-
Notifications
You must be signed in to change notification settings - Fork 0
/
integ.multiSource.withApproval.ts
159 lines (141 loc) · 5.66 KB
/
integ.multiSource.withApproval.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
import cdk = require("aws-cdk-lib");
import { Construct } from 'constructs';
import codecommit = require("aws-cdk-lib/aws-codecommit");
import codebuild = require("aws-cdk-lib/aws-codebuild");
import codepipeline = require("aws-cdk-lib/aws-codepipeline");
import codepipeline_actions = require("aws-cdk-lib/aws-codepipeline-actions");
import iam = require("aws-cdk-lib/aws-iam");
import s3 = require('aws-cdk-lib/aws-s3');
export interface MultiSourceWithApprovalPipelineStackProps extends cdk.StackProps {
}
export class MultiSourceWithApprovalPipelineStack extends cdk.Stack {
constructor(scope: Construct, id: string, props: MultiSourceWithApprovalPipelineStackProps) {
super(scope, id, props);
// define multi-source
const bucket = new s3.Bucket(this, 'Bucket', {
bucketName: 'cdk-sample-integ-multi-pipeline-' + this.region + '-' + this.account,
versioned: true
});
const codecommitRepository = new codecommit.Repository(this, "Codecommit", {
repositoryName: "cdk-sameple-integ-multi-pipeline"
});
/**
* CodeBuild:
**/
const codebuildProject = new codebuild.PipelineProject(this, "Build", {
projectName: "cdk-sameple-integ-multi-pipeline-build",
environment: {
computeType: codebuild.ComputeType.SMALL,
buildImage: codebuild.LinuxBuildImage.AMAZON_LINUX_2_3,
privileged: true,
environmentVariables: {
AWS_ACCOUNT_ID: {
type: codebuild.BuildEnvironmentVariableType.PLAINTEXT,
value: cdk.Aws.ACCOUNT_ID
},
AWS_DEFAULT_REGION: {
type: codebuild.BuildEnvironmentVariableType.PLAINTEXT,
value: cdk.Aws.REGION
}
}
}
});
// codebuild policy of codecommit and s3.
const codeBuildPolicyOfcodeCommit = new iam.PolicyStatement();
codeBuildPolicyOfcodeCommit.addResources(codecommitRepository.repositoryArn)
codeBuildPolicyOfcodeCommit.addActions(
"codecommit:ListBranches",
"codecommit:ListRepositories",
"codecommit:BatchGetRepositories",
"codecommit:GitPull"
);
codebuildProject.addToRolePolicy(
codeBuildPolicyOfcodeCommit,
);
const codeBuildPolicyOfBucket = new iam.PolicyStatement();
codeBuildPolicyOfBucket.addResources(bucket.bucketArn)
codeBuildPolicyOfBucket.addActions(
"s3:*"
);
codebuildProject.addToRolePolicy(
codeBuildPolicyOfBucket,
);
/**
* CodePipeline actions:
**/
// action: trigger of `CodeCommitTrigger.POLL`
const gitSourceOutput = new codepipeline.Artifact();
const gitSourceAction = new codepipeline_actions.CodeCommitSourceAction({
actionName: "SourceOfCodeCommit",
branch: "master",
trigger: codepipeline_actions.CodeCommitTrigger.POLL,
repository: codecommitRepository,
output: gitSourceOutput
});
// action: trigger of S3 data change
const bucketSourceOutput = new codepipeline.Artifact();
const bucketSourceAction = new codepipeline_actions.S3SourceAction({
actionName: "SourceOfBucket",
bucket: bucket,
bucketKey: 'sample.csv',
output: bucketSourceOutput
});
// when codecommit and s3 data input then action of codebuild
const buildOutput = new codepipeline.Artifact();
const buildAction = new codepipeline_actions.CodeBuildAction({
actionName: "Build",
input: gitSourceOutput,
outputs: [buildOutput],
project: codebuildProject
});
// Manual approval action
const manualApprovalAction = new codepipeline_actions.ManualApprovalAction({
actionName: 'Approval'
});
// pipeline of source, need approval
const sourcePipeline = new codepipeline.Pipeline(this, "SourcePipelineOfApproval", {
pipelineName: "cdk-sample-source-pipeline"
});
sourcePipeline.addStage({
stageName: "Source",
actions: [gitSourceAction]
});
sourcePipeline.addStage({
stageName: "Approve",
actions: [manualApprovalAction]
});
sourcePipeline.addStage({
stageName: "Build",
actions: [buildAction]
});
// pipeline of data
const dataPipeline = new codepipeline.Pipeline(this, "DataPipelineOfApproval", {
pipelineName: "cdk-sample-data-pipeline"
});
dataPipeline.addStage({
stageName: "Data",
actions: [bucketSourceAction]
});
// dataPipeline.addStage({
// stageName: "Build",
// actions: [buildAction]
// });
dataPipeline.addStage({
stageName: "Approve",
actions: [manualApprovalAction]
});
/**
* Output:
* - CodeCommit clone path of HTTP and SSH
* - ECR Repository URI
**/
new cdk.CfnOutput(this, 'MlopsTrainCodeCommitCloneUrlHttp', {
description: 'MLOps: Train CodeCommit Repo CloneUrl HTTP',
value: codecommitRepository.repositoryCloneUrlHttp
});
new cdk.CfnOutput(this, 'MlopsTrainCodeCommitCloneUrlSsh', {
description: 'MLOps: Train CodeCommit Repo CloneUrl SSH',
value: codecommitRepository.repositoryCloneUrlSsh
});
}
}