aws_ddk_core.cicd.CICDPipelineStack¶
- class aws_ddk_core.cicd.CICDPipelineStack(*args: Any, **kwargs)¶
Create a stack that contains DDK Continuous Integration and Delivery (CI/CD) pipeline.
The pipeline is based on CDK self-mutating pipeline but includes several DDK-specific features, including:
Ability to configure some properties via JSON config e.g. manual approvals for application stages
Defaults for source/synth - CodeCommit & cdk synth, with ability to override them
Ability to connect to private artifactory to pull artifacts from at synth
Security best practices - ensures pipeline buckets block non-SSL, and are KMS-encrypted with rotated keys
Builder interface to avoid chunky constructor methods
The user should be able to reuse the pipeline in multiple DDK applications hoping to save LOC.
Example:
pipeline = ( CICDPipelineStack( app, id="my-pipeline", environment_id="cicd", pipeline_name="MyPipeline", ) .add_source_action(repository_name="my-repo") .add_synth_action() .build() .add_checks() .add_stage("dev", DevStage(app, "dev")) .synth() .add_notifications() )
- __init__(scope: constructs.Construct, id: str, environment_id: str, pipeline_name: Optional[str] = None, env: Optional[aws_cdk.Environment] = None, pipeline_args: Optional[Dict[str, Any]] = {}, **kwargs: Any) None ¶
Start building Code Pipeline.
- Parameters
scope (Construct) – Scope within which this construct is defined
id (str) – Identifier of the pipeline
environment_id (str) – Identifier of the environment that will contain the pipeline
pipeline_name (Optional[str]) – Name of the pipeline
env (Optional[Environment]) – Environment
pipeline_args (Optional[Dict[str,Any]]) – Additional attributes. https://docs.aws.amazon.com/cdk/api/v2/python/aws_cdk.pipelines/CodePipeline.html
kwargs (Any) – Additional pipeline settings.
Configuration (Supported DDK Environment) –
https (//awslabs.github.io/aws-ddk/release/latest/how-to/ddk-configuration.html) –
---------- –
cdk_version (str) – Version of the AWS CDK to use in the deployment pipeline.
repository (str) – Name of the CodeArtifact repository to pull artifacts from.
domain (str) – Name of the CodeArtifact domain.
domain_owner (str) – CodeArtifact domain owner account.
manual_approvals (str) – Configure manual approvals if this parameter is set.
notifications_topic_arn (str) – Existing SNS topic arn to use for pipeline notifications.
execute_security_lint (str) – Configure security lint stage of pipeline if this parameter is set.
execute_tests (str) – Configure tests stage of pipeline if this parameter is set.
Methods
__init__
(scope, id, environment_id[, ...])Start building Code Pipeline.
Add checks to the pipeline (e.g.
add_custom_stage
(stage_name, steps)Add custom stage to the pipeline.
add_dependency
(target[, reason])Add a dependency between this stack and another stack.
add_metadata
(key, value)Adds an arbitary key-value pair, with information you want to record about the stack.
add_notifications
([notification_rule])Add pipeline notifications.
add_security_lint_stage
([stage_name, ...])Add linting - cfn-nag, and bandit.
add_source_action
([repository_name, branch, ...])Add source action.
add_stage
(stage_id, stage[, manual_approvals])Add application stage to the CICD pipeline.
add_synth_action
([codeartifact_repository, ...])Add synth action.
add_test_stage
([stage_name, ...])Add test - e.g.
add_transform
(transform)Add a Transform to this stack.
add_wave
(stage_id, stages[, manual_approvals])Add multiple application stages in parallel to the CICD pipeline.
build
()Build the pipeline structure.
export_value
(exported_value, *[, name])Create a CloudFormation Export for a value.
format_arn
(*, resource, service[, account, ...])Creates an ARN from components.
get_logical_id
(element)Allocates a stack-unique CloudFormation-compatible logical identity for a specific resource.
is_construct
(x)Checks if
x
is a construct.is_stack
(x)Return whether the given object is a Stack.
of
(construct)Looks up the first stack scope in which
construct
is defined.regional_fact
(fact_name[, default_value])Look up a fact value for the given fact for the region of this stack.
rename_logical_id
(old_id, new_id)Rename a generated logical identities.
report_missing_context_key
(*, key, props, ...)Indicate that a context key was expected.
resolve
(obj)Resolve a tokenized value in the context of the current stack.
split_arn
(arn, arn_format)Splits the provided ARN into its components.
synth
()Synthesize the pipeline.
to_json_string
(obj[, space])Convert an object, potentially containing tokens, to a JSON string.
to_string
()Returns a string representation of this construct.
Attributes
account
The AWS account into which this stack will be deployed.
artifact_id
The ID of the cloud assembly artifact for this stack.
availability_zones
Returns the list of AZs that are available in the AWS environment (account/region) associated with this stack.
bundling_required
Indicates whether the stack requires bundling or not.
dependencies
Return the stacks this stack depends on.
environment
The environment coordinates in which this stack is deployed.
nested
Indicates if this is a nested stack, in which case
parentStack
will include a reference to it's parent.nested_stack_parent
If this is a nested stack, returns it's parent stack.
nested_stack_resource
If this is a nested stack, this represents its
AWS::CloudFormation::Stack
resource.node
The tree node.
notification_arns
Returns the list of notification Amazon Resource Names (ARNs) for the current stack.
partition
The partition in which this stack is defined.
region
The AWS region into which this stack will be deployed (e.g.
stack_id
The ID of the stack.
stack_name
The concrete CloudFormation physical stack name.
synthesizer
Synthesis method for this stack.
tags
Tags to be applied to the stack.
template_file
The name of the CloudFormation template file emitted to the output directory during synthesis.
template_options
Options for CloudFormation template (like version, transform, description).
termination_protection
Whether termination protection is enabled for this stack.
url_suffix
The Amazon domain suffix for the region in which this stack is defined.
