-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
244691f
commit 11b9dc9
Showing
18 changed files
with
1,571 additions
and
537 deletions.
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,11 +1,38 @@ | ||
const { typescript } = require('projen'); | ||
|
||
const project = new typescript.TypeScriptProject({ | ||
defaultReleaseBranch: 'main', | ||
name: 'cdk-steampipe', | ||
name: '@wheatstalk/cdk-steampipe', | ||
|
||
deps: [ | ||
'execa@^4', | ||
], | ||
|
||
peerDeps: [ | ||
'aws-cdk', | ||
'aws-cdk-lib@^2.41.0', | ||
'aws-sdk', | ||
'constructs@^10', | ||
], | ||
|
||
// deps: [], /* Runtime dependencies of this module. */ | ||
// description: undefined, /* The description is just a string that helps people understand the purpose of the package. */ | ||
// devDeps: [], /* Build dependencies for this module. */ | ||
// packageName: undefined, /* The "name" in package.json. */ | ||
devDeps: [ | ||
'esbuild', | ||
'esbuild-runner', | ||
], | ||
}); | ||
|
||
const ignores = [ | ||
'/cdk.out', | ||
'/cdk.context.json', | ||
]; | ||
|
||
ignores.forEach(ig => { | ||
project.addGitIgnore(ig); | ||
project.addPackageIgnore(ig); | ||
}); | ||
|
||
project.addTask('synth', { | ||
exec: 'cdk synth --plugin $PWD/lib/plugin.js --app "esr test/app.ts"', | ||
}); | ||
|
||
project.synth(); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1,57 @@ | ||
# replace this | ||
# CDK Steampipe | ||
|
||
Run Steampipe queries in your AWS CDK app to lookup account resources in an | ||
idiomatic way. | ||
|
||
> Warning: This project depends on **alpha** features in the AWS CDK. | ||
> Please treat this project as only a proof of concept. | ||
## Usage | ||
|
||
First, [install Steampipe](https://steampipe.io/downloads) and Steampipe's | ||
`aws` plugin to your environment and add `@wheatstalk/cdk-steampipe` to your | ||
project dependencies. | ||
|
||
Then add `@wheatstalk/cdk-steampipe/lib/plugin` to your project as a plugin. | ||
|
||
```json | ||
{ | ||
"app": "npx ts-node bin/app.ts", | ||
"plugin": ["@wheatstalk/cdk-steampipe/lib/plugin"] | ||
} | ||
``` | ||
|
||
And in your App, use `SteampipeContextQuery.execute` to execute Steampipe | ||
queries: | ||
|
||
```ts | ||
import { App, aws_ssm, Stack } from 'aws-cdk-lib'; | ||
import { SteampipeContextQuery } from '@wheatstalk/cdk-steampipe'; | ||
|
||
const app = new App(); | ||
|
||
const stack = new Stack(app, 'MyStack', { | ||
// Provide environment information. | ||
env: { | ||
account: process.env.CDK_DEFAULT_ACCOUNT, | ||
region: process.env.CDK_DEFAULT_REGION, | ||
}, | ||
}); | ||
|
||
// Run a Steampipe query. This query will run only once and store its result | ||
// in the cdk.context.json so that your CDK app can remain deterministic. | ||
const rows = SteampipeContextQuery.execute(stack, 'Query', 'select name from aws_lambda_function'); | ||
|
||
// Note: The CDK Plugin API doesn't currently allow you to use the CDK CLI's | ||
// credentials, so Steampipe will try to find credentials its own way. | ||
|
||
// Use the value returned from the query programmatically: | ||
rows.forEach((row, i) => { | ||
// Do something with each row. | ||
new aws_ssm.StringParameter(stack, `Lambda${i}Name`, { | ||
stringValue: row.name, | ||
}); | ||
}); | ||
|
||
app.synth(); | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
# https://github.com/turbot/steampipe/issues/209#issuecomment-782885225 | ||
|
||
FROM ubuntu | ||
|
||
ARG USER=steampipe | ||
|
||
RUN apt-get update && \ | ||
apt-get install -y curl less && \ | ||
useradd -ms /bin/bash $USER | ||
|
||
RUN /bin/sh -c "$(curl -fsSL https://raw.githubusercontent.com/turbot/steampipe/main/install.sh)" | ||
|
||
USER $USER | ||
WORKDIR /home/$USER | ||
|
||
RUN steampipe plugin install steampipe aws github | ||
|
||
ENTRYPOINT [ "/usr/local/bin/steampipe" ] | ||
|
||
CMD [ "query" ] |
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
|
||
export const CDK_STEAMPIPE_QUERY = 'cdk-steampipe-query'; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1 @@ | ||
export class Hello { | ||
public sayHello() { | ||
return 'hello, world!'; | ||
} | ||
} | ||
export * from './steampipe-context-query'; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
import { SteampipePlugin } from './steampipe-plugin'; | ||
|
||
export = new SteampipePlugin(); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
import * as os from 'os'; | ||
import * as execa from 'execa'; | ||
|
||
|
||
export async function queryWithCmd(query: string) { | ||
const stdout = execa.sync('steampipe', [ | ||
'query', | ||
'--output=json', | ||
query, | ||
]).stdout; | ||
return JSON.parse(stdout); | ||
} | ||
|
||
export async function queryWithDocker(query: string) { | ||
const stdout = execa.sync('docker', [ | ||
'run', | ||
'--rm', | ||
`--volume=${os.homedir()}/.aws:/home/steampipe/.aws:ro`, | ||
'steampipe', | ||
'query', | ||
'--output=json', | ||
query, | ||
]).stdout; | ||
return JSON.parse(stdout); | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,45 @@ | ||
import { ContextProvider } from 'aws-cdk-lib'; | ||
import { Construct } from 'constructs'; | ||
import { CDK_STEAMPIPE_QUERY } from './constants'; | ||
|
||
export interface SteampipeContextQueryProps { | ||
/** | ||
* Run this Steampipe query. | ||
* @example `select name from aws_lambda_function ` | ||
*/ | ||
readonly query: string; | ||
} | ||
|
||
/** | ||
* Provides the results of a Steampipe query. | ||
*/ | ||
export class SteampipeContextQuery extends Construct { | ||
/** | ||
* Execute a Steampipe query and return the results. | ||
*/ | ||
public static execute(scope: Construct, id: string, query: string): Record<string, any>[] { | ||
const { value } = new SteampipeContextQuery(scope, id, { query }); | ||
return value; | ||
} | ||
|
||
public readonly value: Record<string, any>[]; | ||
|
||
constructor(scope: Construct, id: string, props: SteampipeContextQueryProps) { | ||
super(scope, id); | ||
|
||
const res = ContextProvider.getValue(this, { | ||
provider: 'plugin', | ||
props: { | ||
pluginName: CDK_STEAMPIPE_QUERY, | ||
query: props.query, | ||
}, | ||
dummyValue: [], | ||
}); | ||
|
||
if (!Array.isArray(res.value)) { | ||
throw new Error('Context provided an unexpected value.'); | ||
} | ||
|
||
this.value = res.value; | ||
} | ||
} |
Oops, something went wrong.