Skip to content

Umarsatti1/aws-codepipeline-ecs

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

23 Commits
.vscode
.vscode
 
 
src/main
src/main
 
 
target
target
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
buildspec.yml
buildspec.yml
 
 
pom.xml
pom.xml
 
 

Repository files navigation

AWS CICD Pipeline

This is a simple Spring Boot application that demonstrates a complete CI/CD pipeline using AWS services, Docker, and GitHub.

Tools and Services Used

  • GitHub
  • IAM (Identity and Access Management)
  • AWS CodeBuild
  • AWS CodePipeline
  • AWS CodeDeploy
  • Elastic Container Registry (ECR)
  • Elastic Container Service (ECS)
  • Elastic Load Balancer (ALB)
  • AWS Systems Manager Parameter Store

Run Spring Boot Application Locally

1. Package the App

mvn clean package

2. Run the App

java -jar target/spring-boot-app-0.0.1-SNAPSHOT.jar

3. Access Locally

http://localhost:8080

Project Repository

git clone https://github.com/Umarsatti1/simple-springboot-app.git

Step-by-Step Setup

Step 1: GitHub

  • Create a GitHub repository
  • Store Spring Boot application files

Step 2: Create an Elastic Container Registry (ECR)

  • Visibility: Private
  • Name Format: <account-id>.dkr.ecr.us-east-1.amazonaws.com/<REPO NAME>
  • Settings: Mutable, AES-256 Encryption
  • Leave other settings default

Step 3: Set Up AWS CodeBuild

buildspec.yml

version: 0.2
env:
  parameter-store:
    DOCKERHUB_USERNAME: "/app/docker/docker_username"
    DOCKERHUB_PASSWORD: "/app/docker/docker_password"
phases:
  install:
    runtime-versions:
      java: corretto17
  pre_build:
    commands:
      - echo "Building Spring Boot application..."
      - mvn clean package
      - echo "Logging in to Amazon ECR..."
      - aws ecr get-login-password --region $AWS_REGION | docker login --username AWS --password-stdin $AWS_ACCOUNT.dkr.ecr.$AWS_REGION.amazonaws.com
      - echo "Trying Docker Hub login (optional)..."
      - echo $DOCKERHUB_PASSWORD | docker login -u $DOCKERHUB_USERNAME --password-stdin || echo "Docker Hub login failed, continuing..."
  build:
    commands:
      - echo "Building Docker image..."
      - sed -i 's|FROM eclipse-temurin:17-jre-alpine|FROM public.ecr.aws/docker/library/eclipse-temurin:17-jre-alpine|g' Dockerfile || echo "No change needed"
      - docker build -t $ECR_REPO_NAME:latest .
      - docker tag $ECR_REPO_NAME:latest $AWS_ACCOUNT.dkr.ecr.$AWS_REGION.amazonaws.com/$ECR_REPO_NAME:latest
  post_build:
    commands:
      - echo "Pushing Docker image..."
      - docker push $AWS_ACCOUNT.dkr.ecr.$AWS_REGION.amazonaws.com/$ECR_REPO_NAME:latest
      - echo "Creating image definition file..."
      - echo '[{"name":"springboot-app-container","imageUri":"'$AWS_ACCOUNT.dkr.ecr.$AWS_REGION.amazonaws.com/$ECR_REPO_NAME:latest'"}]' > imageDefinitions.json
artifacts:
  files:
    - imageDefinitions.json
    - appspec.yml
    - taskdef.json
    - '**/*'
  discard-paths: no

Note: Enable CloudWatch Logs

Step 4: IAM Role for CodeBuild

Inline Policy

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "ecr:GetAuthorizationToken",
        "ecr:BatchCheckLayerAvailability",
        "ecr:PutImage",
        "ecr:InitiateLayerUpload",
        "ecr:UploadLayerPart",
        "ecr:CompleteLayerUpload"
      ],
      "Resource": "*"
    }
  ]
}

Attach:

  • AmazonS3FullAccess
  • AmazonSSMFullAccess

Step 5: Build and Verify

  • Trigger the build in CodeBuild
  • Check the Docker image in ECR

Step 6: Create AWS CodePipeline

  • Build a custom pipeline
  • Execution mode: Queued
  • Skip Deploy stage for now
  • Complete: Source, Build, Test
  • Review and create

Step 7: Store DockerHub Credentials in Systems Manager Parameter Store

  • /app/docker/docker_username → DockerHub Username
  • /app/docker/docker_password → DockerHub Password

Step 8: IAM Role for CodeBuild

Ensure it has:

  • AmazonS3FullAccess
  • AmazonSSMFullAccess

Step 9: IAM Role for CodePipeline

Create and attach necessary policies that allow CodePipeline to:

  • Pull from GitHub
  • Interact with CodeBuild, ECS, ECR, and CodeDeploy

Step 10: Create Application Load Balancer (ALB)

  • VPC: Default
  • Subnets: All
  • Security Group: Allow HTTP (Port 80) & Port 8080
  • Listener: Port 80

Target Group

  • Port: 8080
  • Protocol: HTTP
  • Select during Load Balancer setup

Step 11: Configure ECS (Elastic Container Service)

  • Create Cluster → Type: AWS Fargate
  • Create Task Definition
    • Container port: 8080
    • Platform: Fargate

Service Configuration

  • Launch Type: Fargate
  • Service Type: Replica (2 desired tasks)
  • Deployment: Rolling Update
  • Load Balancer: Select the ALB & target group created earlier
  • VPC/Subnets/Security Group: same as ALB

Access your app via the ALB DNS (example):

http://simple-springboot-app-alb-1193977350.us-east-1.elb.amazonaws.com/

Step 12: Set Up CodeDeploy in CodePipeline

  • Add Deploy stage
  • Action Provider: Amazon ECS
  • Input Artifacts: BuildArtifact
  • Cluster: springboot-app
  • Service: codepipeline-service
  • Image Definitions File: imageDefinitions.json

Step 13: Test CI/CD Pipeline

  • Make a change to your app
  • Commit & push to GitHub
  • Confirm pipeline runs automatically
  • Validate via ALB that the update deployed successfully

Final Checklist

  • ECS Service is running 2 tasks
  • Target Groups are healthy
  • ALB is routing correctly
  • CodePipeline deploys on Git push
  • Docker image pushed to ECR

About

AWS CodePipeline Project - Using ECS, ECR, Docker, Spring Boot App, and Load Balancer

Topics

docker cicd aws-codebuild aws-codepipeline aws-codedeploy ecr-registry ecs-fargate aws-application-load-balancer

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages