Scope #
The goal for this project is to create, manage and publish content using git as an origin. By creating and pushing markdown content though git codepipeline gets triggered and generates html which is put into a bucket. To establish collaboration the bucket is configured to publish the content asi a static website. The cloud repositories needed to make this work resources needed can be checked within the CodeBuild output.
Structure #
The cms Infrastructure as Code is build from 3 CloudFormation Templates organized as a master stack with two nested stacks for no particular reason. The stack builds a CodePipeline that utilizes CodeCommit in order to trigger CodeBuild. CodeBuild takes the markdown documents from CodeCommit and converts those to HTML by utilizing the Hugo framework. The HTML is put into a publicly available s3 web bucket. While buckets do not support encryption in flight a Cloudfront distribution has been placed in front for SSL support. The site content can be accessed by pointin the browser to https://cms.elft.net. The apex (elft.net) can not be added while AWS needs names to resolve redundantly and the apex can not de added as a CNAME at a third party DNS provider. The domain is not moved to AWS Route53 to prevent provider lock-in. In a later stage of this project we might go multi-cloud.
Building #
There are two CodeCommit repositories called cms-code and cms-data:
- The ISaC repo (CloudFormation Templates). The repo is called cms-code
- The Site Content (Pipeline will update site when Code is Commited). The repo is called cms-data
The repositories reside within AWS CodeCommit and are not publicly accessible! The setup is completely serverless using CloudFormation, CodeCommit, CodePipeLine and S3 as AWS services to build and expose.
CodeBuild log #
The output of CodeBuild
Notes #
- Initially got all kinds of weird XML errors, site only got partially loaded. Changed the build script to install the same Hugo version as used on workstation AND needed to install the extended hugo version from github (was default for the workstation repo).
- Don’t use apex for hosting the site content when the domain is not managed by AWS Route53. Things will bark while implmenting SSL, even a relay won’t work (cms.elft.net -> elft.net).
- Don’t forget to remove the the qualification (elft.net.) from the CNAME entry while adding the record for certificate validation to the tp DNS. Else no errors, no validation, a lot of time wasted (validation keeps pending).
Todo #
- Change architecture drawing to match architecture.
- Makefile should be changed to work for update. Tried to implement that but now it barks at me about the CloudFormation changeset can not being found. Manually implemented the subdomain bucket and CloudFront for now. Already got this properly implemented for another project but unsure which one.