AWSCDK::Codepipeline

49 types

AWS CodePipeline Construct Library

Pipeline

To construct an empty Pipeline:

# Construct an empty Pipeline
pipeline = AWSCDK::Codepipeline::Pipeline.new(self, "MyFirstPipeline")

To give the Pipeline a nice, human-readable name:

# Give the Pipeline a nice, human-readable name
pipeline = AWSCDK::Codepipeline::Pipeline.new(self, "MyFirstPipeline", {
    pipeline_name: "MyPipeline",
})

Be aware that in the default configuration, the Pipeline construct creates an AWS Key Management Service (AWS KMS) Customer Master Key (CMK) for you to encrypt the artifacts in the artifact bucket, which incurs a cost of $1/month. This default configuration is necessary to allow cross-account actions.

If you do not intend to perform cross-account deployments, you can disable the creation of the Customer Master Keys by passing crossAccountKeys: false when defining the Pipeline:

# Don't create Customer Master Keys
pipeline = AWSCDK::Codepipeline::Pipeline.new(self, "MyFirstPipeline", {
    cross_account_keys: false,
})

If you want to enable key rotation for the generated KMS keys, you can configure it by passing enableKeyRotation: true when creating the pipeline. Note that key rotation will incur an additional cost of $1/month.

# Enable key rotation for the generated KMS key
pipeline = AWSCDK::Codepipeline::Pipeline.new(self, "MyFirstPipeline", {
    # ...
    enable_key_rotation: true,
})

Stages

You can provide Stages when creating the Pipeline:

# Provide a Stage when creating a pipeline
pipeline = AWSCDK::Codepipeline::Pipeline.new(self, "MyFirstPipeline", {
    stages: [
        {
            stage_name: "Source",
            actions: [],
        },
    ],
})

Or append a Stage to an existing Pipeline:

# Append a Stage to an existing Pipeline
pipeline = nil # AWSCDK::Codepipeline::Pipeline

source_stage = pipeline.add_stage({
    stage_name: "Source",
    actions: [],
})

You can insert the new Stage at an arbitrary point in the Pipeline:

# Insert a new Stage at an arbitrary point
pipeline = nil # AWSCDK::Codepipeline::Pipeline
another_stage = nil # AWSCDK::Codepipeline::IStage
yet_another_stage = nil # AWSCDK::Codepipeline::IStage


some_stage = pipeline.add_stage({
    stage_name: "SomeStage",
    placement: {
        # note: you can only specify one of the below properties
        right_before: another_stage,
        just_after: yet_another_stage,
    },
})

You can disable transition to a Stage:

# Disable transition to a stage
pipeline = nil # AWSCDK::Codepipeline::Pipeline


some_stage = pipeline.add_stage({
    stage_name: "SomeStage",
    transition_to_enabled: false,
    transition_disabled_reason: "Manual transition only",
})

This is useful if you don't want every executions of the pipeline to flow into this stage automatically. The transition can then be "manually" enabled later on.

Actions

Actions live in a separate package, aws-cdk-lib/aws-codepipeline-actions.

To add an Action to a Stage, you can provide it when creating the Stage, in the actions property, or you can use the IStage.addAction() method to mutate an existing Stage:

# Use the `IStage.addAction()` method to mutate an existing Stage.
source_stage = nil # AWSCDK::Codepipeline::IStage
some_action = nil # AWSCDK::Codepipeline::Action

source_stage.add_action(some_action)

Custom Action Registration

To make your own custom CodePipeline Action requires registering the action provider. Look to the JenkinsProvider in aws-cdk-lib/aws-codepipeline-actions for an implementation example.

