Skip to content

API Reference

Constructs

PDKPipeline

An extension to CodePipeline which configures sane defaults for a NX Monorepo codebase.

In addition to this, it also creates a CodeCommit repository with automated PR builds and approvals.

Initializers

import aws.pdk.pipeline

aws.pdk.pipeline.PDKPipeline(
  scope: Construct,
  id: str,
  artifact_bucket: IBucket = None,
  asset_publishing_code_build_defaults: CodeBuildOptions = None,
  cli_version: str = None,
  code_build_defaults: CodeBuildOptions = None,
  code_pipeline: Pipeline = None,
  cross_account_keys: bool = None,
  cross_region_replication_buckets: typing.Mapping[IBucket] = None,
  docker_credentials: typing.List[DockerCredential] = None,
  docker_enabled_for_self_mutation: bool = None,
  docker_enabled_for_synth: bool = None,
  enable_key_rotation: bool = None,
  pipeline_name: str = None,
  publish_assets_in_parallel: bool = None,
  reuse_cross_region_support_stacks: bool = None,
  role: IRole = None,
  self_mutation: bool = None,
  self_mutation_code_build_defaults: CodeBuildOptions = None,
  synth: IFileSetProducer = None,
  synth_code_build_defaults: CodeBuildOptions = None,
  use_change_sets: bool = None,
  primary_synth_directory: str,
  repository_name: str,
  branch_name_prefixes: typing.List[str] = None,
  cdk_command: str = None,
  cdk_src_dir: str = None,
  code_commit_removal_policy: RemovalPolicy = None,
  default_branch_name: str = None,
  sonar_code_scanner_config: SonarCodeScannerConfig = None,
  synth_shell_step_partial_props: ShellStepProps = None
)
Name Type Description
scope constructs.Construct No description.
id str No description.
artifact_bucket aws_cdk.aws_s3.IBucket An existing S3 Bucket to use for storing the pipeline's artifact.
asset_publishing_code_build_defaults aws_cdk.pipelines.CodeBuildOptions Additional customizations to apply to the asset publishing CodeBuild projects.
cli_version str CDK CLI version to use in self-mutation and asset publishing steps.
code_build_defaults aws_cdk.pipelines.CodeBuildOptions Customize the CodeBuild projects created for this pipeline.
code_pipeline aws_cdk.aws_codepipeline.Pipeline An existing Pipeline to be reused and built upon.
cross_account_keys bool Create KMS keys for the artifact buckets, allowing cross-account deployments.
cross_region_replication_buckets typing.Mapping[aws_cdk.aws_s3.IBucket] A map of region to S3 bucket name used for cross-region CodePipeline.
docker_credentials typing.List[aws_cdk.pipelines.DockerCredential] A list of credentials used to authenticate to Docker registries.
docker_enabled_for_self_mutation bool Enable Docker for the self-mutate step.
docker_enabled_for_synth bool Enable Docker for the 'synth' step.
enable_key_rotation bool Enable KMS key rotation for the generated KMS keys.
pipeline_name str The name of the CodePipeline pipeline.
publish_assets_in_parallel bool Publish assets in multiple CodeBuild projects. If set to false, use one Project per type to publish all assets.
reuse_cross_region_support_stacks bool Reuse the same cross region support stack for all pipelines in the App.
role aws_cdk.aws_iam.IRole The IAM role to be assumed by this Pipeline.
self_mutation bool Whether the pipeline will update itself.
self_mutation_code_build_defaults aws_cdk.pipelines.CodeBuildOptions Additional customizations to apply to the self mutation CodeBuild projects.
synth aws_cdk.pipelines.IFileSetProducer The build step that produces the CDK Cloud Assembly.
synth_code_build_defaults aws_cdk.pipelines.CodeBuildOptions Additional customizations to apply to the synthesize CodeBuild projects.
use_change_sets bool Deploy every stack by creating a change set and executing it.
primary_synth_directory str Output directory for cdk synthesized artifacts i.e: packages/infra/cdk.out.
repository_name str Name of the CodeCommit repository to create.
branch_name_prefixes typing.List[str] Branch name prefixes Any branches created matching this list of prefixes will create a new pipeline and stack.
cdk_command str CDK command.
cdk_src_dir str The directory with cdk.json to run cdk synth from. Set this if you enabled feature branches and cdk.json is not located in the parent directory of primarySynthDirectory.
code_commit_removal_policy aws_cdk.RemovalPolicy Possible values for a resource's Removal Policy The removal policy controls what happens to the resource if it stops being managed by CloudFormation.
default_branch_name str Branch to trigger the pipeline execution.
sonar_code_scanner_config SonarCodeScannerConfig Configuration for enabling Sonarqube code scanning on a successful synth.
synth_shell_step_partial_props aws_cdk.pipelines.ShellStepProps PDKPipeline by default assumes a NX Monorepo structure for it's codebase and uses sane defaults for the install and run commands.

scopeRequired
  • Type: constructs.Construct

idRequired
  • Type: str

artifact_bucketOptional
  • Type: aws_cdk.aws_s3.IBucket
  • Default: A new S3 bucket will be created.

An existing S3 Bucket to use for storing the pipeline's artifact.


asset_publishing_code_build_defaultsOptional
  • Type: aws_cdk.pipelines.CodeBuildOptions
  • Default: Only codeBuildDefaults are applied

Additional customizations to apply to the asset publishing CodeBuild projects.


cli_versionOptional
  • Type: str
  • Default: Latest version

CDK CLI version to use in self-mutation and asset publishing steps.

If you want to lock the CDK CLI version used in the pipeline, by steps that are automatically generated for you, specify the version here.

We recommend you do not specify this value, as not specifying it always uses the latest CLI version which is backwards compatible with old versions.

If you do specify it, be aware that this version should always be equal to or higher than the version of the CDK framework used by the CDK app, when the CDK commands are run during your pipeline execution. When you change this version, the next time the SelfMutate step runs it will still be using the CLI of the the previous version that was in this property: it will only start using the new version after SelfMutate completes successfully. That means that if you want to update both framework and CLI version, you should update the CLI version first, commit, push and deploy, and only then update the framework version.


code_build_defaultsOptional
  • Type: aws_cdk.pipelines.CodeBuildOptions
  • Default: All projects run non-privileged build, SMALL instance, LinuxBuildImage.STANDARD_7_0

Customize the CodeBuild projects created for this pipeline.


code_pipelineOptional
  • Type: aws_cdk.aws_codepipeline.Pipeline
  • Default: a new underlying pipeline is created.

An existing Pipeline to be reused and built upon.

