A complete CI/CD pipeline for Java web applications using AWS DevOps services.
This project demonstrates a complete DevOps pipeline for a Java web application using AWS services. It includes infrastructure as code (CloudFormation), build and deployment automation, and a sample Java web application.
This project was inspired by NextWork's 7-Day DevOps Challenge. While following a similar architectural approach, this implementation includes additional automation through shell scripts, enhanced CloudFormation templates, and a customized web application.
- AWS Web Application DevOps Pipeline
The architecture consists of three main components:
- Build Infrastructure - Core resources for building applications
- CI/CD Pipeline - Complete CI/CD pipeline configuration
- Deployment Environment - Target environment for application deployment
| Service | Purpose | Documentation |
|---|---|---|
| AWS IAM | Identity and access management | IAM Documentation |
| AWS CloudFormation | Infrastructure as code | CloudFormation Documentation |
| AWS CodeArtifact | Artifact repository | CodeArtifact Documentation |
| AWS CodeBuild | Continuous integration | CodeBuild Documentation |
| AWS CodeDeploy | Automated deployment | CodeDeploy Documentation |
| AWS CodePipeline | CI/CD orchestration | CodePipeline Documentation |
| Amazon S3 | Storage for artifacts | S3 Documentation |
| Amazon EC2 | Compute for deployment | EC2 Documentation |
| AWS CodeStar Connections | GitHub integration | Connections Documentation |
- AWS Account with administrative access
- AWS CLI installed and configured
- Git installed
- Java 8+ installed
- Maven installed
- jq installed (for cleanup script)
aws-web-app-devOps/
├── cloudformation-templates/ # CloudFormation templates
│ ├── build-infra-stack.yaml # Build infrastructure resources
│ ├── cicd-pipeline-stack.yaml # CI/CD pipeline configuration
│ ├── deployment-server-stack.yaml # Deployment environment
│ └── README.md # CloudFormation documentation
├── scripts/ # Deployment scripts
│ ├── install_dependencies.sh # Install Apache and configure proxy
│ ├── start_server.sh # Start application services
│ ├── stop_server.sh # Stop application services
│ ├── validate_service.sh # Validate deployment
│ └── README.md # Scripts documentation
├── src/ # Java web application source code
├── appspec.yml # AWS CodeDeploy specification
├── bootstrap.sh # Automated deployment script
├── buildspec.yml # AWS CodeBuild specification
├── delete_stacks.sh # Cleanup script
├── local_dev.sh # Local development script
├── pom.xml # Maven project configuration
└── settings.xml # Maven settings for CodeArtifact
-
Create an IAM User with Admin Access:
- Go to IAM Console
- Create a new user with programmatic access
- Attach the
AdministratorAccesspolicy - Save the access key and secret key
-
Configure AWS CLI:
aws configure
-
Clone the repository:
git clone https://github.com/yourusername/aws-web-app-devOps.git cd aws-web-app-devOps -
Run the application locally:
./local_dev.sh
-
Access the application: Open your browser and navigate to
http://localhost:8090/nextwork-web-project/
The entire deployment process is automated using the bootstrap.sh script:
./bootstrap.shThis script will:
- Deploy the deployment server stack
- Create or use an existing GitHub connection
- Deploy the build infrastructure stack
- Deploy the CI/CD pipeline stack
- Start the pipeline execution
During the process, you'll need to authorize the GitHub connection when prompted.
- For additional information, please refer to - Deployment Scripts Documentation and CloudFormation Templates Documentation
The CI/CD pipeline consists of three stages:
- Source: Fetches code from GitHub repository
- Build: Builds the application using CodeBuild
- Uses Maven with CodeArtifact integration
- Packages the application as a WAR file
- Deploy: Deploys to EC2 instance using CodeDeploy
- Installs dependencies
- Deploys the WAR file to Tomcat
- Configures Apache as a proxy
- Validates the deployment
- Go to AWS CodePipeline Console
- Select the
nextwork-devops-cicdpipeline - View the current status and history
After successful deployment, access the application using the EC2 instance's public DNS:
- Go to AWS EC2 Console
- Find the instance with the tag
role: webserver - Use the Public DNS or IP address in your browser
- GitHub Connection: Ensure the GitHub connection is authorized
- Build Failures: Check CodeBuild logs for Maven errors
- Deployment Failures: Check CodeDeploy logs and EC2 instance logs
- Application Not Accessible: Verify security group settings and service status
To delete all resources created by this project:
./delete_stacks.shThis script will:
- Empty & delete all S3 buckets
- Delete the CI/CD pipeline stack
- Delete the build infrastructure stack
- Delete the deployment server stack
- Network Security:
- Replace open security group rules (0.0.0.0/0) with restricted CIDR blocks
- Implement AWS WAF with CloudFront for edge protection
- Configure TLS termination at load balancer level
- Migrate from HTTP to HTTPS with proper certificates
- Monitoring & Detection:
- Set up CloudWatch alarms for unusual traffic patterns
- Enable AWS GuardDuty for threat detection
- Implement AWS Config for compliance monitoring
- Architecture Upgrade:
- Migrate to Spring Boot framework with layered architecture
- Implement RESTful API endpoints
- Add database connectivity with Amazon RDS
- Implement user authentication with Amazon Cognito
- High Availability:
- Deploy across multiple Availability Zones
- Implement Auto Scaling for EC2 instances
- Add Elastic Load Balancing for traffic distribution
- Containerization:
- Migrate to container-based deployment with Amazon ECS/EKS
- Implement Docker for consistent environments
- Add container security scanning
- Testing:
- Add automated unit and integration testing
- Implement code quality gates with SonarQube
- Add security scanning with OWASP dependency checks
- Deployment Strategy:
- Implement blue/green deployment strategy
- Add canary releases for gradual rollout
- Configure automated rollbacks based on health checks