Updating the lambda function with CI/CD (codebuild)

Overview

This blog is all about how to create a CI/CD (i.e. continuous integration and continuous delivery) pipeline such that whenever developers push the code into a central repository (Github, Bitbucket, or CodeCommit). It will automatically trigger the CodeBuild to build the project and finally update the code in the desired lambda function.

Introduction

Usually, software development is made possible with the contribution of a group of developers, so it becomes very important to continuously integrate their code in a central GitHub repository. And from there build the code and deploy it.

This will be the flow of our CI/CD pipeline where

Developers will push the code into the GitHub repository, which will trigger the webhook (at push).
The Codebuild will be triggered and it starts building the project.
Once the Codebuild process will get successful, it will update the code of the lambda function.

But before that, take a brief look at the Lambda function and CodeBuild which is the highlight of this project.

AWS Lambda: AWS Lambda is a serverless computing service that lets you run code without provisioning or managing servers.

It executes your code in response to events and automatically scales to handle the required capacity.
With Lambda, you can build and run applications and services that respond quickly to new information, such as new customer orders or updates to existing orders.

AWS CodeBuild: It is a fully managed continuous integration service that compiles source code, runs tests and produces software packages that are ready for deployment.

It scales automatically to meet the needs of your project and integrates with a wide range of tools and services to help you streamline your software development workflows.
With CodeBuild, you can speed up your software delivery cycle, improve code quality, and reduce the overall cost of building and testing your applications.

Step-by-step tutorial of the project:

Step-1.) Set up the GitHub repository for the project.

First, create a GitHub repository and push the code from your local to the remote repository.

For your reference here is the source code of the project that you can fork and star.

https://github.com/tanmaycode2/github-to-lambda.git

Step-2.) Create a Lambda function.

Here is the guide to creating a lambda function.

Search for Lambda and open it in the AWS management console.
Now create a function as below:
After that its function creation page will open up, fill in the details below:
After the function is created, add the layer of required dependencies in it. For example, in our case Pandas library is used in our code.
- Click on the lambda function and scroll down to last, here Add a layer:
- Follow the below instructions:

Step-3.) Create a CodeBuild Project for the CI/CD of your project.

Go to the CodeBuild console and click on Create build project.
After that set the project configuration of the CodeBuild as below:
Add the source as Github, and connect the repository with OAuth or GitHub token.
In Primary source webhook events,
- Click on the checkbox of the webhook so that it rebuilds the code every time a change is pushed to the source repository.
- Then choose the single build & select from the drop-down Event type > PUSH.
In the Environment section, select as follow:
- Environment image as a Managed image.
- OS as ubuntu or Amazon Linux 2.
- Runtime is standard.
- Environment type as Linux.

Choose the "Use a buildspec file" option.

You can check the Sample buildspec.yaml file for python like below:

  version: 0.2
  phases:
    install:
      runtime-versions:
        python: 3.10
      commands:
        - echo "Installing dependencies..."
        - pip install -r requirements.txt -t lib
    build:
      commands:
        - echo "Zipping deployment package..."
        - cd lib
        - zip -r9 ../deployment_package.zip .
        - cd ..
        - zip -g deployment_package.zip lambda_function.py
    post_build:
      commands:
        - echo "Updating lambda Function..."
        - aws lambda update-function-code --function-name <name-of-your-function> --zip-file fileb://deployment_package.zip
        - echo "DONE!!"

In the above file, the command in the post_build phase will update the lambda function code with the zip file we have created in the build phase.

aws lambda update-function-code --function-name <name-of-your-function> --zip-file fileb://deployment_package.zip
In our case instead of

Keep other configurations as default for now and create the project as it is.
Finally, your build project is ready.

Step-4.) Update the IAM role of CodeBuild.

In the final step, we need to give the CodeBuild project IAM Role, permission to do needful operations on the lambda function.

For that, go to the service role of your CodeBuild project.

Now in IAM Role, edit the CodeBuildBasePolicy and add the following statement in the policy for giving this specific CodeBuild project, permission to do operations on YOUR-LAMBDA-FUNCTION.

          {
              "Effect": "Allow",
              "Resource": "YOUR-LAMBDA-Function-ARN",
              "Action": [
                  "lambda:AddPermission",
                  "lambda:RemovePermission",
                  "lambda:CreateAlias",
                  "lambda:UpdateAlias",
                  "lambda:DeleteAlias",
                  "lambda:UpdateFunctionCode",
                  "lambda:UpdateFunctionConfiguration",
                  "lambda:PutFunctionConcurrency",
                  "lambda:DeleteFunctionConcurrency",
                  "lambda:PublishVersion"
              ]
          },

Step-5.) Finally, test the project by pushing the updated code in the GitHub repo.

Push the code on the source repository.
Check the CodeBuild phase.
Go to your Lambda console and check the function code.

Some useful references:

Fan stuff GIF - Find on GIFER

DevOps with Tanmay

DevOps with Tanmay

Build a CI/CD pipeline from GitHub to Lambda function with CodeBuild