项目作者: nordcloud

项目描述 :
☁️✨⚙️AWS Codepipeline Lambda to deploy stuff using AWS CloudFormation.
高级语言: Python
项目地址: git://github.com/nordcloud/aws-codepipeline-cfn-provider.git
创建时间: 2017-12-18T11:08:45Z
项目社区:https://github.com/nordcloud/aws-codepipeline-cfn-provider

开源协议:Apache License 2.0

下载


aws-codepipeline-cfn-provider

Lintly

CodePipeline built-in cfn provider has a limitation that a cfn template size can’t exceed 51kb.

aws-codepipeline-cfn-provider solves this problem by providing an alternative cfn provider implemented as a Lambda.

Instead of passing templates directly, it uploads templates to s3 bucket before creating a stack so it can be used to deploy stacks from templates with size > 51kb.

Requirements

Lambda requires an s3 bucket used to store cfn templates.
The bucket name is set by PIPELINE_TEMPLATES_BUCKET environment variable.

Deployment

aws-codepipeline-cfn-provider uses Pipenv to manage Python dependencies.

Create virtualenv and install dependencies

  1. pipenv --three
  2. pipenv install

Upload zip to an S3 bucket

Modify bucket name and bucket key in s3_deploy.sh script
Run s3_deploy.sh to generate a zip package and upload file to S3 bucket.

Lambda

Create a Lambda in AWS console using zipped package from s3 bucket.
Lambda handler name should be set to: pipeline_lambda/pipeline_lambda.handler

IAM permissions

aws-codepipeline-cfn-provider requires at least the following permissions:

  1. {
  2. "Version": "2012-10-17",
  3. "Statement": [
  4. {
  5. "Action": [
  6. "codepipeline:PutJobFailureResult",
  7. "codepipeline:PutJobSuccessResult"
  8. ],
  9. "Resource": "*",
  10. "Effect": "Allow"
  11. },
  12. {
  13. "Action": [
  14. "cloudformation:DescribeStacks",
  15. "cloudformation:DeleteStack",
  16. "cloudformation:CreateStack",
  17. "cloudformation:UpdateStack",
  18. "cloudformation:DescribeChangeSet",
  19. "cloudformation:CreateChangeSet",
  20. "cloudformation:ExecuteChangeSet",
  21. "cloudformation:SetStackPolicy",
  22. "cloudformation:DeleteChangeSet",
  23. "iam:PassRole"
  24. ],
  25. "Resource": "*",
  26. "Effect": "Allow"
  27. },
  28. {
  29. "Action": [
  30. "s3:GetObject",
  31. "s3:PutObject"
  32. ],
  33. "Resource": [
  34. "arn:aws:s3:::your-pipeline-templates-bucket/*"
  35. ],
  36. "Effect": "Allow"
  37. },
  38. {
  39. "Action": [
  40. "s3:GetBucketLocation"
  41. ],
  42. "Resource": [
  43. "arn:aws:s3:::your-pipeline-templates-bucket"
  44. ],
  45. "Effect": "Allow"
  46. }
  47. ]
  48. }

UserParameters

User parameters are used to configure lambda and should be passed in a JSON format:

  1. {
  2. "ActionMode": "operation_name", [CREATE_UPDATE, DELETE_ONLY, CHANGE_SET_REPLACE, CHANGE_SET_EXECUTE]
  3. "StackName": "stack_name",
  4. "ChangeSetName": "change_set_name",
  5. "TemplatePath": "ArtifactName::TemplateFile",
  6. "ConfigPath": "ArtifactName::ConfigFile",
  7. "RoleArn": "cfn_role_arn",
  8. "OutputFileName": "artifact_output_file_name" (output.json is default),
  9. "ParameterOverrides": {"param": "value"}
  10. "Capabilities": ["CAPABILITY_NAMED_IAM", "CAPABILITY_IAM"] list or string
  11. }

Lambda environment

  • PIPELINE_TEMPLATES_BUCKET - S3 bucket used to upload cfn templates to

Examples

Pipeline examples

Create stack

pipeline create stack example

Create and execute change set with manual approvement

pipeline change set example

Configuration examples

Delete stack:

  1. {
  2. "StackName": "test_stack",
  3. "ActionMode": "DELETE_ONLY,
  4. "RoleArn": "cfn_role_arn",
  5. }

Create or update stack:

  1. {
  2. "ActionMode": "CREATE_UPDATE",
  3. "StackName": "test_stack",
  4. "RoleArn": "cfn_role_arn",
  5. "TemplatePath": "MyApp::template.json",
  6. "ConfigPath": "MyApp::config.json",
  7. "ParameterOverrides": {
  8. "param1": "value1",
  9. "param2": { "Fn::GetParam" : [ "MyApp", "config2.json", "param2" ] }
  10. }
  11. }

Create change set:

  1. {
  2. "ActionMode": "CHANGE_SET_REPLACE",
  3. "StackName": "test_stack",
  4. "ChangeSetName": "test_change_set",
  5. "RoleArn": "cfn_role_arn",
  6. "TemplatePath": "MyApp::template.json",
  7. "ConfigPath": "MyApp::config.json",
  8. "ParameterOverrides": {
  9. "param1": "value1",
  10. "param2": { "Fn::GetParam" : [ "MyApp", "config2.json", "param2" ] }
  11. }
  12. }

Execute change set:

  1. {
  2. "ActionMode": "CHANGE_SET_EXECUTE",
  3. "StackName": "test_stack",
  4. "ChangeSetName": "test_change_set",
  5. "RoleArn": "cfn_role_arn"
  6. "OutputFileName": "out.json"
  7. }

LICENCE

Apache License 2.0

Copyright Nordcloud OY