Automating Git Configuration in AWS CodeBuild

Overview

In the dynamic landscape of software development, efficient version control and seamless integration are paramount for collaborative success. AWS CodeBuild, a fully managed build service, plays a pivotal role in automating the build and test phases of the development lifecycle. When coupled with AWS CodeCommit, a secure and scalable Git-based version control service, developers can harness a powerful combination for streamlined code management.

Pioneers in Cloud Consulting & Migration Services

Reduced infrastructural costs
Accelerated application deployment

Get Started

Introduction

This blog will delve into the intricacies of automating Git configurations in AWS CodeBuild to achieve seamless integration with AWS CodeCommit.

By understanding and implementing this integration, developers can enhance the efficiency of their workflows, reduce manual interventions, and ensure a secure and standardized approach to version control.

Here, we will be talking about the importance of Git configurations, delving into the specifics of AWS CodeBuild setup, and providing practical insights into handling AWS CodeCommit credentials. As we navigate through the intricacies of this integration, developers will gain valuable insights into building a robust foundation for their continuous integration and deployment pipelines.

Steps to establish a secure and efficient Git Configuration in AWS CodeBuild for Seamless AWS CodeCommit Integration

First, we need to create an AWS CodeBuild in the AWS console

In AWS CodeBuild, click on Create a build project.

step1

Enter a project name. Choose source as AWS CodeCommit, Repository, and branch of the repository.

step1b

Under the Environment section, select the Operating system, Runtime, Image, and create a service role for AWS CodeBuild.

step1c

Under Additional Configuration, scroll down to Environment Variables and add the Access and secret keys of two different AWS accounts and regions if they differ.
Account A is where your repository is currently, and we are pushing to the repository in Account B.

step1d

Under the Buildspec section, select Insert build commands and click on Switch to the editor.

step1e

Add the below commands in buildspec

version: 0.2
 
phases:
  build:
    commands:
      - aws configure set aws_access_key_id $AWS_ACCESS_KEY_ID_A
      - aws configure set aws_secret_access_key $AWS_SECRET_ACCESS_KEY_A
      - aws configure set default.region $AWS_REGION_A
 
      # Configure Git to use AWS CodeCommit credential helper
      - git config --global credential.helper '!aws codecommit credential-helper $@'
      - git config --global credential.UseHttpPath true
 
      - git clone https://git-codecommit.eu-north-1.amazonaws.com/v1/repos/Repo1
      - cd Repo1
      - ls
      
      - aws configure set aws_access_key_id $AWS_ACCESS_KEY_ID_B
      - aws configure set aws_secret_access_key $AWS_SECRET_ACCESS_KEY_B
      - aws configure set default.region $AWS_REGION_A
 
      # Configure Git to use AWS CodeCommit credential helper
      - git config --global credential.helper '!aws codecommit credential-helper $@'
      - git config --global credential.UseHttpPath true
      - git push -u --force "https://git-codecommit.eu-north-1.amazonaws.com/v1/repos/MyRepo" master
      - ls
 
  
artifacts:
  files:
    - '**/*'

version: 0.2

phases:

build:

commands:

- aws configure set aws_access_key_id $AWS_ACCESS_KEY_ID_A

- aws configure set aws_secret_access_key $AWS_SECRET_ACCESS_KEY_A

- aws configure set default.region $AWS_REGION_A

# Configure Git to use AWS CodeCommit credential helper

- git config --global credential.helper '!aws codecommit credential-helper $@'

- git config --global credential.UseHttpPath true

- git clone https://git-codecommit.eu-north-1.amazonaws.com/v1/repos/Repo1

- cd Repo1

- ls

- aws configure set aws_access_key_id $AWS_ACCESS_KEY_ID_B

- aws configure set aws_secret_access_key $AWS_SECRET_ACCESS_KEY_B

- aws configure set default.region $AWS_REGION_A

# Configure Git to use AWS CodeCommit credential helper

- git config --global credential.helper '!aws codecommit credential-helper $@'

- git config --global credential.UseHttpPath true

- git push -u --force "https://git-codecommit.eu-north-1.amazonaws.com/v1/repos/MyRepo" master

- ls

artifacts:

files:

- '**/*'

step1f

Under the Artifacts section, choose the Artifact type. In Logs, click on Enable Amazon CloudWatch logs and create build projects.

step1g

2. Now we must create an AWS CodePipeline

In AWS CodePipeline, click on Create Pipeline.

step2

Enter the Pipeline name, select V1 for Pipelinetype, and create a service role.

step2b

Under Advanced Settings, choose an Artifact store and Encryption Key as a Default AWS Managed Key and Choose Next.

step2c

Under the source stage, select a source, Repository name, or branch from the AWS CodeCommit Repository and click on Next.

step2d

Under the Build stage, choose the Build provider, Region, and AWS CodeBuild project name, add the environment variable again, select Single build under Build type, and click Next.

step2e

Click on Skip deploy stage and click on Next.

step2f

Click On Create pipeline.

step2g

Once the AWS CodePipeline is created, Click on the pipeline to see the stages.

step2h

Click on the View logs in the Build stage.

step2i

Conclusion

By understanding the intricacies of Git configurations, we walked through the essential steps to set up a secure and efficient Git Configuration in AWS CodeBuild. By creating a build project, configuring AWS CodeCommit credentials, and orchestrating the entire process through an AWS CodePipeline, developers can significantly enhance workflow efficiency, reduce manual interventions, and establish a standardized approach to version control.

Understanding the intricacies of Git configurations, we explored the essential steps to set up a secure and efficient Git Configuration in AWS CodeBuild. By creating a build project, configuring AWS CodeCommit credentials, and orchestrating the entire process through an AWS CodePipeline, developers can significantly enhance workflow efficiency, reduce manual interventions, and establish a standardized approach to version control.

Drop a query if you have any questions regarding AWS CodeBuild and we will get back to you quickly.

Making IT Networks Enterprise-ready – Cloud Management Services

Accelerated cloud migration
End-to-end view of the cloud environment

Get Started

About CloudThat

CloudThat is an award-winning company and the first in India to offer cloud training and consulting services worldwide. As a Microsoft Solutions Partner, AWS Advanced Tier Training Partner, and Google Cloud Platform Partner, CloudThat has empowered over 850,000 professionals through 600+ cloud certifications winning global recognition for its training excellence including 20 MCT Trainers in Microsoft’s Global Top 100 and an impressive 12 awards in the last 8 years. CloudThat specializes in Cloud Migration, Data Platforms, DevOps, IoT, and cutting-edge technologies like Gen AI & AI/ML. It has delivered over 500 consulting projects for 250+ organizations in 30+ countries as it continues to empower professionals and enterprises to thrive in the digital-first world.

FAQs

1. Why is it necessary to configure Git to use the AWS CodeCommit credential helper?

ANS: – Configuring Git with the AWS CodeCommit credential helper enables secure access to AWS CodeCommit repositories, managing credentials seamlessly during interactions.

2. How do I configure AWS CodeBuild to interact with AWS CodeCommit repositories in different AWS accounts?

ANS: – As shown in the above steps in the blog, we need to use AWS CodeBuild environment variables to manage AWS access keys and regions for different accounts, ensuring secure cross-account interactions.

WRITTEN BY Abhilasha D

Abhilasha D is a Research Associate-DevOps at CloudThat. She is focused on gaining knowledge of Cloud environment and DevOps tools. She has keen interest in learning and researching on emerging technologies.