# Make a custom CodePipeline Action
AWSCDK::Codepipeline::CustomActionRegistration.new(self, "GenericGitSourceProviderResource", {
    category: AWSCDK::Codepipeline::ActionCategory::SOURCE,
    artifact_bounds: {min_inputs: 0, max_inputs: 0, min_outputs: 1, max_outputs: 1},
    provider: "GenericGitSource",
    version: "1",
    entity_url: "https://docs.aws.amazon.com/codepipeline/latest/userguide/actions-create-custom-action.html",
    execution_url: "https://docs.aws.amazon.com/codepipeline/latest/userguide/actions-create-custom-action.html",
    action_properties: [
        {
            name: "Branch",
            required: true,
            key: false,
            secret: false,
            queryable: false,
            description: "Git branch to pull",
            type: "String",
        },
        {
            name: "GitUrl",
            required: true,
            key: false,
            secret: false,
            queryable: false,
            description: "SSH git clone URL",
            type: "String",
        },
    ],
})

Cross-account CodePipelines

Cross-account Pipeline actions require that the Pipeline has not been created with crossAccountKeys: false.

Most pipeline Actions accept an AWS resource object to operate on. For example:

These resources can be either newly defined (new s3.Bucket(...)) or imported (s3.Bucket.fromBucketAttributes(...)) and identify the resource that should be changed.

These resources can be in different accounts than the pipeline itself. For example, the following action deploys to an imported S3 bucket from a different account:

# Deploy an imported S3 bucket from a different account
stage = nil # AWSCDK::Codepipeline::IStage
input = nil # AWSCDK::Codepipeline::Artifact

stage.add_action(AWSCDK::CodePipelineActions::S3DeployAction.new({
    bucket: AWSCDK::S3::Bucket.from_bucket_attributes(self, "Bucket", {
        account: "123456789012",
    }),
    input: input,
    action_name: "s3-deploy-action",
}))

Actions that don't accept a resource object accept an explicit account parameter:

# Actions that don't accept a resource objet accept an explicit `account` parameter
stage = nil # AWSCDK::Codepipeline::IStage
template_path = nil # AWSCDK::Codepipeline::ArtifactPath

stage.add_action(AWSCDK::CodePipelineActions::CloudFormationCreateUpdateStackAction.new({
    account: "123456789012",
    template_path: template_path,
    admin_permissions: false,
    stack_name: AWSCDK::Stack.of(self).stack_name,
    action_name: "cloudformation-create-update",
}))

The Pipeline construct automatically defines an IAM Role for you in the target account which the pipeline will assume to perform that action. This Role will be defined in a support stack named <PipelineStackName>-support-<account>, that will automatically be deployed before the stack containing the pipeline.

If you do not want to use the generated role, you can also explicitly pass a role when creating the action. In that case, the action will operate in the account the role belongs to:

# Explicitly pass in a `role` when creating an action.
stage = nil # AWSCDK::Codepipeline::IStage
template_path = nil # AWSCDK::Codepipeline::ArtifactPath

stage.add_action(AWSCDK::CodePipelineActions::CloudFormationCreateUpdateStackAction.new({
    template_path: template_path,
    admin_permissions: false,
    stack_name: AWSCDK::Stack.of(self).stack_name,
    action_name: "cloudformation-create-update",
    # ...
    role: AWSCDK::IAM::Role.from_role_arn(self, "ActionRole", "..."),
}))

Cross-region CodePipelines

Similar to how you set up a cross-account Action, the AWS resource object you pass to actions can also be in different Regions. For example, the following Action deploys to an imported S3 bucket from a different Region:

# Deploy to an imported S3 bucket from a different Region.
stage = nil # AWSCDK::Codepipeline::IStage
input = nil # AWSCDK::Codepipeline::Artifact

stage.add_action(AWSCDK::CodePipelineActions::S3DeployAction.new({
    bucket: AWSCDK::S3::Bucket.from_bucket_attributes(self, "Bucket", {
        region: "us-west-1",
    }),
    input: input,
    action_name: "s3-deploy-action",
}))

Actions that don't take an AWS resource will accept an explicit region parameter:

# Actions that don't take an AWS resource will accept an explicit `region` parameter.
stage = nil # AWSCDK::Codepipeline::IStage
template_path = nil # AWSCDK::Codepipeline::ArtifactPath

stage.add_action(AWSCDK::CodePipelineActions::CloudFormationCreateUpdateStackAction.new({
    template_path: template_path,
    admin_permissions: false,
    stack_name: AWSCDK::Stack.of(self).stack_name,
    action_name: "cloudformation-create-update",
    # ...
    region: "us-west-1",
}))

The Pipeline construct automatically defines a replication bucket for you in the target region, which the pipeline will replicate artifacts to and from. This Bucket will be defined in a support stack named <PipelineStackName>-support-<region>, that will automatically be deployed before the stack containing the pipeline.