[disable-awslint:ref-via-interface]


cross_account_keysOptional
  • Type: bool
  • Default: false

Create KMS keys for the artifact buckets, allowing cross-account deployments.

The artifact buckets have to be encrypted to support deploying CDK apps to another account, so if you want to do that or want to have your artifact buckets encrypted, be sure to set this value to true.

Be aware there is a cost associated with maintaining the KMS keys.


cross_region_replication_bucketsOptional
  • Type: typing.Mapping[aws_cdk.aws_s3.IBucket]
  • Default: no cross region replication buckets.

A map of region to S3 bucket name used for cross-region CodePipeline.

For every Action that you specify targeting a different region than the Pipeline itself, if you don't provide an explicit Bucket for that region using this property, the construct will automatically create a Stack containing an S3 Bucket in that region. Passed directly through to the {@link cp.Pipeline }.


docker_credentialsOptional
  • Type: typing.List[aws_cdk.pipelines.DockerCredential]
  • Default: []

A list of credentials used to authenticate to Docker registries.

Specify any credentials necessary within the pipeline to build, synth, update, or publish assets.


docker_enabled_for_self_mutationOptional
  • Type: bool
  • Default: false

Enable Docker for the self-mutate step.

Set this to true if the pipeline itself uses Docker container assets (for example, if you use LinuxBuildImage.fromAsset() as the build image of a CodeBuild step in the pipeline).

You do not need to set it if you build Docker image assets in the application Stages and Stacks that are deployed by this pipeline.

Configures privileged mode for the self-mutation CodeBuild action.

If you are about to turn this on in an already-deployed Pipeline, set the value to true first, commit and allow the pipeline to self-update, and only then use the Docker asset in the pipeline.


docker_enabled_for_synthOptional
  • Type: bool
  • Default: false

Enable Docker for the 'synth' step.

Set this to true if you are using file assets that require "bundling" anywhere in your application (meaning an asset compilation step will be run with the tools provided by a Docker image), both for the Pipeline stack as well as the application stacks.

A common way to use bundling assets in your application is by using the aws-cdk-lib/aws-lambda-nodejs library.

Configures privileged mode for the synth CodeBuild action.

If you are about to turn this on in an already-deployed Pipeline, set the value to true first, commit and allow the pipeline to self-update, and only then use the bundled asset.


enable_key_rotationOptional
  • Type: bool
  • Default: false (key rotation is disabled)

Enable KMS key rotation for the generated KMS keys.

By default KMS key rotation is disabled, but will add additional costs when enabled.


pipeline_nameOptional
  • Type: str
  • Default: Automatically generated

The name of the CodePipeline pipeline.


publish_assets_in_parallelOptional
  • Type: bool
  • Default: true

Publish assets in multiple CodeBuild projects. If set to false, use one Project per type to publish all assets.

Publishing in parallel improves concurrency and may reduce publishing latency, but may also increase overall provisioning time of the CodeBuild projects.

Experiment and see what value works best for you.


reuse_cross_region_support_stacksOptional
  • Type: bool
  • Default: true (Use the same support stack for all pipelines in App)

Reuse the same cross region support stack for all pipelines in the App.


roleOptional
  • Type: aws_cdk.aws_iam.IRole
  • Default: A new role is created

The IAM role to be assumed by this Pipeline.


self_mutationOptional
  • Type: bool
  • Default: true

Whether the pipeline will update itself.

This needs to be set to true to allow the pipeline to reconfigure itself when assets or stages are being added to it, and true is the recommended setting.

You can temporarily set this to false while you are iterating on the pipeline itself and prefer to deploy changes using cdk deploy.


self_mutation_code_build_defaultsOptional
  • Type: aws_cdk.pipelines.CodeBuildOptions
  • Default: Only codeBuildDefaults are applied

Additional customizations to apply to the self mutation CodeBuild projects.


synthOptional
  • Type: aws_cdk.pipelines.IFileSetProducer

The build step that produces the CDK Cloud Assembly.

The primary output of this step needs to be the cdk.out directory generated by the cdk synth command.

If you use a ShellStep here and you don't configure an output directory, the output directory will automatically be assumed to be cdk.out.


synth_code_build_defaultsOptional
  • Type: aws_cdk.pipelines.CodeBuildOptions
  • Default: Only codeBuildDefaults are applied

Additional customizations to apply to the synthesize CodeBuild projects.


use_change_setsOptional
  • Type: bool
  • Default: true

Deploy every stack by creating a change set and executing it.

When enabled, creates a "Prepare" and "Execute" action for each stack. Disable to deploy the stack in one pipeline action.


primary_synth_directoryRequired
  • Type: str

Output directory for cdk synthesized artifacts i.e: packages/infra/cdk.out.


repository_nameRequired
  • Type: str

Name of the CodeCommit repository to create.


branch_name_prefixesOptional
  • Type: typing.List[str]
  • Default: undefined

Branch name prefixes Any branches created matching this list of prefixes will create a new pipeline and stack.


Example

# Example automatically generated from non-compiling source. May contain errors.
# Disables feature branches (default)
PDKPipeline(self, "PDKPipeline",
    repository_name="my-repo",
    branch_name_prefixes=[]
)
cdk_commandOptional
  • Type: str
  • Default: 'npx cdk'

CDK command.

Override the command used to call cdk for synth and deploy.


cdk_src_dirOptional
  • Type: str
  • Default: The parent directory of primarySynthDirectory

The directory with cdk.json to run cdk synth from. Set this if you enabled feature branches and cdk.json is not located in the parent directory of primarySynthDirectory.


code_commit_removal_policyOptional
  • Type: aws_cdk.RemovalPolicy

Possible values for a resource's Removal Policy The removal policy controls what happens to the resource if it stops being managed by CloudFormation.


default_branch_nameOptional
  • Type: str
  • Default: mainline

Branch to trigger the pipeline execution.


sonar_code_scanner_configOptional

Configuration for enabling Sonarqube code scanning on a successful synth.


synth_shell_step_partial_propsOptional
  • Type: aws_cdk.pipelines.ShellStepProps

PDKPipeline by default assumes a NX Monorepo structure for it's codebase and uses sane defaults for the install and run commands.

To override these defaults and/or provide additional inputs, specify env settings, etc you can provide a partial ShellStepProps.


