forked from cdklabs/aws-delivlib
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdelivlib.ts
77 lines (67 loc) · 2.57 KB
/
delivlib.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
//
// This app manages the delivery pipeline for aws-delivlib itself. Very meta.
//
// To update the pipeline, you'll need AWS credentials for this account and
// then run:
//
// npm run pipeline-update
//
import { aws_codebuild as codebuild, core as cdk, aws_ssm as ssm } from "monocdk-experiment";
import delivlib = require("../lib");
export class DelivLibPipelineStack extends cdk.Stack {
constructor(parent: cdk.App, id: string, props: cdk.StackProps = { }) {
super(parent, id, props);
const github = new delivlib.WritableGitHubRepo({
repository: 'awslabs/aws-delivlib',
tokenSecretArn: 'arn:aws:secretsmanager:us-east-1:712950704752:secret:github-token-nnAqfW',
commitEmail: '[email protected]',
commitUsername: 'aws-cdk-dev',
sshKeySecret: { secretArn: 'arn:aws:secretsmanager:us-east-1:712950704752:secret:awslabs/delivlib/github-ssh-UBHEyF' }
});
const pipeline = new delivlib.Pipeline(this, 'GitHubPipeline', {
title: 'aws-delivlib production pipeline',
repo: github,
pipelineName: 'delivlib-master',
notificationEmail: '[email protected]',
buildSpec: codebuild.BuildSpec.fromObject({
version: '0.2',
phases: {
install: {
commands: [ 'yarn install --frozen-lockfile' ]
},
build: {
commands: [
'yarn build',
'yarn test'
]
},
post_build: {
commands: [ '[ ${CODEBUILD_BUILD_SUCCEEDING:-1} != 1 ] || npm run package' ]
}
},
artifacts: {
'files': [ '**/*' ],
'base-directory': 'dist'
}
}),
autoBuild: true,
autoBuildOptions: { publicLogs: true },
// We can't put the list of webhook URLs directly in here since this repository is open source and
// the list of URLs would be enough to spam us. Import from an SSM parameter.
chimeFailureWebhooks: [ssm.StringParameter.fromStringParameterName(this, 'WebhookList', 'BuildWebhook').stringValue],
});
pipeline.publishToNpm({
npmTokenSecret: { secretArn: 'arn:aws:secretsmanager:us-east-1:712950704752:secret:delivlib/npm-OynG62' }
});
pipeline.autoBump({
bumpCommand: 'yarn install --frozen-lockfile && yarn bump',
branch: 'master'
});
}
}
const app = new cdk.App();
// this pipeline is mastered in a specific account where all the secrets are stored
new DelivLibPipelineStack(app, 'aws-delivlib-pipeline', {
env: { region: 'us-east-1', account: '712950704752' }
});
app.synth();