UNPKG

@cloudcomponents/cdk-codepipeline-check-parameter-action

Version:

Cdk component that checks if system parameters are set correctly

github.com/cloudcomponents/cdk-constructs

cloudcomponents/cdk-constructs

224 lines (214 loc) • 8.19 kB

JavaScript

module.exports = /******/ (function(modules) { // webpackBootstrap /******/ // The module cache /******/ var installedModules = {}; /******/ /******/ // The require function /******/ function __webpack_require__(moduleId) { /******/ /******/ // Check if module is in cache /******/ if(installedModules[moduleId]) { /******/ return installedModules[moduleId].exports; /******/ } /******/ // Create a new module (and put it into the cache) /******/ var module = installedModules[moduleId] = { /******/ i: moduleId, /******/ l: false, /******/ exports: {} /******/ }; /******/ /******/ // Execute the module function /******/ modules[moduleId].call(module.exports, module, module.exports, __webpack_require__); /******/ /******/ // Flag the module as loaded /******/ module.l = true; /******/ /******/ // Return the exports of the module /******/ return module.exports; /******/ } /******/ /******/ /******/ // expose the modules object (__webpack_modules__) /******/ __webpack_require__.m = modules; /******/ /******/ // expose the module cache /******/ __webpack_require__.c = installedModules; /******/ /******/ // define getter function for harmony exports /******/ __webpack_require__.d = function(exports, name, getter) { /******/ if(!__webpack_require__.o(exports, name)) { /******/ Object.defineProperty(exports, name, { enumerable: true, get: getter }); /******/ } /******/ }; /******/ /******/ // define __esModule on exports /******/ __webpack_require__.r = function(exports) { /******/ if(typeof Symbol !== 'undefined' && Symbol.toStringTag) { /******/ Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' }); /******/ } /******/ Object.defineProperty(exports, '__esModule', { value: true }); /******/ }; /******/ /******/ // create a fake namespace object /******/ // mode & 1: value is a module id, require it /******/ // mode & 2: merge all properties of value into the ns /******/ // mode & 4: return value when already ns object /******/ // mode & 8|1: behave like require /******/ __webpack_require__.t = function(value, mode) { /******/ if(mode & 1) value = __webpack_require__(value); /******/ if(mode & 8) return value; /******/ if((mode & 4) && typeof value === 'object' && value && value.__esModule) return value; /******/ var ns = Object.create(null); /******/ __webpack_require__.r(ns); /******/ Object.defineProperty(ns, 'default', { enumerable: true, value: value }); /******/ if(mode & 2 && typeof value != 'string') for(var key in value) __webpack_require__.d(ns, key, function(key) { return value[key]; }.bind(null, key)); /******/ return ns; /******/ }; /******/ /******/ // getDefaultExport function for compatibility with non-harmony modules /******/ __webpack_require__.n = function(module) { /******/ var getter = module && module.__esModule ? /******/ function getDefault() { return module['default']; } : /******/ function getModuleExports() { return module; }; /******/ __webpack_require__.d(getter, 'a', getter); /******/ return getter; /******/ }; /******/ /******/ // Object.prototype.hasOwnProperty.call /******/ __webpack_require__.o = function(object, property) { return Object.prototype.hasOwnProperty.call(object, property); }; /******/ /******/ // __webpack_public_path__ /******/ __webpack_require__.p = ""; /******/ /******/ /******/ // Load entry module and return exports /******/ return __webpack_require__(__webpack_require__.s = 0); /******/ }) /************************************************************************/ /******/ ([ /* 0 */ /***/ (function(module, exports, __webpack_require__) { "use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.handler = void 0; const client_codepipeline_1 = __webpack_require__(1); const client_ssm_1 = __webpack_require__(2); const client_sts_1 = __webpack_require__(3); // default session const codePipeline = new client_codepipeline_1.CodePipelineClient(); const sts = new client_sts_1.STSClient(); const handler = async (event) => { const { id: jobId, data: jobData } = event['CodePipeline.job']; try { const { parameterName, logParameter, regExp, crossAccountRoleArn } = getUserParams(jobData); const ssm = await (async () => { if (!crossAccountRoleArn) { return new client_ssm_1.SSMClient(); } const { Credentials: credentials } = await sts.send(new client_sts_1.AssumeRoleCommand({ RoleArn: crossAccountRoleArn, RoleSessionName: `CheckParameter-${parameterName}`, })); if (!credentials) { throw new Error('Crossaccount role could not be assumed'); } return new client_ssm_1.SSMClient({ credentials: { // eslint-disable-next-line @typescript-eslint/no-non-null-assertion accessKeyId: credentials.AccessKeyId, // eslint-disable-next-line @typescript-eslint/no-non-null-assertion secretAccessKey: credentials.SecretAccessKey, sessionToken: credentials.SessionToken, }, }); })(); const { Parameter: parameter } = await ssm.send(new client_ssm_1.GetParameterCommand({ Name: parameterName, WithDecryption: false, })); if (!(parameter === null || parameter === void 0 ? void 0 : parameter.Value)) { throw new Error('No parameter value'); } if (regExp) { if (!new RegExp(regExp).test(parameter.Value)) { await putJobFailure(jobId, `Value does not match the regular expression: ${regExp}`); return; } } await putJobSuccess(jobId, logParameter ? JSON.stringify(parameter) : 'Logging is off'); // eslint-disable-next-line @typescript-eslint/no-explicit-any } catch (error) { console.log(error); await putJobFailure(jobId, `Function exception: ${error.message}`); } }; exports.handler = handler; /** * Decodes the JSON user parameters and validates the required properties * * @param jobData The job data structure containing the UserParameters string which should be a valid JSON structure */ const getUserParams = (jobData) => { const { UserParameters: userParameters } = jobData.actionConfiguration.configuration; const { parameterName, logParameter, regExp, crossAccountRoleArn } = JSON.parse(userParameters); if (!parameterName) { throw new Error('Your UserParameters JSON must include the parameter name'); } if (!logParameter) { throw new Error('Your UserParameters JSON must include logParameter'); } return { parameterName, logParameter, regExp, crossAccountRoleArn, }; }; /** * Notify CodePipeline of a successful job * * @param jobId The CodePipeline job ID * @param message A message to be logged relating to the job status */ const putJobSuccess = async (jobId, message) => { console.log('Putting job success'); if (message) { console.log(message); } await codePipeline.send(new client_codepipeline_1.PutJobSuccessResultCommand({ jobId, })); }; /** * Notify CodePipeline of a failed job * * @param jobId The CodePipeline job ID * @param message A message to be logged relating to the job status */ const putJobFailure = async (jobId, message) => { console.log('Putting job failure'); console.log(message); await codePipeline.send(new client_codepipeline_1.PutJobFailureResultCommand({ jobId, failureDetails: { message, type: 'JobFailed', }, })); }; /***/ }), /* 1 */ /***/ (function(module, exports) { module.exports = require("@aws-sdk/client-codepipeline"); /***/ }), /* 2 */ /***/ (function(module, exports) { module.exports = require("@aws-sdk/client-ssm"); /***/ }), /* 3 */ /***/ (function(module, exports) { module.exports = require("@aws-sdk/client-sts"); /***/ }) /******/ ]); //# sourceMappingURL=index.js.map