Initial commit

Author: Ruslan Korniichuk

LICENSE

@@ -0,0 +1,24 @@
+This is free and unencumbered software released into the public domain.
+
+Anyone is free to copy, modify, publish, use, compile, sell, or
+distribute this software, either in source code form or as a compiled
+binary, for any purpose, commercial or non-commercial, and by any
+means.
+
+In jurisdictions that recognize copyright laws, the author or authors
+of this software dedicate any and all copyright interest in the
+software to the public domain. We make this dedication for the benefit
+of the public at large and to the detriment of our heirs and
+successors. We intend this dedication to be an overt act of
+relinquishment in perpetuity of all present and future rights to this
+software under copyright law.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.
+
+For more information, please refer to <https://unlicense.org>

README.md

@@ -0,0 +1,115 @@
+# ci-cd-pipeline-on-aws-for-python
+**Name:** ci-cd-pipeline-on-aws-for-python  
+**Description:** AWS CloudFormation template for CI/CD pipeline on AWS for Python  
+**GitHub:** https://github.com/korniichuk/ci-cd-pipeline-on-aws-for-python
+
+## Table of Contents
+* **[Intro](#intro)**
+* **[Create CI/CD pipeline. CLI](#create-cicd-pipeline-cli)**
+* **[Create CI/CD pipeline. Console](#create-cicd-pipeline-console)**
+* **[Validate created pipeline](#validate-created-pipeline)**
+
+## Intro
+This repository includes AWS CloudFormation template for CI/CD pipeline on AWS for Python. CI/CD pipeline based on [AWS CodeCommit](https://aws.amazon.com/codecommit/) (à la GitHub), [AWS CodeBuild](https://aws.amazon.com/codebuild/) (à la Jenkins), and [AWS CodePipeline](https://aws.amazon.com/codepipeline/) (continuous delivery) services. You can see visualization below:
+![aws_code_services_-_mvp.jpg](img/aws_code_services_-_mvp.jpg "AWS Code services. MVP")
+
+CI/CD pipeline validates your Python code against coding style (aka [PEP8](https://www.python.org/dev/peps/pep-0008/)), programming errors, and [cyclomatic complexity](https://en.wikipedia.org/wiki/Cyclomatic_complexity). CI/CD pipeline runs your unit tests. Solution based on [Flake8](https://flake8.pycqa.org/en/latest/) and [Pytest](https://docs.pytest.org/en/stable/) libraries. For more details see `buildspec.yml` file in [ci_cd_pipeline_init_code_20200827.zip](https://s3-eu-west-1.amazonaws.com/korniichuk.share/code/ci_cd_pipeline_init_code_20200827.zip) archive.
+
+## Create CI/CD pipeline. CLI
+In a terminal, we can enter the following command:
+```
+$ aws cloudformation create-stack --stack-name <value> --template-body file://<value> --capabilities CAPABILITY_NAMED_IAM
+```
+
+Example:
+```
+$ git clone https://github.com/korniichuk/ci-cd-pipeline-on-aws-for-python.git
+$ cd ci-cd-pipeline-on-aws-for-python
+$ aws cloudformation create-stack --stack-name medium --template-body file://ci_cd_pipeline.yaml --capabilities CAPABILITY_NAMED_IAM
+```
+
+Example output:
+```
+{
+    "StackId": "arn:aws:cloudformation:eu-west-1:999999999999:stack/medium/4576d190-e731-11ea-925a-0ab221334260"
+}
+```
+
+**Source:** https://docs.aws.amazon.com/cli/latest/reference/cloudformation/create-stack.html
+
+## Create CI/CD pipeline. Console
+Navigate to https://console.aws.amazon.com/cloudformation/. Click `Create stack`:
+![aws_cloudformation.png](img/aws_cloudformation.png "AWS CloudFormation")
+
