UNPKG

@scloud/cdk-patterns

Version:

Serverless CDK patterns for common infrastructure needs

github.com/davidcarboni/scloud

davidcarboni/scloud

88 lines • 12 kB

JavaScript

"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.addGhaSecret = addGhaSecret; exports.addGhaVariable = addGhaVariable; exports.addGhaLambda = addGhaLambda; exports.addGhaBucket = addGhaBucket; exports.addGhaDistribution = addGhaDistribution; exports.addGhaRepository = addGhaRepository; exports.saveGhaValues = saveGhaValues; exports.ghaPolicy = ghaPolicy; exports.ghaOidcProvider = ghaOidcProvider; exports.ghaOidcRole = ghaOidcRole; exports.ghaUser = ghaUser; const GithubActions_1 = require("../GithubActions"); // const ghaInfo = { // resources: { // repositories: <IRepository[]>[], // buckets: <IBucket[]>[], // lambdas: <IFunction[]>[], // services: <IFargateService[]>[], // distributions: <IDistribution[]>[], // }, // secrets: <string[]>[], // variables: <string[]>[], // }; // @deprecated - Use GithubActions instead function addGhaSecret(construct, name, value) { (0, GithubActions_1.githubActions)(construct).addGhaSecret(name, value); } // @deprecated - Use GithubActions instead function addGhaVariable(construct, name, type, value) { (0, GithubActions_1.githubActions)(construct).addGhaVariable(name, type, value); } // @deprecated - Use GithubActions instead function addGhaLambda(construct, name, lambda) { (0, GithubActions_1.githubActions)(construct).addGhaLambda(name, lambda); } // @deprecated - Use GithubActions instead function addGhaBucket(construct, name, bucket) { (0, GithubActions_1.githubActions)(construct).addGhaBucket(name, bucket); } // @deprecated - Use GithubActions instead function addGhaDistribution(construct, name, distribution) { (0, GithubActions_1.githubActions)(construct).addGhaDistribution(name, distribution); } // @deprecated - Use GithubActions instead function addGhaRepository(construct, name, repository) { (0, GithubActions_1.githubActions)(construct).addGhaRepository(name, repository); } // @deprecated - Use GithubActions instead function saveGhaValues(stack) { (0, GithubActions_1.githubActions)(stack).saveGhaValues(); } // @deprecated - Use GithubActions instead function ghaPolicy(stack) { return (0, GithubActions_1.githubActions)(stack).ghaPolicy(); } /** * @deprecated - Use GithubActions instead * * Create an account-wide OIDC