个人中心
文章发布
退出
作者热门文章
- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
24
4
我们使用 Gitlab.com 作为我们的中央 GIT 存储库。同样,要将应用程序部署到 AWS Elastic Beanstalk,需要使用 git aws.push 进行推送,它会在后台向 Amazon 执行正常的 git 推送。我想要一种推送到 gitlab 的方法,然后 Gitlab 推送到 Elastic Beanstalk。我了解 git 别名,使用它我可以使用一个命令执行 git push 和 git aws.push,但是,我想要的是仅推送到 gitlab 以及从 gitlab 推送到 AWS。
我在想Gitlab Web Hooks ,也许有些人已经将其翻译为 PHP 或某种服务器语言来实现 Web Hook?或从 Gitlab 部署到 AWS Elastic Beanstalk 的任何其他解决方案。
Power Shell 中有代码,由 git aws.push 使用 git 推送到 Elastic Beanstalk:
$awsSource = @"
using System;
using System.Globalization;
using System.Text;
using System.Security.Cryptography;
namespace Amazon.DevTools
{
public class AWSUser
{
public string AccessKey
{
get;
set;
}
public string SecretKey
{
get;
set;
}
protected internal void Validate()
{
if (string.IsNullOrEmpty(this.AccessKey))
{
throw new InvalidOperationException("[AccessKey]");
}
if (string.IsNullOrEmpty(this.SecretKey))
{
throw new InvalidOperationException("[SecretKey]");
}
}
}
}
namespace Amazon.DevTools
{
public abstract class AWSDevToolsRequest
{
protected const string METHOD = "GIT";
protected const string SERVICE = "devtools";
DateTime dateTime;
public AWSDevToolsRequest()
: this(DateTime.UtcNow)
{
}
public AWSDevToolsRequest(DateTime dateTime)
{
if (dateTime == null)
{
throw new ArgumentNullException("dateTime");
}
this.dateTime = dateTime.ToUniversalTime();
}
public string DateStamp
{
get
{
return this.dateTime.ToString("yyyyMMdd", CultureInfo.InvariantCulture);
}
}
public string DateTimeStamp
{
get
{
return this.dateTime.ToString("yyyyMMddTHHmmss", CultureInfo.InvariantCulture);
}
}
public abstract string DerivePath();
protected internal abstract string DeriveRequest();
public string Host
{
get;
set;
}
public string Region
{
get;
set;
}
public string Service
{
get
{
return AWSDevToolsRequest.SERVICE;
}
}
protected internal virtual void Validate()
{
if (string.IsNullOrEmpty(this.Host))
{
throw new InvalidOperationException("[Host]");
}
if (string.IsNullOrEmpty(this.Region))
{
throw new InvalidOperationException("[Region]");
}
}
}
}
namespace Amazon.DevTools
{
public class AWSElasticBeanstalkRequest : AWSDevToolsRequest
{
public AWSElasticBeanstalkRequest()
: base()
{
}
public AWSElasticBeanstalkRequest(DateTime dateTime)
: base(dateTime)
{
}
public string Application
{
get;
set;
}
public override string DerivePath()
{
this.Validate();
string path = null;
if (string.IsNullOrEmpty(this.Environment))
{
path = string.Format("/v1/repos/{0}/commitid/{1}"
, this.Encode(this.Application)
, this.Encode(this.CommitId));
}
else
{
path = string.Format("/v1/repos/{0}/commitid/{1}/environment/{2}"
, this.Encode(this.Application)
, this.Encode(this.CommitId)
, this.Encode(this.Environment));
}
return path;
}
protected internal override string DeriveRequest()
{
this.Validate();
string path = this.DerivePath();
string request = string.Format("{0}\n{1}\n\nhost:{2}\n\nhost\n", AWSDevToolsRequest.METHOD, path, this.Host);
return request;
}
public string Environment
{
get;
set;
}
public string CommitId
{
get;
set;
}
protected internal override void Validate()
{
base.Validate();
if (string.IsNullOrEmpty(this.Application))
{
throw new InvalidOperationException("[Application]");
}
if (string.IsNullOrEmpty(this.Host))
{
throw new InvalidOperationException("[Host]");
}
}
protected internal string Encode(string plaintext)
{
StringBuilder sb = new StringBuilder();
