Skip to main content

CodePipeline Generator

Project description

pipegen

A pixelated pipe

A CodePipeline/CodeBuild CI/CD Pipeline creator + deployer.

Installation

Install using pip/pypi:

pip install pipegen

Usage

Deploying your pipeline with pipegen:

pipegen deploy --config CONFIG_FILE --stack-name NAME_OF_STACK [--var KEY=VALUE [--var KEY=VALUE]]

To output compiled configuration:

pipegen dump config --config CONFIG_FILE [--var KEY=VALUE [--var KEY=VALUE]]

To output compiled CloudFormation template:

pipegen dump template --config CONFIG_FILE [--var KEY=VALUE [--var KEY=VALUE]]

Configuration Schema

The schema is broken down into several sections:

  • Base/shared config used across many of the resources
  • Source configuration
  • Pipeline configuration

Base Config

Base config is used across multiple resources deployed using pipegen, or can be used to override some defaults.

Full schema is documented below, required elements are specified with (R), and defaults are indicated.

config:
  s3_bucket: (R) the name of a S3 bucket to store artifacts in (source copies, 
             codebuild artifacts, etc)
  kms_key_arn: (R) the ARN of a KMS key to encrypt all resources with

  codepipeline:
    restart_execution_on_update: whether or not to restart an in-progress 
                                 CodePipeline execution if the pipeline is 
                                 updated (default: false)

  codebuild:
    compute_type: the default compute type to use (default: BUILD_GENERAL1_SMALL)
    image: the default docker image to use 
           (default: aws/codebuild/amazonlinux2-x86_64-standard:3.0)
    log_group: 
      enabled: whether or not to enable CloudWatch logs for CodeBuild 
               projects (default: true)
      create: whether or not to create the CloudWatch log group (default: true). 
              Disable if you have created the log group externally.
      name: the name of the CloudWatch log group for the pipeline 
            (default: random generated name based on the stack name)
      retention: A number in days to retain logs (default: null, logs are retained 
                 indefinitely)
  iam: a list of IAM statements to add to the CodeBuild role (default: null). 
       Use if your CodeBuild projects need to manipulate AWS resources

IAM Examples

By default, pipegen configures CodeBuild with the minimal amount of permissions in order to run, decrypt your artifacts from KMS, pull images from ECR (if configured), write logs to CloudWatch logs (if configured). If you require additional IAM permissions, you can specify them using the following syntax:

config:
  iam:
    - standard IAM statement

For example, adding permissions to upload files to S3 in your build:

config:
  iam:
    - Effect: Allow
      Action:
        - s3:PutObject
      Resource: 
        - my-bucket-name/*

Source configuration

Source configuration defines where your project's code comes from.

Two top-level options are supported currently:

  1. CodeCommit, AWS' hosted git service
  2. CodeStar Connections, to use Github.com, GitHub Enterprise (GHE), or BitBucket

Pipelines can use multiple source repositories mixed from either provider.

CodeCommit

The following describes source configuration for using CodeCommit.

Full schema is documented below, required elements are specified with (R), and defaults are indicated.

sources:
  - name: (R) a unique name for this source entry
    from: (R) the provider to use. use `CodeCommit` for CodeCommit
    repository: (R) the name of the repository
    branch: (R) the branch to build from
    poll_for_source_changes: whether CodePipeline should poll for updates (default: false)
    event_for_source_changes: whether to use CloudWatch events/EventBridge to 
                              detect updates (default: true)

Note: if you want the pipeline to trigger a build when the repository is pushed to, either poll_for_source_changes or event_for_source_changes should be set to true (event_for_source_changes is preferred).

CodeStar Connections

The following describes source configuration for using CodeStar Connections to get your source from Github.com, GHE or BitBucket.

In order to use CodeStar connections, you must have configurared a connection separately and prior to deploying the pipeline stack.

Full schema is documented below, required elements are specified with (R), and defaults are indicated.

sources:
  - name: (R) a unique name for this source entry
    from: (R) the provider to use. use `CodeCommit` for CodeCommit
    repository: (R) the name of the repository
    branch: (R) the branch to build from
    connection_arn: (R) the codestar connection ARN to use to pull changes through

Pipeline configuration

The following describes the pipeline's build configuration.

Full schema is documented below, required elements are specified with (R), and defaults are indicated.

stages:
  - name: (R) a unique name for this deploy stage, e.g. "Build", "Deploy", etc
    enabled: whether or not this stage is enabled (default: true)
    actions:
      - name: (R) a unique name for this action, e.g. "Build", "DeployToStaging", 
              "DeleteProduction", etc
        provider: the provider to use to perform the action, 
                  allowed values: CodeBuild (default: CodeBuild). 
                  Note: list may be extended in future
        buildspec: a path to a CodeBuild buildspec YAML file from your first 
                   repository's root directory
        commands: a list of commands to run as part of your buildspec
        artifacts: a list of file path artifacts to store after your build
        compute_type: the compute type to use (default: config.codebuild.compute_type's value)
        image: the docker image to use (default: config.codebuild.image's value)
        environment: a hash of "key: value" variables to provide to the build
        input_artifacts: a list of other build actions `Name` fields, who's artifacts 
                         to bring in to your build

BuildSpec / Commands / Artifacts

When using CodeBuild, you can either:

  • not specify buildspec, commands, or artifacts fields, which will default to using buildspec.yml in the primary source's root directory for build instructions,
  • provide a buildspec field, to specify a file in your repository that contains build instructions,
  • provide commands (and artifacts if needed) for pipegen to generate a buildspec for you inline.

