go/microservices
1
0
Fork 0
mirror of https://github.com/ebosas/microservices.git synced 2025-07-12 22:41:13 +02:00
Code Issues Releases Activity

Test CodeStar connection

Browse Source
This commit is contained in:
ebosas
2021-11-11 20:37:10 +02:00
parent 87fc0ea62e
commit 36c0f27c24
4 changed files with 110 additions and 257 deletions
Download Patch File Download Diff File Expand all files Collapse all files

332
deployments/pipeline-infrastructure.yml
View File

@ -31,51 +31,6 @@ Resources:
# DeletionPolicy: Retain
# UpdateReplacePolicy: Retain
# # A role used to give CodeBuild permission to access code,
# # build it, and upload the build results to ECR
# CodeBuildServiceRole:
# Type: AWS::IAM::Role
# Properties:
# Path: /
# AssumeRolePolicyDocument:
# Version: 2012-10-17
# Statement:
# - Effect: Allow
# Principal:
# Service: codebuild.amazonaws.com
# Action: sts:AssumeRole
# Policies:
# - PolicyName: root
# PolicyDocument:
# Version: 2012-10-17
# Statement:
# - Resource: "*"
# Effect: Allow
# Action:
# - logs:CreateLogGroup
# - logs:CreateLogStream
# - logs:PutLogEvents
# - ecr:GetAuthorizationToken
# - Resource: !Sub arn:aws:s3:::${ArtifactBucket}/*
# Effect: Allow
# Action:
# - s3:GetObject
# - s3:PutObject
# - s3:GetObjectVersion
# - Resource:
# - !Sub arn:aws:ecr:${AWS::Region}:${AWS::AccountId}:repository/${ServerRepository}
# - !Sub arn:aws:ecr:${AWS::Region}:${AWS::AccountId}:repository/${CacheRepository}
# - !Sub arn:aws:ecr:${AWS::Region}:${AWS::AccountId}:repository/${DatabaseRepository}
# Effect: Allow
# Action:
# - ecr:GetDownloadUrlForLayer
# - ecr:BatchGetImage
# - ecr:BatchCheckLayerAvailability
# - ecr:PutImage
# - ecr:InitiateLayerUpload
# - ecr:UploadLayerPart
# - ecr:CompleteLayerUpload
# Role used to give CodePipeline to release a build.
CodePipelineServiceRole:
Type: AWS::IAM::Role
@ -123,6 +78,13 @@ Resources:
- cloudformation:ValidateTemplate
- cloudformation:ExecuteChangeSet
Resource: "*"
# Allow codepipeline use codestar connections
- Effect: Allow
Action:
- codestar-connections:GetConnection
- codestar-connections:UseConnection
- codestar-connections:ListConnections
Resource: "*"
# CloudFormation deployment role. This role is passed by CodeBuild to
# CloudFormation to use when setting up the application resources
@ -165,58 +127,26 @@ Resources:
Properties:
BucketName: !Sub microservices-infrastructure-${AWS::AccountId}
# # This is the definition of how to build the code in the repository
# CodeBuildProject:
# Type: AWS::CodeBuild::Project
# Properties:
# Artifacts:
# Type: CODEPIPELINE
# Source:
# Type: CODEPIPELINE
# BuildSpec: |
# version: 0.2
# phases:
# pre_build:
# commands:
# - aws ecr get-login-password --region $AWS_DEFAULT_REGION | docker login --username AWS --password-stdin $AWS_ACCOUNT_ID.dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com
# - TAG=$(echo $CODEBUILD_RESOLVED_SOURCE_VERSION | head -c 8)
# - IMAGE_SERVER_URI=$REPO_SERVER_URI:$TAG
# - IMAGE_CACHE_URI=$REPO_CACHE_URI:$TAG
# - IMAGE_DB_URI=$REPO_DB_URI:$TAG
# build:
# commands:
# - docker build -t $IMAGE_SERVER_URI -f server.Dockerfile .
# - docker build -t $IMAGE_CACHE_URI -f cache.Dockerfile .
# - docker build -t $IMAGE_DB_URI -f database.Dockerfile .
# post_build:
# commands:
# - docker push $IMAGE_SERVER_URI
# - docker push $IMAGE_CACHE_URI
# - docker push $IMAGE_DB_URI
# - printf '{"ImageServerUri":"%s", "ImageCacheUri":"%s", "ImageDatabaseUri":"%s"}' $IMAGE_SERVER_URI $IMAGE_CACHE_URI $IMAGE_DB_URI > build.json
# artifacts:
# files: build.json
# Environment:
# ComputeType: BUILD_GENERAL1_SMALL
# Image: aws/codebuild/standard:5.0
# Type: LINUX_CONTAINER
# PrivilegedMode: true
# ServiceRole: !Ref CodeBuildServiceRole
# A Webhook for the pipeline which is set for manual action only
PipelineWebhook:
