-
Notifications
You must be signed in to change notification settings - Fork 30
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Auto generate watchbot binaries when master is modified #235
Conversation
|
Should we also only build binaries on git tags, and not every git commit? |
I think git tags makes sense - that will make it easier for people to see the version in the URL they're using. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I believe that codepipeline + codebuild together should be able to handle downloading watchbot code and uploading build artifacts for you, without your having to write code to do it. Is there a reason the built-in artifact download/upload didn't work out for this use case?
}, | ||
Policies: [ | ||
{ | ||
PolicyName: cf.sub('BundlerPolicy${GitSha}'), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why do you have the sha here? That will require the policy to change every time there's a deploy?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since the parameter is not used anywhere in the template, changing the gitsha would still cause cfn-config to give me a "No updates to perform" - This enables me to change the template in some way.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Going to experiment with the RestartExecutionOnUpdate
parameter in the CodePipeline resource to see if that helps here, since it seems Cloudformation specific and has no mention in the CodePipeline API.
Effect: 'Allow', | ||
Action: [ | ||
's3:ListBucket', | ||
's3:ListObjects', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
s3:ListObjects is not a thing -- only s3:ListBucket
's3:ListBucket', | ||
's3:ListObjects', | ||
's3:GetObject', | ||
's3:HeadObject', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
s3:HeadObject also is not a thing -- covered by s3:GetObject
bin/generate-binaries
Outdated
cd ecs-watchbot | ||
npm ci --production | ||
npm install -g pkg | ||
pkg . |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You shouldn't have to download watchbot code into your codebuild project. The whole point of using codepipeline is that when a commit is made to the repo, it should handle getting your code onto the codebuild project.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The codebuild git project does not contain the .git
folder associated with the repo, and I need this to retrieve the git tag information associated with my commit for example. More info in the opening comment of this PR.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Per chat with Jake, another option is to retrieve the tag information from the package.json! Going to get rid of this, and read the tags from the package.json instead. : )
3a0f720
to
ff78d45
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks like we need some tests, but other than that the approach here looks good from what I can tell!
3f460de
to
f4a09ee
Compare
Fixes #202.
Next Actions
#228 will be nice to get out the door with this one, so that a squashed commit can generate a watchbot binary and make the state<>binary relationship really clear. Should we only build binaries when git tags are pushed, and not on every commit?
Note that the additional
git clone ...ecs-watchbot...
(master...code-pipeline#diff-e23bfe4bba63271ba8919f6fb8cfcd44R3) is because of a CodePipeline issue that does not give you the.git
folder with your source code. I need this information to identify the sha being built, but more importantly thegit tag
information, since the sha can still be retrieved usingprocess.env.CODEBUILD_RESOLVED_SOURCE_VERSION
cc/ @mapbox/platform-engine-room