Support for S3 as source (#130)

* add support for s3 source
* bump dependencies
* cleanup env example file

.eslintrc.js

@@ -3,10 +3,7 @@ module.exports = {
     node: true,
   },
   ignorePatterns: ["**/*.js", "cdk.out"],
-  extends: [
-    "eslint:recommended",
-    "plugin:@typescript-eslint/recommended"
-  ],
+  extends: ["eslint:recommended", "plugin:@typescript-eslint/recommended"],
   parser: "@typescript-eslint/parser",
   parserOptions: {
     ecmaVersion: 12,

bin/aws-sso-extensions-for-enterprise.ts

@@ -15,7 +15,7 @@ const app = new App();
 function ensureString(
   /* eslint-disable  @typescript-eslint/no-explicit-any */
   object: { [name: string]: any },
-  propName: string
+  propName: string,
 ): string {
   if (!object[`${propName}`] || object[`${propName}`].trim().length === 0)
     throw new Error(propName + " does not exist or is empty");
@@ -26,7 +26,7 @@ function ensureValidString(
   /* eslint-disable  @typescript-eslint/no-explicit-any */
   object: { [name: string]: any },
   propName: string,
-  validList: Array<string>
+  validList: Array<string>,
 ): string {
   if (
     !object[`${propName}`] ||
@@ -35,13 +35,13 @@ function ensureValidString(
   )
     throw new Error(
       propName +
-        " does not exist or is empty or is of not the correct data type"
+        " does not exist or is empty or is of not the correct data type",
     );
 
   const value = ("" + object[`${propName}`]).toUpperCase();
   if (!validList.includes(value)) {
     throw new Error(
-      `${propName} is not one of the valid values - ${validList.toString()}`
+      `${propName} is not one of the valid values - ${validList.toString()}`,
     );
   }
 
@@ -51,11 +51,11 @@ function ensureValidString(
 function ensureNumber(
   /* eslint-disable  @typescript-eslint/no-explicit-any */
   object: { [name: string]: any },
-  propName: string
+  propName: string,
 ): number {
   if (!object[`${propName}`] || typeof object[`${propName}`] !== "number")
     throw new Error(
-      propName + " does not exist or is empty or is not a number data type"
+      propName + " does not exist or is empty or is not a number data type",
     );
 
   return object[`${propName}`];
@@ -64,11 +64,11 @@ function ensureNumber(
 function ensureBoolean(
   /* eslint-disable  @typescript-eslint/no-explicit-any */
   object: { [name: string]: any },
-  propName: string
+  propName: string,
 ): boolean {
   if (typeof object[`${propName}`] !== "boolean")
     throw new Error(
-      propName + " does not exist or is of not the correct data type"
+      propName + " does not exist or is of not the correct data type",
     );
 
   return object[`${propName}`];
@@ -78,7 +78,7 @@ function ensureDependentPropIsPresentForSourceRepo(
   /* eslint-disable  @typescript-eslint/no-explicit-any */
   object: { [name: string]: any },
   repoTypePropName: string,
-  propName: string
+  propName: string,
 ): string {
   const repoType = ensureString(object, repoTypePropName);
   let propValue = "";
@@ -107,9 +107,20 @@ function ensureDependentPropIsPresentForSourceRepo(
       default:
         return "";
     }
+  } else if (repoType.toLowerCase() === "s3") {
+    switch (propName.toLowerCase()) {
+      case "sourcebucketname":
+        propValue = ensureString(object, propName);
+        break;
+      case "sourceobjectkey":
+        propValue = ensureString(object, propName);
+        break;
+      default:
+        return "";
+    }
   } else {
     throw new Error(
-      `Repo type ${repoType} is not one of valid values - ["codecommit","codestar"]`
+      `Repo type ${repoType} is not one of valid values - ["codecommit","codestar","s3"]`,
     );
   }
   /** Making the linter happy */
@@ -120,12 +131,12 @@ function getConfig() {
   const env = app.node.tryGetContext("config");
   if (!env)
     throw new Error(
-      "Context variable missing on CDK command. Pass in as `-c config=XXX`"
+      "Context variable missing on CDK command. Pass in as `-c config=XXX`",
     );
 
   /* eslint-disable  @typescript-eslint/no-explicit-any */
   const unparsedEnv: any = yaml.load(
-    readFileSync(resolve("./config/" + env + ".yaml"), "utf8")
+    readFileSync(resolve("./config/" + env + ".yaml"), "utf8"),
   );
 