The template reference for a CodeBuild buildspec can be found here: https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html. If you specify commands, pipegen uses buildspec v0.2 to generate a buildspec inline.

Environment Variables

By default, pipegen provides two environment variables to your build project: AWS_DEFAULT_REGION and AWS_REGION, both are set to the AWS region that you deploy to (CloudFormation equivalent to AWS::Region). Either of these can be overridden by specifying those keys with alternative values.

You can provide additional environment variables as needed using the following syntax:

environment:
  KEY: VALUE
  MY_VARIABLE: my value

Input Artifacts

Every CodeBuild project that pipegen configures will have all sources configured added as inputs, meaning that each build will have access to each repository.

If you are building using a "build then deploy" pattern, you may want to pass build artifacts through to deployment stages. You can achieve this with a syntax similar to the following:

stages:
  - name: Build
    actions:
      - name: MyBuildStep
  - name: Deploy
    actions:
      - name: Deploy
        commmands:
          - bin/deploy
        input_artifacts:
          - MyBuildStep # << Note that this matches the action name above

Variables and Imports

pipegen supports two special syntaxes for most configuration entries.

Variables

Any --var key=name passed to the CLI can be used inside your configuration file, to vary behaviour at runtime using a syntax like {{vars.KEY}}. This is commonly used to vary things like the branch used. For example:

config.yml:

sources:
  - name: Source
    from: CodeCommit
    repository: my-repo
    branch: {{vars.BranchName}}

pipegen cli:

pipegen deploy --var BranchName=main ...

Further, as configuration for pipegen is evaluated using jinja2, you can use variables to determine other values. Commonly this can be used to enable/disable stages based on branch (e.g. only running a production deploy for the main branch).

stages:
  - name: Production
    enabled: {{vars.BranchName == "main"}}

Imports

pipegen supports importing values from CloudFormation exports using syntax like import:ImportName.

Example:

config:
  s3_bucket: import:S3BucketName
  kms_key_arn: import:KmsKeyArn

Example configuration

Building from CodeCommit

---
config:
  s3_bucket: my-s3-bucket
  kms_key_arn: arn:aws:kms:REGION:ACCOUNT:key/KEY-ID

sources:
  - name: Source
    from: CodeCommit
    repository: my-repo
    branch: {{vars.BranchName}}

stages:
  - name: Build
    actions:
      - name: Build
        provider: CodeBuild
        buildspec: buildspecs/build.yml
  - name: DevDeploy
    actions:
      - name: Deploy
        provider: CodeBuild
        buildspec: buildspecs/deploy.yml
        environment:
          TARGET_ENVIRONMENT: dev
        input_artifacts:
          - Build
  - name: ProdDeploy
    enabled: {{vars.BranchName == "main"}}
    actions:
      - name: ProdDeploy
        provider: CodeBuild
        buildspec: buildspecs/deploy.yml
        environment:
          TARGET_ENVIRONMENT: prod
        input_artifacts:
          - Build

Building from CodeStar/Github.com

---
config:
  s3_bucket: import:S3BucketName
  kms_key_arn: import:KMSKeyArn
  codebuild:
    log_group:
      retention: 7 # (days)

sources:
  - name: codebuild-test
    from: CodeStarConnection
    repository: samjarrett/codebuild-test
    branch: main
    connection_arn: arn:aws:codestar-connections:REGION:ACCOUNT:connection/CONNECTION-ID

stages:
  - name: Build
    actions:
      - name: Build
        provider: CodeBuild
        commands: 
          - make build
        artifacts:
          - build/*
  - name: Deploy
    actions:
      - name: Deploy
        provider: CodeBuild
        commands:
          - make deploy
        input_artifacts:
          - Build

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pipegen-0.5.0.tar.gz (25.1 kB view details)

Uploaded Source

Built Distribution

pipegen-0.5.0-py3-none-any.whl (18.6 kB view details)

Uploaded Python 3

File details

Details for the file pipegen-0.5.0.tar.gz.

File metadata

  • Download URL: pipegen-0.5.0.tar.gz
  • Upload date:
  • Size: 25.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.9.16

File hashes

Hashes for pipegen-0.5.0.tar.gz
Algorithm Hash digest
SHA256 28011f7aed0c0c7c7d59824d4af140c8829f070a9b2d03c50a0c60088be849b5
MD5 f150825b63b2cac83d88bef20d1c5245
BLAKE2b-256 9a6bd266522192d33a9ce8a0e65191b7659d7f272dd68a5133493a5f0db31351

See more details on using hashes here.

File details

Details for the file pipegen-0.5.0-py3-none-any.whl.

File metadata

  • Download URL: pipegen-0.5.0-py3-none-any.whl
  • Upload date:
  • Size: 18.6 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.9.16

File hashes

Hashes for pipegen-0.5.0-py3-none-any.whl
Algorithm Hash digest
SHA256 8b5d1551a9aedb8f08cc69899762319c156623c1ac1c809ba49a4c0b23bd253f
MD5 4ba13a7c524e79a226a22de95abeb15e
BLAKE2b-256 a28e0a46b2236698d8d4847978855a12684ef42382fc47ad3f7adb0c0e761da7

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page