updated pipeline.ts

aws-observability · Sep 20, 2023 · 5e53041 · 5e53041
1 parent 0834925
commit 5e53041
Showing 1 changed file with 122 additions and 123 deletions.
diff --git a/lib/multi-acc-new-eks-mixed-observability-pattern/pipeline.ts b/lib/multi-acc-new-eks-mixed-observability-pattern/pipeline.ts
@@ -128,7 +128,7 @@ export class PipelineMultiEnvMonitoring {
                 "ssm:GetParameter"
             ],
             resources: ["*"]
-        }
+        };
 
         //Props for cross-account trust role in PROD1 account to trust MON account, inorder share PROD1's AMP workspace URL
         const trustedMONAccArn = `arn:aws:iam::${context.monitoringEnv.account}:role/crossAccAMPInfoFromPROD1Role`;
@@ -141,7 +141,7 @@ export class PipelineMultiEnvMonitoring {
                 "ssm:GetParameter"
             ],
             resources: ["*"]    
-        }        
+        };    
 
         // creating constructs
         const ampConstruct = new AmpMonitoringConstruct();
@@ -179,7 +179,6 @@ export class PipelineMultiEnvMonitoring {
         const gitRepositoryName = pipelineSrcInfo.gitRepoName;
         const gitBranch = pipelineSrcInfo.gitBranch;
 
-
         const pipeline = blueprints.CodePipelineStack.builder()
             .application("npx ts-node bin/multi-acc-new-eks-mixed-observability.ts")
             .name("multi-acc-central-pipeline")
@@ -207,120 +206,120 @@ export class PipelineMultiEnvMonitoring {
             })
             .enableCrossAccountKeys();
 
