Automating Git Configuration in AWS CodeBuild

Overview

In the dynamic landscape of software development, efficient version control and seamless integration are paramount for collaborative success. AWS CodeBuild, a fully managed build service, plays a pivotal role in automating the build and test phases of the development lifecycle. When coupled with AWS CodeCommit, a secure and scalable Git-based version control service, developers can harness a powerful combination for streamlined code management.

Pioneers in Cloud Consulting & Migration Services

Reduced infrastructural costs
Accelerated application deployment

Get Started

Introduction

This blog will delve into the intricacies of automating Git configurations in AWS CodeBuild to achieve seamless integration with AWS CodeCommit.

By understanding and implementing this integration, developers can enhance the efficiency of their workflows, reduce manual interventions, and ensure a secure and standardized approach to version control.

Here, we will be talking about the importance of Git configurations, delving into the specifics of AWS CodeBuild setup, and providing practical insights into handling AWS CodeCommit credentials. As we navigate through the intricacies of this integration, developers will gain valuable insights into building a robust foundation for their continuous integration and deployment pipelines.

Steps to establish a secure and efficient Git Configuration in AWS CodeBuild for Seamless AWS CodeCommit Integration

First, we need to create an AWS CodeBuild in the AWS console

In AWS CodeBuild, click on Create a build project.

step1

Enter a project name. Choose source as AWS CodeCommit, Repository, and branch of the repository.

step1b

Under the Environment section, select the Operating system, Runtime, Image, and create a service role for AWS CodeBuild.

step1c

Under Additional Configuration, scroll down to Environment Variables and add the Access and secret keys of two different AWS accounts and regions if they differ.
Account A is where your repository is currently, and we are pushing to the repository in Account B.

step1d

Under the Buildspec section, select Insert build commands and click on Switch to the editor.

step1e

Add the below commands in buildspec

version: 0.2
 
phases:
  build:
    commands:
      - aws configure set aws_access_key_id $AWS_ACCESS_KEY_ID_A
      - aws configure set aws_secret_access_key $AWS_SECRET_ACCESS_KEY_A
      - aws configure set default.region $AWS_REGION_A
 
      # Configure Git to use AWS CodeCommit credential helper
      - git config --global credential.helper '!aws codecommit credential-helper $@'
      - git config --global credential.UseHttpPath true
 
      - git clone https://git-codecommit.eu-north-1.amazonaws.com/v1/repos/Repo1
      - cd Repo1
      - ls
      
      - aws configure set aws_access_key_id $AWS_ACCESS_KEY_ID_B
      - aws configure set aws_secret_access_key $AWS_SECRET_ACCESS_KEY_B
      - aws configure set default.region $AWS_REGION_A
 
      # Configure Git to use AWS CodeCommit credential helper
      - git config --global credential.helper '!aws codecommit credential-helper $@'
      - git config --global credential.UseHttpPath true
      - git push -u --force "https://git-codecommit.eu-north-1.amazonaws.com/v1/repos/MyRepo" master
      - ls
 
  
artifacts:
  files:
    - '**/*'

version: 0.2

phases:

build:

commands:

- aws configure set aws_access_key_id $AWS_ACCESS_KEY_ID_A

- aws configure set aws_secret_access_key $AWS_SECRET_ACCESS_KEY_A

- aws configure set default.region $AWS_REGION_A

# Configure Git to use AWS CodeCommit credential helper

- git config --global credential.helper '!aws codecommit credential-helper $@'

- git config --global credential.UseHttpPath true

- git clone https://git-codecommit.eu-north-1.amazonaws.com/v1/repos/Repo1

- cd Repo1

- ls

- aws configure set aws_access_key_id $AWS_ACCESS_KEY_ID_B

- aws configure set aws_secret_access_key $AWS_SECRET_ACCESS_KEY_B

- aws configure set default.region $AWS_REGION_A

# Configure Git to use AWS CodeCommit credential helper

- git config --global credential.helper '!aws codecommit credential-helper $@'

- git config --global credential.UseHttpPath true

- git push -u --force "https://git-codecommit.eu-north-1.amazonaws.com/v1/repos/MyRepo" master

- ls

artifacts:

files:

- '**/*'

step1f

Under the Artifacts section, choose the Artifact type. In Logs, click on Enable Amazon CloudWatch logs and create build projects.

step1g

2. Now we must create an AWS CodePipeline

In AWS CodePipeline, click on Create Pipeline.

step2

Enter the Pipeline name, select V1 for Pipelinetype, and create a service role.

step2b

Under Advanced Settings, choose an Artifact store and Encryption Key as a Default AWS Managed Key and Choose Next.

step2c

Under the source stage, select a source, Repository name, or branch from the AWS CodeCommit Repository and click on Next.

step2d

Under the Build stage, choose the Build provider, Region, and AWS CodeBuild project name, add the environment variable again, select Single build under Build type, and click Next.

step2e

Click on Skip deploy stage and click on Next.

step2f

Click On Create pipeline.

step2g

Once the AWS CodePipeline is created, Click on the pipeline to see the stages.

step2h

Click on the View logs in the Build stage.

step2i

Conclusion

By understanding the intricacies of Git configurations, we walked through the essential steps to set up a secure and efficient Git Configuration in AWS CodeBuild. By creating a build project, configuring AWS CodeCommit credentials, and orchestrating the entire process through an AWS CodePipeline, developers can significantly enhance workflow efficiency, reduce manual interventions, and establish a standardized approach to version control.

Understanding the intricacies of Git configurations, we explored the essential steps to set up a secure and efficient Git Configuration in AWS CodeBuild. By creating a build project, configuring AWS CodeCommit credentials, and orchestrating the entire process through an AWS CodePipeline, developers can significantly enhance workflow efficiency, reduce manual interventions, and establish a standardized approach to version control.

Drop a query if you have any questions regarding AWS CodeBuild and we will get back to you quickly.

Making IT Networks Enterprise-ready – Cloud Management Services

Accelerated cloud migration
End-to-end view of the cloud environment

Get Started

About CloudThat

CloudThat is an official AWS (Amazon Web Services) Advanced Consulting Partner and Training partner, AWS Migration Partner, AWS Data and Analytics Partner, AWS DevOps Competency Partner, Amazon QuickSight Service Delivery Partner, Amazon EKS Service Delivery Partner, Microsoft Gold Partner, and many more, helping people develop knowledge of the cloud and help their businesses aim for higher goals using best-in-industry cloud computing practices and expertise. We are on a mission to build a robust cloud computing ecosystem by disseminating knowledge on technological intricacies within the cloud space. Our blogs, webinars, case studies, and white papers enable all the stakeholders in the cloud computing sphere.

To get started, go through our Consultancy page and Managed Services Package, CloudThat’s offerings.

FAQs

1. Why is it necessary to configure Git to use the AWS CodeCommit credential helper?

ANS: – Configuring Git with the AWS CodeCommit credential helper enables secure access to AWS CodeCommit repositories, managing credentials seamlessly during interactions.

2. How do I configure AWS CodeBuild to interact with AWS CodeCommit repositories in different AWS accounts?

ANS: – As shown in the above steps in the blog, we need to use AWS CodeBuild environment variables to manage AWS access keys and regions for different accounts, ensuring secure cross-account interactions.

WRITTEN BY Abhilasha D

Abhilasha D is a Research Associate-DevOps at CloudThat. She is focused on gaining knowledge of Cloud environment and DevOps tools. She has keen interest in learning and researching on emerging technologies.