ShellScriptAction等价于CDKV2
ShellScriptAction等价于CDKV2
提问于 2022-03-29 09:51:06
我在CDKv1中有一个项目,我正在升级到CDKv2。我在我的AWS CodePipeline中有一个使用CDKv1的吉泄漏阶段。现在,我想将这个功能移到CDKv2上,但是不推荐使用ShellScriptAction。我试用了ShellStep,但是ShellStep没有项目属性- 链接。
export class GitleaksReviewAction extends Construct {
public readonly action: ShellScriptAction;
public readonly gitleaksImage: DockerImageAsset;
constructor(scope: Construct, id: string, props: GitleaksReviewActionProps) {
super(scope, id);
this.gitleaksImage = new DockerImageAsset(this, "gitleaksDockerAsset", {
directory: path.join(__dirname, "../assets/gitleaks"),
});
this.action = new ShellScriptAction({
actionName: "Gitleaks",
additionalArtifacts: [props.sourceArtifact],
commands: [
"find . -type d -exec chmod 777 {} \\;",
"find . -type f -exec chmod 666 {} \\;",
`aws ecr get-login-password --region $AWS_REGION | docker login -u AWS --password-stdin ${this.gitleaksImage.imageUri}`,
`docker run -v $(pwd):/repo ${this.gitleaksImage.imageUri} --path=/repo --repo-config-path=config/gitleaks/gitleaks.toml --verbose`,
],
environment: {
buildImage: codebuild.LinuxBuildImage.STANDARD_5_0,
privileged: true,
},
});
}
}用这个打电话给全班-
gitleaksReviewAction.gitleaksImage.repository.grantPull(
gitleaksReviewAction.action.project
);返回项目属性的CDKv2中是否存在等效项?
管道代码-
export class Pipeline extends cdk.Stack {
constructor(scope: Construct, id: string, props?: cdk.StackProps) {
super(scope, id, props);
...
const pipeline = new CodePipeline(this, "Pipeline", {
pipelineName: "pipeline",
synth: new CodeBuildStep("SynthStep", {
input: CodePipelineSource.codeCommit(repo, "mainline"),
buildEnvironment: {
computeType: CodeBuild.ComputeType.MEDIUM,
buildImage: CodeBuild.LinuxBuildImage.STANDARD_5_0,
},
partialBuildSpec: buildSpec,
commands: [],
role: codeBuildSynthRole,
primaryOutputDirectory: "cdk/cdk.out",
}),
crossAccountKeys: true,
selfMutation: true,
dockerEnabledForSelfMutation: true,
});
const review = new ReviewPipelineStage(this, "Review", {
sourceFileSet: pipeline.cloudAssemblyFileSet,
});
const reviewStage = pipeline.addStage(review);
const gitleaksReviewAction = new GitleaksReviewAction(
this,
"GitleaksReviewAction",
{
sourceFileSet: pipeline.cloudAssemblyFileSet,
}
);
reviewStage.addPost(gitleaksReviewAction.action);
gitleaksReviewAction.gitleaksImage.repository.grantPull(
gitleaksReviewAction.action.project
);
}
}回答 1
Stack Overflow用户
回答已采纳
发布于 2022-03-29 12:04:38
我假设您将切换到CDK管道的新API,这不仅需要为步骤使用不同的类。
如果这是真的,那么在新API中,等效的方法是使用CodeBuildStep
gitleaksReviewAction.gitleaksImage.repository.grantPull(
gitleaksReviewAction.action.grantPrincipal
);这是假设gitleaksReviewAction.action是CodeBuildStep类型的。
参考资料:https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.pipelines.CodeBuildStep.html#grantprincipal
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/71659865
复制相关文章
相似问题
腾讯云开发者