   const buildConfig: BuildConfig = {
@@ -136,111 +147,122 @@ function getConfig() {
     PipelineSettings: {
       BootstrapQualifier: ensureString(
         unparsedEnv["PipelineSettings"],
-        "BootstrapQualifier"
+        "BootstrapQualifier",
       ),
       DeploymentAccountId: ensureString(
         unparsedEnv["PipelineSettings"],
-        "DeploymentAccountId"
+        "DeploymentAccountId",
       ),
       DeploymentAccountRegion: ensureString(
         unparsedEnv["PipelineSettings"],
-        "DeploymentAccountRegion"
+        "DeploymentAccountRegion",
       ),
       TargetAccountId: ensureString(
         unparsedEnv["PipelineSettings"],
-        "TargetAccountId"
+        "TargetAccountId",
       ),
       TargetAccountRegion: ensureString(
         unparsedEnv["PipelineSettings"],
-        "TargetAccountRegion"
+        "TargetAccountRegion",
       ),
       SSOServiceAccountId: ensureString(
         unparsedEnv["PipelineSettings"],
-        "SSOServiceAccountId"
+        "SSOServiceAccountId",
       ),
       SSOServiceAccountRegion: ensureString(
         unparsedEnv["PipelineSettings"],
-        "SSOServiceAccountRegion"
+        "SSOServiceAccountRegion",
       ),
       OrgMainAccountId: ensureString(
         unparsedEnv["PipelineSettings"],
-        "OrgMainAccountId"
+        "OrgMainAccountId",
       ),
       RepoType: ensureValidString(unparsedEnv["PipelineSettings"], "RepoType", [
         "CODECOMMIT",
         "CODESTAR",
+        "S3",
       ]),
       RepoArn: ensureDependentPropIsPresentForSourceRepo(
         unparsedEnv["PipelineSettings"],
         "RepoType",
-        "RepoArn"
+        "RepoArn",
       ),
       RepoBranchName: ensureDependentPropIsPresentForSourceRepo(
         unparsedEnv["PipelineSettings"],
         "RepoType",
-        "RepoBranchName"
+        "RepoBranchName",
       ),
       RepoName: ensureDependentPropIsPresentForSourceRepo(
         unparsedEnv["PipelineSettings"],
         "RepoType",
-        "RepoName"
+        "RepoName",
       ),
       CodeStarConnectionArn: ensureDependentPropIsPresentForSourceRepo(
         unparsedEnv["PipelineSettings"],
         "RepoType",
-        "CodeStarConnectionArn"
+        "CodeStarConnectionArn",
+      ),
+      SourceBucketName: ensureDependentPropIsPresentForSourceRepo(
+        unparsedEnv["PipelineSettings"],
+        "RepoType",
+        "SourceBucketName",
+      ),
+      SourceObjectKey: ensureDependentPropIsPresentForSourceRepo(
+        unparsedEnv["PipelineSettings"],
+        "RepoType",
+        "SourceObjectKey",
       ),
       SynthCommand: ensureString(
         unparsedEnv["PipelineSettings"],
-        "SynthCommand"
+        "SynthCommand",
       ),
     },
 
     Parameters: {
       LinksProvisioningMode: ensureValidString(
         unparsedEnv["Parameters"],
         "LinksProvisioningMode",
-        ["API", "S3"]
+        ["API", "S3"],
       ),
       PermissionSetProvisioningMode: ensureValidString(
         unparsedEnv["Parameters"],
         "PermissionSetProvisioningMode",
-        ["API", "S3"]
+        ["API", "S3"],
       ),
       LinkCallerRoleArn: ensureString(
         unparsedEnv["Parameters"],
-        "LinkCallerRoleArn"
+        "LinkCallerRoleArn",
       ),
       PermissionSetCallerRoleArn: ensureString(
         unparsedEnv["Parameters"],
-        "PermissionSetCallerRoleArn"
+        "PermissionSetCallerRoleArn",
       ),
       NotificationEmail: ensureString(
         unparsedEnv["Parameters"],
-        "NotificationEmail"
+        "NotificationEmail",
       ),
       AccountAssignmentVisibilityTimeoutHours: ensureNumber(
         unparsedEnv["Parameters"],
-        "AccountAssignmentVisibilityTimeoutHours"
+        "AccountAssignmentVisibilityTimeoutHours",
       ),
       IsAdUsed: ensureBoolean(unparsedEnv["Parameters"], "IsAdUsed"),
       DomainName: ensureString(unparsedEnv["Parameters"], "DomainName"),
       ImportCurrentSSOConfiguration: ensureBoolean(
         unparsedEnv["Parameters"],
-        "ImportCurrentSSOConfiguration"
+        "ImportCurrentSSOConfiguration",
       ),
       UpgradeFromVersionLessThanV303: ensureBoolean(
         unparsedEnv["Parameters"],
-        "UpgradeFromVersionLessThanV303"
+        "UpgradeFromVersionLessThanV303",
       ),
       SupportNestedOU: ensureBoolean(
         unparsedEnv["Parameters"],
-        "SupportNestedOU"
+        "SupportNestedOU",
       ),
       FunctionLogMode: ensureValidString(
         unparsedEnv["Parameters"],
         "FunctionLogMode",
-        ["INFO", "WARN", "DEBUG", "EXCEPTION"]
+        ["INFO", "WARN", "DEBUG", "EXCEPTION"],
       ),
     },
   };
@@ -251,19 +273,19 @@ function getConfig() {
 function getRegionSwitchConfig() {
   /* eslint-disable  @typescript-eslint/no-explicit-any */
   const unparsedEnv: any = yaml.load(
-    readFileSync(resolve("./config/" + "region-switch" + ".yaml"), "utf8")
+    readFileSync(resolve("./config/" + "region-switch" + ".yaml"), "utf8"),
   );
 
   const buildConfig: RegionSwitchBuildConfig = {
     SSOServiceAccountId: ensureString(unparsedEnv, "SSOServiceAccountId"),
     BootstrapQualifier: ensureString(unparsedEnv, "BootstrapQualifier"),
     SSOServiceAccountRegion: ensureString(
       unparsedEnv,
-      "SSOServiceAccountRegion"
+      "SSOServiceAccountRegion",
     ),
     SSOServiceTargetAccountRegion: ensureString(
       unparsedEnv,
-      "SSOServiceTargetAccountRegion"
+      "SSOServiceTargetAccountRegion",
     ),
   };
 
