add eslint

Author: sree

.eslintrc.js

@@ -0,0 +1,22 @@
+module.exports = {
+    parser: "@typescript-eslint/parser", // Specifies the ESLint parser
+    parserOptions: {
+      ecmaVersion: 2020, // Allows for the parsing of modern ECMAScript features
+      sourceType: "module", // Allows for the use of imports
+      ecmaFeatures: {
+        jsx: true // Allows for the parsing of JSX
+      }
+    },
+    settings: {
+      react: {
+        version: "detect" // Tells eslint-plugin-react to automatically detect the version of React to use
+      }
+    },
+    extends: [
+      "plugin:prettier/recommended" // Enables eslint-plugin-prettier and eslint-config-prettier. This will display prettier errors as ESLint errors. Make sure this is always the last configuration in the extends array.
+    ],
+    rules: {
+      // Place to specify ESLint rules. Can be used to overwrite rules specified from the extended configs
+      // e.g. "@typescript-eslint/explicit-function-return-type": "off",
+    },
+};

.gitignore

@@ -0,0 +1,10 @@
+*.env
+lib/*.js
+lib/*.d.ts
+bin/*.d.ts
+bin/*.js
+test/*.js
+test/*.d.ts
+node_modules/
+*.log
+!sample.env

.npmignore

@@ -0,0 +1,6 @@
+*.ts
+!*.d.ts
+
+# CDK asset staging directory
+.cdk.staging
+cdk.out

.prettierrc.js

@@ -0,0 +1,7 @@
+module.exports = {
+    semi: true,
+    trailingComma: "all",
+    singleQuote: true,
+    printWidth: 120,
+    tabWidth: 4
+};

README.md

@@ -0,0 +1,18 @@
+# Amplify CDK + slack notifications on build
+
+This is a project for setting up an Amplify app for NextJS application with CDK.
+This also sets up deploy notifications for every build triggered on amplify with the status of the build.
+A lambda function is triggered whenever a build is triggered. Currently the lambda is configured to post to a SLACK WEBHOOK.
+
+It uses cdk 1.*.* currently, will migrate this to v2 shortly.
+
+The `cdk.json` file tells the CDK Toolkit how to execute your app.
+
+## Useful commands
+
+* `yarn run build`   compile typescript to js
+* `yarn run watch`   watch for changes and compile
+* `yarn run test`    perform the jest unit tests
+* `cdk deploy`      deploy this stack to your default AWS account/region
+* `cdk diff`        compare deployed stack with current state
+* `cdk synth`       emits the synthesized CloudFormation template

bin/main.ts

@@ -0,0 +1,25 @@
+#!/usr/bin/env node
+import 'source-map-support/register';
+import * as cdk from '@aws-cdk/core';
+import { MainInfraStack } from '../lib/main';
+
+const dotenv = require('dotenv');
+dotenv.config();
+
+const app = new cdk.App();
+
+new MainInfraStack(app, 'MainInfraStack', {
+    /* If you don't specify 'env', this stack will be environment-agnostic.
+     * Account/Region-dependent features and context lookups will not work,
+     * but a single synthesized template can be deployed anywhere. */
+
+    /* Uncomment the next line to specialize this stack for the AWS Account
+     * and Region that are implied by the current CLI configuration. */
+    env: { account: process.env.ACCOUNT_ID, region: process.env.AWS_REGION },
+
+    /* Uncomment the next line if you know exactly what Account and Region you
+     * want to deploy the stack to. */
+    // env: { account: '123456789012', region: 'us-east-1' },
+
+    /* For more information, see https://docs.aws.amazon.com/cdk/latest/guide/environments.html */
+});

cdk.json

@@ -0,0 +1,32 @@
+{
+  "app": "npx ts-node --prefer-ts-exts bin/main.ts",
+  "watch": {
+    "include": [
+      "**"
+    ],
+    "exclude": [
+      "README.md",
+      "cdk*.json",
+      "**/*.d.ts",
+      "**/*.js",
+      "tsconfig.json",
+      "package*.json",
+      "yarn.lock",
+      "node_modules",
+      "test"
+    ]
+  },
+  "context": {
+    "@aws-cdk/aws-apigateway:usagePlanKeyOrderInsensitiveId": true,
+    "@aws-cdk/core:stackRelativeExports": true,
+    "@aws-cdk/aws-rds:lowercaseDbIdentifier": true,
+    "@aws-cdk/aws-lambda:recognizeVersionProps": true,
+    "@aws-cdk/aws-cloudfront:defaultSecurityPolicyTLSv1.2_2021": true,
+    "@aws-cdk-containers/ecs-service-extensions:enableDefaultLogDriver": true,
+    "@aws-cdk/aws-ec2:uniqueImdsv2TemplateName": true,
+    "@aws-cdk/core:target-partitions": [
+      "aws",
+      "aws-cn"
+    ]
+  }
+}

