Jan 28
3 min read
AWS CICD
The page is all about automating the deployment in AWS
- CodeCommit — storing our code
- CodePipeline — automating our pipeline from code to Elastic Beanstalk
- CodeBuild — building and testing our code
- CodeStar — manage software development activities in one place
- CodeArtifact — store, publish, and share software packages
- CodeGuru — automated code reviews using Machine Learning
Continuous Integration (CI)
- Developer push the code to a code repository often (e.g Github, CodeCommit, Bitbucket…)
- A testing / build server checks the code as soon as it’s pushed (CodeBuild, Jenkins CI, …)
- The developer gets feedbacks about the tests and checks that have passed / failed
- Find bugs early, then fix bugs
- Deliver faster as the code is tested
- Deploy often
- Happier developers, as they are unblocked
Continuous Delivery (CD)
- Ensures that the software can be released reliably whenever needed
- Ensures deployments happen often and are quick
- Shift away from “one release every 3 months” to “5 releases a day”
- That usually means automated deployment
AWS CodeCommit
- Version control is the ability to understand the various changes that happened to the code over time (and possibly roll back)
- All these are enabled by using a version control system such as Git
- A Git repository can be synchronized on your computer, but it usually is uploaded to a central online repository
AWS CodePipeline
- Visual workflow to orchestrate your CICD
- Source — CodeCommit, ECR, S3, Bitbucket, Github
- Build — CodeBuild, Jenkins, CloudBees, TeamCity
- Test — CodeBuild, AWS Device Farm, 3rd party tools,…
- Deploy — CodeDeploy, Elastic Beanstalk, CloudFormation, ECS, S3…
- Consists of stages:
Each stage can have sequential actions and / or parallel actions
Build -> Test -> Deploy -> Load Testing -> …
Manual approval can be defined at any stage
CodePipeline — Artfacts
- Each pipeline stage can create artifacts
- Artifacts stored in an S3 bucket and passed on to the next stage
- Troubleshooting — Use CloudWatch Events (Amazon EventBridge)
You can create events for failed pipelines
You can create events for cancelled stages - If CodePipeline fails a stage, your pipeline stops, and you can get information in the console
- If pipeline can’t perform an action, make sure the “IAM Service Role” attached does have enough IAM permissions (IAM policy)
- AWS CloudTrail can be used to audit AWS API calls
AWS CodeBuild
- A fully managed continuous integration (CI) service
- Continuous scaling (no server to manage or provision — no build queue)
- Compile source code, run tests, produce software packages…
- Alternative to other build tools (e.g Jenkins)
- Changed per minute for compute resources (time it takes to complete the builds)
- Leverages Docker under the hood for reproducible builds
- Use prepackaged Docker images or create your own custom Docker image
- Security:
Integration with KMS for encryption of build artifacts
IAM for CodeBuild permissions, and VPC for network security
AWS CloudTrail for API calls logging
CodeDeploy — appspec.yml
- files — how to source and copy from S3 or Github to filesystem
- hooks — set of instructions to deploy the new version, the order is :
Application Stop
DownloadBundle
BeforeInstall
Install
AfterInstall
ApplicationStart
ValidateService AWS CodeDeploy is a fully managed deployment service that automates software deployments to a variety of compute services such as Amazon EC2, AWS Fargate, AWS Lambda, and your on-premises servers. AWS CodeDeploy makes it easier for you to rapidly release new features, helps you avoid downtime during application deployment, and handles the complexity of updating your applications.
An EC2/On-Premises deployment hook is executed once per deployment to an instance. You can specify one or more scripts to run in a hook.
