1 | import * as notifications from '@aws-cdk/aws-codestarnotifications';
|
2 | import * as events from '@aws-cdk/aws-events';
|
3 | import * as iam from '@aws-cdk/aws-iam';
|
4 | import * as s3 from '@aws-cdk/aws-s3';
|
5 | import { Resource, Stack } from '@aws-cdk/core';
|
6 | import { Construct } from 'constructs';
|
7 | import { IAction, IPipeline, IStage, PipelineNotifyOnOptions } from './action';
|
8 | import { FullActionDescriptor } from './private/full-action-descriptor';
|
9 | import { Stage } from './private/stage';
|
10 | /**
|
11 | * Allows you to control where to place a new Stage when it's added to the Pipeline.
|
12 | * Note that you can provide only one of the below properties -
|
13 | * specifying more than one will result in a validation error.
|
14 | *
|
15 | * @see #rightBefore
|
16 | * @see #justAfter
|
17 | */
|
18 | export interface StagePlacement {
|
19 | /**
|
20 | * Inserts the new Stage as a parent of the given Stage
|
21 | * (changing its current parent Stage, if it had one).
|
22 | */
|
23 | readonly rightBefore?: IStage;
|
24 | /**
|
25 | * Inserts the new Stage as a child of the given Stage
|
26 | * (changing its current child Stage, if it had one).
|
27 | */
|
28 | readonly justAfter?: IStage;
|
29 | }
|
30 | /**
|
31 | * Construction properties of a Pipeline Stage.
|
32 | */
|
33 | export interface StageProps {
|
34 | /**
|
35 | * The physical, human-readable name to assign to this Pipeline Stage.
|
36 | */
|
37 | readonly stageName: string;
|
38 | /**
|
39 | * The list of Actions to create this Stage with.
|
40 | * You can always add more Actions later by calling {@link IStage#addAction}.
|
41 | */
|
42 | readonly actions?: IAction[];
|
43 | /**
|
44 | * Whether to enable transition to this stage.
|
45 | *
|
46 | * @default true
|
47 | */
|
48 | readonly transitionToEnabled?: boolean;
|
49 | /**
|
50 | * The reason for disabling transition to this stage. Only applicable
|
51 | * if `transitionToEnabled` is set to `false`.
|
52 | *
|
53 | * @default 'Transition disabled'
|
54 | */
|
55 | readonly transitionDisabledReason?: string;
|
56 | }
|
57 | export interface StageOptions extends StageProps {
|
58 | readonly placement?: StagePlacement;
|
59 | }
|
60 | export interface PipelineProps {
|
61 | /**
|
62 | * The S3 bucket used by this Pipeline to store artifacts.
|
63 | *
|
64 | * @default - A new S3 bucket will be created.
|
65 | */
|
66 | readonly artifactBucket?: s3.IBucket;
|
67 | /**
|
68 | * The IAM role to be assumed by this Pipeline.
|
69 | *
|
70 | * @default a new IAM role will be created.
|
71 | */
|
72 | readonly role?: iam.IRole;
|
73 | /**
|
74 | * Indicates whether to rerun the AWS CodePipeline pipeline after you update it.
|
75 | *
|
76 | * @default false
|
77 | */
|
78 | readonly restartExecutionOnUpdate?: boolean;
|
79 | /**
|
80 | * Name of the pipeline.
|
81 | *
|
82 | * @default - AWS CloudFormation generates an ID and uses that for the pipeline name.
|
83 | */
|
84 | readonly pipelineName?: string;
|
85 | /**
|
86 | * A map of region to S3 bucket name used for cross-region CodePipeline.
|
87 | * For every Action that you specify targeting a different region than the Pipeline itself,
|
88 | * if you don't provide an explicit Bucket for that region using this property,
|
89 | * the construct will automatically create a Stack containing an S3 Bucket in that region.
|
90 | *
|
91 | * @default - None.
|
92 | */
|
93 | readonly crossRegionReplicationBuckets?: {
|
94 | [region: string]: s3.IBucket;
|
95 | };
|
96 | /**
|
97 | * The list of Stages, in order,
|
98 | * to create this Pipeline with.
|
99 | * You can always add more Stages later by calling {@link Pipeline#addStage}.
|
100 | *
|
101 | * @default - None.
|
102 | */
|
103 | readonly stages?: StageProps[];
|
104 | /**
|
105 | * Create KMS keys for cross-account deployments.
|
106 | *
|
107 | * This controls whether the pipeline is enabled for cross-account deployments.
|
108 | *
|
109 | * By default cross-account deployments are enabled, but this feature requires
|
110 | * that KMS Customer Master Keys are created which have a cost of $1/month.
|
111 | *
|
112 | * If you do not need cross-account deployments, you can set this to `false` to
|
113 | * not create those keys and save on that cost (the artifact bucket will be
|
114 | * encrypted with an AWS-managed key). However, cross-account deployments will
|
115 | * no longer be possible.
