I have a project in CDKv1 which i am upgrading to CDKv2. I have a Gitleaks stage in my AWS CodePipeline using CDKv1. Now i want to move this functionality to CDKv2 but the ShellScriptAction is deprecated. I tried out with ShellStep but ShellStep does not have the project property - LINK.
export class GitleaksReviewAction extends Construct {
public readonly action: ShellScriptAction;
public readonly gitleaksImage: DockerImageAsset;
constructor(scope: Construct, id: string, props: GitleaksReviewActionProps) {
super(scope, id);
this.gitleaksImage = new DockerImageAsset(this, "gitleaksDockerAsset", {
directory: path.join(__dirname, "../assets/gitleaks"),
});
this.action = new ShellScriptAction({
actionName: "Gitleaks",
additionalArtifacts: [props.sourceArtifact],
commands: [
"find . -type d -exec chmod 777 {} \\;",
"find . -type f -exec chmod 666 {} \\;",
`aws ecr get-login-password --region $AWS_REGION | docker login -u AWS --password-stdin ${this.gitleaksImage.imageUri}`,
`docker run -v $(pwd):/repo ${this.gitleaksImage.imageUri} --path=/repo --repo-config-path=config/gitleaks/gitleaks.toml --verbose`,
],
environment: {
buildImage: codebuild.LinuxBuildImage.STANDARD_5_0,
privileged: true,
},
});
}
}
Used to call the class with this -
gitleaksReviewAction.gitleaksImage.repository.grantPull(
gitleaksReviewAction.action.project
);
Is there an equivalent in the CDKv2 which returns the project property?
CodePudding user response:
I'm assuming you're switching to the new API for CDK pipelines, which requires more than just using different classes for the steps.
If that's true, the equivalent in the new API is to use CodeBuildStep:
gitleaksReviewAction.gitleaksImage.repository.grantPull(
gitleaksReviewAction.action.grantPrincipal
);
This is assuming that gitleaksReviewAction.action is of type CodeBuildStep.
Reference: https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.pipelines.CodeBuildStep.html#grantprincipal