CircleCI Support for Application Pipline

[james-crowley]

Adding support for CircleCI the application pipeline. This implementation follows closely with what AWS Code Catalyst application pipeline did. It utilizes the same sample application, fruit-api, and generally follows the CI/CD jobs.

Some additions and enhancements were made:

• Trivy is still used but has been ported over from the GHA to CircleCI's orb ecosystem
• GitGuardian was added to add another layer of secrets detection if a user bypassed local pre-commit checks
• Caching is implemented for Maven
• Persisting only needed files from the package stage instead of entire files system for more efficient usage
• OpenID connect is used to authenticate and assume a role with AWS. This provides a short lived session between CircleCI and AWS without requiring specialized roles or long lived tokens
• Generate SBOM at the time of building the application vs generating the SBOM separately
• Does not persist files from the synth job as CDK will run a synth again at the time of deployment
• Caching implemented for NPM in synth job
• Updated pipeline diagram to accurately showcase the deployment to AWS regions
• Implemented manual approval job before deploying to production
• Implemented branch based filtering to give faster feedback to developers

The code is self contained in the examples/circleci-application-pipeline folder. Deleted unused .cloud9 config and .codecatalyst folders. All other files from examples/codecatalyst-application-pipeline remain unmodified.

In addition to the new circleci-application-pipeline, there are some documentation additions in the docs/application-pipeline folder. Those being:

• ri-circleci-pipeline.md
• ri-circleci-pipeline-architecture.drawio
• assets/ri-circleci-pipeline.png
• assets/circleci-manual-approval.png
• assets/circleci-unit-test-report.png

CC: @nitin4613 & @eddiewebb