-            const monStage: blueprints.StackStage = {
-                id: MON_ENV_ID,
-                stackBuilder: blueprintAmg
-                    .name(MON_ENV_ID)
-                    .clone(context.monitoringEnv.region, context.monitoringEnv.account)
-                    .addOns(new blueprints.NestedStackAddOn({
-                        builder: AmgIamSetupStack.builder(AmgIamSetupStackProps),
-                        id: "amg-iam-nested-stack"
-                    }))
-                    .addOns(
-                        grafanaOperatorArgoAddonConfig,
-                    )
-            };           
-
-            const ampStage: blueprints.StackStage = {
-                id: PROD1_ENV_ID,
-                stackBuilder: blueprintAmp
-                    .name(PROD1_ENV_ID)                        
-                    .clone(context.prodEnv1.region, context.prodEnv1.account)
-                    .version('auto')
-                    .addOns(new blueprints.NestedStackAddOn({
-                        // builder: AmpIamSetupStack.builder("AMPAccessForTrustedAMGRole", amgWorkspaceIAMRoleARN!),
-                        builder: CreateIAMRoleNestedStack.builder(AMGTrustRoleStackProps),
-                        id: "amp-ds-trustrole-nested-stack"
-                    }))
-                    .addOns(new blueprints.NestedStackAddOn({
-                        builder: CreateIAMRoleNestedStack.builder(ShareAMPInfoTrustRoleStackProps),
-                        id: "amp-info-trustrole-nested-stack"
-                    }))                           
-                    .addOns(
-                        prodArgoAddonConfig,
-                    )
-            };
-
-            const cwStage: blueprints.StackStage = {
-                id: PROD2_ENV_ID,
-                stackBuilder: blueprintCloudWatch
-                    .name(PROD2_ENV_ID)
-                    .clone(context.prodEnv2.region, context.prodEnv2.account)
-                    .addOns(new blueprints.NestedStackAddOn({
-                        builder: CloudWatchIamSetupStack.builder("cloudwatchDataSourceRole", amgWorkspaceIAMRoleARN!),
-                        id: "cloudwatch-iam-nested-stack"
-                    }))
-                    .addOns(
-                        prodArgoAddonConfig,
-                    )
-            };
-
-            pipeline.wave({
-                id: "multi-acc-stage-01",
-                stages: [ampStage, cwStage]
-            });
-
-            // adding monitoring env setup as separate stage
-            pipeline.stage(monStage);
-
-
-            pipeline.build(scope, "multi-account-central-pipeline", {
-                env: context.pipelineEnv
-            });
-
-            // pipeline.wave({
-            //     id: "multi-acc-stages",
-            //     stages: [
-            //         {
-            //             id: PROD1_ENV_ID,
-            //             stackBuilder: blueprintAmp
-            //                 .name(PROD1_ENV_ID)                        
-            //                 .clone(context.prodEnv1.region, context.prodEnv1.account)
-            //                 .version('auto')
-            //                 .addOns(new blueprints.NestedStackAddOn({
-            //                     // builder: AmpIamSetupStack.builder("AMPAccessForTrustedAMGRole", amgWorkspaceIAMRoleARN!),
-            //                     builder: CreateIAMRoleNestedStack.builder(AMGTrustRoleStackProps),
-            //                     id: "amp-ds-trustrole-nested-stack"
-            //                 }))
-            //                 .addOns(new blueprints.NestedStackAddOn({
-            //                     builder: CreateIAMRoleNestedStack.builder(ShareAMPInfoTrustRoleStackProps),
-            //                     id: "amp-info-trustrole-nested-stack"
-            //                 }))                           
-            //                 .addOns(
-            //                     prodArgoAddonConfig,
-            //                 )
-            //         },
-            //         {
-            //             id: PROD2_ENV_ID,
-            //             stackBuilder: blueprintCloudWatch
-            //                 .name(PROD2_ENV_ID)
-            //                 .clone(context.prodEnv2.region, context.prodEnv2.account)
-            //                 .addOns(new blueprints.NestedStackAddOn({
-            //                     builder: CloudWatchIamSetupStack.builder("cloudwatchDataSourceRole", amgWorkspaceIAMRoleARN!),
-            //                     id: "cloudwatch-iam-nested-stack"
-            //                 }))
-            //                 .addOns(
-            //                     prodArgoAddonConfig,
-            //                 )
-            //         },
-            //         {
-            //             id: MON_ENV_ID,
-            //             stackBuilder: blueprintAmg
-            //                 .name(MON_ENV_ID)
-            //                 .clone(context.monitoringEnv.region, context.monitoringEnv.account)
-            //                 .addOns(new blueprints.NestedStackAddOn({
-            //                     builder: AmgIamSetupStack.builder(AmgIamSetupStackProps),
-            //                     id: "amg-iam-nested-stack"
-            //                 }))
-            //                 .addOns(
-            //                     grafanaOperatorArgoAddonConfig,
-            //                 )
-            //         },       
-            //     ],
-            // })
-            // .build(scope, "multi-account-central-pipeline", {
-            //     env: context.pipelineEnv
-            // });
+        const monStage: blueprints.StackStage = {
+            id: MON_ENV_ID,
+            stackBuilder: blueprintAmg
+                .name(MON_ENV_ID)
+                .clone(context.monitoringEnv.region, context.monitoringEnv.account)
+                .addOns(new blueprints.NestedStackAddOn({
+                    builder: AmgIamSetupStack.builder(AmgIamSetupStackProps),
+                    id: "amg-iam-nested-stack"
+                }))
+                .addOns(
+                    grafanaOperatorArgoAddonConfig,
+                )
+        };           
+
+        const ampStage: blueprints.StackStage = {
+            id: PROD1_ENV_ID,
+            stackBuilder: blueprintAmp
+                .name(PROD1_ENV_ID)                        
+                .clone(context.prodEnv1.region, context.prodEnv1.account)
+                .version('auto')
+                .addOns(new blueprints.NestedStackAddOn({
+                    // builder: AmpIamSetupStack.builder("AMPAccessForTrustedAMGRole", amgWorkspaceIAMRoleARN!),
+                    builder: CreateIAMRoleNestedStack.builder(AMGTrustRoleStackProps),
+                    id: "amp-ds-trustrole-nested-stack"
+                }))
+                .addOns(new blueprints.NestedStackAddOn({
+                    builder: CreateIAMRoleNestedStack.builder(ShareAMPInfoTrustRoleStackProps),
+                    id: "amp-info-trustrole-nested-stack"
+                }))                           
+                .addOns(
+                    prodArgoAddonConfig,
+                )
+        };
+
+        const cwStage: blueprints.StackStage = {
+            id: PROD2_ENV_ID,
+            stackBuilder: blueprintCloudWatch
+                .name(PROD2_ENV_ID)
+                .clone(context.prodEnv2.region, context.prodEnv2.account)
+                .addOns(new blueprints.NestedStackAddOn({
+                    builder: CloudWatchIamSetupStack.builder("cloudwatchDataSourceRole", amgWorkspaceIAMRoleARN!),
+                    id: "cloudwatch-iam-nested-stack"
+                }))
+                .addOns(
+                    prodArgoAddonConfig,
+                )
+        };
+
+        pipeline.wave({
+            id: "multi-acc-stage-01",
+            stages: [ampStage, cwStage]
+        });
+
+        // adding monitoring env setup as separate stage
+        pipeline.stage(monStage);
+
+
+        pipeline.build(scope, "multi-account-central-pipeline", {
+            env: context.pipelineEnv
+        });
+
+        // pipeline.wave({
+        //     id: "multi-acc-stages",
+        //     stages: [
+        //         {
+        //             id: PROD1_ENV_ID,
+        //             stackBuilder: blueprintAmp
+        //                 .name(PROD1_ENV_ID)                        
+        //                 .clone(context.prodEnv1.region, context.prodEnv1.account)
+        //                 .version('auto')
+        //                 .addOns(new blueprints.NestedStackAddOn({
+        //                     // builder: AmpIamSetupStack.builder("AMPAccessForTrustedAMGRole", amgWorkspaceIAMRoleARN!),
+        //                     builder: CreateIAMRoleNestedStack.builder(AMGTrustRoleStackProps),
+        //                     id: "amp-ds-trustrole-nested-stack"
+        //                 }))
+        //                 .addOns(new blueprints.NestedStackAddOn({
+        //                     builder: CreateIAMRoleNestedStack.builder(ShareAMPInfoTrustRoleStackProps),
+        //                     id: "amp-info-trustrole-nested-stack"
+        //                 }))                           
+        //                 .addOns(
+        //                     prodArgoAddonConfig,
+        //                 )
+        //         },
+        //         {
+        //             id: PROD2_ENV_ID,
+        //             stackBuilder: blueprintCloudWatch
+        //                 .name(PROD2_ENV_ID)
+        //                 .clone(context.prodEnv2.region, context.prodEnv2.account)
+        //                 .addOns(new blueprints.NestedStackAddOn({
+        //                     builder: CloudWatchIamSetupStack.builder("cloudwatchDataSourceRole", amgWorkspaceIAMRoleARN!),
+        //                     id: "cloudwatch-iam-nested-stack"
+        //                 }))
+        //                 .addOns(
+        //                     prodArgoAddonConfig,
+        //                 )
+        //         },
+        //         {
+        //             id: MON_ENV_ID,
+        //             stackBuilder: blueprintAmg
+        //                 .name(MON_ENV_ID)
+        //                 .clone(context.monitoringEnv.region, context.monitoringEnv.account)
+        //                 .addOns(new blueprints.NestedStackAddOn({
+        //                     builder: AmgIamSetupStack.builder(AmgIamSetupStackProps),
+        //                     id: "amg-iam-nested-stack"
+        //                 }))
+        //                 .addOns(
+        //                     grafanaOperatorArgoAddonConfig,
+        //                 )
+        //         },       
+        //     ],
+        // })
+        // .build(scope, "multi-account-central-pipeline", {
+        //     env: context.pipelineEnv
+        // });
 
