Serverless CI/CD Solutions Example on AWS (CodePipeline-CodeBuild)
Hi! In my last Medium post (Hosting and CI/CD Pipeline for Website with S3) i was mentioning about setting up a static website in S3 and building a Jenkins server for CI/CD steps.
But in that post we will delete that Jenkins server and we will build a serverless solutions with AWS services such as CodeCommit, CodePipeline and CodeBuild.
What is serverless?
Serverless solutions are standing for not being worry about setting up a server, maintaining the server and not paying for resources when you are using not that server.
For example i was setting up and EC2 instance and launching required tools for Jenkins, setting up Jenkins side etc. These steps take time, effort and waste of money also if you don’t need a instance which is need to be running 7/24. Because in serverless solutions you are only paying for the resources while up and running for your tasks. Like for a EC2 instance you are paying until that instance will be stopped or terminated but you need that instance only for 5–10 mins in CI/CD process not for 7/24.
In another example if we say our process take 10 mins in a CI/CD process if you use CodeBuild service that process, you pay only for that 10 mins. Because during the process AWS providing you a resource and letting you use a container image for your tasks and when your process is ended your resources will be ended too. Lets have a look the steps now;
In AWS we will take actions for these steps;
- Keeping our code in CodeCommit service instead of in directory in a instance.
- We will set a pipeline in CodePipeline service instead of setting up a Jenkins environment for notifying changes in code and starting to pipeline.
- And we will set a yaml file within build project in CodeBuild service for defining CI/CD steps, like actions during pipeline is working.
Here is the map of our journey; we will keep our code in a CodeCommit repository, a pipeline in CodePipeline will detect the changes in repository, actions in defined in yaml will be doing by a build project in CodeBuild, changed-new files will be sending to S3 bucket, stored a DNS name in Route53 will serve the website to end users.
Lets have our Git credentials in AWS for pushing our code in CodeCommit, when we are using git pull-push-add commands, we will be using these credentials.
Click to user@AWS-accound-id section on AWS Console > My Security Credentials > AWS CodeCommit credentials > HTTPS Git credentials for AWS CodeCommit > Generate credentials
After these steps we will have our repository in CodeCommit service.
Lets clone our empty repository and move all files into that and use git commands such as add-commit and push. And finally we don’t have an empty repository in CodeCommit!
For now we are done with CodeCommit service, we will setup our pipeline with CodePipeline service. Most important things are service role and network settings during the setup of pipeline.
Service role: In pipeline process AWS services will be talking with each other that means CodePipeline need to access for having code from CodeCommit, CodeBuild needs to have S3 access for pulling and pushing. And service roles are stand for that.
Network settings: If you want to use that kind a model in your company tasks or any big projects probably you are not using a simple networking setting or everything is not publicly accessible from internet. At CodePipeline process we don’t need any network settings but in CodeBuild section we need to handle something on network side.
Time to create a pipeline now in CodePipeline;
Step 1-Create pipeline: As you can see we selected a new service role from AWS, that service role will have default access between CodeCommit-CodePipeline etc.
Step 2-Choose your code source: At that step we are selecting our CodeCommit repository and the related branch. For detection of changes we will be using CloudWatch Events, this the way how they are having communication and we can select the artifact format in default way.
Step 3-Create a build project for your building steps: We will use CodeBuild service for that step. In CodeBuild we will have an image and the defined build steps in a yaml will do the actions for us at inside of the image. In that yaml you can user maven, ant or any needed tool commands or AWS-cli commands.
We need set the subnet setting also for that image but we will use only a S3 bucket, because of that we don’t need to set a network settings.
Now we can click to Create projects at CodePipeline’s 3th step.
We will set our environment in build project, if you wont use a custom image we can select a managed image by AWS, also we can select the OS of the image such as Amazon Linux 2, Ubuntu, Windows Server 2019 and i will go with Ubuntu lately we can set values as default but after we create the service role we need to attach S3 access policy to that role. If we don’t do that our build project wont access to S3 bucket and wont be able to take actions.
As we mentioned before we need to set network setting in build project also but we don’t need any specified setting, we will keep that VPC section empty. At the other steps we can specify the compute source which is we will be using from AWS compute serves and we specify values in the project that can be your image tag, endpoint etc. We will set these variables for doing test.
Lets write a buildspec.yaml for our build steps and test our environment variables now.
If we run that build project we will have error about access, now we should give permission to our build project. I will use a default AmazonS3FullAccess but you can create a custom policy for best practices.
Lets test time! In my current code it says “Im DevOps Engineer at bestcloudfor.me” at the homepage but we want to make it “Im Cloud Native Engineer at bestcloudfor.me”
Now i will change the related text in code and will push to my CodeCommit repository. After that push action our CodePipeline will be activated and trigger CodeBuild stage so at the end my S3 bucket will be updated. And everything is done!
And result is here!
As a summary with that 2 posts we have talked about;
-Preparing a S3 for hosting website
-Building CI/CD stages with server and serverless solutions
Feel free to text me for any questions.
GitHub Repository: github.com/erdenayates/resume-website
LinkedIn: linkedin.com/in/erdenayates
