Serverless frameworks with AWS CodePipeline

As I have mentioned, our first approach will be through AWS's own DevOps tools. We will start with CodePipeline, which is an indigenous cloud-based tool of AWS that can help you to build, develop, and deploy applications quickly on AWS. We can set up continuous delivery very quickly with CodePipeline. It has its own dashboard, and it integrates easily with tools such as JIRA, Jenkins, GitHub, and other project-management tools. Let's look how we can use this for Lambda functions. We will be using the thumbnail application that was created earlier in the chapter. 

The prerequisites for these recipes are as follows:

• AWS account and login credentials for AWS Console: Most of the setup for the first part of the tutorials will be done through AWS Console. We will using the same adminuser account that we created earlier in the chapter.
• GitHub repository: You need to create a repository and copy all the files and folders from the following repository into your repository:
  https://github.com/shzshi/aws-lambda-thumbnail.git
• CloudFormation service role: Go to the home page of AWS Console and search for IAM. On the IAM page, select Roles and then click on Create role. On the Create role page, select AWS Service and choose CloudFormation as the service. Then click on Next:Permission, and on the permission policy page, select the AWSLambdaExecute policy and click on Next:Review. Once the review page is open, name the role as myCloudFormationRole and then click on Create role. Now, for this service role, we need to add additional policies to execute the pipeline, so let's go to the roles. We will see our role in the list; let's click on it. In the Role Summary page, click on Add inline policy, and in the Create Policy page, click on the JSON tab and then replace the existing JSON script with the script within cloudformationpolicy.json, which is in the aws-lambda-thumbnail repository. Click on Review policy. Now let's name the policy myThumbnailPipelinePolicy, so that we have a service role for CloudFormation. 
• Bucket for the CloudFormation package: We need to create a bucket for the CloudFormation package, so let's go to the home page of AWS Console and search for S3 in services. Next, let's create a bucket with the name of my-cloud-formation-bucket. This bucket is used for packaging our artifacts when we run the pipeline. 

Let's go through the following steps: 

1. To add and retrieve CodeStar permission for the adminuser, go to AWS Console (https://console.aws.amazon.com/console/home) and log in with your root account credentials. This means that we need to log in as a free account user (we created this free account at the start of the chapter). If you go to the adminuser login page, you will see a link at the bottom named Sign-in using root account credentials. Once you are logged in, go to IAM services and click on Users. You should be able to see the adminuser in the list. Now click on the adminuser link to the Security credentials tab. Scroll down to find the HTTPS Git credentials for AWS CodeCommit section and click on the Generate button. The credentials to authenticate AWS CodeCommit will then be generated. Copy or download the credentials. If you have not copied the access key ID and the secret access key, please generate new ones using the Create access key button. Save the details for both of these somewhere for later use.
2. Let's now log into the console as adminuser. Search for CodePipeline from the home page. A page will open. On this page, click on Create pipeline. You will then be redirected to the Create Pipeline page. Let's name the pipeline myServerlessThumbnailPipeline and click on Next Step.
3. In Source Provider, let's select GitHub. We will then be asked to connect to GitHub; go ahead and connect using your credentials. The Repository should be the one that we created as a prerequisite, and the Branch should be the branch where our files are residing (for example, master). Once the details are added, click on Next step. While setting up CodeBuild, a role was created, so we need to add an extra policy for this. 
4. In the Build provider, select AWS CodeBuild, and then in the Configure your Project section, select Create a new build project. Let's add the project details: The project name should be myThumbnailCodeBuild, the environment image should be Use an image managed by AWS CodeBuild, the operating system should be Ubuntu, the runtime should be Node.js, and the version should be Node.js 6.3.1. Keep the rest of the details as their default values and click on Save build project. We have successfully created a AWS CodeBuild project. However, it has also created a service role, and we need to add an additional policy for the CodeBuild project role. So let's open a new tab on the browser and log into AWS Console as adminuser. Then, in services, search for IAM, and on the IAM page, go to Roles and select the service role with the name code-build-myThumbnailCodeBuild-service-role or something similar.

