-
Notifications
You must be signed in to change notification settings - Fork 11
/
Copy pathbuild-images.yaml
134 lines (134 loc) · 5.09 KB
/
build-images.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
AWSTemplateFormatVersion: 2010-09-09
Description: >-
This template builds ECR images for Codenator
Parameters:
ProjectName:
AllowedPattern: '[A-Za-z0-9-]{1,16}'
ConstraintDescription: >-
Maximum of 22 alphanumeric characters. Can include hyphens (-), but not
spaces. Must be unique within your account in an AWS Region.
Description: Project Name used to identify your resources
MaxLength: '16'
MinLength: '1'
Type: String
Default: codenator
SourceRepo:
Type: String
Description: Project git repo url
ProjectBucket:
Type: String
Default: my-codenator-bucket
Description: Project bucket
ProjectCFNPrefix:
Type: String
Default: codenator/CFN/
Description: Prefix to the project's CloudFormation templates
Resources:
CodeBuildPushDockerRole:
Type: AWS::IAM::Role
Properties:
RoleName: !Join ['', [!Ref ProjectName, CodeBuildPushDockerRole]]
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Principal:
Service:
- codebuild.amazonaws.com
- codepipeline.amazonaws.com
- lambda.amazonaws.com
Action:
- sts:AssumeRole
Policies:
- PolicyName: !Join ['', [!Ref ProjectName, CodeBuildPushDockerPolicy]]
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Action:
- logs:CreateLogGroup
- logs:CreatelogStream
- logs:PutLogEvents
- ecr:GetAuthorizationToken
- ecr:DescribeRepositories
- ecr:BatchCheckLayerAvailability
- ecr:CompleteLayerUpload
- ecr:InitiateLayerUpload
- ecr:PutImage
- ecr:UploadLayerPart
- ecr:BatchDeleteImage
- ecr:ListImages
- s3:*
- codecommit:*
- lambda:*
- codebuild:*
- ssm:DescribeParameters
- ssm:DeleteParameters
Resource: "*"
APILayerImage:
Type: 'AWS::CloudFormation::Stack'
Properties:
TemplateURL: !Join ['', ['https://', !Ref ProjectBucket, '.s3.', !Ref AWS::Region, '.amazonaws.com/', !Ref ProjectCFNPrefix, 'single-image-build.yaml']]
Parameters:
ProjectName: !Ref ProjectName
ECRRepoName: 'api_layer'
SourceRepo: !Ref SourceRepo
CodeBuildPushDockerRole: !GetAtt CodeBuildPushDockerRole.Arn
CodeExecImage:
Type: 'AWS::CloudFormation::Stack'
Properties:
TemplateURL: !Join ['', ['https://', !Ref ProjectBucket, '.s3.', !Ref AWS::Region, '.amazonaws.com/', !Ref ProjectCFNPrefix, 'single-image-build.yaml']]
Parameters:
ProjectName: !Ref ProjectName
ECRRepoName: 'code_executor'
SourceRepo: !Ref SourceRepo
CodeBuildPushDockerRole: !GetAtt CodeBuildPushDockerRole.Arn
CodeScanImage:
Type: 'AWS::CloudFormation::Stack'
Properties:
TemplateURL: !Join ['', ['https://', !Ref ProjectBucket, '.s3.', !Ref AWS::Region, '.amazonaws.com/', !Ref ProjectCFNPrefix, 'single-image-build.yaml']]
Parameters:
ProjectName: !Ref ProjectName
ECRRepoName: 'code_scanner'
SourceRepo: !Ref SourceRepo
CodeBuildPushDockerRole: !GetAtt CodeBuildPushDockerRole.Arn
ControllerImage:
Type: 'AWS::CloudFormation::Stack'
Properties:
TemplateURL: !Join ['', ['https://', !Ref ProjectBucket, '.s3.', !Ref AWS::Region, '.amazonaws.com/', !Ref ProjectCFNPrefix, 'single-image-build.yaml']]
Parameters:
ProjectName: !Ref ProjectName
ECRRepoName: 'controller'
SourceRepo: !Ref SourceRepo
CodeBuildPushDockerRole: !GetAtt CodeBuildPushDockerRole.Arn
TaskStoreImage:
Type: 'AWS::CloudFormation::Stack'
Properties:
TemplateURL: !Join ['', ['https://', !Ref ProjectBucket, '.s3.', !Ref AWS::Region, '.amazonaws.com/', !Ref ProjectCFNPrefix, 'single-image-build.yaml']]
Parameters:
ProjectName: !Ref ProjectName
ECRRepoName: 'task_store'
SourceRepo: !Ref SourceRepo
CodeBuildPushDockerRole: !GetAtt CodeBuildPushDockerRole.Arn
WebUiImage:
Type: 'AWS::CloudFormation::Stack'
Properties:
TemplateURL: !Join ['', ['https://', !Ref ProjectBucket, '.s3.', !Ref AWS::Region, '.amazonaws.com/', !Ref ProjectCFNPrefix, 'single-image-build.yaml']]
Parameters:
ProjectName: !Ref ProjectName
ECRRepoName: 'web_ui'
SourceRepo: !Ref SourceRepo
CodeBuildPushDockerRole: !GetAtt CodeBuildPushDockerRole.Arn
Outputs:
APILayerImageUri:
Value: !GetAtt APILayerImage.Outputs.ImageUri
CodeExecImageUri:
Value: !GetAtt CodeExecImage.Outputs.ImageUri
CodeScanImageUri:
Value: !GetAtt CodeScanImage.Outputs.ImageUri
ControllerImageUri:
Value: !GetAtt ControllerImage.Outputs.ImageUri
TaskStoreImageUri:
Value: !GetAtt TaskStoreImage.Outputs.ImageUri
WebUIImageUri:
Value: !GetAtt WebUiImage.Outputs.ImageUri