From 7082a468e6a060de0cb44420ebe9eb305b3031c5 Mon Sep 17 00:00:00 2001 From: sizuhiko Date: Thu, 10 Apr 2025 16:40:03 +0900 Subject: [PATCH 1/2] bump aws-cdk-lib to v2.187.0 and fix multiple synth() error on test code --- .projen/deps.json | 2 +- .projenrc.ts | 2 +- package.json | 4 +- test/docker-image-deploy.test.ts | 105 ++++++++++++++---------------- yarn.lock | 108 +++++++++++++++++++++++-------- 5 files changed, 132 insertions(+), 89 deletions(-) diff --git a/.projen/deps.json b/.projen/deps.json index e8f94ce5..3debc1d0 100644 --- a/.projen/deps.json +++ b/.projen/deps.json @@ -103,7 +103,7 @@ }, { "name": "aws-cdk-lib", - "version": "^2.24.0", + "version": "^2.187.0", "type": "peer" }, { diff --git a/.projenrc.ts b/.projenrc.ts index 763c8133..8ccc595c 100644 --- a/.projenrc.ts +++ b/.projenrc.ts @@ -2,7 +2,7 @@ import { awscdk } from 'projen'; const project = new awscdk.AwsCdkConstructLibrary({ author: 'Parker Scanlon', authorAddress: 'https://aws.amazon.com/', - cdkVersion: '2.24.0', // needed for node16 + cdkVersion: '2.187.0', // needed for node16 defaultReleaseBranch: 'main', name: 'cdk-docker-image-deployment', projenrcTs: true, diff --git a/package.json b/package.json index 6a6983ae..3a921302 100644 --- a/package.json +++ b/package.json @@ -43,7 +43,7 @@ "@types/node": "^16 <= 16.18.78", "@typescript-eslint/eslint-plugin": "^8", "@typescript-eslint/parser": "^8", - "aws-cdk-lib": "2.24.0", + "aws-cdk-lib": "2.187.0", "commit-and-tag-version": "^12", "constructs": "10.0.5", "esbuild": "^0.25.2", @@ -63,7 +63,7 @@ "typescript": "^4.9.5" }, "peerDependencies": { - "aws-cdk-lib": "^2.24.0", + "aws-cdk-lib": "^2.187.0", "constructs": "^10.0.5" }, "dependencies": { diff --git a/test/docker-image-deploy.test.ts b/test/docker-image-deploy.test.ts index 07cce7b5..be7c5f44 100644 --- a/test/docker-image-deploy.test.ts +++ b/test/docker-image-deploy.test.ts @@ -6,10 +6,9 @@ import * as cdk from 'aws-cdk-lib/core'; import * as imagedeploy from '../lib/index'; describe('DockerImageDeploy', () => { - // GIVEN - const stack = new cdk.Stack(); describe('Source: directory', () => { // GIVEN + const stack = new cdk.Stack(); const testSource = imagedeploy.Source.directory(path.join(__dirname, 'assets/test1')); describe('Destination: ecr', () => { @@ -80,21 +79,10 @@ describe('DockerImageDeploy', () => { 'ecr:BatchCheckLayerAvailability', 'ecr:GetDownloadUrlForLayer', 'ecr:BatchGetImage', - ], - Effect: 'Allow', - Resource: { - 'Fn::GetAtt': [ - 'TestRepositoryC0DA8195', - 'Arn', - ], - }, - }, - { - Action: [ - 'ecr:PutImage', - 'ecr:InitiateLayerUpload', - 'ecr:UploadLayerPart', 'ecr:CompleteLayerUpload', + 'ecr:UploadLayerPart', + 'ecr:InitiateLayerUpload', + 'ecr:PutImage', ], Effect: 'Allow', Resource: { @@ -335,10 +323,54 @@ describe('DockerImageDeploy', () => { }, }); }); + + describe('Custom