-
Notifications
You must be signed in to change notification settings - Fork 582
/
codebuild.yml
252 lines (249 loc) · 6.95 KB
/
codebuild.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
AWSTemplateFormatVersion: "2010-09-09"
Description: Automate provisioning of CodeBuild with CodePipeline CodeCommit and CodeDeploy. **WARNING** This template creates one or more Amazon EC2 instances. You will be billed for the AWS resources used if you create a stack from this template.
Parameters:
EmailAddress:
Type: String
RepositoryBranch:
Type: String
Default: master
TagKey:
Type: String
Default: Name
TagValue:
Type: String
Default: CodeDeployEC2Tag
EC2KeyPairName:
Type: AWS::EC2::KeyPair::KeyName
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
- Label:
default: Params to Modify
Parameters:
- EmailAddress
- EC2KeyPairName
Resources:
WebsiteBucket:
Type: AWS::S3::Bucket
Properties:
AccessControl: PublicRead
WebsiteConfiguration:
IndexDocument: index.html
WebsiteBucketPolicy:
Type: AWS::S3::BucketPolicy
Properties:
Bucket:
Ref: WebsiteBucket
PolicyDocument:
Version: "2012-10-17"
Statement:
Effect: Allow
Principal: "*"
Action: s3:GetObject
Resource:
Fn::Join:
- ""
- - "arn:aws:s3:::"
- Ref: WebsiteBucket
- "/*"
ArtifactStoreBucket:
Type: AWS::S3::Bucket
Properties:
VersioningConfiguration:
Status: Enabled
AccessControl: BucketOwnerFullControl
MySNSTopic:
Type: "AWS::SNS::Topic"
Properties:
DisplayName: String
Subscription:
- Endpoint: !Ref EmailAddress
Protocol: "email"
TopicName:
Ref: AWS::StackName
CodeCommitJavaRepo:
Type: AWS::CodeCommit::Repository
Properties:
RepositoryName:
Ref: AWS::StackName
RepositoryDescription: CodeCommit Repository
Triggers:
- Name: MasterTrigger
CustomData: Project ID 12345
DestinationArn:
Ref: MySNSTopic
Branches:
- Master
Events:
- all
CodeDeployEC2InstancesStack:
Type: "AWS::CloudFormation::Stack"
Properties:
Parameters:
TagValue: !Ref TagValue
KeyPairName: !Ref EC2KeyPairName
TemplateURL: https://s3.amazonaws.com/stelligent-public/cloudformation-templates/github/labs/codebuild/CodeDeploy_SampleCF_Template.json
TimeoutInMinutes: 60
MyApplication:
Type: "AWS::CodeDeploy::Application"
DependsOn: CodeDeployEC2InstancesStack
MyDeploymentGroup:
Type: "AWS::CodeDeploy::DeploymentGroup"
DependsOn: MyApplication
Properties:
ApplicationName:
Ref: "MyApplication"
DeploymentConfigName: CodeDeployDefault.AllAtOnce
Ec2TagFilters:
- Key:
Ref: TagKey
Value:
Ref: TagValue
Type: KEY_AND_VALUE
ServiceRoleArn: !GetAtt [CodeDeployEC2InstancesStack, Outputs.CodeDeployTrustRoleARN]
CodePipelineStack:
Type: AWS::CodePipeline::Pipeline
Properties:
RoleArn: !GetAtt [CodePipelineRole, Arn]
ArtifactStore:
Location:
Ref:
ArtifactStoreBucket
Type: S3
Stages:
- Name: Source
Actions:
- InputArtifacts: []
Name: Source
ActionTypeId:
Category: Source
Owner: AWS
Version: 1
Provider: CodeCommit
OutputArtifacts:
- Name: MyApp
Configuration:
BranchName: !Ref RepositoryBranch
RepositoryName: !Ref AWS::StackName
RunOrder: 1
- Name: Build
Actions:
- Name: Build
ActionTypeId:
Category: Build
Owner: AWS
Version: 1
Provider: CodeBuild
OutputArtifacts:
- Name: MyAppBuild
InputArtifacts:
- Name: MyApp
Configuration:
ProjectName: !Ref CodeBuildJavaProject
RunOrder: 1
- Name: Deploy
Actions:
- Name: DeployApp
ActionTypeId:
Category: Deploy
Owner: AWS
Version: 1
Provider: CodeDeploy
InputArtifacts:
- Name: MyAppBuild
Configuration:
ApplicationName: !Ref MyApplication
DeploymentGroupName: !Ref MyDeploymentGroup
RunOrder: 1
CodePipelineRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
Effect: Allow
Principal:
Service: codepipeline.amazonaws.com
Action: sts:AssumeRole
Path: /
ManagedPolicyArns:
- arn:aws:iam::aws:policy/AdministratorAccess
CodeBuildJavaProject:
Type: AWS::CodeBuild::Project
DependsOn: CodeBuildRole
Properties:
Artifacts:
Type: no_artifacts
Environment:
ComputeType: BUILD_GENERAL1_SMALL
Image: aws/codebuild/java:openjdk-8
Type: LINUX_CONTAINER
Name: !Sub ${AWS::StackName}CodeBuildJavaProject
ServiceRole: !Ref CodeBuildRole
Source:
Type: CODECOMMIT
Location:
Fn::Join:
- ""
- - "https://git-codecommit."
- Ref: AWS::Region
- ".amazonaws.com/v1/repos/"
- Ref: AWS::StackName
CodeBuildRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
Effect: Allow
Principal:
Service: codebuild.amazonaws.com
Action: sts:AssumeRole
ManagedPolicyArns:
- arn:aws:iam::aws:policy/AdministratorAccess
Outputs:
CodeBuildURL:
Description: CodeBuild URL
Value:
Fn::Join:
- ""
- - "https://console.aws.amazon.com/codebuild/home?region="
- Ref: AWS::Region
- "#/projects/"
- Ref: CodeBuildJavaProject
- "/view"
CodeCommitURL:
Description: CodeCommit URL
Value:
Fn::Join:
- ""
- - "https://console.aws.amazon.com/codepipeline/home?region="
- Ref: AWS::Region
- "#/repository/"
- Ref: AWS::StackName
- "/browse/HEAD/--/"
CodeDeployURL:
Description: CodeDeploy URL
Value:
Fn::Join:
- ""
- - "https://console.aws.amazon.com/codedeploy/home?region="
- Ref: AWS::Region
- "#/deployments/"
CloneUrlSsh:
Description: SSH command for connecting to the CodeCommit repo
Value:
Fn::Join:
- ""
- - "git clone "
- !GetAtt [CodeCommitJavaRepo, CloneUrlSsh]
- ""
CodePipelineURL:
Description: CodePipeline URL
Value:
Fn::Join:
- ""
- - "https://console.aws.amazon.com/codepipeline/home?region="
- Ref: AWS::Region
- "#/view/"
- Ref: CodePipelineStack