The CI Pipeline demystified.


The CI Pipeline is an AWS environment based on AWS CodeBuild, CodeDeploy,
CodePipeline that continuously builds and runs the tests every time a Pull
request is created or updated.

Flow:
  1. Pull request is created/updated.
  2. CodeBuild:CI_AwsNitroEnclavesCli is triggered and builds an archive with
     the content of the PullRequest and pushes it into
     S3:aws-nitro-enclaves-cli.
  3. Every time something is pushed in S3:aws-nitro-enclaves-cli the
     CodePipeline:CI_AwsNitroEnclaveCli triggers a deploy of 
     CodeDeploy:CI_AwsNitroEnclavesCli which lands on all EC2 instances from the
     Deployment group: CI_AwsNitroEnclavesCli.
     To add an EC2 instance inside the deployment group: CI_AwsNitroEnclavesCli
     just launch it with the Launch Template called CI_AwsNitroEnclavesV2
  4. The CodeDeploy agent running inside the EC2 instance is starting the
     run_tests.sh script and wait for it to finish.
  5. run_tests.sh publishes the result back to the Pull request that triggered
     the pipeline in the first place. For authentification to Github it uses the
     parameter stored AWS SSM called GITHUB_TOKEN.


Investigating pipeline failures:
1. Full logs generated by run_tests scripts are found in Cloudwatch under the
   log group: codedeploy-deployments-log.
   https://console.aws.amazon.com/cloudwatch/home?region=us-east-1#logStream:group=codedeploy-deployments-log

Replacing the currently used EC2 instance:
1. Just launch a new instance using the Launch template called
   CI_AwsNitroEnclavesV2 + --enclave-options Enabled=true.

AWS Resources used by the pipeline and their IDs:
   - CodeBuild: CI_AwsNitroEnclavesCli
   https://console.aws.amazon.com/codesuite/codebuild/projects/CI_AwsNitroEnclavesCli/history?region=us-east-1
   - CodeDeploy: CI_AwsNitroEnclavesCli
   https://console.aws.amazon.com/codesuite/codedeploy/applications/CI_AwsNitroEnclavesCli?region=us-east-1
   - CodePipeline: CI_AwsNitroEnclavesCli
   https://console.aws.amazon.com/codesuite/codedeploy/applications/CI_AwsNitroEnclavesCli?region=us-east-1
   - EC2 Instance:
       Tag: Pipeline_AwsNitroEnclavesCli
   - AMI: CI_AwsNitroEnclavesCli
   - LaunchTemplate: CI_AwsNitroEnclavesV2
   https://console.aws.amazon.com/ec2/v2/home?region=us-east-1#LaunchTemplateDetails:launchTemplateId=lt-002976d5454b19ef7
   - IAMRole: CI_AwsNitroEnclavesCli
   https://console.aws.amazon.com/iam/home?#/roles/CI_AwsNitroEnclavesCli
   - SSM Parameter: GITHUB_TOKEN
   https://console.aws.amazon.com/systems-manager/parameters/GITHUB_TOKEN/description?region=us-east-1
   - S3: aws-nitro-enclaves-cli
   https://console.aws.amazon.com/s3/buckets/aws-nitro-enclaves-cli/?region=us-east-1&tab=overview
   - InstanceKeyName: CI_AwsNitroEnclavesCli