Methods

Name Description
to_string Returns a string representation of this construct.
add_stage No description.
build_pipeline No description.
suppress_cdk_violations No description.

to_string
def to_string() -> str

Returns a string representation of this construct.

add_stage
def add_stage(
  stage: Stage,
  post: typing.List[Step] = None,
  pre: typing.List[Step] = None,
  stack_steps: typing.List[StackSteps] = None
) -> StageDeployment
stageRequired
  • Type: aws_cdk.Stage

postOptional
  • Type: typing.List[aws_cdk.pipelines.Step]
  • Default: No additional steps

Additional steps to run after all of the stacks in the stage.


preOptional
  • Type: typing.List[aws_cdk.pipelines.Step]
  • Default: No additional steps

Additional steps to run before any of the stacks in the stage.


stack_stepsOptional
  • Type: typing.List[aws_cdk.pipelines.StackSteps]
  • Default: No additional instructions

Instructions for stack level steps.


build_pipeline
def build_pipeline() -> None
suppress_cdk_violations
def suppress_cdk_violations() -> None

Static Functions

Name Description
is_construct Checks if x is a construct.
get_branch_prefix A helper function to create a branch prefix.
is_default_branch A helper function to determine if the current branch is the default branch.
normalize_branch_name A helper function to normalize the branch name with only alphanumeric characters and hypens ('-').

is_construct
import aws.pdk.pipeline

aws.pdk.pipeline.PDKPipeline.is_construct(
  x: typing.Any
)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

xRequired
  • Type: typing.Any

Any object.


get_branch_prefix
import aws.pdk.pipeline

aws.pdk.pipeline.PDKPipeline.get_branch_prefix(
  default_branch_name: str = None,
  node: Node = None
)

A helper function to create a branch prefix.

The prefix is empty on the default branch.

default_branch_nameOptional
  • Type: str

Specify the default branch name without context.


nodeOptional
  • Type: constructs.Node

The current node to fetch defaultBranchName from context.


is_default_branch
import aws.pdk.pipeline

aws.pdk.pipeline.PDKPipeline.is_default_branch(
  default_branch_name: str = None,
  node: Node = None
)

A helper function to determine if the current branch is the default branch.

If there is no BRANCH environment variable, then assume this is the default branch. Otherwise, check that BRANCH matches the default branch name.

The default branch name is determined in the following priority:

  1. defaultBranchName property
  2. defaultBranchName context
  3. PDKPipeline.defaultBranchName constant
default_branch_nameOptional
  • Type: str

Specify the default branch name without context.


nodeOptional
  • Type: constructs.Node

The current node to fetch defaultBranchName from context.


normalize_branch_name
import aws.pdk.pipeline

aws.pdk.pipeline.PDKPipeline.normalize_branch_name(
  branch_name: str
)

A helper function to normalize the branch name with only alphanumeric characters and hypens ('-').

branch_nameRequired
  • Type: str

The name of the branch to normalize.


Properties

Name Type Description
node constructs.Node The tree node.
code_pipeline aws_cdk.pipelines.CodePipeline No description.
code_repository aws_cdk.aws_codecommit.IRepository No description.

nodeRequired
node: Node
  • Type: constructs.Node

The tree node.


code_pipelineRequired
code_pipeline: CodePipeline
  • Type: aws_cdk.pipelines.CodePipeline

code_repositoryRequired
code_repository: IRepository
  • Type: aws_cdk.aws_codecommit.IRepository

Constants

Name Type Description
ALL_BRANCHES typing.List[str] No description.
defaultBranchName str No description.

ALL_BRANCHESRequired
ALL_BRANCHES: typing.List[str]
  • Type: typing.List[str]

defaultBranchNameRequired
defaultBranchName: str
  • Type: str

SonarCodeScanner

Initializers

import aws.pdk.pipeline

aws.pdk.pipeline.SonarCodeScanner(
  scope: Construct,
  id: str,
  sonarqube_authorized_group: str,
  sonarqube_default_profile_or_gate_name: str,
  sonarqube_endpoint: str,
  sonarqube_project_name: str,
  cdk_out_dir: str = None,
  cfn_nag_ignore_path: str = None,
  exclude_globs_for_scan: typing.List[str] = None,
  include_globs_for_scan: typing.List[str] = None,
  pre_archive_commands: typing.List[str] = None,
  sonarqube_specific_profile_or_gate_name: str = None,
  sonarqube_tags: typing.List[str] = None,
  artifact_bucket_arn: str,
  synth_build_arn: str,
  artifact_bucket_key_arn: str = None
)
Name Type Description
scope constructs.Construct No description.
id str No description.
sonarqube_authorized_group str Group name in Sonarqube with access to administer this project.
sonarqube_default_profile_or_gate_name str Default profile/gate name i.e: your org profile.
sonarqube_endpoint str endpoint of the sonarqube instance i.e: https://.
sonarqube_project_name str Name of the project to create in Sonarqube.
cdk_out_dir str directory containing the synthesized cdk resources.
cfn_nag_ignore_path str path to a file containing the cfn nag suppression rules.
exclude_globs_for_scan typing.List[str] glob patterns to exclude from sonar scan.
include_globs_for_scan typing.List[str] glob patterns to include from sonar scan.
pre_archive_commands typing.List[str] Hook which allows custom commands to be executed before the process commences the archival process.
sonarqube_specific_profile_or_gate_name str Specific profile/gate name i.e: language specific.
sonarqube_tags typing.List[str] Tags to associate with this project.
artifact_bucket_arn str S3 bucket ARN containing the built artifacts from the synth build.
synth_build_arn str ARN for the CodeBuild task responsible for executing the synth command.
artifact_bucket_key_arn str Artifact bucket key ARN used to encrypt the artifacts.

scopeRequired
  • Type: constructs.Construct

idRequired
  • Type: str

sonarqube_authorized_groupRequired
  • Type: str

Group name in Sonarqube with access to administer this project.


sonarqube_default_profile_or_gate_nameRequired
  • Type: str

Default profile/gate name i.e: your org profile.

Note: These need to be set up in Sonarqube manually.


sonarqube_endpointRequired
  • Type: str

endpoint of the sonarqube instance i.e: https://.

Note: Ensure a trailing '/' is not included.


sonarqube_project_nameRequired
  • Type: str

Name of the project to create in Sonarqube.


cdk_out_dirOptional
  • Type: str

directory containing the synthesized cdk resources.


cfn_nag_ignore_pathOptional
  • Type: str

path to a file containing the cfn nag suppression rules.


exclude_globs_for_scanOptional
  • Type: typing.List[str]

glob patterns to exclude from sonar scan.


include_globs_for_scanOptional
  • Type: typing.List[str]

glob patterns to include from sonar scan.


pre_archive_commandsOptional
  • Type: typing.List[str]

Hook which allows custom commands to be executed before the process commences the archival process.


sonarqube_specific_profile_or_gate_nameOptional
  • Type: str

Specific profile/gate name i.e: language specific.

