In general the Serverless Toolkit is compatible with any Continuous Integration / Continuous Delivery (CI/CD) system that can install and run Node.js projects. However, some things translate better than others into a CI/CD flow. In this guide we'll cover how you can set up your project to integrate with your CI/CD system. The steps will be independent of any specific CI/CD system but should translate to most major systems.
If you don't have an existing Serverless Toolkit project yet, follow our Getting Started guide to set up your project.
While you can use the Twilio CLI and @twilio-labs/plugin-serverless
in your CI/CD system, it might lead to some conflicts and longer execution times. Instead, if you don't do any other configuration using the Twilio CLI other than twilio serverless
commands, we recommend to install twilio-run
as a developer dependency in your project.
twilio-run
is the core that powers any twilio serverless
command but does not come with any additional overhead.
If you do use @twilio-labs/plugin-serverless
(twilio serverless
) instead of twilio-run
, we recommend pinning the version of the plugin to at least the major version you are using. For example for any version 2.x.x
:
twilio plugins:install @twilio-labs/plugin-serverless@v2
Otherwise you run into the risk of installing the latest version inside your CI/CD system which might result in your flow breaking due to major version changes.
Important: Make sure the twilio-run
version is at least 3.0.0
.
Install twilio-run
by running inside your project:
npm install --save-dev twilio-run
Most of the configuration that we'll do can be handled through command-line flags, but for convenience we'll use a .twilioserverlessrc
configuration file instead. If your project doesn't have one yet, start by creating a .twilioserverlessrc
file at the root of your project.
Add the following content to it:
1{2"commands": {3"deploy": {4/* Your configuration */5}6}7}
Anything we specify in the /* Your configuration */
section will now be applied whenever we run twilio-run deploy
or twilio serverless:deploy
. Alternatively you can scope these configurations to a specific environment or account. Check out our Configuration docs and our guide for working with multiple Twilio accounts for more concrete details on that.
For the purpose of this example we'll only execute deploy
from our CI/CD system and hence scope the configuration to the deploy command.
Since twilio-run
will not be directly accessible as a command in your CI/CD, make sure your "scripts"
section inside the package.json
file contains a line such as:
"deploy": "twilio-run deploy",
This will ensure that you can run npm run deploy
which will trigger twilio-run deploy
.
By default, the Serverless Toolkit leverages .env
files to specify which environment variables should be deployed. However, in your CI/CD system you want to safely store your credentials in the respective secrets store provided by your CI/CD system. Generating a .env
file from there can be tedious.
Instead we can use the loadSystemEnv
option. If you enable this option you have to specify a "template .env
file" through the env
option in your configuration. This template file should NOT contain any sensitive information such as secrets. Instead it only lists the keys of the environment variables that should be loaded from the system.
Important: You should never check a .env
file that contains your credentials into your version control system
Create a file such as .env.example
that only contains the key name of an environment variable that will be present in your CI/CD system. For example:
MY_ENVIRONMENT_VALUE_EXAMPLE=
As long as you make sure that this file does not contain the actual secrets, you can check this file into your version control system such as git.
Then adjust your .twilioserverlessrc
file accordingly:
1{2"commands": {3"deploy": {4"loadSystemEnv": true,5"env": ".env.example"6}7}8}
With these changes during deployment twilio-run
will take the keys that are in the .env.example
(in this example MY_ENVIRONMENT_VALUE_EXAMPLE
) and look up the corresponding values in your CI/CD environment to upload the values into your serverless deployment.
Before we can deploy, however, will have to provide credentials for twilio-run
to use when deploying your code. While you could provide those by adding ACCOUNT_SID
and AUTH_TOKEN
keys to the .env.example
file and storing those credentials in your environment, the recommended way is to use an API Key and Secret pair for your account as these are easier to rotate in case they get compromised.
Go into the Twilio Console, generate a new pair of API Key and Secret and store these as TWILIO_API_KEY
and TWILIO_API_SECRET
in the secret storage of your CI/CD system so they get injected into your CI/CD systems environment variables.
Modify your package.json
file to update your deploy
script to the following:
"deploy": "twilio-run deploy --username $TWILIO_API_KEY --password $TWILIO_API_SECRET",
This way your credentials are being used to deploy the project but the values themselves are not being uploaded into your deployments environment variables.
Now if you execute npm run deploy
it will deploy your project using TWILIO_API_KEY
and TWILIO_API_SECRET
as credentials. Afterwards it look up the value of the MY_ENVIRONMENT_VALUE_EXAMPLE
environment variable on the respective system executing the command and set it as an environment variable on your deployment.
Now that your system is configured you need to update your CI/CD system to:
npm run deploy
to the commands executed by your CI/CD system when it is supposed to deploy.