Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[sdlf-cicd] github support as an alternative to codecommit #374

Merged
merged 1 commit into from
Aug 5, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 31 additions & 2 deletions deploy.sh
Original file line number Diff line number Diff line change
Expand Up @@ -170,6 +170,7 @@ devops_account () {
then
GIT_PLATFORM=CodeCommit
GITLAB=false
GITHUB=false
GLUE_JOB_DEPLOYER=false
LAMBDA_LAYER_BUILDER=false
MONITORING=false
Expand All @@ -180,6 +181,12 @@ devops_account () {
GITLAB=true
echo "Optional feature: GitLab"
fi
if printf "%s\0" "${FEATURES[@]}" | grep -Fxqz -- "github"
then
GIT_PLATFORM=GitHub
GITHUB=true
echo "Optional feature: GitHub"
fi
if printf "%s\0" "${FEATURES[@]}" | grep -Fxqz -- "gluejobdeployer"
then
GLUE_JOB_DEPLOYER=true
Expand All @@ -204,6 +211,7 @@ devops_account () {
echo "-f not specified, set all features to false by default" >&2
GIT_PLATFORM=CodeCommit
GITLAB=false
GITHUB=false
GLUE_JOB_DEPLOYER=false
LAMBDA_LAYER_BUILDER=false
MONITORING=false
Expand All @@ -223,7 +231,6 @@ devops_account () {
--parameter-overrides \
pDomainAccounts="$DOMAIN_ACCOUNTS" \
pGitPlatform="$GIT_PLATFORM" \
pEnableGitlab="$GITLAB" \
pEnableGlueJobDeployer="$GLUE_JOB_DEPLOYER" \
pEnableLambdaLayerBuilder="$LAMBDA_LAYER_BUILDER" \
pEnableMonitoring="$MONITORING" \
Expand All @@ -235,7 +242,7 @@ devops_account () {
template_protection "$STACK_NAME" "$REGION" "$DEVOPS_AWS_PROFILE"

ARTIFACTS_BUCKET=$(aws --region "$REGION" --profile "$DEVOPS_AWS_PROFILE" ssm get-parameter --name /SDLF/S3/DevOpsArtifactsBucket --query "Parameter.Value" --output text)
REPOSITORIES_TEMPLATE_FILE=$(test "$GITLAB" = true && echo "$DIRNAME"/sdlf-cicd/template-cicd-sdlf-repositories.gitlab.yaml || echo "$DIRNAME"/sdlf-cicd/template-cicd-sdlf-repositories.yaml)
REPOSITORIES_TEMPLATE_FILE="$DIRNAME/sdlf-cicd/template-cicd-sdlf-repositories.${GIT_PLATFORM,,}.yaml"
mkdir "$DIRNAME"/output
aws cloudformation package \
--s3-bucket "$ARTIFACTS_BUCKET" --s3-prefix template-cicd-sdlf-repositories \
Expand Down Expand Up @@ -287,6 +294,28 @@ devops_account () {
git push origin main:test
fi
popd || exit
elif "$GITHUB"
then
#GITHUB_ACCESSTOKEN=$(aws --region "$REGION" --profile "$DEVOPS_AWS_PROFILE" ssm get-parameter --with-decryption --name /SDLF/GitHub/AccessToken --query "Parameter.Value" --output text)
GITHUB_REPOSITORY_URL="https://github.com/$REPOSITORY.git"

if [ "$REPOSITORY" = "sdlf-main" ]
then
mkdir sdlf-main
cp sdlf-cicd/README.md sdlf-main/
fi
pushd "$REPOSITORY" || exit
if [ ! -d .git ] # if .git exists, deploy.sh has likely been run before - do not try to push the base repositories
then
git init
git remote add origin "$GITHUB_REPOSITORY_URL" || exit 1
git add .
git commit -m "initial commit"
git push origin main || exit 1
git push origin main:dev
git push origin main:test
fi
popd || exit
else
latest_commit=$(aws --region "$REGION" --profile "$DEVOPS_AWS_PROFILE" codecommit get-branch --repository-name "$REPOSITORY" --branch-name main --query "branch.commitId" --output text)
aws --region "$REGION" --profile "$DEVOPS_AWS_PROFILE" codecommit create-branch --repository-name "$REPOSITORY" --branch-name dev --commit-id "$latest_commit"
Expand Down
36 changes: 18 additions & 18 deletions sdlf-cicd/nested-stacks/template-cicd-modules-pipelines.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ Parameters:
pGitPlatform:
Description: Platform used to host git repositories
Type: String
AllowedValues: [CodeCommit, GitLab]
AllowedValues: [CodeCommit, GitLab, GitHub]

