Harness and CloudFront

Hey all!

I’ve seen many people leveraging the amazing edge capabilities of AWS to reach their users all over the globe without needing a large IT team or server footprint that they need to manage. The inevitable question that comes with this opportunity and Harness is, how do we use Harness to deploy a CloudFront application?

Essentially, since CloudFront typically uses an S3 bucket to store static website files, the ability to automate that upload after the CI process finishes the zip file build makes the whole process quick and easy.

Currently, in Harness, there is no “CloudFront” service, nor is the S3 bucket considered a viable endpoint that you can deploy to. Therefore, you’ll need to use both the AWS CLI and some native Harness pieces to get to nervana.

Starting at your Harness Dashboard, go to Setup in the top right:

Select Harness Delegates in the bottom right:

Create a Delegate Profile:

with the following script:

apt-get update
apt-get install -y python
apt-get install -y zip
curl "https://s3.amazonaws.com/aws-cli/awscli-bundle.zip" -o "awscli-bundle.zip"
unzip awscli-bundle.zip
./awscli-bundle/install -b ~/bin/aws
~/bin/aws --version

Once that is done, assign the Delegate Profile to a Delegate of choice:

You’ll also need to add a tag to the bottom of the delegate, which will be used later:

The last piece of setup you’ll need to do before we get the workflow built is to put the AWS programmatic keys to the Harness Secrets Manager:


Now, you’ll go into the desired Harness Application and create a new Build Workflow:

In the workflow, you’ll delete the “Collect Artifact” section and add a new Shell Script and then add the following script (change the secrets to the appropriate name):

export AWS_ACCESS_KEY_ID=${secrets.getValues("bf-aws-access-key")}
export AWS_SECRET_ACCESS_KEY=${secrets.getValues("bf-aws-secret-key")}
echo "making directory for zip download and cd to that folder"
mkdir ./test-zip
cd ./test-zip
mkdir test
echo "download the artifact"
/root/bin/aws s3 cp ${workflow.variables.cfSource} .
unzip ${workflow.variables.cfSource} -d ./test
cd test
/root/bin/aws s3 sync . ${workflow.variables.cfDest}

And make sure that you add the Delegate tag from the step above:

Once that is done and saved, add two Workflow Variables named cfSource and cfDest, which the end user or Trigger will supply the source bucket for cfSource and the destination bucket for cfDest:

For links to the different pieces in the script, see AWS Sync, Harness Secrets Manager, and Harness Workflow Variables

Hope this helps!

Don’t forget to Like/Comment/Share!

1 Like