From d6e1e6104145b9e7d5c1e5e219b7654508e43fa7 Mon Sep 17 00:00:00 2001 From: Andreas Falkenberg Date: Wed, 29 Mar 2023 07:14:43 +0200 Subject: [PATCH 1/7] fix: include all tests as part of pytest.ini --- .../adf-build/shared/helpers/requirements.txt | 2 ++ .../initial_commit/bootstrap_repository/pytest.ini | 4 +++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/helpers/requirements.txt b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/helpers/requirements.txt index 7524a24d6..93879ec20 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/helpers/requirements.txt +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/helpers/requirements.txt @@ -1,3 +1,5 @@ boto3==1.26.48 botocore==1.29.48 docopt~=0.6.2 +schema~=0.7.5 +pytest-env~=0.8.1 \ No newline at end of file diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/pytest.ini b/src/lambda_codebase/initial_commit/bootstrap_repository/pytest.ini index d31fa8349..ef9a21518 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/pytest.ini +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/pytest.ini @@ -1,3 +1,5 @@ [pytest] -testpaths = adf-build/tests adf-bootstrap/deployment/lambda_codebase/tests +env = + ACCOUNT_ID="123456789012" +testpaths = adf-build/tests adf-bootstrap/deployment/lambda_codebase/tests adf-build/shared/python/tests/ norecursedirs = adf-bootstrap/deployment/lambda_codebase/initial_commit adf-bootstrap/deployment/lambda_codebase/determine_default_branch adf-build/shared From 9e78cbedb34439e4fb97d4e02521c7ec1286174d Mon Sep 17 00:00:00 2001 From: Andreas Falkenberg Date: Wed, 7 Jun 2023 12:43:16 +0200 Subject: [PATCH 2/7] feat: set default scm codecommit account id --- docs/admin-guide.md | 7 ++++ docs/providers-guide.md | 4 ++- .../initial_commit/adfconfig.yml.j2 | 3 ++ .../create_or_update_rule.py | 35 ++++++++++++++++++- .../pipeline_management/create_repository.py | 31 +++++++++++++++- .../generate_pipeline_inputs.py | 6 ++++ .../deployment/pipeline_management.yml | 12 +++++++ .../bootstrap_repository/adf-build/main.py | 7 ++++ .../cdk/cdk_constructs/adf_codecommit.py | 27 ++++++++++++-- .../cdk/cdk_constructs/adf_codepipeline.py | 9 +++++ .../adf-build/shared/helpers/requirements.txt | 2 -- .../shared/python/schema_validation.py | 31 +++++++++++----- .../bootstrap_repository/pytest.ini | 4 +-- 13 files changed, 159 insertions(+), 19 deletions(-) diff --git a/docs/admin-guide.md b/docs/admin-guide.md index a782d5e92..19bb222a3 100644 --- a/docs/admin-guide.md +++ b/docs/admin-guide.md @@ -213,6 +213,13 @@ Config has five components in `main-notification-endpoint`, `scp`, `scm`, `main`. As new repositories will most likely use this branch name as their default branch. + - **default-scm-codecommit-account-id** allows you to configure the default account id that + should be used with all source-code management platforms that ADF supports. + If not set here, the deployment account id is taken as default value. + The CodeCommit account-id can be still be overwritten with an explicit account id in the individual deployment map. + The CodeCommit provider guide provides more details: [providers-guide.md.yml: CodeCommit](./providers-guide.md#codecommit). + + ## Accounts ### Management account diff --git a/docs/providers-guide.md b/docs/providers-guide.md index dcbda86be..843b5eb1c 100644 --- a/docs/providers-guide.md +++ b/docs/providers-guide.md @@ -63,11 +63,13 @@ Provider type: `codecommit`. #### Properties -- *account_id* - *(String)* **(required)** +- *account_id* - *(String)* **(optional)** - The AWS Account ID where the Source Repository is located. If the repository does not exist it will be created via AWS CloudFormation on the source account along with the associated cross account CloudWatch event action to trigger the pipeline. + - Additionally, the default account id for CodeCommit, can be set in [adfconfig.yml: config/scm/default-scm-codecommit-account-id](./admin-guide.md#adfconfig). + - If not set here in the provider and if not set in adfconfig.yml, the deployment account id will be used as default value. - *repository* - *(String)* defaults to name of the pipeline. - The AWS CodeCommit repository name. - *branch* - *(String)* default to configured [adfconfig.yml: config/scm/default-scm-branch](./admin-guide.md#adfconfig). diff --git a/src/lambda_codebase/initial_commit/adfconfig.yml.j2 b/src/lambda_codebase/initial_commit/adfconfig.yml.j2 index 2d70b36d2..beaa6f01a 100644 --- a/src/lambda_codebase/initial_commit/adfconfig.yml.j2 +++ b/src/lambda_codebase/initial_commit/adfconfig.yml.j2 @@ -27,3 +27,6 @@ config: scm: auto-create-repositories: enabled default-scm-branch: main + # Optional: + # default-scm-codecommit-account-id: "123456789012" + diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_or_update_rule.py b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_or_update_rule.py index 6ab2055b4..9987e3ceb 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_or_update_rule.py +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_or_update_rule.py @@ -11,10 +11,12 @@ from rule import Rule from logger import configure_logger from cloudwatch import ADFMetrics - +from errors import ParameterNotFoundError +from parameter_store import ParameterStore LOGGER = configure_logger(__name__) DEPLOYMENT_ACCOUNT_ID = os.environ["ACCOUNT_ID"] +DEPLOYMENT_ACCOUNT_REGION = os.environ["AWS_REGION"] CLOUDWATCH = boto3.client("cloudwatch") METRICS = ADFMetrics(CLOUDWATCH, "PIPELINE_MANAGEMENT/RULE") @@ -58,6 +60,37 @@ def lambda_handler(event, _): .get("properties", {}) .get("account_id") ) + + # Resolve source_account_id in case it is not set + if source_provider == "codecommit" and not source_account_id: + # Evaluate as follows: + # If source_account_id not set, we have to set it as follows: + # - set via default_scm_codecommit_account_id (if exists) + # - or set via ADF_DEPLOYMENT_ACCOUNT_ID + deployment_account_id = DEPLOYMENT_ACCOUNT_ID + try: + parameter_store = ParameterStore(DEPLOYMENT_ACCOUNT_REGION, boto3) + default_scm_codecommit_account_id = parameter_store.fetch_parameter( + "/adf/scm/default-scm-codecommit-account-id" + ) + except ParameterNotFoundError: + default_scm_codecommit_account_id = deployment_account_id + if not source_account_id: + print("account_id not found in source_props - recreate it!") + if default_scm_codecommit_account_id: + source_account_id = default_scm_codecommit_account_id + else: + source_account_id = deployment_account_id + if "properties" in pipeline["default_providers"]["source"]: + # append to properties + pipeline["default_providers"]["source"]["properties"]["account_id"] = source_account_id + else: + # recreate properties + source_props = { + "account_id": source_account_id + } + pipeline["default_providers"]["source"]["properties"] = source_props + if ( source_provider == "codecommit" and source_account_id diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_repository.py b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_repository.py index 69ecce656..c8d38c38b 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_repository.py +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_repository.py @@ -8,6 +8,7 @@ from repo import Repo from logger import configure_logger +from errors import ParameterNotFoundError from cloudwatch import ADFMetrics from parameter_store import ParameterStore @@ -16,7 +17,7 @@ METRICS = ADFMetrics(CLOUDWATCH, "PIPELINE_MANAGEMENT/REPO") LOGGER = configure_logger(__name__) DEPLOYMENT_ACCOUNT_REGION = os.environ["AWS_REGION"] - +DEPLOYMENT_ACCOUNT_ID = os.environ["ACCOUNT_ID"] def lambda_handler(event, _): """ @@ -67,6 +68,34 @@ def lambda_handler(event, _): .get("properties", {}) .get("repository", {}) ) + + # Resolve code_account_id in case it is not set + # Evaluate as follows: + # If source_account_id not set, we have to set it as follows: + # - set via default_scm_codecommit_account_id (if exists) + # - or set via ADF_DEPLOYMENT_ACCOUNT_ID + try: + default_scm_codecommit_account_id = parameter_store.fetch_parameter( + "/adf/scm/default-scm-codecommit-account-id" + ) + except ParameterNotFoundError: + default_scm_codecommit_account_id = DEPLOYMENT_ACCOUNT_ID + if not code_account_id: + print("account_id not found in source_props - recreate it!") + if default_scm_codecommit_account_id: + code_account_id = default_scm_codecommit_account_id + else: + code_account_id = DEPLOYMENT_ACCOUNT_ID + if "properties" in pipeline["default_providers"]["source"]: + # append to properties + pipeline["default_providers"]["source"]["properties"]["account_id"] = code_account_id + else: + # recreate properties + source_props = { + "account_id": code_account_id + } + pipeline["default_providers"]["source"]["properties"] = source_props + if ( code_account_id and str(code_account_id).isdigit() diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/generate_pipeline_inputs.py b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/generate_pipeline_inputs.py index b7e9cdf02..9c1b856b2 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/generate_pipeline_inputs.py +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/generate_pipeline_inputs.py @@ -72,6 +72,9 @@ def fetch_required_ssm_params(pipeline_input, regions): output["default_scm_branch"] = parameter_store.fetch_parameter( "default_scm_branch", ) + output["default_scm_codecommit_account_id"] = parameter_store.fetch_parameter( + "/adf/scm/default-scm-codecommit-account-id", + ) codestar_connection_path = ( pipeline_input .get("default_providers", {}) @@ -155,6 +158,9 @@ def generate_pipeline_inputs( data["pipeline_input"]["default_scm_branch"] = data["ssm_params"].get( "default_scm_branch", ) + data["pipeline_input"]["default_scm_codecommit_account_id"] = data["ssm_params"].get( + "default_scm_codecommit_account_id", + ) store_regional_parameter_config( pipeline_object, parameter_store, diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/pipeline_management.yml b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/pipeline_management.yml index 2a7a40232..190cad77c 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/pipeline_management.yml +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/pipeline_management.yml @@ -160,6 +160,18 @@ Resources: - "lambda.amazonaws.com" Action: - "sts:AssumeRole" + Policies: + - PolicyName: "adf-pipeline-create-update-rule-policy" + PolicyDocument: + Version: "2012-10-17" + Statement: + - Effect: Allow + Action: + - "ssm:GetParameter" + - "ssm:GetParameters" + - "ssm:GetParametersByPath" + Resource: + - "*" CreateRepositoryLambdaRole: Type: "AWS::IAM::Role" diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/main.py b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/main.py index d1fed23be..56aef42f2 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/main.py +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/main.py @@ -151,6 +151,13 @@ def prepare_deployment_account(sts, deployment_account_id, config): ADF_DEFAULT_SCM_FALLBACK_BRANCH, ) ) + deployment_account_parameter_store.put_parameter( + '/adf/scm/default-scm-codecommit-account-id', + config.config.get('scm', {}).get( + 'default-scm-codecommit-account-id', + deployment_account_id, + ) + ) auto_create_repositories = config.config.get( 'scm', {}).get('auto-create-repositories') if auto_create_repositories is not None: diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/cdk/cdk_constructs/adf_codecommit.py b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/cdk/cdk_constructs/adf_codecommit.py index f18417032..30ae03422 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/cdk/cdk_constructs/adf_codecommit.py +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/cdk/cdk_constructs/adf_codecommit.py @@ -16,13 +16,36 @@ ADF_DEPLOYMENT_ACCOUNT_ID = os.environ["ACCOUNT_ID"] ADF_DEFAULT_BUILD_TIMEOUT = 20 - class CodeCommit(core.Construct): def __init__(self, scope: core.Construct, id: str, map_params: dict, **kwargs): #pylint: disable=W0622 super().