|
116 | *
|
117 | * @default true
|
118 | */
|
119 | readonly crossAccountKeys?: boolean;
|
120 | /**
|
121 | * Enable KMS key rotation for the generated KMS keys.
|
122 | *
|
123 | * By default KMS key rotation is disabled, but will add an additional $1/month
|
124 | * for each year the key exists when enabled.
|
125 | *
|
126 | * @default - false (key rotation is disabled)
|
127 | */
|
128 | readonly enableKeyRotation?: boolean;
|
129 | /**
|
130 | * Reuse the same cross region support stack for all pipelines in the App.
|
131 | *
|
132 | * @default - true (Use the same support stack for all pipelines in App)
|
133 | */
|
134 | readonly reuseCrossRegionSupportStacks?: boolean;
|
135 | }
|
136 | declare abstract class PipelineBase extends Resource implements IPipeline {
|
137 | abstract readonly pipelineName: string;
|
138 | abstract readonly pipelineArn: string;
|
139 | /**
|
140 | * Defines an event rule triggered by this CodePipeline.
|
141 | *
|
142 | * @param id Identifier for this event handler.
|
143 | * @param options Additional options to pass to the event rule.
|
144 | */
|
145 | onEvent(id: string, options?: events.OnEventOptions): events.Rule;
|
146 | /**
|
147 | * Defines an event rule triggered by the "CodePipeline Pipeline Execution
|
148 | * State Change" event emitted from this pipeline.
|
149 | *
|
150 | * @param id Identifier for this event handler.
|
151 | * @param options Additional options to pass to the event rule.
|
152 | */
|
153 | onStateChange(id: string, options?: events.OnEventOptions): events.Rule;
|
154 | bindAsNotificationRuleSource(_scope: Construct): notifications.NotificationRuleSourceConfig;
|
155 | notifyOn(id: string, target: notifications.INotificationRuleTarget, options: PipelineNotifyOnOptions): notifications.INotificationRule;
|
156 | notifyOnExecutionStateChange(id: string, target: notifications.INotificationRuleTarget, options?: notifications.NotificationRuleOptions): notifications.INotificationRule;
|
157 | notifyOnAnyStageStateChange(id: string, target: notifications.INotificationRuleTarget, options?: notifications.NotificationRuleOptions): notifications.INotificationRule;
|
158 | notifyOnAnyActionStateChange(id: string, target: notifications.INotificationRuleTarget, options?: notifications.NotificationRuleOptions): notifications.INotificationRule;
|
159 | notifyOnAnyManualApprovalStateChange(id: string, target: notifications.INotificationRuleTarget, options?: notifications.NotificationRuleOptions): notifications.INotificationRule;
|
160 | }
|
161 | /**
|
162 | * An AWS CodePipeline pipeline with its associated IAM role and S3 bucket.
|
163 | *
|
164 | * @example
|
165 | * // create a pipeline
|
166 | * import * as codecommit from '@aws-cdk/aws-codecommit';
|
167 | *
|
168 | * const pipeline = new codepipeline.Pipeline(this, 'Pipeline');
|
169 | *
|
170 | * // add a stage
|
171 | * const sourceStage = pipeline.addStage({ stageName: 'Source' });
|
172 | *
|
173 | * // add a source action to the stage
|
174 | * declare const repo: codecommit.Repository;
|
175 | * declare const sourceArtifact: codepipeline.Artifact;
|
176 | * sourceStage.addAction(new codepipeline_actions.CodeCommitSourceAction({
|
177 | * actionName: 'Source',
|
178 | * output: sourceArtifact,
|
179 | * repository: repo,
|
180 | * }));
|
181 | *
|
182 | * // ... add more stages
|
183 | */
|
184 | export declare class Pipeline extends PipelineBase {
|
185 | /**
|
186 | * Import a pipeline into this app.
|
187 | *
|
188 | * @param scope the scope into which to import this pipeline
|
189 | * @param id the logical ID of the returned pipeline construct
|
190 | * @param pipelineArn The ARN of the pipeline (e.g. `arn:aws:codepipeline:us-east-1:123456789012:MyDemoPipeline`)
|
191 | */
|
192 | static fromPipelineArn(scope: Construct, id: string, pipelineArn: string): IPipeline;
|
193 | /**
|
194 | * The IAM role AWS CodePipeline will use to perform actions or assume roles for actions with
|
195 | * a more specific IAM role.
|
196 | */
|
197 | readonly role: iam.IRole;
|
198 | /**
|
199 | * ARN of this pipeline
|
200 | */
|
201 | readonly pipelineArn: string;
|
202 | /**
|
203 | * The name of the pipeline
|
204 | */
|
205 | readonly pipelineName: string;
|
206 | /**
|
207 | * The version of the pipeline
|
208 | *
|
209 | * @attribute
|
210 | */
|
211 | readonly pipelineVersion: string;
|
212 | /**
|
213 | * Bucket used to store output artifacts
|
214 | */
|
215 | readonly artifactBucket: s3.IBucket;
|
216 | private readonly _stages;
|
217 | private readonly crossRegionBucketsPassed;
|
218 | private readonly _crossRegionSupport;
|
219 | private readonly _crossAccountSupport;
|
220 | private readonly crossAccountKeys;
|
221 | private readonly enableKeyRotation?;
|
222 | private readonly reuseCrossRegionSupportStacks;
|
223 | constructor(scope: Construct, id: string, props?: PipelineProps);
|
224 | /**
|
225 | * Creates a new Stage, and adds it to this Pipeline.
