jumpeiMano/codepipeline-stack.ts

## codepipeline-stack.ts
import cdk = require("@aws-cdk/core");
import s3 = require("@aws-cdk/aws-s3");
import iam = require("@aws-cdk/aws-iam");
import build = require("@aws-cdk/aws-codebuild");
import pipeline = require("@aws-cdk/aws-codepipeline");
import pipeline_actions = require("@aws-cdk/aws-codepipeline-actions");
import deploy = require("@aws-cdk/aws-codedeploy");

export class PipelineStack extends cdk.Stack {
    constructor(app: cdk.App, id: string, props?: cdk.StackProps) {
        super(app, id, props);

        const buildArtifactBucket = new s3.Bucket(this, "build-artifact", {
            bucketName: "build-artifact",
            versioned: true
        });
        const webhookFilters: build.FilterGroup[] = [];
        webhookFilters.push(
            build.FilterGroup.inEventOf(build.EventAction.PUSH).andTagIs(".*")
        );
        const project = new build.Project(this, "build", {
            projectName: "build",
            cache: build.Cache.local(
                build.LocalCacheMode.DOCKER_LAYER,
                build.LocalCacheMode.SOURCE,
                build.LocalCacheMode.CUSTOM
            ),
            source: build.Source.bitBucket({
                owner: "xxxx",
                repo: "xxxx",
                reportBuildStatus: true,
                webhookFilters,
                cloneDepth: 1
            }),
            buildSpec: build.BuildSpec.fromSourceFilename("buildspec.yml"),
            artifacts: build.Artifacts.s3({
                bucket: buildArtifactBucket,
                name: buildArtifactBucket.bucketName,
                includeBuildId: false
            })
        });

        const source = new pipeline.Artifact("source");
        const sourceAction = new pipeline_actions.S3SourceAction({
            actionName: "source-action",
            output: source,
            bucket: buildArtifactBucket,
            bucketKey: "build-artifact"
        });

        const pipelineArtifactBucket = new s3.Bucket(
            this,
            "pipeline-artifact-bucket",
            {
                bucketName: "pipeline-artifact"
            }
        );

        const appArtifact = new pipeline.Artifact("app-artifact");
        const prepareAppArtifactBuild = new pipeline_actions.CodeBuildAction({
            actionName: "app-prepare",
            input: source,
            outputs: [appArtifact],
            project: new build.PipelineProject(this, "prepare", {
                projectName: "prepare",
                buildSpec: build.BuildSpec.fromObject({
                    version: 0.2,
                    phases: {
                        build: {
                            commands: ["xxx"]
                        }
                    },
                    artifacts: {
                        "base-directory": "dist",
                        files: ["**/*"]
                    }
                })
            })
        });

        const appApplication = new deploy.ServerApplication(
            this,
            "app-application",
            {
                applicationName: "app"
            }
        );
        const appDeploymentConfig = new deploy.ServerDeploymentConfig(
            this,
            "app-config",
            {
                deploymentConfigName: "app-config",
                minimumHealthyHosts: deploy.MinimumHealthyHosts.percentage(10)
            }
        );
        new iam.Role(this, "app-role", {
            roleName: "deployment-group-role",
            assumedBy: new iam.ServicePrincipal("codedeploy.amazonaws.com", {
                region: this.region
            }),
            managedPolicies: [
                iam.ManagedPolicy.fromAwsManagedPolicyName(
                    "service-role/AWSCodeDeployRole"
                )
            ],
            inlinePolicies: {
                addToPolicy: new iam.PolicyDocument({
                    statements: [
                        new iam.PolicyStatement({
                            actions: [
                                "iam:PassRole",
                                "ec2:CreateTags",
                                "ec2:RunInstances"
                            ],
                            resources: ["*"]
                        })
                    ]
                })
            }
        });
        const pipelineProject = new pipeline.Pipeline(this, "pipeline", {
            pipelineName: "pipeline",
            artifactBucket: pipelineArtifactBucket,
            stages: [
                {
                    stageName: "source",
                    actions: [sourceAction]
                },
                {
                    stageName: "prepare",
                    actions: [prepareAppArtifactBuild]
                },
                {
                    stageName: "approve",
                    actions: [
                        new pipeline_actions.ManualApprovalAction({
                            actionName: "approve"
                        })
                    ]
                },
                {
                    stageName: "app-deploy",
                    actions: [
                        new pipeline_actions.CodeDeployServerDeployAction({
                            actionName: "app-deploy",
                            input: appArtifact,
                            deploymentGroup: deploy.ServerDeploymentGroup.fromServerDeploymentGroupAttributes(
                                this,
                                "deployment-group",
                                {
                                    deploymentGroupName: "app-deployment-group",
                                    deploymentConfig: appDeploymentConfig,
                                    application: appApplication
                                }
                            )
                        })
                    ]
                }
            ]
        });
        cdk.Tag.add(this, "UserAccessLevel", "restricted");
    }
}
	import cdk = require("@aws-cdk/core");
	import s3 = require("@aws-cdk/aws-s3");
	import iam = require("@aws-cdk/aws-iam");
	import build = require("@aws-cdk/aws-codebuild");
	import pipeline = require("@aws-cdk/aws-codepipeline");
	import pipeline_actions = require("@aws-cdk/aws-codepipeline-actions");
	import deploy = require("@aws-cdk/aws-codedeploy");

