|
1 | | -## My Project |
| 1 | +# cdk-python-module-gitlab-pipeline |
| 2 | +A simple GitLab pipeline to package custom CDK Stacks & Constructs as Python modules |
2 | 3 |
|
3 | | -TODO: Fill this README out! |
| 4 | +## Overview |
| 5 | +The code sample shows how to create a python module from custom CDK stacks or constructs. |
| 6 | +A template for GitLab CI/CD is provided in a `gitlab-ci.yml` file to create a build pipeline. Python modules are published from GitLab to AWS CodeArtifact using [Twine](https://docs.gitlab.com/ee/user/packages/pypi_repository/#publish-a-pypi-package-by-using-twine). Developers can consume the modules in their projects by setting the PIP repository index to the CodeArtifact URL. |
| 7 | +Customers want a way to reuse stacks or constructs across projects. Packaging stacks as modules and storing them in CodeArtifact improves reusability, adoption best practices and speed up development. |
4 | 8 |
|
5 | | -Be sure to: |
| 9 | +## Pre-requisites |
| 10 | +Before using the code sample make sure to implement the following pre-requisites. |
6 | 11 |
|
7 | | -* Change the title in this README |
8 | | -* Edit your repository description on GitHub |
| 12 | +* Python: **Follow the [instructions](https://wiki.python.org/moin/BeginnersGuide/Download) for your operating system to install Python.** |
9 | 13 |
|
10 | | -## Security |
11 | 14 |
|
12 | | -See [CONTRIBUTING](CONTRIBUTING.md#security-issue-notifications) for more information. |
| 15 | +* Pip: **Follow the [instructions](https://pip.pypa.io/en/stable/cli/pip_install/) for your operating system to install Pip.** |
13 | 16 |
|
14 | | -## License |
| 17 | +## Clone this repository |
15 | 18 |
|
16 | | -This library is licensed under the MIT-0 License. See the LICENSE file. |
| 19 | +```bash |
| 20 | +git clone https://github.com/aws-samples/cdk-python-module-gitlab-pipeline |
| 21 | +``` |
| 22 | +### AWS Setup |
17 | 23 |
|
| 24 | +1. Install the AWS CLI |
| 25 | + |
| 26 | +Follow the instructions in the [official AWS documentation](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html) to install the CLI. |
| 27 | + |
| 28 | +2. Define the required environment variables |
| 29 | + |
| 30 | +The solution works with any AWS account. The account id is retrieved using `aws sts` and the value is assigned to an environment variable. Users should have the permissions to run `aws sts-get-caller-identity` commands from the CLI before executing the steps. |
| 31 | + |
| 32 | + |
| 33 | +```bash |
| 34 | +export AWS_ACCOUNT_ID="$(aws sts get-caller-identity --query Account --output text)" |
| 35 | +export PYTHON_MODULE_NAME=cdk-python-module |
| 36 | +export DOMAIN_PREFIX=mydomain |
| 37 | +export AWS_REGION=us-east-1 |
| 38 | +export CODE_ARTIFACT_DOMAIN=${DOMAIN_PREFIX}${AWS_ACCOUNT_ID} |
| 39 | +export CODE_ARTIFACT_REPO_NAME=${DOMAIN_PREFIX}${PYTHON_MODULE_NAME} |
| 40 | +export GITLAB_HOST=mygitlabhost.xyz.com |
| 41 | +export GITLAB_REPO_NAME=myuser/cdk-python-module |
| 42 | +``` |
| 43 | + |
| 44 | +**Notes:** |
| 45 | + |
| 46 | +* Replace the value of GITLAB_HOST with your self-hosted GitLab instance. You do not need to set that value if you are using gitlab.com |
| 47 | +* The GITLAB_REPO_NAME variable is in the format *<OWNER>/<NAMESPACE>/<REPO> ; replace the values before you run the steps. |
| 48 | +* In order to use the solution you will define the following environment variables. You can customize the DOMAIN_PREFIX, CODE_ARTIFACT_REPO_NAME, PYTHON_MODULE_NAME and AWS_REGION to meet the needs of your project. |
| 49 | + |
| 50 | +3. Create an AWS CodeArtifact repository on AWS |
| 51 | + |
| 52 | +[AWS CodeArtifact](https://docs.aws.amazon.com/codeartifact/index.html) is a secure, scalable, and cost-effective artifact management service for software development. |
| 53 | + |
| 54 | +In the next steps we will use the [AWS CLI](https://docs.aws.amazon.com/codeartifact/latest/ug/getting-started-cli.html) to create a python module repository in CodeArtifact. |
