CDKV2 中的 ShellScriptAction 等价物
ShellScriptAction equivalent in CDKV2
我在 CDKv1 中有一个项目,我正在升级到 CDKv2。我的 AWS CodePipeline 中有一个使用 CDKv1 的 Gitleaks 阶段。现在我想将此功能移至 CDKv2,但 ShellScriptAction 已弃用。我尝试使用 ShellStep 但 ShellStep 没有项目 属性 - LINK.
export class GitleaksReviewAction extends Construct {
public readonly action: ShellScriptAction;
public readonly gitleaksImage: DockerImageAsset;
constructor(scope: Construct, id: string, props: GitleaksReviewActionProps) {
super(scope, id);
this.gitleaksImage = new DockerImageAsset(this, "gitleaksDockerAsset", {
directory: path.join(__dirname, "../assets/gitleaks"),
});
this.action = new ShellScriptAction({
actionName: "Gitleaks",
additionalArtifacts: [props.sourceArtifact],
commands: [
"find . -type d -exec chmod 777 {} \;",
"find . -type f -exec chmod 666 {} \;",
`aws ecr get-login-password --region $AWS_REGION | docker login -u AWS --password-stdin ${this.gitleaksImage.imageUri}`,
`docker run -v $(pwd):/repo ${this.gitleaksImage.imageUri} --path=/repo --repo-config-path=config/gitleaks/gitleaks.toml --verbose`,
],
environment: {
buildImage: codebuild.LinuxBuildImage.STANDARD_5_0,
privileged: true,
},
});
}
}
用于调用 class 这个 -
gitleaksReviewAction.gitleaksImage.repository.grantPull(
gitleaksReviewAction.action.project
);
在 CDKv2 中是否有 returns 项目 属性 的等效项?
管道代码-
export class Pipeline extends cdk.Stack {
constructor(scope: Construct, id: string, props?: cdk.StackProps) {
super(scope, id, props);
...
const pipeline = new CodePipeline(this, "Pipeline", {
pipelineName: "pipeline",
synth: new CodeBuildStep("SynthStep", {
input: CodePipelineSource.codeCommit(repo, "mainline"),
buildEnvironment: {
computeType: CodeBuild.ComputeType.MEDIUM,
buildImage: CodeBuild.LinuxBuildImage.STANDARD_5_0,
},
partialBuildSpec: buildSpec,
commands: [],
role: codeBuildSynthRole,
primaryOutputDirectory: "cdk/cdk.out",
}),
crossAccountKeys: true,
selfMutation: true,
dockerEnabledForSelfMutation: true,
});
const review = new ReviewPipelineStage(this, "Review", {
sourceFileSet: pipeline.cloudAssemblyFileSet,
});
const reviewStage = pipeline.addStage(review);
const gitleaksReviewAction = new GitleaksReviewAction(
this,
"GitleaksReviewAction",
{
sourceFileSet: pipeline.cloudAssemblyFileSet,
}
);
reviewStage.addPost(gitleaksReviewAction.action);
gitleaksReviewAction.gitleaksImage.repository.grantPull(
gitleaksReviewAction.action.project
);
}
}
我假设您正在为 CDK 管道切换到新的 API,这需要的不仅仅是对步骤使用不同的 类。
如果这是真的,新 API 中的等价物是使用 CodeBuildStep:
gitleaksReviewAction.gitleaksImage.repository.grantPull(
gitleaksReviewAction.action.grantPrincipal
);
这是假设 gitleaksReviewAction.action 的类型是 CodeBuildStep。
参考:https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.pipelines.CodeBuildStep.html#grantprincipal
我在 CDKv1 中有一个项目,我正在升级到 CDKv2。我的 AWS CodePipeline 中有一个使用 CDKv1 的 Gitleaks 阶段。现在我想将此功能移至 CDKv2,但 ShellScriptAction 已弃用。我尝试使用 ShellStep 但 ShellStep 没有项目 属性 - LINK.
export class GitleaksReviewAction extends Construct {
public readonly action: ShellScriptAction;
public readonly gitleaksImage: DockerImageAsset;
constructor(scope: Construct, id: string, props: GitleaksReviewActionProps) {
super(scope, id);
this.gitleaksImage = new DockerImageAsset(this, "gitleaksDockerAsset", {
directory: path.join(__dirname, "../assets/gitleaks"),
});
this.action = new ShellScriptAction({
actionName: "Gitleaks",
additionalArtifacts: [props.sourceArtifact],
commands: [
"find . -type d -exec chmod 777 {} \;",
"find . -type f -exec chmod 666 {} \;",
`aws ecr get-login-password --region $AWS_REGION | docker login -u AWS --password-stdin ${this.gitleaksImage.imageUri}`,
`docker run -v $(pwd):/repo ${this.gitleaksImage.imageUri} --path=/repo --repo-config-path=config/gitleaks/gitleaks.toml --verbose`,
],
environment: {
buildImage: codebuild.LinuxBuildImage.STANDARD_5_0,
privileged: true,
},
});
}
}
用于调用 class 这个 -
gitleaksReviewAction.gitleaksImage.repository.grantPull(
gitleaksReviewAction.action.project
);
在 CDKv2 中是否有 returns 项目 属性 的等效项?
管道代码-
export class Pipeline extends cdk.Stack {
constructor(scope: Construct, id: string, props?: cdk.StackProps) {
super(scope, id, props);
...
const pipeline = new CodePipeline(this, "Pipeline", {
pipelineName: "pipeline",
synth: new CodeBuildStep("SynthStep", {
input: CodePipelineSource.codeCommit(repo, "mainline"),
buildEnvironment: {
computeType: CodeBuild.ComputeType.MEDIUM,
buildImage: CodeBuild.LinuxBuildImage.STANDARD_5_0,
},
partialBuildSpec: buildSpec,
commands: [],
role: codeBuildSynthRole,
primaryOutputDirectory: "cdk/cdk.out",
}),
crossAccountKeys: true,
selfMutation: true,
dockerEnabledForSelfMutation: true,
});
const review = new ReviewPipelineStage(this, "Review", {
sourceFileSet: pipeline.cloudAssemblyFileSet,
});
const reviewStage = pipeline.addStage(review);
const gitleaksReviewAction = new GitleaksReviewAction(
this,
"GitleaksReviewAction",
{
sourceFileSet: pipeline.cloudAssemblyFileSet,
}
);
reviewStage.addPost(gitleaksReviewAction.action);
gitleaksReviewAction.gitleaksImage.repository.grantPull(
gitleaksReviewAction.action.project
);
}
}
我假设您正在为 CDK 管道切换到新的 API,这需要的不仅仅是对步骤使用不同的 类。
如果这是真的,新 API 中的等价物是使用 CodeBuildStep:
gitleaksReviewAction.gitleaksImage.repository.grantPull(
gitleaksReviewAction.action.grantPrincipal
);
这是假设 gitleaksReviewAction.action 的类型是 CodeBuildStep。
参考:https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.pipelines.CodeBuildStep.html#grantprincipal