This repository is the blueprint for a complete, production-grade cloud automation framework. I didn't just follow a tutorial; I built this from the ground up to solve a real problem: making deployments fast, safe, and completely hands-off.
The philosophy is simple: a git push should be a release, not the start of a nervous, multi-hour manual checklist.
This project achieves that by treating both the application and the infrastructure as code. The entire lifecycle—from a developer committing a line of code to that change being live, tested, and monitored on the internet—is handled by a series of intelligent, automated workflows I built using Terraform and GitHub Actions.
This project isn't just a simple deployment script. It's a multi-stage system with checks and balances built-in:
-
Infrastructure as Code (IaC): The entire AWS environment (S3 buckets, CloudFront CDN, IAM roles, and CloudWatch monitoring) is defined as code using Terraform. There's no manual setup required.
-
Automated CI/CD: When code is pushed to the
mainbranch, a GitHub Actions workflow kicks off. This workflow handles everything from testing to deployment to sending notifications. -
Quality Gates: Before any code gets deployed, an HTML validation test runs automatically. If the test fails, the pipeline stops, preventing a bad release.
-
Infrastructure CI: I also built a separate pipeline for the Terraform code itself. When a Pull Request is opened that changes the infrastructure, it automatically runs a
terraform planand posts the output as a comment. This lets me review the exact impact of a change before it's merged. -
Monitoring & Alerting: Once deployed, the site doesn't just run in the dark.
- CloudWatch Alarms are set up to watch for spikes in server or client errors (5xx/4xx).
- If an alarm is triggered, SNS Notifications send an alert email.
- A custom CloudWatch Dashboard gives a clear overview of the site's health.
-
Post-Deployment Canary: After a successful deployment, a final "canary" job uses Playwright to visit the live website and verify that the main headline is correct. This is a crucial final check to make sure the deployment actually worked.
-
Notifications: The pipeline reports its status (success, failure, and canary health) to a Discord channel, so I always know what's going on.
Here’s a guide to getting this pipeline up and running yourself. I've fought the bugs so you don't have to.
-
Prerequisites: You'll need an AWS account, Terraform, and Git installed.
-
Clone the Repository:
git clone https://github.com/Ayushmore1214/K-Stack.git cd K-Stack -
Configure Variables: Open
terraform/variables.tf. You'll need to change thedefaultvalues forproject_name(this has to be a globally unique S3 bucket name) andalert_email. -
Set Up AWS Credentials: Make sure your terminal is authenticated with AWS.
aws configure
- Important Note for Codespaces/Cloud IDEs: These environments often use temporary credentials that can interfere. You'll likely need to run the following commands before every
applyordestroyto clear them out:unset AWS_ACCESS_KEY_ID unset AWS_SECRET_ACCESS_KEY unset AWS_SESSION_TOKEN
- Important Note for Codespaces/Cloud IDEs: These environments often use temporary credentials that can interfere. You'll likely need to run the following commands before every
-
Deploy the Infrastructure: Navigate to the Terraform directory and run the commands to build the AWS resources.
cd terraform terraform init terraform apply --auto-approveThis will output the keys and IDs you need for the next step.
-
Configure GitHub Secrets: In your own fork of this repository, go to
Settings > Secrets and variables > Actionsand add the following secrets. Use the outputs from theterraform applycommand.AWS_ACCESS_KEY_IDAWS_SECRET_ACCESS_KEYS3_BUCKET_NAMECLOUDFRONT_IDSITE_URLDISCORD_WEBHOOK_URL(You can get this from your Discord server'sIntegrations > Webhookssettings)
-
Confirm the Alert Email: Check your inbox for an email from "AWS Notification." You have to click the confirmation link inside to start receiving SNS alerts.
-
Trigger the Pipeline: Commit and push a change to the
mainbranch. This will kick off your first run.git push origin main
This repository is the result of many hours of building, debugging, and documenting. If it helped you understand a complex topic or saved you time on your own projects, the best way to say thanks is to leave a star ⭐ on the repo.