Merge pull request #2 from sktan/cdk

Added some CDK code to deploy the proxy into an AWS environment

Author: sktan

.pre-commit-config.yaml

@@ -1,9 +1,14 @@
 repos:
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.1.0  # Use the ref you want to point at
+    rev: v4.1.0
     hooks:
       - id: trailing-whitespace
       - id: end-of-file-fixer
       - id: mixed-line-ending
       # - id: no-commit-to-branch
       #   name: Don't commit to master
+  - repo: https://github.com/psf/black
+    rev: 22.3.0
+    hooks:
+      - id: black
+        language_version: python3.10

README.md

@@ -77,12 +77,42 @@ services:
       - 8080:8080
 ```
 
-### AWS Example
+### AWS CDK Example
 
 You will be able to use the CDK template in the `cdk` directory to create a Load Balancer, a fargate container and a CodeArtifact repository (if you desire).
 
+Modify the variables in app.py (or copy the `cdk/code_artifact_proxy.py` file to your codebase).
+
+```
+root ➜ /workspaces/aws-codeartifact-proxy/cdk (cdk ✗) $ pipenv install
+Installing dependencies from Pipfile.lock (1a118d)...
+  🐍   ▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉▉ 0/0 — 00:00:00
+To activate this project's virtualenv, run pipenv shell.
+Alternatively, run a command inside the virtualenv with pipenv run.
+root ➜ /workspaces/aws-codeartifact-proxy/cdk (cdk ✗) $ pipenv run cdk deploy
+```
+
+If you'd rather use your own CDK codebase, you can use the following snippet in your `app.py` file:
+
 ```
-# Currently TODO
+# Replace me with where you have placed your codeartifact module
+from cdk.code_artifact_proxy import CodeArtifactProxy
+
+proxy = CodeArtifactProxy(
+    app,
+    "codeartifact-proxy",
+    # Replace the 3 lines below with your own values
+    domain_name="mycodeartifactdomain",
+    repository_name="internalrepo",
+    vpc_id="vpc-1234567",
+    env=cdk.Environment(
+        account=os.environ["CDK_DEFAULT_ACCOUNT"],
+        region=os.environ["CDK_DEFAULT_REGION"],
+    ),
+)
+
+proxy.create_code_artifact()
+proxy.create_loadbalanced_fargate()
 ```
 
 ## Testing Access

cdk/.gitignore

@@ -0,0 +1,10 @@
+*.swp
+package-lock.json
+__pycache__
+.pytest_cache
+.venv
+*.egg-info
+
+# CDK asset staging directory
+.cdk.staging
+cdk.out

cdk/Pipfile

@@ -0,0 +1,15 @@
+[[source]]
+url = "https://pypi.org/simple"
+verify_ssl = true
+name = "pypi"
+
+[packages]
+aws-cdk-lib = "*"
+constructs = "*"
+
+[dev-packages]
+black = "*"
+pytest = "*"
+
+[requires]
+python_version = "3.10"

cdk/Pipfile.lock

@@ -0,0 +1,10 @@
+
+# AWS Code Commit Proxy CDK Stack
+
+This deploys a CDK stack with the following resources:
+
+1. AWS Application Load Balancer
+2. Fargate Container
+3. IAM Role for Fargate access to Code Artifact
+4. (Optional) Code Artifact Repository
+5. (Optional) VPC

cdk/README.md

@@ -0,0 +1,29 @@
+#!/usr/bin/env python3
+import os
+
+import aws_cdk as cdk
+
+from cdk.code_artifact_proxy import CodeArtifactProxy
+
+app = cdk.App()
+
+cdk_env = cdk.Environment(
+    account=os.environ["CDK_DEFAULT_ACCOUNT"],
+    region=os.environ["CDK_DEFAULT_REGION"],
+)
+
+proxy = CodeArtifactProxy(
+    app,
+    "codeartifact-proxy",
+    # Replace the 3 lines below with your own values
+    domain_name="mycodeartifactdomain",
+    repository_name="internalrepo",
+    vpc_id="vpc-1234567",
+    env=cdk_env,
+)
+
+# This is actually optional if you do not already have a codeartifact repository
+proxy.create_code_artifact()
+proxy.create_loadbalanced_fargate()
+
+app.synth()

cdk/app.py

@@ -0,0 +1 @@
+{}

cdk/cdk.context.json

@@ -0,0 +1,31 @@
+{
+  "app": "python3 app.py",
+  "watch": {
+    "include": [
+      "**"
+    ],
+    "exclude": [
+      "README.md",
+      "cdk*.json",
+      "requirements*.txt",
+      "source.bat",
+      "**/__init__.py",
+      "python/__pycache__",
+      "tests"
+    ]
+  },
+  "context": {
+    "@aws-cdk/aws-apigateway:usagePlanKeyOrderInsensitiveId": true,
+    "@aws-cdk/core:stackRelativeExports": true,
+    "@aws-cdk/aws-rds:lowercaseDbIdentifier": true,
+    "@aws-cdk/aws-lambda:recognizeVersionProps": true,
+    "@aws-cdk/aws-cloudfront:defaultSecurityPolicyTLSv1.2_2021": true,
+    "@aws-cdk-containers/ecs-service-extensions:enableDefaultLogDriver": true,
+    "@aws-cdk/aws-ec2:uniqueImdsv2TemplateName": true,
+    "@aws-cdk/aws-iam:minimizePolicies": true,
+    "@aws-cdk/core:target-partitions": [
+      "aws",
+      "aws-cn"
+    ]
+  }
+}