- Added CodeBuild Artifacts configuration

waterbear-cloud · Jan 31, 2022 · 9cbe79c · 9cbe79c
1 parent 4b0161f
commit 9cbe79c
Show file tree

Hide file tree

Showing 2 changed files with 51 additions and 34 deletions.
diff --git a/src/paco/application/reseng_deploymentpipeline.py b/src/paco/application/reseng_deploymentpipeline.py
@@ -545,14 +545,14 @@ def init_resource(self):
         else:
             self.pipeline_account_ctx = self.account_ctx
 
-        if self.resource.configuration.disable_codepipeline == False:
-            # S3 Artifacts Bucket:
-            s3_ctl = self.paco_ctx.get_controller('S3')
-            s3_bucket = get_model_obj_from_ref(self.pipeline.configuration.artifacts_bucket, self.paco_ctx.project)
-            self.artifacts_bucket_meta['obj'] = s3_bucket
-            self.artifacts_bucket_meta['ref'] = self.pipeline.configuration.artifacts_bucket
-            self.artifacts_bucket_meta['arn'] = s3_ctl.get_bucket_arn(self.artifacts_bucket_meta['ref'])
-            self.artifacts_bucket_meta['name'] = s3_bucket.get_bucket_name()
+        # S3 Artifacts Bucket:
+        s3_ctl = self.paco_ctx.get_controller('S3')
+        s3_bucket = get_model_obj_from_ref(self.pipeline.configuration.artifacts_bucket, self.paco_ctx.project)
+
+        self.artifacts_bucket_meta['obj'] = s3_bucket
+        self.artifacts_bucket_meta['ref'] = self.pipeline.configuration.artifacts_bucket
+        self.artifacts_bucket_meta['arn'] = s3_ctl.get_bucket_arn(self.artifacts_bucket_meta['ref'])
+        self.artifacts_bucket_meta['name'] = s3_bucket.get_bucket_name()
 
         # Resource can be in a Service or an Environment
         if hasattr(self, 'env_ctx'):

diff --git a/src/paco/cftemplates/codebuild.py b/src/paco/cftemplates/codebuild.py
@@ -36,19 +36,25 @@ def __init__(self, stack, paco_ctx, env_ctx, base_aws_name, app_name, action_con
             description='The name to prefix resource names.',
             value=self.res_name_prefix,
         )
+        self.enable_artifacts_bucket = True
         if pipeline_config.configuration.disable_codepipeline == False:
             self.cmk_arn_param = self.create_cfn_parameter(
                 param_type='String',
                 name='CMKArn',
                 description='The KMS CMK Arn of the key used to encrypt deployment artifacts.',
                 value=pipeline_config.paco_ref + '.kms.arn',
             )
+        elif action_config.artifacts == None or action_config.artifacts.type == 'NO_ARTIFACTS':
+            self.enable_artifacts_bucket = False
+
+        if self.enable_artifacts_bucket:
             self.artifacts_bucket_name_param = self.create_cfn_parameter(
                 param_type='String',
                 name='ArtifactsBucketName',
                 description='The name of the S3 Bucket to create that will hold deployment artifacts',
                 value=artifacts_bucket_name,
             )
+
         self.codebuild_project_res = self.create_codebuild_cfn(
             template,
             pipeline_config,
@@ -157,8 +163,8 @@ def create_codebuild_cfn(
 