foreach (byte b in new UTF8Encoding().GetBytes(plaintext))
{
sb.Append(b.ToString("x2", CultureInfo.InvariantCulture));
}
return sb.ToString();
}
}
}
namespace Amazon.DevTools
{
public class AWSDevToolsAuth
{
const string AWS_ALGORITHM = "HMAC-SHA256";
const string HASH_ALGORITHM = "SHA-256";
const string HMAC_ALGORITHM = "HMACSHA256";
const string SCHEME = "AWS4";
const string TERMINATOR = "aws4_request";
AWSUser user;
AWSDevToolsRequest request;
public AWSDevToolsAuth(AWSUser user, AWSDevToolsRequest request)
{
this.user = user;
this.request = request;
}
static byte[] DeriveKey(AWSUser user, AWSDevToolsRequest request)
{
string secret = string.Format("{0}{1}", AWSDevToolsAuth.SCHEME, user.SecretKey);
byte[] kSecret = Encoding.UTF8.GetBytes(secret);
byte[] kDate = AWSDevToolsAuth.Hash(AWSDevToolsAuth.HMAC_ALGORITHM, kSecret, Encoding.UTF8.GetBytes(request.DateStamp));
byte[] kRegion = AWSDevToolsAuth.Hash(AWSDevToolsAuth.HMAC_ALGORITHM, kDate, Encoding.UTF8.GetBytes(request.Region));
byte[] kService = AWSDevToolsAuth.Hash(AWSDevToolsAuth.HMAC_ALGORITHM, kRegion, Encoding.UTF8.GetBytes(request.Service));
byte[] key = AWSDevToolsAuth.Hash(AWSDevToolsAuth.HMAC_ALGORITHM, kService, Encoding.UTF8.GetBytes(AWSDevToolsAuth.TERMINATOR));
return key;
}
public string DerivePassword()
{
this.user.Validate();
this.request.Validate();
string signature = AWSDevToolsAuth.SignRequest(this.user, this.request);
string password = string.Format("{0}Z{1}", this.request.DateTimeStamp, signature);
return password;
}
public Uri DeriveRemote()
{
this.request.Validate();
string path = this.request.DerivePath();
string password = this.DerivePassword();
string username = this.DeriveUserName();
UriBuilder remote = new UriBuilder()
{
Host = this.request.Host,
Path = path,
Password = password,
Scheme = "https",
UserName = username,
};
return remote.Uri;
}
public string DeriveUserName()
{
this.user.Validate();
return this.user.AccessKey;
}
static byte[] Hash(string algorithm, byte[] message)
{
HashAlgorithm hash = HashAlgorithm.Create(algorithm);
byte[] digest = hash.ComputeHash(message);
return digest;
}
static byte[] Hash(string algorithm, byte[] key, byte[] message)
{
KeyedHashAlgorithm hash = KeyedHashAlgorithm.Create(algorithm);
hash.Key = key;
byte[] digest = hash.ComputeHash(message);
return digest;
}
static string SignRequest(AWSUser user, AWSDevToolsRequest request)
{
string scope = string.Format("{0}/{1}/{2}/{3}", request.DateStamp, request.Region, request.Service, AWSDevToolsAuth.TERMINATOR);
StringBuilder stringToSign = new StringBuilder();
stringToSign.AppendFormat("{0}-{1}\n{2}\n{3}\n", AWSDevToolsAuth.SCHEME, AWSDevToolsAuth.AWS_ALGORITHM, request.DateTimeStamp, scope);
byte[] requestBytes = Encoding.UTF8.GetBytes(request.DeriveRequest());
byte[] requestDigest = AWSDevToolsAuth.Hash(AWSDevToolsAuth.HASH_ALGORITHM, requestBytes);
stringToSign.Append(AWSDevToolsAuth.ToHex(requestDigest));
byte[] key = AWSDevToolsAuth.DeriveKey(user, request);
byte[] digest = AWSDevToolsAuth.Hash(AWSDevToolsAuth.HMAC_ALGORITHM, key, Encoding.UTF8.GetBytes(stringToSign.ToString()));
string signature = AWSDevToolsAuth.ToHex(digest);
return signature;
}
static string ToHex(byte[] data)
{
StringBuilder hex = new StringBuilder();
foreach (byte b in data)
{
hex.Append(b.ToString("x2", CultureInfo.InvariantCulture));
}
return hex.ToString();
}
}
}
"@
Add-Type -Language CSharpVersion3 -TypeDefinition $awsSource
# -*-powershell-*-
#
# Sets the AWS.push configuration values
#
# Will read values from the pipeline input if none are present the values are read from the console input instead.
#
function Edit-AWSElasticBeanstalkRemote
{
$data=@($input)
$used=0
$config = Read-Config $False $True
$awsAccessKey = Lookup-Setting $config "global" "AWSAccessKeyId" ("cred","git")
if (!$awsAccessKey -and (ShouldWrite-Credentials $config $false))
{
$awsAccessKeyInput = ($data[$used++] | Input-Data "AWS Access Key")
}
if ($awsAccessKeyInput)
{
$config = Write-Setting $config "cred" "global" "AWSAccessKeyId" $awsAccessKeyInput
}
$awsSecretKey = Lookup-Setting $config "global" "AWSSecretKey" ("cred","git")
if (!$awsSecretKey -and (ShouldWrite-Credentials $config $false))
{
$awsSecretKeyInput = ($data[$used++] | Input-Data "AWS Secret Key")
}
if ($awsSecretKeyInput)
{
$config = Write-Setting $config "cred" "global" "AWSSecretKey" $awsSecretKeyInput
}
$awsRegion = Lookup-Setting $config "global" "Region" ("eb","git")
if (-not $awsRegion)
{
$awsRegion = "us-east-1"
$config = Write-Setting $config "eb" "global" "Region" $awsRegion
}
$awsRegionInput = ($data[$used++] | Input-Data "AWS Region [default to $($awsRegion)]")
if ($awsRegionInput)
{
$awsRegion = $awsRegionInput
$config = Write-Setting $config "eb" "global" "Region" $awsRegionInput
}
$awsHost = Get-Endpoint $awsRegion
if ($awsHost)
{
$config = Write-Setting $config "eb" "global" "DevToolsEndpoint" $awsHost
}
else
{
$awsHostInput = ($data[$used++] | Input-Data "AWS Host [default to git.elasticbeanstalk.us-east-1.amazonaws.com]")
if ($awsHostInput)
{
$config = Write-Setting $config "eb" "global" "DevToolsEndpoint" $awsHostInput
}
else
{
$config = Write-Setting $config "eb" "global" "DevToolsEndpoint" "git.elasticbeanstalk.us-east-1.amazonaws.com"
}
}
$awsApplication = Lookup-Setting $config "global" "ApplicationName" ("eb","git")
if ($awsApplication)
{
$awsApplicationInput = ($data[$used++] | Input-Data "AWS Elastic Beanstalk Application [default to $($awsApplication)]")
}
else
{
$awsApplicationInput = ($data[$used++] | Input-Data "AWS Elastic Beanstalk Application")
}
if ($awsApplicationInput)
{
$config = Write-Setting $config "eb" "global" "ApplicationName" $awsApplicationInput
}
$awsEnvironment = Lookup-Setting $config "global" "EnvironmentName" ("eb","git")
if ($awsEnvironment)
{
$awsEnvironmentInput = ($data[$used++] | Input-Data "AWS Elastic Beanstalk Environment [default to $($awsEnvironment)]")
}
else
{
$awsEnvironmentInput = ($data[$used++] | Input-Data "AWS Elastic Beanstalk Environment")
}
if ($awsEnvironmentInput)
{
$config = Write-Setting $config "eb" "global" "EnvironmentName" $awsEnvironmentInput
}
Write-Config $config
}
#
# Looks up the endpoint for a region
#
# @params $region
# @return The endpoint
#
function Get-Endpoint
{
Param($region)
switch ($region)
{
"us-east-1" { $endpoint = "git.elasticbeanstalk.us-east-1.amazonaws.com" }
"ap-northeast-1" { $endpoint = "git.elasticbeanstalk.ap-northeast-1.amazonaws.com" }
"ap-southeast-1" { $endpoint = "git.elasticbeanstalk.ap-southeast-1.amazonaws.com" }
"ap-southeast-2" { $endpoint = "git.elasticbeanstalk.ap-southeast-2.amazonaws.com" }