Mappings:
pCodeCommitBranch:
Expand All @@ -41,8 +41,8 @@ Mappings:
branch: main

Conditions:
CodeCommitNoGitLab: !Equals [!Ref pGitPlatform, "CodeCommit"]
GitLabNoCodeCommit: !Equals [!Ref pGitPlatform, "GitLab"]
GitPlatformCodeCommit: !Equals [!Ref pGitPlatform, "CodeCommit"]
GitPlatformNoCodeCommit: !Not [!Equals [!Ref pGitPlatform, "CodeCommit"]]

Resources:
rMainRepositoryCodePipelineRole:
Expand All @@ -60,10 +60,10 @@ Resources:
Policies:
- PolicyName: root
PolicyDocument:
Version: 2012-10-17
Version: "2012-10-17"
Statement:
- !If
- CodeCommitNoGitLab
- GitPlatformCodeCommit
- Effect: Allow
Action:
- codecommit:GetBranch
Expand All @@ -78,7 +78,7 @@ Resources:
- !Sub arn:${AWS::Partition}:codecommit:${AWS::Region}:${AWS::AccountId}:${pCicdRepository}
- !Ref "AWS::NoValue"
- !If
- GitLabNoCodeCommit
- GitPlatformNoCodeCommit
- Effect: Allow
Action:
- codeconnections:UseConnection
Expand All @@ -88,11 +88,11 @@ Resources:
Condition:
"ForAllValues:StringLikeIfExists":
"codeconnections:FullRepositoryId":
- !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pMainRepository}"
- !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pCicdRepository}"
- !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pMainRepository}"
- !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pCicdRepository}"
"codestar-connections:FullRepositoryId":
- !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pMainRepository}"
- !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pCicdRepository}"
- !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pMainRepository}"
- !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pCicdRepository}"
- !Ref "AWS::NoValue"
- Effect: Allow
Action:
Expand All @@ -112,7 +112,7 @@ Resources:
Resource: !Ref pKMSKey
- PolicyName: lambda-stages
PolicyDocument:
Version: 2012-10-17
Version: "2012-10-17"
Statement:
- Effect: Allow
Action:
Expand All @@ -135,7 +135,7 @@ Resources:
Stages:
- Name: Sources
Actions: !If
- CodeCommitNoGitLab
- GitPlatformCodeCommit
- - Name: SourceMain
ActionTypeId:
Category: Source
Expand Down Expand Up @@ -172,7 +172,7 @@ Resources:
- Name: SourceMainArtifact
Configuration:
ConnectionArn: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/CodeConnection}}"
FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pMainRepository}"
FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pMainRepository}"
BranchName: !FindInMap [pCodeCommitBranch, !Ref pEnvironment, branch]
OutputArtifactFormat: CODE_ZIP
RunOrder: 1
Expand All @@ -186,7 +186,7 @@ Resources:
- Name: SourceCicdArtifact
Configuration:
ConnectionArn: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/CodeConnection}}"
FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pCicdRepository}"
FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pCicdRepository}"
BranchName: !FindInMap [pCodeCommitBranch, !Ref pEnvironment, branch]
OutputArtifactFormat: CODE_ZIP
RunOrder: 1
Expand Down Expand Up @@ -261,10 +261,10 @@ Resources:

