369.

CodePipeline Overview

Amazon CodePipeline: Orchestrating CI/CD on AWS

Overview

Amazon CodePipeline is a visual workflow tool that helps orchestrate Continuous Integration and
Continuous Deployment (CI/CD) processes within AWS. It allows you to automate the entire release
process, enabling frequent and reliable updates.

Key Components of CodePipeline

1. Sources

o Supported Sources:

 AWS: CodeCommit, Amazon S3, ECR.

 External: GitHub, Bitbucket.

o Role: Fetches the source code from your repository.

2. Build Phase

o Tools:

 AWS: CodeBuild.

 Third-Party: Jenkins, CloudBees, TeamCity.

o Role: Builds the source code into deployable artifacts.

3. Test Phase

o Tools:

 AWS: CodeBuild, Device Farm.

 Third-Party: Any other tool of your choice.

o Role: Executes tests on the built code to ensure quality.

4. Deployment

o Supported Services:

 AWS: CodeDeploy, Elastic Beanstalk, CloudFormation, ECS, S3.

o Role: Deploys the tested code to production or staging environments.

5. Invoke

o Use: Invoke Lambda functions or Step Functions as part of the pipeline for additional
automation or processing.

6. Stages and Actions

o Stages: Sequential or parallel steps in your pipeline.

o Actions: Specific tasks within each stage like building, testing, or deploying.
 o Example Workflow:

 Build → Test → Deploy to Staging → Load Testing → Manual Approval →

Deploy to Production.

7. Manual Approval

o Use Case: Add a manual approval step before critical stages like deploying to
production.

How CodePipeline Works

 Artifact Creation:

o CodePipeline generates artifacts at each stage, which are stored in Amazon S3.

o These artifacts are passed between stages, enabling seamless workflow progression.

 Example Workflow:

1. Developer Pushes Code: Developer pushes code to CodeCommit.

2. Artifact Creation: CodePipeline extracts the code, creates an artifact, and stores it in
S3.

3. CodeBuild: CodePipeline passes the artifact to CodeBuild, which builds the code.

4. Deployment: The build artifacts are passed to CodeDeploy, which handles the
deployment.

Troubleshooting CodePipeline

1. Monitoring and Notifications

o CloudWatch Events / EventBridge: Monitor pipeline state changes, failures, and

cancellations. Set up notifications (e.g., email) for these events.

2. Permissions Issues

o IAM Role: Ensure CodePipeline has the correct IAM permissions to interact with
other AWS services (e.g., CodeCommit, CodeBuild).

3. Auditing

o CloudTrail: Use CloudTrail to audit AWS API calls made by CodePipeline, especially if
you encounter permission-related issues.

370. CodePipeline - Hands On - Prerequisite

Prerequisites for CodePipeline Hands-On: Setting Up Beanstalk Environments

Before diving into the hands-on with CodePipeline, we need to set up two AWS Elastic Beanstalk
environments. These environments will be used to deploy updates during the CodePipeline
exercises.
Steps to Create Elastic Beanstalk Environments

1. Create the First Environment (Staging)

o Application Name: MyFirstWebApp-Beanstalk

o Environment Name: MyFirstWebApp-Beanstalk

o Platform: Node.js (Choose the latest version)

o Application Type: Simple application

o Instance Type: Single instance

o Key Pair: No key pair required (you can skip this option)

o Review: Skip to the review section.

o Submit: Click on "Submit" to create the environment.

After a few moments, you should see a "Congratulations" message indicating the environment has
been successfully created.

2. Create the Second Environment (Production)

o Navigate Back: Go back to the "Environments" section in Elastic Beanstalk.

o Create New Environment: Select "Create New Environment."

o Application Name: Select the existing application "MyFirstWebApp-Beanstalk."

o Environment Name: prod

o Platform: Node.js (latest version)

o Application Type: Simple application

o Instance Type: Single instance

o Review and Submit: Skip to review and submit the environment.

This will create a second environment for production, which we will use in the CodePipeline hands-
on session.

Reminder: Clean Up After Completion

Once you're done with the hands-on exercise, don't forget to delete the environments to avoid
unnecessary charges for running EC2 instances.

371. CodePipeline - Hands On

Creating Your First CodePipeline for Deployment to AWS Elastic Beanstalk

In this lecture, we'll create our first CI/CD pipeline using AWS CodePipeline. The pipeline will
automate the process of deploying code from a GitHub repository to two AWS Elastic Beanstalk
environments: one for development and one for production.

