This project demonstrates how to setup a development workflow with cloud-based Continuous Integration (CI) for testing an IoT application that connects to AWS cloud services.
The application can be tested using Arm Virtual Hardware. Code development and debug can be done locally, for example with CMSIS-Build and Keil MDK tools. We are also working on a development flow for Keil Studio that will provide a cloud-native development environment.
Automated test execution is managed with GitHub Actions and gets triggered on every code change in the repository. The program gets built and run on Arm Virtual Hardware cloud infrastructure in AWS and the test results can be then observed in repository's GitHub Actions.
To build and run this application program with a CI workflow on GitHub the following steps are required. For details refer to Run AMI with GitHub Actions - GetHub-hosted Runners.
-
Amazon Web Service (AWS) account with:
- Amazon EC2 (elastic cloud) access
- Amazon S3 (storage) access
- Registration to access AVH Amazon Machine Image AVH AMI
- User role setup for scripted API access
-
GitHub:
- Fork this repository with at least Write access rights
- Store the AWS account configuration (obtained in step 1) as GitHub Secrets - *AWS Access values in the forked repository
-
AWS IoT Thing:
- Use the AWS IoT console to create a thing, download its certificates, create a policy, and attach the policy to the thing
- Store this configuration as GitHub Secrets - IoT Cloud Access values in the forked repository
The following (secret) configuration values need to be added to the repositories Secret store:
Secret Name | Description |
---|---|
AWS Access | Settings and credentials required to acces AWS EC2 and S3 services |
AWS_IAM_PROFILE |
The IAM Role to be used for AWS access. The value shall be preceded with Name= prior to the actual profile name. For example Name=myAVHRole . |
AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY |
Access key pair for the AWS account (as IAM user) that shall be used by the CI workflow for AWS access. |
AWS_S3_BUCKET_NAME |
The name of the S3 storage bucket to be used for data exchange between GitHub and AWS AMI. |
AWS_DEFAULT_REGION |
The data center region the AVH AMI will be run on. For example eu-west-1 . |
AWS_SECURITY_GROUP_ID |
The id of the VPC security group to add the EC2 instance to. Shall have format sg-xxxxxxxx . |
AWS_SUBNET_ID |
The id of the VPC subnet to connect the EC2 instance to. Shall have format subnet-xxxxxxxx . |
IoT Cloud Access | Settings and credentials required to connect an AWS IoT Thing |
CLIENT_CERTIFICATE_PEM |
Client (device) certificate |
CLIENT_PRIVATE_KEY_PEM |
Client (device) private key |
IOT_THING_NAME |
Client (device) name |
MQTT_BROKER_ENDPOINT |
MQTT broker host name |