Type: AWS::CodePipeline::Webhook
CodeStarConnection:
Type: AWS::CodeStarConnections::Connection
Properties:
AuthenticationConfiguration:
SecretToken: !Ref GitHubToken
Filters:
- JsonPath: "$.ref"
MatchEquals: refs/heads/{Branch}
Authentication: GITHUB_HMAC
TargetPipeline: !Ref Pipeline
TargetAction: Source
TargetPipelineVersion: !GetAtt Pipeline.Version
RegisterWithThirdParty: false # only manual action
ConnectionName: MyGitHubConnection
ProviderType: GitHub
# # A Webhook for the pipeline which is set for manual action only
# PipelineWebhook:
# Type: AWS::CodePipeline::Webhook
# Properties:
# AuthenticationConfiguration:
# SecretToken: !Ref GitHubToken
# Filters:
# - JsonPath: "$.ref"
# MatchEquals: refs/heads/{Branch}
# Authentication: GITHUB_HMAC
# TargetPipeline: !Ref Pipeline
# TargetAction: Source
# TargetPipelineVersion: !GetAtt Pipeline.Version
# RegisterWithThirdParty: false # only manual action
# This pipeline defines the steps to build, deploy, and release the application
Pipeline:
@ -234,18 +164,32 @@ Resources:
- Name: Source
ActionTypeId:
Category: Source
Owner: ThirdParty
Owner: AWS
Version: 1
Provider: GitHub
Provider: CodeStarSourceConnection
Configuration:
Owner: !Ref GitHubUser
Repo: !Ref GitHubRepo
Branch: !Ref GitHubBranch
OAuthToken: !Ref GitHubToken
PollForSourceChanges: false
ConnectionArn: !Ref CodeStarConnection
BranchName: !Ref GitHubBranch
FullRepositoryId: !Sub ${GitHubUser}/${GitHubRepo}
# PollForSourceChanges: false
OutputArtifacts:
- Name: Source
RunOrder: 1
# - Name: Source
# ActionTypeId:
# Category: Source
# Owner: ThirdParty
# Version: 1
# Provider: GitHub
# Configuration:
# Owner: !Ref GitHubUser
# Repo: !Ref GitHubRepo
# Branch: !Ref GitHubBranch
# OAuthToken: !Ref GitHubToken
# PollForSourceChanges: false
# OutputArtifacts:
# - Name: Source
# RunOrder: 1
# Now we deploy the network resources: VPC, subnets, etc.
- Name: Network
@ -271,126 +215,34 @@ Resources:
OutputArtifacts:
- Name: Network
# Deploy the base resources: databases, the load balancer,
# and the ECS/Fargate cluster
- Name: BaseResources
Actions:
# Deploy the resources: Rabbit, Redis, and Postgres
- Name: DeployResources
ActionTypeId:
Category: Deploy
Owner: AWS
Version: 1
Provider: CloudFormation
Configuration:
ActionMode: CREATE_UPDATE
RoleArn: !GetAtt CloudFormationDeployRole.Arn
StackName: !Sub ${EnvironmentName}-Resources
TemplatePath: Source::deployments/resources.yml
Capabilities: CAPABILITY_IAM
ParameterOverrides: !Sub |
{
"EnvironmentName": "${EnvironmentName}"
}
InputArtifacts:
- Name: Source
OutputArtifacts:
- Name: Resources
# Deploy the application load balancer
- Name: DeployLoadBalancer
ActionTypeId:
Category: Deploy
Owner: AWS
Version: 1
Provider: CloudFormation
Configuration:
ActionMode: CREATE_UPDATE
RoleArn: !GetAtt CloudFormationDeployRole.Arn
StackName: !Sub ${EnvironmentName}-LoadBalancer
TemplatePath: Source::deployments/alb.yml
Capabilities: CAPABILITY_IAM
ParameterOverrides: !Sub |
{
"EnvironmentName": "${EnvironmentName}"
}
InputArtifacts:
- Name: Source
OutputArtifacts:
- Name: LoadBalancer
# Deploy the ECS/Fargate cluster
- Name: DeployCluster
ActionTypeId:
Category: Deploy
Owner: AWS
Version: 1
Provider: CloudFormation
Configuration:
ActionMode: CREATE_UPDATE
RoleArn: !GetAtt CloudFormationDeployRole.Arn
StackName: !Sub ${EnvironmentName}-Cluster
TemplatePath: !Sub Source::deployments/cluster-${DeploymentType}.yml
Capabilities: CAPABILITY_IAM
ParameterOverrides: !Sub |
{
"EnvironmentName": "${EnvironmentName}"
}
InputArtifacts:
- Name: Source
OutputArtifacts:
- Name: Cluster
