feat: make device UI own project

bifravst · Jul 23, 2019 · b13651e · b13651e
1 parent 1f30c57
commit b13651e
Show file tree

Hide file tree

Showing 16 changed files with 489 additions and 337 deletions.
diff --git a/cdk/apps/ContinuousDeployment.ts b/cdk/apps/ContinuousDeployment.ts
@@ -5,10 +5,17 @@ export class ContinuousDeploymentApp extends CloudFormation.App {
  public constructor(props: {
  stackId: string
  bifravstStackId: string
- owner: string
- repo: string
- branch: string
- app: {
+ bifravstAWS: {
+ owner: string
+ repo: string
+ branch: string
+ }
+ webApp: {
+ owner: string
+ repo: string
+ branch: string
+ }
+ deviceUI: {
  owner: string
  repo: string
  branch: string

diff --git a/cdk/cloudformation-cd.ts b/cdk/cloudformation-cd.ts
@@ -12,10 +12,16 @@ const pjson = JSON.parse(
 new ContinuousDeploymentApp({
  stackId: `${STACK_ID}-continuous-deployment`,
  bifravstStackId: STACK_ID,
- ...extractRepoAndOwner(pjson.repository.url),
- branch: pjson.deploy.branch || 'saga',
- app: {
- ...extractRepoAndOwner(pjson.deploy.app.repository),
- branch: pjson.deploy.app.branch || 'saga',
+ bifravstAWS: {
+ ...extractRepoAndOwner(pjson.repository.url),
+ branch: pjson.deploy.branch || 'saga',
+ },
+ webApp: {
+ ...extractRepoAndOwner(pjson.deploy.webApp.repository),
+ branch: pjson.deploy.webApp.branch || 'saga',
+ },
+ deviceUI: {
+ ...extractRepoAndOwner(pjson.deploy.deviceUI.repository),
+ branch: pjson.deploy.deviceUI.branch || 'saga',
  },
 }).synth()
diff --git a/cdk/resources/WebAppCD.ts b/cdk/resources/WebAppCD.ts
@@ -0,0 +1,204 @@
+import * as CloudFormation from '@aws-cdk/core'
+import * as IAM from '@aws-cdk/aws-iam'
+import * as CodeBuild from '@aws-cdk/aws-codebuild'
+import * as CodePipeline from '@aws-cdk/aws-codepipeline'
+import * as SSM from '@aws-cdk/aws-ssm'
+import * as S3 from '@aws-cdk/aws-s3'
+
+/**
+ * This sets up the continuous delivery for a web-app
+ */
+export class WebAppCD extends CloudFormation.Construct {
+ public constructor(
+ parent: CloudFormation.Stack,
+ id: string,
+ properties: {
+ bifravstAWS: {
+ owner: string
+ repo: string
+ branch: string
+ }
+ webApp: {
+ owner: string
+ repo: string
+ branch: string
+ }
+ bifravstStackId: string
+ githubToken: SSM.IStringParameter
+ buildSpec: string
+ },
+ ) {
+ super(parent, id)
+
+ const {
+ bifravstStackId,
+ bifravstAWS,
+ webApp,
+ githubToken,
+ buildSpec,
+ } = properties
+
+ const codeBuildRole = new IAM.Role(this, 'CodeBuildRole', {
+ assumedBy: new IAM.ServicePrincipal('codebuild.amazonaws.com'),
+ inlinePolicies: {
+ rootPermissions: new IAM.PolicyDocument({
+ statements: [
+ new IAM.PolicyStatement({
+ resources: ['*'],
+ actions: ['*'],
+ }),
+ ],
+ }),
+ },
+ })
+
+ const project = new CodeBuild.CfnProject(this, 'CodeBuildProject', {
+ name: id,
+ source: {
+ type: 'CODEPIPELINE',
+ buildSpec,
+ },
+ serviceRole: codeBuildRole.roleArn,
+ artifacts: {
+ type: 'CODEPIPELINE',
+ },
+ environment: {
+ type: 'LINUX_CONTAINER',
+ computeType: 'BUILD_GENERAL1_LARGE',
+ image: 'aws/codebuild/standard:2.0',
+ environmentVariables: [
+ {
+ name: 'STACK_ID',
+ value: bifravstStackId,
+ },
+ ],
+ },
+ })
+ project.node.addDependency(codeBuildRole)
+
+ const bucket = new S3.Bucket(this, 'bucket', {
+ removalPolicy: CloudFormation.RemovalPolicy.DESTROY,
+ })
+
+ const pipelineRole = new IAM.Role(this, 'CodePipelineRole', {
+ assumedBy: new IAM.ServicePrincipal('codepipeline.amazonaws.com'),
+ inlinePolicies: {
+ controlCodeBuild: new IAM.PolicyDocument({
+ statements: [
+ new IAM.PolicyStatement({
+ resources: [project.attrArn],
+ actions: ['codebuild:*'],
+ }),
+ ],
+ }),
+ writeToCDBucket: new IAM.PolicyDocument({
+ statements: [
