11import codepipeline = require( '@aws-cdk/aws-codepipeline-api' ) ;
22import iam = require( '@aws-cdk/aws-iam' ) ;
33import cdk = require( '@aws-cdk/cdk' ) ;
4+ import { ServerDeploymentGroupRef } from './deployment-group' ;
45
56/**
67 * Construction properties of the {@link PipelineDeployAction CodeDeploy deploy CodePipeline Action}.
78 */
89export interface PipelineDeployActionProps extends codepipeline . CommonActionProps ,
910 codepipeline . CommonActionConstructProps {
1011 /**
11- * The name of the CodeDeploy application to deploy to.
12- *
13- * @note this will most likely be changed to a proper CodeDeploy AWS Construct reference
14- * once that functionality has been implemented for CodeDeploy
15- */
16- applicationName : string ;
17-
18- /**
19- * The name of the CodeDeploy deployment group to deploy to.
20- *
21- * @note this will most likely be changed to a proper CodeDeploy AWS Construct reference
22- * once that functionality has been implemented for CodeDeploy
12+ * The CodeDeploy Deployment Group to deploy to.
2313 */
24- deploymentGroupName : string ;
14+ deploymentGroup : ServerDeploymentGroupRef ;
2515
2616 /**
2717 * The source to use as input for deployment.
@@ -40,50 +30,37 @@ export class PipelineDeployAction extends codepipeline.DeployAction {
4030 provider : 'CodeDeploy' ,
4131 inputArtifact : props . inputArtifact ,
4232 configuration : {
43- ApplicationName : props . applicationName ,
44- DeploymentGroupName : props . deploymentGroupName ,
33+ ApplicationName : props . deploymentGroup . application . applicationName ,
34+ DeploymentGroupName : props . deploymentGroup . deploymentGroupName ,
4535 } ,
4636 } ) ;
4737
4838 // permissions, based on:
4939 // https://docs.aws.amazon.com/codedeploy/latest/userguide/auth-and-access-control-permissions-reference.html
5040
51- const applicationArn = cdk . ArnUtils . fromComponents ( {
52- service : 'codedeploy' ,
53- resource : 'application' ,
54- resourceName : props . applicationName ,
55- sep : ':' ,
56- } ) ;
5741 props . stage . pipeline . role . addToPolicy ( new iam . PolicyStatement ( )
58- . addResource ( applicationArn )
42+ . addResource ( props . deploymentGroup . application . applicationArn )
5943 . addActions (
6044 'codedeploy:GetApplicationRevision' ,
6145 'codedeploy:RegisterApplicationRevision' ,
6246 ) ) ;
6347
64- const deploymentGroupArn = cdk . ArnUtils . fromComponents ( {
65- service : 'codedeploy' ,
66- resource : 'deploymentgroup' ,
67- resourceName : `${ props . applicationName } ${ props . deploymentGroupName } ,
68- sep : ':' ,
69- } ) ;
7048 props . stage . pipeline . role . addToPolicy ( new iam . PolicyStatement ( )
71- . addResource ( deploymentGroupArn )
49+ . addResource ( props . deploymentGroup . deploymentGroupArn )
7250 . addActions (
7351 'codedeploy:CreateDeployment' ,
7452 'codedeploy:GetDeployment' ,
7553 ) ) ;
7654
77- const deployConfigArn = cdk . ArnUtils . fromComponents ( {
78- service : 'codedeploy' ,
79- resource : 'deploymentconfig' ,
80- resourceName : '*' ,
81- sep : ':' ,
82- } ) ;
8355 props . stage . pipeline . role . addToPolicy ( new iam . PolicyStatement ( )
84- . addResource ( deployConfigArn )
56+ . addResource ( props . deploymentGroup . deploymentConfig . deploymentConfigArn )
8557 . addActions (
8658 'codedeploy:GetDeploymentConfig' ,
8759 ) ) ;
60+
61+ // grant the ASG Role permissions to read from the Pipeline Bucket
62+ for ( const asg of props . deploymentGroup . autoScalingGroups || [ ] ) {
63+ props . stage . pipeline . grantBucketRead ( asg . role ) ;
64+ }
8865 }
8966}
0 commit comments