Skip to content

Commit 1127d6f

Browse files
rnagrnag
committed
Fix tests
1 parent 18a9014 commit 1127d6f

16 files changed

Lines changed: 305 additions & 0 deletions

cdk-example/.gitignore

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
*.swp
2+
package-lock.json
3+
.pytest_cache
4+
*.egg-info
5+
6+
# Byte-compiled / optimized / DLL files
7+
__pycache__/
8+
*.py[cod]
9+
*$py.class
10+
11+
# Environments
12+
.env
13+
.venv
14+
env/
15+
venv/
16+
ENV/
17+
env.bak/
18+
venv.bak/
19+
20+
# CDK Context & Staging files
21+
.cdk.staging/
22+
cdk.out/

cdk-example/README.md

Lines changed: 65 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,65 @@
1+
2+
# Welcome to your CDK Python project!
3+
4+
You should explore the contents of this project. It demonstrates a CDK app with an instance of a stack (`cdk_example_stack`)
5+
which contains an Amazon SQS queue that is subscribed to an Amazon SNS topic.
6+
7+
The `cdk.json` file tells the CDK Toolkit how to execute your app.
8+
9+
This project is set up like a standard Python project. The initialization process also creates
10+
a virtualenv within this project, stored under the .venv directory. To create the virtualenv
11+
it assumes that there is a `python3` executable in your path with access to the `venv` package.
12+
If for any reason the automatic creation of the virtualenv fails, you can create the virtualenv
13+
manually once the init process completes.
14+
15+
To manually create a virtualenv on MacOS and Linux:
16+
17+
```
18+
$ python3 -m venv .venv
19+
```
20+
21+
After the init process completes and the virtualenv is created, you can use the following
22+
step to activate your virtualenv.
23+
24+
```
25+
$ source .venv/bin/activate
26+
```
27+
28+
If you are a Windows platform, you would activate the virtualenv like this:
29+
30+
```
31+
% .venv\Scripts\activate.bat
32+
```
33+
34+
Once the virtualenv is activated, you can install the required dependencies.
35+
36+
```
37+
$ pip install -r requirements.txt
38+
```
39+
40+
At this point you can now synthesize the CloudFormation template for this code.
41+
42+
```
43+
$ cdk synth
44+
```
45+
46+
You can now begin exploring the source code, contained in the hello directory.
47+
There is also a very trivial test included that can be run like this:
48+
49+
```
50+
$ pytest
51+
```
52+
53+
To add additional dependencies, for example other CDK libraries, just add to
54+
your requirements.txt file and rerun the `pip install -r requirements.txt`
55+
command.
56+
57+
## Useful commands
58+
59+
* `cdk ls` list all stacks in the app
60+
* `cdk synth` emits the synthesized CloudFormation template
61+
* `cdk deploy` deploy this stack to your default AWS account/region
62+
* `cdk diff` compare deployed stack with current state
63+
* `cdk docs` open CDK documentation
64+
65+
Enjoy!

cdk-example/__init__.py

Whitespace-only changes.

cdk-example/app.py

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
#!/usr/bin/env python3
2+
3+
import aws_cdk as cdk
4+
5+
from cdk_example.cdk_example_stack import CdkExampleStack
6+
7+
8+
app = cdk.App()
9+
CdkExampleStack(app, "CdkExampleStack")
10+
11+
app.synth()

