Adding codedeploy deployment configs and groups

[swhite-oreilly]

This PR includes two new modules for AWS CodeDeploy.

Testing

CodeDeploy resources were created using the setup code mentioned below, and then AWS Nuke was used to clean these resources up, specifying :
"CodeDeployDeploymentConfig"
"CodeDeployDeploymentGroup"
"CodeDeployApplication" (Support already existing)

Setup code

#!/bin/bash
set -ex

# Generate a random string
SHORT_RANDOM_STRING=$(openssl rand -hex 10)

# Get AWS username
USERNAME=$(aws sts get-caller-identity --query "Arn" --output text | cut -d/ -f2)
echo "Username: $USERNAME"

# Get AWS account ID
AWS_ACCOUNT_ID=$(aws sts get-caller-identity --query "Account" --output text)
echo "AWS Account ID: $AWS_ACCOUNT_ID"

# Generate a random number
RANDOMNUM=$(cat /dev/urandom | LANG=c tr -dc '0-9' | head -c 12)
echo "Random number: $RANDOMNUM"

# https://docs.aws.amazon.com/codepipeline/latest/userguide/pipelines-create-service-role-cli.html
echo "create a service role for codedeploy and codepipeline"
cat <<EOF > $USERNAME-trust-policy.json
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "Service": [
                    "codedeploy.amazonaws.com",
                    "codepipeline.amazonaws.com"
                ]
            },
            "Action": "sts:AssumeRole"
        }
    ]
}
EOF

cat <<EOF > $USERNAME-role-policy.json 
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "iam:PassRole"
      ],
      "Resource": "*"
    },
    {
      "Effect": "Allow",
      "Action": [
        "elasticbeanstalk:*",
        "ec2:*",
        "elasticloadbalancing:*",
        "autoscaling:*",
        "cloudwatch:*",
        "s3:*",
        "sns:*",
        "cloudformation:*",
        "rds:*",
        "sqs:*",
        "ecs:*",
        "codecommit:*",
        "codedeploy:*",
        "codebuild:*",
        "devicefarm:*",
        "lambda:*"
      ],
      "Resource": "*"
    }
  ]
}
EOF

# Create an IAM role for CodeDeploy and CodePipeline to use
aws iam create-role \
    --role-name MyRole-$SHORT_RANDOM_STRING \
    --assume-role-policy-document file://$USERNAME-trust-policy.json \
    --no-cli-pager

# Attach the IAM role policy to the IAM role
aws iam put-role-policy \
    --role-name MyRole-$SHORT_RANDOM_STRING \
    --policy-name RolePolicy \
    --policy-document file://$USERNAME-role-policy.json \
    --no-cli-pager

# Get the ARN of the IAM role
role_arn=$(aws iam get-role \
    --role-name MyRole-$SHORT_RANDOM_STRING \
    --query Role.Arn \
    --no-cli-pager)

# attach additional policies to the service role
aws iam attach-role-policy --role-name MyRole-$SHORT_RANDOM_STRING --policy-arn arn:aws:iam::aws:policy/AmazonS3FullAccess
aws iam attach-role-policy --role-name MyRole-$SHORT_RANDOM_STRING --policy-arn arn:aws:iam::aws:policy/AmazonEC2FullAccess

# Wait for 5 seconds for policy updates to propagate
sleep 5

# create source code 
mkdir -p src/main/java
mkdir -p src/test/java

cat <<EOF >./src/main/java/MessageUtil.java
public class MessageUtil {
  private String message;

  public MessageUtil(String message) {
    this.message = message;
  }

  public String printMessage() {
    System.out.println(message);
    return message;
  }

  public String salutationMessage() {
    message = "Hi!" + message;
    System.out.println(message);
    return message;
  }
}
EOF

cat <<EOF >./src/test/java/TestMessageUtil.java
import org.junit.Test;
import org.junit.Ignore;
import static org.junit.Assert.assertEquals;

public class TestMessageUtil {

  String message = "Robert";    
  MessageUtil messageUtil = new MessageUtil(message);
   
  @Test
  public void testPrintMessage() {      
    System.out.println("Inside testPrintMessage()");     
    assertEquals(message,messageUtil.printMessage());
  }

  @Test
  public void testSalutationMessage() {
    System.out.println("Inside testSalutationMessage()");
    message = "Hi!" + "Robert";
    assertEquals(message,messageUtil.salutationMessage());
  }
}
EOF

cat <<EOF >pom.xml
<project xmlns="http://maven.apache.org/POM/4.0.0" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
  <modelVersion>4.0.0</modelVersion>
  <groupId>org.example</groupId>
  <artifactId>messageUtil</artifactId>
  <version>1.0</version>
  <packaging>jar</packaging>
  <name>Message Utility Java Sample App</name>
  <dependencies>
    <dependency>
      <groupId>junit</groupId>
      <artifactId>junit</artifactId>
      <version>4.11</version>
      <scope>test</scope>
    </dependency>	
  </dependencies>
  <build>
    <plugins>
      <plugin>
        <groupId>org.apache.maven.plugins</groupId>
        <artifactId>maven-compiler-plugin</artifactId>
        <version>3.8.0</version>
      </plugin>
    </plugins>
  </build>
</project>
EOF