rMainRepositoryCodeCommitTriggerRole:
Type: AWS::IAM::Role
Condition: CodeCommitNoGitLab
Condition: GitPlatformCodeCommit
Properties:
AssumeRolePolicyDocument:
Version: 2012-10-17
Version: "2012-10-17"
Statement:
- Effect: Allow
Principal:
Expand All @@ -274,7 +274,7 @@ Resources:
Policies:
- PolicyName: sdlf-cicd-events-trigger
PolicyDocument:
Version: 2012-10-17
Version: "2012-10-17"
Statement:
- Effect: Allow
Action: codepipeline:StartPipelineExecution
Expand All @@ -283,7 +283,7 @@ Resources:

rMainRepositoryCodePipelineTriggerRule:
Type: AWS::Events::Rule
Condition: CodeCommitNoGitLab
Condition: GitPlatformCodeCommit
Properties:
EventPattern:
source:
Expand Down
40 changes: 20 additions & 20 deletions sdlf-cicd/template-cicd-domain.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -70,8 +70,8 @@ Mappings:
branch: main

Conditions:
CodeCommitNoGitLab: !Equals [!Ref pGitPlatform, "CodeCommit"]
GitLabNoCodeCommit: !Equals [!Ref pGitPlatform, "GitLab"]
GitPlatformCodeCommit: !Equals [!Ref pGitPlatform, "CodeCommit"]
GitPlatformNoCodeCommit: !Not [!Equals [!Ref pGitPlatform, "CodeCommit"]]
EnableMonitoring: !Equals [!Ref pEnableMonitoring, true]

Resources:
Expand All @@ -94,7 +94,7 @@ Resources:
Version: "2012-10-17"
Statement:
- !If
- CodeCommitNoGitLab
- GitPlatformCodeCommit
- Effect: Allow
Action:
- codecommit:GetBranch
Expand All @@ -115,7 +115,7 @@ Resources:
- !Ref AWS::NoValue
- !Ref "AWS::NoValue"
- !If
- GitLabNoCodeCommit
- GitPlatformNoCodeCommit
- Effect: Allow
Action:
- codeconnections:UseConnection
Expand All @@ -125,22 +125,22 @@ Resources:
Condition:
"ForAllValues:StringLikeIfExists":
"codeconnections:FullRepositoryId":
- !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pCicdRepository}"
- !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pFoundationsRepository}"
- !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pTeamRepository}"
- !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pMainRepository}"
- !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pCicdRepository}"
- !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pFoundationsRepository}"
- !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pTeamRepository}"
- !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pMainRepository}"
- !If
- EnableMonitoring
- !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/{{resolve:ssm:/SDLF/${pGitPlatform}/Monitoring${pGitPlatform}}}"
- !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/{{resolve:ssm:/SDLF/${pGitPlatform}/Monitoring${pGitPlatform}}}"
- !Ref AWS::NoValue
"codestar-connections:FullRepositoryId":
- !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pCicdRepository}"
- !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pFoundationsRepository}"
- !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pTeamRepository}"
- !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pMainRepository}"
- !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pCicdRepository}"
- !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pFoundationsRepository}"
- !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pTeamRepository}"
- !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pMainRepository}"
- !If
- EnableMonitoring
- !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/{{resolve:ssm:/SDLF/${pGitPlatform}/Monitoring${pGitPlatform}}}"
- !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/{{resolve:ssm:/SDLF/${pGitPlatform}/Monitoring${pGitPlatform}}}"
- !Ref AWS::NoValue
- !Ref "AWS::NoValue"
- Effect: Allow
Expand Down Expand Up @@ -182,7 +182,7 @@ Resources:
Stages:
- Name: Sources
Actions: !If
- CodeCommitNoGitLab
- GitPlatformCodeCommit
- - Name: sdlf-main
ActionTypeId:
Category: Source
Expand Down Expand Up @@ -264,7 +264,7 @@ Resources:
- Name: TemplateSource
Configuration:
ConnectionArn: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/CodeConnection}}"
FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pMainRepository}"
FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pMainRepository}"
BranchName: !FindInMap [pCodeCommitBranch, !Ref pEnvironment, branch]
OutputArtifactFormat: CODE_ZIP
RunOrder: 1
Expand All @@ -278,7 +278,7 @@ Resources:
- Name: SourceCicdArtifact
Configuration:
ConnectionArn: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/CodeConnection}}"
FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pCicdRepository}"
FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pCicdRepository}"
BranchName: !FindInMap [pCodeCommitBranch, !Ref pEnvironment, branch]
OutputArtifactFormat: CODE_ZIP
RunOrder: 1
Expand All @@ -292,7 +292,7 @@ Resources:
- Name: SourceFoundationsArtifact
Configuration:
ConnectionArn: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/CodeConnection}}"
FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pFoundationsRepository}"
FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pFoundationsRepository}"
BranchName: !FindInMap [pCodeCommitBranch, !Ref pEnvironment, branch]
OutputArtifactFormat: CODE_ZIP
RunOrder: 1
Expand All @@ -306,7 +306,7 @@ Resources:
- Name: SourceTeamArtifact
Configuration:
ConnectionArn: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/CodeConnection}}"
FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pTeamRepository}"
FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pTeamRepository}"
BranchName: !FindInMap [pCodeCommitBranch, !Ref pEnvironment, branch]
OutputArtifactFormat: CODE_ZIP
RunOrder: 1
Expand All @@ -322,7 +322,7 @@ Resources:
- Name: SourceMonitoringArtifact
Configuration:
ConnectionArn: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/CodeConnection}}"
FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/{{resolve:ssm:/SDLF/${pGitPlatform}/Monitoring${pGitPlatform}}}"
FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/{{resolve:ssm:/SDLF/${pGitPlatform}/Monitoring${pGitPlatform}}}"
BranchName: !FindInMap [pCodeCommitBranch, !Ref pEnvironment, branch]
OutputArtifactFormat: CODE_ZIP
RunOrder: 1
Expand Down
28 changes: 21 additions & 7 deletions sdlf-cicd/template-cicd-prerequisites.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -12,12 +12,8 @@ Parameters:
pGitPlatform:
Description: Platform used to host git repositories
Type: String
AllowedValues: [CodeCommit, GitLab]
AllowedValues: [CodeCommit, GitLab, GitHub]
Default: CodeCommit
pEnableGitlab:
Description: Use GitLab instead of CodeCommit for SDLF repositories
Type: String
Default: false
pEnableGlueJobDeployer:
Description: Enable Glue Job Deployer optional feature
Type: String
Expand All @@ -41,19 +37,37 @@ Conditions:
GovCloudPartition: !Equals
- !Sub ${AWS::Partition}
- aws-us-gov
GitPlatformGitLab: !Equals [!Ref pGitPlatform, "GitLab"]
GitPlatformGitHub: !Equals [!Ref pGitPlatform, "GitHub"]

