Automating Lambda Deployment With Travis-CI
Friday, September 27, 2019
This is a post from my old blog. Info in here may be out of date or useless.
January 11, 2017
I really hate doing things myself when I can have a computer do it for me.
So In this post I will describe how I automate lambda deployment with travis-ci.
Create a AWS role that has these permissions.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"lambda:*"
],
"Resource": [
"*"
]
}
]
}
I wanted to lock down the permissions more but you basically need them all.
Get an access key for this role.
Second add your repo to travis. It’s easy I won’t tell you how to do it.
Now we create a
.travis.yml
file.
language: node_js
node_js:
- '4.3'
env:
global:
- AWS_ACCESS_KEY_ID=YOUR_ACCESS_KEY_ID
- AWS_DEFAULT_REGION=us-east-1
branches:
only:
- master
before_install:
- pip install --user awscli
- export PATH=$PATH:$HOME/.local/bin
script: make build
Here we add our AWS key id to the file. We’ll also want to add our secret key but we want to encrypt it. Using the travis CLI
travis encrypt AWS_SECRET_ACCESS_KEY=YOUR_SECRET_ACCESS_KEY --add env.global
We should be set on the travis side.
Now onto building and uploading
Here is my make file for building
.PHONY: build clean upload
build:
npm install --only=production
zip -r code.zip . -x *.git*
clean:
if [ -a code.zip ]; then rm code.zip; fi
upload: build
./upload.sh
here is my upload.sh
# !/bin/bash
aws lambda update-function-code \
--zip-file=fileb://code.zip \
--region=us-east-1 \
--function-name=NAME_OF_YOUR_LAMBDA
Now everytime you push to master it should update your lambda to the newest code!