· 6 years ago · Aug 24, 2019, 11:54 AM
1AWSTemplateFormatVersion: '2010-09-09'
2Transform: AWS::Serverless-2016-10-31
3Description: Cope Pipeline for workshops app
4Resources:
5 ArtifactsBucket:
6 Type: AWS::S3::Bucket
7 DeletionPolicy: Delete
8 Properties:
9 VersioningConfiguration:
10 Status: Enabled
11 BackendCodePipeline:
12 Type: AWS::CodePipeline::Pipeline
13 Properties:
14 Name: WorkshopsBackendApp
15 RoleArn: !GetAtt CodePipelineRole.Arn
16 ArtifactStore:
17 Type: S3
18 Location: !Ref ArtifactsBucket
19 Stages:
20 - Name: Source
21 Actions:
22 - Name: SourceCode
23 Region: eu-central-1
24 ActionTypeId:
25 Category: Source
26 Owner: ThirdParty
27 Version: '1'
28 Provider: GitHub
29 Configuration:
30 Owner: wojciech-dabrowski
31 Repo: aws-ci-cd
32 Branch: master
33 OAuthToken: !Ref GithubToken
34 PollForSourceChanges: true
35 OutputArtifacts:
36 - Name: SourceCode
37 RunOrder: 1
38 - Name: Build
39 Actions:
40 - Name: BuildApp
41 Region: eu-central-1
42 InputArtifacts:
43 - Name: SourceCode
44 ActionTypeId:
45 Category: Build
46 Owner: AWS
47 Version: '1'
48 Provider: CodeBuild
49 Configuration:
50 ProjectName: BuildWorkshopsBackendApp
51 OutputArtifacts:
52 - Name: TemplateOutput
53 CodePipelineRole:
54 Type: AWS::IAM::Role
55 Properties:
56 AssumeRolePolicyDocument:
57 Version: 2012-10-17
58 Statement:
59 - Effect: Allow
60 Principal:
61 Service:
62 - codepipeline.amazonaws.com
63 - cloudformation.amazonaws.com
64 Action: sts:AssumeRole
65 Policies:
66 - PolicyName: CodePipelinePolicy
67 PolicyDocument:
68 Version: 2012-10-17
69 Statement:
70 - Effect: Allow
71 Action: "cloudformation:*"
72 Resource: "*"
73 - Effect: Allow
74 Action: "codebuild:*"
75 Resource: "*"
76 - Effect: Allow
77 Action: "s3:*"
78 Resource: "*"
79 - Effect: Allow
80 Action: "apigateway:*"
81 Resource: "*"
82 - Effect: Allow
83 Action: "cloudfront:*"
84 Resource: "*"
85 - Effect: Allow
86 Action: "lambda:*"
87 Resource: "*"
88 - Effect: Allow
89 Action: "dynamodb:*"
90 Resource: "*"
91 - Effect: Allow
92 Action: "iam:*"
93 Resource: "*"
94 - Effect: Allow
95 Action:
96 - iam:PassRole
97 Resource: "*"
98 BuildBackendProject:
99 Type: AWS::CodeBuild::Project
100 Properties:
101 Name: BuildWorkshopsBackendApp
102 Description: Build workshops backend app
103 ServiceRole: !GetAtt CodeBuildRole.Arn
104 Artifacts:
105 Type: CODEPIPELINE
106 Environment:
107 Type: LINUX_CONTAINER
108 ComputeType: BUILD_GENERAL1_SMALL
109 Image: aws/codebuild/standard:2.0
110 EnvironmentVariables:
111 - Name: PackageBucket
112 Value: !Ref ArtifactsBucket
113 - Name: PackageBucketKey
114 Value: WorkshopsBackendApp/CodePackage
115 Source:
116 Type: CODEPIPELINE
117 BuildSpec: backend/buildspec.yaml
118 TimeoutInMinutes: 10
119 CodeBuildRole:
120 Type: AWS::IAM::Role
121 Properties:
122 AssumeRolePolicyDocument:
123 Version: 2012-10-17
124 Statement:
125 - Effect: Allow
126 Principal:
127 Service:
128 - codebuild.amazonaws.com
129 - codepipeline.amazonaws.com
130 Action: sts:AssumeRole
131 Policies:
132 - PolicyName: CodeBuildPolicy
133 PolicyDocument:
134 Version: 2012-10-17
135 Statement:
136 - Effect: Allow
137 Action: "s3:*"
138 Resource: "*"
139 - Effect: Allow
140 Action: "cloudfront:*"
141 Resource: "*"
142 - Effect: Allow
143 Action: "logs:*"
144 Resource: "*"
145Parameters:
146 GithubToken:
147 Type: String