search

aws / aws-cdk

The AWS Cloud Development Kit is a framework for defining cloud infrastructure in code
https://aws.amazon.com/cdk
Apache License 2.0
11.6k stars 3.9k forks source link

aws-cdk: Build a deployable artifact #23051

Open cortexcompiler opened 1 year ago

cortexcompiler commented 1 year ago

Describe the feature

As a developer I would like the ability to generate a deployable artifact with CDK so that I can "build once and deploy many" times.

Use Case

A mature CI/CD process can involve steps like (there are many variations, including feature flagging and canary deploys, but I will keep this simple/traditional):

Continuous Integration phase

  1. Run unit tests, stubbed integration tests, and static code analysis
  2. Build the code and IaC into a versioned deployable artifact
  3. Upload this artifact to some repository Continuous Deployment Phase
  4. Deploy the versioned artifact from the CI step to a dev "environment" (preferably a dev AWS account)
  5. Run some automated integration tests and perhaps relativistic performance tests etc.
  6. Either manually or automatically promote/deploy this versioned artifact to a "test" or "uat" environment
  7. Run more extensive automated and/or manual and/or exploratory tests
  8. Either manually or automatically deploy the versioned artifact to a "prod" environment

Without a deployable artifact we essentially need to package up most of the repository or just pull down a specific SHA or tag. Doing this and running a deploy step that includes building the artifact again has the potential to introduce variability, thus makes promoting to further environments more risky.

Proposed Solution

A cdk build capability that results in a self-contained deployable artifact that can be versioned and published to an artifact repository then later deployed while providing dynamic parameters to the deployment.

Perhaps cdk deploy can recognize the existence of an already built template/artifact and skip to the cloudformation deploy step.

Other Information

AWS SAM essentially has this, by doing the following:

  1. Run sam build
  2. Package/zip up .aws-sam/ along with a samconfig.toml. (** Note that the Functions can reference bundled code using the CodeUri property, without having it in account-specific S3 buckets)
  3. Unpacking these and running sam deploy --config-env <environment> will deploy the template and Lambda code

The samconfig.toml gives the ability to use environment-specific parameters, including some that come from environment-specific AWS accounts (like SSM parameters, secrets, etc.). These could include details like VPC Subnets and Security Groups for Lambdas.

Acknowledgements

CDK version used

2.51.1 (build 3d30cdb)

Environment details (OS name and version, etc.)

Various

peterwoodworth commented 1 year ago

Thanks for the suggestion! I think something like this would require an RFC, take a look in that repo to see if there's anything similar up, and if not feel free to open an issue there!