+Select `Upload a template file`. Click `Choose file` and select AWS CloudFormation template from your local machine (e.g. [ci_cd_pipeline.yaml](ci_cd_pipeline.yaml)):
+![aws_cloudformation_-_specify_template.png](img/aws_cloudformation_-_specify_template.png "AWS CloudFormation. Specify template")
+
+Click `Next`:
+![aws_cloudformation_-_specify_template_next.png](img/aws_cloudformation_-_specify_template_next.png "AWS CloudFormation. Specify template. Next")
+
+Enter `Stack name` (e.g. `medium`). Click `Next`:
+![aws_cloudformation_-_stack_name.png](img/aws_cloudformation_-_stack_name.png "AWS CloudFormation. Stack name")
+
+Scroll down. Click `Next`:
+![aws_cloudformation_-_advanced_options_next.png](img/aws_cloudformation_-_advanced_options_next.png "AWS CloudFormation. Advanced options. Next")
+
+Scroll down. Select `I acknowledge that AWS CloudFormation might create IAM resources with custom names.` checkbox. Click `Create stack`:
+![aws_cloudformation_-_create_stack.png](img/aws_cloudformation_-_create_stack.png "AWS CloudFormation. Create stack")
+
+## Validate created pipeline
+Navigate to https://console.aws.amazon.com/cloudformation/. Click `Stacks` and validate status of your stack:
+![aws_cloudformation_-_stacks.png](img/aws_cloudformation_-_stacks.png "AWS CloudFormation. Stacks")
+
+Navigate to https://console.aws.amazon.com/codepipeline/. Validate status of your pipeline:
+![aws_codepipeline_-_pipelines.png](img/aws_codepipeline_-_pipelines.png "AWS CodePipeline. Pipelines")
+
+Navigate to https://console.aws.amazon.com/codecommit/. Copy `URL` of your repository:
+![aws_codecommit_-_repositories.png](img/aws_codecommit_-_repositories.png "AWS CodeCommit. Repositories")
+
+In a terminal, we need to enter the following command:
+```
+$ git clone URL
+$ cd demo-ci-cd-pipeline
+```
+
+Where:
+  - `URL` -- URL of your repository from the previous step.
+
+Example:
+
+```
+$ git clone https://git-codecommit.eu-west-1.amazonaws.com/v1/repos/demo-ci-cd-pipeline
+$ cd demo-ci-cd-pipeline
+```
+
+Next we need to change our Python code and send update to AWS CodeCommit repository. For example, you can change code of `sample.py` file to new code with typo:
+```
+# -*- coding: utf-8 -*-
+# Name: sample
+# Version: 0.1a2
+# Owner: Ruslan Korniichuk
+
+def hello_world():
+    return 'Hello, World1'  # Typo is here
+```
+
+Commit changes and send to remote repo:
+```
+$ git commit -am "Test failure"
+$ git push origin master
+```
+
+Navigate to https://console.aws.amazon.com/codepipeline/. **Wait a few minutes.** You can expect `In progress` status first:
+![aws_codepipeline_-_pipeline_in_progress.png](img/aws_codepipeline_-_pipeline_in_progress.png "AWS CodePipeline. Pipeline in progress")
+
+Wait a few minutes more. You can expect `Failed` status:
+![aws_codepipeline_-_pipeline_failed.png](img/aws_codepipeline_-_pipeline_failed.png "AWS CodePipeline. Pipeline failed")
+
+Select your pipeline and click `Details` in red `Build` block:
+![aws_codepipeline_-_build_details.png](img/aws_codepipeline_-_build_details.png "AWS CodePipeline. Build details")
+
+Click `Link to execution details`:
+![aws_codepipeline_-_link_to_exec_details.png](img/aws_codepipeline_-_link_to_exec_details.png "AWS CodePipeline. Link to execution details")
+
+Finally, you can see reason of failure. Our new Python code with typo cannot pass unit tests:
+![aws_codepipeline_-_build_failure_reason.png](img/aws_codepipeline_-_build_failure_reason.png "AWS CodePipeline. Build failure reason")

ci_cd_pipeline.yaml

@@ -0,0 +1,180 @@
+AWSTemplateFormatVersion: "2010-09-09"
+Description: AWS CloudFormation template for CI/CD pipeline on AWS for Python
+Resources:
+
+  CodeBuildIAMRole:
+    Type: AWS::IAM::Role
+    Properties:
+      RoleName: demo-ci-cd-pipeline-codebuild-role
+      AssumeRolePolicyDocument:
+        Version: "2012-10-17"
+        Statement:
+          -
+            Effect: "Allow"
+            Principal:
+              Service:
+                - "codebuild.amazonaws.com"
+            Action:
+              - "sts:AssumeRole"
+      Path: "/service-role/"
+      Policies:
+        -
+          PolicyName: demo-ci-cd-pipeline-codebuild-policy
+          PolicyDocument:
+            Version: "2012-10-17"
+            Statement:
+              -
+                Effect: "Allow"
+                Action:
+                  - "s3:GetBucketAcl"
+                  - "s3:GetBucketLocation"
+                Resource:
+                  - !GetAtt CodePipelineArtifacts.Arn
+              -
+                Effect: "Allow"
+                Action:
+                  - "s3:PutObject"
+                  - "s3:GetObject"
+                  - "s3:GetObjectVersion"
+                Resource:
+                  - !Sub ${CodePipelineArtifacts.Arn}/*
+              -
+                Effect: "Allow"
+                Action:
+                  - "logs:CreateLogGroup"
+                  - "logs:CreateLogStream"
+                  - "logs:PutLogEvents"
+                Resource:
+                  - !Sub arn:aws:logs:${AWS::Region}:${AWS::AccountId}:log-group:/aws/codebuild/demo-ci-cd-pipeline*
+                  - !Sub arn:aws:logs:${AWS::Region}:${AWS::AccountId}:log-group:/aws/codebuild/demo-ci-cd-pipeline:*
+
+  CodePipelineIAMRole:
+    Type: AWS::IAM::Role
+    Properties:
+      RoleName: demo-ci-cd-pipeline-codepipeline-role
+      AssumeRolePolicyDocument:
+        Version: "2012-10-17"
+        Statement:
+          -
+            Effect: "Allow"
+            Principal:
+              Service:
+                - "codepipeline.amazonaws.com"
+            Action:
+              - "sts:AssumeRole"
+      Path: "/service-role/"
+      Policies:
+        -
+          PolicyName: demo-ci-cd-pipeline-codepipeline-policy
+          PolicyDocument:
+            Version: "2012-10-17"
+            Statement:
+              -
+                Effect: "Allow"
+                Action:
+                  - "s3:ListBucket"
+                  - "s3:GetBucketPolicy"
+                Resource:
+                  - !GetAtt CodePipelineArtifacts.Arn
+              -
+                Effect: "Allow"
+                Action:
+                  - "s3:PutObject"
+                  - "s3:GetObject"
+                  - "s3:GetObjectVersion"
+                  - "s3:DeleteObject"
+                Resource:
+                  - !Sub ${CodePipelineArtifacts.Arn}/*
+              -
+                Effect: "Allow"
+                Action:
+                  - "codecommit:CancelUploadArchive"
+                  - "codecommit:GetBranch"
+                  - "codecommit:GetCommit"
+                  - "codecommit:GetUploadArchiveStatus"
+                  - "codecommit:UploadArchive"
+                Resource: !GetAtt CodeCommitRepository.Arn
+              -
+                Effect: "Allow"
+                Action:
+                  - "codebuild:BatchGetBuilds"
+                  - "codebuild:StartBuild"
+                Resource:
+                  -  !GetAtt CodeBuildProject.Arn
+                  -  !Sub arn:aws:codebuild:${AWS::Region}:${AWS::AccountId}:build/demo-ci-cd-pipeline:*
+
+  CodePipelineArtifacts:
+    Type: AWS::S3::Bucket
+
+  CodeCommitRepository:
+    Type: AWS::CodeCommit::Repository
+    Properties:
+      RepositoryName: demo-ci-cd-pipeline
+      RepositoryDescription: CI/CD pipeline on AWS for Python
+      Code:
+        S3:
+          Bucket: korniichuk.share
+          Key: code/ci_cd_pipeline_init_code_20200827.zip
+
+  CodeBuildProject:
+    Type: AWS::CodeBuild::Project
+    Properties:
+      Name: demo-ci-cd-pipeline
+      Source:
+        Type: CODEPIPELINE
+      Artifacts:
+        Type: CODEPIPELINE
+      Environment:
+        Type: LINUX_CONTAINER
+        Image: aws/codebuild/amazonlinux2-x86_64-standard:3.0  # https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-available.html
+        ComputeType: BUILD_GENERAL1_SMALL
+      ServiceRole: !GetAtt CodeBuildIAMRole.Arn
+      TimeoutInMinutes: 15
+      QueuedTimeoutInMinutes: 60
+      LogsConfig: 
+        CloudWatchLogs:
+          Status: ENABLED
+
+  CodePipelinePipeline:
+    Type: AWS::CodePipeline::Pipeline
+    Properties:
+      Name: demo-ci-cd-pipeline
+      ArtifactStore:
+          Location: !Ref CodePipelineArtifacts
+          Type: S3
+      RoleArn: !GetAtt CodePipelineIAMRole.Arn
+      Stages:
+        -
+          Name: Source
+          Actions:
+            -
+              Name: Source
+              ActionTypeId:
+                Category: Source
+                Owner: AWS
+                Provider: CodeCommit
+                Version: '1'
+              Configuration:
+                RepositoryName: demo-ci-cd-pipeline
+                BranchName: master
+                PollForSourceChanges: true
+              OutputArtifacts:
+                -
+                  Name: SourceOutput
+              RunOrder: 1
+        -
+          Name: Build
+          Actions:
+            -
+              Name: Build
+              InputArtifacts:
+                -
+                  Name: SourceOutput
+              ActionTypeId:
+                Category: Build
+                Owner: AWS
+                Provider: CodeBuild
+                Version: '1'
+              Configuration:
+                ProjectName: !Ref CodeBuildProject
+              RunOrder: 1