Note: These need to be set up in Sonarqube manually.


sonarqube_tagsOptional
  • Type: typing.List[str]

Tags to associate with this project.


artifact_bucket_arnRequired
  • Type: str

S3 bucket ARN containing the built artifacts from the synth build.


synth_build_arnRequired
  • Type: str

ARN for the CodeBuild task responsible for executing the synth command.


artifact_bucket_key_arnOptional
  • Type: str

Artifact bucket key ARN used to encrypt the artifacts.


Methods

Name Description
to_string Returns a string representation of this construct.

to_string
def to_string() -> str

Returns a string representation of this construct.

Static Functions

Name Description
is_construct Checks if x is a construct.

is_construct
import aws.pdk.pipeline

aws.pdk.pipeline.SonarCodeScanner.is_construct(
  x: typing.Any
)

Checks if x is a construct.

Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

xRequired
  • Type: typing.Any

Any object.


Properties

Name Type Description
node constructs.Node The tree node.

nodeRequired
node: Node
  • Type: constructs.Node

The tree node.


Structs

CodePipelineProps

CodePipelineProps.

Initializer

import aws.pdk.pipeline

aws.pdk.pipeline.CodePipelineProps(
  artifact_bucket: IBucket = None,
  asset_publishing_code_build_defaults: CodeBuildOptions = None,
  cli_version: str = None,
  code_build_defaults: CodeBuildOptions = None,
  code_pipeline: Pipeline = None,
  cross_account_keys: bool = None,
  cross_region_replication_buckets: typing.Mapping[IBucket] = None,
  docker_credentials: typing.List[DockerCredential] = None,
  docker_enabled_for_self_mutation: bool = None,
  docker_enabled_for_synth: bool = None,
  enable_key_rotation: bool = None,
  pipeline_name: str = None,
  publish_assets_in_parallel: bool = None,
  reuse_cross_region_support_stacks: bool = None,
  role: IRole = None,
  self_mutation: bool = None,
  self_mutation_code_build_defaults: CodeBuildOptions = None,
  synth: IFileSetProducer = None,
  synth_code_build_defaults: CodeBuildOptions = None,
  use_change_sets: bool = None
)

Properties

Name Type Description
artifact_bucket aws_cdk.aws_s3.IBucket An existing S3 Bucket to use for storing the pipeline's artifact.
asset_publishing_code_build_defaults aws_cdk.pipelines.CodeBuildOptions Additional customizations to apply to the asset publishing CodeBuild projects.
cli_version str CDK CLI version to use in self-mutation and asset publishing steps.
code_build_defaults aws_cdk.pipelines.CodeBuildOptions Customize the CodeBuild projects created for this pipeline.
code_pipeline aws_cdk.aws_codepipeline.Pipeline An existing Pipeline to be reused and built upon.
cross_account_keys bool Create KMS keys for the artifact buckets, allowing cross-account deployments.
cross_region_replication_buckets typing.Mapping[aws_cdk.aws_s3.IBucket] A map of region to S3 bucket name used for cross-region CodePipeline.
docker_credentials typing.List[aws_cdk.pipelines.DockerCredential] A list of credentials used to authenticate to Docker registries.
docker_enabled_for_self_mutation bool Enable Docker for the self-mutate step.
docker_enabled_for_synth bool Enable Docker for the 'synth' step.
enable_key_rotation bool Enable KMS key rotation for the generated KMS keys.
pipeline_name str The name of the CodePipeline pipeline.
publish_assets_in_parallel bool Publish assets in multiple CodeBuild projects. If set to false, use one Project per type to publish all assets.
reuse_cross_region_support_stacks bool Reuse the same cross region support stack for all pipelines in the App.
role aws_cdk.aws_iam.IRole The IAM role to be assumed by this Pipeline.
self_mutation bool Whether the pipeline will update itself.
self_mutation_code_build_defaults aws_cdk.pipelines.CodeBuildOptions Additional customizations to apply to the self mutation CodeBuild projects.
synth aws_cdk.pipelines.IFileSetProducer The build step that produces the CDK Cloud Assembly.
synth_code_build_defaults aws_cdk.pipelines.CodeBuildOptions Additional customizations to apply to the synthesize CodeBuild projects.
use_change_sets bool Deploy every stack by creating a change set and executing it.

artifact_bucketOptional
artifact_bucket: IBucket
  • Type: aws_cdk.aws_s3.IBucket
  • Default: A new S3 bucket will be created.

An existing S3 Bucket to use for storing the pipeline's artifact.


asset_publishing_code_build_defaultsOptional
asset_publishing_code_build_defaults: CodeBuildOptions
  • Type: aws_cdk.pipelines.CodeBuildOptions
  • Default: Only codeBuildDefaults are applied

Additional customizations to apply to the asset publishing CodeBuild projects.


cli_versionOptional
cli_version: str
  • Type: str
  • Default: Latest version

CDK CLI version to use in self-mutation and asset publishing steps.

If you want to lock the CDK CLI version used in the pipeline, by steps that are automatically generated for you, specify the version here.

We recommend you do not specify this value, as not specifying it always uses the latest CLI version which is backwards compatible with old versions.

If you do specify it, be aware that this version should always be equal to or higher than the version of the CDK framework used by the CDK app, when the CDK commands are run during your pipeline execution. When you change this version, the next time the SelfMutate step runs it will still be using the CLI of the the previous version that was in this property: it will only start using the new version after SelfMutate completes successfully. That means that if you want to update both framework and CLI version, you should update the CLI version first, commit, push and deploy, and only then update the framework version.


code_build_defaultsOptional
code_build_defaults: CodeBuildOptions
  • Type: aws_cdk.pipelines.CodeBuildOptions
  • Default: All projects run non-privileged build, SMALL instance, LinuxBuildImage.STANDARD_7_0

Customize the CodeBuild projects created for this pipeline.


code_pipelineOptional
code_pipeline: Pipeline
  • Type: aws_cdk.aws_codepipeline.Pipeline
  • Default: a new underlying pipeline is created.

An existing Pipeline to be reused and built upon.

[disable-awslint:ref-via-interface]


cross_account_keysOptional
cross_account_keys: bool
  • Type: bool
  • Default: false

Create KMS keys for the artifact buckets, allowing cross-account deployments.

The artifact buckets have to be encrypted to support deploying CDK apps to another account, so if you want to do that or want to have your artifact buckets encrypted, be sure to set this value to true.

Be aware there is a cost associated with maintaining the KMS keys.


cross_region_replication_bucketsOptional
cross_region_replication_buckets: typing.Mapping[IBucket]
  • Type: typing.Mapping[aws_cdk.aws_s3.IBucket]
  • Default: no cross region replication buckets.