If you don't want to use these support stacks, and already have buckets in place to serve as replication buckets, you can supply these at Pipeline definition time using the cross_region_replication_buckets parameter. Example:

# Supply replication buckets for the Pipeline instead of using the generated support stack
pipeline = AWSCDK::Codepipeline::Pipeline.new(self, "MyFirstPipeline", {
    # ...

    cross_region_replication_buckets: {
        # note that a physical name of the replication Bucket must be known at synthesis time
        "us-west-1" => AWSCDK::S3::Bucket.from_bucket_attributes(self, "UsWest1ReplicationBucket", {
            bucket_name: "amzn-s3-demo-bucket",
            # optional KMS key
            encryption_key: AWSCDK::KMS::Key.from_key_arn(self, "UsWest1ReplicationKey", "arn:aws:kms:us-west-1:123456789012:key/1234-5678-9012"),
        }),
    },
})

See the AWS docs here for more information on cross-region CodePipelines.

Creating an encrypted replication bucket

If you're passing a replication bucket created in a different stack, like this:

# Passing a replication bucket created in a different stack.
app = AWSCDK::App.new
replication_stack = AWSCDK::Stack.new(app, "ReplicationStack", {
    env: {
        region: "us-west-1",
    },
})
key = AWSCDK::KMS::Key.new(replication_stack, "ReplicationKey")
replication_bucket = AWSCDK::S3::Bucket.new(replication_stack, "ReplicationBucket", {
    # like was said above - replication buckets need a set physical name
    bucket_name: AWSCDK::PhysicalName.GENERATE_IF_NEEDED,
    encryption_key: key,
})

# later...
AWSCDK::Codepipeline::Pipeline.new(replication_stack, "Pipeline", {
    cross_region_replication_buckets: {
        "us-west-1" => replication_bucket,
    },
})

When trying to encrypt it (and note that if any of the cross-region actions happen to be cross-account as well, the bucket has to be encrypted - otherwise the pipeline will fail at runtime), you cannot use a key directly - KMS keys don't have physical names, and so you can't reference them across environments.

In this case, you need to use an alias in place of the key when creating the bucket:

# Passing an encrypted replication bucket created in a different stack.
app = AWSCDK::App.new
replication_stack = AWSCDK::Stack.new(app, "ReplicationStack", {
    env: {
        region: "us-west-1",
    },
})
key = AWSCDK::KMS::Key.new(replication_stack, "ReplicationKey")
_alias = AWSCDK::KMS::Alias.new(replication_stack, "ReplicationAlias", {
    # aliasName is required
    alias_name: AWSCDK::PhysicalName.GENERATE_IF_NEEDED,
    target_key: key,
})
replication_bucket = AWSCDK::S3::Bucket.new(replication_stack, "ReplicationBucket", {
    bucket_name: AWSCDK::PhysicalName.GENERATE_IF_NEEDED,
    encryption_key: _alias,
})

Variables

Variables are key-value pairs that can be used to dynamically configure actions in your pipeline.

There are two types of variables, Action-level variables and Pipeline-level variables. Action-level variables are produced when an action is executed. Pipeline-level variables are defined when the pipeline is created and resolved at pipeline run time. You specify the Pipeline-level variables when the pipeline is created, and you can provide values at the time of the pipeline execution.

