You cannot push directly to the master branch as it represents the stable version of the project.
To contribute, you must create a branch for a specific modification, then create a pull request.
Once the pull request has been reviewed, it can be merged to master
- Create a branch for a specific modification (ex.
feature/dummy). - Implement your modifications
- Test the project by deploying the stack from your local machine.
You must choose a unique stack name to avoid any conflict (ex.ami-factory-dummy).
See the README.md to know how to deploy the stack. - Go to CodePipeline to check if the pipeline works properly.
- Once your done, go open a new pull request.
- Wait for your pull request to be reviewed, then merge it to
master.
Do not forget to destroy your testing stack and delete your branch once your pull request has been merged.
When deploying a new stack, you must allow the OAuth connection between CodePipeline and GitHub (for CodePipeline to be authorized to clone the repo). To do so, follow this section
The pipeline is considered working if:
- All the steps in CodePipeline works properly.
- A new hardened AMI is created.
- An HTML hardening guide is generated and uploaded to S3.
- An HTML compliance report is generated and uploaded to S3.
- An HTML remediation report is generated and uploaded to S3.
├── README.md
├── aws-lambda
│ └── compliance-check.js Lambda that build the hardened AMI.
├── buildspec.yml CodeBuild build specifications
├── cloudformation Contains all the CloudFormation templates
│ ├── codebuild.yaml
│ ├── codepipeline.yaml
│ └── lambda.yaml
├── doc Contains images for the documentation
└── template.yaml CloudFormation main template
First deploy your stack, then go to the AWS Console, in the CodePipeline service.
Select the GitHub connection associated to your stack, then click "Update pending connection".
A popup appears, select capgemini-pnc in the dropdown menu, then click "Connect".
