Deploy an example app with CI/CD in an existing EKS cluster.
npm uninstall -g cdk
npm i -g aws-cdk crpm typescript
# Clone the infrastructure code
git clone https://github.com/mscribe/crpm-eks-app
# Change directory
cd crpm-eks-app/infra
npm i
# Deploy the application CI/CD, which deploys the application
# Replace the first ? with the management role ARN used to
# deploy EKS and the second ? with the EKS cluster name
cdk deploy cicd \
--parameters EksRoleArn=? \
--parameters ClusterName=?CodeBuild will need to assume the existing EKS role in order to deploy the application. So, you will need to edit the trust relationship so that the CodeBuild role ARN is allowed to assume the EKS role.
- In the AWS Console, navigate to IAM -> Roles.
- Search for the existing EKS role that was used to create the EKS cluster initially, and open the role.
- Click the Trust Relationships tab.
- Click the Edit trust relationship button.
- Add the following statement into the Statement list in the Policy Document, replacing the ? below with the ARN of your IAM role used by the CodeBuild project created for deploying the application. The CodeBuild Role ARN can be seen in the Outputs after deploying cicd.
{
"Effect": "Allow",
"Principal": {
"AWS": "?"
},
"Action": "sts:AssumeRole"
}- Click the Update Trust Policy button.
Now, the KubectlApply action in the Deploy stage of CodePipeline should be able to execute successfully.
# Delete the deployment and service
kubectl delete deployment app
kubectl delete svc app
# Destroy the CI/CD pipeline
cdk destroy cicd