__init__(scope, id, **kwargs) default_providers = map_params.get("default_providers", {}) source_props = default_providers.get("source", {}).get("properties", {}) - account_id = source_props.get("account_id", ADF_DEPLOYMENT_ACCOUNT_ID) + + # Resolve account_id in case it is not set + # Evaluate as follows: + # If account_id not set, we have to set it as follows: + # - set via default_scm_codecommit_account_id (if exists) + # - or set via ADF_DEPLOYMENT_ACCOUNT_ID + default_scm_codecommit_account_id = map_params.get("default_scm_codecommit_account_id", "") + if not source_props.get("account_id"): + print("account_id not found in source_props - recreate it!") + if default_scm_codecommit_account_id: + account_id = default_scm_codecommit_account_id + else: + account_id = ADF_DEPLOYMENT_ACCOUNT_ID + if "properties" in map_params["default_providers"]["source"]: + # append to properties + map_params["default_providers"]["source"]["properties"]["account_id"] = account_id + else: + # recreate properties + source_props = { + "account_id": account_id + } + map_params["default_providers"]["source"]["properties"] = source_props + else: + account_id = source_props.get("account_id", ADF_DEPLOYMENT_ACCOUNT_ID) + self.source = _codepipeline.CfnPipeline.StageDeclarationProperty( name=f"Source-{account_id}", actions=[ diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/cdk/cdk_constructs/adf_codepipeline.py b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/cdk/cdk_constructs/adf_codepipeline.py index ac129f52c..41aa9d1ab 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/cdk/cdk_constructs/adf_codepipeline.py +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/cdk/cdk_constructs/adf_codepipeline.py @@ -23,6 +23,7 @@ ADF_PIPELINE_PREFIX = os.environ.get("ADF_PIPELINE_PREFIX", "") ADF_DEFAULT_BUILD_TIMEOUT = 20 ADF_DEFAULT_SCM_FALLBACK_BRANCH = 'master' +ADF_DEFAULT_SCM_CODECOMMIT_ACCOUNT_ID = os.environ["ACCOUNT_ID"] LOGGER = configure_logger(__name__) @@ -71,6 +72,10 @@ def __init__(self, **kwargs): "default_scm_branch", ADF_DEFAULT_SCM_FALLBACK_BRANCH, ) + self.default_scm_codecommit_account_id = self.map_params.get( + "/adf/scm/default_scm_codecommit_account_id", + ADF_DEFAULT_SCM_CODECOMMIT_ACCOUNT_ID, + ) self.configuration = self._generate_configuration() self.config = self.generate() @@ -728,6 +733,10 @@ def __init__( "default_scm_branch", ADF_DEFAULT_SCM_FALLBACK_BRANCH, ) + self.default_scm_codecommit_account_id = map_params.get( + "/adf/scm/default_scm_codecommit_account_id", + ADF_DEFAULT_SCM_CODECOMMIT_ACCOUNT_ID, + ) self.cfn = _codepipeline.CfnPipeline( self, 'pipeline', diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/helpers/requirements.txt b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/helpers/requirements.txt index 93879ec20..7524a24d6 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/helpers/requirements.txt +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/helpers/requirements.txt @@ -1,5 +1,3 @@ boto3==1.26.48 botocore==1.29.48 docopt~=0.6.2 -schema~=0.7.5 -pytest-env~=0.8.1 \ No newline at end of file diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/python/schema_validation.py b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/python/schema_validation.py index aff0c3e32..52b7287c0 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/python/schema_validation.py +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/python/schema_validation.py @@ -82,7 +82,7 @@ } GITHUB_SOURCE = { "provider": 'github', - "properties": GITHUB_SOURCE_PROPS + Optional("properties"): CODECOMMIT_SOURCE_PROPS } # CodeStar Source @@ -282,13 +282,23 @@ 'codebuild': Schema(DEFAULT_CODEBUILD_BUILD), } PROVIDER_SCHEMA = { - 'source': And( - { - 'provider': Or('codecommit', 'github', 's3', 'codestar'), - 'properties': dict, - }, - # pylint: disable=W0108 - lambda x: PROVIDER_SOURCE_SCHEMAS[x['provider']].validate(x), + 'source': Or( + And( + { + 'provider': Or('github', 's3', 'codestar'), + 'properties': dict, + }, + # pylint: disable=W0108 + lambda x: PROVIDER_SOURCE_SCHEMAS[x['provider']].validate(x), + ), + And( + { + 'provider': Or('codecommit'), + Optional('properties'): dict, + }, + # pylint: disable=W0108 + lambda x: PROVIDER_SOURCE_SCHEMAS[x['provider']].validate(x), + ), ), Optional('build'): And( { @@ -333,7 +343,10 @@ TARGET_SCHEMA = { Optional("path"): Or(str, int, TARGET_LIST_SCHEMA), Optional("tags"): { - And(str, Regex(r"\A.{1,128}\Z")): And(str, Regex(r"\A.{0,256}\Z")) + And(str, Regex(r"\A.{1,128}\Z")): Or( + And(str, Regex(r"\A.{0,256}\Z")), + And(list) + ) }, Optional("target"): Or(str, int, TARGET_LIST_SCHEMA), Optional("name"): str, diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/pytest.ini b/src/lambda_codebase/initial_commit/bootstrap_repository/pytest.ini index ef9a21518..d31fa8349 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/pytest.ini +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/pytest.ini @@ -1,5 +1,3 @@ [pytest] -env = - ACCOUNT_ID="123456789012" -testpaths = adf-build/tests adf-bootstrap/deployment/lambda_codebase/tests adf-build/shared/python/tests/ +testpaths = adf-build/tests adf-bootstrap/deployment/lambda_codebase/tests norecursedirs = adf-bootstrap/deployment/lambda_codebase/initial_commit adf-bootstrap/deployment/lambda_codebase/determine_default_branch adf-build/shared From 40d7bfcf71a29be5a575038e88da8d20221dd7fc Mon Sep 17 00:00:00 2001 From: Andreas Falkenberg Date: Sun, 30 Jul 2023 14:35:43 +0200 Subject: [PATCH 3/7] fix: consider comments from review --- .../create_or_update_rule.py | 19 +++++++++---------- .../pipeline_management/create_repository.py | 8 +++----- .../deployment/pipeline_management.yml | 2 +- .../cdk/cdk_constructs/adf_codecommit.py | 6 +++++- 4 files changed, 18 insertions(+), 17 deletions(-) diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_or_update_rule.py b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_or_update_rule.py index 9987e3ceb..e19e46ab8 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_or_update_rule.py +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_or_update_rule.py @@ -61,12 +61,13 @@ def lambda_handler(event, _): .get("account_id") ) - # Resolve source_account_id in case it is not set - if source_provider == "codecommit" and not source_account_id: + # Resolve codecommit source_account_id in case it is not set + if source_provider == "codecommit": # Evaluate as follows: - # If source_account_id not set, we have to set it as follows: - # - set via default_scm_codecommit_account_id (if exists) - # - or set via ADF_DEPLOYMENT_ACCOUNT_ID + # If not set, we have to set it with + # - default_scm_codecommit_account_id (if exists) + # - or ADF_DEPLOYMENT_ACCOUNT_ID + # If set, we are done anyways deployment_account_id = DEPLOYMENT_ACCOUNT_ID try: parameter_store = ParameterStore(DEPLOYMENT_ACCOUNT_REGION, boto3) @@ -75,12 +76,10 @@ def lambda_handler(event, _): ) except ParameterNotFoundError: default_scm_codecommit_account_id = deployment_account_id + LOGGER.debug("default_scm_codecommit_account_id not found in SSM - Fall back to deployment_account_id.") if not source_account_id: - print("account_id not found in source_props - recreate it!") - if default_scm_codecommit_account_id: - source_account_id = default_scm_codecommit_account_id - else: - source_account_id = deployment_account_id + LOGGER.debug("source_account_id not found in source_props - ADF will set it from SSM param default_scm_codecommit_account_id.") + source_account_id = default_scm_codecommit_account_id if "properties" in pipeline["default_providers"]["source"]: # append to properties pipeline["default_providers"]["source"]["properties"]["account_id"] = source_account_id diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_repository.py b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_repository.py index c8d38c38b..a37ab27d2 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_repository.py +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_repository.py @@ -80,12 +80,10 @@ def lambda_handler(event, _): ) except ParameterNotFoundError: default_scm_codecommit_account_id = DEPLOYMENT_ACCOUNT_ID + LOGGER.debug("default_scm_codecommit_account_id not found in SSM - Fall back to deployment_account_id.") if not code_account_id: - print("account_id not found in source_props - recreate it!") - if default_scm_codecommit_account_id: - code_account_id = default_scm_codecommit_account_id - else: - code_account_id = DEPLOYMENT_ACCOUNT_ID + code_account_id = default_scm_codecommit_account_id + LOGGER.debug("account_id not found in source_props - ADF will set it from default_scm_codecommit_account_id.") if "properties" in pipeline["default_providers"]["source"]: # append to properties pipeline["default_providers"]["source"]["properties"]["account_id"] = code_account_id diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/pipeline_management.yml b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/pipeline_management.yml index 83dff729d..8204c2cf6 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/pipeline_management.yml +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/pipeline_management.yml @@ -171,7 +171,7 @@ Resources: - "ssm:GetParameters" - "ssm:GetParametersByPath" Resource: - - "*" + - !Sub arn:${AWS::Partition}:ssm:*:*:parameter/adf/* CreateRepositoryLambdaRole: Type: "AWS::IAM::Role" diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/cdk/cdk_constructs/adf_codecommit.py b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/cdk/cdk_constructs/adf_codecommit.py index 9aeeb9965..29d07ba60 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/cdk/cdk_constructs/adf_codecommit.py +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/cdk/cdk_constructs/adf_codecommit.py @@ -9,6 +9,7 @@ aws_codepipeline as _codepipeline, ) from constructs import Construct +from logger import configure_logger from cdk_constructs.adf_codepipeline import Action @@ -16,6 +17,8 @@ ADF_DEPLOYMENT_ACCOUNT_ID = os.environ["ACCOUNT_ID"] ADF_DEFAULT_BUILD_TIMEOUT = 20 +LOGGER = configure_logger(__name__) + class CodeCommit(Construct): def __init__(self, scope: Construct, id: str, map_params: dict, **kwargs): #pylint: disable=W0622 super().