AWS DevOps Blog

Using CodeDeploy Environment Variables

Using CodeDeploy Environment Variables

AWS CodeDeploy

AWS CodeDeploy is an AWS service that can help customers deploy their applications quickly and reliably to Amazon EC2 instances or on-premises servers. To learn more about the service, visit the AWS CodeDeploy home page or see the AWS CodeDeploy documentation.

When you use AWS CodeDeploy, your deployment goes through a set of predefined phases called deployment lifecycle events. These events give you an opportunity to run scripts (or hooks) as part of the deployment. To learn more about specifying scripts that correspond to lifecycle events, see the hooks section of AppSpec File Reference. In this blog, we will look at how you use environment variables to customize these scripts.

Environment Variables

Customers have been asking for a way to provide context information on the deployment that can be used by the scripts. AWS CodeDeploy environment variables let you do just that. The following environment variables are currently supported:

 1.  LIFECYCLE_EVENT : This variable contains the name of the lifecycle event associated with the script.
 2.  DEPLOYMENT_ID :  This variables contains the deployment ID of the current deployment.
 3.  APPLICATION_NAME :  This variable contains the name of the application being deployed. This is the name the user sets in the console or AWS CLI.
 4.  DEPLOYMENT_GROUP_NAME :  This variable contains the name of the deployment group. A deployment group is a set of instances associated with an application that you target for a deployment.
 5.  DEPLOYMENT_GROUP_ID : This variable contains the ID of the deployment group in AWS CodeDeploy that corresponds to the current deployment

The AWS CodeDeploy host agent will substitute all references to these environment variables when executing scripts. One typical use case for the use of environment variables is to configure the port numbers based on the deployment group name. Let’s take the sample Linux application for AWS CodeDeploy, which is available in GitHub and S3. This sample installs Apache and copies a simple index.html file to the root directory. Assume that you have two deployment groups: Staging and Production. You want to deploy a revision to the Staging deployment group and test it before promoting it to the Production deployment group. However, Apache runs on port 9090 in Staging and port 80 in Production. Instead of creating two different revisions with different installation scripts, you can use environment variables to customize the Apache ports in the script based on the deployment group. Here’s the code snippet you would use in the hook script. Add these lines after “yum install -y httpd”.

if [ "$DEPLOYMENT_GROUP_NAME" == "Staging" ]
    sed -i -e 's/Listen 80/Listen 9090/g' /etc/httpd/conf/httpd.conf

Another use case is to set the log level according to the deployment group. Use the following code snippet:

if [ "$DEPLOYMENT_GROUP_NAME" == "Staging" ]
    sed -i -e 's/LogLevel warn/LogLevel debug/g' /etc/httpd/conf/httpd.conf

Let’s take this a step further and use environment variables to customize the index.html file. To implement this, we need an AfterInstall script, which looks like this:


import os

strToSearch="<h2>This application was deployed using AWS CodeDeploy.</h2>"

strToReplace="<h2>This page for " + os.environ['APPLICATION_NAME'] + " application and " + os.environ['DEPLOYMENT_GROUP_NAME'] + " deployment group with " + os.environ['DEPLOYMENT_GROUP_ID'] +  "deployment group id was generated by a " + os.environ['LIFECYCLE_EVENT'] + " script during " + os.environ['DEPLOYMENT_ID'] + " deployment.</h2>"



Save this file as in the Scripts folder. You must also change the appspec.yml file to accommodate this new hook script. Add the following lines just before the line containing “ApplicationStop:” :

    - location: scripts/
      timeout: 300
      runas: root

Distributing Credentials

Environment variables are a great way to customize your scripts based on context information, such as application name or deployment group name. Environment variables are not designed for passing AWS credentials or other sensitive data. Here’s a post in the AWS Security Blog that shows how you can use IAM roles to securely distribute AWS credentials to your Amazon EC2 instances.

Please share your ideas or questions about AWS CodeDeploy environment variables in the comments here or over in the AWS CodeDeploy forum.