Merge pull request #153 from cloudgraphdev/feature/EP-3203-add-codepipeline-services

feat(aws): Add codepipeline services

Author: m-pizarro

README.md

@@ -93,6 +93,8 @@ CloudGraph AWS Provider will ask you what regions you would like to crawl and wi
 | cloudwatchLog                | cloudtrail, cloudwatch, ecsCluster, elasticSearchDomain, kms, managedAirflow, rdsDbInstance                                                                                                                                                                                                                                                                                                                                   |
 | codeCommitRepository        |                                                                                                                                                                                                                                                                                                                                                                                       |
 | codebuild                    | iamRole, kms, vpc, securityGroup, subnet                                                                                                                                                                                                                                                                                                                                                                                      |
+| codePipeline                  |                                                                                                                                                                                                                                                                                                                                                                                      |
+| codePipelineWebhook                  |                                                                                                                                                                                                                                                                                                                                                                                      |
 | cognitoIdentityPool          | iamRole, iamOpenIdConnectProvider, iamSamlProvider, elasticSearchDomain                                                                                                                                                                                                                                                                                                                                                       |
 | cognitoUserPool              | appSync, elasticSearchDomain, lambda                                                                                                                                                                                                                                                                                                                                                                                          |
 | configurationDeliveryChannel |                                                                                                                                                                                                                                                                                                                                                                                                                               |

package.json

@@ -31,7 +31,8 @@
     "terraform:cleanup": "rimraf ./tests/terraform/{.terraform,.terraform.lock.hcl,tfplan} ./tests/terraform/*.{tfstate,tfplan,backup}"
   },
   "dependencies": {
-    "@aws-sdk/client-codecommit": "^3.342.0",
+    "@aws-sdk/client-codecommit": "^3.344.0",
+    "@aws-sdk/client-codepipeline": "^3.344.0",
     "@aws-sdk/client-elastic-beanstalk": "^3.338.0",
     "@aws-sdk/client-glue": "^3.342.0",
     "@aws-sdk/client-ssm": "^3.341.0",

src/enums/schemasMap.ts

@@ -25,6 +25,8 @@ export default {
   [services.cloudwatch]: 'awsCloudwatch',
   [services.cloudwatchLog]: 'awsCloudwatchLog',
   [services.codebuild]: 'awsCodebuild',
+  [services.codePipeline]: 'awsCodePipeline',
+  [services.codePipelineWebhook]: 'awsCodePipelineWebhook',
   [services.codeCommitRepository]: 'awsCodeCommitRepository',
   [services.cognitoIdentityPool]: 'awsCognitoIdentityPool',
   [services.cognitoUserPool]: 'awsCognitoUserPool',

src/enums/serviceAliases.ts

@@ -21,6 +21,8 @@ export default {
   [services.cloudwatchDashboard]: 'cloudwatchDashboards',
   [services.cloudwatchEventRule]: 'cloudwatchEventRules',
   [services.codebuild]: 'codebuilds',
+  [services.codePipeline]: 'codePipelines',
+  [services.codePipelineWebhook]: 'codePipelineWebhooks',
   [services.codeCommitRepository]: 'codeCommitRepositories',
   [services.configurationDeliveryChannel]: 'configurationDeliveryChannels',
   [services.configurationRecorder]: 'configurationRecorders',

src/enums/serviceMap.ts

@@ -125,6 +125,8 @@ import VpnConnection from '../services/vpnConnection'
 import VpnGateway from '../services/vpnGateway'
 import WafV2WebAcl from '../services/wafV2WebAcl'
 import services from './services'
+import CodePipeline from '../services/codePipeline'
+import CodePipelineWebhook from '../services/codePipelineWebhook'
 
 /**
  * serviceMap is an object that contains all currently supported services for AWS
@@ -157,6 +159,8 @@ export default {
   [services.cloudwatchEventRule]: CloudWatchEventRule,
   [services.cloudwatchLog]: CloudWatchLog,
   [services.codebuild]: CodeBuild,
+  [services.codePipeline]: CodePipeline,
+  [services.codePipelineWebhook]: CodePipelineWebhook,
   [services.codeCommitRepository]: CodeCommitRepository,
   [services.cognitoIdentityPool]: CognitoIdentityPool,
   [services.cognitoUserPool]: CognitoUserPool,

src/enums/services.ts

@@ -24,6 +24,8 @@ export default {
   cloudwatchEventRule: 'cloudwatchEventRule',
   cloudwatchLog: 'cloudwatchLog',
   codebuild: 'codebuild',
+  codePipeline: 'codePipeline',
+  codePipelineWebhook: 'codePipelineWebhook',
   codeCommitRepository: 'codeCommitRepository',
   cognitoIdentityPool: 'cognitoIdentityPool',
   cognitoUserPool: 'cognitoUserPool',