         # Project Policy
         policy_statements = []
-        if pipeline_config.configuration.disable_codepipeline == False:
-            policy_statements.extend([
+        if self.enable_artifacts_bucket:
+            policy_statements.append(
                 Statement(
                     Sid='S3Access',
                     Effect=Allow,
@@ -176,15 +182,18 @@ def create_codebuild_cfn(
                         troposphere.Sub('arn:aws:s3:::${ArtifactsBucketName}'),
                         troposphere.Sub('arn:aws:s3:::${ArtifactsBucketName}/*'),
                     ]
-                ),
+                )
+            )
+        if pipeline_config.configuration.disable_codepipeline == False:
+            policy_statements.append(
                 Statement(
                     Sid='KMSCMK',
                     Effect=Allow,
                     Action=[
                         Action('kms', '*')
                     ],
                     Resource=[ troposphere.Ref(self.cmk_arn_param) ]
-                )]
+                )
             )
         policy_statements.append(
             Statement(
@@ -407,15 +416,19 @@ def create_codebuild_cfn(
             }
         ]
         if pipeline_config.configuration.disable_codepipeline == False:
-            codebuild_env_vars.extend([
+            codebuild_env_vars.append(
                 {
-                    'Name': 'ArtifactsBucket',
-                    'Value': troposphere.Ref(self.artifacts_bucket_name_param),
-                }, {
                     'Name': 'KMSKey',
                     'Value': troposphere.Ref(self.cmk_arn_param)
                 }
-            ])
+            )
+        if self.enable_artifacts_bucket:
+            codebuild_env_vars.append(
+                {
+                    'Name': 'ArtifactsBucket',
+                    'Value': troposphere.Ref(self.artifacts_bucket_name_param),
+                }
+            )
         # If ECS Release Phase, then add the config to the environment
         release_phase = action_config.release_phase
         if release_phase != None and release_phase.ecs != None:
@@ -432,16 +445,6 @@ def create_codebuild_cfn(
                 idx += 1
 
         # CodeBuild: Environment
-        source = troposphere.codebuild.Source(
-            Type='CODEPIPELINE',
-        )
-        if action_config.buildspec != None and action_config.buildspec != '':
-            source = troposphere.codebuild.Source(
-                Type='CODEPIPELINE',
-                BuildSpec=action_config.buildspec,
-            )
-
-
         project_dict = {
             'Name': troposphere.Ref(self.resource_name_prefix_param),
             'Artifacts': {
@@ -474,14 +477,28 @@ def create_codebuild_cfn(
                 'Type': 'CODEPIPELINE'
             }
             project_dict['Source']['Type'] = 'CODEPIPELINE'
-        elif action_config.source.github != None:
-            project_dict['Source']['Type'] = 'GITHUB'
-            project_dict['Source']['Location'] = action_config.source.github.location
-            project_dict['Source']['ReportBuildStatus'] = action_config.source.github.report_build_status
-            if action_config.source.github.deployment_branch_name != None:
-                project_dict['SourceVersion'] = action_config.source.github.deployment_branch_name
         else:
-            raise PacoException("CodeBuild source must be configured when Codepipeline is disabled.")
+            if action_config.artifacts == None or action_config.artifacts.type == 'NO_ARTIFACTS':
+                project_dict['Artifacts'] = {
+                    'Type': 'NO_ARTIFACTS',
+                }
+            else:
+                project_dict['Artifacts'] = {
+                    'Type': action_config.artifacts.type,
+                    'Location': troposphere.Ref(self.artifacts_bucket_name_param),
+                    'Path': action_config.artifacts.path,
+                    'NamespaceType': action_config.artifacts.namespace_type,
+                    'Packaging': action_config.artifacts.packaging,
+                    'Name': action_config.artifacts.name
+                }
+            if action_config.source.github != None:
+                project_dict['Source']['Type'] = 'GITHUB'
+                project_dict['Source']['Location'] = action_config.source.github.location
+                project_dict['Source']['ReportBuildStatus'] = action_config.source.github.report_build_status
+                if action_config.source.github.deployment_branch_name != None:
+                    project_dict['SourceVersion'] = action_config.source.github.deployment_branch_name
+            else:
+                raise PacoException("CodeBuild source must be configured when Codepipeline is disabled.")
 
         if action_config.concurrent_build_limit > 0:
             project_dict['ConcurrentBuildLimit'] = action_config.concurrent_build_limit