Deploy to AWS Lambda from Travis CI

AWS Credentials for Testing and Deploying Lambda Functions from Travis-CI

Contributed by Rich

These steps were used to setup, test and deploy Lambda functions which use AWS services in the code. Since deploying to production and development will be using different AWS accounts, different AWS credentials are necessary.

Configure a repo at travis-ci.org with AWS Credentials

First a repo that will Travis-CI for testing and deployment needs to be activated by going to https://travis-ci.org (see Making Repo Travis CI and Coveralls Compliant for details).

Next, go to the settings for that repo a https://travis-ci.org//settings. Here environment variables that will be accessible when a repo is installed and tested. For each branch that has different AWS credentials, make three variables prefixed with the branch name and in all lowercase such as follows:

  • master_aws_region us-west-2
  • master_aws_access_key_id blahblah
  • master_aws_secret_access_key blahblahblahblah

Make sure “Display value in Build Log” is OFF

Configure .travis.yml File

Here is a copy of the .travis.yml file that uses the $TRAVIS_BRANCH environment variable to create the AWS_REGION, AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY variables for the given branch:

language:
- python
python:
- '2.7'
before_install:
- sudo apt-get install -y curl tar
- bash install-apex.sh
- eval export AWS_ACCESS_KEY_ID=\$${TRAVIS_BRANCH}_aws_access_key_id
- eval export AWS_SECRET_ACCESS_KEY=\$${TRAVIS_BRANCH}_aws_secret_access_key
- eval export AWS_REGION=\$${TRAVIS_BRANCH}_aws_region
install:
- bash install-requirements.sh
- pip install coveralls
script: 
- coverage run --source=obs test-setup.py test
after_success:
- coveralls
deploy:
- provider: script
  skip_cleanup: true
  script: ./apex deploy 
  on:
    branch: develop
- provider: script
  skip_cleanup: true
  script: ./apex deploy
  on:
    branch: master

There are few important parts to this:

  • The eval command is what will make an new environment variable from the existing $TRAVIS_BRANCH environment variable to get the correct AWS environment variables for this branch.
  • These AWS variables will be available to the python functions.
  • When the deploy: section is called, these variables are also used to determine where to deploy the Lambda functions to.
  • The bash install-apex.sh will run a script to install the apex binary in the repo’s root directory for the deploy: section
  • The bash install-requirements.sh will run a script that will find all your functions with a requirements.txt file and install them. You do not need to modify the install-requirements.sh script as it runs for all functions/*/requirements.txt files