From e08e4c36f09f8d20956a47fce99b7328ae715086 Mon Sep 17 00:00:00 2001 From: Konstantin Zarudaev Date: Thu, 11 Jan 2024 14:53:37 +0100 Subject: [PATCH] Update pipeline and test examples --- lib/pipeline-stack.ts | 2 + test/pipeline-stack.test.ts | 98 ++++++++++++++++++++++++++++++------- 2 files changed, 83 insertions(+), 17 deletions(-) diff --git a/lib/pipeline-stack.ts b/lib/pipeline-stack.ts index f0302fa..2f5dc5d 100644 --- a/lib/pipeline-stack.ts +++ b/lib/pipeline-stack.ts @@ -24,6 +24,8 @@ export class CodePipelineStack extends Stack { }) const pipeline = new CodePipeline(this, 'Pipeline', { + crossAccountKeys: true, + enableKeyRotation: true, synth: new ShellStep('Synth', { input: CodePipelineSource.codeCommit(repo, 'main'), installCommands: [ diff --git a/test/pipeline-stack.test.ts b/test/pipeline-stack.test.ts index 6f479c8..5d86ab7 100644 --- a/test/pipeline-stack.test.ts +++ b/test/pipeline-stack.test.ts @@ -1,25 +1,89 @@ import * as cdk from 'aws-cdk-lib' -import { Template } from 'aws-cdk-lib/assertions' +import { Match, Template } from 'aws-cdk-lib/assertions' import { CodePipelineStack } from '../lib/pipeline-stack' -const app = new cdk.App() -const stack = new CodePipelineStack(app, 'CodePipeline') -const template = Template.fromStack(stack) +describe('Unit tests for the pipeline stack', () => { + const app = new cdk.App() + const stack = new CodePipelineStack(app, 'CodePipeline') + const template = Template.fromStack(stack) -// Execute tests for CodePipeline template -test('Pipeline restarts on update', () => { - // Assessment - template.hasResourceProperties('AWS::CodePipeline::Pipeline', { - RestartExecutionOnUpdate: true + // Execute tests for CodePipeline template + test('Pipeline restarts on update', () => { + template.hasResourceProperties('AWS::CodePipeline::Pipeline', { + RestartExecutionOnUpdate: true + }) }) -}) -test('There are 8 CodeBuild objects in use', () => { - // Assessment - template.resourceCountIs('AWS::CodeBuild::Project', 8) -}) + test('Key rotation is enabled', () => { + template.hasResourceProperties('AWS::KMS::Key', { + EnableKeyRotation: true + }) + }) + + test('Pipeline source settings', () => { + template.hasResourceProperties('AWS::CodePipeline::Pipeline', { + Stages: Match.arrayWith([ + { + Actions: [{ + ActionTypeId: { + Category: 'Source', + Owner: 'AWS', + Provider: 'CodeCommit', + Version: '1' + }, + Configuration: { + BranchName: 'main', + PollForSourceChanges: false, + RepositoryName: Match.anyValue() + }, + Name: Match.anyValue(), + OutputArtifacts: Match.anyValue(), + RoleArn: Match.anyValue(), + RunOrder: 1 + }], + Name: 'Source' + }] + ) + }) + }) + + test('Pipeline build settings', () => { + template.hasResourceProperties('AWS::CodePipeline::Pipeline', { + Stages: Match.arrayWith([ + { + Actions: [{ + ActionTypeId: { + Category: 'Build', + Owner: 'AWS', + Provider: 'CodeBuild', + Version: '1' + }, + Configuration: Match.anyValue(), + InputArtifacts: Match.anyValue(), + Name: 'Synth', + OutputArtifacts: [{ Name: 'Synth_Output' }], + RoleArn: Match.anyValue(), + RunOrder: 1 + }], + Name: 'Build' + }] + ) + }) + }) + + // Summary checks + test('Expected number of the CodeBuild objects', () => { + const expectedValue = 8 + template.resourceCountIs('AWS::CodeBuild::Project', expectedValue) + }) -test('CodePipeline has repository name in output', () => { - // Assessment - template.hasOutput('RepositoryName', '') + test('Expected number of the S3 buckets', () => { + const expectedValue = 1 + template.resourceCountIs('AWS::S3::Bucket', expectedValue) + }) + + test('Expected number of IAM roles', () => { + const expectedValue = 12 + template.resourceCountIs('AWS::IAM::Role', expectedValue) + }) })