Action-level variables

The library supports action-level variables. Each action class that emits variables has a separate variables interface, accessed as a property of the action instance called variables. You instantiate the action class and assign it to a local variable; when you want to use a variable in the configuration of a different action, you access the appropriate property of the interface returned from variables, which represents a single variable. Example:

# MyAction is some action type that produces variables, like EcrSourceAction
my_action = MyAction.new({
    # ...
    action_name: "myAction",
})
OtherAction.new({
    # ...
    config: my_action.variables.my_variable,
    action_name: "otherAction",
})

The namespace name that will be used will be automatically generated by the pipeline construct, based on the stage and action name; you can pass a custom name when creating the action instance:

# MyAction is some action type that produces variables, like EcrSourceAction
my_action = MyAction.new({
    # ...
    variables_namespace: "MyNamespace",
    action_name: "myAction",
})

There are also global variables available, not tied to any action; these are accessed through static properties of the GlobalVariables class:

# OtherAction is some action type that produces variables, like EcrSourceAction
OtherAction.new({
    # ...
    config: AWSCDK::Codepipeline::GlobalVariables.EXECUTION_ID,
    action_name: "otherAction",
})

The following is an actual code example.

source_action = nil # AWSCDK::CodePipelineActions::S3SourceAction
source_output = nil # AWSCDK::Codepipeline::Artifact
deploy_bucket = nil # AWSCDK::S3::Bucket


AWSCDK::Codepipeline::Pipeline.new(self, "Pipeline", {
    stages: [
        {
            stage_name: "Source",
            actions: [source_action],
        },
        {
            stage_name: "Deploy",
            actions: [
                AWSCDK::CodePipelineActions::S3DeployAction.new({
                    action_name: "DeployAction",
                    # can reference the variables
                    object_key: "#{source_action.variables[:version_id]}.txt",
                    input: source_output,
                    bucket: deploy_bucket,
                }),
            ],
        },
    ],
})

Check the documentation of the aws-cdk-lib/aws-codepipeline-actions for details on how to use the variables for each action class.

See the CodePipeline documentation for more details on how to use the variables feature.

Pipeline-level variables

You can add one or more variables at the pipeline level. You can reference this value in the configuration of CodePipeline actions. You can add the variable names, default values, and descriptions when you create the pipeline. Variables are resolved at the time of execution.

Note that using pipeline-level variables in any kind of Source action is not supported. Also, the variables can only be used with pipeline type V2.

source_action = nil # AWSCDK::CodePipelineActions::S3SourceAction
source_output = nil # AWSCDK::Codepipeline::Artifact
deploy_bucket = nil # AWSCDK::S3::Bucket


# Pipeline-level variable
variable = AWSCDK::Codepipeline::Variable.new({
    variable_name: "bucket-var",
    description: "description",
    default_value: "sample",
})

AWSCDK::Codepipeline::Pipeline.new(self, "Pipeline", {
    pipeline_type: AWSCDK::Codepipeline::PipelineType::V2,
    variables: [variable],
    stages: [
        {
            stage_name: "Source",
            actions: [source_action],
        },
        {
            stage_name: "Deploy",
            actions: [
                AWSCDK::CodePipelineActions::S3DeployAction.new({
                    action_name: "DeployAction",
                    # can reference the variables
                    object_key: "#{variable.reference}.txt",
                    input: source_output,
                    bucket: deploy_bucket,
                }),
            ],
        },
    ],
})

Or append a variable to an existing pipeline:

pipeline = nil # AWSCDK::Codepipeline::Pipeline


variable = AWSCDK::Codepipeline::Variable.new({
    variable_name: "bucket-var",
    description: "description",
    default_value: "sample",
})
pipeline.add_variable(variable)

Events

Using a pipeline as an event target

A pipeline can be used as a target for a CloudWatch event rule:

# A pipeline being used as a target for a CloudWatch event rule.
require 'aws-cdk-lib'

pipeline = nil # AWSCDK::Codepipeline::Pipeline


# kick off the pipeline every day
rule = AWSCDK::Events::Rule.new(self, "Daily", {
    schedule: AWSCDK::Events::Schedule.rate(AWSCDK::Duration.days(1)),
})
rule.add_target(AWSCDK::EventsTargets::CodePipeline.new(pipeline))

When a pipeline is used as an event target, the "codepipeline:StartPipelineExecution" permission is granted to the AWS CloudWatch Events service.