"eu-west-1" { $endpoint = "git.elasticbeanstalk.eu-west-1.amazonaws.com" }
"sa-east-1" { $endpoint = "git.elasticbeanstalk.sa-east-1.amazonaws.com" }
"us-west-1" { $endpoint = "git.elasticbeanstalk.us-west-1.amazonaws.com" }
"us-west-2" { $endpoint = "git.elasticbeanstalk.us-west-2.amazonaws.com" }
}
$endpoint
}
#
# Gets the remote URL used for AWS.push
#
# @param $e environment that is deployed too.
# @param $c commit to deploy
# @return The URL
#
function Get-AWSElasticBeanstalkRemote
{
Param([string] $e,
[string] $c,
[bool] $toPush = $FALSE )
trap [System.Management.Automation.MethodInvocationException]
{
if ($_.Exception -and $_.Exception.InnerException)
{
$awsOption = $_.Exception.InnerException.Message
switch ($awsOption)
{
"[AccessKey]" { $awsOption = "aws.accesskey" }
"[Application]" { $awsOption = "aws.elasticbeanstalk.application" }
"[Host]" { $awsOption = "aws.elasticbeanstalk.host" }
"[Region]" { $awsOption = "aws.region" }
"[SecretKey]" { $awsOption = "aws.secretkey" }
}
Write-Host "Missing configuration setting for: $($awsOption)"
}
else
{
Write-Host "An unknown error occurred while computing your temporary password."
}
Write-Host "`nTry running 'git aws.config' to update your repository configuration."
Exit
}
$config = Read-Config
$awsAccessKey = Lookup-Setting $config "global" "AWSAccessKeyId" ("cred","git")
$awsSecretKey = Lookup-Setting $config "global" "AWSSecretKey" ("cred","git")
$awsRegion = Lookup-Setting $config "global" "Region" ("eb","git")
$awsHost = Lookup-Setting $config "global" "DevToolsEndpoint" ("eb","git")
$awsApplication = Lookup-Setting $config "global" "ApplicationName" ("eb","git")
if ($e)
{
$awsEnvironment = $e
}
else
{
$branchName = &git rev-parse --abbrev-ref HEAD
$defaultEnv = Lookup-Setting $config "branches" $branchName ("eb")
if ($defaultEnv)
{
$awsEnvironment = $defaultEnv
}
else
{
$awsEnvironment = Lookup-Setting $config "global" "EnvironmentName" ("eb","git")
}
}
$gitCommitId = $c
$awsUser = New-Object -TypeName Amazon.DevTools.AWSUser
$awsUser.AccessKey = $awsAccessKey
$awsUser.SecretKey = $awsSecretKey
$awsRequest = New-Object -TypeName Amazon.DevTools.AWSElasticBeanstalkRequest
$awsRequest.Region = $awsRegion
$awsRequest.Host = $awsHost
$awsRequest.Application = $awsApplication
$awsRequest.Environment = $awsEnvironment
$awsRequest.CommitId = $gitCommitId
$awsAuth = New-Object -TypeName Amazon.DevTools.AWSDevToolsAuth $awsUser,$awsRequest
$awsRemote = $awsAuth.DeriveRemote()
if($toPush) {
Write-Host "Pushing to environment: $awsEnvironment"
}
return $awsRemote.ToString()
}
#
# Performs the aws.push
#
# @param $e environment that is deployed too.
# @param $c commit to deploy
#
function Invoke-AWSElasticBeanstalkPush
{
Param([string] $e, [string] $c)
$remote = Get-AWSElasticBeanstalkRemote $e $c $TRUE
$src = $c
$dst = "refs/heads/master"
