aws-delivlib

import { aws_codebuild as cbuild, aws_codepipeline as cpipeline, aws_iam as iam, aws_s3 as s3 } from 'aws-cdk-lib'; import { Construct } from 'constructs'; import { ICodeSigningCertificate } from './code-signing'; import { OpenPGPKeyPair } from './open-pgp-key-pair'; import * as permissions from './permissions'; import { AddToPipelineOptions, IPublisher } from './pipeline'; import { WritableGitHubRepo } from './repo'; /** * Type of access permissions to request from npmjs. */ export declare enum NpmAccess { /** * No access restriction. Note that unscoped packages must always be public. */ PUBLIC = "public", /** * Limit access to whitelisted npmjs users. */ RESTRICTED = "restricted" } export interface PublishToMavenProjectProps { /** * The signing key itself */ signingKey: OpenPGPKeyPair; /** * The ID of the sonatype staging profile (e.g. "68a05363083174"). */ stagingProfileId: string; /** * Identifier of the secret that contains the Maven login */ mavenLoginSecret: permissions.ExternalSecret; /** * If true (default) performs a dry-run only instead of actually publishing. * @default true */ dryRun?: boolean; /** * The Maven publishing endpoint to be used. * * @default "https://oss.sonatype.org" */ mavenEndpoint?: string; /** * The server ID * * The only sensible value here is `central-ossrh`, which will use the new * publishing endpoint that is mandatory starting June 30th. * * Any other value can `central-ossrh` will cause the underlying publishing * library `publib` to assume publishing to a custom Nexus server, but this * action currently doesn't have a way of specifying that Nexus server's * endpoint. * * @default - Use legacy OSSRH server */ serverId?: string; /** * The build image to do the publishing in * * Needs to have Maven preinstalled. * * @default Latest superchain */ readonly buildImage?: cbuild.IBuildImage; /** * The prefix under which to record the fact that the publish step executed * * This will write `<prefix>/version` and `<prefix>/timestamp` variables * * @default - no SSM parameters */ ssmPrefix?: string; /** * Description for the CodeBuild project * * @default - No description */ description?: string; } /** * CodeBuild project that will publish all packages in a release bundle to Maven */ export declare class PublishToMavenProject extends Construct implements IPublisher { readonly role: iam.IRole; readonly project: cbuild.Project; constructor(parent: Construct, id: string, props: PublishToMavenProjectProps); addToPipeline(stage: cpipeline.IStage, id: string, options: AddToPipelineOptions): void; } export interface PublishToNpmProjectProps { /** * Identifier of the secret that contains the NPM token */ npmTokenSecret: permissions.ExternalSecret; /** * If `true` (default) will only perform a dry-run but will not actually publish. * @default true */ dryRun?: boolean; /** * npm dist-tag to use when publishing artifacts. * * @default - npm default behavior ("latest" unless dist tag is specified in package.json) */ distTag?: string; /** * npm --access public|restricted * * See https://docs.npmjs.com/cli-commands/publish#:~:text=Tells%20the * * Tells the registry whether this package should be published as public or restricted. * Only applies to scoped packages, which default to restricted. * If you don’t have a paid account, you must publish with --access public to publish scoped packages. * * @default NpmAccess.PUBLIC */ access?: NpmAccess; /** * The prefix under which to record the fact that the publish step executed * * This will write `<prefix>/version` and `<prefix>/timestamp` variables * * @default - no SSM parameters */ ssmPrefix?: string; /** * Description for the CodeBuild project * * @default - No description */ description?: string; } /** * CodeBuild project that will publish all packages in a release bundle to NPM */ export declare class PublishToNpmProject extends Construct implements IPublisher { readonly role?: iam.IRole; readonly project: cbuild.Project; constructor(parent: Construct, id: string, props: PublishToNpmProjectProps); addToPipeline(stage: cpipeline.IStage, id: string, options: AddToPipelineOptions): void; } export interface PublishToNuGetProjectProps { /** * The SecretsManager secret which stores the Nuget API key. */ nugetApiKeySecret: permissions.ExternalSecret; /** * If `true` (default) will only perform a dry-run but will not actually publish. * @default true */ dryRun?: boolean; /** * A code signing certificate to use to sign assemblies. * @default No signing */ codeSign?: ICodeSigningCertificate; /** * The build image to do the publishing in * * Needs to have NuGet preinstalled. * * @default Latest superchain */ readonly buildImage?: cbuild.IBuildImage; /** * The prefix under which to record the fact that the publish step executed * * This will write `<prefix>/version` and `<prefix>/timestamp` variables * * @default - no SSM parameters */ ssmPrefix?: string; /** * Description for the CodeBuild project * * @default - No description */ description?: string; } /** * CodeBuild project that will publish all packages in a release bundle to NuGet */ export declare class PublishToNuGetProject extends Construct implements IPublisher { readonly role: iam.IRole; readonly project: cbuild.Project; constructor(parent: Construct, id: string, props: PublishToNuGetProjectProps); addToPipeline(stage: cpipeline.IStage, id: string, options: AddToPipelineOptions): void; } export interface PublishDocsToGitHubProjectProps { /** * The repository to publish to */ githubRepo: WritableGitHubRepo; /** * If `true` (default) will only perform a dry-run but will not actually publish. * @default true */ dryRun?: boolean; /** * The name of the build manifest JSON file (must include "name" and "version" fields). * Relative to the artifacts root. * @default "./build.json" */ buildManifestFileName?: string; /** * GitHub Pages branch to push