{"id":15547480,"url":"https://github.com/stefanfreitag/gradle_uploader","last_synced_at":"2025-04-23T18:23:42.753Z","repository":{"id":55672824,"uuid":"265346403","full_name":"stefanfreitag/gradle_uploader","owner":"stefanfreitag","description":null,"archived":false,"fork":false,"pushed_at":"2025-04-01T03:44:36.000Z","size":1405,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-04-17T06:28:09.363Z","etag":null,"topics":["aws","cdk","gradle"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/stefanfreitag.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-05-19T19:37:16.000Z","updated_at":"2025-04-01T03:37:57.000Z","dependencies_parsed_at":"2023-02-17T03:30:48.990Z","dependency_job_id":"7d457984-f660-4357-bda4-718b310acb9f","html_url":"https://github.com/stefanfreitag/gradle_uploader","commit_stats":{"total_commits":129,"total_committers":7,"mean_commits":"18.428571428571427","dds":"0.48062015503875966","last_synced_commit":"7ebb4d7c93e0b8d169113a61402b38d4bf94ac92"},"previous_names":[],"tags_count":34,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stefanfreitag%2Fgradle_uploader","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stefanfreitag%2Fgradle_uploader/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stefanfreitag%2Fgradle_uploader/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stefanfreitag%2Fgradle_uploader/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/stefanfreitag","download_url":"https://codeload.github.com/stefanfreitag/gradle_uploader/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250488359,"owners_count":21438769,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","cdk","gradle"],"created_at":"2024-10-02T13:09:21.411Z","updated_at":"2025-04-23T18:23:42.735Z","avatar_url":"https://github.com/stefanfreitag.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Gradle Uploader\n\nThis CDK construct checks for new releases of the [Gradle](https://gradle.org/) build software.\n\nThe new release will be made available as copy in an S3 bucket. An information about\nthe new release can be sent via e-mail or via Slack.\n\nInternally the construct uses\n\n- an [S3](https://aws.amazon.com/s3/) bucket for storing the Gradle software\n- a [Lambda](https://aws.amazon.com/lambda/) function and one Lambda layer to\n  - check for the latest Gradle release\n  - upload if required and notify users via [SNS](https://aws.amazon.com/sns/) and e-Mail or alternatively Slack\n- a [Cloudwatch](https://aws.amazon.com/cloudwatch/) event rule to trigger the Lambda function\n\n![Overview](docs/overview.png \"Overview\")\n\n## Setup of the components\n\n### The S3 Bucket\n\nBy default, public access to the S3 bucket is disabled. Only the access from a specific IP address (the one I got from my ISP) is allowed and ensured via [bucket policies](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-policy.html).\n\n```javascript\n  const bucket = new Bucket(this, \"bucket\", {\n      blockPublicAccess: BlockPublicAccess.BLOCK_ALL,\n      encryption: BucketEncryption.S3_MANAGED,\n      publicReadAccess: false,\n      versioned: false,\n      removalPolicy: RemovalPolicy.DESTROY,\n    });\n\n    const bucketContentStatement = new PolicyStatement({\n      effect: Effect.ALLOW,\n      actions: [\"s3:GetObject\"],\n      resources: [bucket.bucketArn + \"/*\"],\n      principals: [new AnyPrincipal()],\n    });\n    bucketContentStatement.addCondition(\"IpAddress\", {\n      \"aws:SourceIp\": \"87.122.220.125/32\",\n    });\n\n    const bucketStatement: PolicyStatement = new PolicyStatement({\n      effect: Effect.ALLOW,\n      actions: [\"s3:ListBucket\", \"s3:GetBucketLocation\"],\n      resources: [bucket.bucketArn],\n      principals: [new AnyPrincipal()],\n    });\n    bucketStatement.addCondition(\"IpAddress\", {\n      \"aws:SourceIp\": \"87.122.220.125/32\",\n    });\n\n    const bucketPolicy = new BucketPolicy(this, \"bucketPolicy\", {\n      bucket: bucket,\n    });\n ```\n\n## The Lambda function\n\nThe Lambda function is written in Python (version 3.8). The execution time is limited to five minutes and the memory consumption to 512 MByte. Additionally the function gets read/ write access to the S3 bucket and has a log retention period is set to one week.