jest.config.js

@@ -0,0 +1,8 @@
+module.exports = {
+  testEnvironment: 'node',
+  roots: ['<rootDir>/test'],
+  testMatch: ['**/*.test.ts'],
+  transform: {
+    '^.+\\.tsx?$': 'ts-jest'
+  }
+};

lib/main.ts

@@ -0,0 +1,198 @@
+import * as cdk from '@aws-cdk/core';
+import * as amplify from '@aws-cdk/aws-amplify';
+import * as iam from '@aws-cdk/aws-iam';
+import * as events from '@aws-cdk/aws-events';
+import * as targets from '@aws-cdk/aws-events-targets';
+import * as sns from '@aws-cdk/aws-sns';
+import * as lambda from '@aws-cdk/aws-lambda';
+import * as snsSubscription from '@aws-cdk/aws-sns-subscriptions';
+import { BuildSpec } from 'aws-cdk-lib/aws-codebuild';
+import { Branch } from '@aws-cdk/aws-amplify';
+import { EventField } from '@aws-cdk/aws-events';
+import * as fs from 'fs';
+import { ServicePrincipal } from '@aws-cdk/aws-iam';
+
+export class MainInfraStack extends cdk.Stack {
+    constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
+        super(scope, id, props);
+
+        // load env
+        const appName = process.env.APP_NAME || '';
+        const owner = process.env.OWNER || '';
+        const repository = process.env.REPOSITORY || '';
+        const token = process.env.GITHUB_TOKEN || '';
+        const baseDomain = process.env.DOMAIN || '';
+        const projectName = process.env.PROJECT_NAME || '';
+        const slackWebhookURL = process.env.SLACK_WEBHOOK_URL || '';
+
+        const amplifyApp = this.createAmplifyApp(appName, owner, repository, token, baseDomain, projectName);
+        this.addDeployNotificationStack(amplifyApp, appName, slackWebhookURL);
+    }
+
+    private createAmplifyApp(
+        appName: string,
+        owner: string,
+        repository: string,
+        token: string,
+        baseDomain: string,
+        projectName: string,
+    ) {
+        const amplifyApp = new amplify.App(this, appName, {
+            sourceCodeProvider: new amplify.GitHubSourceCodeProvider({
+                owner: owner,
+                repository: repository,
+                oauthToken: cdk.SecretValue.plainText(token),
+            }),
+            autoBranchCreation: {
+                patterns: ['develop', 'main', 'release*'],
+            },
+            autoBranchDeletion: true,
+            role: this.createRole(projectName),
+            buildSpec: this.getBuildSpec(),
+        });
+
+        const mainBranch = amplifyApp.addBranch('main');
+        const developBranch = amplifyApp.addBranch('develop');
+
+        amplifyApp.addCustomRule({
+            source: '/<*>',
+            target: '/index.html',
+            status: amplify.RedirectStatus.NOT_FOUND_REWRITE,
+        });
+
+        const productionDomain = `${projectName}.${baseDomain}`;
+        const stagingDomain = `staging-${productionDomain}`;
+        this.createDomains(amplifyApp, mainBranch, productionDomain);
+        this.createDomains(amplifyApp, developBranch, stagingDomain);
+
+        return amplifyApp;
+    }
+
+    private createDomains(amplifyApp: amplify.App, branch: Branch, branchDomainName: string) {
+        const domain = amplifyApp.addDomain(`${branchDomainName}`, {
+            enableAutoSubdomain: false,
+        });
+        domain.mapRoot(branch); // map master branch to domain root
+        domain.mapSubDomain(branch, 'www');
+    }
+
+    private createRole(projectName: string): iam.IRole {
+        const role = new iam.Role(this, `cdk-amplify-role-${projectName}`, {
+            assumedBy: new iam.ServicePrincipal('amplify.amazonaws.com'),
+            description: `Custom role permitting resources creation from Amplify for ${projectName}`,
+        });
+
+        const iManagedPolicy = iam.ManagedPolicy.fromAwsManagedPolicyName('AdministratorAccess-Amplify');
+
+        role.addManagedPolicy(iManagedPolicy);
+        return role;
+    }
+
+    private getBuildSpec(): BuildSpec {
+        return BuildSpec.fromObjectToYaml({
+            version: '1.0',
+            frontend: {
+                phases: {
+                    preBuild: {
+                        commands: ['yarn'],
+                    },
+                    build: {
+                        commands: ['yarn run build'],
+                    },
+                },
+                artifacts: {
+                    baseDirectory: '.next',
+                    files: -'**/*',
+                },
+                cache: {
+                    paths: ['node_modules/**/*'],
+                },
+            },
+        });
+    }
+
+    private addDeployNotificationStack(amplifyApp: amplify.App, appName: string, slackWebhookURL: string) {
+        const rule = new events.Rule(this, 'rule', {
+            eventPattern: {
+                source: ['aws.amplify'],
+                detail: {
+                    appId: [amplifyApp.appId],
+                    jobStatus: ['SUCCEED', 'FAILED', 'STARTED'],
+                },
+                detailType: ['Amplify Deployment Status Change'],
+            },
+        });
+
+        const snsTopic = new sns.Topic(this, `sns-${appName}-deploy-topic`, {
+            displayName: `${appName}`,
+        });
+
+        const lambdaFunction = this.createNotifyLambdaFunction(slackWebhookURL, appName, snsTopic);
+        snsTopic.addSubscription(new snsSubscription.LambdaSubscription(lambdaFunction));
+
+        this.createDeployNotificationRole(appName, snsTopic);
+        rule.addTarget(
+            new targets.SnsTopic(snsTopic, {
+                message: events.RuleTargetInput.fromText(
+                    `Hi, the build status for ${EventField.fromPath(
+                        '$.detail.branchName',
+                    )} branch with build ID ${EventField.fromPath(
+                        '$.detail.jobId',
+                    )} on ${appName} is ${EventField.fromPath('$.detail.jobStatus')}.`,
+                ),
+            }),
+        );
+    }
+
+    private createNotifyLambdaFunction(slackWebhookURL: string, appName: string, snsTopic: sns.Topic): lambda.Function {
+        const lambdaCode = fs.readFileSync('static/lambda-notify.js');
+
+        const lambdaRole = new iam.Role(this, `iam-role-lambda-send-slack-notification-${appName}`, {
+            roleName: `iam-role-lambda-send-slack-notification-${appName}`,
+            assumedBy: new iam.ServicePrincipal('lambda.amazonaws.com'),
+        });
+
+        // policy to allow assume role TenantUserRole
+        lambdaRole.addToPolicy(
+            new iam.PolicyStatement({
+                resources: ['*'],
+                actions: ['sts:AssumeRole'],
+            }),
+        );
+
+        const fn = new lambda.Function(this, `sendSlackNotification${appName}`, {
+            runtime: lambda.Runtime.NODEJS_12_X,
+            handler: 'index.handler',
+            code: lambda.Code.fromInline(`${lambdaCode.toString()}`),
+            environment: { WEBHOOK_URL: slackWebhookURL },
+            role: lambdaRole,
+        });
+
+        fn.addPermission(`sendSlack${appName}-execution-permission`, {
+            action: 'lambda:InvokeFunction',
+            principal: new ServicePrincipal('sns.amazonaws.com'),
+            sourceArn: snsTopic.topicArn,
+        });
+
+        return fn;
+    }
+
+    private createDeployNotificationRole(appName: string, snsTopic: sns.Topic): iam.IRole {
+        const role = new iam.Role(this, `cdk-amplify-notification-role-${appName}`, {
+            assumedBy: new iam.ServicePrincipal('events.amazonaws.com'),
+            description: `Custom role permitting event publishing from Amplify for ${appName}`,
+        });
+
+        const inlinePolicy = new iam.Policy(this, `cdk-amplify-deploy-notification-policy-${appName}`, {
+            statements: [
+                new iam.PolicyStatement({
+                    actions: ['SNS:Publish'],
+                    resources: [snsTopic.topicArn],
+                }),
+            ],
+        });
+
+        role.attachInlinePolicy(inlinePolicy);
+        return role;
+    }
+}

