This repository is the blueprint for a complete, production-grade cloud automation framework. I didn't just follow a tutorial; I built this from the ground up to solve a real problem: making deployments fast, safe, and completely hands-off.
The philosophy is simple: a git push should be a release, not the start of a nervous, multi-hour manual checklist.
This project achieves that by treating both the application and the infrastructure as code. The entire lifecycle—from a developer committing a line of code to that change being live, tested, and monitored on the internet—is handled by a series of intelligent, automated workflows I built using Terraform and GitHub Actions.
This project isn't just a simple deployment script. It's a multi-stage system with checks and balances built-in:
-
Infrastructure as Code (IaC): The entire AWS environment (S3 buckets, CloudFront CDN, IAM roles, and CloudWatch monitoring) is defined as code using Terraform. There's no manual setup required.
-
Automated CI/CD: When code is pushed to the
mainbranch, a GitHub Actions workflow kicks off. This workflow handles everything from testing to deployment to sending notifications. -
Quality Gates: Before any code gets deployed, an HTML validation test runs automatically. If the test fails, the pipeline stops, preventing a bad release.
-
Infrastructure CI: I also built a separate pipeline for the Terraform code itself. When a Pull Request is opened that changes the infrastructure, it automatically runs a
terraform planand posts the output as a comment. This lets me review the exact impact of a change before it's merged. -
Monitoring & Alerting: Once deployed, the site doesn't just run in the dark.
- CloudWatch Alarms are set up to watch for spikes in server or client errors (5xx/4xx).
- If an alarm is triggered, SNS Notifications send an alert email.
- A custom CloudWatch Dashboard gives a clear overview of the site's health.
-
Post-Deployment Canary: After a successful deployment, a final "canary" job uses Playwright to visit the live website and verify that the main headline is correct. This is a crucial final check to make sure the deployment actually worked.
-
Notifications: The pipeline reports its status (success, failure, and canary health) to a Discord channel, so I always know what's going on.
Here’s a guide to getting this pipeline up and running yourself. I've fought the bugs so you don't have to.
-
Prerequisites: You'll need an AWS account, Terraform, and Git installed.
-
Clone the Repository:
git clone https://github.com/Ayushmore1214/K-Stack.git cd K-Stack -
Configure Variables: Open
terraform/variables.tf. You'll need to change thedefaultvalues forproject_name(this has to be a globally unique S3 bucket name) andalert_email. -
Set Up AWS Credentials: Make sure your terminal is authenticated with AWS.
aws configure
- Important Note for Codespaces/Cloud IDEs: These environments often use temporary credentials that can interfere. You'll likely need to run the following commands before every
applyordestroyto clear them out:unset AWS_ACCESS_KEY_ID unset AWS_SECRET_ACCESS_KEY unset AWS_SESSION_TOKEN
- Important Note for Codespaces/Cloud IDEs: These environments often use temporary credentials that can interfere. You'll likely need to run the following commands before every
-
Deploy the Infrastructure: Navigate to the Terraform directory and run the commands to build the AWS resources.
cd terraform terraform init terraform apply --auto-approveThis will output the keys and IDs you need for the next step.
-
Configure GitHub Secrets: In your own fork of this repository, go to
Settings > Secrets and variables > Actionsand add the following secrets. Use the outputs from theterraform applycommand.AWS_ACCESS_KEY_IDAWS_SECRET_ACCESS_KEYS3_BUCKET_NAMECLOUDFRONT_IDSITE_URLDISCORD_WEBHOOK_URL(You can get this from your Discord server'sIntegrations > Webhookssettings)
-
Confirm the Alert Email: Check your inbox for an email from "AWS Notification." You have to click the confirmation link inside to start receiving SNS alerts.
-
Trigger the Pipeline: Commit and push a change to the
mainbranch. This will kick off your first run.git push origin main