Resrouces', () => { + test('onEventHandler has correct permissions', () => { + Template.fromStack(stack).hasResourceProperties('AWS::IAM::Policy', { + PolicyDocument: { + Statement: Match.arrayWith([ + { + Action: 'codebuild:StartBuild', + Effect: 'Allow', + Resource: { + 'Fn::GetAtt': [ + 'TestDeploymentDockerImageDeployProject0884B3B5', + 'Arn', + ], + }, + }, + ]), + }, + }); + }); + + test('isCompleteHandler has correct permissions', () => { + Template.fromStack(stack).hasResourceProperties('AWS::IAM::Policy', { + PolicyDocument: { + Statement: Match.arrayWith([ + { + Action: [ + 'codebuild:ListBuildsForProject', + 'codebuild:BatchGetBuilds', + ], + Effect: 'Allow', + Resource: { + 'Fn::GetAtt': [ + 'TestDeploymentDockerImageDeployProject0884B3B5', + 'Arn', + ], + }, + }, + ]), + }, + }); + }); + }); }); describe('Tag validation', () => { // GIVEN + const stack = new cdk.Stack(); const repo = new ecr.Repository(stack, 'TestTagsRepository'); const testSource = imagedeploy.Source.directory(path.join(__dirname, 'assets/test1')); @@ -409,46 +441,5 @@ describe('DockerImageDeploy', () => { }); }); - describe('Custom Resrouces', () => { - test('onEventHandler has correct permissions', () => { - Template.fromStack(stack).hasResourceProperties('AWS::IAM::Policy', { - PolicyDocument: { - Statement: Match.arrayWith([ - { - Action: 'codebuild:StartBuild', - Effect: 'Allow', - Resource: { - 'Fn::GetAtt': [ - 'TestDeploymentDockerImageDeployProject0884B3B5', - 'Arn', - ], - }, - }, - ]), - }, - }); - }); - test('isCompleteHandler has correct permissions', () => { - Template.fromStack(stack).hasResourceProperties('AWS::IAM::Policy', { - PolicyDocument: { - Statement: Match.arrayWith([ - { - Action: [ - 'codebuild:ListBuildsForProject', - 'codebuild:BatchGetBuilds', - ], - Effect: 'Allow', - Resource: { - 'Fn::GetAtt': [ - 'TestDeploymentDockerImageDeployProject0884B3B5', - 'Arn', - ], - }, - }, - ]), - }, - }); - }); - }); }); \ No newline at end of file diff --git a/yarn.lock b/yarn.lock index b2ec6e42..1177bd26 100644 --- a/yarn.lock +++ b/yarn.lock @@ -21,6 +21,24 @@ "@csstools/css-tokenizer" "^3.0.3" lru-cache "^10.4.3" +"@aws-cdk/asset-awscli-v1@^2.2.229": + version "2.2.231" + resolved "https://registry.yarnpkg.com/@aws-cdk/asset-awscli-v1/-/asset-awscli-v1-2.2.231.tgz#82805ae5ceed1fbfcc71e7fb5c5a1804c5cd4af8" + integrity sha512-vPqD/K2pK/ALhU5r5Nafdc2nLB+LJKxNyxUmQnLsazU6AWDJfkqjHQx8m3J4Cjl2C3chQkIRMdzSDuXIlo43GA== + +"@aws-cdk/asset-node-proxy-agent-v6@^2.1.0": + version "2.1.0" + resolved "https://registry.yarnpkg.com/@aws-cdk/asset-node-proxy-agent-v6/-/asset-node-proxy-agent-v6-2.1.0.tgz#6d3c7860354d4856a7e75375f2f0ecab313b4989" + integrity sha512-7bY3J8GCVxLupn/kNmpPc5VJz8grx+4RKfnnJiO1LG+uxkZfANZG3RMHhE+qQxxwkyQ9/MfPtTpf748UhR425A== + +"@aws-cdk/cloud-assembly-schema@^41.0.0": + version "41.2.0" + resolved "https://registry.yarnpkg.com/@aws-cdk/cloud-assembly-schema/-/cloud-assembly-schema-41.2.0.tgz#c1ef513e1cc0528dbc05948ae39d5631306af423" + integrity sha512-JaulVS6z9y5+u4jNmoWbHZRs9uGOnmn/ktXygNWKNu1k6lF3ad4so3s18eRu15XCbUIomxN9WPYT6Ehh7hzONw== + dependencies: + jsonschema "~1.4.1" + semver "^7.7.1" + "@babel/code-frame@^7.0.0", "@babel/code-frame@^7.12.13", "@babel/code-frame@^7.26.2": version "7.26.2" resolved "https://registry.yarnpkg.com/@babel/code-frame/-/code-frame-7.26.2.tgz#4b5fab97d33338eff916235055f0ebc21e573a85" @@ -1310,7 +1328,7 @@ ajv@^6.12.4: json-schema-traverse "^0.4.1" uri-js "^4.2.2" -ajv@^8.17.1: +ajv@^8.0.1, ajv@^8.17.1: version "8.17.1" resolved "https://registry.yarnpkg.com/ajv/-/ajv-8.17.1.tgz#37d9a5c776af6bc92d7f4f9510eba4c0a60d11a6" integrity sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g== @@ -1457,6 +1475,11 @@ arrify@^1.0.1: resolved "https://registry.yarnpkg.com/arrify/-/arrify-1.0.1.tgz#898508da2226f380df904728456849c1501a4b0d" integrity sha512-3CYzex9M9FGQjCGMGyi6/31c8GJbgb0qGyrx5HWxPd0aCwh4cB2YjMb2Xf9UuoogrMrlO9cTqnB5rI5GHZTcUA== +astral-regex@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/astral-regex/-/astral-regex-2.0.0.tgz#483143c567aeed4785759c0865786dc77d7d2e31" + integrity sha512-Z7tMw1ytTXt5jqMcOP+OQteU1VuNK9Y02uuJtKQ1Sv69jXQKKg5cibLwGJow8yzZP+eAc18EmLGPal0bp36rvQ== + async-function@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/async-function/-/async-function-1.0.0.tgz#509c9fca60eaf85034c6829838188e4e4c8ffb2b" @@ -1467,11 +1490,6 @@ asynckit@^0.4.0: resolved "https://registry.yarnpkg.com/asynckit/-/asynckit-0.4.0.tgz#c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79" integrity sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q== -at-least-node@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/at-least-node/-/at-least-node-1.0.0.tgz#602cd4b46e844ad4effc92a8011a3c46e0238dc2" - integrity sha512-+q/t7Ekv1EDY2l6Gda6LLiX14rU9TV20Wa3ofeQmwPFZbOMo9DXrLbOjFaaclkXKWidIaopwAObQDqwWtGUjqg== - available-typed-arrays@^1.0.7: version "1.0.7" resolved "https://registry.yarnpkg.com/available-typed-arrays/-/available-typed-arrays-1.0.7.tgz#a5cc375d6a03c2efc87a553f3e0b1522def14846" @@ -1479,19 +1497,24 @@ available-typed-arrays@^1.0.7: dependencies: possible-typed-array-names "^1.0.0" -aws-cdk-lib@2.24.0: - version "2.24.0" - resolved "https://registry.yarnpkg.com/aws-cdk-lib/-/aws-cdk-lib-2.24.0.tgz#d942f967530f089e4e41f965c88a8d275a7cde3f" - integrity sha512-icYISk6uddpBDe2csqIpZ0PPo8ryg8Polyxyh9ri6rmRIElOJIkBmTpJc7ORcP9vv9LjFIH6BRV7OltUxpcWUg== +aws-cdk-lib@2.187.0: + version "2.187.0" + resolved "https://registry.yarnpkg.com/aws-cdk-lib/-/aws-cdk-lib-2.187.0.tgz#7b76246abb77cd305cdf2cd00c4f32f9eb38cf67" + integrity sha512-OrAWin+LD5sZhRF5cWuEYEkmC/sxxlgcAasCpfzeRsj6yDImwmeQsaKhM7xqzZQBInog6ZbN6oFZYiWEGJMSIA== dependencies: + "@aws-cdk/asset-awscli-v1" "^2.2.229" + "@aws-cdk/asset-node-proxy-agent-v6" "^2.1.0" + "@aws-cdk/cloud-assembly-schema" "^41.0.0" "@balena/dockerignore" "^1.0.2" case "1.6.3" - fs-extra "^9.1.0" - ignore "^5.2.0" - jsonschema "^1.4.0" + fs-extra "^11.3.0" + ignore "^5.3.2" + jsonschema "^1.5.0" + mime-types "^2.1.35" minimatch "^3.1.2" - punycode "^2.1.1" - semver "^7.3.7" + punycode "^2.3.1" + semver "^7.7.1" + table "^6.9.0" yaml "1.10.2" aws-sdk@^2.1692.0: @@ -2850,6 +2873,15 @@ fs-extra@^10.1.0: jsonfile "^6.0.1" universalify "^2.0.0" +fs-extra@^11.3.0: + version "11.3.0" + resolved "https://registry.yarnpkg.com/fs-extra/-/fs-extra-11.3.0.tgz#0daced136bbaf65a555a326719af931adc7a314d" + integrity sha512-Z4XaCL6dUDHfP/jT25jJKMmtxvuwbkrD1vNSMFlo9lNLY2c5FHYSQgHPRZUjAB26TpDEoW9HCOgplrdbaPV/ew== + dependencies: + graceful-fs "^4.2.0" + jsonfile "^6.0.1" + universalify "^2.0.0" + fs-extra@^8.1.0: version "8.1.0" resolved "https://registry.yarnpkg.com/fs-extra/-/fs-extra-8.1.0.tgz#49d43c45a88cd9677668cb7be1b46efdb8d2e1c0" @@ -2859,16 +2891,6 @@ fs-extra@^8.1.0: jsonfile "^4.0.0" universalify "^0.1.0" -fs-extra@^9.1.0: - version "9.1.0" - resolved "https://registry.yarnpkg.com/fs-extra/-/fs-extra-9.1.0.tgz#5954460c764a8da2094ba3554bf839e6b9a7c86d" - integrity sha512-hcg3ZmepS30/7BSFqRvoo3DOMQu7IjqxO5nCDt+zM9XWjb33Wg7ziNT+Qvqbuc3+gWpzO02JubVyk2G4Zvo1OQ== - dependencies: - at-least-node "^1.0.0" - graceful-fs "^4.2.0" - jsonfile "^6.0.1" - universalify "^2.0.0" - fs.realpath@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/fs.realpath/-/fs.realpath-1.0.0.tgz#1504ad2523158caa40db4a2787cb01411994ea4f" @@ -3248,7 +3270,7 @@ ieee754@^1.1.4: resolved "https://registry.yarnpkg.com/ieee754/-/ieee754-1.2.1.tgz#8eb7a10a63fff25d15a57b001586d177d1b0d352" integrity sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA== -ignore@^5.2.0, ignore@^5.3.1: +ignore@^5.2.0, ignore@^5.3.1, ignore@^5.3.2: version "5.3.2" resolved "https://registry.yarnpkg.com/ignore/-/ignore-5.3.2.tgz#3cd40e729f3643fd87cb04e50bf0eb722bc596f5" integrity sha512-hsBTNUqQTDwkWtcdYI2i06Y/nUBEsNEDJKjWdigLvegy8kDuJAS8uRlpkkcQpyEXL0Z/pjDy5HBmMjRCJ2gq+g== @@ -4283,11 +4305,16 @@ jsonparse@^1.2.0: resolved "https://registry.yarnpkg.com/jsonparse/-/jsonparse-1.3.1.tgz#3f4dae4a91fac315f71062f8521cc239f1366280" integrity sha512-POQXvpdL69+CluYsillJ7SUhKvytYjW9vG/GKpnf+xP8UWgYEM/RaMzHHofbALDiKbbP1W8UEYmgGl39WkPZsg== -jsonschema@^1.4.0: +jsonschema@^1.5.0: version "1.5.0" resolved "https://registry.yarnpkg.com/jsonschema/-/jsonschema-1.5.0.tgz#f6aceb1ab9123563dd901d05f81f9d4883d3b7d8" integrity sha512-K+A9hhqbn0f3pJX17Q/7H6yQfD/5OXgdrR5UE12gMXCiN9D5Xq2o5mddV2QEcX/bjla99ASsAAQUyMCCRWAEhw== +jsonschema@~1.4.1: + version "1.4.1" + resolved "https://registry.yarnpkg.com/jsonschema/-/jsonschema-1.4.1.tgz#cc4c3f0077fb4542982973d8a083b6b34f482dab" + integrity