },
+ ":",
+ {
+ "Ref": "AWS::AccountId"
+ },
+ ":",
+ {
+ "Ref": "MyPipelineAED38ECF"
+ }
+ ]
+ ]
+ },
+ "Id": "MyPipeline",
+ "RoleArn": {
+ "Fn::GetAtt": [
+ "MyPipelineEventsRoleFAB99F32",
+ "Arn"
+ ]
+ }
+ }
+ ]
+ }
+ }
+ }
+}
diff --git a/packages/@aws-cdk/aws-codepipeline/test/integ.pipeline-ecr-source.ts b/packages/@aws-cdk/aws-codepipeline/test/integ.pipeline-ecr-source.ts
@@ -0,0 +1,24 @@
+import ecr = require('@aws-cdk/aws-ecr');
+import s3 = require('@aws-cdk/aws-s3');
+import cdk = require('@aws-cdk/cdk');
+import codepipeline = require('../lib');
+
+const app = new cdk.App();
+
+const stack = new cdk.Stack(app, 'aws-cdk-codepipeline-ecr-source');
+
+const bucket = new s3.Bucket(stack, 'MyBucket');
+const pipeline = new codepipeline.Pipeline(stack, 'MyPipeline', {
+ artifactBucket: bucket,
+});
+
+const repository = new ecr.Repository(stack, 'MyEcrRepo');
+const sourceStage = pipeline.addStage('Source');
+repository.addToPipeline(sourceStage, 'ECR_Source');
+
+const approveStage = pipeline.addStage('Approve');
+new codepipeline.ManualApprovalAction(stack, 'ManualApproval', {
+ stage: approveStage,
+});
+
+app.run();
diff --git a/packages/@aws-cdk/aws-ecr/README.md b/packages/@aws-cdk/aws-ecr/README.md
@@ -23,3 +23,28 @@ is important here):
 repository.addLifecycleRule({ tagPrefixList: ['prod'], maxImageCount: 9999 });
 repository.addLifecycleRule({ maxImageAgeDays: 30 });
 ```
+
+### Using with CodePipeline
+
+This package also contains a source Action that allows you to use an ECR Repository as a source for CodePipeline.
+Example:
+
+```ts
+import codepipeline = require('@aws-cdk/aws-codepipeline');
+
+const pipeline = new codepipeline.Pipeline(this, 'MyPipeline');
+const sourceStage = pipeline.addStage('Source');
+const sourceAction = new ecr.PipelineSourceAction(this, 'ECR', {
+ stage: sourceStage,
+ repository: ecrRepository,
+ imageTag: 'some-tag', // optional, default: 'latest'
+ outputArtifactName: 'SomeName', // optional
+});
+```
+
+You can also add the Repository to the Pipeline directly:
+
+```ts
+// equivalent to the code above:
+const sourceAction = ecrRepository.addToPipeline(sourceStage, 'ECR');
+```
diff --git a/packages/@aws-cdk/aws-ecr/lib/index.ts b/packages/@aws-cdk/aws-ecr/lib/index.ts
@@ -1,6 +1,7 @@
 // AWS::ECR CloudFormation Resources:
 export * from './ecr.generated';
 
+export * from './pipeline-action';
 export * from './repository';
 export * from './repository-ref';
 export * from './lifecycle';