Skip to content

Commit 3f82970

Browse files
nhatnghihonhatnghiho
committed
Add typing and cleanup
1 parent 310e375 commit 3f82970

21 files changed

+136
-193
lines changed

tests/ci/cdk/README.md

-19
Original file line numberDiff line numberDiff line change
@@ -112,25 +112,6 @@ To deploy production pipeline using default parameters:
112112
./run-cdk.sh --action deploy-production-pipeline
113113
```
114114

115-
<!-- Bootstrap pipeline account
116-
```
117-
AWS_ACCOUNT_ID=183295444613
118-
PIPELINE_ACCOUNT_ID=774305600158
119-
cdk bootstrap aws://${PIPELINE_ACCOUNT_ID}/us-west-2
120-
```
121-
122-
Give pipeline account administrator access to deployment account's CloudFormation
123-
```
124-
cdk bootstrap aws://${AWS_ACCOUNT_ID}/us-west-2 --trust ${PIPELINE_ACCOUNT_ID} --trust-for-lookup ${PIPELINE_ACCOUNT_ID} --cloudformation-execution-policies arn:aws:iam::aws:policy/AdministratorAccess
125-
```
126-
127-
Deploy pipeline
128-
```
129-
GITHUB_REPO_OWNER=nhatnghiho
130-
GITHUB_SOURCE_VERSION=ci-pipeline
131-
./run-cdk.sh --github-repo-owner ${GITHUB_REPO_OWNER} --github-source-version ${GITHUB_SOURCE_VERSION} --aws-account ${AWS_ACCOUNT_ID} --action invoke --command "cdk deploy AwsLcCiPipeline --require-approval never"
132-
``` -->
133-
134115
### CI Commands
135116
Use these commands if you wish to deploy individual stacks instead of the entire pipeline.
136117

tests/ci/cdk/cdk/aws_lc_analytics_stack.py

+1-1
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ def __init__(self,
2020
scope: Construct,
2121
id: str,
2222
spec_file_path: str,
23-
env: typing.Optional[typing.Union[Environment, typing.Dict[str, typing.Any]]],
23+
env: typing.Union[Environment, typing.Dict[str, typing.Any]],
2424
**kwargs) -> None:
2525
super().__init__(scope, id, env=env, **kwargs)
2626

tests/ci/cdk/cdk/aws_lc_android_ci_stack.py

+1-1
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@ def __init__(self,
2222
scope: Construct,
2323
id: str,
2424
spec_file_path: str,
25-
env: typing.Optional[typing.Union[Environment, typing.Dict[str, typing.Any]]],
25+
env: typing.Union[Environment, typing.Dict[str, typing.Any]],
2626
**kwargs) -> None:
2727
super().__init__(scope, id, env=env, **kwargs)
2828

tests/ci/cdk/cdk/aws_lc_ec2_test_framework_ci_stack.py

+1-1
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@ def __init__(self,
2727
scope: Construct,
2828
id: str,
2929
spec_file_path: str,
30-
env: typing.Optional[typing.Union[Environment, typing.Dict[str, typing.Any]]],
30+
env: typing.Union[Environment, typing.Dict[str, typing.Any]],
3131
**kwargs) -> None:
3232
super().__init__(scope, id, env=env, **kwargs)
3333

tests/ci/cdk/cdk/aws_lc_github_ci_stack.py

+2-4
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88

99
from cdk.components import PruneStaleGitHubBuilds
1010
from util.iam_policies import code_build_batch_policy_in_json, code_build_publish_metrics_in_json, \
11-
code_build_cloudwatch_logs_policy_in_json, s3_read_policy_in_json
11+
code_build_cloudwatch_logs_policy_in_json
1212
from util.metadata import GITHUB_PUSH_CI_BRANCH_TARGETS, GITHUB_REPO_OWNER, GITHUB_REPO_NAME, \
1313
PIPELINE_ACCOUNT, PRE_PROD_ACCOUNT, STAGING_GITHUB_REPO_OWNER, STAGING_GITHUB_REPO_NAME
1414
from util.build_spec_loader import BuildSpecLoader
@@ -21,7 +21,7 @@ def __init__(self,
2121
scope: Construct,
2222
id: str,
2323
spec_file_path: str,
24-
env: typing.Optional[typing.Union[Environment, typing.Dict[str, typing.Any]]],
24+
env: typing.Union[Environment, typing.Dict[str, typing.Any]],
2525
**kwargs) -> None:
2626
super().__init__(scope, id, env=env, **kwargs)
2727

@@ -52,7 +52,6 @@ def __init__(self,
5252
code_build_cloudwatch_logs_policy = iam.PolicyDocument.from_json(
5353
code_build_cloudwatch_logs_policy_in_json([log_group])
5454
)
55-
s3_assets_policy = iam.PolicyDocument.from_json(s3_read_policy_in_json())
5655
resource_access_role = iam.Role(scope=self,
5756
id="{}-resource-role".format(id),
5857
assumed_by=iam.CompositePrincipal(
@@ -61,7 +60,6 @@ def __init__(self,
6160
),
6261
inline_policies={
6362
"code_build_cloudwatch_logs_policy": code_build_cloudwatch_logs_policy,
64-
"s3_assets_policy": s3_assets_policy
6563
})
6664