sha512-S6cATIPVv1z0IlxdN+zUk5EPjkGCdnhN4wVSBlvoUO1tOLJootbo9CquNJmbIh4yikWHiUedhRYrNPn1arpEmQ== + keyv@^4.5.4: version "4.5.4" resolved "https://registry.yarnpkg.com/keyv/-/keyv-4.5.4.tgz#a879a99e29452f942439f2a405e3af8b31d4de93" @@ -4378,6 +4405,11 @@ lodash.merge@^4.6.2: resolved "https://registry.yarnpkg.com/lodash.merge/-/lodash.merge-4.6.2.tgz#558aa53b43b661e1925a0afdfa36a9a1085fe57a" integrity sha512-0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ== +lodash.truncate@^4.4.2: + version "4.4.2" + resolved "https://registry.yarnpkg.com/lodash.truncate/-/lodash.truncate-4.4.2.tgz#5a350da0b1113b837ecfffd5812cbe58d6eae193" + integrity sha512-jttmRe7bRse52OsWIMDLaXxWqRAmtIUccAQ3garviCqJjafXOfNMO0yMfNpdD6zbGaTU0P5Nz7e7gAT6cKmJRw== + lodash@^4.7.0: version "4.17.21" resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.21.tgz#679591c564c3bffaae8454cf0b3df370c3d6911c" @@ -5264,7 +5296,7 @@ semver-intersect@^1.5.0: resolved "https://registry.yarnpkg.com/semver/-/semver-5.7.2.tgz#48d55db737c3287cd4835e17fa13feace1c41ef8" integrity sha512-cBznnQ9KjJqU67B52RMC65CMarK2600WFnbkcaiwWq3xy/5haFJlshgnpjovMVJ+Hff49d8GEn0b87C5pDQ10g== -semver@7.x, semver@^7.0.0, semver@^7.3.2, semver@^7.3.4, semver@^7.3.7, semver@^7.5.3, semver@^7.6.0, semver@^7.6.3, semver@^7.7.1: +semver@7.x, semver@^7.0.0, semver@^7.3.2, semver@^7.3.4, semver@^7.5.3, semver@^7.6.0, semver@^7.6.3, semver@^7.7.1: version "7.7.1" resolved "https://registry.yarnpkg.com/semver/-/semver-7.7.1.tgz#abd5098d82b18c6c81f6074ff2647fd3e7220c9f" integrity sha512-hlq8tAfn0m/61p4BVRcPzIGr6LKiMwo4VM6dGi6pt4qcRkmNzTcWq6eCEjEh+qXjkMDvPlOFFSGwQjoEa6gyMA== @@ -5402,6 +5434,15 @@ slash@^3.0.0: resolved "https://registry.yarnpkg.com/slash/-/slash-3.0.0.tgz#6539be870c165adbd5240220dbe361f1bc4d4634" integrity sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q== +slice-ansi@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/slice-ansi/-/slice-ansi-4.0.0.tgz#500e8dd0fd55b05815086255b3195adf2a45fe6b" + integrity sha512-qMCMfhY040cVHT43K9BFygqYbUPFZKHOg7K73mtTWJRb8pyP3fzf4Ixd5SzdEJQ6MRUg/WBnOLxghZtKKurENQ== + dependencies: + ansi-styles "^4.0.0" + astral-regex "^2.0.0" + is-fullwidth-code-point "^3.0.0" + sort-json@^2.0.1: version "2.0.1" resolved "https://registry.yarnpkg.com/sort-json/-/sort-json-2.0.1.tgz#7338783bef807185dc37d5b02e3afd905d537cfb" @@ -5653,6 +5694,17 @@ symbol-tree@^3.2.4: resolved "https://registry.yarnpkg.com/symbol-tree/-/symbol-tree-3.2.4.tgz#430637d248ba77e078883951fb9aa0eed7c63fa2" integrity sha512-9QNk5KwDF+Bvz+PyObkmSYjI5ksVUYtjW7AU22r2NKcfLJcXp96hkDWU3+XndOsUb+AQ9QhfzfCT2O+CNWT5Tw== +table@^6.9.0: + version "6.9.0" + resolved "https://registry.yarnpkg.com/table/-/table-6.9.0.tgz#50040afa6264141c7566b3b81d4d82c47a8668f5" + integrity sha512-9kY+CygyYM6j02t5YFHbNz2FN5QmYGv9zAjVp4lCDjlCw7amdckXlEt/bjMhUIfj4ThGRE4gCUH5+yGnNuPo5A== + dependencies: + ajv "^8.0.1" + lodash.truncate "^4.4.2" + slice-ansi "^4.0.0" + string-width "^4.2.3" + strip-ansi "^6.0.1" + terminal-link@^2.0.0: version "2.1.1" resolved "https://registry.yarnpkg.com/terminal-link/-/terminal-link-2.1.1.tgz#14a64a27ab3c0df933ea546fba55f2d078edc994" From dd385eb51ab3d314db409e09cd1bda42d8d0f577 Mon Sep 17 00:00:00 2001 From: sizuhiko Date: Thu, 10 Apr 2025 17:44:11 +0900 Subject: [PATCH 2/2] add LogGroup each custom resource --- API.md | 56 ++++++++++++++++++++++++++++ src/docker-image-deployment.ts | 30 +++++++++++++++ test/docker-image-deploy.test.ts | 63 ++++++++++++++++++++++++++++++++ 3 files changed, 149 insertions(+) diff --git a/API.md b/API.md index c152cd80..c038f46d 100644 --- a/API.md +++ b/API.md @@ -180,6 +180,10 @@ const dockerImageDeploymentProps: DockerImageDeploymentProps = { ... } | --- | --- | --- | | destination | Destination | Destination repository to deploy the image to. | | source | Source | Source of the image to deploy. | +| crProviderLogGroup | aws-cdk-lib.aws_logs.ILogGroup | The Log Group used for logging of events emitted by the custom resource's lambda function. | +| crWaiterStateMachineLogOptions | aws-cdk-lib.aws_stepfunctions.LogOptions | The Log Option used for logging of events emitted by the custom resource's waiter state machine. | +| isCompleteHandlerLogGroup | aws-cdk-lib.aws_logs.ILogGroup | The Log Group used for logging of events emitted by the custom resource's isCompleteHandler lambda function. | +| onEventHandlerLogGroup | aws-cdk-lib.aws_logs.ILogGroup | The Log Group used for logging of events emitted by the custom resource's onEventHandler lambda function. | --- @@ -207,6 +211,58 @@ Source of the image to deploy. --- +##### `crProviderLogGroup`Optional + +```typescript +public readonly crProviderLogGroup: ILogGroup; +``` + +- *Type:* aws-cdk-lib.aws_logs.ILogGroup +- *Default:* a default log group created by AWS Lambda + +The Log Group used for logging of events emitted by the custom resource's lambda function. + +--- + +##### `crWaiterStateMachineLogOptions`Optional + +```typescript +public readonly crWaiterStateMachineLogOptions: LogOptions; +``` + +- *Type:* aws-cdk-lib.aws_stepfunctions.LogOptions +- *Default:* A default log group will be created if logging for the waiter state machine is enabled. + +The Log Option used for logging of events emitted by the custom resource's waiter state machine. + +--- + +##### `isCompleteHandlerLogGroup`Optional + +```typescript +public readonly isCompleteHandlerLogGroup: ILogGroup; +``` + +- *Type:* aws-cdk-lib.aws_logs.ILogGroup +- *Default:* a default log group created by AWS Lambda + +The Log Group used for logging of events emitted by the custom resource's isCompleteHandler lambda function. + +--- + +##### `onEventHandlerLogGroup`Optional + +```typescript +public readonly onEventHandlerLogGroup: ILogGroup; +``` + +- *Type:* aws-cdk-lib.aws_logs.ILogGroup +- *Default:* a default log group created by AWS Lambda + +The Log Group used for logging of events emitted by the custom resource's onEventHandler lambda function. + +--- + ### EcrSourceOptions Properties needed for Source.ecr. diff --git a/src/docker-image-deployment.ts b/src/docker-image-deployment.ts index 5814d5e7..631d0e09 100644 --- a/src/docker-image-deployment.ts +++ b/src/docker-image-deployment.ts @@ -4,6 +4,8 @@ import * as codebuild from 'aws-cdk-lib/aws-codebuild'; import * as iam from 'aws-cdk-lib/aws-iam'; import { Runtime } from 'aws-cdk-lib/aws-lambda'; import * as lambda from 'aws-cdk-lib/aws-lambda-nodejs'; +import * as logs from 'aws-cdk-lib/aws-logs'; +import { LogOptions } from 'aws-cdk-lib/aws-stepfunctions'; import * as cr from 'aws-cdk-lib/custom-resources'; import { Construct } from 'constructs'; import { Destination } from './destination'; @@ -19,6 +21,30 @@ export interface DockerImageDeploymentProps { * Destination repository to deploy the image to. */ readonly destination: Destination; + /** + * The Log Group used for logging of events emitted by the custom resource's lambda function. + * + * @default - a default log group created by AWS Lambda + */ + readonly crProviderLogGroup?: logs.ILogGroup; + /** + * The Log Group used for logging of events emitted by the custom resource's onEventHandler lambda function. + * + * @default - a default log group created by AWS Lambda + */ + readonly onEventHandlerLogGroup?: logs.ILogGroup; + /** + * The Log Group used for logging of events emitted by the custom resource's isCompleteHandler lambda function. + * + * @default - a default log group created by AWS Lambda + */ + readonly isCompleteHandlerLogGroup?: logs.ILogGroup; + /** + * The Log Option used for logging of events emitted by the custom resource's waiter state machine. + * + * @default - A default log group will be created if logging for the waiter state machine is enabled. + */ + readonly crWaiterStateMachineLogOptions?: LogOptions; } /** @@ -78,12 +104,14 @@ export class DockerImageDeployment extends Construct { entry: path.join(__dirname, 'codebuild-handler/index.js'), handler: 'onEventhandler', runtime: Runtime.NODEJS_16_X, + logGroup: props.onEventHandlerLogGroup, }); const isCompleteHandler = new lambda.NodejsFunction(this, 'isCompleteHandler', { entry: path.join(__dirname, 'codebuild-handler/index.js'), handler: 'isCompleteHandler', runtime: Runtime.NODEJS_16_X, + logGroup: props.isCompleteHandlerLogGroup, }); // https://github.com/aws/aws-cdk/issues/21721 issue to add grant methods to codebuild @@ -109,6 +137,8 @@ export class DockerImageDeployment extends Construct { isCompleteHandler: isCompleteHandler, queryInterval: Duration.seconds(30), totalTimeout: Duration.minutes(30), + logGroup: props.crProviderLogGroup, + waiterStateMachineLogOptions: props.crWaiterStateMachineLogOptions, }); const customResource = new CustomResource(this, `CustomResource${Date.now().toString()}`, { diff --git a/test/docker-image-deploy.test.ts b/test/docker-image-deploy.test.ts index be7c5f44..3e7c42d1 100644 --- a/test/docker-image-deploy.test.ts +++ b/test/docker-image-deploy.test.ts @@ -2,6 +2,7 @@ import * as path from 'path'; import { Match, Template } from 'aws-cdk-lib/assertions'; import * as ecr from 'aws-cdk-lib/aws-ecr'; +import * as logs from 'aws-cdk-lib/aws-logs'; import * as cdk from 'aws-cdk-lib/core'; import * as imagedeploy from '../lib/index'; @@ -34,6 +35,15 @@ describe('DockerImageDeploy', () => { destination: testDesinationNoOptions, }); + new imagedeploy.DockerImageDeployment(stack, 'TestDeploymentWithLogGroup', { + source: testSource, + destination: testDesination, + crProviderLogGroup: new logs.LogGroup(stack, 'CrProviderLogGroup', { retention: logs.RetentionDays.ONE_DAY }), + onEventHandlerLogGroup: new logs.LogGroup(stack, 'OnEventLogGroup', { retention: logs.RetentionDays.FIVE_DAYS }), + isCompleteHandlerLogGroup: new logs.LogGroup(stack, 'IsCompleteLogGroup', { retention: logs.RetentionDays.ONE_WEEK }), + crWaiterStateMachineLogOptions: { destination: new logs.LogGroup(stack, 'WaiterSfnLogGroup', { retention: logs.RetentionDays.ONE_MONTH }) }, + } ); + test('iam policy is granted correct permissions', () => { Template.fromStack(stack).hasResourceProperties('AWS::IAM::Policy', { PolicyDocument: { @@ -365,6 +375,59 @@ describe('DockerImageDeploy', () => { }, }); }); + + test('deploy with onEventhandler log group', () => { + Template.fromStack(stack).hasResourceProperties('AWS::Lambda::Function', { + Handler: 'index.onEventhandler', + LoggingConfig: { + LogGroup: { + Ref: 'OnEventLogGroup5AB79325', + }, + }, + }); + }); + + test('deploy with onEventhandler log group', () => { + Template.fromStack(stack).hasResourceProperties('AWS::Lambda::Function', { + Handler: 'index.isCompleteHandler', + LoggingConfig: { + LogGroup: { + Ref: 'IsCompleteLogGroupE01E0185', + }, + }, + }); + }); + + test('deploy with CRProvider log group', () => { + Template.fromStack(stack).hasResourceProperties('AWS::Lambda::Function', { + LoggingConfig: { + LogGroup: { + Ref: 'CrProviderLogGroup33080E63', + }, + }, + }); + }); + + test('deploy with WaiterStateMachine log options', () => { + Template.fromStack(stack).hasResourceProperties('AWS::StepFunctions::StateMachine', { + LoggingConfiguration: { + Destinations: [ + { + CloudWatchLogsLogGroup: { + LogGroupArn: { + 'Fn::GetAtt': [ + 'TestDeploymentCRProviderwaiterstatemachineLogGroupC06C22F6', + 'Arn', + ], + }, + }, + }, + ], + IncludeExecutionData: false, + Level: 'ERROR', + }, + }); + }); }); });