- add_checks() aws_ddk_core.cicd.pipeline.CICDPipelineStack ¶
Add checks to the pipeline (e.g. linting, security, tests…).
- Returns
pipeline – CICD pipeline
- Return type
- add_custom_stage(stage_name: str, steps: List[aws_cdk.pipelines.Step]) aws_ddk_core.cicd.pipeline.CICDPipelineStack ¶
Add custom stage to the pipeline.
- Parameters
stage_name (str) – Name of the stage
steps (List[Step]) – Steps to add to this stage. List of Step(). See Documentation on aws_cdk.pipelines.Step <https://docs.aws.amazon.com/cdk/api/v1/python/aws_cdk.pipelines/Step.html>`_ for more detail.
- Returns
pipeline – CICD pipeline
- Return type
CICDPipeline
- add_notifications(notification_rule: Optional[aws_cdk.aws_codestarnotifications.NotificationRule] = None) aws_ddk_core.cicd.pipeline.CICDPipelineStack ¶
Add pipeline notifications. Create notification rule that sends events to the specified SNS topic.
- Parameters
notification_rule (Optional[NotificationRule]) – Override notification rule
- Returns
pipeline – CICD pipeline
- Return type
CICDPipeline
- add_security_lint_stage(stage_name: Optional[str] = None, cloud_assembly_file_set: Optional[aws_cdk.pipelines.IFileSetProducer] = None) aws_ddk_core.cicd.pipeline.CICDPipelineStack ¶
Add linting - cfn-nag, and bandit.
- Parameters
stage_name (Optional[str]) – Name of the stage
cloud_assembly_file_set (Optional[IFileSetProducer]) – Cloud assembly file set producer
- Returns
pipeline – CICD pipeline
- Return type
CICDPipeline
- add_source_action(repository_name: Optional[str] = None, branch: str = 'main', source_action: Optional[aws_cdk.pipelines.CodePipelineSource] = None) aws_ddk_core.cicd.pipeline.CICDPipelineStack ¶
Add source action.
- Parameters
repository_name (Optional[str]) – Name of the SCM repository
branch (str) – Branch of the SCM repository
source_action (Optional[CodePipelineSource]) – Override source action
- Returns
pipeline – CICDPipelineStack
- Return type
- add_stage(stage_id: str, stage: aws_cdk.Stage, manual_approvals: Optional[bool] = False) aws_ddk_core.cicd.pipeline.CICDPipelineStack ¶
Add application stage to the CICD pipeline. This stage deploys your application infrastructure.
- Parameters
stage_id (str) – Identifier of the stage
stage (Stage) – Application stage instance
manual_approvals (Optional[bool]) – Configure manual approvals. False by default
- Returns
pipeline – CICDPipelineStack
- Return type
- add_synth_action(codeartifact_repository: Optional[str] = None, codeartifact_domain: Optional[str] = None, codeartifact_domain_owner: Optional[str] = None, role_policy_statements: Optional[List[aws_cdk.aws_iam.PolicyStatement]] = None, synth_action: Optional[aws_cdk.pipelines.CodeBuildStep] = None) aws_ddk_core.cicd.pipeline.CICDPipelineStack ¶
Add synth action. During synth can connect and pull artifacts from a private artifactory.
- Parameters
codeartifact_repository (Optional[str]) – Name of the CodeArtifact repository to pull artifacts from
codeartifact_domain (Optional[str]) – Name of the CodeArtifact domain
codeartifact_domain_owner (Optional[str]) – CodeArtifact domain owner account
role_policy_statements (Optional[List[PolicyStatement]]) – Additional policies to add to the synth action role
synth_action (Optional[CodeBuildStep]) – Override synth action
- Returns
pipeline – CICDPipelineStack
- Return type
- add_test_stage(stage_name: Optional[str] = None, cloud_assembly_file_set: Optional[aws_cdk.pipelines.IFileSetProducer] = None, commands: Optional[List[str]] = None) aws_ddk_core.cicd.pipeline.CICDPipelineStack ¶
Add test - e.g. pytest.
- Parameters
stage_name (Optional[str]) – Name of the stage
cloud_assembly_file_set (Optional[IFileSetProducer]) – Cloud assembly file set
commands (Optional[List[str]]) – Additional commands to run in the test. Defaults to “./test.sh” otherwise
- Returns
pipeline – CICD pipeline
- Return type
- add_wave(stage_id: str, stages: List[aws_cdk.Stage], manual_approvals: Optional[bool] = False) aws_ddk_core.cicd.pipeline.CICDPipelineStack ¶
Add multiple application stages in parallel to the CICD pipeline.
- Parameters
stage_id (str) – Identifier of the wave
stages (List[Stage]) – Application stage instance
manual_approvals (Optional[bool]) – Configure manual approvals. False by default
- Returns
pipeline – CICDPipelineStack
- Return type
- build() aws_ddk_core.cicd.pipeline.CICDPipelineStack ¶
Build the pipeline structure.
- Returns
pipeline – CICDPipelineStack
- Return type
- synth() aws_ddk_core.cicd.pipeline.CICDPipelineStack ¶
Synthesize the pipeline.
It is not possible to modify the pipeline after calling this method.
- Returns
pipeline – CICDPipelineStack
- Return type