Create S3 trigger

2025-08-24 20:08:55 +02:00 · 2021-11-12 08:11:53 +02:00
parent 61fee08c26
commit e634075078
3 changed files with 58 additions and 53 deletions
--- a/deployments/buildspec/service.yml
+++ b/deployments/buildspec/service.yml
@@ -14,5 +14,4 @@ phases:
      - docker push $REPO_URI:latest
      - docker push $REPO_URI:$TAG
      - printf '[{"name":"%s","imageUri":"%s"}]' $SERVICE $REPO_URI:$TAG > imagedefinitions.json
-artifacts:
-    files: imagedefinitions.json
+      - aws s3 cp imagedefinitions.json s3://$ARTIFACT_BUCKET/$SERVICE/imagedefinitions.json
--- a/deployments/pipeline-new.yml
+++ b/deployments/pipeline-new.yml
@@ -25,6 +25,8 @@ Resources:
    Type: AWS::S3::Bucket
    Properties:
      BucketName: !Sub microservices-${EnvironmentName}-${AWS::AccountId}
+      VersioningConfiguration: 
+        Status: Enabled

  #-----------------------------------------------------------------------------#
  # Source Credentials (for CodeBuild)
@@ -430,6 +432,7 @@ Resources:
                  - "ecr:*"
                  - "codepipeline:*"
                  - "events:*"
+                  - "ecs:*"
                Resource: "*"

  #-----------------------------------------------------------------------------#
--- a/deployments/pipeline-service.yml
+++ b/deployments/pipeline-service.yml
@@ -73,9 +73,11 @@ Resources:
          - Name: AWS_ACCOUNT_ID
            Value: !Sub ${AWS::AccountId}
          - Name: SERVICE
-            Value: server
+            Value: !Ref ServiceName
          - Name: REPO_URI
            Value: !Sub ${Repository.RepositoryUri}
+          - Name: ARTIFACT_BUCKET
+            Value: !Ref ArtifactBucket
      Triggers:
        Webhook: true
        FilterGroups:
@@ -103,22 +105,23 @@ Resources:
  #-----------------------------------------------------------------------------#
  # CodePipeline
  #-----------------------------------------------------------------------------#
-  # CloudWatchEventRule:
-  #   Type: AWS::Events::Rule
-  #   Properties:
-  #     EventPattern:
-  #       detail:
-  #         action-type: [PUSH]
-  #         image-tag: [latest]
-  #         repository-name: [!Ref Repository]
-  #         result: [SUCCESS]
-  #       detail-type: [ECR Image Action]
-  #       source: [aws.ecr]
-  #     Targets:
-  #       - Arn: !Sub arn:aws:codepipeline:${AWS::Region}:${AWS::AccountId}:${Pipeline}
-  #         RoleArn: !GetAtt CloudWatchEventRole.Arn
-  #         Id: server-pipeline
-  
+  CloudWatchEventRule:
+    Type: AWS::Events::Rule
+    Properties:
+      EventPattern:
+        detail:
+          eventSource: [s3.amazonaws.com]
+          eventName: [PutObject]
+          requestParameters:
+            bucketName: [!Ref ArtifactBucket]
+            key:
+              - !Sub ${ServiceName}/imagedefinitions.json
+        detail-type: [AWS API Call via CloudTrail]
+        source: [aws.s3]
+      Targets:
+        - Arn: !Sub arn:aws:codepipeline:${AWS::Region}:${AWS::AccountId}:${Pipeline}
+          RoleArn: !GetAtt CloudWatchEventRole.Arn
+          Id: server-pipeline

  PipelineWebhook: 
    Type: AWS::CodePipeline::Webhook
@@ -163,6 +166,21 @@ Resources:
            #     - Name: Image
            #   RunOrder: 1

+            - Name: Image
+              Namespace: ImageVariables
+              ActionTypeId:
+                Category: Source
+                Owner: AWS
+                Version: 1
+                Provider: S3
+              Configuration:
+                S3Bucket: !Ref ArtifactBucket
+                S3ObjectKey: !Sub ${ServiceName}/imagedefinitions.json
+                PollForSourceChanges: false
+              OutputArtifacts:
+                - Name: Image
+              RunOrder: 1
+
            - Name: Code
              ActionTypeId:
                Category: Source
@@ -179,21 +197,6 @@ Resources:
                - Name: Code
              RunOrder: 1

-        - Name: Build
-          Actions:
-            - Name: Build
-              ActionTypeId:
-                Category: Build
-                Owner: AWS
-                Version: 1
-                Provider: CodeBuild
-              Configuration:
-                ProjectName: !Ref CodeBuildProject
-              InputArtifacts:
-                - Name: Code
-              OutputArtifacts:
-                - Name: Image
-
        #-----------------------------------------------------------------------------#
        # Deploy
        #-----------------------------------------------------------------------------#
@@ -286,25 +289,25 @@ Resources:
  #-----------------------------------------------------------------------------#
  # Role for CloudWatch service
  #-----------------------------------------------------------------------------#
-  # CloudWatchEventRole:
-  #   Type: AWS::IAM::Role
-  #   Properties:
-  #     Path: /
-  #     AssumeRolePolicyDocument:
-  #       Version: 2012-10-17
-  #       Statement:
-  #         - Effect: Allow
-  #           Principal:
-  #             Service: events.amazonaws.com
-  #           Action: sts:AssumeRole
-  #     Policies:
-  #       - PolicyName: cwe-pipeline-execution
-  #         PolicyDocument:
-  #           Version: 2012-10-17
-  #           Statement:
-  #             - Effect: Allow
-  #               Action: codepipeline:StartPipelineExecution
-  #               Resource: !Sub arn:aws:codepipeline:${AWS::Region}:${AWS::AccountId}:${Pipeline}
+  CloudWatchEventRole:
+    Type: AWS::IAM::Role
+    Properties:
+      Path: /
+      AssumeRolePolicyDocument:
+        Version: 2012-10-17
+        Statement:
+          - Effect: Allow
+            Principal:
+              Service: events.amazonaws.com
+            Action: sts:AssumeRole
+      Policies:
+        - PolicyName: cwe-pipeline-execution
+          PolicyDocument:
+            Version: 2012-10-17
+            Statement:
+              - Effect: Allow
+                Action: codepipeline:StartPipelineExecution
+                Resource: !Sub arn:aws:codepipeline:${AWS::Region}:${AWS::AccountId}:${Pipeline}

 Outputs:
  PipelineUrl: