circleci-public / aws-code-deploy-orb Goto Github PK

View Code? Open in Web Editor NEW

9.0 12.0 13.0 84 KB

Easily deploy applications to AWS CodeDeploy on CircleCI with the aws-code-deploy orb

Home Page: https://circleci.com/orbs/registry/orb/circleci/aws-code-deploy

License: MIT License

Shell 88.35% HTML 11.65%

aws-codedeploy circleci-orbs

aws-code-deploy-orb's Introduction

aws-code-deploy Orb

A CircleCI Orb to easily deploy applications to AWS CodeDeploy.

Resources

CircleCI Orb Registry Page - The official registry page of this orb for all versions, executors, commands, and jobs described.
CircleCI Orb Docs - Docs for using and creating CircleCI Orbs. AWS CodeDeploy - Automate code deployments to maintain application uptime. AWS CodeDeploy Docs - User Guide

Examples

Please visit the orb registry page for usage examples and guidelines.

How To Contribute

We welcome issues to and pull requests against this repository!

For further questions/comments about this or other orbs, visit the Orb Category of CircleCI Discuss.

aws-code-deploy-orb's People

Contributors

Stargazers

Watchers

Forkers

rujmah tfentonz avcudenoir isabella232 denisemauldin tymik mattdoller ducpv-1995 eracles99 xvd112 fatzryahvirantika gritzkoo hostnfly

aws-code-deploy-orb's Issues

Allow passing Docker Hub credentials

What would you like to be added

Similar to CircleCI-Public/aws-cli-orb#56, we'll need a way to pass the auth block to the docker configuration parameter (docs).

Why is this needed

Starting November 1, 2020, DockerHub will begin rate-limiting image pulls from DockerHub. Users need a way to pass their DockerHub credentials to avoid the rate limit. Without providing this configuration option, deployments from CircleCI will be impacted.

The Docker Hub Authentication With Orb Executors article directs customers to raise this kind of issue directly in GitHub repositories.

Code deploy orb cannot find file located in S3 bucket?

I am implementing a deployment using aws-code-deploy orb. My infrastructure is being implemented using terraform which consists of the following resources.

S3 bucket → stores the appspec.yml which is used to create the deployment.
VPC for networking.
An application Load balancer, 2 Listener Groups and 2 Target Groups. On initial deployment of infrastructure, go to EC2 → Target groups and you will see TG1 will have a healthy target associated with it but TG2 will not. It will change once we implement the Blue green deployment.
ECS → A cluster, service and task definition will be available.
CodeDeploy → CodeDeploy application and deployment group.

This is my terraform file for S3 resource :-

resource "aws_s3_bucket" "bucket" {
  bucket = "blue-green-cd-ls"
}

resource "aws_s3_object" "appspec" {
  bucket = aws_s3_bucket.bucket.id
  key    = "appspec.yaml"
  content = templatefile("${path.module}/appspec.yaml.tpl", {
    task_definition_arn = var.task_definition_arn
  })
}

Which successfuly creates the S3 bucket with the appspec.yml file in it. I am trying to create a deployment using CircleCI and my config.yml looks like this :-

version: 2.1
orbs:
  aws-cli: circleci/[email protected]
  aws-code-deploy: circleci/[email protected]
jobs:
  deploy:
    executor: aws-cli/default
    steps:
      - checkout
      - aws-cli/setup
      - aws-code-deploy/deploy-bundle:
          application-name: "blue-green"
          bundle-bucket: "blue-green-cd-ls"
          bundle-key: "appspec.yaml"
          deployment-group: "blue-green-ls"
          bundle-type: "YAML"
          deployment-config: "CodeDeployDefault.ECSAllAtOnce"
workflows:
  build-and-deploy:
    jobs:
      - deploy

But my deployment keeps on failing with the following error :-

Deployment failed!
{
    "deploymentInfo": {
        "applicationName": "blue-green",
        "deploymentGroupName": "*************",
        "deploymentConfigName": "CodeDeployDefault.ECSAllAtOnce",
        "deploymentId": "d-85LKXCPMJ",
        "revision": {
            "revisionType": "S3",
            "s3Location": {
                "bucket": "blue-green-cd-ls",
                "key": "appspec.yaml.YAML",
                "bundleType": "YAML"
            }
        },
        "status": "Failed",
        "errorInformation": {
            "code": "INVALID_REVISION",
            "message": "The AppSpec file cannot be located in the specified S3 bucket. Verify your AppSpec file is present and that the name and key value pair specified for your S3 bucket are correct. The S3 bucket must be in your current region"

I double checked and the S3 bucket is definitely in the right region i.e. us-east-1. Anyone has any ideas what might be wrong? Thank you.

In CircleCI Cloud pager is set to "less" by default on deploying machine

Orb Version
1.0.1

Describe the bug
During deployment when the output is long enough client-pager is executed. In CircleCI cloud output, when there's enough lines, output is piped via less and waits for "return" input. Web interface timeouts after 10 minutes.
Full output form CircleCI Web Interface (deployment stage):

#!/bin/bash -eo pipefail
ID=$(aws deploy create-deployment \
        --application-name APP_NAME \
        --deployment-group-name DG_NAME \
        --deployment-config-name CodeDeployDefault.OneAtATime \
        --s3-location bucket=S3_BUCKET,bundleType=zip,key=codedeploy/deployment.zip \
        --output text \
        --query '[deploymentId]')
STATUS=$(aws deploy get-deployment \
          --deployment-id $ID \
          --output text \
          --query '[deploymentInfo.status]')
while [[ $STATUS == "Created" || $STATUS == "InProgress" || $STATUS == "Pending" || $STATUS == "Queued" || $STATUS == "Ready" ]]; do
  echo "Status: $STATUS..."
  STATUS=$(aws deploy get-deployment \
            --deployment-id $ID \
            --output text \
            --query '[deploymentInfo.status]')
  sleep 5
done
if [[ $STATUS == "Succeeded" ]]; then
  EXITCODE=0
  echo "Deployment finished."
else
  EXITCODE=1
  echo "Deployment failed!"
fi
aws deploy get-deployment --deployment-id $ID
exit $EXITCODE
Status: InProgress...
Status: InProgress...
Status: InProgress...
Status: InProgress...
Status: InProgress...
Status: InProgress...
Status: InProgress...
Status: InProgress...
Status: InProgress...
Status: InProgress...
Status: InProgress...
Status: InProgress...
Status: InProgress...
Status: InProgress...
Status: InProgress...
Status: InProgress...
Status: InProgress...
Status: InProgress...
Deployment finished.
WARNING: terminal is not fully functional
�{ress RETURN)
    "deploymentInfo": {
        "applicationName": "APP_NAME",
        "deploymentGroupName": "DG_NAME",
        "deploymentConfigName": "CodeDeployDefault.OneAtATime",
        "deploymentId": "DeploymentID",
        "revision": {
            "revisionType": "S3",
            "s3Location": {
                "bucket": "S3_BUCKET",
                "key": "codedeploy/deployment.zip",
                "bundleType": "zip"
            }
        },
        "status": "Succeeded",
        "createTime": "2020-05-12T06:27:54.543000+00:00",
        "completeTime": "2020-05-12T06:29:38.413000+00:00",
        "deploymentOverview": {
            "Pending": 0,
            "InProgress": 0,
            "Succeeded": 1,
            "Failed": 0,
            "Skipped": 0,
:�

Too long with no output (exceeded 10m0s): context deadline exceeded

To Reproduce

Create small EC2 instance so deploy would take long time
Execute deployment with aws-code-deploy
Deploy fails in CircleCI Web Interface with timeout regardless of result (Success or Fail)

