AWS DevOps & Developer Productivity Blog
Integrating AWS CodeCommit with Jenkins
Today we have a guest post written by Emeka Igbokwe, a Solutions Architect at AWS.
This post walks you through the steps to set up Jenkins and AWS CodeCommit to support 2 simple continuous integration (CI) scenarios.
In the 1st scenario, you will make a change in your local Git repository, push the change to your AWS CodeCommit hosted repository and have the change trigger a build in Jenkins.
For the 2nd scenario, you will make a change on a development branch in your local Git repository, push the change to your AWS CodeCommit hosted repository and have the change trigger a merge from the development branch to the master branch, perform a build on the merged master branch, then push the change on the merged master branch to the AWS CodeCommit hosted repository on a successful build.
For the walkthrough, we will run the Jenkins server on an Amazon Linux Instance and configure your workstation to access the Git repository hosted by AWS CodeCommit.
Set Up IAM Permissions
AWS CodeCommit uses IAM permissions to control access to the Git repositories.
For this walkthrough, you will create an IAM user, an IAM role, and a managed policy. You will attach the managed policy to the IAM user and the IAM role, granting both the user and role the permissions to push and pull changes to and from the Git repository hosted by AWS CodeCommit.
You will associate the IAM role with the Amazon EC2 instance you launch to run Jenkins. (Jenkins uses the permissions granted by the IAM role to access the Git repositories.)
- Create an IAM user. Save the access key ID and the secret access key for the new user.
- Attach the managed policy named AWSCodeCommitPowerUser to the IAM user you created.
- Create an Amazon EC2 service role named CodeCommitRole and attach the managed policy (AWSCodeCommitPowerUser) to it.
Set Up Your Development Environment
Install Git and the AWS CLI on your workstation.
Windows:
- Install Git on Windows.
- Install the AWS CLI using the MSI Installer.
Linux or Mac:
- Install Git on Linux or Mac.
- Install the AWS CLI using the Bundled Installer.
After you install the AWS CLI, you must configure it using your IAM user credentials.
aws configure
Enter the AWS access key and AWS secret access key for the IAM user you created; enter us-east-1 for the region name; and enter json for the output format.
AWS Access Key ID [None]: Type your target AWS access key ID here, and then press Enter AWS Secret Access Key [None]: Type your target AWS secret access key here, and then press Enter Default region name [None]: Type us-east-1 here, and then press Enter Default output format [None]: Type json here, and then press Enter
Configure Git to use your IAM credentials and an HTTP path to access the repositories hosted by AWS CodeCommit.
git config --global credential.helper '!aws codecommit credential-helper $@' git config --global credential.useHttpPath true
Create your central Git repository in AWS CodeCommit.
aws codecommit create-repository --repository-name DemoRepo --repository-description "demonstration repository"
Set your user name and email address.
git config --global user.name "Your Name" git config --global user.email "Your Email Address"
Create a local copy of the repository.
git clone https://git-codecommit.us-east-1.amazonaws.com/v1/repos/DemoRepo
Change directory to the local repository.
cd DemoRepo
In the editor of your choice, copy and paste the following into a file and save it as HelloWorld.java.
class HelloWorld { public static void main(String[] args) { System.out.println("Hello World!"); } }
In the same directory where you created HelloWorld.java, run the following git commands to commit and push your change.
git add HelloWorld.java git commit -m "Added HelloWord.java" git push origin
Set Up the Jenkins Server
Create an instance using the Amazon Linux AMI. Make sure you associate the instance with the CodeCommitRole role and configure the security group associated with the instance to allow incoming traffic on ports 22 (SSH) and 8080 (Jenkins). You may further secure your server by restricting access to only the IP addresses of the developer machines connecting to Jenkins.
Use SSH to connect to the instance. Update the AWS CLI and install Jenkins, Git, and the Java JDK.
sudo yum install -y git java-1.8.0-openjdk-devel sudo yum update -y aws-cli
Add the Jenkins repository and install Jenkins.
sudo wget -O /etc/yum.repos.d/jenkins.repo https://pkg.jenkins-ci.org/redhat/jenkins.repo sudo rpm --import https://jenkins-ci.org/redhat/jenkins-ci.org.key sudo yum install -y jenkins
Configure the AWS CLI.
cd ~jenkins sudo -u jenkins aws configure
Accept the defaults for the AWS access key and AWS secret access key; enter us-east-1 for the region name; and enter json for the output format.
