chore: add infra code for release pipeline

Use CDK to create a pipeline stack that uses a GitHub webhook and CodeBuild to publish docker images for amd64 and arm64 architectures to DockerHub. TODO: Also publish to ECR Public
awslabs · Mar 25, 2021 · 4b10984 · 4b10984
1 parent 8ea5381
commit 4b10984
Show file tree

Hide file tree

Showing 8 changed files with 2,387 additions and 3 deletions.
diff --git a/.gitignore b/.gitignore
@@ -19,3 +19,7 @@ out/
 .idea
 .idea/*
 .DS_Store
+
+infra/node_modules
+infra/*.js
+infra/*.d.ts
diff --git a/Makefile b/Makefile
@@ -33,8 +33,8 @@ TAG := $(VERSION)-agent$(AGENT_VERSION_COMPATIBILITY)-compatible
 local-build: $(LOCAL_BINARY)
 
 # build binaries for each architecture into their own subdirectories
-.PHONY: linux-build
-linux-build: $(AMD_BINARY) $(ARM_BINARY)
+.PHONY: linux-compile
+linux-compile: $(AMD_BINARY) $(ARM_BINARY)
 
 $(LOCAL_BINARY): $(SOURCES)
 	PATH=${PATH} golint ./local-container-endpoints/...
@@ -103,7 +103,7 @@ publish-amd:
 	docker push $(IMAGE_NAME):$(TAG)-amd64
 	docker push $(IMAGE_NAME):$(VERSION)-amd64
 
-.PHONY: publish-arn
+.PHONY: publish-arm
 publish-arn:
 	docker push $(IMAGE_NAME):latest-arm64
 	docker push $(IMAGE_NAME):$(TAG)-arm64

diff --git a/infra/README.md b/infra/README.md
@@ -0,0 +1,31 @@
+# Continuous delivery pipelines
+
+This package uses the [AWS Cloud Development Kit (AWS)](https://github.com/awslabs/aws-cdk) to model AWS CodePipeline pipelines and to provision them with AWS CloudFormation.
+
+* pipeline.ts: Builds and publishes the base Docker image for the backend API service
+
+This creates as CodePipeline pipeline which consists of a souce stage that usees a GitHub webhook and a build stage that uses AWS CodeBuild to build and publish Docker images to DockerHub.
+
+## GitHub Access Token
+The official pipeilne uses a team account (ecs-local-container-endpoints+release@amazon.com).
+
+Create a GitHub [personal access token](https://github.com/settings/tokens) with access to your fork of the repo, including "admin:repo_hook" and "repo" permissions.  Then store the token in Secrets Manager:
+
+```
+aws secretsmanager create-secret --region us-west-2 --name EcsDevXGitHubToken --secret-string <my-github-personal-access-token>
+```
+
+## Deploy
+
+To deploy this pipeline, install the AWS CDK CLI: `npm i -g aws-cdk`
+
+Install and build everything: `npm install && npm run build`
+
+Then deploy the pipeline stacks:
+
+```
+cdk deploy --app 'node pipeline.js'
+
+```
+
+See the pipelines in the CodePipeline console.
diff --git a/infra/buildspec.yml b/infra/buildspec.yml
@@ -0,0 +1,15 @@
+version: 0.2
+
+env:
+  secrets-manager:
+    USERNAME: "com.amazonaws.ec2.madison.dockerhub.amazon-ecs-local-container-endpoints.credentials:username"
+    PASSWORD: "com.amazonaws.ec2.madison.dockerhub.amazon-ecs-local-container-endpoints.credentials:password"
+
+phases:
+  pre_build:
+    commands:
+      - echo "Building Image for Amazon ECS Local Container Endpoints..."
+      - docker login -u ${USERNAME} --password ${PASSWORD}
+  build:
+    commands:
+      - make publish