Skip to content

An example of using SAM for Step Functions to build a machine that will run multiple pipelines at once.

License

Notifications You must be signed in to change notification settings

guysqr/release-machine

Repository files navigation

Release Machine

This project is a proof of concept for a Step Functions state machine that can be used to orchestrate simultaneous deployments from multiple pipelines using dynamic parallelism.

Prerequisites

This project assumes you have an existing set of CodePipeline deployment pipelines already set up. The cdk-serverless-stack project for quickly creating a number of pipelines, triggered from an equal number of CodeCommit repositories can be used to set these up for demo purposes.

You will need to install SAM before you get started.

About SAM

The AWS Serverless Application Model (SAM) is an open-source framework for building serverless applications. It provides shorthand syntax to express functions, APIs, databases, and event source mappings. With just a few lines per resource, you can define the application you want and model it using YAML.

The Serverless Application Model Command Line Interface (SAM CLI) is an extension of the AWS CLI that adds functionality for building and testing Lambda applications and Step Functions state machines.

About Step Functions

AWS Step Functions lets you coordinate multiple AWS services into serverless workflows so you can build and update apps quickly. Using Step Functions, you can design and run workflows that stitch together services, such as AWS Lambda, AWS Fargate, and Amazon SageMaker, into feature-rich applications.

About the Release Machine

The Release Machine is a software release workflow for deploying from multiple pipelines simultaneously, triggered by a release-manifest.json file being dropped in an S3 bucket or posted to an API Gateway endpoint.

The release process contains steps that

  1. Verify the manifest is valid and has not already been run
  2. If valid, it records the release request and timestamp
  3. Triggers an execution for each of the requested pipelines
  4. Checks each pipeline execution's state every 30 seconds and records any changes
  5. Records the release as complete if all pipelines complete successfully
  6. Fails the release if any fail to complete successfully

alt text

Note that this version does not attempt any rollbacks or pipeline execution cancellations when something fails.

Triggering the Release Machine

At the time of writing, only a few event types can be used to trigger Step Functions:

  • Schedule
  • CloudWatchEvent
  • EventBridgeRule
  • Api

To use a trigger based on S3, object level events need to be delivered into CloudTrail. If you don't do this step, dropping the manifest file in the bucket will not create the CloudWatch event we are listening for.

Release Machine can be triggered by an API Gateway endpoint as well. To enable that, uncomment the relevant Event definition in the ReleaseStateMachine definition in the template.yaml file and do a sam build then sam deploy and then call the API via the console, making sure to send release-manifest.json as the POST payload.

Project structure

Release Machine follows the standard SAM project structure, and includes the following files and folders:

  • functions - Code for the application's Lambda functions
  • statemachine - Definition for the state machine that orchestrates the release workflow
  • template.yaml - A template that defines the application's AWS resources

How it works

The template.yaml file declares the AWS resources, including Step Functions state machines, Lambda functions and DynamoDB tables. It also sets up permissions

The DynamoDB tables are used to log releases and pipeline execution state.

Resources are defined in the template.yaml file in this project. You can update the template to add AWS resources through the same deployment process that updates your application code.

If you prefer to use an integrated development environment (IDE) to build and test the Lambda functions within your application, you can use the AWS Toolkit. The AWS Toolkit is an open source plug-in for popular IDEs that uses the SAM CLI to build and deploy serverless applications on AWS. The AWS Toolkit also adds a simplified step-through debugging experience for Lambda function code. See the following links to get started:

The AWS Toolkit for VS Code includes full support for state machine visualization, enabling you to visualize your state machine in real time as you build. The AWS Toolkit for VS Code includes a language server for Amazon States Language, which lints your state machine definition to highlight common errors, provides auto-complete support, and code snippets for each state, enabling you to build state machines faster.

Deploy the application

The Serverless Application Model Command Line Interface (SAM CLI) is an extension of the AWS CLI that adds functionality for building and testing Lambda applications and Step Functions state machines.

To use the SAM CLI, you need the following tools:

To build and deploy your application for the first time, run the following in your shell:

$ sam build
$ sam deploy --guided

The first command will build the source of your application. The second command will package and deploy your application to AWS, with a series of prompts:

  • Stack Name: The name of the stack to deploy to CloudFormation. This should be unique to your account and region, and a good starting point would be something matching your project name.
  • AWS Region: The AWS region you want to deploy your app to.
  • Confirm changes before deploy: If set to yes, any change sets will be shown to you before execution for manual review. If set to no, the AWS SAM CLI will automatically deploy application changes.
  • Allow SAM CLI IAM role creation: Many AWS SAM templates, including this example, create AWS IAM roles required for the AWS Lambda function(s) included to access AWS services. By default, these are scoped down to minimum required permissions. To deploy an AWS CloudFormation stack which creates or modified IAM roles, the CAPABILITY_IAM value for capabilities must be provided. If permission isn't provided through this prompt, to deploy this example you must explicitly pass --capabilities CAPABILITY_IAM to the sam deploy command.
  • Save arguments to samconfig.toml: If set to yes, your choices will be saved to a configuration file inside the project, so that in the future you can just re-run sam deploy without parameters to deploy changes to your application.

You can find your State Machine ARN in the output values displayed after deployment.

Use the SAM CLI to build and test locally

Build the Lambda functions in your application with the sam build --use-container command.

$ sam build

The SAM CLI installs dependencies defined in functions/*/package.json, creates a deployment package, and saves it in the .aws-sam/build folder.

Add a resource to your application

The application template uses AWS Serverless Application Model (AWS SAM) to define application resources. AWS SAM is an extension of AWS CloudFormation with a simpler syntax for configuring common serverless application resources such as functions, triggers, and APIs. For resources not included in the SAM specification, you can use standard AWS CloudFormation resource types.

Fetch, tail, and filter Lambda function logs

To simplify troubleshooting, SAM CLI has a command called sam logs. sam logs lets you fetch logs generated by your deployed Lambda function from the command line. In addition to printing the logs on the terminal, this command has several nifty features to help you quickly find the bug.

NOTE: This command works for all AWS Lambda functions; not just the ones you deploy using SAM.

$ sam logs -n CheckManifestFunction --stack-name release-machine --tail

You can find more information and examples about filtering Lambda function logs in the SAM CLI Documentation.

Unit tests

Tests are defined in the functions/*/tests folder in this project. Use NPM to install the Mocha test framework and run unit tests.

$ cd functions/check-manifest
check-manifest$ npm install
check-manifest$ npm run test

Cleanup

To delete the sample application that you created, use the AWS CLI. Assuming you used your project name for the stack name, you can run the following:

aws cloudformation delete-stack --stack-name release-machine

Resources

See the AWS SAM developer guide for an introduction to SAM specification, the SAM CLI, and serverless application concepts.

Next, you can use AWS Serverless Application Repository to deploy ready to use Apps that go beyond hello world samples and learn how authors developed their applications: AWS Serverless Application Repository main page

About

An example of using SAM for Step Functions to build a machine that will run multiple pipelines at once.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published