Simple GitHub Simulated Shell Build Simulated Deployment AWS CodePipeline Pipeline
Internal
Overview
This article documents an example of a simple pipeline that is created with a CloudFormation template, reads code from a GitHub repository, applies a trivial "build" transformation and "deploys" the final artifacts via a CloudFormation project-embedded stack.
Example
Prerequisites
- The example requires a GitHub repository to be available. We'll use https://github.com/ovidiuf/aws-pipeline-source-example. The repository contains buildspec metadata, that drives the build, and a CloudFormation deployment-stack.yml stack template, which will drive the deployment.
- The CodeBuild, CodePipeline and CloudFormation service roles, required by the build service, which performs the build, the CloudFormation service, which performs the deployment, and CodePipeline service, which drives both of them, must be created in advanced and referred from the CloudFormation pipeline stack specification by their ARN, or by reference. I tried creating them as part of the same stack, but I got: "CodeBuild is not authorized to perform: sts:AssumeRole on ...". If they exist when the stack creation is attempted, it works. TODO: try to declare them in the same stack, experiment with dependencies, try to make this work.. An auxiliary CloudFormation stack that creates those roles is available here:
aws cloudformation create-stack \
--capabilities CAPABILITY_NAMED_IAM \
--stack-name thalarion-release-pipeline-prerequisites \
--template-body file://./thalarion-release-pipeline-prerequisites.yml
Procedure
CodeFormation Release Pipeline Stack
The CodePipeline pipeline, the delegate CodeBuild project, the S3 bucket to keep the artifacts produced by the pipeline and the ECR repository that will hold images produced by the project will be created as part of one CodeFormation stack:
aws cloudformation create-stack \
--stack-name thalarion-release-pipeline \
--template-body file://.thalarion-release-pipeline.yml
--parameters ParameterKey=GitHubPersonalAccessCode,ParameterValue=...
Buildspec
The GitHub repository should expose a builspec.yml in root. A simple example is available here:
aws-release-pipeline example:
CloudFormation Deployment Stack Template
aws-release-pipeline example:
The GitHub repository should expose a CloudFormation deployment stack template, which will be used by CloudFormation in the "deploy" stage of the pipeline to perform the deployment. This is a simple example:
AWSTemplateFormatVersion: '2010-09-09'
Description: "CloudFormation deployment template, will drive the deployment as part of this project's release pipeline."
Parameters:
#
# these must be set in the deployment stack configuration file, produced by a prior pipeline step, or by the "ParameterOverrides" configuration.
#
BuildBucket:
Type: String
MyConfigurationParameterA:
Type: String
MyConfigurationParameterB:
Type: String
Resources:
ServiceLogGroup:
Type: AWS::Logs::LogGroup
Properties:
LogGroupName: !Sub '/playground/${MyConfigurationParameterA}-${MyConfigurationParameterB}'
RetentionInDays: 1