| 55 | + |
| 56 | +**Note:** *You should have the permissions to call `aws codeartifact` before performing the steps below. |
| 57 | + |
| 58 | + |
| 59 | +```bash |
| 60 | +aws codeartifact create-domain --domain ${CODE_ARTIFACT_DOMAIN} --region ${AWS_REGION} |
| 61 | +aws codeartifact create-repository --domain ${CODE_ARTIFACT_DOMAIN} --repository ${CODE_ARTIFACT_REPO_NAME} --description "sample repository for python cdk modules" --region ${AWS_REGION} |
| 62 | +``` |
| 63 | + |
| 64 | +4. Connect to AWS CodeArtifact |
| 65 | + |
| 66 | +Use the command below to [authenticate](https://docs.aws.amazon.com/codeartifact/latest/ug/connect-repo.html) with CodeArtifact. |
| 67 | + |
| 68 | +```bash |
| 69 | +aws codeartifact login --tool pip --repository ${CODE_ARTIFACT_REPO_NAME} --domain ${CODE_ARTIFACT_DOMAIN} --domain-owner ${AWS_ACCOUNT_ID} --region ${AWS_REGION} |
| 70 | +``` |
| 71 | +*Note:* The CodeArtifact authentication expires every 12 hours (default). You can move the step above to a GitLab workflow in case you want to automate the refresh of the token. |
| 72 | + |
| 73 | +6. Fetch AWS CodeArtifact authorization token |
| 74 | + |
| 75 | +The authorization token is required to interact with the repository. |
| 76 | + |
| 77 | +```bash |
| 78 | +export CODEARTIFACT_AUTH_TOKEN=`aws codeartifact get-authorization-token --domain ${CODE_ARTIFACT_DOMAIN} --domain-owner ${AWS_ACCOUNT_ID} --region ${AWS_REGION} --query authorizationToken --output text` |
| 79 | +``` |
| 80 | + |
| 81 | +### GitLab configuration |
| 82 | + |
| 83 | +1. Setup the GitLab CLI |
| 84 | + |
| 85 | +Install the [GitLab CLI](https://gitlab.com/gitlab-org/cli) version for your local workstation. See [official documentation](https://gitlab.com/gitlab-org/cli#installation): |
| 86 | + |
| 87 | +2. Run the following command to setup the GitLab host |
| 88 | + |
| 89 | +```bash |
| 90 | +glab auth login |
| 91 | +``` |
| 92 | + |
| 93 | +You will get prompted for the GitLab instance details you want to log into, the GitLab hostname, and the API hostname. After entering those details, create a personal access from GitLab (https://<GITLAB URL>/-/profile/personal_access_tokens) and paste to the configuration input. |
| 94 | +Set the default git protocol to `SSH` and host API protocol to `HTTPS`. |
| 95 | + |
| 96 | +3. Create a GitLab repository |
| 97 | + |
| 98 | +```bash |
| 99 | +glab repo create ${GITLAB_REPO_NAME} |
| 100 | +``` |
| 101 | + |
| 102 | + |
| 103 | + |
| 104 | + |
| 105 | +4. Create the environment variables required by Twine |
| 106 | + |
| 107 | +```bash |
| 108 | +glab variable set TWINE_PASSWORD --masked --value ${CODEARTIFACT_AUTH_TOKEN} --repo ${GITLAB_REPO_NAME} |
| 109 | +glab variable set TWINE_USERNAME --masked --value ${CODE_ARTIFACT_DOMAIN} --repo ${GITLAB_REPO_NAME} |
| 110 | +glab variable set AWS_ACCOUNT_ID --value ${AWS_ACCOUNT_ID} --repo ${GITLAB_REPO_NAME} |
| 111 | +glab variable set DOMAIN_PREFIX --value ${DOMAIN_PREFIX} --repo ${GITLAB_REPO_NAME} |
| 112 | +glab variable set CODE_ARTIFACT_DOMAIN --value ${CODE_ARTIFACT_DOMAIN} --repo ${GITLAB_REPO_NAME} |
| 113 | +glab variable set CODE_ARTIFACT_REPO_NAME --value ${CODE_ARTIFACT_REPO_NAME} --repo ${GITLAB_REPO_NAME} |
| 114 | +glab variable set AWS_REGION --value ${AWS_REGION} --repo ${GITLAB_REPO_NAME} |
| 115 | +glab variable set PYTHON_MODULE_NAME --value ${PYTHON_MODULE_NAME} --repo ${GITLAB_REPO_NAME} |
| 116 | +``` |
| 117 | + |
| 118 | +*Note:* Use `glab variable update` to set values for the variables if they already exist otherwise GitLab will return the error code 400 with message `<VARIABLE> has already been taken` |
| 119 | + |
| 120 | +5. Upload the sample code to the repository |
| 121 | + |
| 122 | +```bash |
| 123 | +cp -r ./* ./cdk-python-module-gitlab-pipeline |
| 124 | +cd ./cdk-python-module-gitlab-pipeline |
| 125 | +git add . |
| 126 | +git commit -am "initial skeleton for cdk python module pipeline" |
| 127 | +git push |
| 128 | +``` |
0 commit comments