{"id":17384485,"url":"https://github.com/tsertkov/cdk-all-the-things","last_synced_at":"2026-01-20T03:31:18.328Z","repository":{"id":45832257,"uuid":"514571506","full_name":"tsertkov/cdk-all-the-things","owner":"tsertkov","description":"AWS CDK and Go Lambdas Playground","archived":false,"fork":false,"pushed_at":"2023-03-06T08:16:16.000Z","size":898,"stargazers_count":1,"open_issues_count":9,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-02-12T20:32:45.299Z","etag":null,"topics":["aws","aws-api-gateway","aws-cdk","docker","go","multi-account","multi-environment","multi-region","serverless"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tsertkov.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-07-16T12:25:06.000Z","updated_at":"2022-10-31T23:26:51.000Z","dependencies_parsed_at":"2025-02-12T20:32:25.641Z","dependency_job_id":"7db0b722-ed49-4163-a106-46b9560ede78","html_url":"https://github.com/tsertkov/cdk-all-the-things","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tsertkov%2Fcdk-all-the-things","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tsertkov%2Fcdk-all-the-things/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tsertkov%2Fcdk-all-the-things/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tsertkov%2Fcdk-all-the-things/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tsertkov","download_url":"https://codeload.github.com/tsertkov/cdk-all-the-things/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247493777,"owners_count":20947773,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","aws-api-gateway","aws-cdk","docker","go","multi-account","multi-environment","multi-region","serverless"],"created_at":"2024-10-16T07:45:39.477Z","updated_at":"2026-01-20T03:31:13.308Z","avatar_url":"https://github.com/tsertkov.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# CDK All The Things\n\nMulti-account, multi-region, multi-environment AWS CDK and Golang cloud application playground.\n\n## Prerequisites\n\nTools: make, nodejs, docker, sops, aws-cli, awk, sed, xargs, [yq](https://github.com/mikefarah/yq), [age](https://github.com/FiloSottile/age).\n\n## Usage\n\nFollow bootstrapping instructions to prepare local and aws environment. Use make commands to run operations.\n\n### Bootstrapping\n\n- `git clone ...` - Clone this git repo\n- Edit configuration parameters in `config.yaml`\n- `make init` - Install dependencies\n- `make bootstrap-cdk` - Bootstrap cdk for all apps regions\n- `make bootstrap-github-oidc` - Optionally bootstrap github oidc if Github Actions are used for deployments\n- `make bootstrap-secret-key` - Generage age secret key and store it in the cloud\n\n### Make commands\n\n#### Bootstrap commands\n\n- `make init` - install infra dependencies\n- `make bootstrap-cdk` - bootstrap cdk for all apps regions\n- `make bootstrap-github-oidc` - deploy cfn stack with github oidc\n- `make bootstrap-secret-key` - generate age secret key and store it in the cloud\n\n#### Build commands\n\n- `make build` - build all\n- `make build-lambdas` - build lambdas\n- `make build-infra` - build infra deployer container image\n- `make clean` - remove compiled lambdas and decrypted secrets\n- `make clean-secrets` - remove decrypted secrets file\n- `make clean-lambdas` - remove compiled lambdas\n\n#### Secrets commands\n\n- `make sops-edit-(config|secrets)` - edit encrypted secrets file or create new one\n- `make sops-decrypts-(config|secrets)` - decrypt secrets into plan text file\n- `make sops-encrypt-(config|secrets)` - encrypt secrets from plan text file\n- `make secrets-aws-update` - set secrets in aws from decrypted secrets\n- `make secrets-aws-delete regcode=euc1` - delete secrets in aws\n\n#### Cdk commands\n\nCdk commands support additional arguments: `app`, `stage` and `regcode`. Their defaults are set in `Makefile` and equal to `make app=deployer-glb stage=dev regcode='*'`.\n\nlist:\n\n- `make ls` - list infra stacks for given region\n- `make lsa` - list infra stacks for all regions\n- `make lsa-all` - list all stacks for all apps\n- `make metadata` - show stacks metadata\n\ndiff:\n\n- `make diff` - diff infra changes\n- `make diff-all` - diff infra changes for all apps\n\ndeploy:\n\n- `make deploy` - deploy infra \u0026 lambdas\n- `make deploy-all` - deploy infra \u0026 lambdas for all apps\n\noutputs:\n\n- `make outputs` - display stack outputs\n- `make outputs-all` - display stack outputs from all apps for given region\n\ndestroy:\n\n- `make destroy` - destroy stacks\n- `make destroy-all` - destroy stacks from all apps\n\n## Applications\n\nSystem apps:\n\n- `deployer-glb` - apps deployer (single-region)\n- `monitor-glb` - monitor app (single-region)\n- `monitor` - monitor app (multi-region)\n\nUser apps:\n\n- `be` - backend api app (multi-region)\n- `fe` - frontend app (single-region)\n\n## Environments\n\nStages and their environment configurations are defined under `stages` section in `config.yaml`.\n\n### Deployment\n\ndeployer-glb application manages deployments of all other applications including delivering self updates.\n\n![applications deployment](https://user-images.githubusercontent.com/5339042/195422269-3c44f4c6-11b2-4d1f-ab25-40d7243072f6.svg)\n\n### Deployer architecture\n\nMain job of deployer is to run CloudFormation stack updates. It uses CodeBuild to trigger updates and CodePipeline to orchestrate the flow.\n\n![deployer architecture](https://user-images.githubusercontent.com/5339042/195419705-4b1d9b33-441b-41a3-8eda-ee4ba7475634.svg)\n\n1. Upload deployer container image to ECR repo.\n2. Upload deployment config to artifacts S3 bucket.\n3. Trigger and monitor pipeline execution.\n4. Fetch deployment config from artifacts S3 bucket.\n5. Trigger CodeBuild RO project to run `make diff` command.\n6. Download container image from ECR.\n7. Get secret key to decrypt password file.\n8. CloudFormation diff.\n9. Manual approve step in AWS CodePipeline.\n10. Trigger CodeBuild RW project to run `make deploy` command.\n11. Get secret key to decrypt password file.\n12. Download container image from ECR.\n13. CloudFormation deploy.\n14. Create/update secrets in SecretsManager.\n\n## Containerized deployer\n\nAutomated pipelines use deployer container image to execute deployments.\n\n```bash\n# build lambdas and infra deployer container image\n% make lambdas infra\n\n# run simple command\n% docker run --rm -it infra lsa-all\n\n# run command with AWS access\n% docker run --rm -it \\\n    -e AWS_ACCESS_KEY_ID \\\n    -e AWS_SECRET_ACCESS_KEY \\\n    infra app=be diff\n\n# run command with custom config file\n% docker run --rm -it \\\n    -v $PWD/config.yaml:/app/config.yaml \\\n    infra app=be lsa\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftsertkov%2Fcdk-all-the-things","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftsertkov%2Fcdk-all-the-things","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftsertkov%2Fcdk-all-the-things/lists"}