Event sources

Pipelines emit CloudWatch events. To define event rules for events emitted by the pipeline, stages or action, use the on_xxx methods on the respective construct:

# Define event rules for events emitted by the pipeline
require 'aws-cdk-lib'

my_pipeline = nil # AWSCDK::Codepipeline::Pipeline
my_stage = nil # AWSCDK::Codepipeline::IStage
my_action = nil # AWSCDK::Codepipeline::Action
target = nil # AWSCDK::Events::IRuleTarget

my_pipeline.on_state_change("MyPipelineStateChange", {target: target})
my_stage.on_state_change("MyStageStateChange", target)
my_action.on_state_change("MyActionStateChange", target)

CodeStar Notifications

To define CodeStar Notification rules for Pipelines, use one of the notify_on_xxx() methods. They are very similar to on_xxx() methods for CloudWatch events:

# Define CodeStar Notification rules for Pipelines
require 'aws-cdk-lib'

pipeline = nil # AWSCDK::Codepipeline::Pipeline

target = AWSCDK::Chatbot::SlackChannelConfiguration.new(self, "MySlackChannel", {
    slack_channel_configuration_name: "YOUR_CHANNEL_NAME",
    slack_workspace_id: "YOUR_SLACK_WORKSPACE_ID",
    slack_channel_id: "YOUR_SLACK_CHANNEL_ID",
})
rule = pipeline.notify_on_execution_state_change("NotifyOnExecutionStateChange", target)

Trigger

To trigger a pipeline with Git tags or branches, specify the triggers property. The triggers can only be used with pipeline type V2.

Push filter

Pipelines can be started based on push events. You can specify the push_filter property to filter the push events. The push_filter can specify Git tags and branches.

In the case of Git tags, your pipeline starts when a Git tag is pushed. You can filter with glob patterns. The tags_excludes takes priority over the tags_includes.

source_action = nil # AWSCDK::CodePipelineActions::CodeStarConnectionsSourceAction
build_action = nil # AWSCDK::CodePipelineActions::CodeBuildAction


AWSCDK::Codepipeline::Pipeline.new(self, "Pipeline", {
    pipeline_type: AWSCDK::Codepipeline::PipelineType::V2,
    stages: [
        {
            stage_name: "Source",
            actions: [source_action],
        },
        {
            stage_name: "Build",
            actions: [build_action],
        },
    ],
    triggers: [
        {
            provider_type: AWSCDK::Codepipeline::ProviderType::CODE_STAR_SOURCE_CONNECTION,
            git_configuration: {
                source_action: source_action,
                push_filter: [
                    {
                        tags_excludes: ["exclude1", "exclude2"],
                        tags_includes: ["include*"],
                    },
                ],
            },
        },
    ],
})

In the case of branches, your pipeline starts when a commit is pushed on the specified branches. You can filter with glob patterns. The branches_excludes takes priority over the branches_includes.

source_action = nil # AWSCDK::CodePipelineActions::CodeStarConnectionsSourceAction
build_action = nil # AWSCDK::CodePipelineActions::CodeBuildAction


AWSCDK::Codepipeline::Pipeline.new(self, "Pipeline", {
    pipeline_type: AWSCDK::Codepipeline::PipelineType::V2,
    stages: [
        {
            stage_name: "Source",
            actions: [source_action],
        },
        {
            stage_name: "Build",
            actions: [build_action],
        },
    ],
    triggers: [
        {
            provider_type: AWSCDK::Codepipeline::ProviderType::CODE_STAR_SOURCE_CONNECTION,
            git_configuration: {
                source_action: source_action,
                push_filter: [
                    {
                        branches_excludes: ["exclude1", "exclude2"],
                        branches_includes: ["include*"],
                    },
                ],
            },
        },
    ],
})

File paths can also be specified along with the branches to start the pipeline. You can filter with glob patterns. The file_paths_excludes takes priority over the file_paths_includes.

source_action = nil # AWSCDK::CodePipelineActions::CodeStarConnectionsSourceAction
build_action = nil # AWSCDK::CodePipelineActions::CodeBuildAction


AWSCDK::Codepipeline::Pipeline.new(self, "Pipeline", {
    pipeline_type: AWSCDK::Codepipeline::PipelineType::V2,
    stages: [
        {
            stage_name: "Source",
            actions: [source_action],
        },
        {
            stage_name: "Build",
            actions: [build_action],
        },
    ],
    triggers: [
        {
            provider_type: AWSCDK::Codepipeline::ProviderType::CODE_STAR_SOURCE_CONNECTION,
            git_configuration: {
                source_action: source_action,
                push_filter: [
                    {
                        branches_excludes: ["exclude1", "exclude2"],
                        branches_includes: ["include1", "include2"],
                        file_paths_excludes: ["/path/to/exclude1", "/path/to/exclude2"],
                        file_paths_includes: ["/path/to/include1", "/path/to/include1"],
                    },
                ],
            },
        },
    ],
})

Pull request filter

Pipelines can be started based on pull request events. You can specify the pull_request_filter property to filter the pull request events. The pull_request_filter can specify branches, file paths, and event types.

In the case of branches, your pipeline starts when a pull request event occurs on the specified branches. You can filter with glob patterns. The branches_excludes takes priority over the branches_includes.

source_action = nil # AWSCDK::CodePipelineActions::CodeStarConnectionsSourceAction
build_action = nil # AWSCDK::CodePipelineActions::CodeBuildAction


AWSCDK::Codepipeline::Pipeline.new(self, "Pipeline", {
    pipeline_type: AWSCDK::Codepipeline::PipelineType::V2,
    stages: [
        {
            stage_name: "Source",
            actions: [source_action],
        },
        {
            stage_name: "Build",
            actions: [build_action],
        },
    ],
    triggers: [
        {
            provider_type: AWSCDK::Codepipeline::ProviderType::CODE_STAR_SOURCE_CONNECTION,
            git_configuration: {
                source_action: source_action,
                pull_request_filter: [
                    {
                        branches_excludes: ["exclude1", "exclude2"],
                        branches_includes: ["include*"],
                    },
                ],
            },
        },
    ],
})

File paths can also be specified along with the branches to start the pipeline. You can filter with glob patterns. The file_paths_excludes takes priority over the file_paths_includes.

source_action = nil # AWSCDK::CodePipelineActions::CodeStarConnectionsSourceAction
build_action = nil # AWSCDK::CodePipelineActions::CodeBuildAction


AWSCDK::Codepipeline::Pipeline.new(self, "Pipeline", {
    pipeline_type: AWSCDK::Codepipeline::PipelineType::V2,
    stages: [
        {
            stage_name: "Source",
            actions: [source_action],
        },
        {
            stage_name: "Build",
            actions: [build_action],
        },
    ],
    triggers: [
        {
            provider_type: AWSCDK::Codepipeline::ProviderType::CODE_STAR_SOURCE_CONNECTION,
            git_configuration: {
                source_action: source_action,
                pull_request_filter: [
                    {
                        branches_excludes: ["exclude1", "exclude2"],
                        branches_includes: ["include1", "include2"],
                        file_paths_excludes: ["/path/to/exclude1", "/path/to/exclude2"],
                        file_paths_includes: ["/path/to/include1", "/path/to/include1"],
                    },
                ],
            },
        },
    ],
})

To filter types of pull request events for triggers, you can specify the events property.

source_action = nil # AWSCDK::CodePipelineActions::CodeStarConnectionsSourceAction
build_action = nil # AWSCDK::CodePipelineActions::CodeBuildAction


AWSCDK::Codepipeline::Pipeline.new(self, "Pipeline", {
    pipeline_type: AWSCDK::Codepipeline::PipelineType::V2,
    stages: [
        {
            stage_name: "Source",
            actions: [source_action],
        },
        {
            stage_name: "Build",
            actions: [build_action],
        },
    ],
    triggers: [
        {
            provider_type: AWSCDK::Codepipeline::ProviderType::CODE_STAR_SOURCE_CONNECTION,
            git_configuration: {
                source_action: source_action,
                pull_request_filter: [
                    {
                        branches_excludes: ["exclude1", "exclude2"],
                        branches_includes: ["include1", "include2"],
                        events: [
                            AWSCDK::Codepipeline::GitPullRequestEvent::OPEN,
                            AWSCDK::Codepipeline::GitPullRequestEvent::CLOSED,
                        ],
                    },
                ],
            },
        },
    ],
})

Append a trigger to an existing pipeline

You can append a trigger to an existing pipeline:

pipeline = nil # AWSCDK::Codepipeline::Pipeline
source_action = nil # AWSCDK::CodePipelineActions::CodeStarConnectionsSourceAction


pipeline.add_trigger({
    provider_type: AWSCDK::Codepipeline::ProviderType::CODE_STAR_SOURCE_CONNECTION,
    git_configuration: {
        source_action: source_action,
        push_filter: [
            {
                tags_excludes: ["exclude1", "exclude2"],
                tags_includes: ["include*"],
            },
        ],
    },
})

Execution mode

To control the concurrency behavior when multiple executions of a pipeline are started, you can use the execution_mode property.

The execution mode can only be used with pipeline type V2.

AWSCDK::Codepipeline::Pipeline.new(self, "Pipeline", {
    pipeline_type: AWSCDK::Codepipeline::PipelineType::V2,
    execution_mode: AWSCDK::Codepipeline::ExecutionMode::PARALLEL,
})

Stage Level Condition

Conditions are used for specific types of expressions and each has specific options for results available as follows:

Entry - The conditions for making checks that, if met, allow entry to a stage. Rules are engaged with the following result options: Fail or Skip

On Failure - The conditions for making checks for the stage when it fails. Rules are engaged with the following result option: Rollback

On Success - The conditions for making checks for the stage when it succeeds. Rules are engaged with the following result options: Rollback or Fail

Conditions are supported by a set of rules for each type of condition.

For each type of condition, there are specific actions that are set up by the condition. The action is the result of the succeeded or failed condition check. For example, the condition for entry (entry condition) encounters an alarm (rule), then the check is successful and the result (action) is that the stage entry is blocked.

source_action = nil # AWSCDK::CodePipelineActions::CodeStarConnectionsSourceAction
build_action = nil # AWSCDK::CodePipelineActions::CodeBuildAction


AWSCDK::Codepipeline::Pipeline.new(self, "Pipeline", {
    pipeline_type: AWSCDK::Codepipeline::PipelineType::V2,
    stages: [
        {
            stage_name: "Source",
            actions: [source_action],
        },
        {
            stage_name: "Build",
            actions: [build_action],
            # BeforeEntry condition - checks before entering the stage
            before_entry: {
                conditions: [
                    {
                        rules: [
                            AWSCDK::Codepipeline::Rule.new({
                                name: "LambdaCheck",
                                provider: "LambdaInvoke",
                                version: "1",
                                configuration: {
                                    FunctionName: "LambdaFunctionName",
                                },
                            }),
                        ],
                        result: AWSCDK::Codepipeline::Result::FAIL,
                    },
                ],
            },
            # OnSuccess condition - checks after successful stage completion
            on_success: {
                conditions: [
                    {
                        result: AWSCDK::Codepipeline::Result::FAIL,
                        rules: [
                            AWSCDK::Codepipeline::Rule.new({
                                name: "CloudWatchCheck",
                                provider: "LambdaInvoke",
                                version: "1",
                                configuration: {
                                    AlarmName: "AlarmName1",
                                    WaitTime: "300",
                                     # 5 minutes
                                    FunctionName: "funcName2",
                                },
                            }),
                        ],
                    },
                ],
            },
            # OnFailure condition - handles stage failure
            on_failure: {
                conditions: [
                    {
                        result: AWSCDK::Codepipeline::Result::ROLLBACK,
                        rules: [
                            AWSCDK::Codepipeline::Rule.new({
                                name: "RollBackOnFailure",
                                provider: "LambdaInvoke",
                                version: "1",
                                configuration: {
                                    AlarmName: "Alarm",
                                    WaitTime: "300",
                                     # 5 minutes
                                    FunctionName: "funcName1",
                                },
                            }),
                        ],
                    },
                ],
            },
        },
    ],
})

Use pipeline service role as default action role in pipeline

You could enable this field to use pipeline service role as default action role in Codepipeline by set use_pipeline_service_role_for_actions as true if no action role provided.