# # Now we build the service images
# - Name: ServiceImages
# # Deploy the base resources: databases, the load balancer,
# # and the ECS/Fargate cluster
# - Name: BaseResources
# Actions:
# - Name: Build
# # Deploy the resources: Rabbit, Redis, and Postgres
# - Name: DeployResources
# ActionTypeId:
# Category: Build
# Category: Deploy
# Owner: AWS
# Version: 1
# Provider: CodeBuild
# Provider: CloudFormation
# Configuration:
# ProjectName: !Ref CodeBuildProject
# EnvironmentVariables: !Sub |
# [
# {
# "name":"AWS_DEFAULT_REGION",
# "value":"${AWS::Region}",
# "type":"PLAINTEXT"
# },
# {
# "name":"AWS_ACCOUNT_ID",
# "value":"${AWS::AccountId}",
# "type":"PLAINTEXT"
# },
# {
# "name":"REPO_SERVER_URI",
# "value":"${ServerRepository.RepositoryUri}",
# "type":"PLAINTEXT"
# },
# {
# "name":"REPO_CACHE_URI",
# "value":"${CacheRepository.RepositoryUri}",
# "type":"PLAINTEXT"
# },
# {
# "name":"REPO_DB_URI",
# "value":"${DatabaseRepository.RepositoryUri}",
# "type":"PLAINTEXT"
# }
# ]
# ActionMode: CREATE_UPDATE
# RoleArn: !GetAtt CloudFormationDeployRole.Arn
# StackName: !Sub ${EnvironmentName}-Resources
# TemplatePath: Source::deployments/resources.yml
# Capabilities: CAPABILITY_IAM
# ParameterOverrides: !Sub |
# {
# "EnvironmentName": "${EnvironmentName}"
# }
# InputArtifacts:
# - Name: Source
# OutputArtifacts:
# - Name: BuildOutput
# RunOrder: 1
# - Name: Resources
# # Finally we deploy the ECS/Fargate services to the cluster
# - Name: Deploy
# Actions:
# # Deploy the server service
# - Name: DeployServer
# # Deploy the application load balancer
# - Name: DeployLoadBalancer
# ActionTypeId:
# Category: Deploy
# Owner: AWS
@ -399,22 +251,20 @@ Resources:
# Configuration:
# ActionMode: CREATE_UPDATE
# RoleArn: !GetAtt CloudFormationDeployRole.Arn
# StackName: !Sub ${EnvironmentName}-ServerService
# TemplatePath: !Sub Source::deployments/services-${DeploymentType}/server.yml
# StackName: !Sub ${EnvironmentName}-LoadBalancer
# TemplatePath: Source::deployments/alb.yml
# Capabilities: CAPABILITY_IAM
# ParameterOverrides: !Sub |
# {
# "EnvironmentName": "${EnvironmentName}",
# "ImageUrl": {
# "Fn::GetParam" : ["BuildOutput", "build.json", "ImageServerUri"]
# }
# "EnvironmentName": "${EnvironmentName}"
# }
# InputArtifacts:
# - Name: Source
# - Name: BuildOutput
# OutputArtifacts:
# - Name: LoadBalancer
# # Deploy the cache service
# - Name: DeployCache
# # Deploy the ECS/Fargate cluster
# - Name: DeployCluster
# ActionTypeId:
# Category: Deploy
# Owner: AWS
@ -423,43 +273,17 @@ Resources:
# Configuration:
# ActionMode: CREATE_UPDATE
# RoleArn: !GetAtt CloudFormationDeployRole.Arn
# StackName: !Sub ${EnvironmentName}-CacheService
# TemplatePath: !Sub Source::deployments/services-${DeploymentType}/cache.yml
# StackName: !Sub ${EnvironmentName}-Cluster
# TemplatePath: !Sub Source::deployments/cluster-${DeploymentType}.yml
# Capabilities: CAPABILITY_IAM
# ParameterOverrides: !Sub |
# {
# "EnvironmentName": "${EnvironmentName}",
# "ImageUrl": {
# "Fn::GetParam" : ["BuildOutput", "build.json", "ImageCacheUri"]
# }
# "EnvironmentName": "${EnvironmentName}"
# }
# InputArtifacts:
# - Name: Source
# - Name: BuildOutput
# # Deploy the database service
# - Name: DeployDatabase
# ActionTypeId:
# Category: Deploy
# Owner: AWS
# Version: 1
# Provider: CloudFormation
# Configuration:
# ActionMode: CREATE_UPDATE
# RoleArn: !GetAtt CloudFormationDeployRole.Arn
# StackName: !Sub ${EnvironmentName}-DatabaseService
# TemplatePath: !Sub Source::deployments/services-${DeploymentType}/database.yml
# Capabilities: CAPABILITY_IAM
# ParameterOverrides: !Sub |
# {
# "EnvironmentName": "${EnvironmentName}",
# "ImageUrl": {
# "Fn::GetParam" : ["BuildOutput", "build.json", "ImageDatabaseUri"]
# }
# }
# InputArtifacts:
# - Name: Source
# - Name: BuildOutput
# OutputArtifacts:
# - Name: Cluster
Outputs:
PipelineUrl:

6
deployments/pipeline-new.yml
View File

@ -188,7 +188,7 @@ Resources:
Configuration:
ActionMode: CREATE_UPDATE
RoleArn: !GetAtt CloudFormationDeployRole.Arn
StackName: !Sub ${EnvironmentName}-Server
StackName: !Sub ${EnvironmentName}-Service-Server
TemplatePath: !Sub Source::deployments/services-${DeploymentType}/server.yml
Capabilities: CAPABILITY_IAM
ParameterOverrides: !Sub |
@ -209,7 +209,7 @@ Resources:
Configuration:
ActionMode: CREATE_UPDATE
RoleArn: !GetAtt CloudFormationDeployRole.Arn
StackName: !Sub ${EnvironmentName}-Cache
StackName: !Sub ${EnvironmentName}-Service-Cache
TemplatePath: !Sub Source::deployments/services-${DeploymentType}/cache.yml
Capabilities: CAPABILITY_IAM
ParameterOverrides: !Sub |
@ -230,7 +230,7 @@ Resources:
Configuration:
ActionMode: CREATE_UPDATE
RoleArn: !GetAtt CloudFormationDeployRole.Arn
StackName: !Sub ${EnvironmentName}-Database
StackName: !Sub ${EnvironmentName}-Service-Database
TemplatePath: !Sub Source::deployments/services-${DeploymentType}/database.yml
Capabilities: CAPABILITY_IAM
ParameterOverrides: !Sub |

4
deployments/pipeline-service.yml
View File

@ -193,6 +193,10 @@ Resources:
ClusterName:
Fn::ImportValue: !Sub ${EnvironmentName}:ClusterName
ServiceName: !Ref ServiceName
# Needs imagedefinitions.json but ECR produces imageDetail.json.
# Need a build stage to build images or transform imageDetail.json
# as described here: https://stackoverflow.com/a/57015190
# Or use blue/green deployment
FileName: imageDetail.json
InputArtifacts:
- Name: Image

25
deployments/test.yml Normal file
View File

@ -0,0 +1,25 @@
# Parameters:
# GitHubRepo:
# Type: String
# GitHubBranch:
# Type: String
# GitHubToken:
# Type: String
# NoEcho: true
# GitHubUser:
# Type: String
# EnvironmentName:
# Type: String
# Default: production
# DeploymentType:
# Type: String
# Default: fargate
# AllowedValues: [ecs, fargate]
Resources:
CodeStarConnection:
Type: AWS::CodeStarConnections::Connection
Properties:
ConnectionName: MyGitHubConnection
ProviderType: GitHub