	export class PipelineStack extends cdk.Stack {
	constructor(app: cdk.App, id: string, props?: cdk.StackProps) {
	super(app, id, props);

	const buildArtifactBucket = new s3.Bucket(this, "build-artifact", {
	bucketName: "build-artifact",
	versioned: true
	});
	const webhookFilters: build.FilterGroup[] = [];
	webhookFilters.push(
	build.FilterGroup.inEventOf(build.EventAction.PUSH).andTagIs(".*")
	);
	const project = new build.Project(this, "build", {
	projectName: "build",
	cache: build.Cache.local(
	build.LocalCacheMode.DOCKER_LAYER,
	build.LocalCacheMode.SOURCE,
	build.LocalCacheMode.CUSTOM
	),
	source: build.Source.bitBucket({
	owner: "xxxx",
	repo: "xxxx",
	reportBuildStatus: true,
	webhookFilters,
	cloneDepth: 1
	}),
	buildSpec: build.BuildSpec.fromSourceFilename("buildspec.yml"),
	artifacts: build.Artifacts.s3({
	bucket: buildArtifactBucket,
	name: buildArtifactBucket.bucketName,
	includeBuildId: false
	})
	});

	const source = new pipeline.Artifact("source");
	const sourceAction = new pipeline_actions.S3SourceAction({
	actionName: "source-action",
	output: source,
	bucket: buildArtifactBucket,
	bucketKey: "build-artifact"
	});

	const pipelineArtifactBucket = new s3.Bucket(
	this,
	"pipeline-artifact-bucket",
	{
	bucketName: "pipeline-artifact"
	}
	);

	const appArtifact = new pipeline.Artifact("app-artifact");
	const prepareAppArtifactBuild = new pipeline_actions.CodeBuildAction({
	actionName: "app-prepare",
	input: source,
	outputs: [appArtifact],
	project: new build.PipelineProject(this, "prepare", {
	projectName: "prepare",
	buildSpec: build.BuildSpec.fromObject({
	version: 0.2,
	phases: {
	build: {
	commands: ["xxx"]
	}
	},
	artifacts: {
	"base-directory": "dist",
	files: ["*/"]
	}
	})
	})
	});

	const appApplication = new deploy.ServerApplication(
	this,
	"app-application",
	{
	applicationName: "app"
	}
	);
	const appDeploymentConfig = new deploy.ServerDeploymentConfig(
	this,
	"app-config",
	{
	deploymentConfigName: "app-config",
	minimumHealthyHosts: deploy.MinimumHealthyHosts.percentage(10)
	}
	);
	new iam.Role(this, "app-role", {
	roleName: "deployment-group-role",
	assumedBy: new iam.ServicePrincipal("codedeploy.amazonaws.com", {
	region: this.region
	}),
	managedPolicies: [
	iam.ManagedPolicy.fromAwsManagedPolicyName(
	"service-role/AWSCodeDeployRole"
	)
	],
	inlinePolicies: {
	addToPolicy: new iam.PolicyDocument({
	statements: [
	new iam.PolicyStatement({
	actions: [
	"iam:PassRole",
	"ec2:CreateTags",
	"ec2:RunInstances"
	],
	resources: ["*"]
	})
	]
	})
	}
	});
	const pipelineProject = new pipeline.Pipeline(this, "pipeline", {
	pipelineName: "pipeline",
	artifactBucket: pipelineArtifactBucket,
	stages: [
	{
	stageName: "source",
	actions: [sourceAction]
	},
	{
	stageName: "prepare",
	actions: [prepareAppArtifactBuild]
	},
	{
	stageName: "approve",
	actions: [
	new pipeline_actions.ManualApprovalAction({
	actionName: "approve"
	})
	]
	},
	{
	stageName: "app-deploy",
	actions: [
	new pipeline_actions.CodeDeployServerDeployAction({
	actionName: "app-deploy",
	input: appArtifact,
	deploymentGroup: deploy.ServerDeploymentGroup.fromServerDeploymentGroupAttributes(
	this,
	"deployment-group",
	{
	deploymentGroupName: "app-deployment-group",
	deploymentConfig: appDeploymentConfig,
	application: appApplication
	}
	)
	})
	]
	}
	]
	});
	cdk.Tag.add(this, "UserAccessLevel", "restricted");
	}
	}