A map of region to S3 bucket name used for cross-region CodePipeline.

For every Action that you specify targeting a different region than the Pipeline itself, if you don't provide an explicit Bucket for that region using this property, the construct will automatically create a Stack containing an S3 Bucket in that region. Passed directly through to the {@link cp.Pipeline }.


docker_credentialsOptional
docker_credentials: typing.List[DockerCredential]
  • Type: typing.List[aws_cdk.pipelines.DockerCredential]
  • Default: []

A list of credentials used to authenticate to Docker registries.

Specify any credentials necessary within the pipeline to build, synth, update, or publish assets.


docker_enabled_for_self_mutationOptional
docker_enabled_for_self_mutation: bool
  • Type: bool
  • Default: false

Enable Docker for the self-mutate step.

Set this to true if the pipeline itself uses Docker container assets (for example, if you use LinuxBuildImage.fromAsset() as the build image of a CodeBuild step in the pipeline).

You do not need to set it if you build Docker image assets in the application Stages and Stacks that are deployed by this pipeline.

Configures privileged mode for the self-mutation CodeBuild action.

If you are about to turn this on in an already-deployed Pipeline, set the value to true first, commit and allow the pipeline to self-update, and only then use the Docker asset in the pipeline.


docker_enabled_for_synthOptional
docker_enabled_for_synth: bool
  • Type: bool
  • Default: false

Enable Docker for the 'synth' step.

Set this to true if you are using file assets that require "bundling" anywhere in your application (meaning an asset compilation step will be run with the tools provided by a Docker image), both for the Pipeline stack as well as the application stacks.

A common way to use bundling assets in your application is by using the aws-cdk-lib/aws-lambda-nodejs library.

Configures privileged mode for the synth CodeBuild action.

If you are about to turn this on in an already-deployed Pipeline, set the value to true first, commit and allow the pipeline to self-update, and only then use the bundled asset.


enable_key_rotationOptional
enable_key_rotation: bool
  • Type: bool
  • Default: false (key rotation is disabled)

Enable KMS key rotation for the generated KMS keys.

By default KMS key rotation is disabled, but will add additional costs when enabled.


pipeline_nameOptional
pipeline_name: str
  • Type: str
  • Default: Automatically generated

The name of the CodePipeline pipeline.


publish_assets_in_parallelOptional
publish_assets_in_parallel: bool
  • Type: bool
  • Default: true

Publish assets in multiple CodeBuild projects. If set to false, use one Project per type to publish all assets.

Publishing in parallel improves concurrency and may reduce publishing latency, but may also increase overall provisioning time of the CodeBuild projects.

Experiment and see what value works best for you.


reuse_cross_region_support_stacksOptional
reuse_cross_region_support_stacks: bool
  • Type: bool
  • Default: true (Use the same support stack for all pipelines in App)

Reuse the same cross region support stack for all pipelines in the App.


roleOptional
role: IRole
  • Type: aws_cdk.aws_iam.IRole
  • Default: A new role is created

The IAM role to be assumed by this Pipeline.


self_mutationOptional
self_mutation: bool
  • Type: bool
  • Default: true

Whether the pipeline will update itself.

This needs to be set to true to allow the pipeline to reconfigure itself when assets or stages are being added to it, and true is the recommended setting.

You can temporarily set this to false while you are iterating on the pipeline itself and prefer to deploy changes using cdk deploy.


self_mutation_code_build_defaultsOptional
self_mutation_code_build_defaults: CodeBuildOptions
  • Type: aws_cdk.pipelines.CodeBuildOptions
  • Default: Only codeBuildDefaults are applied

Additional customizations to apply to the self mutation CodeBuild projects.


synthOptional
synth: IFileSetProducer
  • Type: aws_cdk.pipelines.IFileSetProducer

The build step that produces the CDK Cloud Assembly.

The primary output of this step needs to be the cdk.out directory generated by the cdk synth command.

If you use a ShellStep here and you don't configure an output directory, the output directory will automatically be assumed to be cdk.out.


synth_code_build_defaultsOptional
synth_code_build_defaults: CodeBuildOptions
  • Type: aws_cdk.pipelines.CodeBuildOptions
  • Default: Only codeBuildDefaults are applied

Additional customizations to apply to the synthesize CodeBuild projects.


use_change_setsOptional
use_change_sets: bool
  • Type: bool
  • Default: true

Deploy every stack by creating a change set and executing it.

When enabled, creates a "Prepare" and "Execute" action for each stack. Disable to deploy the stack in one pipeline action.


IsDefaultBranchProps

Properties to help the isDefaultBranch function determine the default branch name.

Initializer

import aws.pdk.pipeline

aws.pdk.pipeline.IsDefaultBranchProps(
  default_branch_name: str = None,
  node: Node = None
)

Properties

Name Type Description
default_branch_name str Specify the default branch name without context.
node constructs.Node The current node to fetch defaultBranchName from context.

default_branch_nameOptional
default_branch_name: str
  • Type: str

Specify the default branch name without context.


nodeOptional
node: Node
  • Type: constructs.Node

The current node to fetch defaultBranchName from context.


PDKPipelineProps

Properties to configure the PDKPipeline.

Note: Due to limitations with JSII and generic support it should be noted that the synth, synthShellStepPartialProps.input and synthShellStepPartialProps.primaryOutputDirectory properties will be ignored if passed in to this construct.

synthShellStepPartialProps.commands is marked as a required field, however if you pass in [] the default commands of this construct will be retained.

Initializer

import aws.pdk.pipeline

aws.pdk.pipeline.PDKPipelineProps(
  artifact_bucket: IBucket = None,
  asset_publishing_code_build_defaults: CodeBuildOptions = None,
  cli_version: str = None,
  code_build_defaults: CodeBuildOptions = None,
  code_pipeline: Pipeline = None,
  cross_account_keys: bool = None,
  cross_region_replication_buckets: typing.Mapping[IBucket] = None,
  docker_credentials: typing.List[DockerCredential] = None,
  docker_enabled_for_self_mutation: bool = None,
  docker_enabled_for_synth: bool = None,
  enable_key_rotation: bool = None,
  pipeline_name: str = None,
  publish_assets_in_parallel: bool = None,
  reuse_cross_region_support_stacks: bool = None,
  role: IRole = None,
  self_mutation: bool = None,
  self_mutation_code_build_defaults: CodeBuildOptions = None,
  synth: IFileSetProducer = None,
  synth_code_build_defaults: CodeBuildOptions = None,
  use_change_sets: bool = None,
  primary_synth_directory: str,
  repository_name: str,
  branch_name_prefixes: typing.List[str] = None,
  cdk_command: str = None,
  cdk_src_dir: str = None,
  code_commit_removal_policy: RemovalPolicy = None,
  default_branch_name: str = None,
  sonar_code_scanner_config: SonarCodeScannerConfig = None,
  synth_shell_step_partial_props: ShellStepProps = None
)

