DEV Community

Cover image for CI/CD Of Invalidation AWS CDN Using Gitlab Pipeline
๐Ÿš€ Vu Dao ๐Ÿš€
๐Ÿš€ Vu Dao ๐Ÿš€

Posted on

CI/CD Of Invalidation AWS CDN Using Gitlab Pipeline

  • CloudFront can speed up the delivery of your static content (for example, images, style sheets, JavaScript, and so on) to viewers across the globe. By using CloudFront, you can take advantage of the AWS backbone network and CloudFront edge servers to give your viewers a fast, safe, and reliable experience when they visit your website.

  • A simple approach for storing and delivering static content is to use an Amazon S3 bucket. Using S3 together with CloudFront has a number of advantages, including the option to use Origin Access Identity (OAI) to easily restrict access to your S3 content.

  • When developers want to update the static files, they just need to push the commit of changes, everything else leave for Gitlab pipeline job

Alt Text

General Flow: Gitlab pipeline job sync files to S3 -> S3 notification event triggers lambda function -> Lambda function creates invalidation request to cloudfront

1. Create Gitlab pipeline job

.gitlab-ci.yaml

before_script:
  - echo "Deploy CDN"

deploy_cdn:
  stage: deploy
  timeout: 5m
  script:
    - aws s3 sync static/src s3://static-demo/src/
  only:
    refs:
      - master
    changes:
      - static/src/**/*
  tags:
    - gitlab-runner
Enter fullscreen mode Exit fullscreen mode

3. Create lambda Function associate with the S3 event using AWS chalice

Top comments (2)

Collapse
 
ayograigts profile image
ayograi-gts

I have Question how are you going to connect aws s3 with any token or anything?

For deoply in the case of angular for s3, we can use CI/CD variable of GitLab AWS_ACCESS_KEY and SECRET AND REGION and put value over there so NGXAWS DEPLOY npm Script can use them and deploy with access

but in your script, i am not able to see any of your code using any variable for any access so how can it going to access the bucket on AWS

Collapse
 
vumdao profile image
๐Ÿš€ Vu Dao ๐Ÿš€

@ayograigts Invalidation is done by AWS lambda function which is attached IAM role for proper permission to do the action