connection fo Guthub Actions. * NB only one OIDC provider for GitHub can be created per AWS account (because the provider URL must be unique). * To provide access to resources, you can create multiple roles that trust the provider so you'll probably want to call ghaOidcRole() instead. * See: https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services * @param repo What to grant access to. This is a minimum of a GitHub owner (user or org), optionally a repository name, and you can also specify a filter to limit access to e.g. a branch. */ function ghaOidcProvider(stack) { return (0, GithubActions_1.githubActions)(stack).ghaOidcProvider(); } /** * @deprecated - Use GithubActions instead * * Add permissions to the GitHub OIDC role that allow workflows to access the AWS resources in this stack that need to be updated at build time. * See: https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services * @param repo The repository to grant access to (owner and name). You can also specify a filter to limit access e.g. to a branch. */ function ghaOidcRole(stack, repo, openIdConnectProvider) { return (0, GithubActions_1.githubActions)(stack).ghaOidcRole(repo, openIdConnectProvider); } /** * @deprecated - Use GithubActions instead * * A user for Gihud Actions CI/CD. */ function ghaUser(stack, username) { return (0, GithubActions_1.githubActions)(stack).ghaUser(username); } //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZ2hhVXNlckRlcHJlY2F0ZWQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvZGVwcmVjYXRlZC9naGFVc2VyRGVwcmVjYXRlZC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQXlCQSxvQ0FNQztBQUdELHdDQU9DO0FBR0Qsb0NBTUM7QUFHRCxvQ0FNQztBQUdELGdEQU1DO0FBR0QsNENBTUM7QUFHRCxzQ0FFQztBQUlELDhCQUVDO0FBV0QsMENBRUM7QUFTRCxrQ0FFQztBQU9ELDBCQUVDO0FBL0dELG9EQUFpRDtBQUVqRCxvQkFBb0I7QUFDcEIsaUJBQWlCO0FBQ2pCLHVDQUF1QztBQUN2Qyw4QkFBOEI7QUFDOUIsZ0NBQWdDO0FBQ2hDLHVDQUF1QztBQUN2QywwQ0FBMEM7QUFDMUMsT0FBTztBQUNQLDJCQUEyQjtBQUMzQiw2QkFBNkI7QUFDN0IsS0FBSztBQUVMLDBDQUEwQztBQUMxQyxTQUFnQixZQUFZLENBQzFCLFNBQW9CLEVBQ3BCLElBQVksRUFDWixLQUFhO0lBRWIsSUFBQSw2QkFBYSxFQUFDLFNBQVMsQ0FBQyxDQUFDLFlBQVksQ0FBQyxJQUFJLEVBQUUsS0FBSyxDQUFDLENBQUM7QUFDckQsQ0FBQztBQUVELDBDQUEwQztBQUMxQyxTQUFnQixjQUFjLENBQzVCLFNBQW9CLEVBQ3BCLElBQVksRUFDWixJQUFZLEVBQ1osS0FBYTtJQUViLElBQUEsNkJBQWEsRUFBQyxTQUFTLENBQUMsQ0FBQyxjQUFjLENBQUMsSUFBSSxFQUFFLElBQUksRUFBRSxLQUFLLENBQUMsQ0FBQztBQUM3RCxDQUFDO0FBRUQsMENBQTBDO0FBQzFDLFNBQWdCLFlBQVksQ0FDMUIsU0FBb0IsRUFDcEIsSUFBWSxFQUNaLE1BQWlCO0lBRWpCLElBQUEsNkJBQWEsRUFBQyxTQUFTLENBQUMsQ0FBQyxZQUFZLENBQUMsSUFBSSxFQUFFLE1BQU0sQ0FBQyxDQUFDO0FBQ3RELENBQUM7QUFFRCwwQ0FBMEM7QUFDMUMsU0FBZ0IsWUFBWSxDQUMxQixTQUFvQixFQUNwQixJQUFZLEVBQ1osTUFBZTtJQUVmLElBQUEsNkJBQWEsRUFBQyxTQUFTLENBQUMsQ0FBQyxZQUFZLENBQUMsSUFBSSxFQUFFLE1BQU0sQ0FBQyxDQUFDO0FBQ3RELENBQUM7QUFFRCwwQ0FBMEM7QUFDMUMsU0FBZ0Isa0JBQWtCLENBQ2hDLFNBQW9CLEVBQ3BCLElBQVksRUFDWixZQUEyQjtJQUUzQixJQUFBLDZCQUFhLEVBQUMsU0FBUyxDQUFDLENBQUMsa0JBQWtCLENBQUMsSUFBSSxFQUFFLFlBQVksQ0FBQyxDQUFDO0FBQ2xFLENBQUM7QUFFRCwwQ0FBMEM7QUFDMUMsU0FBZ0IsZ0JBQWdCLENBQzlCLFNBQW9CLEVBQ3BCLElBQVksRUFDWixVQUF1QjtJQUV2QixJQUFBLDZCQUFhLEVBQUMsU0FBUyxDQUFDLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxFQUFFLFVBQVUsQ0FBQyxDQUFDO0FBQzlELENBQUM7QUFFRCwwQ0FBMEM7QUFDMUMsU0FBZ0IsYUFBYSxDQUFDLEtBQVk7SUFDeEMsSUFBQSw2QkFBYSxFQUFDLEtBQUssQ0FBQyxDQUFDLGFBQWEsRUFBRSxDQUFDO0FBQ3ZDLENBQUM7QUFFRCwwQ0FBMEM7QUFFMUMsU0FBZ0IsU0FBUyxDQUFDLEtBQVk7SUFDcEMsT0FBTyxJQUFBLDZCQUFhLEVBQUMsS0FBSyxDQUFDLENBQUMsU0FBUyxFQUFFLENBQUM7QUFDMUMsQ0FBQztBQUVEOzs7Ozs7OztHQVFHO0FBQ0gsU0FBZ0IsZUFBZSxDQUFDLEtBQVk7SUFDMUMsT0FBTyxJQUFBLDZCQUFhLEVBQUMsS0FBSyxDQUFDLENBQUMsZUFBZSxFQUFFLENBQUM7QUFDaEQsQ0FBQztBQUVEOzs7Ozs7R0FNRztBQUNILFNBQWdCLFdBQVcsQ0FBQyxLQUFZLEVBQUUsSUFBd0QsRUFBRSxxQkFBNkM7SUFDL0ksT0FBTyxJQUFBLDZCQUFhLEVBQUMsS0FBSyxDQUFDLENBQUMsV0FBVyxDQUFDLElBQUksRUFBRSxxQkFBcUIsQ0FBQyxDQUFDO0FBQ3ZFLENBQUM7QUFFRDs7OztHQUlHO0FBQ0gsU0FBZ0IsT0FBTyxDQUFDLEtBQVksRUFBRSxRQUFpQjtJQUNyRCxPQUFPLElBQUEsNkJBQWEsRUFBQyxLQUFLLENBQUMsQ0FBQyxPQUFPLENBQUMsUUFBUSxDQUFDLENBQUM7QUFDaEQsQ0FBQyIsInNvdXJjZXNDb250ZW50IjpbIlxuaW1wb3J0IHtcbiAgQ2ZuQWNjZXNzS2V5LCBPcGVuSWRDb25uZWN0UHJvdmlkZXIsIFJvbGUsIFVzZXIsXG59IGZyb20gJ2F3cy1jZGstbGliL2F3cy1pYW0nO1xuaW1wb3J0IHsgU3RhY2sgfSBmcm9tICdhd3MtY2RrLWxpYic7XG5pbXBvcnQgeyBJUmVwb3NpdG9yeSB9IGZyb20gJ2F3cy1jZGstbGliL2F3cy1lY3InO1xuaW1wb3J0IHsgSUZ1bmN0aW9uIH0gZnJvbSAnYXdzLWNkay1saWIvYXdzLWxhbWJkYSc7XG5pbXBvcnQgeyBJQnVja2V0IH0gZnJvbSAnYXdzLWNkay1saWIvYXdzLXMzJztcbmltcG9ydCB7IElEaXN0cmlidXRpb24gfSBmcm9tICdhd3MtY2RrLWxpYi9hd3MtY2xvdWRmcm9udCc7XG5pbXBvcnQgeyBDb25zdHJ1Y3QgfSBmcm9tICdjb25zdHJ1Y3RzJztcbmltcG9ydCB7IGdpdGh1YkFjdGlvbnMgfSBmcm9tICcuLi9HaXRodWJBY3Rpb25zJztcblxuLy8gY29uc3QgZ2hhSW5mbyA9IHtcbi8vICAgcmVzb3VyY2VzOiB7XG4vLyAgICAgcmVwb3NpdG9yaWVzOiA8SVJlcG9zaXRvcnlbXT5bXSxcbi8vICAgICBidWNrZXRzOiA8SUJ1Y2tldFtdPltdLFxuLy8gICAgIGxhbWJkYXM6IDxJRnVuY3Rpb25bXT5bXSxcbi8vICAgICBzZXJ2aWNlczogPElGYXJnYXRlU2VydmljZVtdPltdLFxuLy8gICAgIGRpc3RyaWJ1dGlvbnM6IDxJRGlzdHJpYnV0aW9uW10+W10sXG4vLyAgIH0sXG4vLyAgIHNlY3JldHM6IDxzdHJpbmdbXT5bXSxcbi8vICAgdmFyaWFibGVzOiA8c3RyaW5nW10+W10sXG4vLyB9O1xuXG4vLyBAZGVwcmVjYXRlZCAtIFVzZSBHaXRodWJBY3Rpb25zIGluc3RlYWRcbmV4cG9ydCBmdW5jdGlvbiBhZGRHaGFTZWNyZXQoXG4gIGNvbnN0cnVjdDogQ29uc3RydWN0LFxuICBuYW1lOiBzdHJpbmcsXG4gIHZhbHVlOiBzdHJpbmcsXG4pIHtcbiAgZ2l0aHViQWN0aW9ucyhjb25zdHJ1Y3QpLmFkZEdoYVNlY3JldChuYW1lLCB2YWx1ZSk7XG59XG5cbi8vIEBkZXByZWNhdGVkIC0gVXNlIEdpdGh1YkFjdGlvbnMgaW5zdGVhZFxuZXhwb3J0IGZ1bmN0aW9uIGFkZEdoYVZhcmlhYmxlKFxuICBjb25zdHJ1Y3Q6IENvbnN0cnVjdCxcbiAgbmFtZTogc3RyaW5nLFxuICB0eXBlOiBzdHJpbmcsXG4gIHZhbHVlOiBzdHJpbmcsXG4pIHtcbiAgZ2l0aHViQWN0aW9ucyhjb25zdHJ1Y3QpLmFkZEdoYVZhcmlhYmxlKG5hbWUsIHR5cGUsIHZhbHVlKTtcbn1cblxuLy8gQGRlcHJlY2F0ZWQgLSBVc2UgR2l0aHViQWN0aW9ucyBpbnN0ZWFkXG5leHBvcnQgZnVuY3Rpb24gYWRkR2hhTGFtYmRhKFxuICBjb25zdHJ1Y3Q6IENvbnN0cnVjdCxcbiAgbmFtZTogc3RyaW5nLFxuICBsYW1iZGE6IElGdW5jdGlvbixcbikge1xuICBnaXRodWJBY3Rpb25zKGNvbnN0cnVjdCkuYWRkR2hhTGFtYmRhKG5hbWUsIGxhbWJkYSk7XG59XG5cbi8vIEBkZXByZWNhdGVkIC0gVXNlIEdpdGh1YkFjdGlvbnMgaW5zdGVhZFxuZXhwb3J0IGZ1bmN0aW9uIGFkZEdoYUJ1Y2tldChcbiAgY29uc3RydWN0OiBDb25zdHJ1Y3QsXG4gIG5hbWU6IHN0cmluZyxcbiAgYnVja2V0OiBJQnVja2V0LFxuKSB7XG4gIGdpdGh1YkFjdGlvbnMoY29uc3RydWN0KS5hZGRHaGFCdWNrZXQobmFtZSwgYnVja2V0KTtcbn1cblxuLy8gQGRlcHJlY2F0ZWQgLSBVc2UgR2l0aHViQWN0aW9ucyBpbnN0ZWFkXG5leHBvcnQgZnVuY3Rpb24gYWRkR2hhRGlzdHJpYnV0aW9uKFxuICBjb25zdHJ1Y3Q6IENvbnN0cnVjdCxcbiAgbmFtZTogc3RyaW5nLFxuICBkaXN0cmlidXRpb246IElEaXN0cmlidXRpb24sXG4pIHtcbiAgZ2l0aHViQWN0aW9ucyhjb25zdHJ1Y3QpLmFkZEdoYURpc3RyaWJ1dGlvbihuYW1lLCBkaXN0cmlidXRpb24pO1xufVxuXG4vLyBAZGVwcmVjYXRlZCAtIFVzZSBHaXRodWJBY3Rpb25zIGluc3RlYWRcbmV4cG9ydCBmdW5jdGlvbiBhZGRHaGFSZXBvc2l0b3J5KFxuICBjb25zdHJ1Y3Q6IENvbnN0cnVjdCxcbiAgbmFtZTogc3RyaW5nLFxuICByZXBvc2l0b3J5OiBJUmVwb3NpdG9yeSxcbikge1xuICBnaXRodWJBY3Rpb25zKGNvbnN0cnVjdCkuYWRkR2hhUmVwb3NpdG9yeShuYW1lLCByZXBvc2l0b3J5KTtcbn1cblxuLy8gQGRlcHJlY2F0ZWQgLSBVc2UgR2l0aHViQWN0aW9ucyBpbnN0ZWFkXG5leHBvcnQgZnVuY3Rpb24gc2F2ZUdoYVZhbHVlcyhzdGFjazogU3RhY2spIHtcbiAgZ2l0aHViQWN0aW9ucyhzdGFjaykuc2F2ZUdoYVZhbHVlcygpO1xufVxuXG4vLyBAZGVwcmVjYXRlZCAtIFVzZSBHaXRodWJBY3Rpb25zIGluc3RlYWRcblxuZXhwb3J0IGZ1bmN0aW9uIGdoYVBvbGljeShzdGFjazogU3RhY2spIHtcbiAgcmV0dXJuIGdpdGh1YkFjdGlvbnMoc3RhY2spLmdoYVBvbGljeSgpO1xufVxuXG4vKipcbiAqIEBkZXByZWNhdGVkIC0gVXNlIEdpdGh1YkFjdGlvbnMgaW5zdGVhZFxuICpcbiAqIENyZWF0ZSBhbiBhY2NvdW50LXdpZGUgT0lEQyBjb25uZWN0aW9uIGZvIEd1dGh1YiBBY3Rpb25zLlxuICogTkIgb25seSBvbmUgT0lEQyBwcm92aWRlciBmb3IgR2l0SHViIGNhbiBiZSBjcmVhdGVkIHBlciBBV1MgYWNjb3VudCAoYmVjYXVzZSB0aGUgcHJvdmlkZXIgVVJMIG11c3QgYmUgdW5pcXVlKS5cbiAqIFRvIHByb3ZpZGUgYWNjZXNzIHRvIHJlc291cmNlcywgeW91IGNhbiBjcmVhdGUgbXVsdGlwbGUgcm9sZXMgdGhhdCB0cnVzdCB0aGUgcHJvdmlkZXIgc28geW91J2xsIHByb2JhYmx5IHdhbnQgdG8gY2FsbCBnaGFPaWRjUm9sZSgpIGluc3RlYWQuXG4gKiBTZWU6IGh0dHBzOi8vZG9jcy5naXRodWIuY29tL2VuL2FjdGlvbnMvZGVwbG95bWVudC9zZWN1cml0eS1oYXJkZW5pbmcteW91ci1kZXBsb3ltZW50cy9jb25maWd1cmluZy1vcGVuaWQtY29ubmVjdC1pbi1hbWF6b24td2ViLXNlcnZpY2VzXG4gKiBAcGFyYW0gcmVwbyBXaGF0IHRvIGdyYW50IGFjY2VzcyB0by4gVGhpcyBpcyBhIG1pbmltdW0gb2YgYSBHaXRIdWIgb3duZXIgKHVzZXIgb3Igb3JnKSwgb3B0aW9uYWxseSBhIHJlcG9zaXRvcnkgbmFtZSwgYW5kIHlvdSBjYW4gYWxzbyBzcGVjaWZ5IGEgZmlsdGVyIHRvIGxpbWl0IGFjY2VzcyB0byBlLmcuIGEgYnJhbmNoLlxuICovXG5leHBvcnQgZnVuY3Rpb24gZ2hhT2lkY1Byb3ZpZGVyKHN0YWNrOiBTdGFjayk6IE9wZW5JZENvbm5lY3RQcm92aWRlciB7XG4gIHJldHVybiBnaXRodWJBY3Rpb25zKHN0YWNrKS5naGFPaWRjUHJvdmlkZXIoKTtcbn1cblxuLyoqXG4gKiBAZGVwcmVjYXRlZCAtIFVzZSBHaXRodWJBY3Rpb25zIGluc3RlYWRcbiAqXG4gKiBBZGQgcGVybWlzc2lvbnMgdG8gdGhlIEdpdEh1YiBPSURDIHJvbGUgdGhhdCBhbGxvdyB3b3JrZmxvd3MgdG8gYWNjZXNzIHRoZSBBV1MgcmVzb3VyY2VzIGluIHRoaXMgc3RhY2sgdGhhdCBuZWVkIHRvIGJlIHVwZGF0ZWQgYXQgYnVpbGQgdGltZS5cbiAqIFNlZTogaHR0cHM6Ly9kb2NzLmdpdGh1Yi5jb20vZW4vYWN0aW9ucy9kZXBsb3ltZW50L3NlY3VyaXR5LWhhcmRlbmluZy15b3VyLWRlcGxveW1lbnRzL2NvbmZpZ3VyaW5nLW9wZW5pZC1jb25uZWN0LWluLWFtYXpvbi13ZWItc2VydmljZXNcbiAqIEBwYXJhbSByZXBvIFRoZSByZXBvc2l0b3J5IHRvIGdyYW50IGFjY2VzcyB0byAob3duZXIgYW5kIG5hbWUpLiBZb3UgY2FuIGFsc28gc3BlY2lmeSBhIGZpbHRlciB0byBsaW1pdCBhY2Nlc3MgZS5nLiB0byBhIGJyYW5jaC5cbiAqL1xuZXhwb3J0IGZ1bmN0aW9uIGdoYU9pZGNSb2xlKHN0YWNrOiBTdGFjaywgcmVwbzogeyBvd25lcjogc3RyaW5nLCByZXBvPzogc3RyaW5nOyBmaWx0ZXI/OiBzdHJpbmc7IH0sIG9wZW5JZENvbm5lY3RQcm92aWRlcj86IE9wZW5JZENvbm5lY3RQcm92aWRlcik6IFJvbGUge1xuICByZXR1cm4gZ2l0aHViQWN0aW9ucyhzdGFjaykuZ2hhT2lkY1JvbGUocmVwbywgb3BlbklkQ29ubmVjdFByb3ZpZGVyKTtcbn1cblxuLyoqXG4gKiBAZGVwcmVjYXRlZCAtIFVzZSBHaXRodWJBY3Rpb25zIGluc3RlYWRcbiAqXG4gKiBBIHVzZXIgZm9yIEdpaHVkIEFjdGlvbnMgQ0kvQ0QuXG4gKi9cbmV4cG9ydCBmdW5jdGlvbiBnaGFVc2VyKHN0YWNrOiBTdGFjaywgdXNlcm5hbWU/OiBzdHJpbmcpOiB7IHVzZXI6IFVzZXIsIGFjY2Vzc0tleTogQ2ZuQWNjZXNzS2V5IHwgdW5kZWZpbmVkOyB9IHtcbiAgcmV0dXJuIGdpdGh1YkFjdGlvbnMoc3RhY2spLmdoYVVzZXIodXNlcm5hbWUpO1xufVxuIl19