Step-by-Step Guide
 1. Create the Pipeline

o Name: MyFirstPipeline

o Execution Mode: Leave as "Queued" (default).

o Service Role: Create a new service role, which allows CodePipeline to perform
necessary actions.

o Artifact Store & Encryption Key: Leave the default settings.

o Click Next to proceed.

2. Connect to GitHub

o Source Provider: Choose "GitHub Version 2."

o GitHub Connection: If not already connected, create a new connection named

"MyGitHubConnection."

o Authorize: Allow AWS to connect to your GitHub account.

o Repository Name: Enter your repository name, e.g., my-nodejs-app.

o Default Branch: Choose main.

o Trigger: Set a trigger to start the pipeline on any push to the main branch.

o Click Next to proceed.

3. Skip Build Stage

o Build Provider: Skip this step for now (you can explore it later).

4. Deploy to Elastic Beanstalk (Development Environment)

o Deployment Provider: Select "AWS Elastic Beanstalk."

o Application Name: Choose the application you created earlier.

o Environment Name: Select the env environment.

o Click Next to proceed.

5. Review and Create Pipeline

o Review all settings and click Create Pipeline.

Adding a Production Deployment Stage

1. Edit the Pipeline

o After the initial deployment, edit the pipeline to add a new stage for production
deployment.

2. Add a Stage

o Stage Name: DeployToProd

o Action Provider: Choose "AWS Elastic Beanstalk."

 o Application Name: Same as before.

o Environment Name: Select the prod environment.

o Add a Manual Approval Step: Before deploying to production, add a manual

approval action.

3. Save and Update

o Save the updated pipeline with the new production stage.

Deploying Code and Approving for Production

1. Trigger a Deployment

o Make a change to the index.html file in your GitHub repository, e.g., change the
background color from blue to red.

o Commit the changes to the main branch.

2. Monitor the Pipeline

o The pipeline will automatically start, deploying the new version to the development
environment.

o Once deployed, verify the changes in the development environment.

3. Manual Approval for Production

o After the development deployment, you'll be prompted for manual approval.

o Review the changes, and if satisfied, approve the deployment to the production
environment.

4. Verify Production Deployment

o Once approved, the code will be deployed to the production environment.

o Verify that the changes, like the new background color, are reflected in production.

372. CodeBuild Overview

CodeBuild Overview

 Purpose: CodeBuild is a fully managed continuous integration service that compiles source
code, runs tests, and produces deployable software packages.

Key Components

1. Source Providers:

o Supported sources include CodeCommit, Amazon S3, Bitbucket, and GitHub.

o The buildspec.yml file is crucial. It must be located at the root of the source code
repository. This file contains build instructions.
 o You can also manually insert build instructions into the console, but using
buildspec.yml is best practice and is important for the exam.

2. Build Process:

o Output Logs: Stored in Amazon S3 and CloudWatch Logs for later analysis.

o Monitoring: Use CloudWatch Metrics for build statistics, EventBridge to detect

failed builds and trigger notifications, and CloudWatch Alarms for frequent failures.

o Build Projects: Can be defined within CodeBuild or invoked within CodePipeline.

CodePipeline can also call an existing CodeBuild project.

3. Supported Languages:

o Pre-built images are available for languages like Java, Ruby, Python, Go, Node.js,
Android, .NET Core, and PHP.

o For other environments, you can extend a Docker image to support the language you
need.

4. How CodeBuild Works:

o Source Code: Fetched from CodeCommit or other sources.

o Container Environment: CodeBuild uses a container (Java, Go, etc.) to run the build
instructions from buildspec.yml.

o Docker Image: CodeBuild pulls a Docker image, either prepackaged by AWS or

provided by you.

o Caching: Optional feature to cache files in S3 for faster future builds.

o Artifacts: The output files from the build process are stored in an S3 bucket.

Buildspec.yml File

 Location: Must be at the root of the code repository.

 Environment Variables: Can be plaintext or pulled from SSM Parameter Store or Secrets
Manager.

 Phases:

o Install: Commands to install necessary packages.

o Pre_build: Commands executed before the main build.

o Build: Main build commands.

o Post_build: Commands after the build (e.g., packaging).

 Artifacts: Specifies which files to extract and store in S3.

 Cache: Defines which files to cache in S3 for faster future builds.

Logging and Artifacts

 Logs: Stored in CloudWatch Logs and optionally in S3.

  Artifacts: The output of the build process is stored in S3.

Exam Tips

 Buildspec.yml: Ensure you know its importance and location.

 Environment and Phases: Understand how phases in buildspec.yml relate to the build
process.

