Added AWS CodeBuild example.

Author: rts-rob

codebuild/README.md

@@ -0,0 +1,8 @@
+# AWS CodeBuild
+
+Code from the [AWS CodeBuild][codebuild] section of the AWS Step Functions webinar on 29 July 2020.
+
+[codebuild]: https://aws.amazon.com/codebuild/
+
+Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+SPDX-License-Identifier: MIT-0

codebuild/statemachine/updateDependencies.asl.json

@@ -0,0 +1,26 @@
+{
+    "Comment": "A state machine that does mock stock trading.",
+    "StartAt": "Run CodeBuild With Upgraded Dependencies",
+    "States": {
+        "Run CodeBuild With Upgraded Dependencies": {
+            "Type": "Task",
+            "Resource": "arn:aws:states:::codebuild:startBuild.sync",
+            "Parameters": {
+                "ProjectName": "${UpdateDependenciesBuildJob}",
+                "BuildspecOverride": "buildspec-upgrade-dependencies.yml"
+            },
+            "Next": "Publish Results"
+        },
+        "Publish Results": {
+            "Type": "Task",
+            "Resource": "arn:aws:states:::sns:publish",
+            "Parameters": {
+                "TopicArn": "${BuildStatusTopic}",
+                "Message": {
+                    "Input.$": "$.Build.BuildStatus"
+                }
+            },
+            "End": true
+        }
+    }
+}

codebuild/template.yaml

@@ -0,0 +1,122 @@
+AWSTemplateFormatVersion: "2010-09-09"
+Transform: AWS::Serverless-2016-10-31
+Description: >
+  codebuild
+
+  Sample SAM Template for codebuild
+
+Parameters:
+  RepoName: 
+    Type: String
+    Description: Name of the CodeCommit repository to build nightly. Must be in the same region.
+
+Resources:
+  UpdateDependencies:
+    Type: AWS::Serverless::StateMachine # More info about State Machine Resource: https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-resource-statemachine.html
+    Properties:
+      DefinitionUri: statemachine/updateDependencies.asl.json
+      DefinitionSubstitutions:
+        UpdateDependenciesBuildJob: !GetAtt UpdateDependenciesProject.Arn
+        BuildStatusTopic: !Ref BuildResultsTopic
+      Events:
+        Nightly:
+          Type: Schedule # More info about Schedule Event Source: https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-property-statemachine-schedule.html
+          Properties:
+            Description: Schedule to run the UpdateDependencies state machine every night
+            Schedule: "cron(0 0 * * ? *)" # Run at midnight (UTC) every day. Format is cron(minutes hours day_of_month month day_of_week year)
+      Role: !GetAtt StepFunctionsRole.Arn
+
+  BuildResultsTopic:
+    Type: AWS::SNS::Topic
+
+  UpdateDependenciesProject:
+    Type: AWS::CodeBuild::Project
+    Properties:
+      ServiceRole: !Ref CodeBuildRole
+      Artifacts:
+        Type: NO_ARTIFACTS
+      Environment:
+        Type: LINUX_CONTAINER
+        ComputeType: BUILD_GENERAL1_SMALL
+        Image: aws/codebuild/standard:2.0
+      Source:
+        Type: CODECOMMIT
+        Location: !Sub https://git-codecommit.${AWS::Region}.amazonaws.com/v1/repos/${RepoName}
+
+  StepFunctionsRole:
+    Type: AWS::IAM::Role
+    Properties:
+      AssumeRolePolicyDocument:
+        Version: "2012-10-17"
+        Statement:
+          - Effect: Allow
+            Action: "sts:AssumeRole"
+            Principal:
+              Service: states.amazonaws.com
+      Path: "/"
+      Policies:
+        - PolicyName: CodeBuildExecutionRolePolicy
+          PolicyDocument:
+            Version: "2012-10-17"
+            Statement:
+              - Effect: Allow
+                Action:
+                  - "sns:Publish"
+                Resource:
+                  - !Ref BuildResultsTopic
+              - Effect: Allow
+                Action:
+                  - "codebuild:StartBuild"
+                  - "codebuild:StopBuild"
+                  - "codebuild:BatchGetBuilds"
+                  - "codebuild:BatchGetReports"
+                Resource: "*"
+              - Effect: Allow
+                Action:
+                  - "events:PutTargets"
+                  - "events:PutRule"
+                  - "events:DescribeRule"
+                Resource:
+                  - !Sub "arn:${AWS::Partition}:events:${AWS::Region}:${AWS::AccountId}:rule/StepFunctionsGetEventForCodeBuildStartBuildRule"
+
+  CodeBuildRole:
+    Type: AWS::IAM::Role
+    Properties:
+      AssumeRolePolicyDocument:
+        Version: "2012-10-17"
+        Statement:
+          - Effect: Allow
+            Action: "sts:AssumeRole"
+            Principal:
+              Service: codebuild.amazonaws.com
+      Path: /
+      Policies:
+        - PolicyName: CodeBuildServiceRolePolicy
+          PolicyDocument:
+            Version: "2012-10-17"
+            Statement:
+              - Effect: Allow
+                Action:
+                  - "logs:CreateLogGroup"
+                  - "logs:CreateLogStream"
+                  - "logs:PutLogEvents"
+                  - "codebuild:CreateReportGroup"
+                  - "codebuild:CreateReport"
+                  - "codebuild:UpdateReport"
+                  - "codebuild:BatchPutTestCases"
+                Resource: "*"
+              - Effect: Allow
+                Action:
+                  - "codecommit:GitPull"
+                Resource: !Sub arn:${AWS::Partition}:codecommit:${AWS::Region}:${AWS::AccountId}:${RepoName}
+
+Outputs:
+  # StockTradingStateMachineHourlyTradingSchedule is an implicit Schedule event rule created out of Events key under Serverless::StateMachine
+  # Find out more about other implicit resources you can reference within SAM
+  # https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-specification-generated-resources.html
+  UpdateDependenciesArn:
+    Description: "Update Dependencies state machine ARN"
+    Value: !Ref UpdateDependencies
+  BuildResultsTopicName:
+    Description: "Build Results SNS Topic name"
+    Value: !GetAtt BuildResultsTopic.TopicName