Continuous Integration in the Cloud: How CTO.ai Complements AWS
Introduction
Continuous Integration (CI) is a development practice where developers integrate code into a shared repository frequently, usually several times a day. Each integration can then be verified by an automated build and automated tests. While several CI systems are available, CTO.ai is a popular option known for its ease of use and GitHub integration. When combined with AWS services, CTO.ai can offer a robust and scalable CI solution.
Setting Up CTO.ai with AWS
When setting up CTO.ai with AWS you can use any of our AWS workflows like the ECS Fargate workflow or the EKS EC2 ASG workflow.
- Sign up for an AWS account if you don't have one.
- Create an IAM user with programmatic access. This will give you an access key ID and a secret access key.
Create Secrets from Settings
- Back in your CTO.ai dashboard, create your secrets by selecting Settings and Secrets.
Secrets are encrypted environment variables that CTO.ai utilizes within your workflow to build and run your application and deployments.
You will create four secrets:
- AWS_ACCESS_KEY_ID
- AWS_SECRET_ACCESS_KEY
- AWS_ACCOUNT_NUMBER
- GITHUB_TOKEN
- To create your AWS SECRET KEY AND ACCESS KEY. Log into your AWS Account, select the Identity and Access Management (IAM) dashboard, create a new user, copy the Access Key ID and Secret access key, and paste it into your secret dashboard on CTO.ai.
- Your AWS ACCOUNT NUMBER can be obtained from your User ID on the top right corner of your AWS Console.
Generate Github Token
Generate your GITHUB_TOKEN from Github by going to Settings → Developer settings → Personal access tokens → Generate a new token on your Github profile.
- Back in your CTO.ai Secrets dashboard, create your secret key/value pairs.
Next, your AWS credentials will be stored in your ops.yml
file. The ops.yml
file is a configuration file used by CTO.ai. This file is written in YAML (Yet Another Markup Language) and is used to manage the automated building and testing of software projects within the CTO.ai environment.
Example ops.yml
configuration
version: "1"
pipelines:
- name: my-python-application-pipeline:1.0.0
description: Build and push a Python Docker image to AWS ECR
env:
static:
- PYTHON_VERSION=3.8
- AWS_REGION=us-west-2
- REPO=my-application
secrets:
- AWS_ACCESS_KEY_ID
- AWS_SECRET_ACCESS_KEY
- AWS_ACCOUNT_NUMBER
events:
- "github:my-org/my-repo:pull_request.merged"
- "github:my-org/my-repo:pull_request.opened"
- "github:my-org/my-repo:pull_request.synchronize"
jobs:
- name: python-docker-build-job
description: Building Docker Image for Python Application
packages:
- python3
- docker
steps:
- pip install awscli
- aws ecr get-login-password --region $AWS_REGION | docker login --username AWS --password-stdin $AWS_ACCOUNT_NUMBER.dkr.ecr.$AWS_REGION.amazonaws.com
- docker build -t $REPO .
- docker tag $REPO:latest $AWS_ACCOUNT_NUMBER.dkr.ecr.$AWS_REGION.amazonaws.com/$REPO:latest
- docker push $AWS_ACCOUNT_NUMBER.dkr.ecr.$AWS_REGION.amazonaws.com/$REPO:latest
In the configuration above:
Version:
- version:
1
specifies the version of the pipeline syntax used.
Pipelines:
- This section defines a list of pipelines. In this case, there's only one pipeline defined.
Pipeline Details:
- name: The name of the pipeline, my-python-application-pipeline:1.0.0.
- description: A brief description of what the pipeline does - building and pushing a Python Docker image to AWS ECR.
env:
- static: These are environment variables that are not sensitive. They include the Python version (PYTHON_VERSION=3.8), the AWS region (AWS_REGION=us-west-2), and the repository name (REPO=my-application).
- secrets: These are sensitive environment variables that should be securely stored. They include AWS access key, secret access key, and account number.
Events:
- This section defines the GitHub events that will trigger the pipeline. The pipeline is set to trigger on merged pull requests, newly opened pull requests, and synchronized pull requests in the specified repository.
Jobs:
- A job named python-docker-build-job is defined here.
- Job Details:
- description: Describes what the job does - building a Docker image for a Python application.
- packages: Specifies the packages needed for the job, which are Python 3 and Docker in this case.
steps:
- These are the commands executed by the job.
- pip install awscli: Installs the AWS Command Line Interface.
- The next command logs into AWS ECR using the AWS CLI.
docker build -t $REPO .
: Builds the Docker image and tags it with the repository name.docker tag $REPO:latest $AWS_ACCOUNT_NUMBER.dkr.ecr.$AWS_REGION.amazonaws.com/$REPO:latest
: Tags the Docker image for pushing to AWS ECR.docker push $AWS_ACCOUNT_NUMBER.dkr.ecr.$AWS_REGION.amazonaws.com/$REPO:latest
: Pushes the Docker image to AWS ECR.
The configuration file above automates the process of building, tagging, and deploying a Dockerized Python application to AWS ECR, triggered by specific events in a GitHub repository.
Conclusion
Integrating CTO.ai with AWS provides a scalable and efficient way to manage CI/CD pipelines. Using AWS with CTO.ai workflows, teams can automate their deployment processes, ensuring that new code changes are integrated and tested. Get started using CTO.ai workflows to ensure a scalable CI/CD process.