cdk-example/cdk.json

Lines changed: 99 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,99 @@
1+
{
2+
"app": "python3 app.py",
3+
"watch": {
4+
"include": [
5+
"**"
6+
],
7+
"exclude": [
8+
"README.md",
9+
"cdk*.json",
10+
"requirements*.txt",
11+
"source.bat",
12+
"**/__init__.py",
13+
"python/__pycache__",
14+
"tests"
15+
]
16+
},
17+
"context": {
18+
"@aws-cdk/aws-signer:signingProfileNamePassedToCfn": true,
19+
"@aws-cdk/aws-ecs-patterns:secGroupsDisablesImplicitOpenListener": true,
20+
"@aws-cdk/aws-lambda:recognizeLayerVersion": true,
21+
"@aws-cdk/core:checkSecretUsage": true,
22+
"@aws-cdk/core:target-partitions": [
23+
"aws",
24+
"aws-cn"
25+
],
26+
"@aws-cdk-containers/ecs-service-extensions:enableDefaultLogDriver": true,
27+
"@aws-cdk/aws-ec2:uniqueImdsv2TemplateName": true,
28+
"@aws-cdk/aws-ecs:arnFormatIncludesClusterName": true,
29+
"@aws-cdk/aws-iam:minimizePolicies": true,
30+
"@aws-cdk/core:validateSnapshotRemovalPolicy": true,
31+
"@aws-cdk/aws-codepipeline:crossAccountKeyAliasStackSafeResourceName": true,
32+
"@aws-cdk/aws-s3:createDefaultLoggingPolicy": true,
33+
"@aws-cdk/aws-sns-subscriptions:restrictSqsDescryption": true,
34+
"@aws-cdk/aws-apigateway:disableCloudWatchRole": true,
35+
"@aws-cdk/core:enablePartitionLiterals": true,
36+
"@aws-cdk/aws-events:eventsTargetQueueSameAccount": true,
37+
"@aws-cdk/aws-ecs:disableExplicitDeploymentControllerForCircuitBreaker": true,
38+
"@aws-cdk/aws-iam:importedRoleStackSafeDefaultPolicyName": true,
39+
"@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": true,
40+
"@aws-cdk/aws-route53-patters:useCertificate": true,
41+
"@aws-cdk/customresources:installLatestAwsSdkDefault": false,
42+
"@aws-cdk/aws-rds:databaseProxyUniqueResourceName": true,
43+
"@aws-cdk/aws-codedeploy:removeAlarmsFromDeploymentGroup": true,
44+
"@aws-cdk/aws-apigateway:authorizerChangeDeploymentLogicalId": true,
45+
"@aws-cdk/aws-ec2:launchTemplateDefaultUserData": true,
46+
"@aws-cdk/aws-secretsmanager:useAttachedSecretResourcePolicyForSecretTargetAttachments": true,
47+
"@aws-cdk/aws-redshift:columnId": true,
48+
"@aws-cdk/aws-stepfunctions-tasks:enableEmrServicePolicyV2": true,
49+
"@aws-cdk/aws-ec2:restrictDefaultSecurityGroup": true,
50+
"@aws-cdk/aws-apigateway:requestValidatorUniqueId": true,
51+
"@aws-cdk/aws-kms:aliasNameRef": true,
52+
"@aws-cdk/aws-kms:applyImportedAliasPermissionsToPrincipal": true,
53+
"@aws-cdk/aws-autoscaling:generateLaunchTemplateInsteadOfLaunchConfig": true,
54+
"@aws-cdk/core:includePrefixInUniqueNameGeneration": true,
55+
"@aws-cdk/aws-efs:denyAnonymousAccess": true,
56+
"@aws-cdk/aws-opensearchservice:enableOpensearchMultiAzWithStandby": true,
57+
"@aws-cdk/aws-lambda-nodejs:useLatestRuntimeVersion": true,
58+
"@aws-cdk/aws-efs:mountTargetOrderInsensitiveLogicalId": true,
59+
"@aws-cdk/aws-rds:auroraClusterChangeScopeOfInstanceParameterGroupWithEachParameters": true,
60+
"@aws-cdk/aws-appsync:useArnForSourceApiAssociationIdentifier": true,
61+
"@aws-cdk/aws-rds:preventRenderingDeprecatedCredentials": true,
62+
"@aws-cdk/aws-codepipeline-actions:useNewDefaultBranchForCodeCommitSource": true,
63+
"@aws-cdk/aws-cloudwatch-actions:changeLambdaPermissionLogicalIdForLambdaAction": true,
64+
"@aws-cdk/aws-codepipeline:crossAccountKeysDefaultValueToFalse": true,
65+
"@aws-cdk/aws-codepipeline:defaultPipelineTypeToV2": true,
66+
"@aws-cdk/aws-kms:reduceCrossAccountRegionPolicyScope": true,
67+
"@aws-cdk/aws-eks:nodegroupNameAttribute": true,
68+
"@aws-cdk/aws-ec2:ebsDefaultGp3Volume": true,
69+
"@aws-cdk/aws-ecs:removeDefaultDeploymentAlarm": true,
70+
"@aws-cdk/custom-resources:logApiResponseDataPropertyTrueDefault": false,
71+
"@aws-cdk/aws-s3:keepNotificationInImportedBucket": false,
72+
"@aws-cdk/core:explicitStackTags": true,
73+
"@aws-cdk/aws-ecs:enableImdsBlockingDeprecatedFeature": false,
74+
"@aws-cdk/aws-ecs:disableEcsImdsBlocking": true,
75+
"@aws-cdk/aws-ecs:reduceEc2FargateCloudWatchPermissions": true,
76+
"@aws-cdk/aws-dynamodb:resourcePolicyPerReplica": true,
77+
"@aws-cdk/aws-ec2:ec2SumTImeoutEnabled": true,
78+
"@aws-cdk/aws-appsync:appSyncGraphQLAPIScopeLambdaPermission": true,
79+
"@aws-cdk/aws-rds:setCorrectValueForDatabaseInstanceReadReplicaInstanceResourceId": true,
80+
"@aws-cdk/core:cfnIncludeRejectComplexResourceUpdateCreatePolicyIntrinsics": true,
81+
"@aws-cdk/aws-lambda-nodejs:sdkV3ExcludeSmithyPackages": true,
82+
"@aws-cdk/aws-stepfunctions-tasks:fixRunEcsTaskPolicy": true,
83+
"@aws-cdk/aws-ec2:bastionHostUseAmazonLinux2023ByDefault": true,
84+
"@aws-cdk/aws-route53-targets:userPoolDomainNameMethodWithoutCustomResource": true,
85+
"@aws-cdk/aws-elasticloadbalancingV2:albDualstackWithoutPublicIpv4SecurityGroupRulesDefault": true,
86+
"@aws-cdk/aws-iam:oidcRejectUnauthorizedConnections": true,
87+
"@aws-cdk/core:enableAdditionalMetadataCollection": true,
88+
"@aws-cdk/aws-lambda:createNewPoliciesWithAddToRolePolicy": false,
89+
"@aws-cdk/aws-s3:setUniqueReplicationRoleName": true,
90+
"@aws-cdk/aws-events:requireEventBusPolicySid": true,
91+
"@aws-cdk/core:aspectPrioritiesMutating": true,
92+
"@aws-cdk/aws-dynamodb:retainTableReplica": true,
93+
"@aws-cdk/aws-stepfunctions:useDistributedMapResultWriterV2": true,
94+
"@aws-cdk/s3-notifications:addS3TrustKeyPolicyForSnsSubscriptions": true,
95+
"@aws-cdk/aws-ec2:requirePrivateSubnetsForEgressOnlyInternetGateway": true,
96+
"@aws-cdk/aws-s3:publicAccessBlockedByDefault": true,
97+
"@aws-cdk/aws-lambda:useCdkManagedLogGroup": true
98+
}
99+
}

