This project demonstrates an end-to-end CI/CD deployment workflow for a Java web application using AWS Developer Tools.
It was completed as part of the 7-Day DevOps Challenge by NextWork, then documented as a recruiter-facing portfolio project to show hands-on experience with cloud infrastructure, build automation, deployment automation, rollback testing, logging, and infrastructure as code.
I built a Java web application and deployed it through an automated AWS CI/CD pipeline.
The final workflow connects GitHub, AWS CodePipeline, AWS CodeBuild, AWS CodeDeploy, Amazon EC2, Amazon S3, AWS CodeArtifact, Amazon CloudWatch, IAM, and AWS CloudFormation.
The project demonstrates how code changes can move from a GitHub commit to a live EC2-hosted web application through automated source, build, test, package, and deployment stages.
flowchart LR
A["Developer pushes code"] --> B["GitHub Repository"]
B --> C["AWS CodePipeline"]
C --> D["Source Stage<br/>Pull latest commit from GitHub"]
D --> E["Build Stage<br/>AWS CodeBuild<br/>Run tests and build Java app with Maven"]
E <--> F["AWS CodeArtifact<br/>Maven dependency management"]
E --> G["Amazon S3<br/>Build artifact storage"]
G --> H["Deploy Stage<br/>AWS CodeDeploy<br/>Use appspec.yml and lifecycle scripts"]
H --> I["Amazon EC2<br/>Tomcat/Apache Java web app"]
H --> J["Rollback<br/>Restore previous stable deployment if deployment fails"]
E --> K["Amazon CloudWatch<br/>Build logs"]
H --> K
C --> L["IAM Roles<br/>Service permissions"]
E --> L
H --> L
This diagram shows the full CI/CD flow from a GitHub commit to a live EC2 deployment, including dependency management, build artifacts, deployment automation, logging, IAM permissions, and rollback support.
- Built an end-to-end AWS CI/CD pipeline for a Java web application.
- Connected GitHub to AWS using CodePipeline and CodeConnections.
- Configured CodeBuild to compile, test, package, and upload build artifacts.
- Integrated CodeArtifact with Maven for dependency and package management.
- Stored build and deployment artifacts in Amazon S3.
- Deployed the application to Amazon EC2 using CodeDeploy.
- Created and tested
appspec.ymland deployment lifecycle scripts. - Simulated deployment failure and tested rollback behaviour.
- Used CloudWatch logs to troubleshoot build and deployment issues.
- Used CloudFormation to convert manually created infrastructure into reusable infrastructure as code.
- Troubleshot IAM permissions, CodeArtifact authentication, CloudFormation dependency errors, and deployment script failures.
| Service | Purpose |
|---|---|
| Amazon EC2 | Hosted the Java web application |
| AWS CodePipeline | Automated the CI/CD workflow |
| AWS CodeBuild | Built, tested, and packaged the application |
| AWS CodeDeploy | Deployed the application to EC2 |
| AWS CodeArtifact | Managed Maven dependencies and package access |
| Amazon S3 | Stored build and deployment artifacts |
| AWS CloudFormation | Provisioned infrastructure as code |
| Amazon CloudWatch | Captured build and deployment logs |
| IAM | Managed service permissions and secure access |
| Tool | Purpose |
|---|---|
| Git | Version control |
| GitHub | Source code hosting and CI/CD trigger |
| VS Code Remote SSH | Remote development on EC2 |
| Maven | Java dependency management and build process |
| Shell Scripts | Deployment lifecycle automation |
| Markdown | Technical documentation |
The completed pipeline works as follows:
- A code change is pushed to the GitHub repository.
- AWS CodePipeline detects the change.
- The Source stage pulls the latest commit from GitHub.
- AWS CodeBuild runs the build process.
- Maven dependencies are retrieved through AWS CodeArtifact.
- A custom test script validates the project structure before packaging.
- The Java web application is packaged into a deployable
.warfile. - Build artifacts are stored in Amazon S3.
- CodePipeline passes the packaged artifact to the Deploy stage.
- AWS CodeDeploy uses
appspec.ymland lifecycle scripts to deploy the application to EC2. - CloudWatch logs provide visibility for troubleshooting build and deployment issues.
- If deployment fails, rollback behaviour restores the previous stable version.
