This project demonstrates a serverless CI/CD pipeline using GitHub Actions to automate AWS Lambda deployments and validate CloudFormation templates.
- Automatically Deploying Lambda Functions
- Automating CloudFormation Validation for Pull Requests
Both workflows are designed to enhance DevOps practices by ensuring that infrastructure changes are consistently deployed and validated before merging.
-
Lambda Deployment Pipeline:
- Triggers on pushes to main branch when lambda code changes
- Packages code into zip file
- Updates existing Lambda function via AWS CLI
-
CloudFormation Validation Pipeline:
- Triggers on PR events involving CloudFormation templates
- Creates temporary test stacks
- Comments on PR with results
- Automatically cleans up test resources
- Reduces deployment errors with automated validation
- Speeds up development cycle with automatic deployments
- Improves code quality through infrastructure testing before merge
- Eliminates manual AWS console work
This repository features two distinct GitHub Actions workflows:
This workflow triggers on push events to the main branch. When changes are detected in the lambda/ directory, it automatically deploys the updated Lambda function to AWS. This ensures that any code changes to the Lambda function are consistently deployed without manual intervention.
Key features:
- Automated deployments on code push to the main branch.
- AWS credentials management via GitHub Secrets.
- Error handling to prevent further steps if deployment fails.
This workflow triggers on pull request events and handles the following tasks:
- Validates CloudFormation templates when a PR is opened or updated.
- Deploys a test CloudFormation stack to AWS for validation.
- Comments on the pull request with deployment status and details.
- Cleans up (deletes) the test stack when the PR is merged.
Key features:
- Ensures infrastructure changes are validated before merging.
- Automatically removes test stacks after merging.
- Supports multiple PR event types, including
opened,updated,reopened, andclosed.
This project uses the following tools and frameworks:
You need the following tools installed:
-
AWS CLI Install the AWS Command Line Interface by following the AWS CLI Installation Guide.
-
GitHub CLI (optional) Install GitHub CLI if you want to manage PRs from the command line:
brew install gh
-
Basic Git and GitHub Knowledge Ensure you have a basic understanding of Git version control and GitHub repositories.
-
Clone the Repository:
git clone https://github.com/simoncheam/lambda-cicd.git cd lambda-cicd -
Set Up AWS Credentials: Use the AWS CLI to configure your credentials locally:
aws configure
-
Push to GitHub and Create a PR: Push your changes to a branch and open a pull request:
git checkout -b feature/add-new-cloudformation-template git push origin feature/add-new-cloudformation-template
-
Review Workflow Execution: Go to the Actions tab in your GitHub repository to monitor workflow execution.
-
Set Up AWS Credentials Add AWS credentials as GitHub Secrets to securely authenticate deployments:
AWS_ACCESS_KEY_IDAWS_SECRET_ACCESS_KEY
-
Create a Push Workflow Add the following workflow file in
.github/workflows/lambda.yml:name: Deploy AWS Lambda on: push: branches: - main paths: - 'lambda/**' jobs: deploy-lambda: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - name: Set Up Python uses: actions/setup-python@v2 with: python-version: '3.11' - name: Install Dependencies run: | python -m pip install --upgrade pip pip install -r lambda/requirements.txt -t lambda/ - name: Configure AWS Creds uses: aws-actions/configure-aws-credentials@v2 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: us-east-1 - name: Deploy Lambda Function run: | cd lambda/ zip -r lambda.zip . aws lambda update-function-code --function-name my-test-cicd-lambda --zip-file fileb://lambda.zip
-
Trigger the Workflow Push changes to the
lambda/directory on themainbranch. The workflow will automatically deploy the updated Lambda function. -
Verify the Deployment Check the AWS Lambda Console to verify that the function was updated.
-
Create a CloudFormation Template Add the following CloudFormation template in
cloudformation/s3-bucket.yml:AWSTemplateFormatVersion: '2010-09-09' Description: 'S3 Bucket for our CICD PR' Parameters: Environment: Type: String Default: test AllowedValues: - test - staging - production Resources: MyS3Bucket: Type: AWS::S3::Bucket Properties: BucketName: !Sub '${AWS::StackName}-${Environment}-bucket-v2' Tags: - Key: Environment Value: !Ref Environment - Key: Environment Value: GithubActions-CFN-Validation-Logic
-
Create a PR Workflow Add the following workflow file in
.github/workflows/cfn-validate-pr.yml:name: Validate CloudFormation on PR on: pull_request: paths: - 'cloudformation/**' jobs: validate-cfn: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: us-east-1 - name: Validate CloudFormation template run: | aws cloudformation validate-template --template-body file://cloudformation/s3-bucket.yml
Contributions are welcome! Follow these steps to contribute:
- Fork the repository
- Create a feature branch (
git checkout -b feature/new-feature) - Commit your changes (
git commit -m 'Add new feature') - Push to your branch (
git push origin feature/new-feature) - Open a pull request
Distributed under the MIT License. See LICENSE for more information.
Simon Cheam – LinkedIn Project Link: https://github.com/simoncheam/lambda-cicd