AWS for Website CI/CD with Terraforms.

In the previous part, we have done all required to deploy the static website on AWS. But there was a problem — when you make changes, you need to type commands for deployment manually — it sucks. In this part, we will create CodePipeline that will update our website each time we make a commit in the specific branch.

  • Setup remote storage for Terraform state.
  • Create and deploy a CI container to ECR.
  • Make the CI pipeline with CodePipeline and CodeBuild.
  • Add buildspec.yaml in the root of the repository.

All code for this part you can find here.

Remote state

In the previous part, we kept the state in the repository. Now our Terraform state will keep our AWS credentials. Because of this, we will start with creating an S3 bucket for Terraform state. Then we can move the state from the repository to the bucket.

To let Terraform know about the remote state we will add this part in main.tf:

Now, we can type:

$ terraform init

CI/CD container

If we need a container, we should create Dockerfile first.

In my case, to build website nodeJS needed so we will use node as a base image. Also, we will install additional libraries to run AWS commands inside of the container.

We will use ECR as a container registry. So let’s create a repository, by adding resources to the existing Terraform file.

CodePipeline

After running terraform apply, time to push the container to the repository. There is a script for this.

Before running script, be sure you set all required variables, and you have docker on your machine.

$ . ./push_ci_container.sh geekrodion

The name of the container will be the parameter you pass to the script:)

CodePipeline

Now it is the time to create some real infrastructure:) First let’s specify all required environment variables.

To go along, you need to set these variables:

$ export AWS_ACCESS_KEY_ID=<YOUR_AWS_ACCESS_KEY_ID>
$ export AWS_SECRET_ACCESS_KEY=<YOUR_AWS_SECRET_ACCESS_KEY>
$ export AWS_REGION=<YOUR_AWS_REGION>
$ export GITHUB_TOKEN=<YOUR_GITHUB_TOKEN>

It all clear about the first three variables. Since we keep our site on GitHub, we need to specify token. It quite simple to get, you can find steps there.

Also, we need additional variables in vars.tf file. We will specify AWS credentials, the name of the CI container(this is a parameter we pass in push_ci_container script) and variables describing the repository.

There are quite a lot of new resources, and we will not list them here, but you can find them in the repository. And resources quite simple, the only part that I would like to dwell upon is aws_codebuild_project.

In this resource, we specify an image for building a website and butch of variables. As you may remember from the previous part, those are required to make the deployment.

buildspec.yaml

This file specifies steps to execute in CI pipeline. In my case, I only need to install libraries and call the deployment script we made in the previous part.

That’s it! Now you can go to aws.amazon.com, and watch CodePipeline building your website. Check out my in-depth course about this topic on Udemy.

Reach the next level of focus and productivity with increaser.org.

Increaser

Software engineer, creator of increaser.org. More at geekrodion.com