• Create AWS IAM group 'CodeDeployGroup' with permissions [AmazonS3FullAccess, AWSCodeDeployFullAccess]
  • Create AWS IAM user with programmatic access. Assign the group to the user.
  • Create AWS Role 'AWSCodeDeployRole' for EC2 service with policies [AWSCodeDeployRole, AmazonS3FullAccess]
  • Edit role's Trust Relationship to be
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "Service": [
            "ec2.amazonaws.com",
            "codedeploy.us-west-2.amazonaws.com"
        ]
      },
      "Action": "sts:AssumeRole"
    }
  ]
}
  • Create S3 bucket 'cicd-demo-e3937djdj' to store app revisions
  • Create EC2 instance with custom IAM role (configure in Instance Details before launch) which will be 'AWSCodeDeployRole'.
  • Add custom tag to EC2: cicd_id = cicddemo
  • Install CodeDeploy agent on the server OS: https://docs.aws.amazon.com/en_us/codedeploy/latest/userguide/codedeploy-agent-operations-install.html
  • Create CodeDeploy application 'cicd-demo' for EC2/on-premises computer platform
  • Create CodeDeploy deployment group 'cicd-demo-group' with the AWSCodeDeployRole security role attached. Set up Amazon EC2 instances as environment configuration with the tag created above. Deployment configuration 'OneAtATime'.
  • Create Bitbucket repo cicd_demo
  • Configure Repository Variables for the repo:
    AWS_ACCESS_KEY_ID= <IAM user access key id>
    AWS_SECRET_ACCESS_KEY= <IAM user access key>
    APPLICATION_NAME= cicd-demo
    AWS_DEFAULT_REGION= us-east-1
    DEPLOYMENT_CONFIG= CodeDeployDefault.OneAtATime
    DEPLOYMENT_GROUP_NAME= cicd-demo-group
    S3_BUCKET= cicd-demo-e3937djdj
  • Create codedeploy_deploy.py from https://bitbucket.org/awslabs/aws-codedeploy-bitbucket-pipelines-python/src/73b7c31b0a72a038ea0a9b46e457392c45ce76da/codedeploy_deploy.py
  • Create bitbucket-pipelines.yml
clone:
  depth: 5       # include the last five commits

pipelines:
  default:
    - step:
        name: Deploy
        image: python:3.7.2
        script:
          - apt update
          - apt install zip -y
          - pip install boto3==1.3.0
          - zip -r /tmp/artifact.zip appspec.yml ./scripts/* script.py
          - python codedeploy_deploy.py
  • Create life cycle scripts
    scripts/install_dependencies
    scripts/start_server
    scripts/stop_server

install_dependencies

#!/bin/bash

# Install requirements
sudo apt-get install -y build-essential
sudo apt-get install -y checkinstall
sudo apt-get install -y libreadline-gplv2-dev
sudo apt-get install -y libncursesw5-dev
sudo apt-get install -y libssl-dev
sudo apt-get install -y libsqlite3-dev
sudo apt-get install -y tk-dev
sudo apt-get install -y libgdbm-dev
sudo apt-get install -y libc6-dev
sudo apt-get install -y libbz2-dev
sudo apt-get install -y zlib1g-dev
sudo apt-get install -y openssl
sudo apt-get install -y libffi-dev
sudo apt-get install -y python3-dev
sudo apt-get install -y python3-setuptools
sudo apt-get install -y wget
# Prepare to build
mkdir /tmp/Python37
cd /tmp/Python37
# Pull down Python 3.7, build, and install
wget https://www.python.org/ftp/python/3.7.0/Python-3.7.0.tar.xz
tar xvf Python-3.7.0.tar.xz
cd /tmp/Python37/Python-3.7.0
./configure --enable-optimizations
sudo make altinstall
#pip3.7 install Django

start_server

#!/bin/bash
nohup python3.7 /home/ubuntu/app/script.py > /dev/null 2>&1 &

stop_server

#!/bin/bash
pkill -f python3.7
rm -rf /home/ubuntu/app/*
  • Create appspec.yml file which describes CodeDeploy configuration
version: 0.0
os: linux
files:
  - source: /
    destination: /home/ubuntu/app/
permissions:
  - object: /home/ubuntu/app
    pattern: "**"
    owner: ubuntu
    group: ubuntu
    mode: 777
    type:
      - file
      - directory
hooks:
  BeforeInstall:
    - location: scripts/install_dependencies
      timeout: 300
      runas: root
  ApplicationStop:
    - location: scripts/stop_server
      timeout: 300
      runas: root
  ApplicationStart:
    - location: scripts/start_server
      timeout: 300
      runas: ubuntu