Continuous Deployment With Github Action for AWS ECR

November 29th, 2020 254 Words

Automated releases and deployments wil speed up your development prozess. After setting up Semantic Releases, a tagged software version can be deployed with GitHub Actions. For projects using Amazon Elastic Container Registry, you might want to build and tag a docker image for every GitHub release.

Create a file in .github/workflows to store the configuration:

name: Deployment

on:
  release:
    types: ["created"]

jobs:
  deployment:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout sources
        uses: actions/checkout@v2

      - name: Set $VERSION variable
        id: version
        run: echo ::set-output name=VERSION::$(echo $GITHUB_REF | cut -d / -f 3)

      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v1
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: ${{ secrets.AWS_REGION }}

      - name: Login to Amazon ECR
        uses: aws-actions/amazon-ecr-login@v1

      - name: Publish to Container Registry
        env:
          VERSION: ${{ steps.version.outputs.VERSION }}
          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        run: make publish

      - uses: chrnorm/deployment-action@releases/v1
        name: Trigger Deployment
        id: deployment
        with:
          token: ${{ secrets.CUSTOM_GITHUB_TOKEN}}
          environment: production
          ref: refs/tags/${{ steps.version.outputs.VERSION }}

When using docker and AWS ECR, you will need a pair of AWS Credentials to authorize with the registry. The referenced publish task needs to build, tag, and finally push the docker image to the registry:

publish: REPOSITORY_NAME=example-repository
publish: REPOSITORY_HOST=123456789.dkr.ecr.eu-central-1.amazonaws.com
publish:
	@ docker build . -t $(REPOSITORY_NAME):$(VERSION)
	@ docker tag $(REPOSITORY_NAME):$(VERSION) $(REPOSITORY_HOST)/$(REPOSITORY_NAME):$(VERSION)
	@ docker push $(REPOSITORY_HOST)/$(REPOSITORY_NAME):$(VERSION)

After the docker image is pushed to the Amazon Elastic Container Registry, a new GitHub Deployment is created. Next, a GitHub Action needs to update any consumer to the new tagged version: Github Deployments and Github Actions for Continuous Releases.

AWS: Encrypted SQS with SNS Subscription using KMS

December 17 th, 2020 486 Words

To decouple services on AWS, it’s a common pattern to use Amazon SQS and Amazon SNS. With AWS Key Management Service, you can encrypt the messages stored in the SNS topic and SQS queue. For the AWS Cloud Development Kit using TypeScript, you can easily create an architecture for secure message processing.
AWS: CloudFormation StackSet IAM Roles

December 11 th, 2020 270 Words

With AWS CloudFormation StackSets you can deploy a CloudFormation template to multiple AWS Accounts or AWS Regions. You can use the AWS Management Console, the AWS CLI, or CloudFormation to use StackSets. Before using StackSets, you need to configure specific IAM roles to be used with CloudFormation StackSets.
AWS CDK: API Gateway Service Integration for Step Functions

December 7 th, 2020 380 Words

Most people only use Amazon API Gateway as an HTTP interface to invoke AWS Lambda functions. But, the service has way more to offer. For example, you can easily create an HTTP interface for nearly any AWS Service; not only AWS Lambda. Based on the previous post, on how to create a State Machine with AWS Step Functions and AWS Cloud Development Kit, this post describes how to create an HTTP interface to start an execution of a State Machine using the AWS CDK.
AWS CDK: Amazon API Gateway integration for SQS

December 7 th, 2020 327 Words

Most people know Amazon API Gateway from using it to build HTTP interfaces for AWS Lambda functions. But, in general, you can use API Gateway to call a variety AWS APIs using HTTPS. This post shows how to create an HTTPS interface for Amazon SQS using the AWS Cloud Development Kit.
AWS CDK: State Machine with Step Functions

December 6 th, 2020 435 Words

With AWS Step Functions, you can easily orchestrate serverless functions and sequence them with other AWS services to a bundle application. You can create AWS Step Functions with CloudFormation, the AWS Cloud Development Kit, or - of course - using the visual interface available in the AWS Management Console. This post shows how to orchestrate AWS Lambda functions to a simple State Machine using AWS Step Functions.
AWS CDK Construct: Lambda Fleet for Dockerfile

December 6 th, 2020 463 Words

Using the AWS Cloud Development Kit, deploying a AWS Lambda function using Docker container images is pure gold. The installation of dependencies for Lambda functions always stressed me out. Regardless of using Node.js or Python, managing dependencies for AWS Lambda was never fun.
AWS CDK: Deploy Lambda with Docker

December 5 th, 2020 195 Words

The AWS Cloud Development Kit supports building docker images for AWS Lambda. With the most recent version, the CDK builds your docker images if needed and can push the image directly to AWS Elastic Container Registry. Personally, I think this is a great feature. With supporting docker images, AWS Lambda has immutable deployment artifacts!