Skip to content

Latest commit

 

History

History
372 lines (232 loc) · 13.6 KB

API.md

File metadata and controls

372 lines (232 loc) · 13.6 KB

API Reference

Constructs

TokenInjectableDockerBuilder

A CDK construct to build and push Docker images to an ECR repository using CodeBuild and Lambda custom resources, then retrieve the final image tag so that ECS/Lambda references use the exact digest.

Initializers 

import { TokenInjectableDockerBuilder } from 'token-injectable-docker-builder'

new TokenInjectableDockerBuilder(scope: Construct, id: string, props: TokenInjectableDockerBuilderProps)
Name Type Description
scope constructs.Construct The scope in which to define this construct.
id string The scoped construct ID.
props TokenInjectableDockerBuilderProps Configuration for building and pushing the Docker image.
scopeRequired
  • Type: constructs.Construct

The scope in which to define this construct.

idRequired
  • Type: string

The scoped construct ID.

propsRequired

Configuration for building and pushing the Docker image.

Methods

Name Description
toString Returns a string representation of this construct.
toString 
public toString(): string

Returns a string representation of this construct.

Static Functions

Name Description
isConstruct Checks if x is a construct.
isConstruct 
import { TokenInjectableDockerBuilder } from 'token-injectable-docker-builder'

TokenInjectableDockerBuilder.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

Properties

Name Type Description
node constructs.Node The tree node.
containerImage aws-cdk-lib.aws_ecs.ContainerImage An ECS-compatible container image referencing the tag of the built Docker image.
dockerImageCode aws-cdk-lib.aws_lambda.DockerImageCode A Lambda-compatible DockerImageCode referencing the tag of the built Docker image.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

containerImageRequired 
public readonly containerImage: ContainerImage;
  • Type: aws-cdk-lib.aws_ecs.ContainerImage

An ECS-compatible container image referencing the tag of the built Docker image.

dockerImageCodeRequired 
public readonly dockerImageCode: DockerImageCode;
  • Type: aws-cdk-lib.aws_lambda.DockerImageCode

A Lambda-compatible DockerImageCode referencing the tag of the built Docker image.

Structs

TokenInjectableDockerBuilderProps

Properties for the TokenInjectableDockerBuilder construct.

Initializer 

import { TokenInjectableDockerBuilderProps } from 'token-injectable-docker-builder'

const tokenInjectableDockerBuilderProps: TokenInjectableDockerBuilderProps = { ... }

Properties

Name Type Description
path string The path to the directory containing the Dockerfile or source code.
buildArgs {[ key: string ]: string} Build arguments to pass to the Docker build process.
completenessQueryInterval aws-cdk-lib.Duration The query interval for checking if the CodeBuild project has completed.
dockerLoginSecretArn string The ARN of the AWS Secrets Manager secret containing Docker login credentials.
exclude string[] A list of file paths in the Docker directory to exclude from build.
installCommands string[] Custom commands to run during the install phase of CodeBuild.
kmsEncryption boolean Whether to enable KMS encryption for the ECR repository.
preBuildCommands string[] Custom commands to run during the pre_build phase of CodeBuild.
securityGroups aws-cdk-lib.aws_ec2.ISecurityGroup[] The security groups to attach to the CodeBuild project.
subnetSelection aws-cdk-lib.aws_ec2.SubnetSelection The subnet selection to specify which subnets to use within the VPC.
vpc aws-cdk-lib.aws_ec2.IVpc The VPC in which the CodeBuild project will be deployed.
pathRequired 
public readonly path: string;
  • Type: string

The path to the directory containing the Dockerfile or source code.

buildArgsOptional 
public readonly buildArgs: {[ key: string ]: string};
  • Type: {[ key: string ]: string}

Build arguments to pass to the Docker build process.

These are transformed into --build-arg KEY=VALUE flags.

Example

{
  TOKEN: 'my-secret-token',
  ENV: 'production'
}
completenessQueryIntervalOptional 
public readonly completenessQueryInterval: Duration;
  • Type: aws-cdk-lib.Duration
  • Default: Duration.seconds(30)

The query interval for checking if the CodeBuild project has completed.

This determines how frequently the custom resource polls for build completion.

dockerLoginSecretArnOptional 
public readonly dockerLoginSecretArn: string;
  • Type: string

The ARN of the AWS Secrets Manager secret containing Docker login credentials.

This secret should store a JSON object with the following structure:

{
  "username": "my-docker-username",
  "password": "my-docker-password"
}

If not provided (or not needed), the construct will skip Docker Hub login.

Note: The secret must be in the same region as the stack.

Example

'arn:aws:secretsmanager:us-east-1:123456789012:secret:DockerLoginSecret'
excludeOptional 
public readonly exclude: string[];
  • Type: string[]
  • Default: No file path exclusions

A list of file paths in the Docker directory to exclude from build.

Will use paths in .dockerignore file if present.

installCommandsOptional 
public readonly installCommands: string[];
  • Type: string[]
  • Default: No additional install commands.

Custom commands to run during the install phase of CodeBuild.

Example:

installCommands: [
  'echo "Updating package lists..."',
  'apt-get update -y',
  'echo "Installing required packages..."',
  'apt-get install -y curl dnsutils',
],
kmsEncryptionOptional 
public readonly kmsEncryption: boolean;
  • Type: boolean
  • Default: false

Whether to enable KMS encryption for the ECR repository.

If true, a KMS key will be created for encrypting ECR images. If false, the repository will use AES-256 encryption.

preBuildCommandsOptional 
public readonly preBuildCommands: string[];
  • Type: string[]
  • Default: No additional pre-build commands.

Custom commands to run during the pre_build phase of CodeBuild.

Example:

preBuildCommands: [
  'echo "Fetching configuration from private API..."',
  'curl -o config.json https://api.example.com/config',
],
securityGroupsOptional 
public readonly securityGroups: ISecurityGroup[];
  • Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
  • Default: No security groups are attached.

The security groups to attach to the CodeBuild project.

These define the network access rules for the CodeBuild project.

subnetSelectionOptional 
public readonly subnetSelection: SubnetSelection;
  • Type: aws-cdk-lib.aws_ec2.SubnetSelection
  • Default: All subnets in the VPC are used.

The subnet selection to specify which subnets to use within the VPC.

Allows the user to select private, public, or isolated subnets.

vpcOptional 
public readonly vpc: IVpc;
  • Type: aws-cdk-lib.aws_ec2.IVpc
  • Default: No VPC is attached, and the CodeBuild project will use public internet.

The VPC in which the CodeBuild project will be deployed.

If provided, the CodeBuild project will be launched within the specified VPC.