diff --git a/deploy.sh b/deploy.sh index ed1cd9ea..ce12ed89 100755 --- a/deploy.sh +++ b/deploy.sh @@ -170,6 +170,7 @@ devops_account () { then GIT_PLATFORM=CodeCommit GITLAB=false + GITHUB=false GLUE_JOB_DEPLOYER=false LAMBDA_LAYER_BUILDER=false MONITORING=false @@ -180,6 +181,12 @@ devops_account () { GITLAB=true echo "Optional feature: GitLab" fi + if printf "%s\0" "${FEATURES[@]}" | grep -Fxqz -- "github" + then + GIT_PLATFORM=GitHub + GITHUB=true + echo "Optional feature: GitHub" + fi if printf "%s\0" "${FEATURES[@]}" | grep -Fxqz -- "gluejobdeployer" then GLUE_JOB_DEPLOYER=true @@ -204,6 +211,7 @@ devops_account () { echo "-f not specified, set all features to false by default" >&2 GIT_PLATFORM=CodeCommit GITLAB=false + GITHUB=false GLUE_JOB_DEPLOYER=false LAMBDA_LAYER_BUILDER=false MONITORING=false @@ -223,7 +231,6 @@ devops_account () { --parameter-overrides \ pDomainAccounts="$DOMAIN_ACCOUNTS" \ pGitPlatform="$GIT_PLATFORM" \ - pEnableGitlab="$GITLAB" \ pEnableGlueJobDeployer="$GLUE_JOB_DEPLOYER" \ pEnableLambdaLayerBuilder="$LAMBDA_LAYER_BUILDER" \ pEnableMonitoring="$MONITORING" \ @@ -235,7 +242,7 @@ devops_account () { template_protection "$STACK_NAME" "$REGION" "$DEVOPS_AWS_PROFILE" ARTIFACTS_BUCKET=$(aws --region "$REGION" --profile "$DEVOPS_AWS_PROFILE" ssm get-parameter --name /SDLF/S3/DevOpsArtifactsBucket --query "Parameter.Value" --output text) - REPOSITORIES_TEMPLATE_FILE=$(test "$GITLAB" = true && echo "$DIRNAME"/sdlf-cicd/template-cicd-sdlf-repositories.gitlab.yaml || echo "$DIRNAME"/sdlf-cicd/template-cicd-sdlf-repositories.yaml) + REPOSITORIES_TEMPLATE_FILE="$DIRNAME/sdlf-cicd/template-cicd-sdlf-repositories.${GIT_PLATFORM,,}.yaml" mkdir "$DIRNAME"/output aws cloudformation package \ --s3-bucket "$ARTIFACTS_BUCKET" --s3-prefix template-cicd-sdlf-repositories \ @@ -287,6 +294,28 @@ devops_account () { git push origin main:test fi popd || exit + elif "$GITHUB" + then + #GITHUB_ACCESSTOKEN=$(aws --region "$REGION" --profile "$DEVOPS_AWS_PROFILE" ssm get-parameter --with-decryption --name /SDLF/GitHub/AccessToken --query "Parameter.Value" --output text) + GITHUB_REPOSITORY_URL="https://github.com/$REPOSITORY.git" + + if [ "$REPOSITORY" = "sdlf-main" ] + then + mkdir sdlf-main + cp sdlf-cicd/README.md sdlf-main/ + fi + pushd "$REPOSITORY" || exit + if [ ! -d .git ] # if .git exists, deploy.sh has likely been run before - do not try to push the base repositories + then + git init + git remote add origin "$GITHUB_REPOSITORY_URL" || exit 1 + git add . + git commit -m "initial commit" + git push origin main || exit 1 + git push origin main:dev + git push origin main:test + fi + popd || exit else latest_commit=$(aws --region "$REGION" --profile "$DEVOPS_AWS_PROFILE" codecommit get-branch --repository-name "$REPOSITORY" --branch-name main --query "branch.commitId" --output text) aws --region "$REGION" --profile "$DEVOPS_AWS_PROFILE" codecommit create-branch --repository-name "$REPOSITORY" --branch-name dev --commit-id "$latest_commit" diff --git a/sdlf-cicd/nested-stacks/template-cicd-modules-pipelines.yaml b/sdlf-cicd/nested-stacks/template-cicd-modules-pipelines.yaml index 4889d84e..33a1f3fe 100644 --- a/sdlf-cicd/nested-stacks/template-cicd-modules-pipelines.yaml +++ b/sdlf-cicd/nested-stacks/template-cicd-modules-pipelines.yaml @@ -29,7 +29,7 @@ Parameters: pGitPlatform: Description: Platform used to host git repositories Type: String - AllowedValues: [CodeCommit, GitLab] + AllowedValues: [CodeCommit, GitLab, GitHub] Mappings: pCodeCommitBranch: @@ -41,8 +41,8 @@ Mappings: branch: main Conditions: - CodeCommitNoGitLab: !Equals [!Ref pGitPlatform, "CodeCommit"] - GitLabNoCodeCommit: !Equals [!Ref pGitPlatform, "GitLab"] + GitPlatformCodeCommit: !Equals [!Ref pGitPlatform, "CodeCommit"] + GitPlatformNoCodeCommit: !Not [!Equals [!Ref pGitPlatform, "CodeCommit"]] Resources: rMainRepositoryCodePipelineRole: @@ -60,10 +60,10 @@ Resources: Policies: - PolicyName: root PolicyDocument: - Version: 2012-10-17 + Version: "2012-10-17" Statement: - !If - - CodeCommitNoGitLab + - GitPlatformCodeCommit - Effect: Allow Action: - codecommit:GetBranch @@ -78,7 +78,7 @@ Resources: - !Sub arn:${AWS::Partition}:codecommit:${AWS::Region}:${AWS::AccountId}:${pCicdRepository} - !Ref "AWS::NoValue" - !If - - GitLabNoCodeCommit + - GitPlatformNoCodeCommit - Effect: Allow Action: - codeconnections:UseConnection @@ -88,11 +88,11 @@ Resources: Condition: "ForAllValues:StringLikeIfExists": "codeconnections:FullRepositoryId": - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pMainRepository}" - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pCicdRepository}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pMainRepository}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pCicdRepository}" "codestar-connections:FullRepositoryId": - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pMainRepository}" - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pCicdRepository}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pMainRepository}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pCicdRepository}" - !Ref "AWS::NoValue" - Effect: Allow Action: @@ -112,7 +112,7 @@ Resources: Resource: !Ref pKMSKey - PolicyName: lambda-stages PolicyDocument: - Version: 2012-10-17 + Version: "2012-10-17" Statement: - Effect: Allow Action: @@ -135,7 +135,7 @@ Resources: Stages: - Name: Sources Actions: !If - - CodeCommitNoGitLab + - GitPlatformCodeCommit - - Name: SourceMain ActionTypeId: Category: Source @@ -172,7 +172,7 @@ Resources: - Name: SourceMainArtifact Configuration: ConnectionArn: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/CodeConnection}}" - FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pMainRepository}" + FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pMainRepository}" BranchName: !FindInMap [pCodeCommitBranch, !Ref pEnvironment, branch] OutputArtifactFormat: CODE_ZIP RunOrder: 1 @@ -186,7 +186,7 @@ Resources: - Name: SourceCicdArtifact Configuration: ConnectionArn: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/CodeConnection}}" - FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pCicdRepository}" + FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pCicdRepository}" BranchName: !FindInMap [pCodeCommitBranch, !Ref pEnvironment, branch] OutputArtifactFormat: CODE_ZIP RunOrder: 1 @@ -261,10 +261,10 @@ Resources: rMainRepositoryCodeCommitTriggerRole: Type: AWS::IAM::Role - Condition: CodeCommitNoGitLab + Condition: GitPlatformCodeCommit Properties: AssumeRolePolicyDocument: - Version: 2012-10-17 + Version: "2012-10-17" Statement: - Effect: Allow Principal: @@ -274,7 +274,7 @@ Resources: Policies: - PolicyName: sdlf-cicd-events-trigger PolicyDocument: - Version: 2012-10-17 + Version: "2012-10-17" Statement: - Effect: Allow Action: codepipeline:StartPipelineExecution @@ -283,7 +283,7 @@ Resources: rMainRepositoryCodePipelineTriggerRule: Type: AWS::Events::Rule - Condition: CodeCommitNoGitLab + Condition: GitPlatformCodeCommit Properties: EventPattern: source: diff --git a/sdlf-cicd/template-cicd-domain.yaml b/sdlf-cicd/template-cicd-domain.yaml index 122fc22a..f54ab842 100644 --- a/sdlf-cicd/template-cicd-domain.yaml +++ b/sdlf-cicd/template-cicd-domain.yaml @@ -70,8 +70,8 @@ Mappings: branch: main Conditions: - CodeCommitNoGitLab: !Equals [!Ref pGitPlatform, "CodeCommit"] - GitLabNoCodeCommit: !Equals [!Ref pGitPlatform, "GitLab"] + GitPlatformCodeCommit: !Equals [!Ref pGitPlatform, "CodeCommit"] + GitPlatformNoCodeCommit: !Not [!Equals [!Ref pGitPlatform, "CodeCommit"]] EnableMonitoring: !Equals [!Ref pEnableMonitoring, true] Resources: @@ -94,7 +94,7 @@ Resources: Version: "2012-10-17" Statement: - !If - - CodeCommitNoGitLab + - GitPlatformCodeCommit - Effect: Allow Action: - codecommit:GetBranch @@ -115,7 +115,7 @@ Resources: - !Ref AWS::NoValue - !Ref "AWS::NoValue" - !If - - GitLabNoCodeCommit + - GitPlatformNoCodeCommit - Effect: Allow Action: - codeconnections:UseConnection @@ -125,22 +125,22 @@ Resources: Condition: "ForAllValues:StringLikeIfExists": "codeconnections:FullRepositoryId": - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pCicdRepository}" - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pFoundationsRepository}" - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pTeamRepository}" - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pMainRepository}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pCicdRepository}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pFoundationsRepository}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pTeamRepository}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pMainRepository}" - !If - EnableMonitoring - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/{{resolve:ssm:/SDLF/${pGitPlatform}/Monitoring${pGitPlatform}}}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/{{resolve:ssm:/SDLF/${pGitPlatform}/Monitoring${pGitPlatform}}}" - !Ref AWS::NoValue "codestar-connections:FullRepositoryId": - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pCicdRepository}" - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pFoundationsRepository}" - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pTeamRepository}" - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pMainRepository}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pCicdRepository}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pFoundationsRepository}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pTeamRepository}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pMainRepository}" - !If - EnableMonitoring - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/{{resolve:ssm:/SDLF/${pGitPlatform}/Monitoring${pGitPlatform}}}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/{{resolve:ssm:/SDLF/${pGitPlatform}/Monitoring${pGitPlatform}}}" - !Ref