AWS Partner Network (APN) Blog
Announcing Atlassian Bitbucket Support for AWS CodeDeploy
Editor’s note: For the latest information on Atlassian Bitbucket, visit the Atlassian website.
By Brandon Chavis, Partner Solutions Architect at AWS
Shortly after making Atlassian Bamboo and AWS CodeDeploy integration available to support Continuous Integration (CI) and Continuous Delivery (CD) workflows on AWS, AWS Partner Network (APN) member Atlassian has added another key integration with AWS Code services. The integration of Atlassian products and AWS Code services is a compelling story for companies that deploy software on AWS at every stage of the build, test, and deployment lifecycle.
We’re happy to announce Atlassian Bitbucket support for AWS CodeDeploy, so you can now push code to Amazon EC2 instances directly from the Bitbucket UI. This is a great example of simplifying deployments, especially if you prefer “a-human-presses-a-button” control over your deployments.
As an example, I’m a developer and I want to deploy a change to my PHP website that runs on a cluster of Amazon EC2 web servers. First, I will update my code in my BitBucket repository. Then, to minimize the context switching that would happen from logging into my CI platform, or logging directly into my EC2 hosts to run a manual deployment process, I could now take advantage of CodeDeploy’s flexibility by deploying my code to my EC2 instances directly from the BitBucket UI.
Let’s take a look at how this works!
First, we’ll need a sample application in Bitbucket. Grab our sample application and push it to Bitbucket: https://s3.amazonaws.com/aws-codedeploy-us-east-1/samples/latest/SampleApp_Linux.zip
Next, install the CodeDeploy add-on through the Settings menu in Bitbucket. Then, under my hello-world app’s repository, I can choose CodeDeploy Settings to configure CodeDeploy:
Bitbucket needs the ability to stage your code artifacts in an Amazon S3 bucket for CodeDeploy to pull, so step one of this setup process is to create an AWS Identity and Access Management (IAM) role with the following policy:
{"Version": "2012-10-17","Statement": [{"Effect": "Allow","Action":
["s3:ListAllMyBuckets","s3:PutObject"],"Resource":
"arn:aws:s3:::*"},{"Effect": "Allow","Action":
["codedeploy:*"],"Resource": "*"}]}
The setup will ask for the ARN of the IAM role so Atlassian can assume a role in your account, push code to your S3 bucket on your behalf, and do a deployment using CodeDeploy.
Once you’ve provided the role ARN, you’ll also be able to tell Bitbucket which S3 bucket to use for storing deployment artifacts and which CodeDeploy application to deploy to:
If you haven’t set up CodeDeploy yet, that’s okay—it’s easy to get started. Step one is to make sure you have an EC2 instance running the CodeDeploy Agent. Make sure you tag the instance with something that is identifiable, because tags are one way that CodeDeploy identifies the instances it should add to the deployment group. Once you have an instance running, sign in to the CodeDeploy console and choose Create New Application. In CodeDeploy, an application is a namespace that AWS CodeDeploy uses to correlate attributes, such as what code should be deployed and from where.
After you’ve created your application, you can specify a deployment group, which is a collection of EC2 instances that CodeDeploy will execute on for each deployment.
Now that the basics for CodeDeploy are configured, we need to tell CodeDeploy how to deploy to our instances by using an appspec.yml file. Because the instances in my deployment group are just Apache 2.0 web servers, my AppSpec file tells CodeDeploy how to update the default index.html with my new code:
Now we’re ready to push code to my deployment group. From within my repo’s “Production” branch, I can simply choose Deploy to AWS:
Now I can check on the status of the deployment in the CodeDeploy console:
Finally, let’s see if the deployment was successful by viewing the DNS address of my instance in a browser:
So there you have it—a simple mechanism for pushing code directly to EC2 instances by using Atlassian Bitbucket and AWS CodeDeploy. We’re really excited to offer this integration, so check out the new Bitbucket add-on here! I also encourage you to check out Atlassian’s post on the integration.
Editor’s note on March 14th, 2016: We’ve received a few questions on two points covered in this blog post. We hope to provide clarity with the following information from the author.
One major ask has been to use this feature for automated deployments in your CI/CD workflow. This Bitbucket integration is simply intended to streamline pushing code artifacts to instances quicker, but isn’t intended to serve as your primary CI/CD workflow. If you’re looking to build a full continuous integration and continuous deployment workflow, take a look at Atlassian Bamboo. Bamboo is designed for CI, builds, and testing, and you can use the Bamboo CodeDeploy plugin to push code to instances.
https://utoolity.atlassian.net/wiki/display/TAWS/Using+the+AWS+CodeDeploy+Deployment+task+in+Bamboo/
The second most common question has been around the use of roles. There are actually two roles required for the setup in this post. One role, which we talk about explicitly in the post, is the “cross-account IAM role”, which allows Atlassian to do something in your account (in this case upload to Amazon S3). The other role is one we don’t directly call out, and this role is the “CodeDeploy Service Role”, and we assume you’ll create that as part of the CodeDeploy setup process. This role allows CodeDeploy the service to do things on your behalf, like query instances in the Deployment group. You can create this role by following this documentation:
http://docs.aws.amazon.com/codedeploy/latest/userguide/how-to-create-service-role.html