Example config.yml

version: 2.1

orbs:
  aws-cli: circleci/aws-cli@1
  aws-code-deploy: circleci/aws-code-deploy@1
  
executors:
  alpine:
    docker:
      - image: alpine:latest

jobs:
  checkout_code:
    executor: alpine
    steps:
      - checkout
      - persist_to_workspace:
          root: ~/project
          paths:
            - .

  deploy_to_staging:
    executor: aws-cli/default
    steps:
      - attach_workspace:
          at: ~/project
      - aws-cli/setup:
          aws-access-key-id: STAGING_AWS_ACCESS_KEY_ID
          aws-secret-access-key: STAGING_AWS_SECRET_ACCESS_KEY
          aws-region: STAGING_AWS_DEFAULT_REGION
      - aws-code-deploy/push-bundle:
          application-name: APP_NAME
          bundle-bucket: S3_BUCKET
          bundle-key: codedeploy/deployment
      - aws-code-deploy/deploy-bundle:
          application-name: APP_NAME
          deployment-group: DG_NAME
          bundle-bucket: S3_BUCKET
          bundle-key: codedeploy/deployment

workflows:
  version: 2
  build_test_deploy:
    jobs:
      - checkout_code
      - deploy_to_staging:
          requires:
            - checkout_code
          filters:
            branches:
              only: master

Expected behavior

No client-side pager is used while deploying.
Environment variable AWS_PAGER set to empty string in ORB.

Additional context

Applied workaround - "AWS_PAGER=" set as a first step in deployment job

...
executor: aws-cli/default
    steps:
      - run:
          name: Setup Environment Variables
          # https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-pagination.html#cli-usage-pagination-clientside
          command: |
            echo "export AWS_PAGER=" >> $BASH_ENV
      - attach_workspace:
          at: ~/project
      - aws-cli/setup:
  ...

Not possible to use "file-exists-behavior" argument

Orb Version
1.0.0

Describe the bug

When passing an argument that only applies to one of the aws commands, like "file-exists-behavior, which applies to Create Deployment, but not to get application - the deployment will fail.

To Reproduce

Add the argument --file-exists-behaviour OVERWRITE to the deploy job

Expected behavior

The argument is used if it's relevant, and the deployment succeeds at overwriting files.

Additional context

Error in the ensure-application-created step:

#!/bin/bash -eo pipefail
set +e
aws deploy get-application --application-name Drupal-test --file-exists-behavior=OVERWRITE
if [ $? -ne 0 ]; then
  set -e
  echo "No application named Drupal-test found. Trying to create a new one"
  aws deploy create-application --application-name Drupal-test --file-exists-behavior=OVERWRITE
else
  set -e
  echo "Application named Drupal-test already exists. Skipping creation."
fi

usage: aws [options] <command> <subcommand> [<subcommand> ...] [parameters]

To see help text, you can run:



  aws help

  aws <command> help

  aws <command> <subcommand> help



Unknown options: --file-exists-behavior=OVERWRITE

No application named Drupal-test found. Trying to create a new one

usage: aws [options] <command> <subcommand> [<subcommand> ...] [parameters]

To see help text, you can run:



  aws help

  aws <command> help

  aws <command> <subcommand> help



Unknown options: --file-exists-behavior=OVERWRITE


Exited with code exit status 255

CircleCI received exit code 255

Syntax used in my job:

      - deploy-aws-test:
          requires: 
            - build
          filters: 
            branches:
              only: 
              - develop
      - aws-code-deploy/deploy:
          name: Deploy to AWS CodeDeploy (Test)
          requires: 
            - build
          filters: 
            branches:
              only: 
              - develop        
          pre-steps: 
            - queue/until_front_of_line:
              time: '30'
              dont-quit: true

