Another week of learning, another week of improving this site.

This time, I came up with the idea to implement a CICD pipeline for the site. I was tired of using SSL and SCP protocol to manually deploy the site repeatedly.

The first challenge in this case was finding the solution stack that could best fit my use case. Of course, we can always just go all out and implement all the best products available in the market. But, with a hobby project on my hands, that will be impractical and costly.

I searched the internet and decided that I should use AWS CodeDeploy and AWS CodePipeline for the job. The reasons are as follows:

  1. I have some scripts I would like to run on deploy directly with my server
  2. I want to minimise port configuration to minimise security risk. AWS does not require me to open an additional port
  3. These services are included in the AWS Free Tier
  4. It integrates natively with the GitHub Private repository

So now with a direction, I started to try implementing. I hit a wall immediately when cloning the git repository on my server. I followed guides on the internet but didn’t realise that since my repository was private, I would also need additional configuration to make a key on the server for authentication. The problem for me, in this case, was the concept of key ownership. I wasn’t aware that there are multiple user roles on the server and that a clear definition is required for me to use the key in the server. So after a lot of pain (accidentally also bricked the previous server as I used mv to a key I require for SSH), I am finally ready for some more config.

AWS CodeDeploy and AWS CodePipeline were extremely convenient. All I needed to do was to deploy a Code Deploy Agent on the server and add appspec.yml to let the service know what I want the server to do when it receives the signal. I leveraged some shell code to automate the manual process that I used to do.

The other challenge I didn’t anticipate was that I was required to configure some swap space for the server manually. Since I am building the files directly on the server, it sometimes hangs the server by pushing the CPU utilisation to 100%. Not knowing what to do was pretty scary. But as always in tech, knowing the problem is halfway to solving the problem.