Properties

Name Type Description
artifact_bucket aws_cdk.aws_s3.IBucket An existing S3 Bucket to use for storing the pipeline's artifact.
asset_publishing_code_build_defaults aws_cdk.pipelines.CodeBuildOptions Additional customizations to apply to the asset publishing CodeBuild projects.
cli_version str CDK CLI version to use in self-mutation and asset publishing steps.
code_build_defaults aws_cdk.pipelines.CodeBuildOptions Customize the CodeBuild projects created for this pipeline.
code_pipeline aws_cdk.aws_codepipeline.Pipeline An existing Pipeline to be reused and built upon.
cross_account_keys bool Create KMS keys for the artifact buckets, allowing cross-account deployments.
cross_region_replication_buckets typing.Mapping[aws_cdk.aws_s3.IBucket] A map of region to S3 bucket name used for cross-region CodePipeline.
docker_credentials typing.List[aws_cdk.pipelines.DockerCredential] A list of credentials used to authenticate to Docker registries.
docker_enabled_for_self_mutation bool Enable Docker for the self-mutate step.
docker_enabled_for_synth bool Enable Docker for the 'synth' step.
enable_key_rotation bool Enable KMS key rotation for the generated KMS keys.
pipeline_name str The name of the CodePipeline pipeline.
publish_assets_in_parallel bool Publish assets in multiple CodeBuild projects. If set to false, use one Project per type to publish all assets.
reuse_cross_region_support_stacks bool Reuse the same cross region support stack for all pipelines in the App.
role aws_cdk.aws_iam.IRole The IAM role to be assumed by this Pipeline.
self_mutation bool Whether the pipeline will update itself.
self_mutation_code_build_defaults aws_cdk.pipelines.CodeBuildOptions Additional customizations to apply to the self mutation CodeBuild projects.
synth aws_cdk.pipelines.IFileSetProducer The build step that produces the CDK Cloud Assembly.
synth_code_build_defaults aws_cdk.pipelines.CodeBuildOptions Additional customizations to apply to the synthesize CodeBuild projects.
use_change_sets bool Deploy every stack by creating a change set and executing it.
primary_synth_directory str Output directory for cdk synthesized artifacts i.e: packages/infra/cdk.out.
repository_name str Name of the CodeCommit repository to create.
branch_name_prefixes typing.List[str] Branch name prefixes Any branches created matching this list of prefixes will create a new pipeline and stack.
cdk_command str CDK command.
cdk_src_dir str The directory with cdk.json to run cdk synth from. Set this if you enabled feature branches and cdk.json is not located in the parent directory of primarySynthDirectory.
code_commit_removal_policy aws_cdk.RemovalPolicy Possible values for a resource's Removal Policy The removal policy controls what happens to the resource if it stops being managed by CloudFormation.
default_branch_name str Branch to trigger the pipeline execution.
sonar_code_scanner_config SonarCodeScannerConfig Configuration for enabling Sonarqube code scanning on a successful synth.
synth_shell_step_partial_props aws_cdk.pipelines.ShellStepProps PDKPipeline by default assumes a NX Monorepo structure for it's codebase and uses sane defaults for the install and run commands.

artifact_bucketOptional
artifact_bucket: IBucket
  • Type: aws_cdk.aws_s3.IBucket
  • Default: A new S3 bucket will be created.

An existing S3 Bucket to use for storing the pipeline's artifact.


asset_publishing_code_build_defaultsOptional
asset_publishing_code_build_defaults: CodeBuildOptions
  • Type: aws_cdk.pipelines.CodeBuildOptions
  • Default: Only codeBuildDefaults are applied

Additional customizations to apply to the asset publishing CodeBuild projects.


cli_versionOptional
cli_version: str
  • Type: str
  • Default: Latest version

CDK CLI version to use in self-mutation and asset publishing steps.

If you want to lock the CDK CLI version used in the pipeline, by steps that are automatically generated for you, specify the version here.

We recommend you do not specify this value, as not specifying it always uses the latest CLI version which is backwards compatible with old versions.

If you do specify it, be aware that this version should always be equal to or higher than the version of the CDK framework used by the CDK app, when the CDK commands are run during your pipeline execution. When you change this version, the next time the SelfMutate step runs it will still be using the CLI of the the previous version that was in this property: it will only start using the new version after SelfMutate completes successfully. That means that if you want to update both framework and CLI version, you should update the CLI version first, commit, push and deploy, and only then update the framework version.


code_build_defaultsOptional
code_build_defaults: CodeBuildOptions
  • Type: aws_cdk.pipelines.CodeBuildOptions
  • Default: All projects run non-privileged build, SMALL instance, LinuxBuildImage.STANDARD_7_0

Customize the CodeBuild projects created for this pipeline.


code_pipelineOptional
code_pipeline: Pipeline
  • Type: aws_cdk.aws_codepipeline.Pipeline
  • Default: a new underlying pipeline is created.

An existing Pipeline to be reused and built upon.

[disable-awslint:ref-via-interface]


cross_account_keysOptional
cross_account_keys: bool
  • Type: bool
  • Default: false

Create KMS keys for the artifact buckets, allowing cross-account deployments.

The artifact buckets have to be encrypted to support deploying CDK apps to another account, so if you want to do that or want to have your artifact buckets encrypted, be sure to set this value to true.

Be aware there is a cost associated with maintaining the KMS keys.


cross_region_replication_bucketsOptional
cross_region_replication_buckets: typing.Mapping[IBucket]
  • Type: typing.Mapping[aws_cdk.aws_s3.IBucket]
  • Default: no cross region replication buckets.

A map of region to S3 bucket name used for cross-region CodePipeline.

For every Action that you specify targeting a different region than the Pipeline itself, if you don't provide an explicit Bucket for that region using this property, the construct will automatically create a Stack containing an S3 Bucket in that region. Passed directly through to the {@link cp.Pipeline }.


docker_credentialsOptional
docker_credentials: typing.List[DockerCredential]
  • Type: typing.List[aws_cdk.pipelines.DockerCredential]
  • Default: []

A list of credentials used to authenticate to Docker registries.

Specify any credentials necessary within the pipeline to build, synth, update, or publish assets.


docker_enabled_for_self_mutationOptional
docker_enabled_for_self_mutation: bool
  • Type: bool
  • Default: false

Enable Docker for the self-mutate step.

