diff --git a/.github/workflows/doc.yml b/.github/workflows/doc.yml new file mode 100644 index 0000000..7b35f35 --- /dev/null +++ b/.github/workflows/doc.yml @@ -0,0 +1,25 @@ +name: Typedoc build and deploy doc to GH pages +on: + push: + branches: ["main"] + + workflow_dispatch: + +permissions: + contents: write +jobs: + build-and-deploy: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Install and Build + run: | + npm ci + npm run doc + + - name: Deploy + uses: JamesIves/github-pages-deploy-action@v4 + with: + folder: dist/docs diff --git a/README.md b/README.md index e808204..095d777 100644 --- a/README.md +++ b/README.md @@ -1,23 +1,43 @@ -## aws4embeddedlinux-ci +# aws4embeddedlinux-ci This [cdk](https://github.com/aws/aws-cdk) IaC library help you to deploy AWS cloud infrastructure to allow embedded Linux builds for your project. -### Architecture -![architecture overview](architecture.drawio.svg "Architecture") +## Architecture +![architecture overview](images/architecture.svg "Architecture") -### Quickstart +## API documentation +[API documentation](https://aws4embeddedlinux.github.io/aws4embeddedlinux-ci/) generated by `npm run doc` + +# Setting Up + +## Quickstart Use the [examples](https://github.com/aws4embeddedlinux/aws4embeddedlinux-ci-examples) in our examples repo. -### Development Setup + +## Setting Up A New Project + +1. Create a CDK project. More details can be found in the [CDK Getting Started Documentation](https://docs.aws.amazon.com/cdk/v2/guide/getting_started.html). +``` +mkdir my-project +cd my-project +cdk init app --language typescript +``` +2. Add the cdk library with `npm install aws4embeddedlinux/aws4embeddedlinux-ci` +3. Create your application using the library. Refer to the [API Documentation](https://aws4embeddedlinux.github.io/aws4embeddedlinux-ci) and the [Examples](github.com/aws4embeddedlinux/aws4embeddedlinux-ci-examples) for more details. +4. Deploy your application using `cdk deploy`. +5. After the application is deployed, the 'Build Image' Pipeline needs to be run. This will create an Ubuntu based container for building Yocto. This container is used by the other pipelines. If the other pipelines are run before this container is created and pushed to [ECR](https://aws.amazon.com/ecr/), they will fail. This Build Image Pipeline will run weekly by default to keep this container patched. +6. Now the application pipeline is able to be run. This will push contents of the Yocto deploy directory into S3. + +## Development Setup You can use [`npm link`](https://docs.npmjs.com/cli/v10/commands/npm-link) to develop with a local copy of this repo. -#### In this library repo: +### In this library repo: ```bash $ npm link $ cd your-project ``` -#### In your-project folder: +### In your-project folder: ```bash $ npm link aws4embeddedlinux-ci ``` @@ -25,6 +45,7 @@ $ npm link aws4embeddedlinux-ci This will link through the system `node_modules` install. When using a system node install on Linux, this can require sudo access. To avoid this, use a [node version manager](https://docs.npmjs.com/downloading-and-installing-node-js-and-npm#using-a-node-version-manager-to-install-nodejs-and-npm) or [set a node prefix](https://docs.npmjs.com/resolving-eacces-permissions-errors-when-installing-packages-globally). + ## Security See [SECURITY](SECURITY.md) for more information about reporting issues with this project. @@ -33,9 +54,9 @@ See [SECURITY](SECURITY.md) for more information about reporting issues with thi [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) is the preferred method of adding secrets to your pipeline. This service provides a structured means of access and avoids pitfalls with putting secrets in environment variables, source repos, etc. 1. Create a _Secret_ in Secrets Manager and add your secret value. -1. Grant permissions to the CodeBuild pipeline project. - 1. Find the IAM role for the CodeBuild Project in the CodeBuild console page under the "Build Details". This is also called the "Service Role". - 1. In the IAM console page, add a new policy, replacing \ with the ARN of the secret created. +1. Grant access permissions to the CodeBuild pipeline project. +- 1. Find the IAM role for the CodeBuild Project in the CodeBuild console page under the "Build Details". This is also called the "Service Role". +- 1. In the IAM console page, add a new policy, replacing \ with the ARN of the secret created. ```json { "Version": "2012-10-17", diff --git a/docs/setup.md b/docs/setup.md deleted file mode 100644 index cd4fffe..0000000 --- a/docs/setup.md +++ /dev/null @@ -1,3 +0,0 @@ -# Setting Up - -see an example how to use this lib in [`examples`](../../examples/docs/setup.md) diff --git a/architecture.drawio.svg b/images/architecture.svg similarity index 100% rename from architecture.drawio.svg rename to images/architecture.svg diff --git a/lib/build-image-pipeline.ts b/lib/build-image-pipeline.ts index 6e3ade5..3f990b9 100644 --- a/lib/build-image-pipeline.ts +++ b/lib/build-image-pipeline.ts @@ -48,7 +48,7 @@ export class BuildImagePipelineStack extends cdk.Stack { const sourceAction = new codepipeline_actions.S3SourceAction({ actionName: 'Build-Image-Source', bucket: props.dataBucket, - bucketKey: 'data.zip', // TODO(glimsdal): Parameterize. + bucketKey: 'data.zip', output: sourceOutput, }); diff --git a/lib/demo-pipeline.ts b/lib/demo-pipeline.ts index 3de3041..014887e 100644 --- a/lib/demo-pipeline.ts +++ b/lib/demo-pipeline.ts @@ -340,7 +340,6 @@ def handler(event, context): ): string { const fs = new efs.FileSystem(this, `DemoPipeline${name}Filesystem`, { vpc, - // TODO(nateglims): Reconsider this when development is slowing down. removalPolicy: cdk.RemovalPolicy.DESTROY, }); fs.connections.allowFrom(securityGroup, Port.tcp(2049)); diff --git a/source-repo/renesas/README.md b/source-repo/renesas/README.md deleted file mode 100644 index 6823f7a..0000000 --- a/source-repo/renesas/README.md +++ /dev/null @@ -1,17 +0,0 @@ -# renesas example -based on https://elinux.org/R-Car/Boards/Yocto-Gen3/v5.9.0 - -To build a image containing the proprietary graphics and multimedia drivers from Renesas. -You need to download Multimedia and Graphics library and related Linux drivers, please from the following link: - -https://www.renesas.com/us/en/application/automotive/r-car-h3-m3-h2-m2-e2-documents-software - -Download two files: - -R-Car_Gen3_Series_Evaluation_Software_Package_for_Linux-20220121.zip -R-Car_Gen3_Series_Evaluation_Software_Package_of_Linux_Drivers-20220121.zip - - -Graphic drivers are required for Wayland. Multimedia drivers are optional. - -Put them into the proprietary folder in the root of the source repo, after deploying the build pipeline and uncomment the #TODO in the build.sh. diff --git a/test/build-image-repo.test.ts b/test/build-image-repo.test.ts index 69e03f0..d77d1f1 100644 --- a/test/build-image-repo.test.ts +++ b/test/build-image-repo.test.ts @@ -7,17 +7,6 @@ describe('Build Image Repository', () => { env: { account: '111111111111', region: 'eu-central-1' }, }; - test('ECR Repo has EmptyOnDelete', () => { - const app = new cdk.App(); - const stack = new BuildImageRepoStack(app, 'MyTestStack', props); - const template = Template.fromStack(stack); - template.resourceCountIs('AWS::ECR::Repository', 1); - // TODO: Investigate why we cannot set EmptyOnDelete in CDK. - // template.hasResourceProperties("AWS::ECR::Repository", { - // EmptyOnDelete: true, - // }); - }); - test('Snapshot', () => { const app = new cdk.App(); const stack = new BuildImageRepoStack(app, 'MyTestStack', props); diff --git a/test/demo-pipeline-nag.test.ts b/test/demo-pipeline-nag.test.ts index 7d057ff..a1a176b 100644 --- a/test/demo-pipeline-nag.test.ts +++ b/test/demo-pipeline-nag.test.ts @@ -35,7 +35,7 @@ describe('Demo pipeline cdk-nag AwsSolutions Pack', () => { }, { id: 'AwsSolutions-CB3', - reason: 'TODO: Verify CodeBuild Privilege mode is required here.', + reason: 'CodeBuild Privilege mode is required for this pipeline.', }, {