Module 4

CI/CD on AWS

Build a full deployment pipeline from GitHub to EC2 using CodePipeline, CodeBuild, and CodeDeploy.

CodePipelineCodeBuildCodeDeployAppSpec

What You'll Build

Automate deployments from GitHub to EC2 using AWS's CI/CD trio: CodePipeline, CodeBuild, and CodeDeploy — all configured through the AWS Console. Push code → tests run → app deploys automatically.

Module 4 — Resource Checklist

0/6 (0%)

☐GitHub Connection
sandbox-github
☐S3 Artifact Bucket
sandbox-artifacts-ACCOUNT_ID
☐CodeBuild Project
sandbox-build
☐CodeDeploy Application
sandbox-deploy
☐CodeDeploy Deployment Group
sandbox-deploy-group
☐CodePipeline
sandbox-pipeline

Azure	AWS	Notes
`Azure DevOps Pipeline`	`CodePipeline`	Orchestrates the full flow
`Build Agent`	`CodeBuild`	Managed build environment
`Release Pipeline`	`CodeDeploy`	Deploys to EC2/ASG
`Service Connection`	`CodeStar Connection`	Links to GitHub
`azure-pipelines.yml`	`buildspec.yml`	Build definition file

☁️ Azure Parallel

Key difference: Azure DevOps bundles build + release into one service. AWS separates them into 3 services (CodePipeline + CodeBuild + CodeDeploy). More modular, but more to configure.

The Pipeline Flow

text

GitHub Push
    │
    ▼
┌─────────────────────────┐
│  Stage 1: SOURCE        │  CodeStar Connection detects push
│  (CodePipeline)         │  Downloads source code
└───────────┬─────────────┘
            ▼
┌─────────────────────────┐
│  Stage 2: BUILD         │  Uses buildspec.yml
│  (CodeBuild)            │  npm install → npm test → package
└───────────┬─────────────┘
            ▼
┌─────────────────────────┐
│  Stage 3: DEPLOY        │  Uses appspec.yml
│  (CodeDeploy)           │  Stop → Install → Start → Validate
└─────────────────────────┘

Required Files in Your Repo

Before creating the pipeline, your repository needs two config files that tell CodeBuild and CodeDeploy what to do:

buildspec.yml — Build Definition

Tells CodeBuild what to build. Like azure-pipelines.yml.

yamlbuildspec.yml

version: 0.2

phases:
  install:
    runtime-versions:
      nodejs: 18
    commands:
      - cd app && npm ci

  pre_build:
    commands:
      - cd app && npm test

  build:
    commands:
      - echo "Build succeeded on $(date)"

artifacts:
  files:
    - "**/*"
  discard-paths: no

appspec.yml — Deployment Definition

Tells CodeDeploy how to deploy. Defines lifecycle hooks for each stage.

yamlappspec.yml

version: 0.0
os: linux

files:
  - source: /
    destination: /home/ec2-user/sandbox-app/app

hooks:
  ApplicationStop:
    - location: scripts/stop_server.sh       # Stop old version
  BeforeInstall:
    - location: scripts/install_dependencies.sh  # Install Node.js
  AfterInstall:
    - location: scripts/after_install.sh     # npm install, run migrations
  ApplicationStart:
    - location: scripts/start_server.sh      # pm2 start
  ValidateService:
    - location: scripts/validate_service.sh  # curl /health

📘 Key Concept

Add these to your repo! The lifecycle hooks give you full control: stop old app → install deps → copy files → start new app → validate health.

Step 1: Connect GitHub

Create a CodeStar Connection to let AWS access your GitHub repository. This is like creating a Service Connection in Azure DevOps.

🧪

Console: CodePipeline → Settings → Connections → Create connection

Setting	Value
Provider	GitHub
Connection name	`sandbox-github`

Click Connect to GitHub
Authorize AWS in your GitHub account
Select your GitHub account → click Connect

💡 Tip

Note the Connection ARN — you may need it if creating the pipeline via CloudFormation later.

