codepipeline-to-github

1) Modify the event json to a recent pipeline execution and pipeline name

"detail": {
  "pipeline": "your-pipeline-name",
  "execution-id": "some-execution-id"
}

2) Modify the local-env.json file with your GitHub Personal Access Token

"StatusFunction": {
  "GITHUB_ACCESS_TOKEN": "your-token-goes-here"
}

3) Finally, run the handler which should produce null and the commit status should be updated

make run event="started"

Create a KMS Key per <stage> for your application(s) to encrypt environment variables

make create-env-key stage="<stage>"

This will also store the kms_key_id in SSM located at: /<application>/<stage>/kms_key_id

• github_token is a personal token with access to make a webhook
• kms_key_id is from the previous step (Create Environment Encryption Keys)

Add or update your GitHub personal access token

make save-secrets \
    github_token="YOUR_GITHUB_TOKEN" \
    kms_key_id="YOUR_KMS_KEY_ID" \
    stage="<stage>";

This will create a new AWS CloudFormation stack with:

• (1) Lambda Function (Golang Runtime)
• (1) CloudWatch Event Rule to subscribe to Pipeline events
• (1) CloudWatch LogGroup for the Lambda function output
• (1) CodePipeline with multiple stages to deploy the application from GitHub
• (1) CodePipeline Webhook to receive GitHub notifications from a specific branch:name
• (1) CodeBuild Project to test, build and deploy the app
• (2) Service Roles for working with CodeBuild and CodePipeline

NOTE: Requires an existing S3 bucket for artifacts and sam-cli deployments (located in the Makefile)

One command will build, test, package and deploy the application to AWS using the default production stage and using default tags. After initial deployment, updating the function is as simple as committing to GitHub.

make deploy

(Example) Customized deployment for another stage

make deploy stage="development" branch="development"

(Example) Customized deployment for a feature branch

make deploy stage="development" branch="some-feature" feature="some-feature"

(Example) Customized S3 bucket location

make deploy bucket="some-S3-bucket-location"

(Example) Customized tags for the deployment

make deploy tags="MyTag=some-value AnotherTag=some-value"

Remove the stack (using default stage: production)

make teardown

(Example) Teardown another stack via stage

make teardown stage="development"

(Example) Teardown a feature/branch stack

make teardown stage="development" feature="some-feature"

View all the logs in AWS CloudWatch via Log Groups

/aws/lambda/<app_name>-<stage_name>

goreleaser for easy binary or library deployment to GitHub and can be installed via: brew install goreleaser.

The .goreleaser.yml file is used to configure goreleaser.

Use make release-snap to create a snapshot version of the release, and finally make release to ship to production.

View all makefile commands

make help

List of all current commands:

aws-param-certificate      Returns the ssm location for the domain ssl certificate id
aws-param-dockerhub        Returns the ssm location for the DockerHub ARN
aws-param-vpc-id           Returns the ssm location for the vpc id
aws-param-vpc-private      Returns the ssm location for the vpc private subnets
aws-param-vpc-public       Returns the ssm location for the vpc public subnets
aws-param-zone             Returns the ssm location for the host zone id
build                      Build the lambda function as a compiled application
clean                      Remove previous builds, test cache, and packaged releases
clean-mods                 Remove all the Go mod cache
coverage                   Shows the test coverage
create-env-key             Creates a new key in KMS for a new stage
create-secret              Creates an secret into AWS SecretsManager
decrypt                    Decrypts data using a KMY Key ID (awscli v2)
decrypt-deprecated         Decrypts data using a KMY Key ID (awscli v1)
deploy                     Build, prepare and deploy
diff                       Show the git diff
encrypt                    Encrypts data using a KMY Key ID (awscli v2)
env-key-location           Returns the environment encryption key location
generate                   Runs the go generate command in the base of the repo
godocs                     Sync the latest tag with GoDocs
help                       Show this help message
install                    Install the application
install-go                 Install the application (Using Native Go)
install-releaser           Install the GoReleaser application
invalidate-cache           Invalidates a cloudfront cache based on path
lambda                     Build a compiled version to deploy to Lambda
lint                       Run the golangci-lint application (install if not found)
package                    Process the CF template and prepare for deployment
release                    Full production release (creates release in GitHub)
release                    Runs common.release and then runs godocs
release-snap               Test the full release (build binaries)
release-test               Full production test release (everything except deploy)
replace-version            Replaces the version in HTML/JS (pre-deploy)
run                        Fires the lambda function (run event=started)
save-domain-info           Saves the zone id and the ssl id for use by CloudFormation
save-host-info             Saves the host information for a given domain
save-param                 Saves a plain-text string parameter in SSM
save-param-encrypted       Saves an encrypted string value as a parameter in SSM
save-param-list            Saves a list of strings (entry1,entry2,entry3) as a parameter in SSM
save-secrets               Helper for saving GitHub token(s) to Secrets Manager (extendable for more secrets)
save-vpc-info              Saves the VPC id and the subnet IDs for use by CloudFormation
tag                        Generate a new tag and push (tag version=0.0.0)
tag-remove                 Remove a tag if found (tag-remove version=0.0.0)
tag-update                 Update an existing tag to current commit (tag-update version=0.0.0)
teardown                   Deletes the entire stack
test                       Runs lint and ALL tests
test-ci                    Runs all tests via CI (exports coverage)
test-ci-no-race            Runs all tests via CI (no race) (exports coverage)
test-ci-short              Runs unit tests via CI (exports coverage)
test-no-lint               Runs just tests
test-short                 Runs vet, lint and tests (excludes integration tests)
test-unit                  Runs tests and outputs coverage
uninstall                  Uninstall the application (and remove files)
update-linter              Update the golangci-lint package (macOS only)
update-secret              Updates an existing secret in AWS SecretsManager
upload-files               Upload/puts files into S3 bucket
vet                        Run the Go vet application