            - attach_workspace:
                at: /tmp/
            - run: 
                name: Untar artifact
                command: | 
                  mkdir /tmp/project/ && tar -xf /tmp/artifacts/*.tar -C /tmp/project/
            - run: 
                name: Remove node_modules and .git
                command: |
                  rm -rf /tmp/project/.git && rm -rf /tmp/project/static/node_modules
            - slack/notify:
              channel: #release-bots
              color: '#3792cb'
              message: Starting deployment to AWS Testing Environment
                
          application-name: Drupal-test
          bundle-bucket: REDACTED
          bundle-key: REDACTED
          deployment-group: DeploymentGroup-Drupal-test
          service-role-arn: REDACTED
          bundle-source: /tmp/project/  
          arguments: --file-exists-behavior OVERWRITE

deploy-bundle arguments fail

Orb Version

1.0.1

Describe the bug

When you pass arguments to deploy-bundle command, it passes them both for aws deploy create-deployment and aws deploy get-deployment, resulting deployment failure, like: Unknown options: --file-exists-behavior=OVERWRITE

To Reproduce

    steps:
      - aws-cli/setup
      ...
      - aws-code-deploy/deploy-bundle:
          ...
          arguments: "--file-exists-behavior OVERWRITE"

Expected behavior

We probably need 2 params for this. One for create-deployment subcommand, another for get-deployment.

Avoid deployment if another deployment is in progress

Is your feature request related to a problem? Please describe.

When starting a new deployment in a CodeDeploy application, it always fails if there's already a deployment running.

The orb should skip the build, not fail.

Describe the solution you'd like

Skip the build, or offer an option to stop the current one and jump straight away to the new one.

Describe alternatives you've considered

Looking for forks of this repo to find somebody that provides the feature - but I'd rather stick to the officially supported orbs.

Additional context

This was tested with EC2 autoscaling target groups, with 1 or 2 instances.

Feature Request: Implement "Waiter" Functionality for CodeDeploy Deployments

Is your feature request related to a problem? Please describe.

Our feature request is related to performing concurrent CodeDeploys within CircleCI. Although this (seems) to be a CodeDeploy limitation a solution could be implemented within the CircleCI orb.

Example text is below:

An error occurred (DeplovmentLimitExceededException) when calling the CreateDeployment operation: The Deployment Group "dashboard-dev-codedeploy-gro up (id-15682dbb-50a5-49d9-b83-12690133b83d)' already has an active Deployment 'd-BR8279BSO

Describe the solution you'd like

We would like it if the code-deploy-orb had "waiter" functionality available.

Describe alternatives you've considered

We have:

contacted AWS to ask that they implement a CodeDeploy deployment queue https://support.console.aws.amazon.com/support/home?region=us-west-2#/case/?displayId=13748568201&language=en
reviewed open suggestions at CircleCI to see if a "queue" feature exists that would prevent two jobs from running concurrently (we found an orb that could do this)
started the process of implementing a "waiter" ourselves

Additional context

We could provide a shell script that would accomplish this (we are implementing the waiter ourselves).

fix: expand argument parameter with circleci env subst

Currently the arguments parameter in each command and job is not being evaluated.

Pick specific zip file rather than bundle key zip file

Feature request related to a problem with the zip file
In the circleci file, I have passed the commands to build and zip the dist/build folder and another command to push the zip file to my S3 bucket. but when the was codedeploy workflow starts it creates another zip file containing the whole code and that zip file is picked by codedeploy to deploy on the instance rather than the zip push by the circleci file to S3.

expected solution
Is there any way I can tell codedeploy to pick the zip folder pushed by me and not the one which is created by its workflow?

SSL Certificate error?

Orb Version
2.0.0

Describe the bug
A few of ours projects at VanMoof use this orb to deploy to AWS. In the deployment job, we also have a step to notify the team via a Slack webhook whether the deployment was successful or not. Slack has recently updated their SSL certificates and we now have a consistent error that there's a problem with the SSL certificate when calling the Slack URL (error 60, SSL certificate problem: certificate has expired).

