Simple GitHub Simulated Shell Build Simulated Deployment AWS CodePipeline Pipeline
Jump to navigation
Jump to search
Internal
Prerequisites
- The example requires a GitHub repository to be available. We'll use https://github.com/ovidiuf/aws-pipeline-source-example.
- The CodeBuild and CodePipeline service roles must be created in advanced and referred from the CloudFormation stack specification by their ARN. I tried creating them as part of the same stack, but I got: "CodeBuild is not authorized to perform: sts:AssumeRole on ...". If they exist when the stack creation is attempted, it works. TODO: try to declare them in the same stack, experiment with dependencies, try to make this work.
Procedure
CodeFormation Stack
The CodePipeline pipeline, the delegate CodeBuild project, and the S3 bucket to keep the artifacts produced by the pipeline will be created as part of one CodeFormation stack:
AWSTemplateFormatVersion: "2010-09-09"
Description: "thalarion - A Simple GitHub - Simulated Shell Build - Simulated Deployment Pipeline Example"
Resources:
BuildBucket:
Type: AWS::S3::Bucket
Properties:
AccessControl: BucketOwnerFullControl
CodeBuildProject:
Type: AWS::CodeBuild::Project
Properties:
Name: !Sub '${AWS::StackName}-build-project'
ServiceRole: arn:aws:iam::777777777777:role/service-role/themyscira-cicd-prerequisites-CodeBuildServiceRole-1D78FK6LAM8ZS
Source:
Type: CODEPIPELINE
BuildSpec: buildspec.yml
Artifacts:
Type: CODEPIPELINE
Environment:
Type: LINUX_CONTAINER
ComputeType: BUILD_GENERAL1_SMALL
Image: 'aws/codebuild/java:openjdk-8'
PrivilegedMode: true
EnvironmentVariables:
- Name: TEST_VARIABLE
Value: test-value
TimeoutInMinutes: 20
Pipeline:
Type: AWS::CodePipeline::Pipeline
Properties:
Name: !Sub '${AWS::StackName}-pipeline'
RoleArn: arn:aws:iam::777777777777:role/service-role/themyscira-cicd-prerequisi-CodePipelineServiceRole-1NUBQ8NUB9IOE
RestartExecutionOnUpdate: true
ArtifactStore:
Type: 'S3'
Location: !Ref BuildBucket
Stages:
- Name: Source
Actions:
- Name: 'github-pull'
ActionTypeId:
Category: Source
Owner: ThirdParty
Version: '1'
Provider: GitHub
Configuration:
Owner: 'ovidiuf'
Repo: 'aws-pipeline-source-example'
Branch: 'master'
OAuthToken: '*****'
InputArtifacts: []
OutputArtifacts:
- Name: ContainerSrc
RunOrder: 1
- Name: Build
Actions:
- Name: 'buildspec-driven-build'
ActionTypeId:
Category: Build
Owner: AWS
Version: '1'
Provider: CodeBuild
InputArtifacts:
- Name: ContainerSrc
OutputArtifacts:
- Name: ContainerBuild
Configuration:
ProjectName: !Ref CodeBuildProject
RunOrder: 1
# - Name: Deploy
# Actions:
# - Name: Deploy
# ActionTypeId:
# Category: Deploy
# Owner: AWS
# Version: '1'
# Provider: CloudFormation
# InputArtifacts:
# - Name: ContainerSrc
# - Name: ContainerBuild
# OutputArtifacts: []
# Configuration:
# StackName: !Join ['-', ["themyscira-deployment", !Sub '${AWS::Region}']]
# ActionMode: CREATE_UPDATE
# Capabilities: CAPABILITY_IAM
# TemplatePath: !Sub ContainerSrc::${SvcTemplate}
# TemplateConfiguration: ContainerBuild::overrides.json
# ParameterOverrides: !Sub '{ "ECRRepository": "${ECRRepository}", "EnvironmentName": "${CFEnvironment}", "Image": "${AWS::AccountId}.dkr.ecr.${AWS::Region}.amazonaws.com/${ECRRepository}", "DeploymentStackName": "${DeploymentStackName}", "GitHubRepo": "${GitHubRepositoryName}" }'
# RoleArn:
# Fn::ImportValue: !Sub '${AWS::Region}-CloudFormationDeploymentRole'
# RunOrder: 1