Set this to true if the pipeline itself uses Docker container assets (for example, if you use LinuxBuildImage.fromAsset() as the build image of a CodeBuild step in the pipeline).

You do not need to set it if you build Docker image assets in the application Stages and Stacks that are deployed by this pipeline.

Configures privileged mode for the self-mutation CodeBuild action.

If you are about to turn this on in an already-deployed Pipeline, set the value to true first, commit and allow the pipeline to self-update, and only then use the Docker asset in the pipeline.


docker_enabled_for_synthOptional
docker_enabled_for_synth: bool
  • Type: bool
  • Default: false

Enable Docker for the 'synth' step.

Set this to true if you are using file assets that require "bundling" anywhere in your application (meaning an asset compilation step will be run with the tools provided by a Docker image), both for the Pipeline stack as well as the application stacks.

A common way to use bundling assets in your application is by using the aws-cdk-lib/aws-lambda-nodejs library.

Configures privileged mode for the synth CodeBuild action.

If you are about to turn this on in an already-deployed Pipeline, set the value to true first, commit and allow the pipeline to self-update, and only then use the bundled asset.


enable_key_rotationOptional
enable_key_rotation: bool
  • Type: bool
  • Default: false (key rotation is disabled)

Enable KMS key rotation for the generated KMS keys.

By default KMS key rotation is disabled, but will add additional costs when enabled.


pipeline_nameOptional
pipeline_name: str
  • Type: str
  • Default: Automatically generated

The name of the CodePipeline pipeline.


publish_assets_in_parallelOptional
publish_assets_in_parallel: bool
  • Type: bool
  • Default: true

Publish assets in multiple CodeBuild projects. If set to false, use one Project per type to publish all assets.

Publishing in parallel improves concurrency and may reduce publishing latency, but may also increase overall provisioning time of the CodeBuild projects.

Experiment and see what value works best for you.


reuse_cross_region_support_stacksOptional
reuse_cross_region_support_stacks: bool
  • Type: bool
  • Default: true (Use the same support stack for all pipelines in App)

Reuse the same cross region support stack for all pipelines in the App.


roleOptional
role: IRole
  • Type: aws_cdk.aws_iam.IRole
  • Default: A new role is created

The IAM role to be assumed by this Pipeline.


self_mutationOptional
self_mutation: bool
  • Type: bool
  • Default: true

Whether the pipeline will update itself.

This needs to be set to true to allow the pipeline to reconfigure itself when assets or stages are being added to it, and true is the recommended setting.

You can temporarily set this to false while you are iterating on the pipeline itself and prefer to deploy changes using cdk deploy.


self_mutation_code_build_defaultsOptional
self_mutation_code_build_defaults: CodeBuildOptions
  • Type: aws_cdk.pipelines.CodeBuildOptions
  • Default: Only codeBuildDefaults are applied

Additional customizations to apply to the self mutation CodeBuild projects.


synthOptional
synth: IFileSetProducer
  • Type: aws_cdk.pipelines.IFileSetProducer

The build step that produces the CDK Cloud Assembly.

The primary output of this step needs to be the cdk.out directory generated by the cdk synth command.

If you use a ShellStep here and you don't configure an output directory, the output directory will automatically be assumed to be cdk.out.


synth_code_build_defaultsOptional
synth_code_build_defaults: CodeBuildOptions
  • Type: aws_cdk.pipelines.CodeBuildOptions
  • Default: Only codeBuildDefaults are applied

Additional customizations to apply to the synthesize CodeBuild projects.


use_change_setsOptional
use_change_sets: bool
  • Type: bool
  • Default: true

Deploy every stack by creating a change set and executing it.

When enabled, creates a "Prepare" and "Execute" action for each stack. Disable to deploy the stack in one pipeline action.


primary_synth_directoryRequired
primary_synth_directory: str
  • Type: str

Output directory for cdk synthesized artifacts i.e: packages/infra/cdk.out.


repository_nameRequired
repository_name: str
  • Type: str

Name of the CodeCommit repository to create.


branch_name_prefixesOptional
branch_name_prefixes: typing.List[str]
  • Type: typing.List[str]
  • Default: undefined

Branch name prefixes Any branches created matching this list of prefixes will create a new pipeline and stack.


Example

# Example automatically generated from non-compiling source. May contain errors.
# Disables feature branches (default)
PDKPipeline(self, "PDKPipeline",
    repository_name="my-repo",
    branch_name_prefixes=[]
)
cdk_commandOptional
cdk_command: str
  • Type: str
  • Default: 'npx cdk'

CDK command.

Override the command used to call cdk for synth and deploy.


cdk_src_dirOptional
cdk_src_dir: str
  • Type: str
  • Default: The parent directory of primarySynthDirectory

The directory with cdk.json to run cdk synth from. Set this if you enabled feature branches and cdk.json is not located in the parent directory of primarySynthDirectory.


code_commit_removal_policyOptional
code_commit_removal_policy: RemovalPolicy
  • Type: aws_cdk.RemovalPolicy

Possible values for a resource's Removal Policy The removal policy controls what happens to the resource if it stops being managed by CloudFormation.


default_branch_nameOptional
default_branch_name: str
  • Type: str
  • Default: mainline

Branch to trigger the pipeline execution.


sonar_code_scanner_configOptional
sonar_code_scanner_config: SonarCodeScannerConfig

Configuration for enabling Sonarqube code scanning on a successful synth.


synth_shell_step_partial_propsOptional
synth_shell_step_partial_props: ShellStepProps
  • Type: aws_cdk.pipelines.ShellStepProps

PDKPipeline by default assumes a NX Monorepo structure for it's codebase and uses sane defaults for the install and run commands.

To override these defaults and/or provide additional inputs, specify env settings, etc you can provide a partial ShellStepProps.