|
226 | *
|
227 | * @param props the creation properties of the new Stage
|
228 | * @returns the newly created Stage
|
229 | */
|
230 | addStage(props: StageOptions): IStage;
|
231 | /**
|
232 | * Adds a statement to the pipeline role.
|
233 | */
|
234 | addToRolePolicy(statement: iam.PolicyStatement): void;
|
235 | /**
|
236 | * Get the number of Stages in this Pipeline.
|
237 | */
|
238 | get stageCount(): number;
|
239 | /**
|
240 | * Returns the stages that comprise the pipeline.
|
241 | *
|
242 | * **Note**: the returned array is a defensive copy,
|
243 | * so adding elements to it has no effect.
|
244 | * Instead, use the {if you want to add more stages
addStage} method |
245 | * to the pipeline.
|
246 | */
|
247 | get stages(): IStage[];
|
248 | /**
|
249 | * Access one of the pipeline's stages by stage name
|
250 | */
|
251 | stage(stageName: string): IStage;
|
252 | /**
|
253 | * Returns all of the {@link CrossRegionSupportStack}s that were generated automatically
|
254 | * when dealing with Actions that reside in a different region than the Pipeline itself.
|
255 | *
|
256 | */
|
257 | get crossRegionSupport(): {
|
258 | [region: string]: CrossRegionSupport;
|
259 | };
|
260 | /** @internal */
|
261 | _attachActionToPipeline(stage: Stage, action: IAction, actionScope: Construct): FullActionDescriptor;
|
262 | /**
|
263 | * Validate the pipeline structure
|
264 | *
|
265 | * Validation happens according to the rules documented at
|
266 | *
|
267 | * https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html#pipeline-requirements
|
268 | * @override
|
269 | */
|
270 | protected validate(): string[];
|
271 | private ensureReplicationResourcesExistFor;
|
272 | /**
|
273 | * Get or create the cross-region support construct for the given action
|
274 | */
|
275 | private obtainCrossRegionSupportFor;
|
276 | private createSupportResourcesForRegion;
|
277 | private getCrossRegionSupportSynthesizer;
|
278 | private generateNameForDefaultBucketKeyAlias;
|
279 | /**
|
280 | * Gets the role used for this action,
|
281 | * including handling the case when the action is supposed to be cross-account.
|
282 | *
|
283 | * @param stage the stage the action belongs to
|
284 | * @param action the action to return/create a role for
|
285 | * @param actionScope the scope, unique to the action, to create new resources in
|
286 | */
|
287 | private getRoleForAction;
|
288 | private getRoleFromActionPropsOrGenerateIfCrossAccount;
|
289 | /**
|
290 | * Returns the Stack this Action belongs to if this is a cross-account Action.
|
291 | * If this Action is not cross-account (i.e., it lives in the same account as the Pipeline),
|
292 | * it returns undefined.
|
293 | *
|
294 | * @param action the Action to return the Stack for
|
295 | */
|
296 | private getOtherStackIfActionIsCrossAccount;
|
297 | private isAwsOwned;
|
298 | private getArtifactBucketFromProps;
|
299 | private calculateInsertIndexFromPlacement;
|
300 | private findStageIndex;
|
301 | private validateSourceActionLocations;
|
302 | private validateHasStages;
|
303 | private validateStages;
|
304 | private validateArtifacts;
|
305 | private renderArtifactStoresProperty;
|
306 | private renderArtifactStoreProperty;
|
307 | private renderPrimaryArtifactStore;
|
308 | private renderArtifactStore;
|
309 | private get crossRegion();
|
310 | private renderStages;
|
311 | private renderDisabledTransitions;
|
312 | private requireRegion;
|
313 | private supportScope;
|
314 | }
|
315 | /**
|
316 | * An interface representing resources generated in order to support
|
317 | * the cross-region capabilities of CodePipeline.
|
318 | * You get instances of this interface from the {@link Pipeline#crossRegionSupport} property.
|
319 | *
|
320 | */
|
321 | export interface CrossRegionSupport {
|
322 | /**
|
323 | * The Stack that has been created to house the replication Bucket
|
324 | * required for this region.
|
325 | */
|
326 | readonly stack: Stack;
|
327 | /**
|
328 | * The replication Bucket used by CodePipeline to operate in this region.
|
329 | * Belongs to {@link stack}.
|
330 | */
|
331 | readonly replicationBucket: s3.IBucket;
|
332 | }
|
333 | export {};
|