设置 CodePipeline 模板以从 CodeCommit 部署 CloudFormation 堆栈
Setting up CodePipeline template to deploy CloudFormation stack from CodeCommit
从 CloudFormation 模板,您可以部署 CodeCommit and CodePipeline. From this announcement、
You can now choose AWS CloudFormation as a deployment action in your release workflows built using AWS CodePipeline.
我已经制定了大部分 Cloudformation 模板,但我无法弄清楚阶段。
Resources:
PipelineRepo:
Type: AWS::CodeCommit::Repository
Properties:
RepositoryName: pipeline
RepositoryDescription: Pipeline setup repo
PipelineArtifacts:
Type: AWS::S3::Bucket
PipelineRole:
Type: AWS::IAM::Role
Pipeline:
Type: AWS::CodePipeline::Pipeline
Properties:
Name: pipeline-pipeline
ArtifactStore:
Type: S3
Location:
Ref: PipelineArtifacts
RoleArn:
Ref: PipelineRole
Stages:
... STAGES ...
如何设置阶段以跟踪 CodeCommit,然后从存储库中的文件部署 CloudFormation 模板?
IAM 角色也已损坏。下面是一个正在运行的堆栈。对于各种类型的 CF 部署,请参阅 CF Configuration Properties. A helpful sample CF stack is here。
Resources:
PipelineRepo:
Type: AWS::CodeCommit::Repository
Properties:
RepositoryName: pipeline
RepositoryDescription: Pipeline setup repo
PipelineArtifacts:
Type: AWS::S3::Bucket
PipelineRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Principal:
Service:
- codepipeline.amazonaws.com
- cloudformation.amazonaws.com
Action: sts:AssumeRole
Policies:
- PolicyName: CloudPipelinePolicy
PolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Action: "cloudformation:*"
Resource: "*"
- Effect: Allow
Action: "codecommit:*"
Resource: "*"
- Effect: Allow
Action: "s3:*"
Resource: "*"
- Effect: Allow
Action:
- iam:PassRole
Resource: "*"
Pipeline:
Type: AWS::CodePipeline::Pipeline
Properties:
Name: pipeline-pipeline
ArtifactStore:
Type: S3
Location:
Ref: PipelineArtifacts
RoleArn: !GetAtt [PipelineRole, Arn]
Stages:
-
Name: Source
Actions:
-
Name: CheckoutSourceTemplate
ActionTypeId:
Category: Source
Owner: AWS
Version: 1
Provider: CodeCommit
Configuration:
PollForSourceChanges: True
RepositoryName: !GetAtt [PipelineRepo, Name]
BranchName: master
OutputArtifacts:
- Name: TemplateSource
RunOrder: 1
-
Name: Deploy
Actions:
-
Name: CreateStack
ActionTypeId:
Category: Deploy
Owner: AWS
Provider: CloudFormation
Version: 1
InputArtifacts:
- Name: TemplateSource
Configuration:
ActionMode: CREATE_UPDATE
RoleArn: !GetAtt [PipelineRole, Arn]
StackName: pipeline
Capabilities: CAPABILITY_IAM
TemplatePath: TemplateSource::template.yml
RunOrder: 1
从 CloudFormation 模板,您可以部署 CodeCommit and CodePipeline. From this announcement、
You can now choose AWS CloudFormation as a deployment action in your release workflows built using AWS CodePipeline.
我已经制定了大部分 Cloudformation 模板,但我无法弄清楚阶段。
Resources:
PipelineRepo:
Type: AWS::CodeCommit::Repository
Properties:
RepositoryName: pipeline
RepositoryDescription: Pipeline setup repo
PipelineArtifacts:
Type: AWS::S3::Bucket
PipelineRole:
Type: AWS::IAM::Role
Pipeline:
Type: AWS::CodePipeline::Pipeline
Properties:
Name: pipeline-pipeline
ArtifactStore:
Type: S3
Location:
Ref: PipelineArtifacts
RoleArn:
Ref: PipelineRole
Stages:
... STAGES ...
如何设置阶段以跟踪 CodeCommit,然后从存储库中的文件部署 CloudFormation 模板?
IAM 角色也已损坏。下面是一个正在运行的堆栈。对于各种类型的 CF 部署,请参阅 CF Configuration Properties. A helpful sample CF stack is here。
Resources:
PipelineRepo:
Type: AWS::CodeCommit::Repository
Properties:
RepositoryName: pipeline
RepositoryDescription: Pipeline setup repo
PipelineArtifacts:
Type: AWS::S3::Bucket
PipelineRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Principal:
Service:
- codepipeline.amazonaws.com
- cloudformation.amazonaws.com
Action: sts:AssumeRole
Policies:
- PolicyName: CloudPipelinePolicy
PolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Action: "cloudformation:*"
Resource: "*"
- Effect: Allow
Action: "codecommit:*"
Resource: "*"
- Effect: Allow
Action: "s3:*"
Resource: "*"
- Effect: Allow
Action:
- iam:PassRole
Resource: "*"
Pipeline:
Type: AWS::CodePipeline::Pipeline
Properties:
Name: pipeline-pipeline
ArtifactStore:
Type: S3
Location:
Ref: PipelineArtifacts
RoleArn: !GetAtt [PipelineRole, Arn]
Stages:
-
Name: Source
Actions:
-
Name: CheckoutSourceTemplate
ActionTypeId:
Category: Source
Owner: AWS
Version: 1
Provider: CodeCommit
Configuration:
PollForSourceChanges: True
RepositoryName: !GetAtt [PipelineRepo, Name]
BranchName: master
OutputArtifacts:
- Name: TemplateSource
RunOrder: 1
-
Name: Deploy
Actions:
-
Name: CreateStack
ActionTypeId:
Category: Deploy
Owner: AWS
Provider: CloudFormation
Version: 1
InputArtifacts:
- Name: TemplateSource
Configuration:
ActionMode: CREATE_UPDATE
RoleArn: !GetAtt [PipelineRole, Arn]
StackName: pipeline
Capabilities: CAPABILITY_IAM
TemplatePath: TemplateSource::template.yml
RunOrder: 1