to. * @default gh-pages */ branch?: string; /** * The prefix under which to record the fact that the publish step executed * * This will write `<prefix>/version` and `<prefix>/timestamp` variables * * @default - no SSM parameters */ ssmPrefix?: string; /** * Description for the CodeBuild project * * @default - No description */ description?: string; } /** * CodeBuild project that will publish all packages in a release bundle to NuGet */ export declare class PublishDocsToGitHubProject extends Construct implements IPublisher { readonly role: iam.IRole; readonly project: cbuild.Project; constructor(parent: Construct, id: string, props: PublishDocsToGitHubProjectProps); addToPipeline(stage: cpipeline.IStage, id: string, options: AddToPipelineOptions): void; } export interface PublishToGitHubProps { /** * If `true` (default) will only perform a dry-run but will not actually publish. * @default true */ dryRun?: boolean; /** * The repository to create a release in. */ githubRepo: WritableGitHubRepo; /** * The signign key to use to create a GPG signature of the artifact. */ signingKey: OpenPGPKeyPair; /** * The name of the build manifest JSON file (must include "name" and "version" fields). * Relative to the artifacts root. * @default "./build.json" */ buildManifestFileName?: string; /** * The name of the changelog markdown file, used to create release notes. * Relative to the artifacts root. * @default "./CHANGELOG.md" */ changelogFileName?: string; /** * The name of the release notes file, containing the completed release notes * for the current release. * Relative to the artifacts root. * NOTE - If this value is set and points to a valid file, the file in its entirety * will be read and used for the release notes. The value of `changelogFileName` will * be ignored. * @default "./RELEASE_NOTES.md" */ releaseNotesFileName?: string; /** * Additional input artifacts to publish binaries from to GitHub release */ additionalInputArtifacts?: cpipeline.Artifact[]; /** * Whether to sign the additional artifacts * * @default true */ signAdditionalArtifacts?: boolean; /** * The prefix under which to record the fact that the publish step executed * * This will write `<prefix>/version` and `<prefix>/timestamp` variables * * @default - no SSM parameters */ ssmPrefix?: string; /** * Description for the CodeBuild project * * @default - No description */ description?: string; } export declare class PublishToGitHub extends Construct implements IPublisher { readonly role: iam.IRole; readonly project: cbuild.Project; private readonly additionalInputArtifacts?; constructor(parent: Construct, id: string, props: PublishToGitHubProps); addToPipeline(stage: cpipeline.IStage, id: string, options: AddToPipelineOptions): void; } export interface PublishToS3Props { bucket: s3.IBucket; /** * Make files publicly readable * * @default false */ public?: boolean; /** * If `true` (default) will only perform a dry-run but will not actually publish. * @default true */ dryRun?: boolean; /** * Description for the CodeBuild project * * @default - No description */ description?: string; } export declare class PublishToS3 extends Construct implements IPublisher { readonly role?: iam.IRole; readonly project: cbuild.Project; constructor(scope: Construct, id: string, props: PublishToS3Props); addToPipeline(stage: cpipeline.IStage, id: string, options: AddToPipelineOptions): void; } export interface PublishToPyPiProps { /** * Identifier of the secret that contains the PyPI credentials under * "username" and "password" keys. */ loginSecret: permissions.ExternalSecret; /** * If `true` (default) will only perform a dry-run but will not actually publish. * @default true */ dryRun?: boolean; /** * The prefix under which to record the fact that the publish step executed * * This will write `<prefix>/version` and `<prefix>/timestamp` variables * * @default - no SSM parameters */ ssmPrefix?: string; /** * Description for the CodeBuild project * * @default - No description */ description?: string; } export declare class PublishToPyPi extends Construct { readonly project: cbuild.Project; readonly role: iam.IRole; constructor(scope: Construct, id: string, props: PublishToPyPiProps); addToPipeline(stage: cpipeline.IStage, id: string, options: AddToPipelineOptions): void; } /** * Props for Go publishing. */ export interface PublishToGolangProps { /** * Identifier of the secret that contains the GitHub personal access token * used to push the go code to the github repository defined by it's name. * * @see https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token */ readonly githubTokenSecret: permissions.ExternalSecret; /** * Username to perform the commit with. */ readonly gitUserName: string; /** * Email to perform the commit with. */ readonly gitUserEmail: string; /** * Set to "true" for a dry run. * @default false */ readonly dryRun?: boolean; /** * Module version. * * @default - Defaults to the value in the 'version' file of the module * directory. Fails if it doesn't exist. */ readonly version?: string; /** * Branch to push to. * * @default "main" */ readonly gitBranch?: string; /** * The commit message. * * @default "chore(release): $VERSION" */ readonly gitCommitMessage?: string; /** * The prefix under which to record the fact that the publish step executed * * This will write `<prefix>/version` and `<prefix>/timestamp` variables * * @default - no SSM parameters */ ssmPrefix?: string; /** * Description for the CodeBuild project * * @default - No description */ description?: string; } /** * Pushes a directory of golang modules to a GitHub repository. */ export declare class PublishToGolang extends Construct { readonly project: cbuild.Project; readonly role: iam.IRole; constructor(scope: Construct, id: string, props: PublishToGolangProps); addToPipeline(stage: cpipeline.IStage, id: string, options: AddToPipelineOptions): void; }