package.json

@@ -0,0 +1,45 @@
+{
+  "name": "cdk-amplify",
+  "version": "0.1.0",
+  "bin": {
+    "main": "bin/main.js"
+  },
+  "scripts": {
+    "build": "tsc",
+    "watch": "tsc -w",
+    "test": "jest",
+    "cdk": "cdk",
+    "lint": "eslint '*/**/*.{js,ts,tsx}' --quiet --fix"
+  },
+  "devDependencies": {
+    "@types/jest": "^26.0.10",
+    "@types/node": "10.17.27",
+    "@typescript-eslint/eslint-plugin": "^5.13.0",
+    "@typescript-eslint/parser": "^5.13.0",
+    "aws-cdk": "2.15.0",
+    "eslint": "^8.10.0",
+    "eslint-config-prettier": "^8.5.0",
+    "eslint-plugin-prettier": "^4.0.0",
+    "jest": "^26.4.2",
+    "prettier": "^2.5.1",
+    "ts-jest": "^26.2.0",
+    "ts-node": "^9.0.0",
+    "typescript": "~3.9.7"
+  },
+  "dependencies": {
+    "@aws-cdk/aws-amplify": "^1.147.0",
+    "@aws-cdk/aws-amplify-alpha": "2.15.0-alpha.0",
+    "@aws-cdk/aws-events": "^1.147.0",
+    "@aws-cdk/aws-events-targets": "^1.147.0",
+    "@aws-cdk/aws-iam": "^1.147.0",
+    "@aws-cdk/aws-lambda": "^1.147.0",
+    "@aws-cdk/aws-sns": "^1.147.0",
+    "@aws-cdk/aws-sns-subscriptions": "^1.147.0",
+    "@aws-cdk/core": "^1.147.0",
+    "aws-cdk-lib": "2.15.0",
+    "constructs": "^10.0.0",
+    "dotenv": "^16.0.0",
+    "module": "^1.2.5",
+    "source-map-support": "^0.5.16"
+  }
+}