AWS CodePipeline Concepts: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
Line 32: Line 32:
Specifies a [[Amazon_AWS_Security_Concepts#AWS_Service_Role|service role]] that allows the codepipeline service to execute various actions required by pipeline operations.
Specifies a [[Amazon_AWS_Security_Concepts#AWS_Service_Role|service role]] that allows the codepipeline service to execute various actions required by pipeline operations.
====ArtifactStore====
====ArtifactStore====
Typically, an Amazon S3 bucket to store code pipeline artifacts.


=Stage=
=Stage=

Revision as of 03:16, 15 March 2019

External

Internal

CodePipeline as AWS Service

CodePipeline is an AWS service, named "codepipeline.amazonaws.com".

Pipeline

Pipeline Structure

Created the following CloudFormation sequence:

Resources:
  Pipeline:
    Type: AWS::CodePipeline::Pipeline
    Properties:
      RoleArn: 'arn:aws:iam::777777777777:role/CodePipelineServiceRole-1'
      ArtifactStore
      ...
  Stages:
    ...

Required configuration properties are:

RoleArn

Specifies a service role that allows the codepipeline service to execute various actions required by pipeline operations.

ArtifactStore

Typically, an Amazon S3 bucket to store code pipeline artifacts.

Stage

Action

An action is a task performed on an artifact, executed as part of the sequence in the stage of a pipeline. The action may occur in a specified order, or in parallel, depending on their configuration.

Syntactic and semantic details about actions can be found in:

ActionDeclaration

Action Provider

Action Specification

Action Name

An action name must match the regular expression pattern: [A-Za-z0-9.@\-_]+ Cannot contain spaces.

Action Type ID

ActionTypeId

Input Artifacts

InputArtifact

Output Artifacts

Configuration

Run Order

Action Types

Currently, six types of actions are supported:

Custom actions can also be developed.

Source

Source Action Integrations
Resources:
  MyPipeline:
    Type: AWS::CodePipeline::Pipeline
    Properties:
      ...
      Stages:
        - Name: Source
          Actions:
          - Name: !Sub 'source-action-${GitHubRepositoryName}-${Branch}'
            ActionTypeId:
              Category: Source
              Owner: ThirdParty
              Version: '1'
              Provider: GitHub
            InputArtifacts: []
            OutputArtifacts:
            - Name: ContainerSrc
            Configuration:
              Owner: 'novaordis-llc'
              Repo: !Ref GitHubRepositoryName
              Branch: !Ref Branch
              OAuthToken: ...
            RunOrder: 1

GitHub Authentication

GitHub Authentication for AWS CodePipeline

Build

External

CodeBuild can be added as a build action to the build stage of the pipeline. Existing build projects can be used, or new ones can be created in the CodePipeline console.

Resources:
  MyPipeline:
    Type: AWS::CodePipeline::Pipeline
    Properties:
      ...
      Stages:
        ...
        - Name: Build
          Actions:
          - Name: !Sub 'CodeBuild build driven by ${Buildspec}'
            ActionTypeId:
              Category: Build
              Owner: AWS
              Version: '1'
              Provider: CodeBuild
            InputArtifacts:
              - Name: ContainerSrc
            OutputArtifacts:
              - Name: ContainerBuild
            Configuration:
              ProjectName: !Ref CodeBuildProject
            RunOrder: 1

CodePipeline-Driven CodeBuild Builds

CodePipeline-Driven CodeBuild Builds

Test

Deploy

Resources:
  MyPipeline:
    Type: AWS::CodePipeline::Pipeline
    Properties:
      ...
      Stages:
        ...
        - Name: Deploy
          Actions:
            - Name: Deploy
              ActionTypeId:
                Category: Deploy
                Owner: AWS
                Version: '1'
                Provider: CloudFormation
              InputArtifacts:
                - Name: ContainerSrc
                - Name: ContainerBuild
              Configuration:
                StackName: !Join ['-', [!Sub '${AWS::Region}', !Join ['-', !Split ['.', !Ref GitHubRepositoryName]], 'deploy']]
                ActionMode: CREATE_UPDATE
                Capabilities: CAPABILITY_IAM
                TemplatePath: !Sub ContainerSrc::${SvcTemplate}
                TemplateConfiguration: ContainerBuild::overrides.json
                ParameterOverrides: !Sub '{ "ECRRepository": "${ECRRepository}", "EnvironmentName": "${CFEnvironment}", "Image": "${AWS::AccountId}.dkr.ecr.${AWS::Region}.amazonaws.com/${ECRRepository}", "DeploymentStackName": "${DeploymentStackName}", "GitHubRepo": "${GitHubRepositoryName}" }'
                RoleArn:
                  Fn::ImportValue: !Sub '${AWS::Region}-CloudFormationDeploymentRole'
              OutputArtifacts: []
              RunOrder: 1

Notes to organize:

  • The parameters specified in the "ParameterOverrides" must match with the sub-template parameters.
  • If "override.json" is declared as "TemplateConfiguration" and the previous build task does not create the override.json file, the deployment stage will fail with an S3 error.

Approval

Invoke

Custom Action