6765
# Define a IAM role for this stack.

tests/ci/cdk/cdk/aws_lc_github_ci_x509_stack.py

+1-2
Original file line numberDiff line numberDiff line change
@@ -9,13 +9,12 @@
99
GITHUB_REPO_OWNER, PRE_PROD_ACCOUNT, STAGING_GITHUB_REPO_OWNER, STAGING_GITHUB_REPO_NAME,
1010
)
1111

12-
1312
class AwsLcGitHubX509CIStack(Stack):
1413
def __init__(
1514
self,
1615
scope: Construct,
1716
id: str,
18-
env: typing.Optional[typing.Union[Environment, typing.Dict[str, typing.Any]]],
17+
env: typing.Union[Environment, typing.Dict[str, typing.Any]],
1918
**kwargs,
2019
) -> None:
2120
super().__init__(scope, id, env=env, **kwargs)

tests/ci/cdk/cdk/aws_lc_github_fuzz_ci_stack.py

+1-1
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@ def __init__(self,
2222
scope: Construct,
2323
id: str,
2424
spec_file_path: str,
25-
env: typing.Optional[typing.Union[Environment, typing.Dict[str, typing.Any]]],
25+
env: typing.Union[Environment, typing.Dict[str, typing.Any]],
2626
**kwargs) -> None:
2727
super().__init__(scope, id, env=env, **kwargs)
2828

tests/ci/cdk/cdk/components.py

+5-3
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,9 @@
11
import pathlib
2+
import typing
23

3-
from aws_cdk import aws_codebuild as codebuild, aws_lambda as lambda_, aws_ecr_assets as ecr_assets, aws_secretsmanager as sm, \
4-
aws_events as events, aws_events_targets as events_targets, aws_iam as iam, Duration
4+
from aws_cdk import aws_codebuild as codebuild, aws_lambda as lambda_, aws_ecr_assets as ecr_assets, \
5+
aws_secretsmanager as sm, \
6+
aws_events as events, aws_events_targets as events_targets, aws_iam as iam, Duration, Environment
57

68
from constructs import Construct
79
from util.metadata import GITHUB_REPO_OWNER, GITHUB_TOKEN_SECRET_NAME
@@ -14,7 +16,7 @@ def __init__(
1416
id: str,
1517
*,
1618
project: codebuild.IProject,
17-
env,
19+
env: typing.Union[Environment, typing.Dict[str, typing.Any]],
1820
ec2_permissions: bool
1921
) -> None:
2022
super().__init__(scope, id)

tests/ci/cdk/cdk/linux_docker_image_batch_build_stack.py

+1-1
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ def __init__(
2626
self,
2727
scope: Construct,
2828
id: str,
29-
env: typing.Optional[typing.Union[Environment, typing.Dict[str, typing.Any]]],
29+
env: typing.Union[Environment, typing.Dict[str, typing.Any]],
3030
**kwargs) -> None:
3131
super().__init__(scope, id, env=env, **kwargs)
3232

tests/ci/cdk/cdk/windows_docker_image_build_stack.py

+1-1
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,7 @@ def __init__(
3434
self,
3535
scope: Construct,
3636
id: str,
37-
env: typing.Optional[typing.Union[Environment, typing.Dict[str, typing.Any]]],
37+
env: typing.Union[Environment, typing.Dict[str, typing.Any]],
3838
**kwargs) -> None:
3939
super().__init__(
4040
scope,

tests/ci/cdk/pipeline/ci_stage.py

+49-50
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,8 @@
11
# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
22
# SPDX-License-Identifier: Apache-2.0 OR ISC
3+
import builtins
4+
import re
5+
import typing
36

47
from aws_cdk import Stage, Environment, Duration, pipelines, aws_iam as iam, Stack
58
from constructs import Construct
@@ -9,16 +12,15 @@
912
from cdk.aws_lc_ec2_test_framework_ci_stack import AwsLcEC2TestingCIStack
