codepipeline 승인 절차
codepipeline 승인 slack
codepipeline 수동승인
아래 출처 된 내용으로 진행했다.
https://qiita.com/Macaron_Suke/items/17bcdae3fe4512e22eea
codepipelineの承認をslack上で行う - Qiita
Codepipeline上で承認を行っていた 今回、社内から要望が上がってきたので備忘録として記載しておく。これまではCodepipelineで本番環境にDeployする前段階で以下のような「承認」を経てデプロイ
qiita.com
#람다 환경변수
token
channel_id
code_name
람다 레이어 계층 설정
#slack 알람 람다함수 등록
https://github.com/assertible/lambda-cloudwatch-slack/
GitHub - assertible/lambda-cloudwatch-slack: Send AWS CloudWatch notifications to a Slack channel using Lambda
Send AWS CloudWatch notifications to a Slack channel using Lambda - GitHub - assertible/lambda-cloudwatch-slack: Send AWS CloudWatch notifications to a Slack channel using Lambda
github.com
# sns 연결 할 람다함수
import logging
import json
import os
import boto3
import traceback
from slack_sdk import WebClient
from slack_sdk.errors import SlackApiError
def lambda_handler(event, context):
token = os.environ["SLACK_API_TOKEN"]
channel_id = os.environ["channel_id"]
code_name = os.environ["code_name"]
client = WebClient(token=token)
message = event["Records"][0]["Sns"]["Message"]
data = json.loads(message)
token = data["approval"]["token"]
codepipeline_name = data["approval"]["pipelineName"]
if codepipeline_name == "code-infra":
# msg_text = "```승인하시겠습니까?```"
msg_text = f"```{code_name} 승인하시겠습니까?```"
attachments_json = [
{
"fallback": "Upgrade your Slack client to use messages like these.",
"color": "#258ab5",
"attachment_type": "default",
"callback_id": "the_greatest_war",
"actions": [
{
"name": "ok",
"text": "승인",
"value": token + ',' + codepipeline_name,
"style": "primary",
"type": "button",
"confirm": {
"title": "승인",
"text": "승인하시겠습니까?",
"ok_text": "OK",
"dismiss_text": "Cancel"
}
},
{
"name": "cancel",
"text": "취소",
"style": "danger",
"value": token + ',' + codepipeline_name,
"type": "button"
}
]
}
]
try:
response = client.chat_postMessage(
channel=channel_id,
text=msg_text,
attachments=attachments_json
)
assert response["ok"]
except Exception:
print(traceback.format_exc())
# api 연결 할 람다함수
# coding: utf-8
import json
import urllib.request
import boto3
stage_name = "Approval"
action_name = "Approval"
def lambda_handler(event, context):
client = boto3.client("codepipeline")
msg = event["body"] # httpでpostされたpayloadの格納
if not msg:
return {
'statusCode': 403,
'headers': {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*'
},
'body': "Forbidden"
}
msg_decode = urllib.parse.unquote(msg)
msg_replace = msg_decode.replace("payload=", '')
new_msg = json.loads(msg_replace)
token = new_msg["actions"][0]["value"]
approval_data = token.split(',')
pipeline_name = approval_data[1]
token = approval_data[0]
if new_msg["actions"][0]["name"] == "ok":
client.put_approval_result(
pipelineName=pipeline_name,
stageName=stage_name,
result={
'summary': 'Approval',
'status': 'Approved',
},
token=token,
actionName=action_name
)
return {
'statusCode': 200,
'headers': {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*'
},
'body': "```취소 되었습니다.```"
}
else:
client.put_approval_result(
pipelineName=pipeline_name,
stageName=stage_name,
result={
'summary': 'Rejected',
'status': 'Rejected',
},
token=token,
actionName=action_name
)
return {
'statusCode': 200,
'headers': {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*'
},
'body': "```승인 되었습니다.```"
}