From 886f99c9caac0695c7efc81ccf2a627c74509582 Mon Sep 17 00:00:00 2001
From: Vedant Singhania <84050036+vedant-singhania@users.noreply.github.com>
Date: Tue, 15 Aug 2023 13:12:18 -0700
Subject: [PATCH] Add Codestar Connection source

Replace CodeCommit with Codestar Connection for Github-CodePipeline connector.
---
 customizations-for-aws-control-tower.template | 57 ++++++++++++++-----
 1 file changed, 44 insertions(+), 13 deletions(-)

diff --git a/customizations-for-aws-control-tower.template b/customizations-for-aws-control-tower.template
index e26ac31..a9eebc3 100644
--- a/customizations-for-aws-control-tower.template
+++ b/customizations-for-aws-control-tower.template
@@ -31,18 +31,19 @@ Parameters:
     Description: Which AWS CodePipeline source provider do you want to select?
     AllowedValues:
       - 'Amazon S3'
+      - 'GitHub'
+      - 'GitHubEnterpriseServer'
       - 'AWS CodeCommit'
     Default: 'Amazon S3'
     Type: String
 
-  CodeCommitRepositoryName:
-    Description: Name of the CodeCommit repository that contains custom Control Tower configuration. The suffix .git is prohibited.
-    Default: custom-control-tower-configuration
+  GitRepositoryName:
+    Description: Name of the Git repository that contains custom Control Tower configuration. The suffix .git is prohibited.
+    Default: vedant-singhania/CfCT-test
     Type: String
-    AllowedPattern: ^[\w\.-]+
 
-  CodeCommitBranchName:
-    Description: Name of the branch in CodeCommit repository that contains custom Control Tower configuration.
+  GitBranchName:
+    Description: Name of the branch in Git repository that contains custom Control Tower configuration.
     Default: main
     Type: String
 
@@ -90,9 +91,11 @@ Metadata:
       - PipelineApprovalEmail
       - CodePipelineSource
     - Label:
-        default: AWS CodeCommit Setup (Applicable if 'AWS CodeCommit' was selected as the CodePipeline Source)
+        default: Source Setup (Applicable if 'AWS CodeCommit' was selected as the CodePipeline Source)
       Parameters:
       - ExistingRepository
+      - GitRepositoryName
+      - GitBranchName
       - CodeCommitRepositoryName
       - CodeCommitBranchName
     - Label:
@@ -111,6 +114,10 @@ Metadata:
         default: AWS CodePipeline Source
       ExistingRepository:
         default: Existing CodeCommit Repository?
+      GitRepositoryName:
+        default: Git Repository Name
+      GitBranchName:
+        default: Git Branch Name
       CodeCommitRepositoryName:
         default: CodeCommit Repository Name
       CodeCommitBranchName:
@@ -162,6 +169,7 @@ Conditions:
   IsPipelineApprovalStageCondition: !Equals [!Ref PipelineApprovalStage, 'Yes']
   IsBuildCustomControlTowerCondition: !Equals [!FindInMap [AutoBuild, CustomControlTower, Flag], 'Yes']
   IsCodeCommitPipelineSource: !Equals [!Ref CodePipelineSource, 'AWS CodeCommit']
+  IsGit: !Or [!Equals [!Ref CodePipelineSource, 'GitHub'], !Equals [!Ref CodePipelineSource, 'GitHubEnterpriseServer']]
   IsS3PipelineSource: !Equals [!Ref CodePipelineSource, "Amazon S3"]
   IsExistingRepository: !Equals [!Ref ExistingRepository, 'Yes']
   IsNewCodeCommitRepository: !And [!Not [!Condition IsExistingRepository], !Condition IsCodeCommitPipelineSource]
@@ -414,6 +422,20 @@ Resources:
                     - "sns:Publish"
                   Resource: !Ref PipelineApprovalTopic
                 - !Ref AWS::NoValue
+              - !If
+                - IsGit
+                - Effect: "Allow"
+                  Action:
+                    - "codestar-connections:UseConnection"
+                  Resource: !Ref GitConnection
+                - !Ref AWS::NoValue
+  
+  GitConnection:
+    Type: AWS::CodeStarConnections::Connection
+    Condition: IsGit
+    Properties:
+      ConnectionName: Git-Customizations-Connection
+      ProviderType: !Ref CodePipelineSource
 
   CustomControlTowerCodePipeline:
     Type: AWS::CodePipeline::Pipeline
@@ -429,11 +451,11 @@ Resources:
             - Name: Source
               ActionTypeId:
                 !If
-                  - IsCodeCommitPipelineSource
+                  - IsGit
                   - Category: Source
                     Owner: AWS
                     Version: "1"
-                    Provider: CodeCommit
+                    Provider: CodeStarSourceConnection
                   - Category: Source
                     Owner: AWS
                     Version: "1"
@@ -442,10 +464,12 @@ Resources:
                 - Name: SourceApp
               Configuration:
                 !If
-                  - IsCodeCommitPipelineSource
-                  - RepositoryName: !Ref CodeCommitRepositoryName
-                    BranchName: !Ref CodeCommitBranchName
-                    PollForSourceChanges: false
+                  - IsGit
+                  - ConnectionArn: !Ref GitConnection
+                    FullRepositoryId: !Ref GitRepositoryName
+                    BranchName: !Ref GitBranchName
+                    DetectChanges: true
+                    OutputArtifactFormat: "CODEBUILD_CLONE_REF"
                   - S3Bucket: !Ref CustomControlTowerPipelineS3Bucket
                     S3ObjectKey: !FindInMap [BucketConfiguration, CustomControlTowerPipelineS3TriggerKey, Name]
                     PollForSourceChanges: false
@@ -559,6 +583,13 @@ Resources:
                 Action:
                   - ssm:DescribeParameters
                 Resource: '*' # The APIs above only support '*' resource.
+              - !If
+                - IsGit
+                - Effect: "Allow"
+                  Action:
+                    - "codestar-connections:UseConnection"
+                  Resource: !Ref GitConnection
+                - !Ref AWS::NoValue
 
   CustomControlTowerCodeBuild:
       Type: AWS::CodeBuild::Project