使用 GitHub 部署 AWS CloudWatch 警报

为 Opsgenie 集成添加警报存储库

转到 Jira 并创建一个新 Jira 事务，将 AWS CloudWatch 警报存储库添加到 GitHub。在本例中，Jira 事务 ID 为 IM-10。

转到 GitHub 并单击“新建”。为“负责人”选择合适的组织。单击“创建存储库”以继续。

单击“设置”，然后单击“密钥”。将您的 AWS 访问密钥 ID 添加为 AWS_ACCESS_KEY_ID，将您的 AWS 秘密访问密钥添加为 AWS_SECRET_ACCESS_KEY。

在您的终端中转到您的 CloudWatchAlarms 存储库，并运行以下命令以将您的 AWS CloudFormation 代码推送到 GitHub。

1git add --all
2git commit -m "IM-10 add CloudWatchAlarms to github"
3git remote add origin git@github.com:PmmQuickStartGuides01/CloudWatchAlarms.git
4git branch -m mainline
5git push -u origin mainline

警报 template.yml

1Description: 'A description'
2
3Resources:
4  OpsGenieSNS:
5    Type: AWS::SNS::Topic
6    Properties: 
7      DisplayName: 'Opsgenie'
8      Subscription:
9        - Endpoint: 'https://api.opsgenie.com/v1/json/cloudwatch?apiKey=a4449509-6998-4d55-841d-2e6b363520c7'
10          Protocol: 'HTTPS'
11      TopicName: 'Opsgenie'
12
13  SubmitImageLambdaAlarm:
14    Type: AWS::CloudWatch::Alarm
15    Properties: 
16      AlarmActions:
17        - !Ref 'OpsGenieSNS'
18      AlarmDescription: 'SubmitImage Too Many Invocations'
19      ComparisonOperator: 'GreaterThanThreshold'
20      Dimensions:
21        - Name: FunctionName
22          Value: !ImportValue 'SubmitImageFunctionName'
23      EvaluationPeriods: 1
24      MetricName: 'Invocations'
25      Namespace: 'AWS/Lambda'
26      Period: 60
27      Statistic: 'Sum'
28      Threshold: 10

将 SNS 主题订阅端点设置为您从 Opsgenie 复制的端点 URL。SubmitImageLambdaAlarm 监控 submitImage AWS Lambda 发出的单个指标。如果一分钟内调用次数超过 10 次，则会发出警报。

用于部署到 AWS 的 GitHub 操作

在您的终端中转到 CloudWatchAlarms 存储库，创建一个以您的 Jira 事务 ID 命名的分支，并创建一个 .github/workflows 目录。

1git checkout -b IM-10
2mkdir -p .github/workflows && cd .github/workflows

使用以下 yaml 创建 deploy-test-staging.yml。这为您的测试和暂存环境定义了部署工作流程，该工作流程在推送到主线以外的分支时运行。

1name: deploy-cloudwatchalarms-test-staging
2on:
3  push:
4    branches:
5      - '*'
6      - '!mainline'
7
8jobs:
9  deploy-us-west-1:
10    runs-on: ubuntu-latest
11    outputs:
12      env-name: ${{ steps.env-name.outputs.environment }}
13    steps:
14      - name: Checkout code
15        uses: actions/checkout@v2
16      - name: Configure AWS credentials
17        id: creds
18        uses: aws-actions/configure-aws-credentials@v1
19        with:
20          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
21          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
22          aws-region: "us-west-1"
23      - name: Deploy to AWS CloudFormation
24        uses: aws-actions/aws-cloudformation-github-deploy@v1
25        with:
26          name: OpenDevOpsAlarms
27          template: template.yml
28          no-fail-on-empty-changeset: "1"
29
30  deploy-us-east-2:
31    runs-on: ubuntu-latest
32    needs: deploy-us-west-1
33    steps:
34      - name: Checkout code
35        uses: actions/checkout@v2
36      - name: Configure AWS credentials
37        id: creds
38        uses: aws-actions/configure-aws-credentials@v1
39        with:
40          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
41          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
42          aws-region: "us-east-2"
43      - name: Deploy to AWS CloudFormation
44        uses: aws-actions/aws-cloudformation-github-deploy@v1
45        with:
46          name: OpenDevOpsAlarms
47          template: template.yml
48          no-fail-on-empty-changeset: "1"

然后使用以下 yaml 创建 deploy-prod.yml。这为您的生产环境定义了部署工作流程，该工作流程在拉取请求将变更合并到主线中时运行。

1name: deploy-cloudwatchalarms-prod
2on:
3  pull_request:
4    branches:
5      - mainline
6
7jobs:
8  deploy-us-west-2:
9    runs-on: ubuntu-latest
10    outputs:
11      env-name: ${{ steps.env-name.outputs.environment }}
12    steps:
13      - name: Checkout code
14        uses: actions/checkout@v2
15      - name: Configure AWS credentials
16        id: creds
17        uses: aws-actions/configure-aws-credentials@v1
18        with:
19          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
20          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
21          aws-region: "us-west-2"
22      - name: Deploy to AWS CloudFormation
23        uses: aws-actions/aws-cloudformation-github-deploy@v1
24        with:
25          name: OpenDevOpsAlarms
26          template: template.yml
27          no-fail-on-empty-changeset: "1"
28
29  deploy-ca-central-1:
30    runs-on: ubuntu-latest
31    needs: deploy-us-west-2
32    steps:
33      - name: Checkout code
34        uses: actions/checkout@v2
35      - name: Configure AWS credentials
36        id: creds
37        uses: aws-actions/configure-aws-credentials@v1
38        with:
39          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
40          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
41          aws-region: "ca-central-1"
42      - name: Deploy to AWS CloudFormation
43        uses: aws-actions/aws-cloudformation-github-deploy@v1
44        with:
45          name: OpenDevOpsAlarms
46          template: template.yml
47          no-fail-on-empty-changeset: "1"
48
49  deploy-us-east-1:
50    runs-on: ubuntu-latest
51    needs: deploy-ca-central-1
52    steps:
53      - name: Checkout code
54        uses: actions/checkout@v2
55      - name: Configure AWS credentials
56        id: creds
57        uses: aws-actions/configure-aws-credentials@v1
58        with:
59          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
60          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
61          aws-region: "us-east-1"
62      - name: Deploy to AWS CloudFormation
63        uses: aws-actions/aws-cloudformation-github-deploy@v1
64        with:
65          name: OpenDevOpsAlarms
66          template: template.yml
67          no-fail-on-empty-changeset: "1"

推送到功能分支

从命令行运行以下命令，将您的代码推送到您的 CloudWatchAlarms 存储库的 IM-10 分支。

1git add --all
2git commit -m "IM-10 add github actions to CloudWatchAlarms"
3git push -u origin IM-10

单击“操作”以查看正在运行的工作流程。

创建拉取请求

点击创建拉取请求以合并到主线中。

单击“操作”以监视生产部署。

测试警报

通过触发您刚才设置的 AWS CloudWatch 提醒或单击“创建提醒”来生成提醒。

查看 Slack 可看到通知已出现。