.
├── src/ # Java web application source code
├── scripts/ # CodeDeploy lifecycle scripts
│ ├── install_dependencies.sh
│ ├── start_server.sh
│ └── stop_server.sh
├── buildspec.yml # CodeBuild build instructions
├── appspec.yml # CodeDeploy deployment instructions
├── pom.xml # Maven project configuration
├── run-tests.sh # Basic automated test script
├── README.md # Main project overview
└── docs/ # Detailed day-by-day implementation notes
├── day-01-cloud-web-app-setup.md
├── day-02-github-version-control.md
├── day-03-codeartifact-package-management.md
├── day-04-codebuild-continuous-integration.md
├── day-05-codedeploy-automated-deployment.md
├── day-06-cloudformation-infrastructure-as-code.md
└── day-07-codepipeline-end-to-end-cicd.md
This project was completed across seven hands-on stages. Each stage includes implementation notes, troubleshooting, screenshots, and validation evidence.
| Stage | Focus | Documentation |
|---|---|---|
| Day 1 | Cloud web app setup with EC2, SSH, VS Code Remote SSH, Java, and Maven | View Day 1 |
| Day 2 | GitHub version control, Git setup, commits, and PAT authentication | View Day 2 |
| Day 3 | AWS CodeArtifact package management, Maven integration, IAM role access, and package validation | View Day 3 |
| Day 4 | AWS CodeBuild CI workflow, buildspec.yml, test automation, CloudWatch logs, and S3 artifacts |
View Day 4 |
| Day 5 | AWS CodeDeploy deployment to EC2 using appspec.yml and lifecycle scripts |
View Day 5 |
| Day 6 | AWS CloudFormation infrastructure as code, dependency fixes, parameters, and reusable templates | View Day 6 |
| Day 7 | End-to-end AWS CodePipeline workflow with GitHub, CodeBuild, CodeDeploy, and rollback testing | View Day 7 |
| Issue | Cause | Resolution |
|---|---|---|
| Git push failed | GitHub no longer accepts password authentication for Git operations | Used a GitHub Personal Access Token |
| CodeArtifact authentication failed | EC2 instance did not have the required CodeArtifact permissions | Created and attached an IAM role with CodeArtifact access |
| CodeBuild could not create logs | Missing CloudWatch Logs permissions | Added log permissions to the CodeBuild service role |
| Maven build failed | Incorrect custom settings configuration | Simplified Maven build command and corrected build configuration |
| Build artifact was missing | Build failed before packaging completed | Fixed the build process and verified artifact output in S3 |
| CodeDeploy failed | Deployment script issue or incorrect lifecycle configuration | Reviewed CodeDeploy logs, fixed scripts, and redeployed |
| CloudFormation stack failed | Missing dependencies and incorrect logical references | Added DependsOn, removed invalid references, and corrected template values |
| Deployment rollback needed validation | Rollback behaviour needed to be tested, not just assumed | Simulated a failed deployment and confirmed recovery to a stable version |
- Used IAM roles instead of hardcoded AWS credentials.
- Used temporary CodeArtifact authentication tokens.
- Applied service-specific IAM permissions.
- Used GitHub authentication securely through tokens and AWS CodeConnections.
- Stored build artifacts in Amazon S3.
- Enabled CloudWatch logs for build and deployment visibility.
- Used deployment lifecycle scripts for repeatable EC2 configuration.
- Tested rollback behaviour to improve deployment reliability.
- Used CloudFormation to reduce manual infrastructure configuration.
- Documented implementation decisions and troubleshooting steps.
This project helped me understand how AWS DevOps services work together in a real CI/CD workflow.
The most valuable part was not just creating the pipeline, but troubleshooting issues across IAM permissions, CodeArtifact authentication, build configuration, deployment scripts, CloudFormation dependencies, and rollback behaviour.
Through this project, I gained stronger hands-on experience with AWS deployment automation, CI/CD design, infrastructure as code, build pipelines, and operational troubleshooting.
Luekrit Kongkamon
LinkedIn: linkedin.com/in/luekrit-kongkamon
Email: luekrit.k@gmail.com
This project was completed as part of the 7-Day DevOps Challenge by NextWork.
Challenge link: NextWork AWS DevOps Challenge