src/services/account/schema.graphql

@@ -22,6 +22,8 @@ type awsAccount implements awsOptionalService @key(fields: "id") {
   cloudwatch: [awsCloudwatch]
   cloudwatchLogs: [awsCloudwatchLog]
   codebuilds: [awsCodebuild]
+  codePipelines: [awsCodePipeline]
+  codePipelineWebhooks: [awsCodePipelineWebhook]
   codeCommitRepository: [awsCodeCommitRepository]
   cognitoIdentityPool: [awsCognitoIdentityPool]
   cognitoUserPool: [awsCognitoUserPool]

src/services/codePipeline/data.ts

@@ -0,0 +1,95 @@
+import {
+  CodePipelineClient,
+  ListPipelinesCommand,
+  ListPipelinesInput,
+  PipelineSummary,
+} from '@aws-sdk/client-codepipeline'
+import CloudGraph from '@cloudgraph/sdk'
+import { Config } from 'aws-sdk'
+import { groupBy } from 'lodash'
+import isEmpty from 'lodash/isEmpty'
+import awsLoggerText from '../../properties/logger'
+import AwsErrorLog from '../../utils/errorLog'
+
+const lt = { ...awsLoggerText }
+const { logger } = CloudGraph
+const serviceName = 'Code Pipeline'
+const errorLog = new AwsErrorLog(serviceName)
+const MAX_ITEMS = 500
+
+export interface RawAwsPipelineSummary extends PipelineSummary {
+  region: string
+}
+
+const listPipelines = async (
+  cp: CodePipelineClient
+): Promise<PipelineSummary[]> =>
+  new Promise(async resolve => {
+    const codePipelines: PipelineSummary[] = []
+
+    const input: ListPipelinesInput = {
+      maxResults: MAX_ITEMS,
+    }
+
+    const listAllPipelines = (token?: string): void => {
+      if (token) {
+        input.nextToken = token
+      }
+      const command = new ListPipelinesCommand(input)
+      cp.send(command)
+        .then(data => {
+          if (isEmpty(data)) {
+            return resolve([])
+          }
+
+          const { pipelines = [], nextToken } = data || {}
+
+          codePipelines.push(...pipelines)
+
+          if (nextToken) {
+            logger.debug(lt.foundAnotherThousand)
+            listAllPipelines(nextToken)
+          } else {
+            resolve(codePipelines)
+          }
+        })
+        .catch(err => {
+          errorLog.generateAwsErrorLog({
+            functionName: 'codepipeline:listPipelines',
+            err,
+          })
+          resolve([])
+        })
+    }
+    listAllPipelines()
+  })
+
+export default async ({
+  regions,
+  config,
+}: {
+  regions: string
+  config: Config
+}): Promise<{ [property: string]: RawAwsPipelineSummary[] }> =>
+  new Promise(async resolve => {
+    const { credentials } = config
+    const pipelinesData: RawAwsPipelineSummary[] = []
+
+    const regionPromises = regions.split(',').map(region => {
+      const cpClient = new CodePipelineClient({
+        credentials,
+        region,
+      })
+      return new Promise<void>(async resolveRegion => {
+        const pipelines = (await listPipelines(cpClient)) || []
+        if (!isEmpty(pipelines))
+          pipelinesData.push(...pipelines.map(val => ({ ...val, region })))
+        resolveRegion()
+      })
+    })
+
+    await Promise.all(regionPromises)
+    errorLog.reset()
+
+    resolve(groupBy(pipelinesData, 'region'))
+  })

src/services/codePipeline/format.ts

@@ -0,0 +1,29 @@
+
+import { AwsCodePipeline } from '../../types/generated'
+import { codePipelineArn } from '../../utils/generateArns'
+import { RawAwsPipelineSummary } from './data'
+
+/**
+ * Code Pipeline
+ */
+export default ({
+  account,
+  region,
+  service: pipeline,
+}: {
+  account: string
+  region: string
+  service: RawAwsPipelineSummary
+}): AwsCodePipeline => {
+  const { name } = pipeline
+
+  const arn = codePipelineArn({ region, account, name })
+
+  return {
+    accountId: account,
+    arn,
+    id: arn,
+    name,
+    region,
+  }
+}

src/services/codePipeline/index.ts

@@ -0,0 +1,13 @@
+import { Service } from '@cloudgraph/sdk'
+import BaseService from '../base'
+import format from './format'
+import getData from './data'
+import mutation from './mutation'
+
+export default class CodePipeline extends BaseService implements Service {
+  format = format.bind(this)
+
+  getData = getData.bind(this)
+
+  mutation = mutation
+}