CI-CD for sample nodejs application
Solution Overview
This project tryting to setup CI-CD with AWS Cloud Formation, AWS System Manager, Docker Hub, Docker and GitHub Actions. AWS Cloud Formation will help to provision AWS EC2 infra which contain two EC2 instances, EC2 auto scaling group, 3 IAM policies, 2 security groups and one VPC. Github CI-CD will build and generate docker file for example nodejs application and deploy image on EC2 instances via AWS System Manager.
This lab only cost 2$ for me.
The solution utilizes the following services:
- GitHub Actions – Workflow Orchestration tool that will host the Pipeline.
- AWS Auto Scaling – AWS Service to help maintain application availability and elasticity by automatically adding or removing Amazon EC2 instances.
- Amazon EC2 – Destination Compute server for the application deployment.
- AWS CloudFormation – AWS infrastructure as code (IaC) service used to spin up the initial infrastructure on AWS side.
- IAM OIDC identity provider – Federated authentication service to establish trust between GitHub and AWS to allow GitHub Actions to deploy on AWS without maintaining AWS Secrets and credentials.
- Amazon System Manager – to run Ad-Hoc command inside EC2 instances.
Architecuture Overview
- Developer commits code changes from their local repo to the GitHub repository.The GitHub action is triggered automatically.
- GitHub action triggers the build stage.
- GitHub uses the AWS Access Key to authenticate to AWS and access resources.
- GitHub action uploads build the simple nodejs application docker image.
- GitHub action upload continaer image to docker hub.
- GitHub action execute linux docker run command to EC2 instances via AWS System Manager.
- Prerequisties
- An AWS account with permissions to create the necessary resources.
- An GitHub account with permission to Configure GitHub repositories, Create workflows, and configure GitHub secrets
- A Git client to clone the provide source code.
Install on Ubuntu
1
2
3
4
5
6
type -p curl >/dev/null || sudo apt install curl -y
curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | sudo dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg \
&& sudo chmod go+r /usr/share/keyrings/githubcli-archive-keyring.gpg \
&& echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | sudo tee /etc/apt/sources.list.d/github-cli.list > /dev/null \
&& sudo apt update \
&& sudo apt install gh git wget -y
Install on Centos
1
2
3
sudo dnf install 'dnf-command(config-manager)'
sudo dnf config-manager --add-repo https://cli.github.com/packages/rpm/gh-cli.repo
sudo dnf install gh git wget -y
- Task List
- Clone Github Repo
- Prepare DockerHub
- Provision AWS infra with Cloud Formation
- Create user and grant SSM access
- Create github secret for AWS IAM key and secret
- Bulild and Deploy
- Github Action
- Dockerfile
- Access the application
- Cleaning
Clone Github Repo
- Clone the githubrepository lillianphyo/nodejs-demo
1
git clone https://github.com/lillianphyo/nodejs-demo.git
- Create empty repository in your github personal account.
1
2
3
4
5
6
7
8
9
10
11
mkdir ghcicd
cp -r nodejs-demo/. ghcicd
cd ghcicd
git remote remove origin
rm -rf .git
gh repo create ghcicd --public --source=. -y
git remote add origin https://github.com/<github-username>/ghcicd.git
git branch -M main
git add .
git commit -m "fist commit"
git push -u origin main
GitHub Action
Prepare Docker Hub
- if you have docker hub account? SignIN Here: SignUP Here;
- create repo via Create repository.
Then you will get like this.
- create docker secret to push image via github action.
Save this credential to use later.
- Update Docker Hub credentilas to repo.
Provision AWS infra with Cloud Formation
To provision EC2 instance with atuo scaling grop and configure ALB from AWS Cloud Formation Template. Application steps are as follow.
- Open AWS CloudFormation console, Enter your account ID, username and passowrd.
- Check your region is ap-southease-1 (singapore).
- Create New Stack
- Select Template is Ready
- Select Upload a template file
- Choose File under “ghcicd/cloudformation/deployment.yml”
- Select deployment.yml file and select next.
- In stack detail,
- stack name: nodejs-demo
- VPC and Subnets: (these are pre-populated for you) you can change these values if you prefer to use your own Subnets)
- GitHubRepoName: Name of your GitHub personal repository which you created.
Create user and grant SSM access
In this session, IAM user create and grant for AWS System Manager permission for github action.
Create github secret for AWS IAM key and secret
Bulild and Deploy
Check EC2 instance id from AWS console and update the instance ids at githubcicd/.github/workflows/deploy.yaml. If you build this in different region,you can change your region at AWS_REGION envioronment variable. My region is ap-southeast-1.
1
2
3
4
5
6
env:
REPO: nodejs-demo
AWS_REGION: ap-southeast-1
instance_ids: |
i-0b74b27c04b52197b
i-011d84c1e4eff7d8d