This repository has been archived by the owner on May 25, 2022. It is now read-only.
forked from aws-samples/devsecops-quickstart
-
Notifications
You must be signed in to change notification settings - Fork 0
/
app.py
49 lines (43 loc) · 1.62 KB
/
app.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
#!/usr/bin/env python3
import os
from aws_cdk import core as cdk
from devsecops_quickstart.opa_scan.opascan import OPAScanStack
from devsecops_quickstart.cfn_nag.cfn_nag import CfnNag
from devsecops_quickstart.pipeline import CICDPipelineStack
app = cdk.App()
config = app.node.try_get_context("config")
general_config = config["general"]
opa_scan = OPAScanStack(
app,
id=f"{general_config['repository_name']}-opa-scan",
general_config=general_config,
env=cdk.Environment(
account=os.environ.get("CDK_DEPLOY_ACCOUNT", os.environ["CDK_DEFAULT_ACCOUNT"]),
region=os.environ.get("CDK_DEPLOY_REGION", os.environ["CDK_DEFAULT_REGION"])
),
)
cfn_nag = CfnNag(
app,
id=f"{general_config['repository_name']}-cfn-nag",
general_config=general_config,
env=cdk.Environment(
account=os.environ.get("CDK_DEPLOY_ACCOUNT", os.environ["CDK_DEFAULT_ACCOUNT"]),
region=os.environ.get("CDK_DEPLOY_REGION", os.environ["CDK_DEFAULT_REGION"])
),
)
developmentPipeline = CICDPipelineStack(
app,
id=f"{general_config['repository_name']}-ci-development",
general_config=general_config,
is_development_pipeline=True,
opa_scan_rules_bucket_name=opa_scan.opa_rules_bucket_url,
opa_scan_lambda_arn=opa_scan.opa_lambda_arn,
opa_scan_role_arn=opa_scan.opa_role_arn,
cfn_nag_lambda_arn = cfn_nag.cfn_nag_lambda_arn,
cfn_nag_role_arn = cfn_nag.cfn_nag_role_arn,
env=cdk.Environment(
account=os.environ.get("CDK_DEPLOY_ACCOUNT", os.environ["CDK_DEFAULT_ACCOUNT"]),
region=os.environ.get("CDK_DEPLOY_REGION", os.environ["CDK_DEFAULT_REGION"])
),
)
app.synth()