__init__(scope, id, **kwargs) @@ -29,11 +32,12 @@ def __init__(self, scope: Construct, id: str, map_params: dict, **kwargs): #pyli # - or set via ADF_DEPLOYMENT_ACCOUNT_ID default_scm_codecommit_account_id = map_params.get("default_scm_codecommit_account_id", "") if not source_props.get("account_id"): - print("account_id not found in source_props - recreate it!") if default_scm_codecommit_account_id: account_id = default_scm_codecommit_account_id + LOGGER.debug("account_id not found in source_props - ADF will set it from default_scm_codecommit_account_id.") else: account_id = ADF_DEPLOYMENT_ACCOUNT_ID + LOGGER.debug("account_id not found in source_props and not found in SSM param - Fall back to ADF_DEPLOYMENT_ACCOUNT_ID") if "properties" in map_params["default_providers"]["source"]: # append to properties map_params["default_providers"]["source"]["properties"]["account_id"] = account_id From 50efc58fce4c03377e73ba80b89860af8edb925e Mon Sep 17 00:00:00 2001 From: Simon Kok Date: Mon, 7 Aug 2023 20:22:27 +0200 Subject: [PATCH 4/7] Code fixes --- docs/admin-guide.md | 14 ++++---- docs/providers-guide.md | 6 ++-- .../create_or_update_rule.py | 36 ++++++++++--------- .../pipeline_management/create_repository.py | 26 +++++++------- .../generate_pipeline_inputs.py | 10 +++--- .../bootstrap_repository/adf-build/main.py | 21 ++++++----- .../cdk/cdk_constructs/adf_codecommit.py | 19 +++++++--- .../shared/python/schema_validation.py | 4 +-- 8 files changed, 81 insertions(+), 55 deletions(-) diff --git a/docs/admin-guide.md b/docs/admin-guide.md index 19bb222a3..a4116b974 100644 --- a/docs/admin-guide.md +++ b/docs/admin-guide.md @@ -213,12 +213,14 @@ Config has five components in `main-notification-endpoint`, `scp`, `scm`, `main`. As new repositories will most likely use this branch name as their default branch. - - **default-scm-codecommit-account-id** allows you to configure the default account id that - should be used with all source-code management platforms that ADF supports. - If not set here, the deployment account id is taken as default value. - The CodeCommit account-id can be still be overwritten with an explicit account id in the individual deployment map. - The CodeCommit provider guide provides more details: [providers-guide.md.yml: CodeCommit](./providers-guide.md#codecommit). - + - **default-scm-codecommit-account-id** allows you to configure the default + account id that should be used with all source-code management platforms + that ADF supports. + If not set here, the deployment account id is taken as default value. + The CodeCommit account-id can be still be overwritten with an explicit + account id in the individual deployment map. + The CodeCommit provider guide provides more details: + [providers-guide.md.yml: CodeCommit](./providers-guide.md#codecommit). ## Accounts diff --git a/docs/providers-guide.md b/docs/providers-guide.md index 5c209a8ef..d606bbba2 100644 --- a/docs/providers-guide.md +++ b/docs/providers-guide.md @@ -68,8 +68,10 @@ Provider type: `codecommit`. does not exist it will be created via AWS CloudFormation on the source account along with the associated cross account CloudWatch event action to trigger the pipeline. - - Additionally, the default account id for CodeCommit, can be set in [adfconfig.yml: config/scm/default-scm-codecommit-account-id](./admin-guide.md#adfconfig). - - If not set here in the provider and if not set in adfconfig.yml, the deployment account id will be used as default value. + - Additionally, the default account id for CodeCommit, can be set in + [adfconfig.yml: config/scm/default-scm-codecommit-account-id](./admin-guide.md#adfconfig). + - If not set here in the provider and if not set in adfconfig.yml, + the deployment account id will be used as default value. - *repository* - *(String)* defaults to name of the pipeline. - The AWS CodeCommit repository name. - *branch* - *(String)* default to configured [adfconfig.yml: config/scm/default-scm-branch](./admin-guide.md#adfconfig). diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_or_update_rule.py b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_or_update_rule.py index e19e46ab8..4269f3de3 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_or_update_rule.py +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_or_update_rule.py @@ -62,33 +62,37 @@ def lambda_handler(event, _): ) # Resolve codecommit source_account_id in case it is not set - if source_provider == "codecommit": - # Evaluate as follows: + if source_provider == "codecommit" and not source_account_id: + # Evaluate as follows: # If not set, we have to set it with # - default_scm_codecommit_account_id (if exists) # - or ADF_DEPLOYMENT_ACCOUNT_ID # If set, we are done anyways + LOGGER.debug( + "source_account_id not found in source_props - ADF will set " + "it from SSM param default_scm_codecommit_account_id.", + ) deployment_account_id = DEPLOYMENT_ACCOUNT_ID try: parameter_store = ParameterStore(DEPLOYMENT_ACCOUNT_REGION, boto3) default_scm_codecommit_account_id = parameter_store.fetch_parameter( - "/adf/scm/default-scm-codecommit-account-id" + "/adf/scm/default-scm-codecommit-account-id", ) except ParameterNotFoundError: default_scm_codecommit_account_id = deployment_account_id - LOGGER.debug("default_scm_codecommit_account_id not found in SSM - Fall back to deployment_account_id.") - if not source_account_id: - LOGGER.debug("source_account_id not found in source_props - ADF will set it from SSM param default_scm_codecommit_account_id.") - source_account_id = default_scm_codecommit_account_id - if "properties" in pipeline["default_providers"]["source"]: - # append to properties - pipeline["default_providers"]["source"]["properties"]["account_id"] = source_account_id - else: - # recreate properties - source_props = { - "account_id": source_account_id - } - pipeline["default_providers"]["source"]["properties"] = source_props + LOGGER.debug( + "default_scm_codecommit_account_id not found in SSM - " + "Fall back to deployment_account_id.", + ) + source_account_id = default_scm_codecommit_account_id + + # Create the properties object if it does not exist + if not pipeline["default_providers"]["source"].get("properties") is None: + pipeline["default_providers"]["source"]["properties"] = {} + + pipeline["default_providers"]["source"]["properties"]["account_id"] = ( + source_account_id + ) if ( source_provider == "codecommit" diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_repository.py b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_repository.py index a37ab27d2..bd2692e5e 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_repository.py +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_repository.py @@ -70,7 +70,7 @@ def lambda_handler(event, _): ) # Resolve code_account_id in case it is not set - # Evaluate as follows: + # Evaluate as follows: # If source_account_id not set, we have to set it as follows: # - set via default_scm_codecommit_account_id (if exists) # - or set via ADF_DEPLOYMENT_ACCOUNT_ID @@ -80,19 +80,21 @@ def lambda_handler(event, _): ) except ParameterNotFoundError: default_scm_codecommit_account_id = DEPLOYMENT_ACCOUNT_ID - LOGGER.debug("default_scm_codecommit_account_id not found in SSM - Fall back to deployment_account_id.") + LOGGER.debug( + "default_scm_codecommit_account_id not found in SSM - " + "Fall back to deployment_account_id.", + ) if not code_account_id: code_account_id = default_scm_codecommit_account_id - LOGGER.debug("account_id not found in source_props - ADF will set it from default_scm_codecommit_account_id.") - if "properties" in pipeline["default_providers"]["source"]: - # append to properties - pipeline["default_providers"]["source"]["properties"]["account_id"] = code_account_id - else: - # recreate properties - source_props = { - "account_id": code_account_id - } - pipeline["default_providers"]["source"]["properties"] = source_props + LOGGER.debug( + "account_id not found in source_props - ADF will set it from " + "default_scm_codecommit_account_id.", + ) + if pipeline["default_providers"]["source"].get("properties") is None: + pipeline["default_providers"]["source"]["properties"] = {} + pipeline["default_providers"]["source"]["properties"]["account_id"] = ( + code_account_id + ) if ( code_account_id diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/generate_pipeline_inputs.py b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/generate_pipeline_inputs.py index 9c1b856b2..7e6cabb92 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/generate_pipeline_inputs.py +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/generate_pipeline_inputs.py @@ -155,11 +155,13 @@ def generate_pipeline_inputs( data["pipeline_input"]["default_providers"]["source"]["properties"][ "codestar_connection_arn" ] = data["ssm_params"]["codestar_connection_arn"] - data["pipeline_input"]["default_scm_branch"] = data["ssm_params"].get( - "default_scm_branch", + data["pipeline_input"]["default_scm_branch"] = ( + data["ssm_params"] + .get("default_scm_branch") ) - data["pipeline_input"]["default_scm_codecommit_account_id"] = data["ssm_params"].get( - "default_scm_codecommit_account_id", + data["pipeline_input"]["default_scm_codecommit_account_id"] = ( + data["ssm_params"] + .get("default_scm_codecommit_account_id") ) store_regional_parameter_config( pipeline_object, diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/main.py b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/main.py index 56aef42f2..1ed988ae7 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/main.py +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/main.py @@ -146,20 +146,25 @@ def prepare_deployment_account(sts, deployment_account_id, config): ) deployment_account_parameter_store.put_parameter( 'default_scm_branch', - config.config.get('scm', {}).get( - 'default-scm-branch', - ADF_DEFAULT_SCM_FALLBACK_BRANCH, + ( + config.config + .get('scm', {}) + .get('default-scm-branch', ADF_DEFAULT_SCM_FALLBACK_BRANCH) ) ) deployment_account_parameter_store.put_parameter( '/adf/scm/default-scm-codecommit-account-id', - config.config.get('scm', {}).get( - 'default-scm-codecommit-account-id', - deployment_account_id, + ( + config.config + .get('scm', {}) + .get('default-scm-codecommit-account-id', deployment_account_id) ) ) - auto_create_repositories = config.config.get( - 'scm', {}).get('auto-create-repositories') + auto_create_repositories = ( + config.config + .get('scm', {}) + .get('auto-create-repositories') + ) if auto_create_repositories is not None: deployment_account_parameter_store.put_parameter( 'auto_create_repositories', str(auto_create_repositories) diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/cdk/cdk_constructs/adf_codecommit.py b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/cdk/cdk_constructs/adf_codecommit.py index 29d07ba60..8f50a8da7 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/cdk/cdk_constructs/adf_codecommit.py +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/cdk/cdk_constructs/adf_codecommit.py @@ -24,20 +24,29 @@ def __init__(self, scope: Construct, id: str, map_params: dict, **kwargs): #pyli super().