Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(aws-codepipeline-actions): Add Full Clone support for CodeCommit #12558

Merged
merged 6 commits into from
Jan 21, 2021
Merged

feat(aws-codepipeline-actions): Add Full Clone support for CodeCommit #12558

merged 6 commits into from
Jan 21, 2021

Conversation

DaWyz
Copy link
Contributor

@DaWyz DaWyz commented Jan 17, 2021
edited
Loading

Add codeBuildCloneOutput property to the CodeCommit source action.

It automatically adds the codecommit:GetRepository permission to the CodeCommitSourceAction role.
It will also add the codecommit:GitPull permission to any CodeBuildAction using the artifact from CodeCommitSourceAction as input.

Closes #12236

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@gitpod-io
Copy link

gitpod-io bot commented Jan 17, 2021
edited
Loading

DaWyz added 2 commits January 17, 2021 14:48
@DaWyz
Automatically add codecommit:GitPull permission to any CodeBuild acti…
e11e1ac 
…on using an input artifact with CodeCommitCloneRepositoryArn metadata present
@DaWyz
remove extra empty line
1fa5fe8
skinny85
skinny85 previously requested changes Jan 19, 2021
View reviewed changes
Copy link
Contributor

@skinny85 skinny85 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great @DaWyz , thanks so much for the contribution! Couple of minor comments below 😊.

packages/@aws-cdk/aws-codepipeline-actions/lib/codebuild/build-action.ts Outdated
@@ -8,6 +8,7 @@ import { Action } from '../action';
// keep this import separate from other imports to reduce chance for merge conflicts with v2-main
// eslint-disable-next-line no-duplicate-imports, import/order
import { Construct } from '@aws-cdk/core';
import { CodeCommitSourceAction } from '../codecommit/source-action';
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should be moved up, just below the import { BitBucketSourceAction } from '..'; line.

packages/@aws-cdk/aws-codepipeline-actions/lib/codecommit/source-action.ts Outdated
@@ -155,11 +180,23 @@ export class CodeCommitSourceAction extends Action {
],
}));

if (this.props.codeBuildCloneOutput === true) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you actually fold this statement into the above one, considering their Resource is the same? Something like this:

      actions: [
        'codecommit:GetBranch',
        'codecommit:GetCommit',
        'codecommit:UploadArchive',
        'codecommit:GetUploadArchiveStatus',
        'codecommit:CancelUploadArchive',
        ...this.props.codeBuildCloneOutput ? ['codecommit:GetRepository'] : [],
      ],

packages/@aws-cdk/aws-codepipeline-actions/test/codecommit/test.codecommit-source-action.ts Outdated
Comment on lines 335 to 339
},
{},
{},
{},
{},
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If you use the helpers we have like objectLike() and arrayWith(), you can avoid these empty objects. Here's an example of using them:

aws-cdk/packages/@aws-cdk/pipelines/test/cross-environment-infra.test.ts

Lines 33 to 48 in 12868a2

expect(supportStack).toHaveResourceLike('AWS::S3::BucketPolicy', {
PolicyDocument: {
Statement: arrayWith(objectLike({
Action: arrayWith('s3:GetObject*', 's3:GetBucket*', 's3:List*'),
Principal: {
AWS: {
'Fn::Join': ['', [
'arn:',
{ Ref: 'AWS::Partition' },
stringLike('*-deploy-role-*'),
]],
},
},
})),
},
});

packages/@aws-cdk/aws-codepipeline-actions/test/codecommit/test.codecommit-source-action.ts Outdated
Comment on lines 357 to 359
{},
{},
{},
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same comment here as above.

@skinny85
Copy link
Contributor

Also, please update the ReadMe file of the package!

@mergify mergify bot dismissed skinny85’s stale review January 20, 2021 01:01

Pull request has been modified.

@DaWyz
Copy link
Contributor Author

DaWyz commented Jan 20, 2021

@skinny85 PR updated. Please, double check the section added in the README.md to make sure it's good enough.

Thanks!

@DaWyz DaWyz requested a review from skinny85 January 20, 2021 02:17
skinny85
skinny85 approved these changes Jan 21, 2021
View reviewed changes
Copy link
Contributor

@skinny85 skinny85 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is absolutely fantastic work @DaWyz . Thanks so much for the contribution!

@mergify
Copy link
Contributor

mergify bot commented Jan 21, 2021

Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildProject6AEA49D1-qxepHUsryhcu
  • Commit ID: 6c27560
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@mergify
Copy link
Contributor

mergify bot commented Jan 21, 2021

Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@mergify mergify bot merged commit d169688 into aws:master Jan 21, 2021
mohanrajendran pushed a commit to mohanrajendran/aws-cdk that referenced this pull request Jan 24, 2021
@DaWyz
feat(aws-codepipeline-actions): Add Full Clone support for CodeCommit (
abec497 
…aws#12558)

Add `codeBuildCloneOutput` property to the CodeCommit source action.

It automatically adds the `codecommit:GetRepository` permission to the CodeCommitSourceAction role.
It will also add the `codecommit:GitPull` permission to any CodeBuildAction using the artifact from CodeCommitSourceAction as input.

Closes aws#12236

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@skinny85 skinny85 skinny85 approved these changes

Assignees

@skinny85 skinny85

Labels
@aws-cdk/aws-codepipeline-actions
Projects
None yet
Milestone
No milestone
3 participants
@DaWyz @skinny85 @aws-cdk-automation