As we saw in this chapter, pipelines are composed of stages. In CodePipeline, stages are characterized by their categories. We have explored three categories so far: source, deploy, and test. In order to add that confirmation step to deploy to production, we will use a new category called approval.
Approval actions offer a number of configuration options to get notifications when a job is pending approval. In order best to demonstrate it, we are going to create a new SNS topic and subscribe to it. SNS, as you might remember from Chapter 3, Treating Your Infrastructure As Code, is the Simple Notification Service that we used to create monitoring for our infrastructure.
We are going to use the command line to create a new topic and subscribe to it:
$ aws sns create-topic --name production-deploy-appoval
{
"TopicArn": "arn:aws:sns:us-east-1:511912822958:production-deploy-
appoval"
}
We will use an email subscription, but SNS supports a number of other protocols such as SMS, HTTP, and SQS.
In order to subscribe, you need to know the TopicArn, which is in the output of the previous command:
$ aws sns subscribe --topic-arn
arn:aws:sns:us-east-1:511912822958:production-deploy-appoval
--protocol email
--notification-endpoint [email protected]
{
"SubscriptionArn": "pending confirmation"
}
Go to your inbox to confirm the subscription.
We can now add our new stages, starting with the approval stage:
- Open https://console.aws.amazon.com/codepipeline in your browser.
- Select the helloworld application.
- Click on Edit at the top of the pipeline.
- Click on the + Stage button at the bottom of the pipeline below the Beta stage.
- Give it the name Approval.
- Click on + Action.
- Select Approval in the Action Category menu.
- Call the action Approval.
- Select the approval type Manual approval.
- Pick the SNS topic we just created. Typing production deploy should let you find the topic easily thanks to the autocomplete feature of the form.
- Finally, click on Add action.
We are now going to add the deployment to production steps below this approval:
- Click on the + Stage button below the newly created stage Approval.
- Call this new stage Production.
- Click on + Action.
- Select the Deploy category.
- Call the action Production.
- Select the CodeDeploy provider.
- Pick helloworld as our application name.
- Select the deployment group production.
- Select the artifact MyApp.
- Click on Add action.
- Complete the creation of our new stages by clicking on save pipeline changes at the top of the pipeline.
We can once again click on Release change to test our updated pipeline.
The pipeline will go through the first three stages and then block on the approval stage. You can check your email inbox to find a link to provide your review or simply use the web interface and click on the review button in the approval stage:
After carefully reviewing the change on staging, approve or reject the change. If approved, the deployment will go to the last step of the pipeline and deploy the code to production.
We just completed automating our entire release process. Our Hello World application may not reflect what a real application might look like, but the pipeline we built around it does and what we built can be used as a blueprint for deploying more complex applications from environment to environment very safely in a well-thought-out process.
There is no question that your ability to move quickly and get customers in front of your new features and services is paramount to your ability to fight off disruption. The last step of building a continuous deployment pipeline is to remove that manual approval process to release code to production and take out the last step involving humans in the release process. Over the years, different companies have come up with a couple of strategies to make production deployments a safe process. Here are some solutions that you can implement.