SonarCodeScannerConfig

Initializer

import aws.pdk.pipeline

aws.pdk.pipeline.SonarCodeScannerConfig(
  sonarqube_authorized_group: str,
  sonarqube_default_profile_or_gate_name: str,
  sonarqube_endpoint: str,
  sonarqube_project_name: str,
  cdk_out_dir: str = None,
  cfn_nag_ignore_path: str = None,
  exclude_globs_for_scan: typing.List[str] = None,
  include_globs_for_scan: typing.List[str] = None,
  pre_archive_commands: typing.List[str] = None,
  sonarqube_specific_profile_or_gate_name: str = None,
  sonarqube_tags: typing.List[str] = None
)

Properties

Name Type Description
sonarqube_authorized_group str Group name in Sonarqube with access to administer this project.
sonarqube_default_profile_or_gate_name str Default profile/gate name i.e: your org profile.
sonarqube_endpoint str endpoint of the sonarqube instance i.e: https://.
sonarqube_project_name str Name of the project to create in Sonarqube.
cdk_out_dir str directory containing the synthesized cdk resources.
cfn_nag_ignore_path str path to a file containing the cfn nag suppression rules.
exclude_globs_for_scan typing.List[str] glob patterns to exclude from sonar scan.
include_globs_for_scan typing.List[str] glob patterns to include from sonar scan.
pre_archive_commands typing.List[str] Hook which allows custom commands to be executed before the process commences the archival process.
sonarqube_specific_profile_or_gate_name str Specific profile/gate name i.e: language specific.
sonarqube_tags typing.List[str] Tags to associate with this project.

sonarqube_authorized_groupRequired
sonarqube_authorized_group: str
  • Type: str

Group name in Sonarqube with access to administer this project.


sonarqube_default_profile_or_gate_nameRequired
sonarqube_default_profile_or_gate_name: str
  • Type: str

Default profile/gate name i.e: your org profile.

Note: These need to be set up in Sonarqube manually.


sonarqube_endpointRequired
sonarqube_endpoint: str
  • Type: str

endpoint of the sonarqube instance i.e: https://.

Note: Ensure a trailing '/' is not included.


sonarqube_project_nameRequired
sonarqube_project_name: str
  • Type: str

Name of the project to create in Sonarqube.


cdk_out_dirOptional
cdk_out_dir: str
  • Type: str

directory containing the synthesized cdk resources.


cfn_nag_ignore_pathOptional
cfn_nag_ignore_path: str
  • Type: str

path to a file containing the cfn nag suppression rules.


exclude_globs_for_scanOptional
exclude_globs_for_scan: typing.List[str]
  • Type: typing.List[str]

glob patterns to exclude from sonar scan.


include_globs_for_scanOptional
include_globs_for_scan: typing.List[str]
  • Type: typing.List[str]

glob patterns to include from sonar scan.


pre_archive_commandsOptional
pre_archive_commands: typing.List[str]
  • Type: typing.List[str]

Hook which allows custom commands to be executed before the process commences the archival process.


sonarqube_specific_profile_or_gate_nameOptional
sonarqube_specific_profile_or_gate_name: str
  • Type: str

Specific profile/gate name i.e: language specific.

Note: These need to be set up in Sonarqube manually.


sonarqube_tagsOptional
sonarqube_tags: typing.List[str]
  • Type: typing.List[str]

Tags to associate with this project.


SonarCodeScannerProps

SonarCodeScanners properties.

Initializer

import aws.pdk.pipeline

aws.pdk.pipeline.SonarCodeScannerProps(
  sonarqube_authorized_group: str,
  sonarqube_default_profile_or_gate_name: str,
  sonarqube_endpoint: str,
  sonarqube_project_name: str,
  cdk_out_dir: str = None,
  cfn_nag_ignore_path: str = None,
  exclude_globs_for_scan: typing.List[str] = None,
  include_globs_for_scan: typing.List[str] = None,
  pre_archive_commands: typing.List[str] = None,
  sonarqube_specific_profile_or_gate_name: str = None,
  sonarqube_tags: typing.List[str] = None,
  artifact_bucket_arn: str,
  synth_build_arn: str,
  artifact_bucket_key_arn: str = None
)

Properties

Name Type Description
sonarqube_authorized_group str Group name in Sonarqube with access to administer this project.
sonarqube_default_profile_or_gate_name str Default profile/gate name i.e: your org profile.
sonarqube_endpoint str endpoint of the sonarqube instance i.e: https://.
sonarqube_project_name str Name of the project to create in Sonarqube.
cdk_out_dir str directory containing the synthesized cdk resources.
cfn_nag_ignore_path str path to a file containing the cfn nag suppression rules.
exclude_globs_for_scan typing.List[str] glob patterns to exclude from sonar scan.
include_globs_for_scan typing.List[str] glob patterns to include from sonar scan.
pre_archive_commands typing.List[str] Hook which allows custom commands to be executed before the process commences the archival process.
sonarqube_specific_profile_or_gate_name str Specific profile/gate name i.e: language specific.
sonarqube_tags typing.List[str] Tags to associate with this project.
artifact_bucket_arn str S3 bucket ARN containing the built artifacts from the synth build.
synth_build_arn str ARN for the CodeBuild task responsible for executing the synth command.
artifact_bucket_key_arn str Artifact bucket key ARN used to encrypt the artifacts.

sonarqube_authorized_groupRequired
sonarqube_authorized_group: str
  • Type: str

Group name in Sonarqube with access to administer this project.


sonarqube_default_profile_or_gate_nameRequired
sonarqube_default_profile_or_gate_name: str
  • Type: str

Default profile/gate name i.e: your org profile.

Note: These need to be set up in Sonarqube manually.


sonarqube_endpointRequired
sonarqube_endpoint: str
  • Type: str

endpoint of the sonarqube instance i.e: https://.

Note: Ensure a trailing '/' is not included.


sonarqube_project_nameRequired
sonarqube_project_name: str
  • Type: str

Name of the project to create in Sonarqube.


cdk_out_dirOptional
cdk_out_dir: str
  • Type: str

directory containing the synthesized cdk resources.


cfn_nag_ignore_pathOptional
cfn_nag_ignore_path: str
  • Type: str

path to a file containing the cfn nag suppression rules.


exclude_globs_for_scanOptional
exclude_globs_for_scan: typing.List[str]
  • Type: typing.List[str]

glob patterns to exclude from sonar scan.


include_globs_for_scanOptional
include_globs_for_scan: typing.List[str]
  • Type: typing.List[str]

glob patterns to include from sonar scan.


pre_archive_commandsOptional
pre_archive_commands: typing.List[str]
  • Type: typing.List[str]

Hook which allows custom commands to be executed before the process commences the archival process.


sonarqube_specific_profile_or_gate_nameOptional
sonarqube_specific_profile_or_gate_name: str
  • Type: str

Specific profile/gate name i.e: language specific.

Note: These need to be set up in Sonarqube manually.


sonarqube_tagsOptional
sonarqube_tags: typing.List[str]
  • Type: typing.List[str]

Tags to associate with this project.


artifact_bucket_arnRequired
artifact_bucket_arn: str
  • Type: str

S3 bucket ARN containing the built artifacts from the synth build.


synth_build_arnRequired
synth_build_arn: str
  • Type: str

ARN for the CodeBuild task responsible for executing the synth command.


artifact_bucket_key_arnOptional
artifact_bucket_key_arn: str
  • Type: str

Artifact bucket key ARN used to encrypt the artifacts.



Last update: 2024-12-09