Now click on Add inline policy and then click on the Create Policy page. Choose the S3 service and the PubObject action from the Write access level, and select the Resources as All resources. Finally, click Review Policy. Name the policy myThumbnailCodeBuildPolicy. In the Summary section, we should be able to see S3. Click on Create Policy. Now we have a new policy for S3 that has been added to the CodeBuild role. Let's go back to the create CodePipeline page. Click Next step. 

5. In the Deploy template, let's set Deployment provider as AWS CloudFormation. Now that we're in the CloudFormation section, let's add all the details as shown in the following screenshot. The template file is basically an export file that will be used by CloudFormation: 

   

6. Next, we will create a role to give permission to the AWS CodePipeline to use the resources. Click on Create role and go through the steps as it prompts you. Once the role is created, click on Next. Then review the pipeline, and click on Create pipeline. Our pipeline will trigger automatically. Our first stages of the pipeline worked fine. If we go to CloudFormation (Services | CloudFormation), we should be able to see the stack for the thumbnail that was created. If you tick the checkbox and select the events, you should be able to see the events that ran, as well as some other details. Let's go ahead and add more stages to the pipeline that we can approve, and then deploy the function. 
7. Now, we will edit the pipeline and add some stages to deploy the thumbnail Lambda function. Let's click on Edit and scroll to the bottom. Click on + Stage. Let's add a stage called Approval, so that we can review and approve our work before deployment. Click on Action and select approval from the Action category of the drop-down list. Let's name it as Approval. We can also add an SNS topic to get approval emails. To do this, let's go ahead and use the default values for the rest and click on Add action.
8. The next stage to add is the deployment of the function from the Git repository to the Lambda function. Click on + Stage. Let's add a stage named Deploy, click on Action, and select Deploy from the Action category drop-down list. Next, let's name the action myDeploy and select AWS CloudFormation as the Deployment Provider. In the CloudFormation section, let's add an action mode called execute a change set and select the stack name mythumbnailstack and the change set name mythumbnailchangeset. Let's leave the rest of the details as their defaults and click on Add action. 
9. Now we have added two stages, let's save the pipeline by clicking Save Pipelineline changes. We will be asked to continue; let's go ahead and click Save and Continue. This time, the pipeline won't trigger automatically, so let's click on Release change to start the pipeline. Once the pipeline has successfully completed, we should see all the stages in green, as shown in the following screenshot: 

10. Let's check whether the function has been created, and try executing it. Let's go to the AWS Console home page and search for Lambda. We should be able to see that a thumbnail function has been created. Let's open the Lambda function. On the Function page, let's scroll to the top right-hand side of the page, where we will see a drop-down menu that we can use to add the event. Select Configure Test Events. A pop-up box will appear containing the name of the myThumbnailEvent event and a text field. In the text field, add the following JSON file. Make sure that you replace the my-source-bucket76 with your source bucket name and Baby.jpg with your image name. Then go ahead and click on Save:

11. Now we have deployed our function, and created our S3 buckets and an event. Let's invoke the function. Click on Test. Now you should see that the function has successfully executed. You will see the details in the logs, and if you refresh the S3 bucket named resized, we should be able to see a resized image file. You can just download the resized file and see whether the resizing worked. We can also add an S3 put trigger in order to automatically trigger this CreateThumbnail function when any image file is uploaded to the source S3 bucket. 

In this tutorial, we learned how to use CodePipeline, which is a CD platform of AWS, to deploy Lambda functions. It was pretty quick in deploying a function from GitHub into Lambda using different combinations of tools by AWS. But the cons of these tools are that you are charged for their use, and we have to really get our heads around CloudFormation and the roles. Now let's look at how to set up a pipeline using open source tools.