$commit = $src + ":" + $dst
&git push -f $remote $commit
}
#
# Adds the git aliases for aws.push and aws.config to the git repository.
#
function Initialize-AWSElasticBeanstalkRepository
{
$command = 'Import-Module AWSDevTools; $e, $c = Get-Options $args; Get-AWSElasticBeanstalkRemote $e $c'
&git config alias.aws.elasticbeanstalk.remote "!powershell -noprofile -executionpolicy bypass -command '& { $command }'"
$command = 'Import-Module AWSDevTools; $e, $c = Get-Options $args; Invoke-AWSElasticBeanstalkPush $e $c'
&git config alias.aws.push "!powershell -noprofile -executionpolicy bypass -command '& { $command }'"
$command = 'Import-Module AWSDevTools; Edit-AWSElasticBeanstalkRemote'
&git config alias.aws.config "!powershell -noprofile -executionpolicy bypass -command '& { $command }'"
}
#
# Read in data
#
# Will used pipeline data if present, otherwise reads from the console
#
# @param $message The text to display as a prompt
# @return The data collected
#
function Input-Data
{
Param([string] $message)
Write-Host -NoNewline "$($message): "
if (($input.MoveNext()) -and ($input.Current))
{
Write-Host $input.Current
$input.Current
}
else
{
[Console]::In.ReadLine()
}
}
#
# Gets the values for the aws.push and aws.config command options
#
# @param $arr The command line options passed to the command
# @return The options values
#
function Get-Options
{
Param([string[]] $arr)
$e = $null;
$c = $null;
$optionmappings = @{
'--environment' = 'environment';
'-e' = 'environment';
'--commit' = 'commit';
'-c' = 'commit';
'--help' = 'help';
'-h' = 'help'
}
$options = @{}
for ($i=0; $i -lt $arr.count; $i++)
{
$optname = $arr[$i]
$mappedoption = $optionmappings[$optname]
if (!$mappedoption) {
Write-Host("Unknown Option: {0}" -f $arr[$i])
Write-Help
Exit
}
if ($mappedoption -eq "help") {
Write-Help
Exit
}
$value = $arr[++$i]
if (($value -eq $null) -or $optionmappings[$value]) {
Write-Host("You must provide a value for {0}" -f $optname)
Write-Help
Exit
}
if ($options[$mappedoption]) {
Write-Host("--{0} specified twice" -f $mappedoption)
Exit
}
$options[$mappedoption] = $value
}
$e = $options["environment"]
$c = $options["commit"]
if ($c -eq $null) {
$c = "HEAD"
}
$c = Parse-CommitOption $c
$result = $e, $c
$result
}
最佳答案
首先设置你的AWS_ACCESS_KEY_ID和AWS_SECRET_ACCESS_KEY在gitlab中:https://gitlab.com/snw/<project_name>/settings/ci_cd
然后添加.gitlab-ci.yml文件到您的存储库的根目录:
variables:
ARCHIVE_NAME: "archive.zip"
ARCHIVE_LOCATION: "deployments/"
S3_BUCKET_NAME: "my-deployments"
ELASTIC_BEANSTALK_APP_NAME: "myAppName"
AWS_REGION: "us-east-1"
elastic_beanstalk_deploy:
image: python:latest
script:
- apt-get update --assume-yes
- apt-get install zip --assume-yes
- zip -r $ARCHIVE_LOCATION$ARCHIVE_NAME .