Migrating a pipeline type from V1 to V2

To migrate your pipeline type from V1 to V2, you just need to update the pipeline_type property to PipelineType.V2. This migration does not cause replacement of your pipeline.

When the @aws-cdk/aws-codepipeline:defaultPipelineTypeToV2 feature flag is set to true (default for new projects), the V2 type is selected by default if you do not specify a value for pipeline_type property. Otherwise, the V1 type is selected.

AWSCDK::Codepipeline::Pipeline.new(self, "Pipeline", {
    pipeline_type: AWSCDK::Codepipeline::PipelineType::V2,
})

See the CodePipeline documentation for more details on the differences between each type.

API Reference

Classes 12

ActionLow-level class for generic CodePipeline Actions implementing the `IAction` interface. ArtifactAn output artifact of an action. ArtifactPathA specific file within an output artifact. CfnCustomActionTypeThe `AWS::CodePipeline::CustomActionType` resource creates a custom action for activities CfnPipelineThe `AWS::CodePipeline::Pipeline` resource creates a CodePipeline pipeline that describes CfnWebhookThe `AWS::CodePipeline::Webhook` resource creates and registers your webhook. CustomActionRegistrationThe resource representing registering a custom Action with CodePipeline. GlobalVariablesThe CodePipeline variables that are global, not bound to a specific action. PipelineAn AWS CodePipeline pipeline with its associated IAM role and S3 bucket. RuleRepresents a rule in AWS CodePipeline that can be used to add conditions and controls to p TriggerTrigger. VariablePipeline-Level variable.

Interfaces 29

ActionArtifactBoundsSpecifies the constraints on the number of input and output artifacts an action can have. ActionBindOptions ActionConfig ActionProperties CfnCustomActionTypePropsProperties for defining a `CfnCustomActionType`. CfnPipelinePropsProperties for defining a `CfnPipeline`. CfnWebhookPropsProperties for defining a `CfnWebhook`. CommonActionPropsCommon properties shared by all Actions. CommonAWSActionPropsCommon properties shared by all Actions whose `ActionProperties.owner` field is 'AWS' (or ConditionThe condition for the stage. ConditionsThe conditions for making checks for the stage. CrossRegionSupportAn interface representing resources generated in order to support the cross-region capabil CustomActionPropertyThe creation attributes used for defining a configuration property of a custom Action. CustomActionRegistrationPropsProperties of registering a custom Action. FailureConditionsThe configuration that specifies the result, such as rollback, to occur upon stage failure GitConfigurationGit configuration for trigger. GitPullRequestFilterGit pull request filter for trigger. GitPushFilterGit push filter for trigger. IActionA Pipeline Action. IPipelineThe abstract view of an AWS CodePipeline as required and used by Actions. IStageThe abstract interface of a Pipeline Stage that is used by Actions. PipelineNotifyOnOptionsAdditional options to pass to the notification rule. PipelineProps RulePropsProperties for defining a CodePipeline Rule. StageOptions StagePlacementAllows you to control where to place a new Stage when it's added to the Pipeline. StagePropsConstruction properties of a Pipeline Stage. TriggerPropsProperties of trigger. VariablePropsProperties of pipeline-level variable.

Enums 8

ActionCategory ExecutionModeExecution mode. GitPullRequestEventEvent for trigger with pull request filter. PipelineNotificationEventsThe list of event types for AWS Codepipeline Pipeline. PipelineTypePipeline types. ProviderTypeProvider type for trigger. ResultThe action to be done when the condition is met. RetryModeThe method that you want to configure for automatic stage retry on stage failure.