Note: This applies to the AWS internal CodeCommit repository, not the public facing Github mirror.
The CDF core modules are compiled, tested, and deployed, via a single AWS CodePipeline CI/CD pipeline.
The pipeline is deployed using the {aws-connected-device-framework}/source/cicd/deploy-cicd-pipeline.bash
script. Run the script with no arguments to view the help on the possible arguments:
aws-connected-device-framework> cicd/deploy-cicd-pipeline.bash
NAME
deploy-cicd-pipeline.bash
DESCRIPTION
Deploys the CICD pipeline.
MANDATORY ARGUMENTS:
-b (string) The name of the S3 bucket to deploy CloudFormation templates to.
-d (string) The name of the S3 bucket to deploy cdf core documentation to.
-I (string) Name of repo of cdf-infrastructure-* project
-e (string) Name of environment.
OPTIONAL ARGUMENTS
-r (string) Name of CodeCommit repo (defaults to aws-connected-device-framework).
-g (string) Name of git branch (defaults to master).
-h (string) Name of cdf-infrastructure-* git branch (defaults to master).
-N (flag) Use an existing VPC instead of creating a new one
-m (string) Asset library mode - 'full' or 'lite'. Defaults to 'full'
-v (string) Id of VPC where Neptune resides (if running Asset Library in 'full' mode)
-s (string) Id of security group with access to Neptune (if running Asset Library in 'full' mode)
-n (string) Id of private subnets where Neptune resides (if running Asset Library in 'full' mode)
-t (string) Id of private route table ids where Neptune resides (if running Asset Library in 'full' mode)
-p (string) The name of the key pair to use to deploy the Bastion EC2 host.
-o (string) ID of public subnets (comma delimited) to deploy the Bastion into (required if -N set, and Asset Library 'full' mode)
-i (string) The remote access CIDR to configure Bastion SSH access (e.g. 1.2.3.4/32).
-k (string) The KMS Key id that the provisoning module will use to decrypt sensitive information. If not provided, a new KMS key with the alias 'cdf' is created.
-a (string) Name of custom auth cloudformation stack (if running with custom auth enabled)
-R (string) AWS region.
-P (string) AWS profile.
As the CI/CD pipeline deploys the entire CDF core modules, it needs the same parameters as what is used to deploy the core CDF modules into an account.
The CodePipeline in constructed of a number of stages (CodeBuild projects), with each stage having a number of steps (CodeBuild phases). Each of these steps executes a script as follows:
Clones the main aws-connected-device-framework monorepo along with an infrastructure project as specified by the -I
parameter of the deployment script.
When CodePipeline uses CodeCommit as its source, it provides a snapshot of the latest version of the codebase instead of providing the git repository itself. As we need tag the git repository downstream in the pipeline, this script configures the aws-connected-device-framework
source as a git repository by replacing the source with a cloned version of the real git repository.
We do not want the CI/CD codepipline to process all commits. One such example being when the pipeline itself commits an update to a version number we need to ignore it as as we don't end up in a loop. This step retrieves the latest git commit message, and ignores the build by failing the build if the message contains the text [skip ci]'
.
Installs the [pnpm](https://pnpm.js.org)
package manager.
Installs project dependencies.
Builds all projects, followed by running all unit tests.
If unit tests were successful, a semantic release of all changed projects is performed by analyzing all the git commit messages since the last install. Any updated version numbers are committed back to the git code repo. All modules are then bundled ready for deploy.
Downloads and installs [jq](https://stedolan.github.io/jq/)
, [mkdocs](https://www.mkdocs.org)
and any related mkdoc plugins.
delete all rush temp files so the path from previous code build phase so it would not cause an issue with the build step that will build the installer
module
Builds and executes the installer module to deploy all updated modules to the live environment.
Tags the staging release.
Installs [jq](https://stedolan.github.io/jq/)
and [pnpm](https://pnpm.js.org)
.
Installs project dependencies.
Runs the integration tests against the deployed staging environment.
Downloads and installs [jq](https://stedolan.github.io/jq/)
, [mkdocs](https://www.mkdocs.org)
and any related mkdoc plugins.
delete all rush temp files so the path from previous code build phase so it would not cause an issue with the build step that will build the installer
module
Builds and executes the installer module to deploy all updated modules to the live environment.
Tags the live release, as well as publishing all artifacts to S3.