diff --git a/test/__snapshots__/github-custom-resource.test.ts.snap b/test/__snapshots__/github-custom-resource.test.ts.snap new file mode 100644 index 00000000..7ae92bd3 --- /dev/null +++ b/test/__snapshots__/github-custom-resource.test.ts.snap @@ -0,0 +1,265 @@ +// Jest Snapshot v1, https://goo.gl/fbAQLP + +exports[`GithubCustomResource Should match snapshot 1`] = ` +Object { + "Parameters": Object { + "BootstrapVersion": Object { + "Default": "/cdk-bootstrap/hnb659fds/version", + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]", + "Type": "AWS::SSM::Parameter::Value", + }, + }, + "Resources": Object { + "CR82938520": Object { + "DeletionPolicy": "Delete", + "Properties": Object { + "Auth": Object { + "secret": Object { + "Ref": "githubAuthSecret3F829E4A", + }, + "strategy": "auth-app", + }, + "ServiceToken": Object { + "Fn::GetAtt": Array [ + "cdkgithubGithubCustomResourceProviderframeworkonEventDEFFE21F", + "Arn", + ], + }, + }, + "Type": "AWS::CloudFormation::CustomResource", + "UpdateReplacePolicy": "Delete", + }, + "cdkgithubGithubCustomResourceProviderOnEventHandler546D7A7A": Object { + "DependsOn": Array [ + "cdkgithubGithubCustomResourceProviderOnEventHandlerServiceRoleDefaultPolicy6B483CB6", + "cdkgithubGithubCustomResourceProviderOnEventHandlerServiceRole6B0C05F6", + ], + "Properties": Object { + "Code": Object { + "S3Bucket": Object { + "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", + }, + "S3Key": "4babd074a663342a9636c609081fd08a3dfa53a825ee8b6883752c0ddb3ff1cc.zip", + }, + "Description": "src/custom-resource-provider/handler.lambda.ts", + "Environment": Object { + "Variables": Object { + "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1", + }, + }, + "Handler": "index.handler", + "Role": Object { + "Fn::GetAtt": Array [ + "cdkgithubGithubCustomResourceProviderOnEventHandlerServiceRole6B0C05F6", + "Arn", + ], + }, + "Runtime": "nodejs14.x", + "Timeout": 600, + }, + "Type": "AWS::Lambda::Function", + }, + "cdkgithubGithubCustomResourceProviderOnEventHandlerServiceRole6B0C05F6": Object { + "Properties": Object { + "AssumeRolePolicyDocument": Object { + "Statement": Array [ + Object { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": Object { + "Service": "lambda.amazonaws.com", + }, + }, + ], + "Version": "2012-10-17", + }, + "ManagedPolicyArns": Array [ + Object { + "Fn::Join": Array [ + "", + Array [ + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", + ], + ], + }, + ], + }, + "Type": "AWS::IAM::Role", + }, + "cdkgithubGithubCustomResourceProviderOnEventHandlerServiceRoleDefaultPolicy6B483CB6": Object { + "Properties": Object { + "PolicyDocument": Object { + "Statement": Array [ + Object { + "Action": Array [ + "secretsmanager:GetSecretValue", + "secretsmanager:DescribeSecret", + ], + "Effect": "Allow", + "Resource": Object { + "Ref": "githubAuthSecret3F829E4A", + }, + }, + ], + "Version": "2012-10-17", + }, + "PolicyName": "cdkgithubGithubCustomResourceProviderOnEventHandlerServiceRoleDefaultPolicy6B483CB6", + "Roles": Array [ + Object { + "Ref": "cdkgithubGithubCustomResourceProviderOnEventHandlerServiceRole6B0C05F6", + }, + ], + }, + "Type": "AWS::IAM::Policy", + }, + "cdkgithubGithubCustomResourceProviderframeworkonEventDEFFE21F": Object { + "DependsOn": Array [ + "cdkgithubGithubCustomResourceProviderframeworkonEventServiceRoleDefaultPolicy22CCEF1E", + "cdkgithubGithubCustomResourceProviderframeworkonEventServiceRoleAD410639", + ], + "Properties": Object { + "Code": Object { + "S3Bucket": Object { + "Fn::Sub": "cdk-hnb659fds-assets-\${AWS::AccountId}-\${AWS::Region}", + }, + "S3Key": "6ff23d2800aac27308e31c227529dc13854507c3b2598d2433fcf82604fa054d.zip", + }, + "Description": "AWS CDK resource provider framework - onEvent (GithubTestStack/cdk-github.GithubCustomResourceProvider/Provider)", + "Environment": Object { + "Variables": Object { + "USER_ON_EVENT_FUNCTION_ARN": Object { + "Fn::GetAtt": Array [ + "cdkgithubGithubCustomResourceProviderOnEventHandler546D7A7A", + "Arn", + ], + }, + }, + }, + "Handler": "framework.onEvent", + "Role": Object { + "Fn::GetAtt": Array [ + "cdkgithubGithubCustomResourceProviderframeworkonEventServiceRoleAD410639", + "Arn", + ], + }, + "Runtime": "nodejs14.x", + "Timeout": 900, + }, + "Type": "AWS::Lambda::Function", + }, + "cdkgithubGithubCustomResourceProviderframeworkonEventServiceRoleAD410639": Object { + "Properties": Object { + "AssumeRolePolicyDocument": Object { + "Statement": Array [ + Object { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": Object { + "Service": "lambda.amazonaws.com", + }, + }, + ], + "Version": "2012-10-17", + }, + "ManagedPolicyArns": Array [ + Object { + "Fn::Join": Array [ + "", + Array [ + "arn:", + Object { + "Ref": "AWS::Partition", + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", + ], + ], + }, + ], + }, + "Type": "AWS::IAM::Role", + }, + "cdkgithubGithubCustomResourceProviderframeworkonEventServiceRoleDefaultPolicy22CCEF1E": Object { + "Properties": Object { + "PolicyDocument": Object { + "Statement": Array [ + Object { + "Action": "lambda:InvokeFunction", + "Effect": "Allow", + "Resource": Array [ + Object { + "Fn::GetAtt": Array [ + "cdkgithubGithubCustomResourceProviderOnEventHandler546D7A7A", + "Arn", + ], + }, + Object { + "Fn::Join": Array [ + "", + Array [ + Object { + "Fn::GetAtt": Array [ + "cdkgithubGithubCustomResourceProviderOnEventHandler546D7A7A", + "Arn", + ], + }, + ":*", + ], + ], + }, + ], + }, + ], + "Version": "2012-10-17", + }, + "PolicyName": "cdkgithubGithubCustomResourceProviderframeworkonEventServiceRoleDefaultPolicy22CCEF1E", + "Roles": Array [ + Object { + "Ref": "cdkgithubGithubCustomResourceProviderframeworkonEventServiceRoleAD410639", + }, + ], + }, + "Type": "AWS::IAM::Policy", + }, + "githubAuthSecret3F829E4A": Object { + "DeletionPolicy": "Delete", + "Properties": Object { + "Description": "GithubAppAuthSecret", + "GenerateSecretString": Object {}, + }, + "Type": "AWS::SecretsManager::Secret", + "UpdateReplacePolicy": "Delete", + }, + }, + "Rules": Object { + "CheckBootstrapVersion": Object { + "Assertions": Array [ + Object { + "Assert": Object { + "Fn::Not": Array [ + Object { + "Fn::Contains": Array [ + Array [ + "1", + "2", + "3", + "4", + "5", + ], + Object { + "Ref": "BootstrapVersion", + }, + ], + }, + ], + }, + "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI.", + }, + ], + }, + }, +} +`; diff --git a/test/github-custom-resource.test.ts b/test/github-custom-resource.test.ts index e78ec0f2..444cfd92 100644 --- a/test/github-custom-resource.test.ts +++ b/test/github-custom-resource.test.ts @@ -1,3 +1,53 @@ +import { App, Stack } from "aws-cdk-lib"; +import { Match, Template } from "aws-cdk-lib/assertions"; +import { Secret } from "aws-cdk-lib/aws-secretsmanager"; +import { Construct } from "constructs"; +import { AuthOptions } from "../src/auth"; +import { GithubCustomResource } from "../src/github-custom-resource"; + describe("GithubCustomResource", () => { - it("", () => {}); + it("Should match snapshot", () => { + // Given + const app = new App(); + const stack = new GithubCustomResourceTestStack(app, "GithubTestStack"); + + // When + const template = Template.fromStack(stack); + + // Then + expect(template).toMatchSnapshot(); + }); + + it("Should contain GithubCustomResource with appAuth", () => { + // Given + const app = new App(); + const stack = new GithubCustomResourceTestStack(app, "GithubTestStack"); + + // When + const template = Template.fromStack(stack); + + // Then + template.hasResourceProperties("AWS::SecretsManager::Secret", { Description: "GithubAppAuthSecret" }); + template.hasResourceProperties("AWS::CloudFormation::CustomResource", { + Auth: { + secret: { + Ref: Match.stringLikeRegexp("githubAuthSecret"), + }, + strategy: "auth-app", + }, + }); + }); }); + +class GithubCustomResourceTestStack extends Stack { + constructor(scope: Construct, id: string) { + super(scope, id); + + const secret = new Secret(this, "githubAuthSecret", { + description: "GithubAppAuthSecret", + }); + new GithubCustomResource(this, "CR", { + authOptions: AuthOptions.appAuth(secret), + }); + } +}