AWS::NoValue - !Ref "AWS::NoValue" - Effect: Allow @@ -182,7 +182,7 @@ Resources: Stages: - Name: Sources Actions: !If - - CodeCommitNoGitLab + - GitPlatformCodeCommit - - Name: sdlf-main ActionTypeId: Category: Source @@ -264,7 +264,7 @@ Resources: - Name: TemplateSource Configuration: ConnectionArn: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/CodeConnection}}" - FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pMainRepository}" + FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pMainRepository}" BranchName: !FindInMap [pCodeCommitBranch, !Ref pEnvironment, branch] OutputArtifactFormat: CODE_ZIP RunOrder: 1 @@ -278,7 +278,7 @@ Resources: - Name: SourceCicdArtifact Configuration: ConnectionArn: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/CodeConnection}}" - FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pCicdRepository}" + FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pCicdRepository}" BranchName: !FindInMap [pCodeCommitBranch, !Ref pEnvironment, branch] OutputArtifactFormat: CODE_ZIP RunOrder: 1 @@ -292,7 +292,7 @@ Resources: - Name: SourceFoundationsArtifact Configuration: ConnectionArn: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/CodeConnection}}" - FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pFoundationsRepository}" + FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pFoundationsRepository}" BranchName: !FindInMap [pCodeCommitBranch, !Ref pEnvironment, branch] OutputArtifactFormat: CODE_ZIP RunOrder: 1 @@ -306,7 +306,7 @@ Resources: - Name: SourceTeamArtifact Configuration: ConnectionArn: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/CodeConnection}}" - FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pTeamRepository}" + FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pTeamRepository}" BranchName: !FindInMap [pCodeCommitBranch, !Ref pEnvironment, branch] OutputArtifactFormat: CODE_ZIP RunOrder: 1 @@ -322,7 +322,7 @@ Resources: - Name: SourceMonitoringArtifact Configuration: ConnectionArn: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/CodeConnection}}" - FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/{{resolve:ssm:/SDLF/${pGitPlatform}/Monitoring${pGitPlatform}}}" + FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/{{resolve:ssm:/SDLF/${pGitPlatform}/Monitoring${pGitPlatform}}}" BranchName: !FindInMap [pCodeCommitBranch, !Ref pEnvironment, branch] OutputArtifactFormat: CODE_ZIP RunOrder: 1 diff --git a/sdlf-cicd/template-cicd-prerequisites.yaml b/sdlf-cicd/template-cicd-prerequisites.yaml index 361ff252..984a067f 100644 --- a/sdlf-cicd/template-cicd-prerequisites.yaml +++ b/sdlf-cicd/template-cicd-prerequisites.yaml @@ -12,12 +12,8 @@ Parameters: pGitPlatform: Description: Platform used to host git repositories Type: String - AllowedValues: [CodeCommit, GitLab] + AllowedValues: [CodeCommit, GitLab, GitHub] Default: CodeCommit - pEnableGitlab: - Description: Use GitLab instead of CodeCommit for SDLF repositories - Type: String - Default: false pEnableGlueJobDeployer: Description: Enable Glue Job Deployer optional feature Type: String @@ -41,19 +37,37 @@ Conditions: GovCloudPartition: !Equals - !Sub ${AWS::Partition} - aws-us-gov + GitPlatformGitLab: !Equals [!Ref pGitPlatform, "GitLab"] + GitPlatformGitHub: !Equals [!Ref pGitPlatform, "GitHub"] Resources: ######## OPTIONAL SDLF FEATURES ######### - # when enabling Gitlab support, /SDLF/GitLab/Url and /SDLF/GitLab/AccessToken are required too (as secure strings) + # when enabling GitLab support, /SDLF/GitLab/Url, /SDLF/GitLab/Group (containing the group or user name) and /SDLF/GitLab/AccessToken are required too (as secure strings) # then enable GitLab::Projects::Project third-party resource type in CloudFormation Registry rGitlabFeatureSsm: Type: AWS::SSM::Parameter Properties: Name: /SDLF/GitLab/Enabled Type: String - Value: !Ref pEnableGitlab + Value: !If + - GitPlatformGitLab + - true + - false Description: Create repositories on GitLab instead of CodeCommit + # when enabling GitHub support, /SDLF/GitHub/Group (containing the org or user name) and /SDLF/GitHub/AccessToken are required too (as secure strings) + # then enable GitHub::Repositories::Repository third-party resource type in CloudFormation Registry + rGithubFeatureSsm: + Type: AWS::SSM::Parameter + Properties: + Name: /SDLF/GitHub/Enabled + Type: String + Value: !If + - GitPlatformGitHub + - true + - false + Description: Create repositories on GitHub instead of CodeCommit + rGitPlatformSsm: Type: AWS::SSM::Parameter Properties: diff --git a/sdlf-cicd/template-cicd-sdlf-pipelines.yaml b/sdlf-cicd/template-cicd-sdlf-pipelines.yaml index d771b326..041846e4 100644 --- a/sdlf-cicd/template-cicd-sdlf-pipelines.yaml +++ b/sdlf-cicd/template-cicd-sdlf-pipelines.yaml @@ -45,8 +45,8 @@ Parameters: Default: /SDLF/GlueJobDeployer/Enabled Conditions: - CodeCommitNoGitLab: !Equals [!Ref