\n\n```javascript\nconst fn = new Function(this, \"fnUpload\", {\n  runtime: Runtime.PYTHON_3_8,\n  description: \"Download Gradle distribution to S3 bucket\",\n  handler: \"gradleUploader.main\",\n  code: Code.fromAsset(\"./lambda/\"),\n  timeout: Duration.minutes(5),\n  memorySize: 512,\n  logRetention: RetentionDays.ONE_WEEK,\n  layers: [layer],\n  environment: {\n    BUCKET_NAME: bucket.bucketName,\n    TOPIC_ARN: topic.topicArn,\n  },\n});\n\nbucket.grantReadWrite(fn);\n```\n\nIf Slack is selected as notification channel, then also the `WEBHOOK_URL`\nis part of the `environment`.\n\nIn the additional layer modules like boto3 are included.\n\n```javascript\nconst layer = new LayerVersion(this, \"GradleUploaderLayer\", {\n  code: Code.fromAsset(path.join(__dirname, \"../layer-code\")),\n  compatibleRuntimes: [Runtime.PYTHON_3_8],\n  license: \"Apache-2.0\",\n  description: \"A layer containing dependencies for thr Gradle Uploader\",\n});\n```\n\n## The Cloudwatch event rule\n\nEvery first of a month the Lambda function `fn` will be triggered automatically. That seems to be a reasonable period for the update check.\n\n```javascript\nconst target = new LambdaFunction(fn);\nnew Rule(this, \"ScheduleRule\", {\n  schedule: Schedule.cron({ minute: \"0\", hour: \"0\", day: \"1\", month: \"*\" }),\n   targets: [target],\n});\n```\n\n## Notifying about new releases\n\nWhenever the release of a new Gradle version is detected, the stack will sent an e-mail to the list of subscriber using SNS.\n\n```javascript\nprivate addSubscribers(topic: Topic, subscribers:Array\u003cstring\u003e) {\n    for (var subscriber of subscribers) {\n      topic.addSubscription(new EmailSubscription(subscriber));\n    }\n  }\n```\n\nThe forwarding of information to a [Slack](https://slack.com/) channel is done from within the Lambda function.\n\n## Testing the Python code\n\n```shell\ndocker run --rm -v \"$PWD\":/var/task:ro,delegated   -v /home/stefan/Private/programmieren/aws/cdk/gradle_uploader/layer-code:/opt:ro,delegated  -e AWS_ACCESS_KEY_ID=XXXXXXXXXX -e AWS_SECRET_ACCESS_KEY=XXXXXXXXXX lambci/lambda:python3.8 gradleUploader.main\n```\n\n## How to use the construct in a stack\n\nHere is an example how to use the construct:\n\n```javascript\nexport class GradleUploaderStack extends Stack {\n  constructor(scope: Construct, id: string) {\n    super(scope, id);\n    new GradleUploader(this, 'TestStack', {\n      mailProperties: { subscribers: ['\u003ce-mail address\u003e'] },\n      slackProperties: {\n        webhook:\n          'https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX',\n      },\n      whitelist: ['CIDR_1', 'CIDR_2'],\n    });\n  }\n}\n\nconst app = new App();\nnew GradleUploaderStack(app, 'TestApp');\napp.synth();\n```\n\n## Links\n\n- [AWS Cloud Development Kit](https://github.com/aws/aws-cdk)\n- [Gradle Homepage](https://gradle.org/)\n- [boto3](https://github.com/boto/boto3)\n- [Slack](https://slack.com/)","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstefanfreitag%2Fgradle_uploader","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fstefanfreitag%2Fgradle_uploader","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstefanfreitag%2Fgradle_uploader/lists"}