# create the buildspec file
cat <<EOF >buildspec.yml
version: 0.2

phases:
  install:
    runtime-versions:
      java: corretto11
  pre_build:
    commands:
      - echo Nothing to do in the pre_build phase...
  build:
    commands:
      - echo Build started on `date`
      - mvn install
  post_build:
    commands:
      - echo Build completed on `date`
artifacts:
  files:
    - target/messageUtil-1.0.jar
EOF

# create two S3 buckets
aws s3api create-bucket --bucket codedeploy-$RANDOMNUM-input --no-cli-pager

# Create a zip file of the source code
zip -r  MessageUtil.zip ./src/* pom.xml buildspec.yml

# Upload the source code to the S3 bucket
aws s3 cp MessageUtil.zip s3://codedeploy-$RANDOMNUM-input

# bucket versioning is required to use codedeploy
aws s3api put-bucket-versioning \
    --bucket codedeploy-$RANDOMNUM-input \
    --versioning-configuration Status=Enabled \
    --no-cli-pager

# # Create an AWS CodeDeploy application
aws deploy create-application --application-name "CodeDeployDemoApplication-$SHORT_RANDOM_STRING"
# List applications
aws deploy list-applications
# Create an autoscaling group for use with CodeDeploy deployment group
LAUNCH_CONFIG_NAME="ASG-launch-config-$SHORT_RANDOM_STRING"
KEY_PAIR_NAME="ASG-key-pair-$SHORT_RANDOM_STRING"
aws ec2 create-key-pair --key-name=$KEY_PAIR_NAME --output text

echo "Creating launch group: $LAUNCH_CONFIG_NAME"
aws autoscaling create-launch-configuration \
    --launch-configuration-name $LAUNCH_CONFIG_NAME \
    --image-id 'ami-0cd7323ab3e63805f' \
    --instance-type 't2.micro' \
    --key-name $KEY_PAIR_NAME \
    --security-groups $SEC_GROUP_ID
echo "Launch group created: $LAUNCH_CONFIG_NAME"

# create autoscaling group 
AUTOSCALING_GROUP_NAME='ASG-auto-scaling-group'
echo 'Testing autoscaling group creation'
aws autoscaling create-auto-scaling-group \
    --auto-scaling-group-name $AUTOSCALING_GROUP_NAME-$SHORT_RANDOM_STRING \
    --launch-configuration-name $LAUNCH_CONFIG_NAME \
    --min-size 1 \
    --max-size 3 \
    --availability-zones 'us-east-1a'

# Create an AWS CodeDeploy deployment group
aws deploy create-deployment-group \
    --application-name CodeDeployDemoApplication-$SHORT_RANDOM_STRING \
    --auto-scaling-groups $AUTOSCALING_GROUP_NAME-$SHORT_RANDOM_STRING \
    --deployment-config-name CodeDeployDefault.OneAtATime \
    --deployment-group-name CodeDeployDemo_DG \
    --ec2-tag-filters Key=Name,Value=CodeDeployDemo,Type=KEY_AND_VALUE \
    --service-role-arn arn:aws:iam::$AWS_ACCOUNT_ID:role/MyRole-$SHORT_RANDOM_STRING

# List deployment groups
aws deploy list-deployment-groups --application-name CodeDeployDemoApplication-20fdbddbb85b101b5943
# Create a deployment in AWS CodeDeploy
aws deploy create-deployment \
    --application-name "CodeDeployDemoApplication-$SHORT_RANDOM_STRING" \
    --deployment-group-name "CodeDeployDemo_DG" \
    --s3-location "bucket=codedeploy-$RANDOMNUM-input,key=MessageUtil.zip,bundleType=zip"

# List deployments
aws deploy list-deployments

# Create a deployment config in AWS CodeDeploy
aws deploy create-deployment-config \
    --deployment-config-name ThreeQuartersHealthy \
    --minimum-healthy-hosts type=FLEET_PERCENT,value=75

# List deployment configs
aws deploy list-deployment-configs

echo "cleaning up files"
rm $USERNAME-trust-policy.json
rm $USERNAME-role-policy.json
rm MessageUtil.zip
rm buildspec.yml
rm pom.xml
rm -rf src
rm -rf sample_source_code

[ekristen]

@swhite-oreilly this is being implemented via ekristen/aws-nuke#354

---

Please see the copy of the notice from the README about the deprecation of this project. Sven was kind enough to grant me access to help triage and close issues and pull requests that have already been addressed in the actively maintained fork. Some additional information is located in the welcome issue for more information.

Caution

This repository for aws-nuke is no longer being actively maintained. We recommend users to switch to the actively maintained fork of this project at ekristen/aws-nuke.
We appreciate all the support and contributions we've received throughout the life of this project. We believe that the fork will continue to provide the functionality and support that you have come to expect from aws-nuke.
Please note that this deprecation means we will not be addressing issues, accepting pull requests, or making future releases from this repository.
Thank you for your understanding and support.