HashiCorp showed a new project on . It uses an HCL-based file to describe building, shipping, and releasing applications for various cloud platforms ranging from Kubernetes to AWS and Google Cloud Run. Think of Waypoint as Terraform and Vagrant put together to describe the process of building, shipping, and releasing your applications.
True to form, HashiCorp has released Waypoint as open source, and it comes with a lot of examples. The level of the orchestrator is up to you, Waypoint comes as an executable that you can run directly on your laptop or from your CI/CD orchestration tool of choice. The application deployment target is also up to you, as Waypoint supports Kubernetes, Docker, Google Cloud Run, AWS ECS, and more.
After reading the awesome and the chicest applications provided by HashiCorp, we decided to take a closer look at Waypoint orchestration with GitLab CI/CD. To do this, we will take a simple Node.js application running on AWS ECS from the sample repository.
After cloning the repository, let's look at the structure of the application that displays one page:
As you may have noticed, there is no Dockerfile in this project. They are not added in the example because we don't really need them, because Waypoint will take care of them for us. Let's take a closer look at the file waypoint.hclto understand what it will do:
project = "example-nodejs"
app "example-nodejs" {
labels = {
"service" = "example-nodejs",
"env" = "dev"
}
build {
use "pack" {}
registry {
use "aws-ecr" {
region = "us-east-1"
repository = "waypoint-gitlab"
tag = "latest"
}
}
}
deploy {
use "aws-ecs" {
region = "us-east-1"
memory = "512"
}
}
}During the build phase, Waypoint uses Cloud Native Buildpacks () to determine the project's programming language and create a Docker image without using a Dockerfile. In principle, this is the same technology that is used by GitLab in part at the Auto Build step. It's great to see that CNCF's CNB is gaining more and more adoption among industry users.
Once the image is built, Waypoint will automatically upload it to our AWS ECR registry so that it is ready to ship. At the end of the assembly, the delivery step uses to deploy our application to our AWS account.
From my laptop it's easy. I put in Waypoint which is already authenticated in my AWS account and it "just works". But what happens if I want to go beyond my laptop? Or maybe I want to automate this deployment as part of my overall CI/CD pipeline where my current integration tests, security tests, and others run? This is the part of the story where GitLab CI/CD comes in!
Note If you are just planning to implement CI / CD or want to start applying the best practices for building pipelines, pay attention to the new Slurm course. . It is now available for pre-order price.
Waypoint in GitLab CI/CD
To orchestrate all of this in GitLab CI/CD, let's see what we need in our file .gitlab-ci.yml:
- First of all, you need a base image to run inside it. Waypoint runs on any Linux distribution, it only needs Docker, so we can run with a generic Docker image.
- Next, you need to install Waypoint into this image. In the future we may collect and containerize this process for yourself.
- Finally we will run the Waypoint commands
Above is everything our pipeline will need to run the scripts needed to perform the deployment, but to deploy to AWS, we need one more thing: we must log in to our AWS account. In Waypoint description about authentication and authorization. HashiCorp also released an impressive project this week . But for now, we can just take and handle authentication and authorization ourselves.
There are several options for GitLab CICD authentication on AWS. The first option is to use the built-in . It's fine if your team is already using Vault for credential management. Another method that works if your team manages authorization using AWS IAM is to check that delivery tasks are triggered via A that is authorized to start the deployment through IAM. But if you just want to get familiar with Waypoint and want to do it quickly, the last option is to add your AWS API and Secret keys to AWS_ACCESS_KEY_ID ΠΈ AWS_SECRET_ACCESS_KEY.
Putting it all together
Once we figured out the authentication, we can start! Our final .gitlab-ci.yml looks like that:
waypoint:
image: docker:latest
stage: build
services:
- docker:dind
# Define environment variables, e.g. `WAYPOINT_VERSION: '0.1.1'`
variables:
WAYPOINT_VERSION: ''
WAYPOINT_SERVER_ADDR: ''
WAYPOINT_SERVER_TOKEN: ''
WAYPOINT_SERVER_TLS: '1'
WAYPOINT_SERVER_TLS_SKIP_VERIFY: '1'
script:
- wget -q -O /tmp/waypoint.zip https://releases.hashicorp.com/waypoint/${WAYPOINT_VERSION}/waypoint_${WAYPOINT_VERSION}_linux_amd64.zip
- unzip -d /usr/local/bin /tmp/waypoint.zip
- rm -rf /tmp/waypoint*
- waypoint init
- waypoint build
- waypoint deploy
- waypoint releaseYou see we start with an image docker:latest and set a few environment variables required by Waypoint. In chapter script we download the latest Waypoint executable and put it in /usr/local/bin. Since our runner is already authorized in AWS, then we simply run waypoint init, build, deploy ΠΈ release.
The output of the build task will show us the endpoint where we rolled the application:
Waypoint one of , which work great with GitLab. For example, in addition to delivering the application, we can orchestrate the underlying infrastructure with . To standardize SDLC security, we can also implement for managing secrets and tokens in CI/CD pipelines, providing a complete solution for developers and administrators who rely on secret management for development, testing, and production use.
Joint solutions developed by HashiCorp and GitLab help companies find the best way to develop applications by ensuring consistent supply chain and infrastructure management. Waypoint has taken another step in the right direction and we look forward to further development of the project. You can learn more about Waypoint also worth exploring ΠΈ project. We have added our knowledge to . If you want to try it out yourself, you can check out the complete working example at .
You can understand the principles of CI / CD, master all the subtleties of working with Gitlab CI and start applying best practices by completing the video course . Join now!
Source: habr.com