pGitPlatform, "CodeCommit"] - GitLabNoCodeCommit: !Equals [!Ref pGitPlatform, "GitLab"] + GitPlatformCodeCommit: !Equals [!Ref pGitPlatform, "CodeCommit"] + GitPlatformNoCodeCommit: !Not [!Equals [!Ref pGitPlatform, "CodeCommit"]] EnableLambdaLayerBuilder: !Equals [!Ref pEnableLambdaLayerBuilder, true] EnableGlueJobDeployer: !Equals [!Ref pEnableGlueJobDeployer, true] RunInVpc: !Equals [!Ref pEnableVpc, true] @@ -411,7 +411,7 @@ Resources: - codecommit:ListRepositories # W11 exception Resource: "*" - !If - - CodeCommitNoGitLab + - GitPlatformCodeCommit - Effect: Allow Action: - codecommit:GetRepository @@ -426,7 +426,7 @@ Resources: - !Sub arn:${AWS::Partition}:codecommit:${AWS::Region}:${AWS::AccountId}:${pMainRepositoriesPrefix}* - !Ref "AWS::NoValue" - !If - - GitLabNoCodeCommit + - GitPlatformNoCodeCommit - Effect: Allow Action: - codeconnections:PassConnection @@ -520,6 +520,7 @@ Resources: - !Sub arn:${AWS::Partition}:ssm:${AWS::Region}:${AWS::AccountId}:parameter/SDLF/Monitoring/Enabled - !Sub arn:${AWS::Partition}:ssm:${AWS::Region}:${AWS::AccountId}:parameter/SDLF/CodeCommit/* - !Sub arn:${AWS::Partition}:ssm:${AWS::Region}:${AWS::AccountId}:parameter/SDLF/GitLab/* + - !Sub arn:${AWS::Partition}:ssm:${AWS::Region}:${AWS::AccountId}:parameter/SDLF/GitHub/* - Effect: Allow Action: - codepipeline:GetPipelineState diff --git a/sdlf-cicd/template-cicd-sdlf-repositories.yaml b/sdlf-cicd/template-cicd-sdlf-repositories.codecommit.yaml similarity index 100% rename from sdlf-cicd/template-cicd-sdlf-repositories.yaml rename to sdlf-cicd/template-cicd-sdlf-repositories.codecommit.yaml diff --git a/sdlf-cicd/template-cicd-sdlf-repositories.github.yaml b/sdlf-cicd/template-cicd-sdlf-repositories.github.yaml new file mode 100644 index 00000000..2b379760 --- /dev/null +++ b/sdlf-cicd/template-cicd-sdlf-repositories.github.yaml @@ -0,0 +1,339 @@ +AWSTemplateFormatVersion: "2010-09-09" +Description: Multi-environment CICD team repos resources in shared DevOps account + +Parameters: + pKMSKey: + Description: The KMS key used by CodeBuild and CodePipeline + Type: AWS::SSM::Parameter::Value + Default: /SDLF/KMS/CICDKeyId + pGitPlatform: + Description: Platform used to host git repositories + Type: AWS::SSM::Parameter::Value + Default: /SDLF/Misc/GitPlatform + pCicdRepository: + Type: String + Default: sdlf-cicd + pFoundationsRepository: + Type: String + Default: sdlf-foundations + pTeamRepository: + Type: String + Default: sdlf-team + pPipelineRepository: + Type: String + Default: sdlf-pipeline + pDatasetRepository: + Type: String + Default: sdlf-dataset + pStageARepository: + Type: String + Default: sdlf-stageA + pStageLambdaRepository: + Type: String + Default: sdlf-stage-lambda + pStageBRepository: + Type: String + Default: sdlf-stageB + pStageGlueRepository: + Type: String + Default: sdlf-stage-glue + pDatalakeLibraryRepository: + Type: String + Default: sdlf-datalakeLibrary + pUtilsRepository: + Type: String + Default: sdlf-utils + pMainRepository: + Type: String + Default: sdlf-main + pMonitoringRepository: + Type: String + Default: sdlf-monitoring + pEnableMonitoring: + Description: Build sdlf-monitoring cloudformation module as part of domain pipelines + Type: AWS::SSM::Parameter::Value + Default: /SDLF/Monitoring/Enabled + +Conditions: + EnableMonitoring: !Equals [!Ref pEnableMonitoring, true] + +Resources: + rCicdGitHub: + Type: GitHub::Repositories::Repository + Metadata: + cfn-lint: + config: + ignore_checks: + - E3001 + Properties: + Org: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}" + Name: !Ref pCicdRepository + Private: true + Visibility: private + Archived: false + + rFoundationsGitHub: + Type: GitHub::Repositories::Repository + Metadata: + cfn-lint: + config: + ignore_checks: + - E3001 + Properties: + Org: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}" + Name: !Ref pFoundationsRepository + Private: true + Visibility: private + Archived: false + + rTeamGitHub: + Type: GitHub::Repositories::Repository + Metadata: + cfn-lint: + config: + ignore_checks: + - E3001 + Properties: + Org: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}" + Name: !Ref pTeamRepository + Private: true + Visibility: private + Archived: false + + rPipelineGitHub: + Type: GitHub::Repositories::Repository + Metadata: + cfn-lint: + config: + ignore_checks: + - E3001 + Properties: + Org: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}" + Name: !Ref pPipelineRepository + Private: true + Visibility: private + Archived: false + + rDatasetGitHub: + Type: GitHub::Repositories::Repository + Metadata: + cfn-lint: + config: + ignore_checks: + - E3001 + Properties: + Org: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}" + Name: !Ref pDatasetRepository + Private: true + Visibility: private + Archived: false + + rStageAGitHub: + Type: GitHub::Repositories::Repository + Metadata: + cfn-lint: + config: + ignore_checks: + - E3001 + Properties: + Org: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}" + Name: !Ref pStageARepository + Private: true + Visibility: private + Archived: false + + rStageLambdaGitHub: + Type: GitHub::Repositories::Repository + Metadata: + cfn-lint: + config: + ignore_checks: + - E3001 + Properties: + Org: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}" + Name: !Ref pStageLambdaRepository + Private: true + Visibility: private + Archived: false + + rStageBGitHub: + Type: GitHub::Repositories::Repository + Metadata: + cfn-lint: + config: + ignore_checks: + - E3001 + Properties: + Org: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}" + Name: !Ref pStageBRepository + Private: true + Visibility: private + Archived: false + + rStageGlueGitHub: + Type: GitHub::Repositories::Repository + Metadata: + cfn-lint: + config: + ignore_checks: + - E3001 + Properties: + Org: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}" + Name: !Ref pStageGlueRepository + Private: true + Visibility: private + Archived: false + + rDatalakeLibraryGitHub: + Type: GitHub::Repositories::Repository + Metadata: + cfn-lint: + config: + ignore_checks: + - E3001 + Properties: + Org: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}" + Name: !Ref pDatalakeLibraryRepository + Private: true + Visibility: private + Archived: false + + rMainGitHub: + Type: GitHub::Repositories::Repository + Metadata: + cfn-lint: + config: + ignore_checks: + - E3001 + Properties: + Org: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}" + Name: !Ref pMainRepository + Private: true + Visibility: private + Archived: false + + rMonitoringGitHub: + Type: GitHub::Repositories::Repository + Metadata: + cfn-lint: + config: + ignore_checks: + - E3001 + Condition: EnableMonitoring + Properties: + Org: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}" + Name: !Ref pMonitoringRepository + Private: true + Visibility: private + Archived: false + + rCicdGitHubSsm: + Type: AWS::SSM::Parameter + Properties: + Name: /SDLF/GitHub/CicdGitHub + Type: String + Value: !Ref pCicdRepository # !GetAtt rCicdGitHub.Name + Description: Name of the Cicd repository + + rFoundationsGitHubSsm: + Type: AWS::SSM::Parameter + Properties: + Name: /SDLF/GitHub/FoundationsGitHub + Type: String + Value: !Ref pFoundationsRepository # !GetAtt rFoundationsGitHub.Name + Description: Name of the Foundations repository + + rTeamGitHubSsm: + Type: AWS::SSM::Parameter + Properties: + Name: /SDLF/GitHub/TeamGitHub + Type: String + Value: !Ref pTeamRepository # !GetAtt rTeamGitHub.Name + Description: Name of the Team repository + + rPipelineGitHubSsm: + Type: AWS::SSM::Parameter + Properties: + Name: /SDLF/GitHub/PipelineGitHub + Type: String + Value: !Ref pPipelineRepository # !GetAtt rPipelineGitHub.Name + Description: Name of the Pipeline repository + + rDatasetGitHubSsm: + Type: AWS::SSM::Parameter + Properties: + Name: /SDLF/GitHub/DatasetGitHub + Type: String + Value: !Ref pDatasetRepository # !GetAtt rDatasetGitHub.Name + Description: Name of the Dataset repository + + rStageAGitHubSsm: + Type: AWS::SSM::Parameter + Properties: + Name: /SDLF/GitHub/StageAGitHub + Type: String + Value: !Ref pStageARepository # !GetAtt rStageAGitHub.Name + Description: Name of the StageA repository + + rStageLambdaGitHubSsm: + Type: AWS::SSM::Parameter + Properties: + Name: /SDLF/GitHub/StageLambdaGitHub + Type: String + Value: !Ref pStageLambdaRepository # !GetAtt rStageLambdaGitHub.Name + Description: Name of the Stage-Lambda repository + + rStageBGitHubSsm: + Type: AWS::SSM::Parameter + Properties: + Name: /SDLF/GitHub/StageBGitHub + Type: String + Value: !Ref pStageBRepository # !GetAtt rStageBGitHub.Name + Description: Name of the StageB repository + + rStageGlueGitHubSsm: + Type: AWS::SSM::Parameter + Properties: + Name: /SDLF/GitHub/StageGlueGitHub + Type: String + Value: !Ref pStageGlueRepository # !GetAtt rStageGlueGitHub.Name + Description: Name of the Stage-Glue repository + + rDatalakeLibraryGitHubSsm: + Type: AWS::SSM::Parameter + Properties: + Name: /SDLF/GitHub/DatalakeLibraryGitHub + Type: String + Value: !Ref pDatalakeLibraryRepository # !GetAtt rDatalakeLibraryGitHub.Name + Description: Name of the DatalakeLibrary repository + + rUtilsGitHubSsm: + Type: AWS::SSM::Parameter + Properties: + Name: /SDLF/GitHub/UtilsGitHub + Type: String + Value: !Ref pUtilsRepository + Description: Name of the Utils repository + + rMainGitHubSsm: + Type: AWS::SSM::Parameter + Properties: + Name: /SDLF/GitHub/MainGitHub + Type: String + Value: !Ref pMainRepository # !GetAtt rMainGitHub.Name + Description: Name of the main repository + + rMonitoringGitHubSsm: + Type: AWS::SSM::Parameter + Condition: EnableMonitoring + Properties: + Name: /SDLF/GitHub/MonitoringGitHub + Type: String + Value: !Ref pMonitoringRepository # !GetAtt rMonitoringGitHub.Name + Description: Name of the monitoring repository + +Outputs: + # workaround {{resolve:ssm:}} not returning an array that can be used directly in VpcConfig blocks + oKmsKey: + Description: CICD KMS Key + Value: !Ref pKMSKey \ No newline at end of file diff --git a/sdlf-cicd/template-cicd-sdlf-repositories.gitlab.yaml b/sdlf-cicd/template-cicd-sdlf-repositories.gitlab.yaml index d911adc4..ff68edfd 100644 --- a/sdlf-cicd/template-cicd-sdlf-repositories.gitlab.yaml +++ b/sdlf-cicd/template-cicd-sdlf-repositories.gitlab.yaml @@ -6,9 +6,6 @@ Parameters: Description: The KMS key used by CodeBuild and CodePipeline Type: AWS::SSM::Parameter::Value Default: /SDLF/KMS/CICDKeyId - pSdlfGitLabGroup: - Type: String - Default: sdlf pCicdRepository: Type: String Default: sdlf-cicd @@ -62,7 +59,7 @@ Resources: # Type: GitLab::Groups::Group # Properties: # Name: SDLF - # Path: !Ref pSdlfGitLabGroup + # Path: "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}" rCicdGitLab: Type: GitLab::Projects::Project @@ -73,7 +70,7 @@ Resources: - E3001 Properties: Name: !Ref pCicdRepository -# Path: !Ref pSdlfGitLabGroup +# Path: "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}" rFoundationsGitLab: Type: GitLab::Projects::Project @@ -84,7 +81,7 @@ Resources: - E3001 Properties: Name: !Ref pFoundationsRepository -# Path: !Ref pSdlfGitLabGroup +# Path: "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}" rTeamGitLab: Type: GitLab::Projects::Project @@ -95,7 +92,7 @@ Resources: - E3001 Properties: Name: !Ref pTeamRepository -# Path: !Ref pSdlfGitLabGroup +# Path: "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}" rPipelineGitLab: Type: GitLab::Projects::Project @@ -106,7 +103,7 @@ Resources: - E3001 Properties: Name: !Ref pPipelineRepository -# Path: !Ref pSdlfGitLabGroup +# Path: "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}" rDatasetGitLab: Type: GitLab::Projects::Project @@ -117,7 +114,7 @@ Resources: - E3001 Properties: Name: !Ref pDatasetRepository -# Path: !Ref pSdlfGitLabGroup +# Path: "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}" rStageAGitLab: Type: GitLab::Projects::Project @@ -128,7 +125,7 @@ Resources: - E3001 Properties: Name: !Ref pStageARepository -# Path: !Ref pSdlfGitLabGroup +# Path: "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}" rStageLambdaGitLab: Type: GitLab::Projects::Project @@ -139,7 +136,7 @@ Resources: - E3001 Properties: Name: !Ref pStageLambdaRepository -# Path: !Ref pSdlfGitLabGroup +# Path: "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}" rStageBGitLab: Type: GitLab::Projects::Project @@ -150,7 +147,7 @@ Resources: - E3001 Properties: Name: !Ref pStageBRepository -# Path: !Ref pSdlfGitLabGroup +# Path: "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}" rStageGlueGitLab: Type: GitLab::Projects::Project @@ -161,7 +158,7 @@ Resources: - E3001 Properties: Name: !Ref pStageGlueRepository -# Path: !Ref pSdlfGitLabGroup +# Path: "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}" rDatalakeLibraryGitLab: Type: GitLab::Projects::Project @@ -172,7 +169,7 @@ Resources: - E3001 Properties: Name: !Ref pDatalakeLibraryRepository -# Path: !Ref pSdlfGitLabGroup +# Path: "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}" rMainGitLab: Type: GitLab::Projects::Project @@ -183,7 +180,7 @@ Resources: - E3001 Properties: Name: !Ref pMainRepository -# Path: !Ref pSdlfGitLabGroup +# Path: "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}" rMonitoringGitLab: Type: GitLab::Projects::Project @@ -195,15 +192,7 @@ Resources: Condition: EnableMonitoring Properties: Name: !Ref pMonitoringRepository -# Path: !Ref pSdlfGitLabGroup - - rSdlfGitLabGroupSsm: - Type: AWS::SSM::Parameter - Properties: - Name: /SDLF/GitLab/SdlfGitLabGroup - Type: String - Value: !Ref pSdlfGitLabGroup # !GetAtt rSdlfGitLabGroup.Name - Description: Name of the GitLab group for SDLF default repositories +# Path: "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}" rCicdGitLabSsm: Type: AWS::SSM::Parameter diff --git a/sdlf-cicd/template-cicd-team-pipeline.yaml b/sdlf-cicd/template-cicd-team-pipeline.yaml index 2eac65b2..245f0ca7 100644 --- a/sdlf-cicd/template-cicd-team-pipeline.yaml +++ b/sdlf-cicd/template-cicd-team-pipeline.yaml @@ -102,8 +102,8 @@ Mappings: branch: main Conditions: - CodeCommitNoGitLab: !Equals [!Ref pGitPlatform, "CodeCommit"] - GitLabNoCodeCommit: !Equals [!Ref pGitPlatform, "GitLab"] + GitPlatformCodeCommit: !Equals [!Ref pGitPlatform, "CodeCommit"] + GitPlatformNoCodeCommit: !Not [!Equals [!Ref pGitPlatform, "CodeCommit"]] EnableLambdaLayerBuilder: !Equals [!Ref pEnableLambdaLayerBuilder, true] EnableGlueJobDeployer: !Equals [!Ref pEnableGlueJobDeployer, true] EnableOptionalFeatures: !Or [!Condition EnableLambdaLayerBuilder, !Condition EnableGlueJobDeployer] @@ -129,7 +129,7 @@ Resources: Version: "2012-10-17" Statement: - !If - - CodeCommitNoGitLab + - GitPlatformCodeCommit - Effect: Allow Action: - codecommit:GetBranch @@ -151,7 +151,7 @@ Resources: - !Sub arn:${AWS::Partition}:codecommit:${AWS::Region}:${AWS::AccountId}:${pDatasetRepository} - !Ref "AWS::NoValue" - !If - - GitLabNoCodeCommit + - GitPlatformNoCodeCommit - Effect: Allow Action: - codeconnections:UseConnection @@ -161,25 +161,25 @@ Resources: Condition: "ForAllValues:StringLikeIfExists": "codeconnections:FullRepositoryId": - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/{{resolve:ssm:/SDLF/${pGitPlatform}/${pTeamName}/Main${pGitPlatform}}}" - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pCicdRepository}" - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pDatalakeLibraryRepository}" - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pPipelineRepository}" - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pStageARepository}" - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pStageLambdaRepository}" - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pStageBRepository}" - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pStageGlueRepository}" - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pDatasetRepository}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/{{resolve:ssm:/SDLF/${pGitPlatform}/${pTeamName}/Main${pGitPlatform}}}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pCicdRepository}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pDatalakeLibraryRepository}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pPipelineRepository}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pStageARepository}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pStageLambdaRepository}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pStageBRepository}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pStageGlueRepository}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pDatasetRepository}" "codestar-connections:FullRepositoryId": - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/{{resolve:ssm:/SDLF/${pGitPlatform}/${pTeamName}/Main${pGitPlatform}}}" - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pCicdRepository}" - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pDatalakeLibraryRepository}" - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pPipelineRepository}" - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pStageARepository}" - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pStageLambdaRepository}" - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pStageBRepository}" - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pStageGlueRepository}" - - !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pDatasetRepository}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/{{resolve:ssm:/SDLF/${pGitPlatform}/${pTeamName}/Main${pGitPlatform}}}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pCicdRepository}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pDatalakeLibraryRepository}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pPipelineRepository}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pStageARepository}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pStageLambdaRepository}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pStageBRepository}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pStageGlueRepository}" + - !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pDatasetRepository}" - !Ref "AWS::NoValue" - Effect: Allow Action: @@ -230,7 +230,7 @@ Resources: Stages: - Name: Sources Actions: !If - - CodeCommitNoGitLab + - GitPlatformCodeCommit - - Name: Source ActionTypeId: Category: Source @@ -358,7 +358,7 @@ Resources: - Name: TemplateSource Configuration: ConnectionArn: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/CodeConnection}}" - FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/{{resolve:ssm:/SDLF/${pGitPlatform}/${pTeamName}/Main${pGitPlatform}}}" + FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/{{resolve:ssm:/SDLF/${pGitPlatform}/${pTeamName}/Main${pGitPlatform}}}" BranchName: !FindInMap [pCodeCommitBranch, !Ref pEnvironment, branch] OutputArtifactFormat: CODE_ZIP RunOrder: 1 @@ -372,7 +372,7 @@ Resources: - Name: SourceCicdArtifact Configuration: ConnectionArn: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/CodeConnection}}" - FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pCicdRepository}" + FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pCicdRepository}" BranchName: !FindInMap [pCodeCommitBranch, !Ref pEnvironment, branch] OutputArtifactFormat: CODE_ZIP RunOrder: 1 @@ -386,7 +386,7 @@ Resources: - Name: SourceDatalakeLibraryArtifact Configuration: ConnectionArn: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/CodeConnection}}" - FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pDatalakeLibraryRepository}" + FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pDatalakeLibraryRepository}" BranchName: !FindInMap [pCodeCommitBranch, !Ref pEnvironment, branch] OutputArtifactFormat: CODE_ZIP RunOrder: 1 @@ -400,7 +400,7 @@ Resources: - Name: SourcePipelineArtifact Configuration: ConnectionArn: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/CodeConnection}}" - FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pPipelineRepository}" + FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pPipelineRepository}" BranchName: !FindInMap [pCodeCommitBranch, !Ref pEnvironment, branch] OutputArtifactFormat: CODE_ZIP RunOrder: 1 @@ -414,7 +414,7 @@ Resources: - Name: SourceStageAArtifact Configuration: ConnectionArn: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/CodeConnection}}" - FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pStageARepository}" + FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pStageARepository}" BranchName: !FindInMap [pCodeCommitBranch, !Ref pEnvironment, branch] OutputArtifactFormat: CODE_ZIP RunOrder: 1 @@ -428,7 +428,7 @@ Resources: - Name: SourceStageLambdaArtifact Configuration: ConnectionArn: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/CodeConnection}}" - FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pStageLambdaRepository}" + FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pStageLambdaRepository}" BranchName: !FindInMap [pCodeCommitBranch, !Ref pEnvironment, branch] OutputArtifactFormat: CODE_ZIP RunOrder: 1 @@ -442,7 +442,7 @@ Resources: - Name: SourceStageBArtifact Configuration: ConnectionArn: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/CodeConnection}}" - FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pStageBRepository}" + FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pStageBRepository}" BranchName: !FindInMap [pCodeCommitBranch, !Ref pEnvironment, branch] OutputArtifactFormat: CODE_ZIP RunOrder: 1 @@ -456,7 +456,7 @@ Resources: - Name: SourceStageGlueArtifact Configuration: ConnectionArn: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/CodeConnection}}" - FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pStageGlueRepository}" + FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pStageGlueRepository}" BranchName: !FindInMap [pCodeCommitBranch, !Ref pEnvironment, branch] OutputArtifactFormat: CODE_ZIP RunOrder: 1 @@ -470,7 +470,7 @@ Resources: - Name: SourceDatasetArtifact Configuration: ConnectionArn: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/CodeConnection}}" - FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/GitLab/SdlfGitLabGroup}}/${pDatasetRepository}" + FullRepositoryId: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}/${pDatasetRepository}" BranchName: !FindInMap [pCodeCommitBranch, !Ref pEnvironment, branch] OutputArtifactFormat: CODE_ZIP RunOrder: 1 @@ -837,7 +837,7 @@ Resources: rTeamMainCodeCommitTriggerRole: Type: AWS::IAM::Role - Condition: CodeCommitNoGitLab + Condition: GitPlatformCodeCommit Properties: AssumeRolePolicyDocument: Version: "2012-10-17" @@ -859,7 +859,7 @@ Resources: rTeamMainCodeCommitTriggerRule: Type: AWS::Events::Rule - Condition: CodeCommitNoGitLab + Condition: GitPlatformCodeCommit Properties: State: ENABLED EventPattern: diff --git a/sdlf-cicd/template-cicd-team-repository.yaml b/sdlf-cicd/template-cicd-team-repository.yaml index cbac9d6b..9780bd7b 100644 --- a/sdlf-cicd/template-cicd-team-repository.yaml +++ b/sdlf-cicd/template-cicd-team-repository.yaml @@ -22,13 +22,14 @@ Parameters: Default: sdlf-main- Conditions: - CodeCommitNoGitLab: !Equals [!Ref pGitPlatform, "CodeCommit"] - GitLabNoCodeCommit: !Equals [!Ref pGitPlatform, "GitLab"] + GitPlatformCodeCommit: !Equals [!Ref pGitPlatform, "CodeCommit"] + GitPlatformGitLab: !Equals [!Ref pGitPlatform, "GitLab"] + GitPlatformGitHub: !Equals [!Ref pGitPlatform, "GitHub"] Resources: rTeamMainCodeCommit: Type: AWS::CodeCommit::Repository - Condition: CodeCommitNoGitLab + Condition: GitPlatformCodeCommit Metadata: cfn-lint: config: @@ -49,10 +50,25 @@ Resources: config: ignore_checks: - E3001 - Condition: GitLabNoCodeCommit + Condition: GitPlatformGitLab Properties: Name: !Sub ${pMainRepositoriesPrefix}${pDomain}-${pTeamName} -# Path: !Ref pSdlfGitLabGroup +# Path: "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}" + + rTeamMainGitHub: + Type: GitHub::Repositories::Repository + Metadata: + cfn-lint: + config: + ignore_checks: + - E3001 + Condition: GitPlatformGitHub + Properties: + Org: !Sub "{{resolve:ssm:/SDLF/${pGitPlatform}/Group}}" + Name: !Sub ${pMainRepositoriesPrefix}${pDomain}-${pTeamName} + Private: true + Visibility: private + Archived: false rTeamMainCodeCommitSsm: Type: AWS::SSM::Parameter @@ -60,7 +76,7 @@ Resources: Name: !Sub /SDLF/${pGitPlatform}/${pTeamName}/Main${pGitPlatform} Type: String Value: !If - - CodeCommitNoGitLab + - GitPlatformCodeCommit - !GetAtt rTeamMainCodeCommit.Name - !Sub ${pMainRepositoriesPrefix}${pDomain}-${pTeamName} # !GetAtt rTeamMainGitLab.Name Description: !Sub Name of the ${pDomain} ${pTeamName} main repository