/
legacy.ts
223 lines (190 loc) · 8.08 KB
/
legacy.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
import * as cxschema from '@aws-cdk/cloud-assembly-schema';
import * as cxapi from '@aws-cdk/cx-api';
import { DockerImageAssetLocation, DockerImageAssetSource, FileAssetLocation, FileAssetSource } from '../assets';
import { Fn } from '../cfn-fn';
import { Construct, ISynthesisSession } from '../construct-compat';
import { FileAssetParameters } from '../private/asset-parameters';
import { Stack } from '../stack';
import { assertBound } from './_shared';
import { StackSynthesizer } from './stack-synthesizer';
/**
* The well-known name for the docker image asset ECR repository. All docker
* image assets will be pushed into this repository with an image tag based on
* the source hash.
*/
const ASSETS_ECR_REPOSITORY_NAME = 'aws-cdk/assets';
/**
* This allows users to work around the fact that the ECR repository is
* (currently) not configurable by setting this context key to their desired
* repository name. The CLI will auto-create this ECR repository if it's not
* already created.
*/
const ASSETS_ECR_REPOSITORY_NAME_OVERRIDE_CONTEXT_KEY = 'assets-ecr-repository-name';
/**
* Use the CDK classic way of referencing assets
*
* This synthesizer will generate CloudFormation parameters for every referenced
* asset, and use the CLI's current credentials to deploy the stack.
*
* - It does not support cross-account deployment (the CLI must have credentials
* to the account you are trying to deploy to).
* - It cannot be used with **CDK Pipelines**. To deploy using CDK Pipelines,
* you must use the `DefaultStackSynthesizer`.
* - Each asset will take up a CloudFormation Parameter in your template. Keep in
* mind that there is a maximum of 200 parameters in a CloudFormation template.
* To use determinstic asset locations instead, use `CliCredentialsStackSynthesizer`.
*
* Be aware that your CLI credentials must be valid for the duration of the
* entire deployment. If you are using session credentials, make sure the
* session lifetime is long enough.
*
* This is the only StackSynthesizer that supports customizing asset behavior
* by overriding `Stack.addFileAsset()` and `Stack.addDockerImageAsset()`.
*/
export class LegacyStackSynthesizer extends StackSynthesizer {
private stack?: Stack;
private cycle = false;
/**
* Includes all parameters synthesized for assets (lazy).
*/
private _assetParameters?: Construct;
/**
* The image ID of all the docker image assets that were already added to this
* stack (to avoid duplication).
*/
private readonly addedImageAssets = new Set<string>();
public bind(stack: Stack): void {
if (this.stack !== undefined) {
throw new Error('A StackSynthesizer can only be used for one Stack: create a new instance to use with a different Stack');
}
this.stack = stack;
}
public addFileAsset(asset: FileAssetSource): FileAssetLocation {
assertBound(this.stack);
// Backwards compatibility hack. We have a number of conflicting goals here:
//
// - We want put the actual logic in this class
// - We ALSO want to keep supporting people overriding Stack.addFileAsset (for backwards compatibility,
// because that mechanism is currently used to make CI/CD scenarios work)
// - We ALSO want to allow both entry points from user code (our own framework
// code will always call stack.deploymentMechanism.addFileAsset() but existing users
// may still be calling `stack.addFileAsset()` directly.
//
// Solution: delegate call to the stack, but if the stack delegates back to us again
// then do the actual logic.
//
// @deprecated: this can be removed for v2
if (this.cycle) {
return this.doAddFileAsset(asset);
}
this.cycle = true;
try {
const stack = this.stack;
return withoutDeprecationWarnings(() => stack.addFileAsset(asset));
} finally {
this.cycle = false;
}
}
public addDockerImageAsset(asset: DockerImageAssetSource): DockerImageAssetLocation {
assertBound(this.stack);
// See `addFileAsset` for explanation.
