pipeline.json

Purpose

This configuration file is used for defining pipeline settings that affect the pipeline as a whole, not a specific account/environment.

Example Configuration

{
    "type": "ec2",
    "owner_email": "",
    "documentation": "",
    "notifications": {
        "email": "",
        "slack": ""
    },
    "promote_restrict": "none",
    "base": "tomcat8",
    "env": ["stage", "prod"],
    "primary_region": "us-east-1",
    "image": {
        "root_volume_size": 6,
        "builder": "ebs"
    },
    "lambda": {
        "app_description": "default description",
        "runtime": "java8",
        "handler": "main",
        "vpc_enabled": false
    },
    "pipeline_files": [],
    "chaos_monkey": {
      "enabled": false,
      "mean_time": 5,
      "minimum_time": 3,
      "exceptions": []
    },
    "instance_links": {}
}

Configuration Details

type

Specifies what type of pipeline to use for the application.

Type: string
Default: "ec2"
Options:
  • "ec2" - Sets up an AWS EC2 pipeline and infrastructure
  • "datapipeline" - Sets up an AWS Data Pipeline infrastructure
  • "lambda" - Sets up an AWS Lambda pipeline and infrastructure
  • "manual" - Create Pipelines from raw JSON, use with pipeline_files.
  • "s3" - Sets up an AWS S3 pipeline and infrastructure

owner_email

The application owners email address. This is not used directly in the pipeline but can be consumed by other tools

Type: string
Default: null

documentation

Link to the applications documentation. This is not used directly in the pipeline but can be consumed by other tools

Type: string
Default: null

notifications Block

Where to send pipeline failure notifications

email

Email address to send pipeline failures (email must be configured in Spinnaker Echo)

Type: string
Default: null

slack

Slack channel to send pipeline failures (Slack must be configured in Spinnaker Echo)

Type: string
Default: null

promote_restrict

Restriction setting for promotions to prod* accounts.

Type: string
Default: "none"
Options:
  • "masters-only" - only masters/owners on a repository can approve deployments
  • "members-only" - Any member of a repository can approve deployments
  • "none" - No restrictions

base

The base AMI to use for baking the application. This can be an alias defined in ami-lookup.json or an AMI Id.

Type: string
Default: "tomcat8"

env

List of accounts that the application will be deployed to. Order matters as it defines the order of the pipeline. The accounts should be named the same as you have them in Spinnaker Clouddriver

Type: array
Default: ["stage", "prod"]

pipeline_files

List of JSON files to use for manual type.

Type: array
Default: []

image Block

Holds settings for the baked image

root_volume_size

Defines the root volume size of the resulting AMI in GB

Type: number
Units: Gigabyte
Default: 6

lambda Block

Holds settings related to lambda deployments

app_description

Lambda function description

Type: string
Default: "default description"

runtime

The runtime environment for the Lambda function

Type: string
Default: "java8"
Options:
  • "java8"
  • "nodejs"
  • "nodejs4.3"
  • "python2.7"
  • "python3.6"

handler

The function that Lambda calls to beign execution

Type: string
Default: "main"

vpc_enabled

Wether or not the Lambda function should use a VPC

Type: boolean
Default: false

services Block

Access to different Cloud Services will be added to an inline Policy for an IAM Role. Keys must match with a corresponding template in src/foremast/templates/infrastructure/iam/key.json.j2.

cloudformation

Add CloudFormation access.

Type: boolean
Default: false

cloudwatchlogs

Add CloudWatch Logs access. Lambda Functions will automatically have this added.

Type: boolean
Default: false

cloudwatch

Add CloudWatch Limited access.

Type: boolean
Default: false

dynamodb

Add DynamoDB access to tables listed.

Type: array
Default: []

elasticsearch

Add ElasticSearch access to domains listed.

Type: array
Default: []

firehose

Add Firehose access to streams listed.

Type: array
Default: []

kinesis

Add Kinesis Streams access to streams listed.

Type: array
Default: []

lambda

Add Lambda access.

Type: boolean
Default: false

rds-db

Add RDS-DB Connect access to RDS DB Resources. Expects RDS DB user to match Spinnaker appname. (http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html)

Type: array
Default: []
Example: ["db-12ABC34DEFG5HIJ6KLMNOP78QR", "*"]`

s3

Add S3 access to the provided Bucket. You may need to override default templates, see templates_path. To access other S3 Buckets, provide a list of names to add.

Type: boolean XOR array
Default: false
Example boolean:
{
  "s3": true
}
Example array:
{
  "s3": ["other_bucket"]
}

sdb

Add SimpleDB access to SimpleDB Domains listed.

Type: array
Default: []

ses

Add SES access.

Type: boolean
Default: false

sns

Add SNS access.

Type: boolean
Default: false

sqs

Add SQS access.

Type: boolean
Default: false

chaos_monkey Block

Key that configures Chaos Monkey

enabled

Enable or disable Chaos Monkey

Type: boolean
Default: false

mean_time

Mean time between terminations. If mean_time is n, then the probability of a termination on each day is 1/n

Type: number
Default: 5
Units: Days

minimum_time

Minimum time between terminations

Type: number
Default: 3
Units: Days

exceptions

Accounts that Chaos Monkey will not affect

Type: array
Default: []