Resources:
######## OPTIONAL SDLF FEATURES #########
# when enabling Gitlab support, /SDLF/GitLab/Url and /SDLF/GitLab/AccessToken are required too (as secure strings)
# when enabling GitLab support, /SDLF/GitLab/Url, /SDLF/GitLab/Group (containing the group or user name) and /SDLF/GitLab/AccessToken are required too (as secure strings)
# then enable GitLab::Projects::Project third-party resource type in CloudFormation Registry
rGitlabFeatureSsm:
Type: AWS::SSM::Parameter
Properties:
Name: /SDLF/GitLab/Enabled
Type: String
Value: !Ref pEnableGitlab
Value: !If
- GitPlatformGitLab
- true
- false
Description: Create repositories on GitLab instead of CodeCommit

# when enabling GitHub support, /SDLF/GitHub/Group (containing the org or user name) and /SDLF/GitHub/AccessToken are required too (as secure strings)
# then enable GitHub::Repositories::Repository third-party resource type in CloudFormation Registry
rGithubFeatureSsm:
Type: AWS::SSM::Parameter
Properties:
Name: /SDLF/GitHub/Enabled
Type: String
Value: !If
- GitPlatformGitHub
- true
- false
Description: Create repositories on GitHub instead of CodeCommit

rGitPlatformSsm:
Type: AWS::SSM::Parameter
Properties:
Expand Down
Loading
Loading