Adding gitlab-projects-accesstoken to CICD

rajdnp · rajdnp · commit c3ea2bae3374 · 2023-03-14T16:39:15.000-07:00
diff --git a/GitLab-Projects-AccessToken/cleanup.sh b/GitLab-Projects-AccessToken/cleanup.sh
@@ -0,0 +1,4 @@
+#!/bin/bash
+#
+# Clean up any prerequisites created in setup.sh
+
diff --git a/GitLab-Projects-AccessToken/example_inputs/inputs_1_create.json b/GitLab-Projects-AccessToken/example_inputs/inputs_1_create.json
@@ -1,9 +1,9 @@
 {
     "Name": "TestAccessToken",
-    "ProjectId": <PROJECT_ID>,
+    "ProjectId": GITLAB_PROJECT_ID,
     "AccessLevel": 30,
     "Scopes": [
         "api",
-        "write_registry"
+        "write_repository"
     ]
 }
diff --git a/GitLab-Projects-AccessToken/resource-role-prod.yaml b/GitLab-Projects-AccessToken/resource-role-prod.yaml
@@ -0,0 +1,31 @@
+AWSTemplateFormatVersion: "2010-09-09"
+Description: >
+  This CloudFormation template creates a role assumed by CloudFormation
+  during CRUDL operations to mutate resources on behalf of the customer.
+
+Resources:
+  ExecutionRole:
+    Type: AWS::IAM::Role
+    Properties:
+      MaxSessionDuration: 8400
+      AssumeRolePolicyDocument:
+        Version: '2012-10-17'
+        Statement:
+          - Effect: Allow
+            Principal:
+              Service: resources.cloudformation.amazonaws.com
+            Action: sts:AssumeRole
+      Path: "/"
+      Policies:
+        - PolicyName: ResourceTypePolicy
+          PolicyDocument:
+            Version: '2012-10-17'
+            Statement:
+              - Effect: Deny
+                Action:
+                - "*"
+                Resource: "*"
+Outputs:
+  ExecutionRoleArn:
+    Value:
+      Fn::GetAtt: ExecutionRole.Arn
diff --git a/GitLab-Projects-AccessToken/setup.sh b/GitLab-Projects-AccessToken/setup.sh
@@ -0,0 +1,8 @@
+#!/bin/bash
+#
+# Set up any prerequisites needed for cfn test
+#
+mkdir -p inputs
+cat example_inputs/inputs_1_create.json | sed "s/GITLAB_PROJECT_ID/${GITLAB_PROJECT_ID}/g" > inputs/inputs_1_create.json
+cat test/integ-template.yml | sed "s/GITLAB_PROJECT_ID/${GITLAB_PROJECT_ID}/g" > test/integ.yml
+
diff --git a/GitLab-Projects-AccessToken/template.yml b/GitLab-Projects-AccessToken/template.yml
@@ -5,7 +5,7 @@ Description: AWS SAM template for the GitLab::Projects::AccessToken resource typ
 Globals:
   Function:
     Timeout: 180  # docker start-up times can be long for SAM CLI
-    MemorySize: 256
+    MemorySize: 1024
 
 Resources:
   TypeFunction:
diff --git a/GitLab-Projects-AccessToken/test/integ-template.yml b/GitLab-Projects-AccessToken/test/integ-template.yml
@@ -0,0 +1,10 @@
+Resources:
+  GitLabProjectsAccessToken:
+    Type: GitLab::Projects::AccessToken
+    Properties:
+      Name: TestAccessToken
+      ProjectId: GITLAB_PROJECT_ID
+      AccessLevel: 30
+      Scopes:
+        - api
+        - write_repository

Original file line number	Diff line number	Diff line change
`@@ -1,9 +1,9 @@`
`1`	`1`	`{`
`2`	`2`	`"Name": "TestAccessToken",`
`3`		`- "ProjectId": <PROJECT_ID>,`
	`3`	`+ "ProjectId": GITLAB_PROJECT_ID,`
`4`	`4`	`"AccessLevel": 30,`
`5`	`5`	`"Scopes": [`
`6`	`6`	`"api",`
`7`		`- "write_registry"`
	`7`	`+ "write_repository"`
`8`	`8`	`]`
`9`	`9`	`}`