// @deprecated: this can be removed for v2
if (this.cycle) {
return this.doAddDockerImageAsset(asset);
}
this.cycle = true;
try {
const stack = this.stack;
return withoutDeprecationWarnings(() => stack.addDockerImageAsset(asset));
} finally {
this.cycle = false;
}
}
/**
* Synthesize the associated stack to the session
*/
public synthesize(session: ISynthesisSession): void {
assertBound(this.stack);
this.synthesizeStackTemplate(this.stack, session);
// Just do the default stuff, nothing special
this.emitStackArtifact(this.stack, session);
}
private doAddDockerImageAsset(asset: DockerImageAssetSource): DockerImageAssetLocation {
assertBound(this.stack);
// check if we have an override from context
const repositoryNameOverride = this.stack.node.tryGetContext(ASSETS_ECR_REPOSITORY_NAME_OVERRIDE_CONTEXT_KEY);
const repositoryName = asset.repositoryName ?? repositoryNameOverride ?? ASSETS_ECR_REPOSITORY_NAME;
const imageTag = asset.sourceHash;
const assetId = asset.sourceHash;
// only add every image (identified by source hash) once for each stack that uses it.
if (!this.addedImageAssets.has(assetId)) {
if (!asset.directoryName) {
throw new Error(`LegacyStackSynthesizer does not support this type of file asset: ${JSON.stringify(asset)}`);
}
const metadata: cxschema.ContainerImageAssetMetadataEntry = {
repositoryName,
imageTag,
id: assetId,
packaging: 'container-image',
path: asset.directoryName,
sourceHash: asset.sourceHash,
buildArgs: asset.dockerBuildArgs,
target: asset.dockerBuildTarget,
file: asset.dockerFile,
networkMode: asset.networkMode,
platform: asset.platform,
};
this.stack.node.addMetadata(cxschema.ArtifactMetadataEntryType.ASSET, metadata);
this.addedImageAssets.add(assetId);
}
return {
imageUri: `${this.stack.account}.dkr.ecr.${this.stack.region}.${this.stack.urlSuffix}/${repositoryName}:${imageTag}`,
repositoryName,
};
}
private doAddFileAsset(asset: FileAssetSource): FileAssetLocation {
assertBound(this.stack);
let params = this.assetParameters.node.tryFindChild(asset.sourceHash) as FileAssetParameters;
if (!params) {
params = new FileAssetParameters(this.assetParameters, asset.sourceHash);
if (!asset.fileName || !asset.packaging) {
throw new Error(`LegacyStackSynthesizer does not support this type of file asset: ${JSON.stringify(asset)}`);
}
const metadata: cxschema.FileAssetMetadataEntry = {
path: asset.fileName,
id: asset.sourceHash,
packaging: asset.packaging,
sourceHash: asset.sourceHash,
s3BucketParameter: params.bucketNameParameter.logicalId,
s3KeyParameter: params.objectKeyParameter.logicalId,
artifactHashParameter: params.artifactHashParameter.logicalId,
};
this.stack.node.addMetadata(cxschema.ArtifactMetadataEntryType.ASSET, metadata);
}
const bucketName = params.bucketNameParameter.valueAsString;
// key is prefix|postfix
const encodedKey = params.objectKeyParameter.valueAsString;
const s3Prefix = Fn.select(0, Fn.split(cxapi.ASSET_PREFIX_SEPARATOR, encodedKey));
const s3Filename = Fn.select(1, Fn.split(cxapi.ASSET_PREFIX_SEPARATOR, encodedKey));
const objectKey = `${s3Prefix}${s3Filename}`;
const httpUrl = `https://s3.${this.stack.region}.${this.stack.urlSuffix}/${bucketName}/${objectKey}`;
const s3ObjectUrl = `s3://${bucketName}/${objectKey}`;
return { bucketName, objectKey, httpUrl, s3ObjectUrl, s3Url: httpUrl };
}
private get assetParameters() {
assertBound(this.stack);
if (!this._assetParameters) {
this._assetParameters = new Construct(this.stack, 'AssetParameters');
}
return this._assetParameters;
}
}
function withoutDeprecationWarnings<A>(block: () => A): A {
const orig = process.env.JSII_DEPRECATED;
process.env.JSII_DEPRECATED = 'quiet';
try {
return block();
} finally {
process.env.JSII_DEPRECATED = orig;
}
}