cdk-example/cdk_example/__init__.py

Whitespace-only changes.

cdk-example/cdk_example/cdk_example_stack.py

Lines changed: 54 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,54 @@
1+
from constructs import Construct
2+
from aws_cdk import (
3+
Duration,
4+
Stack,
5+
aws_lambda as _lambda,
6+
aws_secretsmanager as secretsmanager,
7+
aws_ssm as ssm,
8+
)
9+
10+
11+
class CdkExampleStack(Stack):
12+
13+
def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None:
14+
super().__init__(scope, construct_id, **kwargs)
15+
16+
# Create a Secrets Manager secret for testing
17+
test_secret = secretsmanager.Secret(
18+
self, "TestSecret",
19+
secret_name="my-test-secret",
20+
generate_secret_string=secretsmanager.SecretStringGenerator(
21+
secret_string_template='{"username":"user","password":"pass"}',
22+
generate_string_key="token"
23+
)
24+
)
25+
26+
# Create a Parameter Store entry
27+
test_param = ssm.StringParameter(
28+
self, "TestParam",
29+
parameter_name="/my/test/param",
30+
string_value="hello-world"
31+
)
32+
33+
# Lambda function
34+
test_lambda = _lambda.Function(
35+
self, "TestLambda",
36+
runtime=_lambda.Runtime.PYTHON_3_12,
37+
handler="lambda_function.handler", # function inside your lambda file
38+
code=_lambda.Code.from_asset(
39+
path="lambda",
40+
bundling={
41+
"image": _lambda.Runtime.PYTHON_3_12.bundling_image,
42+
"command": ["bash", "-c",
43+
"pip install -r requirements.txt -t /asset-output && find /asset-output -name '*.dist-info' -type d -exec rm -rf {} + && cp -r . /asset-output"],
44+
}
45+
),
46+
environment={
47+
"TEST_SECRET_NAME": test_secret.secret_name,
48+
"TEST_PARAM_NAME": test_param.parameter_name
49+
},
50+
)
51+
52+
# Grant Lambda permissions to read secret & parameter
53+
test_secret.grant_read(test_lambda)
54+
test_param.grant_read(test_lambda)

cdk-example/lambda/__init__.py

Whitespace-only changes.

cdk-example/lambda/lambda_function.py

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
# lambda_function.py
2+
import os
3+
from secrets_cache import get_secret, get_param
4+
5+
def handler(event, context):
6+
# Example usage
7+
secret_name = os.getenv("TEST_SECRET_NAME", "my-test-secret")
8+
param_name = os.getenv("TEST_PARAM_NAME", "/my/test/param")
9+
10+
secret = get_secret(secret_name)
11+
param = get_param(param_name)
12+
13+
return {
14+
"secret": secret,
15+
"param": param
16+
}

cdk-example/lambda/requirements.txt

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
secrets-cache[lambda]

0 commit comments

Comments
 (0)