From fa8ced31783f8a90db06334f6d945b751f9e3722 Mon Sep 17 00:00:00 2001
From: Simon Kok <sbkok@users.noreply.github.com>
Date: Wed, 9 Aug 2023 16:37:25 +0200
Subject: [PATCH] Fix ChatBot channel ref + add notification management
 permissions (#650)

**Why?**

The AWS Chatbot integration had an error that was introduced with the
refactoring in v3.2.0 release. This prevented ChatBot configurations to be
applied correctly.

Additionally, the pipeline creation process did not have the required
permissions to manage the pipeline notifications yet.

**What?**

Both issues are addressed in this change request.
---
 .../deployment/pipeline_management.yml              | 13 +++++++++++++
 .../shared/cdk/cdk_constructs/adf_chatbot.py        |  2 +-
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/pipeline_management.yml b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/pipeline_management.yml
index 4f41ec96f..0c710645b 100644
--- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/pipeline_management.yml
+++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/pipeline_management.yml
@@ -875,6 +875,19 @@ Resources:
                 Condition:
                   StringEquals:
                     'codestar-connections:PassedToService': 'codepipeline.amazonaws.com'
+              - Effect: Allow
+                Sid: "AllowChatBotOperations"
+                Action:
+                  - "codestar-notifications:CreateNotificationRule"
+                  - "codestar-notifications:DeleteNotificationRule"
+                  - "codestar-notifications:DescribeNotificationRule"
+                  - "codestar-notifications:ListNotificationRules"
+                  - "codestar-notifications:Subscribe"
+                  - "codestar-notifications:TagResource"
+                  - "codestar-notifications:Unsubscribe"
+                  - "codestar-notifications:UntagResource"
+                  - "codestar-notifications:UpdateNotificationRule"
+                Resource: "*"
               - Effect: Allow
                 Action:
                   - "events:PutRule"
diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/cdk/cdk_constructs/adf_chatbot.py b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/cdk/cdk_constructs/adf_chatbot.py
index a46aa8f9e..a7c0cc839 100644
--- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/cdk/cdk_constructs/adf_chatbot.py
+++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/cdk/cdk_constructs/adf_chatbot.py
@@ -47,7 +47,7 @@ def __init__(
         )
         pipeline_arn = (
             f"arn:{stack.partition}:codepipeline:{ADF_DEPLOYMENT_REGION}:"
-            "{ADF_DEPLOYMENT_ACCOUNT_ID}:{pipeline.ref}"
+            f"{ADF_DEPLOYMENT_ACCOUNT_ID}:{pipeline.ref}"
         )
         cp_notifications.CfnNotificationRule(
             scope,