     }
 }
@@ -339,7 +338,7 @@ function createArgoAddonConfig(repoUrl: string, path: string, branch?: string, r
                 path: path,
                 targetRevision: branch,
             },
-        }
+        };
     } else {
 
         ArgoCDAddOnProps = {
@@ -350,7 +349,7 @@ function createArgoAddonConfig(repoUrl: string, path: string, branch?: string, r
                 credentialsSecretName: 'github-ssh-key', // for access to private repo. This needs SecretStoreAddOn added to your cluster. Ensure github-ssh-key secret exists in pipeline account at COA_REGION
                 credentialsType: 'SSH',
             },                     
-        }        
+        };      
     }    
     return new blueprints.ArgoCDAddOn(ArgoCDAddOnProps);
 }
@@ -361,8 +360,8 @@ function createGOArgoAddonConfig(repoUrl: string, path: string, branch?: string,
     branch = branch! || 'main';
     repoType = repoType! || 'public';
 
-    const ampAssumeRoleArn = `arn:aws:iam::${ampAccount}:role/AMPAccessForTrustedAMGRole`
-    const cwAssumeRoleArn = `arn:aws:iam::${cwAccount}:role/cloudwatchDataSourceRole`
+    const ampAssumeRoleArn = `arn:aws:iam::${ampAccount}:role/AMPAccessForTrustedAMGRole`;
+    const cwAssumeRoleArn = `arn:aws:iam::${cwAccount}:role/cloudwatchDataSourceRole`;
 
     // Get AMP Endpoint URL
     const ampEndpointURL = "UPDATE_ME_WITH_AMP_ENDPOINT_URL";
@@ -376,7 +375,7 @@ function createGOArgoAddonConfig(repoUrl: string, path: string, branch?: string,
                 path: path,
                 targetRevision: branch,
             },
-        }
+        };
     } else {
 
         ArgoCDAddOnProps = {
@@ -387,7 +386,7 @@ function createGOArgoAddonConfig(repoUrl: string, path: string, branch?: string,
                 credentialsSecretName: 'github-ssh-key', // for access to private repo. This needs SecretStoreAddOn added to your cluster. Ensure github-ssh-key secret exists in pipeline account at COA_REGION
                 credentialsType: 'SSH',
             },                     
-        }        
+        };       
     }
 
     ArgoCDAddOnProps.bootstrapValues = {