 Caching and Artifacts: Be familiar with how caching and artifacts work.

 Integration: Recognize how CodeBuild integrates with other AWS services like CloudWatch
and S3.

373. CodeBuild Hands On Part I

CodeBuild Hands-On: Setting Up a Build Project

Objective: Create a CodeBuild project to test that the "Congratulations" message appears when
deploying an application.

Steps to Create a CodeBuild Project

1. Create New Project:

o Name the project "MyFirstBuild".

o Skip optional settings like Description, Build Badge, and Tags.

2. Source Configuration:

o Choose GitHub as the source.

o Connect to GitHub using OAuth.

o Authorize CodeBuild as CodeSuite.

o Select the repository (e.g., nodejs app).

o Build directly from the main branch.

o Set up the project to rebuild every time a code change is pushed to the repository
(PUSH).

3. Build Configuration:

o Use a Managed Image:

 Choose Ubuntu as the OS.

 Select Standard runtime with the latest image (e.g., standard 7.0).

o Create a new service role named "CodeBuildDemoServiceRole".

4. Additional Configuration:

o Timeout: Default is 1 hour, can be adjusted (e.g., 10 minutes).

 o VPC Selection: (Optional) If access to resources in a VPC is needed.

o Compute Size: 3 GB memory and 2 vCPU.

o Environment Variables: (Optional) Add if needed.

5. Buildspec Configuration:

o Use Buildspec.yaml file located in the root directory of the source code repository.

o No artifacts are required since this build is only for testing, not building anything.

6. Logging:

o Optionally, send logs to CloudWatch Logs or Amazon S3.

7. Start the Build:

o After creating the project, start a build.

o The build process will begin by pulling the code from the GitHub repository.

8. Expected Outcome:

o The build will fail initially because the Buildspec.yaml file is not yet present in the
repository.

o This is expected, and the file will be added in the next step.

374. CodeBuild Hands On Part 2

CodeBuild Hands-On: Fixing Errors and Integrating with CodePipeline

Objective: Fix the error in CodeBuild by creating a buildspec.yaml file and integrate CodeBuild with
CodePipeline for automated testing and deployment.

Steps to Fix CodeBuild Error

1. Create buildspec.yaml File:

o Go to the GitHub repository.

o Add a new file named buildspec.yaml in the root directory.

o Paste the following content:

yaml

Copy code

version: 0.2

phases:

install:

commands:
 - echo Installing Node.js latest

- nvm install node

pre_build:

commands:

- echo We are in the pre_build phase

build:

commands:

- echo We are in the build phase

- grep -Fq "Congratulations" index.html

post_build:

commands:

- echo We are in the post_build phase

o Commit the file directly into the main branch.

2. Trigger a New Build:

o The new build will automatically start because of the webhook between GitHub and
CodeBuild.

o Check the build status in CodeBuild. If the build is successful, it indicates that the
buildspec.yaml file is correctly configured.

Integrating CodeBuild with CodePipeline

1. Edit CodeBuild Project:

o Go to the CodeBuild project settings.

o Remove the Primary Source Webhook Events to prevent automatic builds from
GitHub pushes.

o Update the project.

2. Modify CodePipeline:

o Go to CodePipeline and edit the pipeline (e.g., MyFirstPipeline).

o Add a new stage named TestCode before the deployment stage.

o In the action group, select CodeBuild as the action provider.

o Set the input artifact to SourceArtifact and select MyFirstBuild as the project.

o Configure the output artifact (e.g., OutputOfTest).

o Save the changes.

3. Testing the Pipeline:

 o Break the Test: Edit the index.html file in GitHub by changing "Congratulations" to
"horrible". Commit the change.

o The pipeline should automatically trigger a build, and the build should fail because
the test (grep command) will not find "Congratulations" in the index.html.

o Check CodePipeline to ensure that the failure prevents further deployment.

4. Fix the Test:

o Edit the index.html file again, restoring "Congratulations" and adding some text (e.g.,
"Congratulations CodeBuild").

o Commit the change, which will trigger a new pipeline run.

o The pipeline should pass this time, and the changes will be deployed to the
development environment.

5. Final Verification:

o After successful deployment, check the environment (e.g., Elastic Beanstalk) to

confirm that the changes (e.g., "Congratulations CodeBuild") are reflected.

Summary:

 The error in CodeBuild was fixed by creating and configuring the buildspec.yaml file.

 CodeBuild was successfully integrated with CodePipeline to automate testing and

deployment processes, demonstrating the power of CI/CD.