We also connected to Circle via SSH, trying manually a curl to the Slack API url, and get the same. What we noticed is that for the aws-code-deploy/deploy job of our pipeline the container that gets used is the unsupported circleci/python:2.7-stretch instead of the cimg/python one. To double check, we ran the same curl command via ssh in a separate container running with cimg/python and we have no SSL problem.

To Reproduce
Try to curl any https:// url from the container where the deploy job occurs

Additional context
Thanks for the awesome work!

Commands cannot take the profile parameter

Orb Version
2.0.0

Describe the bug
When there are env variables called AWS_DEFAULT_REGION, AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY altogether with same variables with prefixes and [email protected] is used with aws-cli/setup using a set of variables with prefix, the push-bundle and deploy-bundle commands don't pass the --profile default parameter by default.

I have added the following:


      - aws-code-deploy/push-bundle:
          arguments: --profile default
          application-name: <redacted>
          bundle-bucket: <redacted>
          bundle-key: <redacted>
      - aws-code-deploy/deploy-bundle:
          deploy-bundle-arguments: --profile default
          application-name: <redacted>
          deployment-group: <redacted>
          bundle-bucket: <redacted>
          bundle-key: <redacted>

and this actually works for push-bundle, but does not for deploy-bundle - the additional argument in deploy-bundle is not added to the aws deploy get-deployment that are executed within the orb's command.

To Reproduce

set your environment variables: AWS_DEFAULT_REGION, AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY and additional set of environment variables: PREFIX_AWS_DEFAULT_REGION, PREFIX_AWS_ACCESS_KEY_ID, PREFIX_AWS_SECRET_ACCESS_KEY
ensure the latter ones have no rights to use codedeploy from the access defined with first set of variables
set up following job:


  job:
    executor: aws-cli/default
      - aws-cli/install
      - aws-cli/setup:
          aws-access-key-id: PREFIX_AWS_ACCESS_KEY_ID
          aws-secret-access-key: PREFIX_AWS_SECRET_ACCESS_KEY
          aws-region: PREFIX_AWS_DEFAULT_REGION
      - aws-code-deploy/push-bundle:
          arguments: --profile default
          application-name: <redacted>
          bundle-bucket: <redacted>
          bundle-key: <redacted>
      - aws-code-deploy/deploy-bundle:
          deploy-bundle-arguments: --profile default
          application-name: <redacted>
          deployment-group: <redacted>
          bundle-bucket: <redacted>
          bundle-key: <redacted>

Expected behavior

As a user I expect the orb to have argument called profile for it's jobs and commands with default value equal to default in case none is given.
This gives me an ability to use different profiles in case there is a need.

Additional context

As [email protected] orb installs aws-cli v2 by default, all orbs that rely on aws-cli should have this profile parameter added - if this is yet not the case, please iterate through all aws orbs you develop to add this parameter.

AWS Keys using CircleCI OIDC token is failing

Orb Version
aws-cli: circleci/[email protected]
aws-code-deploy: circleci/[email protected]

Describe the bug

An error occurred (ValidationError) when calling the AssumeRoleWithWebIdentity operation: 1 validation error detected: Value 'aws-code-deploy/deploy' at 'roleSessionName' failed to satisfy constraint: Member must satisfy regular expression pattern: [\w+=,.@-]*
Failed to assume role

To Reproduce

Copy deploy_application_with_oidc template
Change all variables for your application
Run the job

Expected behavior
Authenticate with OIDC

Additional context

Use 1st party orb badge service

This should switch from my 2nd party badge service to the official one.

circleci-public / aws-code-deploy-orb Goto Github PK

aws-code-deploy-orb's Introduction

aws-code-deploy Orb

Resources

Examples

How To Contribute

aws-code-deploy-orb's People

Contributors

Stargazers

Watchers

Forkers

aws-code-deploy-orb's Issues

What would you like to be added

Why is this needed

Recommend Projects

Recommend Topics

Recommend Org