1013
from cdk.aws_lc_github_ci_stack import AwsLcGitHubCIStack
1114
from cdk.aws_lc_github_fuzz_ci_stack import AwsLcGitHubFuzzCIStack
12-
from pipeline.codebuild_batch_step import BatchBuildTargetOptions, CodeBuildBatchStep
13-
15+
from pipeline.codebuild_batch_step import CodeBuildBatchStep
1416

1517
class CiStage(Stage):
1618
def __init__(
1719
self,
1820
scope: Construct,
19-
id,
20-
pipeline_environment,
21-
deploy_environment,
21+
id: str,
22+
pipeline_environment: typing.Union[Environment, typing.Dict[str, typing.Any]],
23+
deploy_environment: typing.Union[Environment, typing.Dict[str, typing.Any]],
2224
**kwargs
2325
):
2426
super().__init__(
@@ -28,7 +30,7 @@ def __init__(
2830
**kwargs,
2931
)
3032

31-
self.build_targets = []
33+
self.build_options = []
3234

3335
# Define CodeBuild Batch job for testing code.
3436
x86_build_spec_file = "cdk/codebuild/github_ci_linux_x86_omnibus.yaml"
@@ -39,8 +41,8 @@ def __init__(
3941
env=deploy_environment,
4042
stack_name="aws-lc-ci-linux-x86",
4143
)
42-
self.build_targets.append(BatchBuildTargetOptions(
43-
target="aws-lc-ci-linux-x86",
44+
self.build_options.append(BatchBuildOptions(
45+
project="aws-lc-ci-linux-x86",
4446
ignore_failure=False,
4547
))
4648

@@ -53,8 +55,8 @@ def __init__(
5355
env=deploy_environment,
5456
stack_name=arm_stack_name,
5557
)
56-
self.build_targets.append(BatchBuildTargetOptions(
57-
target="aws-lc-ci-linux-arm",
58+
self.build_options.append(BatchBuildOptions(
59+
project="aws-lc-ci-linux-arm",
5860
ignore_failure=False,
5961
))
6062

@@ -66,8 +68,8 @@ def __init__(
6668
env=deploy_environment,
6769
stack_name="aws-lc-ci-integration",
6870
)
69-
self.build_targets.append(BatchBuildTargetOptions(
70-
target="aws-lc-ci-integration",
71+
self.build_options.append(BatchBuildOptions(
72+
project="aws-lc-ci-integration",
7173
ignore_failure=True,
7274
))
7375

@@ -79,8 +81,8 @@ def __init__(
7981
env=deploy_environment,
8082
stack_name="aws-lc-ci-fuzzing",
8183
)
82-
self.build_targets.append(BatchBuildTargetOptions(
83-
target="aws-lc-ci-fuzzing",
84+
self.build_options.append(BatchBuildOptions(
85+
project="aws-lc-ci-fuzzing",
8486
ignore_failure=False,
8587
))
8688

@@ -92,8 +94,8 @@ def __init__(
9294
env=deploy_environment,
9395
stack_name="aws-lc-ci-analytics",
9496
)
95-
self.build_targets.append(BatchBuildTargetOptions(
96-
target="aws-lc-ci-analytics",
97+
self.build_options.append(BatchBuildOptions(
98+
project="aws-lc-ci-analytics",
9799
ignore_failure=True,
98100
))
99101

@@ -109,8 +111,8 @@ def __init__(
109111
env=deploy_environment,
110112
stack_name="aws-lc-ci-ec2-test-framework",
111113
)
112-
self.build_targets.append(BatchBuildTargetOptions(
113-
target="aws-lc-ci-ec2-test-framework",
114+
self.build_options.append(BatchBuildOptions(
115+
project="aws-lc-ci-ec2-test-framework",
114116
ignore_failure=True,
115117
))
116118

@@ -122,8 +124,8 @@ def __init__(
122124
env=deploy_environment,
123125
stack_name="aws-lc-ci-devicefarm-android",
124126
)
125-
self.build_targets.append(BatchBuildTargetOptions(
126-
target="aws-lc-ci-devicefarm-android",
127+
self.build_options.append(BatchBuildOptions(
128+
project="aws-lc-ci-devicefarm-android",
127129
ignore_failure=False,
128130
))
129131