__init__(scope, id, **kwargs) default_providers = map_params.get("default_providers", {}) source_props = default_providers.get("source", {}).get("properties", {}) - + # Resolve account_id in case it is not set - # Evaluate as follows: + # Evaluate as follows: # If account_id not set, we have to set it as follows: # - set via default_scm_codecommit_account_id (if exists) # - or set via ADF_DEPLOYMENT_ACCOUNT_ID - default_scm_codecommit_account_id = map_params.get("default_scm_codecommit_account_id", "") + default_scm_codecommit_account_id = ( + map_params + .get("default_scm_codecommit_account_id", "") + ) if not source_props.get("account_id"): if default_scm_codecommit_account_id: account_id = default_scm_codecommit_account_id - LOGGER.debug("account_id not found in source_props - ADF will set it from default_scm_codecommit_account_id.") + LOGGER.debug( + "account_id not found in source_props - ADF will set it " + "from default_scm_codecommit_account_id.", + ) else: account_id = ADF_DEPLOYMENT_ACCOUNT_ID - LOGGER.debug("account_id not found in source_props and not found in SSM param - Fall back to ADF_DEPLOYMENT_ACCOUNT_ID") + LOGGER.debug( + "account_id not found in source_props and not found in " + "SSM param - Fall back to ADF_DEPLOYMENT_ACCOUNT_ID", + ) if "properties" in map_params["default_providers"]["source"]: # append to properties map_params["default_providers"]["source"]["properties"]["account_id"] = account_id diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/python/schema_validation.py b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/python/schema_validation.py index 52b7287c0..8dca8966a 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/python/schema_validation.py +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/python/schema_validation.py @@ -68,7 +68,7 @@ } CODECOMMIT_SOURCE = { "provider": 'codecommit', - "properties": CODECOMMIT_SOURCE_PROPS + Optional("properties"): CODECOMMIT_SOURCE_PROPS, } # GitHub Source @@ -82,7 +82,7 @@ } GITHUB_SOURCE = { "provider": 'github', - Optional("properties"): CODECOMMIT_SOURCE_PROPS + "properties": GITHUB_SOURCE_PROPS } # CodeStar Source From 04560a0ffd9d04a37fc5e486435c32a38a0ed232 Mon Sep 17 00:00:00 2001 From: Andreas Falkenberg Date: Wed, 4 Oct 2023 14:54:38 +0200 Subject: [PATCH 5/7] fix: remove duplicate code --- .../pipeline_management/create_repository.py | 29 --------------- .../cdk/cdk_constructs/adf_codecommit.py | 37 +------------------ .../adf-build/tests/test_main.py | 6 ++- 3 files changed, 5 insertions(+), 67 deletions(-) diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_repository.py b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_repository.py index bd2692e5e..a262aa41a 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_repository.py +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_repository.py @@ -8,7 +8,6 @@ from repo import Repo from logger import configure_logger -from errors import ParameterNotFoundError from cloudwatch import ADFMetrics from parameter_store import ParameterStore @@ -17,7 +16,6 @@ METRICS = ADFMetrics(CLOUDWATCH, "PIPELINE_MANAGEMENT/REPO") LOGGER = configure_logger(__name__) DEPLOYMENT_ACCOUNT_REGION = os.environ["AWS_REGION"] -DEPLOYMENT_ACCOUNT_ID = os.environ["ACCOUNT_ID"] def lambda_handler(event, _): """ @@ -69,33 +67,6 @@ def lambda_handler(event, _): .get("repository", {}) ) - # Resolve code_account_id in case it is not set - # Evaluate as follows: - # If source_account_id not set, we have to set it as follows: - # - set via default_scm_codecommit_account_id (if exists) - # - or set via ADF_DEPLOYMENT_ACCOUNT_ID - try: - default_scm_codecommit_account_id = parameter_store.fetch_parameter( - "/adf/scm/default-scm-codecommit-account-id" - ) - except ParameterNotFoundError: - default_scm_codecommit_account_id = DEPLOYMENT_ACCOUNT_ID - LOGGER.debug( - "default_scm_codecommit_account_id not found in SSM - " - "Fall back to deployment_account_id.", - ) - if not code_account_id: - code_account_id = default_scm_codecommit_account_id - LOGGER.debug( - "account_id not found in source_props - ADF will set it from " - "default_scm_codecommit_account_id.", - ) - if pipeline["default_providers"]["source"].get("properties") is None: - pipeline["default_providers"]["source"]["properties"] = {} - pipeline["default_providers"]["source"]["properties"]["account_id"] = ( - code_account_id - ) - if ( code_account_id and str(code_account_id).isdigit() diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/cdk/cdk_constructs/adf_codecommit.py b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/cdk/cdk_constructs/adf_codecommit.py index 8f50a8da7..b82820e0f 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/cdk/cdk_constructs/adf_codecommit.py +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/cdk/cdk_constructs/adf_codecommit.py @@ -9,7 +9,6 @@ aws_codepipeline as _codepipeline, ) from constructs import Construct -from logger import configure_logger from cdk_constructs.adf_codepipeline import Action @@ -17,47 +16,13 @@ ADF_DEPLOYMENT_ACCOUNT_ID = os.environ["ACCOUNT_ID"] ADF_DEFAULT_BUILD_TIMEOUT = 20 -LOGGER = configure_logger(__name__) class CodeCommit(Construct): def __init__(self, scope: Construct, id: str, map_params: dict, **kwargs): #pylint: disable=W0622 super().__init__(scope, id, **kwargs) default_providers = map_params.get("default_providers", {}) source_props = default_providers.get("source", {}).get("properties", {}) - - # Resolve account_id in case it is not set - # Evaluate as follows: - # If account_id not set, we have to set it as follows: - # - set via default_scm_codecommit_account_id (if exists) - # - or set via ADF_DEPLOYMENT_ACCOUNT_ID - default_scm_codecommit_account_id = ( - map_params - .get("default_scm_codecommit_account_id", "") - ) - if not source_props.get("account_id"): - if default_scm_codecommit_account_id: - account_id = default_scm_codecommit_account_id - LOGGER.debug( - "account_id not found in source_props - ADF will set it " - "from default_scm_codecommit_account_id.", - ) - else: - account_id = ADF_DEPLOYMENT_ACCOUNT_ID - LOGGER.debug( - "account_id not found in source_props and not found in " - "SSM param - Fall back to ADF_DEPLOYMENT_ACCOUNT_ID", - ) - if "properties" in map_params["default_providers"]["source"]: - # append to properties - map_params["default_providers"]["source"]["properties"]["account_id"] = account_id - else: - # recreate properties - source_props = { - "account_id": account_id - } - map_params["default_providers"]["source"]["properties"] = source_props - else: - account_id = source_props.get("account_id", ADF_DEPLOYMENT_ACCOUNT_ID) + account_id = source_props.get("account_id", ADF_DEPLOYMENT_ACCOUNT_ID) self.source = _codepipeline.CfnPipeline.StageDeclarationProperty( name=f"Source-{account_id}", diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/tests/test_main.py b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/tests/test_main.py index 0706c519f..1059bc185 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/tests/test_main.py +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/tests/test_main.py @@ -133,7 +133,7 @@ def test_prepare_deployment_account_defaults(param_store_cls, cls, sts): ) for param_store in parameter_store_list: assert param_store.put_parameter.call_count == ( - 11 if param_store == deploy_param_store else 2 + 12 if param_store == deploy_param_store else 2 ) param_store.put_parameter.assert_has_calls( [ @@ -154,6 +154,7 @@ def test_prepare_deployment_account_defaults(param_store_cls, cls, sts): call('notification_endpoint', 'john@example.com'), call('/adf/extensions/terraform/enabled', 'False'), ], + any_order=True, ) @@ -222,7 +223,7 @@ def test_prepare_deployment_account_specific_config(param_store_cls, cls, sts): ) for param_store in parameter_store_list: assert param_store.put_parameter.call_count == ( - 13 if param_store == deploy_param_store else 2 + 14 if param_store == deploy_param_store else 2 ) param_store.put_parameter.assert_has_calls( [ @@ -249,4 +250,5 @@ def test_prepare_deployment_account_specific_config(param_store_cls, cls, sts): call('/notification_endpoint/main', 'slack-channel'), call('/adf/extensions/terraform/enabled', 'False'), ], + any_order=True, ) From b4424bd67e14b1ba24a11903e0f0c1d891498015 Mon Sep 17 00:00:00 2001 From: Andreas Falkenberg Date: Wed, 1 Nov 2023 09:25:45 +0100 Subject: [PATCH 6/7] fix: add changes from review --- .../pipeline_management/create_or_update_rule.py | 2 +- .../lambda_codebase/pipeline_management/create_repository.py | 1 + .../adf-build/shared/python/schema_validation.py | 5 +---- 3 files changed, 3 insertions(+), 5 deletions(-) diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_or_update_rule.py b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_or_update_rule.py index 4269f3de3..36e953bfb 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_or_update_rule.py +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_or_update_rule.py @@ -87,7 +87,7 @@ def lambda_handler(event, _): source_account_id = default_scm_codecommit_account_id # Create the properties object if it does not exist - if not pipeline["default_providers"]["source"].get("properties") is None: + if pipeline["default_providers"]["source"].get("properties") is None: pipeline["default_providers"]["source"]["properties"] = {} pipeline["default_providers"]["source"]["properties"]["account_id"] = ( diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_repository.py b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_repository.py index a262aa41a..dc5b8c6f1 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_repository.py +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/lambda_codebase/pipeline_management/create_repository.py @@ -17,6 +17,7 @@ LOGGER = configure_logger(__name__) DEPLOYMENT_ACCOUNT_REGION = os.environ["AWS_REGION"] + def lambda_handler(event, _): """ Main Lambda Entry point, responsible for creating the CodeCommit diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/python/schema_validation.py b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/python/schema_validation.py index 8dca8966a..2f367cdc9 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/python/schema_validation.py +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/python/schema_validation.py @@ -343,10 +343,7 @@ TARGET_SCHEMA = { Optional("path"): Or(str, int, TARGET_LIST_SCHEMA), Optional("tags"): { - And(str, Regex(r"\A.{1,128}\Z")): Or( - And(str, Regex(r"\A.{0,256}\Z")), - And(list) - ) + And(str, Regex(r"\A.{1,128}\Z")): And(str, Regex(r"\A.{0,256}\Z")) }, Optional("target"): Or(str, int, TARGET_LIST_SCHEMA), Optional("name"): str, From fab48d9d953a9c73b5d80eea2f667649294d531c Mon Sep 17 00:00:00 2001 From: Andreas Falkenberg Date: Sat, 20 Jan 2024 15:47:47 +0100 Subject: [PATCH 7/7] fix: fix pytest bug --- .../bootstrap_repository/adf-build/tests/test_main.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/tests/test_main.py b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/tests/test_main.py index c7aaac85f..278cd3236 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/tests/test_main.py +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/tests/test_main.py @@ -133,7 +133,7 @@ def test_prepare_deployment_account_defaults(param_store_cls, cls, sts): ) for param_store in parameter_store_list: assert param_store.put_parameter.call_count == ( - 12 if param_store == deploy_param_store else 2 + 13 if param_store == deploy_param_store else 2 ) param_store.put_parameter.assert_has_calls( [ @@ -225,7 +225,7 @@ def test_prepare_deployment_account_specific_config(param_store_cls, cls, sts): ) for param_store in parameter_store_list: assert param_store.put_parameter.call_count == ( - 14 if param_store == deploy_param_store else 2 + 15 if param_store == deploy_param_store else 2 ) param_store.put_parameter.assert_has_calls( [