Provide official container with aws client installed
Problem to solve
As part of &1804, we should add support for AWS deployments in a simple way.
In contrast to a recipe (https://gitlab.com/gitlab-org/gitlab-ce/issues/53307), this should be much more built-in, discoverable, well-documented and part of the primary user experience for people setting up deployments to this cloud. They should also be maintained over time rather than being a bit of reference code stored somewhere.
Intended users
Teams implementing CD for the cloud
Further details
Proposal
For the first iteration we should create a container that can be used to perform arbitrary CLI commands. It should automatically authenticate using environment variables or a simple service integration made available to the container (note that it's likely that different credentials are needed for different environments), and fail if the needed values are not there.
deploy:
stage: deploy
image: gitlab/gitlab-awsclient@1.0
script:
- aws ..."
AWS does not provide a preconfigured AWS client Docker image to build on.
In the future, more sophisticated GitLab-specific behaviors can be integrated with the container, but as-is this will help teams get up and running using GitLab CI much more quickly. We could also consider including https://github.com/python-gitlab/python-gitlab ready to run.
Planning breakdown
- Create new project (a new
gitlab-org/cloud-deploy
project? Can always be moved elsewhere if another location makes more sense). - Create new Dockerfile(s) (for both based on Alpine and Ubuntu?).
- Have available images on Docker Hub.
Tests:
- Update
.gitlab-ci.yml
by specifying image, env vaiables (AWS EC2 token? others?) and someaws-cli
commands. - Run pipeline: check output, make sure that communication with ec2 instance is made and commands are run.
- Run pipeline again without env. variables previously set: make sure that ssh to ec2 instance fails correctly.
Number of planned MR(s): 2 - one per used base Docker image.
Permissions and Security
Documentation
Testing
What does success look like, and how can we measure that?
Links / references
- This is related to what GitHub provides via an action (https://github.com/actions/aws). If possible, we could leverage the same open source code so it is always kept up to date and working by community contributors.