- pip install awscli
- aws s3 cp $ARCHIVE_LOCATION$ARCHIVE_NAME s3://$S3_BUCKET_NAME/
- aws elasticbeanstalk create-application-version --application-name $ELASTIC_BEANSTALK_APP_NAME --version-label `date "+%Y%m%d-%H%M%S"` --description "$(git log -1 --pretty=%B)" --source-bundle S3Bucket="$S3_BUCKET_NAME",S3Key="$ARCHIVE_NAME" --region $AWS_REGION
支持:
关于amazon-elastic-beanstalk - Gitlab 中的钩子(Hook)或其他东西可以对 AWS Elastic Beanstalk 执行 git aws.push,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/29479452/
24
4
0
对于在 AWS 云中配置基础设施,我们目前使用从 ansible 角色调用的云形成模板,但我们发现在增加基础设施的规模后,此代码在 GitHub 中变得非结构化或未模块化 Github上有意大利面条式
我一直在阅读documentation for AWS Cloudwatch events至trigger AWS Batch我不知道如何从 cloudwatch 事件触发 aws 批处理: 在 aw
我正在尝试使用入口控制器安装我的CA证书。我正在遵循这份指南。Https://docs.aws.amazon.com/eks/latest/userguide/aws-load-balancer-co
如何使用 aws cloudformation 或 aws cdk 设置 aws aurora mysql 表? 在我的设置中,我有一个使用 lambda 实现各种微服务的无服务器应用程序。数据库是无
我看到了各种使用 AWS CDK 的示例,其中一些使用 aws-cdk-lib,另一些使用 @aws-cdk/core。这些之间有什么区别,什么时候应该使用一个或另一个? 最佳答案 aws-cdk-l
我看到了各种使用 AWS CDK 的示例,其中一些使用 aws-cdk-lib,另一些使用 @aws-cdk/core。这些之间有什么区别,什么时候应该使用一个或另一个? 最佳答案 aws-cdk-l
我在 cdk 研讨会上建立了一个小的 lambda 函数 here .我正在用 typescript 编写 lambda 函数,通过管道进行部署,该管道创建了一个包含 lambda 函数的云形成堆栈。
我刚刚开始使用 AWS 服务,尤其是 AWS Lambda。有没有办法从 Lambda 代码 (Java) 中使用 AWS KMS 服务。我想使用 KMS 来解密加密的外化(从属性读取) secret
CFN 模板是否可以根据参数向 ALB 添加一些特定的安全组? 我遇到了两个安全组添加到 ALB 的情况: ALB Type: AWS::ElasticLoadBalancingV2::LoadB
例如,我有一个主要公司 AWS 账户,其安全组为 xxxxx。现在我有了我的个人 aws 安全组-yyyyy。这些帐户根本不相关。我可以将接受组-yyyyy 添加到组-xxxxx 中,从而允许我的
我有一个 Lambda 函数,它有多个 MSK 触发器配置 - 每个都针对不同的主题。 如果 Lambda 的输入 ( MSKEvent ) 可以包含多个不同的主题,则未在官方文档中找到任何信息。 官
在 AWS Glue 中创建 JDBC 连接时,有什么方法可以从 AWS secret manager 获取密码而不是手动硬编码吗? 最佳答案 我必须在我当前的项目中这样做才能连接到 Cassandr
谁能告诉我: aws-sdk/clients/appsync , 和 aws-appsync 根据文档,aws-sdk/clients/appsync使用是因为只包括 aws-sdk当我们只需要 ap
我不小心删除了我的放大前端并创建了一个新前端。如何将现有的放大后端导入新创建的放大应用项目文件夹? 我按照后端标签上的步骤操作 amplify init --appId(“您的新AMPLIFY APP
我正在使用 Java Sdk 创建粘合作业。它只有两个必需的参数 Command 和 Glue 版本。 但我需要使用自动脚本生成来创建工作。正如我们可以从控制台做的那样,我们添加数据源、AWS Glu
目前我正在使用 AWS Glue 作业将数据加载到 RedShift,但在加载之后我需要运行一些可能使用 AWS Lambda 函数的数据清理任务。有没有办法在 Glue 作业结束时触发 Lambda
简单的 aws lambda 和 aws lambda@edge 有什么区别? 最佳答案 Lambda 根据某些触发器执行函数。 Lambda 的用例非常广泛,并且与许多 AWS 服务高度集成。您甚至
关闭。这个问题是opinion-based 。目前不接受答案。 想要改进这个问题吗?更新问题,以便 editing this post 可以用事实和引文来回答它。 . 已关闭 9 个月前。 社区 9
我正在尝试使用 Python 使用 AWS-CDK 创建托管广告。以下是错误,从 JavaScriptError(resp.stack) 引发 JSIIError(resp.error)jsii.er
这两个包似乎在很大程度上做同样的事情?这两个包之间的预期区别是什么,我应该使用哪个包? 最佳答案 Pipelines 是较新的 --experimental-- (编辑:它不再在 Experiment
我是一名优秀的程序员,十分优秀!