chore(pipelines): fix integration tests (#19723)

This PR makes two types of updates to the integ tests 1. Make all stacks environment agnostic 2. Change the source to be S3 instead of GitHub ---- ### All Submissions: * [ ] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)? * [ ] Did you use `cdk-integ` to deploy the infrastructure and generate the snapshot (i.e. `cdk-integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
aws · Apr 4, 2022 · c22aec3 · c22aec3
1 parent 0afc32c
commit c22aec3
Show file tree

Hide file tree

Showing 10 changed files with 2,588 additions and 249 deletions.
diff --git a/packages/@aws-cdk/pipelines/test/integ.pipeline-security.expected.json b/packages/@aws-cdk/pipelines/test/integ.pipeline-security.expected.json
diff --git a/packages/@aws-cdk/pipelines/test/integ.pipeline-security.ts b/packages/@aws-cdk/pipelines/test/integ.pipeline-security.ts
@@ -2,17 +2,17 @@
 import * as codepipeline from '@aws-cdk/aws-codepipeline';
 import * as codepipeline_actions from '@aws-cdk/aws-codepipeline-actions';
 import * as iam from '@aws-cdk/aws-iam';
+import * as s3 from '@aws-cdk/aws-s3';
 import * as sns from '@aws-cdk/aws-sns';
 import * as subscriptions from '@aws-cdk/aws-sns-subscriptions';
-import { App, SecretValue, Stack, StackProps, Stage, StageProps } from '@aws-cdk/core';
+import { App, RemovalPolicy, Stack, StackProps, Stage, StageProps } from '@aws-cdk/core';
 import { Construct } from 'constructs';
 import * as cdkp from '../lib';
 
 class MyStage extends Stage {
   constructor(scope: Construct, id: string, props?: StageProps) {
     super(scope, id, props);
     const stack = new Stack(this, 'MyStack', {
-      env: props?.env,
     });
     const topic = new sns.Topic(stack, 'Topic');
     topic.grantPublish(new iam.AccountPrincipal(stack.account));
@@ -23,7 +23,6 @@ class MySafeStage extends Stage {
   constructor(scope: Construct, id: string, props?: StageProps) {
     super(scope, id, props);
     const stack = new Stack(this, 'MySafeStack', {
-      env: props?.env,
     });
     new sns.Topic(stack, 'MySafeTopic');
   }
@@ -36,18 +35,20 @@ export class TestCdkStack extends Stack {
     // The code that defines your stack goes here
     const sourceArtifact = new codepipeline.Artifact();
     const cloudAssemblyArtifact = new codepipeline.Artifact('CloudAsm');
+    const sourceBucket = new s3.Bucket(this, 'SourceBucket', {
+      removalPolicy: RemovalPolicy.DESTROY,
+      autoDeleteObjects: true,
+    });
 
     const pipeline = new cdkp.CdkPipeline(this, 'TestPipeline', {
       selfMutating: false,
       pipelineName: 'TestPipeline',
       cloudAssemblyArtifact,
-      sourceAction: new codepipeline_actions.GitHubSourceAction({
-        actionName: 'GitHub',
+      sourceAction: new codepipeline_actions.S3SourceAction({
+        bucket: sourceBucket,
         output: sourceArtifact,
-        oauthToken: SecretValue.plainText('not-a-secret'),
-        owner: 'OWNER',
-        repo: 'REPO',
-        trigger: codepipeline_actions.GitHubTrigger.POLL,
+        bucketKey: 'key',
+        actionName: 'S3',
       }),
       synthAction: cdkp.SimpleSynthAction.standardYarnSynth({
         sourceArtifact,
@@ -74,28 +75,21 @@ export class TestCdkStack extends Stack {
     topic.addSubscription(new subscriptions.EmailSubscription('[email protected]'));
 
     unattachedStage.addApplication(new MyStage(this, 'SingleStage', {
-      env: { account: this.account, region: this.region },
     }), { confirmBroadeningPermissions: true, securityNotificationTopic: topic });
 
     const stage1 = pipeline.addApplicationStage(new MyStage(this, 'PreProduction', {
-      env: { account: this.account, region: this.region },
     }), { confirmBroadeningPermissions: true, securityNotificationTopic: topic });
 
     stage1.addApplication(new MySafeStage(this, 'SafeProduction', {
-      env: { account: this.account, region: this.region },
     }));
 
     stage1.addApplication(new MySafeStage(this, 'DisableSecurityCheck', {
-      env: { account: this.account, region: this.region },
     }), { confirmBroadeningPermissions: false });
 
     const stage2 = pipeline.addApplicationStage(new MyStage(this, 'NoSecurityCheck', {
-      env: { account: this.account, region: this.region },
     }));
 
-    stage2.addApplication(new MyStage(this, 'EnableSecurityCheck', {
-      env: { account: this.account, region: this.region },
-    }), { confirmBroadeningPermissions: true });
+    stage2.addApplication(new MyStage(this, 'EnableSecurityCheck', { }), { confirmBroadeningPermissions: true });
   }
 }
 
@@ -104,7 +98,5 @@ const app = new App({
     '@aws-cdk/core:newStyleStackSynthesis': 'true',
   },
 });
-new TestCdkStack(app, 'PipelineSecurityStack', {
-  env: { account: process.env.CDK_DEFAULT_ACCOUNT, region: process.env.CDK_DEFAULT_REGION },
-});
+new TestCdkStack(app, 'PipelineSecurityStack');
 app.synth();