+ new IAM.PolicyStatement({
+ resources: [bucket.bucketArn, `${bucket.bucketArn}/*`],
+ actions: ['s3:*'],
+ }),
+ ],
+ }),
+ },
+ })
+
+ const pipeline = new CodePipeline.CfnPipeline(this, 'CodePipeline', {
+ roleArn: pipelineRole.roleArn,
+ artifactStore: {
+ type: 'S3',
+ location: bucket.bucketName,
+ },
+ name: id,
+ stages: [
+ {
+ name: 'Source',
+ actions: [
+ {
+ name: 'BifravstAWSSourceCode',
+ actionTypeId: {
+ category: 'Source',
+ owner: 'ThirdParty',
+ version: '1',
+ provider: 'GitHub',
+ },
+ outputArtifacts: [
+ {
+ name: 'BifravstAWS',
+ },
+ ],
+ configuration: {
+ Branch: bifravstAWS.branch,
+ Owner: bifravstAWS.owner,
+ Repo: bifravstAWS.repo,
+ OAuthToken: githubToken.stringValue,
+ },
+ },
+ {
+ name: 'WebAppSourceCode',
+ actionTypeId: {
+ category: 'Source',
+ owner: 'ThirdParty',
+ version: '1',
+ provider: 'GitHub',
+ },
+ outputArtifacts: [
+ {
+ name: 'WebApp',
+ },
+ ],
+ configuration: {
+ Branch: webApp.branch,
+ Owner: webApp.owner,
+ Repo: webApp.repo,
+ OAuthToken: githubToken.stringValue,
+ },
+ },
+ ],
+ },
+ {
+ name: 'Deploy',
+ actions: [
+ {
+ name: 'DeployWebApp',
+ inputArtifacts: [{ name: 'BifravstAWS' }, { name: 'WebApp' }],
+ actionTypeId: {
+ category: 'Build',
+ owner: 'AWS',
+ version: '1',
+ provider: 'CodeBuild',
+ },
+ configuration: {
+ ProjectName: project.name,
+ PrimarySource: 'BifravstAWS',
+ },
+ outputArtifacts: [
+ {
+ name: 'BuildId',
+ },
+ ],
+ },
+ ],
+ },
+ ],
+ })
+ pipeline.node.addDependency(pipelineRole)
+
+ new CodePipeline.CfnWebhook(this, 'webhook', {
+ name: `${id}-InvokePipelineFromGitHubChange`,
+ targetPipeline: id,
+ targetPipelineVersion: 1,
+ targetAction: 'Source',
+ filters: [
+ {
+ jsonPath: '$.ref',
+ matchEquals: `refs/heads/${webApp.branch}`,
+ },
+ ],
+ authentication: 'GITHUB_HMAC',
+ authenticationConfiguration: {
+ secretToken: githubToken.stringValue,
+ },
+ registerWithThirdParty: false,
+ })
+ }
+}
diff --git a/cdk/resources/WebAppHosting.ts b/cdk/resources/WebAppHosting.ts
@@ -0,0 +1,72 @@
+import * as CloudFormation from '@aws-cdk/core'
+import * as CloudFront from '@aws-cdk/aws-cloudfront'
+import * as S3 from '@aws-cdk/aws-s3'
+
+/**
+ * This sets up the web hosting for a web app
+ */
+export class WebAppHosting extends CloudFormation.Resource {
+ public readonly bucket: S3.IBucket
+ public readonly distribution: CloudFront.CfnDistribution
+
+ public constructor(parent: CloudFormation.Stack, id: string) {
+ super(parent, id)
+
+ this.bucket = new S3.Bucket(this, 'bucket', {
+ publicReadAccess: true,
+ cors: [
+ {
+ allowedHeaders: ['*'],
+ allowedMethods: [S3.HttpMethods.GET],
+ allowedOrigins: ['*'],
+ exposedHeaders: ['Date'],
+ maxAge: 3600,
+ },
+ ],
+ removalPolicy: CloudFormation.RemovalPolicy.DESTROY,
+ websiteIndexDocument: 'index.html',
+ websiteErrorDocument: 'error.html',
+ })
+
+ this.distribution = new CloudFront.CfnDistribution(
+ this,
+ 'websiteDistribution',
+ {
+ distributionConfig: {
+ enabled: true,
+ priceClass: 'PriceClass_100',
+ defaultRootObject: 'index.html',
+ defaultCacheBehavior: {
+ allowedMethods: ['HEAD', 'GET', 'OPTIONS'],
+ cachedMethods: ['HEAD', 'GET'],
+ compress: true,
+ forwardedValues: {
+ queryString: true,
+ headers: [
+ 'Access-Control-Request-Headers',
+ 'Access-Control-Request-Method',
+ 'Origin',
+ ],
+ },
+ smoothStreaming: false,
+ targetOriginId: 'S3',
+ viewerProtocolPolicy: 'redirect-to-https',
+ },
+ ipv6Enabled: true,
+ viewerCertificate: {
+ cloudFrontDefaultCertificate: true,
+ },
+ origins: [
+ {
+ domainName: `${this.bucket.bucketName}.s3-website.${parent.region}.amazonaws.com`,
+ id: 'S3',
+ customOriginConfig: {
+ originProtocolPolicy: 'http-only',
+ },
+ },
+ ],
+ },
+ },
+ )
+ }
+}