AWS Access Key ID [None]: Press Enter AWS Secret Access Key [None]: Press Enter Default region name [None]: Type us-east-1 here, and then press Enter Default output format [None]: Type json here, and then press Enter
Configure Git to use IAM credentials and an HTTP path to access the repositories hosted by AWS CodeCommit.
sudo -u jenkins git config --global credential.helper '!aws codecommit credential-helper $@' sudo -u jenkins git config --global credential.useHttpPath true sudo -u jenkins git config --global user.email "me@mycompany.com" sudo -u jenkins git config --global user.name "MyJenkinsServer"
Start Jenkins.
sudo service jenkins start sudo chkconfig jenkins on
Configure global security.
- Open the Jenkins home page (https://<public DNS name of EC2 instance>:8080) in your browser.
- Select Manage Jenkins and Configure Global Security.
- Select the Enable Security check box.
- Under Security Realm, select the Jenkins’ own user database radio button.
- Clear the Allow users to sign up check box.
- Under Authorization, select the Logged-in users can do anything radio button.
Configure the Git plugin.
- Select Manage Jenkins and Manage Plugins.
- On the Available tab, use the Filter box to find Git Plugin.
- Select the Install check box next to Git Plugin.
- Choose Download now and install after restart.
After Jenkins has restarted, add a project that will execute a build each time a change is pushed to the AWS CodeCommit hosted repository.
Scenario 1: Set Up Project
- From the Jenkins home page, select New Item.
- Select Build a free-style software project.
- For the project name, enter “Demo”.
- For Source Code Management, choose Git.
- For the repository URL, enter “https://git-codecommit.us-east-1.amazonaws.com/v1/repos/DemoRepo”.
- For the Build Trigger, select Poll SCM with a schedule of H/05 * * * *.
- For the Build under Add Build Step select Execute Shell and in the Command text box, type javac HelloWorld.java.
- Click Save.
Scenario 1: Update the Local Git Repository
Now that your development environment is configured and the Jenkins server is set up, modify the source in your local repository and push the change to the central repository hosted on AWS CodeCommit.
On your workstation, change directory to the local repository and create a branch where you will make your changes.
cd DemoRepo
Use the editor of your choice to modify Helloword.java with the content below, and then save the file in the DemoRepo directory.
class HelloWorld { public static void main(String[] args) { System.out.println("Scenario 1: Build Hello World using Jenkins"); } }
Run the following git commands to commit and push your change.
git add HelloWorld.java git commit -m "Modified HelloWord.java for scenario 1" git push origin
Scenario 1: Monitor Build
After five minutes, go to the Jenkins home page. You should see a build.
In the Last Success column, click the build (shown here as #1). This will take you to the build output. Click Console Output to see the build details.
Scenario 2: Modify Project To Support “Pre-Build Branch Merging”
- From the Jenkins home page, click on Demo in the Name column.
- Select “Configure” to modify project
- Make sure “Branch Specifier” for Branches to build is blank.
- For Additional Behaviors, add Merge before Build.
- Set the name of the repository to origin.
- Set the branch to merge to master.
- Add the Post Build Action Git Publisher.
- Select Push Only If Build Succeeds.
- Select Merge Results.
- Select Add Tag.
- Set the tag to push to $GIT_COMMIT.
- Select Create new tag.
- Set the target remote name to origin.
- Click Save.
Scenario 2: Update the Local Git Repository
Now that your development environment is configured and the Jenkins server is set up, modify the source in your local repository and push the change to the central repository hosted on AWS CodeCommit.
On your workstation, change directory to the local repository and create a branch where you will make your changes.
cd DemoRepo git checkout -b MyDevBranch
Use the editor of your choice to modify Helloword.java with the content below, and then save the file in the DemoRepo directory.
class HelloWorld { public static void main(String[] args) { System.out.println("Build Hello World using Jenkins!"); } }
Run the following git commands to commit and push your change.
git add HelloWorld.java git commit -m "Modified HelloWord.java for sceanrio 2" git push origin MyDevBranch
Scenario 2: Monitor Build
After five minutes, go to the Jenkins home page. You should see a build.
In the Last Success column, click the build (shown here as #2). This will take you to the build output. Click Console Output to see the build details.
Scenario 2: Verify The Master Branch Is Updated
Create another local repository named DemoRepo2. Verify the master branch includes your changes.
cd .. git clone https://git-codecommit.us-east-1.amazonaws.com/v1/repos/DemoRepo DemoRepo2 cd DemoRepo2
Use the editor of your choice to open HelloWorld.java. It should include the change you made in your local DemoRepo repository.
We hope this helps to get you started using Jenkins with your AWS CodeCommit repositories. Let us know if you have questions, or if there are other product integrations you are interested in.