pipeline.json

Purpose

This configuration file is used for defining pipeline settings that affect the pipeline as a whole, not a specific account/environment.

Example Configuration

{
    "type": "ec2",
    "owner_email": "",
    "documentation": "",
    "notifications": {
        "email": "",
        "slack": ""
    },
    "promote_restrict": "none",
    "base": "tomcat8",
    "env": ["stage", "prod"],
    "primary_region": "us-east-1",
    "image": {
        "root_volume_size": 6,
        "builder": "ebs"
    },
    "lambda": {
        "app_description": "default description",
        "runtime": "java8",
        "handler": "main",
        "vpc_enabled": false
    },
    "pipeline_files": []
}

Configuration Details

type

Specifies what type of pipeline to use for the application.

Default: "ec2"
Options:
  • "lambda" - Sets up the AWS Lambda pipeline and infrastructure
  • "ec2" - Sets up the AWS EC2 pipeline and infrastructure
  • "manual" - Create Pipelines from raw JSON, use with pipeline_files.

owner_email

The application owners email address. This is not used directly in the pipeline but can be consumed by other tools

Default: null

documentation

Link to the applications documentation. This is not used directly in the pipeline but can be consumed by other tools

Default: null

notifications Block

Where to send pipeline failure notifications

email

Email address to send pipeline failures (email must be configured in Spinnaker Echo)

Default: null

slack

Slack channel to send pipeline failures (Slack must be configured in Spinnaker Echo)

Default: null

promote_restrict

Restriction setting for promotions to prod* accounts.

Default: "none"
Options:
  • "masters-only" - only masters/owners on a repository can approve deployments
  • "members-only" - Any member of a repository can approve deployments
  • "none" - No restrictions

base

The base AMI to use for baking the application. This can be an alias defined in ami-lookup.json or an AMI Id.

Default: "tomcat8"

envs

List of accounts that the application will be deployed to. Order matters as it defines the order of the pipeline. The accounts should be named the same as you have them in Spinnaker Clouddriver

Type: List of strings
Default: ["stage", "prod"]

pipeline_files

List of JSON files to use for manual type.

Type: list
Default: []

image Block

Holds settings for the baked image

root_volume_size

Defines the root volume size of the resulting AMI in GB

Type: int
Units: Gigabyte
Default: 6

lambda Block

Holds settings related to lambda deployments

app_description

Lambda function description

Default: "default description"

runtime

The runtime environment for the Lambda function

Default: "java8"
Options:
  • "java8"
  • "nodejs"
  • "nodejs4.3"
  • "python2.7"
  • "python3.6"

handler

The function that Lambda calls to beign execution

Default: "main"

vpc_enabled

Wether or not the Lambda function should use a VPC

Type: Boolean
Default: false

services Block

Access to different Cloud Services will be added to an inline Policy for an IAM Role. Keys must match with a corresponding template in src/foremast/templates/infrastructure/iam/key.json.j2.

cloudformation

Add CloudFormation access.

Type: bool
Default: false

cloudwatchlogs

Add CloudWatch Logs access. Lambda Functions will automatically have this added.

Type: bool
Default: false

dynamodb

Add DynamoDB access to tables listed.

Type: list
Default: []

elasticsearch

Add ElasticSearch access to domains listed.

Type: list
Default: []

firehose

Add Firehose access to streams listed.

Type: list
Default: []

kinesis

Add Kinesis Streams access to streams listed.

Type: list
Default: []

lambda

Add Lambda access.

Type: bool
Default: false

s3

Add S3 access. You may need to override default templates, see templates_path. Alternatively, you can provide a list of s3 bucket names to be added to the instance profile.

Type: bool -or- list
Default: false

sdb

Add SimpleDB access to SimpleDB Domains listed.

Type: list
Default: []

ses

Add SES access.

Type: bool
Default: false

sns

Add SNS access.

Type: bool
Default: false

sqs

Add SQS access.

Type: bool
Default: false