Thus, the application deployment process on ArgoCD has been completed. In the High Level Design section, we already have a workflow to deploy the application. Next, we will configure CodeBuild to perform the steps in that workflow.
We will configure the buildspec.yml file, CodeBuild will use this file to execute the configured stages to perform the deployment steps.
The main stages performed in the Pipeline:
Install: Install necessary dependencies for the build process such as SonarQube CLI, Docker,…
Create Tag: Create a new tag for Docker Image following the structure: ${COMMIT_TAG}_${COMMIT_HASH}
Code Scan: This step will be performed by SonarQube to scan code and provide analysis results on the SonarQube Server.
Login to ECR: Login to Amazon ECR to push Docker Image to ECR.
Build Docker Image: Create Docker Image with new tag and push to Amazon ECR.
Push Docker Image: Push Docker Image to Amazon ECR.
Update image tag in configuration file (values.yaml): Automatically update new image tag to the repository containing Helm charts.
To perform the above steps, we need to configure CodeBuild with the necessary IAM permissions to connect to other services such as ECR, Secrets Manager. We need to create Secret Keys in SonarQube and Github to be able to Commit and send source code scanning reports to SonarQube.