@@ -135,25 +137,27 @@ def __init__(
135137
env=deploy_environment,
136138
stack_name="aws-lc-ci-windows-x86",
137139
)
138-
self.build_targets.append(BatchBuildTargetOptions(
139-
target="aws-lc-ci-windows-x86",
140+
self.build_options.append(BatchBuildOptions(
141+
project="aws-lc-ci-windows-x86",
140142
ignore_failure=False,
141143
))
142144

143145
@property
144-
def stacks(self):
146+
def stacks(self) -> typing.List[Stack]:
145147
return [child for child in self.node.children if isinstance(child, Stack)]
146148

147149
def add_stage_to_pipeline(
148150
self,
149151
pipeline: pipelines.CodePipeline,
150152
input: pipelines.FileSet,
151153
role: iam.Role,
152-
max_retry: int=2,
153-
env={},
154+
max_retry: typing.Optional[int] = 2,
155+
env: typing.Optional[typing.Mapping[str, str]] = None,
154156
):
155157
stack_names = [stack.stack_name for stack in self.stacks]
156158

159+
env = env or {}
160+
157161
prebuild_check_step = pipelines.CodeBuildStep(
158162
"PrebuildCheck",
159163
input=input,
@@ -168,8 +172,7 @@ def add_stage_to_pipeline(
168172
"STACKS": " ".join(stack_names),
169173
},
170174
role=role,
171-
timeout=Duration.minutes(180)
172-
# project_name=f"{self.stage_name}-PrebuildCheck"
175+
timeout=Duration.minutes(60)
173176
)
174177

175178
batch_build_jobs = {
@@ -179,13 +182,13 @@ def add_stage_to_pipeline(
179182
"ignore-failure": options.ignore_failure,
180183
"env": {
181184
"variables": {
182-
"PROJECT": options.target,
183-
"TIMEOUT": options.timeout,
185+
"PROJECT": options.project,
186+
"TIMEOUT": str(max_retry * options.timeout),
184187
**options.env,
185188
}
186189
}
187190
}
188-
for options in self.build_targets
191+
for options in self.build_options
189192
]
190193
}
191194

@@ -199,32 +202,17 @@ def add_stage_to_pipeline(
199202
"./build_target.sh --build-type ci --project ${PROJECT} --max-retry ${MAX_RETRY} --timeout ${TIMEOUT}"
200203
],
201204
role=role,
205+
timeout=300,
202206
partial_batch_buildspec=batch_build_jobs,
203207
env={
204208
**env,
205209
"MAX_RETRY": max_retry,
206-
"NEED_REBUILD": prebuild_check_step.exported_variable("NEED_REBUILD")
210+
"NEED_REBUILD": prebuild_check_step.exported_variable("NEED_REBUILD"),
207211
},
208212
)
209213

210214
ci_run_step.add_step_dependency(prebuild_check_step)
211215

212-
# pipeline.add_stage(
213-
# self,
214-
# post=[
215-
# CodeBuildRunStep(
216-
# f"{self.stage_name}-BuildStep",
217-
# name_prefix=self.stage_name,
218-
# input=input,
219-
# role=role,
220-
# stacks=[stack.stack_name for stack in self.stacks],
221-
# build_targets=self.build_targets,
222-
# max_retry=max_retry,
223-
# env=env,
224-
# )
225-
# ]
226-
# )
227-
228216
pipeline.add_stage(
229217
self,
230218
post=[
@@ -233,6 +221,17 @@ def add_stage_to_pipeline(
233221
]
234222
)
235223

236-
237-
238-
224+
class BatchBuildOptions:
225+
def __init__(
226+
self,
227+
project: str,
228+
identifier: str = None,
229+
ignore_failure: bool = False,
230+
timeout: int = 120,
231+
env: typing.Optional[typing.Mapping[str, str]] = None
232+
):
233+
self.project = project
234+
self.identifier = identifier or re.sub(r'[^a-zA-Z0-9]', '_', project)
235+
self.ignore_failure = ignore_failure
236+
self.timeout = timeout
237+
self.env = env

0 commit comments

Comments
 (0)