Step 2: Create an Artifact Bucket

CodePipeline stores build artifacts (zipped source and compiled output) in S3 between pipeline stages.

🧪

Console: S3 → Create bucket

Setting	Value
Bucket name	`sandbox-artifacts-YOUR_ACCOUNT_ID`
Region	`us-east-1`
Block all public access	✅ Keep checked

Click Create bucket.

Step 3: Create CodeBuild Project

CodeBuild is a managed build server that runs your buildspec.yml. It installs dependencies, runs tests, and packages artifacts.

🧪

Console: CodeBuild → Build projects → Create build project

Setting	Value
Project name	`sandbox-build`
Source provider	GitHub (via your connection)
Repository	`AWS_sandbox`
Environment image	Managed image
Operating system	Amazon Linux 2
Runtime	Standard
Image	`aws/codebuild/amazonlinux2-x86_64-standard:5.0`
Service role	New service role
Build spec	Use a buildspec file
Artifacts type	Amazon S3
Artifacts bucket	`sandbox-artifacts-YOUR_ACCOUNT_ID`
Packaging	Zip

Click Create build project.

Step 4: Create CodeDeploy Application

CodeDeploy deploys your built artifact to EC2 instances using the appspec.ymllifecycle hooks.

🧪

Console: CodeDeploy → Applications → Create application

Setting	Value
Application name	`sandbox-deploy`
Compute platform	EC2/On-premises

Click Create application.

Then create a Deployment Group:

Click sandbox-deploy → Create deployment group

Setting	Value
Deployment group name	`sandbox-deploy-group`
Service role	Select a role with `AWSCodeDeployRole` policy
Deployment type	In-place
Environment config	Amazon EC2 Auto Scaling groups → `sandbox-asg`
Deployment settings	`CodeDeployDefault.OneAtATime`
Load balancer	✅ Enable → Application Load Balancer → `sandbox-tg`

Click Create deployment group.

Deployment Strategies

🔄 In-Place (OneAtATime)

Updates one instance at a time. Traffic is rerouted while each updates. Simple and safe for learning.

🔵🟢 Blue/Green

Launches new instances, switches ALB traffic at once. Zero-downtime, easy rollback. Best for production.

Step 5: Create the Pipeline

CodePipeline ties everything together — it watches GitHub, triggers CodeBuild, and deploys via CodeDeploy.

🧪

Console: CodePipeline → Pipelines → Create pipeline

Pipeline settings:

Setting	Value
Pipeline name	`sandbox-pipeline`
Service role	New service role
Artifact store	Custom location → `sandbox-artifacts-ACCOUNT_ID`

Source stage:

Setting	Value
Source provider	GitHub (Version 2)
Connection	`sandbox-github`
Repository name	`udujoel/AWS_sandbox`
Branch name	`main`

Build stage:

Setting	Value
Build provider	AWS CodeBuild
Project name	`sandbox-build`

Deploy stage:

Setting	Value
Deploy provider	AWS CodeDeploy
Application name	`sandbox-deploy`
Deployment group	`sandbox-deploy-group`

Click Create pipeline. The pipeline runs immediately.

🧪 Monitor & Test the Pipeline

After creating the pipeline, it runs automatically. Watch the progress:

Go to CodePipeline → select sandbox-pipeline
Watch 3 stages: Source → Build → Deploy
Click each stage for details (build logs, deployment progress)

Trigger a new deployment:

bash

# Push any change to trigger the pipeline
echo "# Deploy test" >> README.md
git add . && git commit -m "test: trigger pipeline" && git push

The pipeline will detect the push, run CodeBuild (install, test, package), then deploy to your EC2 instances via CodeDeploy.

Key Takeaways

CodePipeline orchestrates, CodeBuild builds, CodeDeploy deploys
buildspec.yml = what to build, appspec.yml = how to deploy
Lifecycle hooks give full control: stop → install → start → validate
In-Place deployment for learning; Blue/Green for zero-downtime production
The pipeline auto-triggers on every push to the configured branch