@@ -274,7 +296,7 @@ async function DeploySSOForEnterprise() {
   const env: string = app.node.tryGetContext("config");
   if (!env)
     throw new Error(
-      "Context variable missing on CDK command. Pass in as `-c config=XXX`"
+      "Context variable missing on CDK command. Pass in as `-c config=XXX`",
     );
 
   if (env.toUpperCase() === "REGION-SWITCH-DISCOVER") {
@@ -292,7 +314,7 @@ async function DeploySSOForEnterprise() {
           qualifier: buildConfig.BootstrapQualifier,
         }),
       },
-      buildConfig
+      buildConfig,
     );
   } else if (env.toUpperCase() === "REGION-SWITCH-DEPLOY") {
     const buildConfig: RegionSwitchBuildConfig = getRegionSwitchConfig();
@@ -309,7 +331,7 @@ async function DeploySSOForEnterprise() {
           qualifier: buildConfig.BootstrapQualifier,
         }),
       },
-      buildConfig
+      buildConfig,
     );
   } else {
     const buildConfig: BuildConfig = getConfig();
@@ -329,13 +351,13 @@ async function DeploySSOForEnterprise() {
             qualifier: buildConfig.PipelineSettings.BootstrapQualifier,
           }),
         },
-        buildConfig
+        buildConfig,
       );
 
     Tags.of(AwsSsoExtensionsForEnterpriseStack).add("App", buildConfig.App);
     Tags.of(AwsSsoExtensionsForEnterpriseStack).add(
       "Environment",
-      buildConfig.Environment
+      buildConfig.Environment,
     );
   }
 }

config/env.yaml

@@ -1,7 +1,7 @@
 ---
 App: "aws-sso-extensions-for-enterprise"
 Environment: "env"
-Version: "3.1.8"
+Version: "3.1.9"
 
 PipelineSettings:
   BootstrapQualifier: "<your-bootstrap-qualifier>" # For example: 'ssoutility'
@@ -12,9 +12,13 @@ PipelineSettings:
   OrgMainAccountId: "<your-orgmain-account-id>"
   SSOServiceAccountId: "<your-sso-account-id>"
   SSOServiceAccountRegion: "<your-sso-service-region>"
-  RepoType: "CodeCommit"
-  RepoArn: "arn:aws:codecommit:<your-deployment-region>:<your-deployment-account-id>:aws-sso-extensions-for-enterprise"
-  RepoBranchName: "master" # Verify that this is the branch name used by your CodeCommit repository
+  RepoType: "CODECOMMIT" # Allowed values - ["S3", "CODECOMMIT", "CODESTAR"]
+  RepoArn: "arn:aws:codecommit:<your-deployment-region>:<your-deployment-account-id>:aws-sso-extensions-for-enterprise" # Only required if RepoType is "CODECOMMIT"
+  RepoName: "aws-samples/aws-iam-identity-center-extensions" # Only required if RepoType is "CODESTAR". Ensure this is the fully qualified repository name like "aws-samples/aws-iam-identity-center-extensions".
+  CodeStarConnectionArn: "arn:aws:codeconnections:us-east-1:686255979076:connection/12c162f9-8c00-4bcb-9aeb-6d42b072760b" # Only required if RepoType is "CODESTAR"
+  RepoBranchName: "main" # Verify that this is the branch name used by your repository if RepoType is "CODESTAR" or "CODECOMMIT"
+  SourceBucketName: "<your-s3-bucket-name>" # Ensure this bucket exists in the deployment account. Required if RepoType is "S3"
+  SourceObjectKey: "<s3-key-for-source-code>" # Ensure the source code is uploaded to this location in the bucket. Required if RepoType is "S3".
   SynthCommand: "yarn cdk-synth-env"
 
 Parameters:

lib/build/buildConfig.ts

@@ -33,6 +33,8 @@ export interface PipelineSettings {
    */
   readonly RepoName: string /** AWS CodeStar repo name - only checked when RepoType is set to codestar */;
   readonly CodeStarConnectionArn: string /** AWS CodeStar connection ARN - only checked when RepoType is set to codestar */;
+  readonly SourceBucketName: string /** S3 bucket name - only checked when RepoType is set to s3 */;
+  readonly SourceObjectKey: string /** S3 object key - only checked when RepoType is set to s3 */;
   readonly SynthCommand: string /** CDK synthesise command */;
 }