On your journey of making a CI/CD pipeline on AWS with these tools, you completed AWS CodeCommit & CodeBuild.
Next few days you'll learn these tools/services:
CodeCommit
CodeBuild
CodeDeploy
CodePipeline
S3
CodeCommit
CodeCommit is a managed source control service by AWS that allows users to store, manage, and version their source code and artefacts securely and at scale. It supports Git, integrates with other AWS services, enables collaboration through branch and merge workflows, and provides audit logs and compliance reports to meet regulatory requirements and track changes. Overall, CodeCommit provides developers with a reliable and efficient way to manage their codebase and set up a CI/CD pipeline for their software development projects.
Navigate to CodeCommit and Click on Create repository
Provide the repository name and click on create
- The repository is successfully created
- As a root user you cannot access the CodeCommit repo, so we need to create an IAM user with certain policies
Creating IAM user of CodeCommit repo
Navigate to IAM > Users
You can create a new user by clicking Add Users
Give him an AWSCodeCommitFullAccess Policy permissions
Click on Create user
Click on Next
Set permissions and select Attach policies directly
Apply AWSCodeCommitFullAccess and click on Next
- Review the user name, and permissions and click on Create user
- Download .csv file which contains our IAM user login and password details.
Generating GitCredentials for CodeCommit repo
- Select and open the IAM User that you have created and go to Security Credentials
- Under Security credentials > HTTPS Git credentials for AWS CodeCommit
Click on Generate credentials
Download credentials and click on Close
HTTPS GIT credentials are created now.
- These credentials are used to commit the source files to the CodeCommit repo
Configure AWS CLI in EC2 Instance.
$ curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
sudo apt install unzip
unzip awscliv2.zip
sudo ./aws/install
aws --version
aws configure
Configure the Access and Secret keys that we generated from the IAM user
Now clone the repository from CodeCommit to the i
Cloning the repository from CodeCommit to local
Open your repository from the code commit
Select the repository and click on the Clone URL > Clone HTTPS
Once you do this repo URL will be copied and we will be cloning it in local
Connect to the EC2 instance now and use the Git clone command to clone the repository of CodeCommit to local
I will be using Ubuntu 22 version for EC2 instance here
$ git clone <your-codecommit-repo-clone-https-url>
- Use the HTTPS GIT Credentials that you created and downloaded from the IAM User
- We have successfully cloned the empty repo named myrepo from AWS CodeCommit
Note: Make sure you add proper policies for the IAM role
Adding Source files to the repository in CodeCommit
Clone the git repo https://github.com/rjthapaa/AWS-DevOps-Project.git to the local. contains the sample app files like
Push all the files from local to the CodeCommit
- Commits are done, check the CodeCommit repo
- appspec/buildspec.yml, index.html and script files are required during CodeBuild/Deploy
CodeBuild
AWS CodeBuild is a fully managed build service in the cloud. CodeBuild compiles your source code, runs unit tests, and produces artefacts that are ready to deploy. CodeBuild eliminates the need to provision, manage, and scale your build servers.
A Buildspec file is a YAML file that defines the build process for your CodeBuild project. It contains a series of commands that CodeBuild will execute to build and package your application.
Codebuild will be built from the CodeCommit repo files only.
Click on Build Projects> Create Build project
- Provide the source details
- Provide the Environment details
Check on New service role and a default service will be created.
Services are used to communicate by CodeBuild with CodeCommit, CodeDeploy, S3, artifact and other resources
Also check on Use a buildspec file, because we are using a buildspec from repo
- Batch configuration be optional and check on Cloudwatch Logs
- Leave the rest to defaults and click on Create build project
- Build Project is Successfully created
Setting up CodeDeploy
We have done CodeCommit and CodeBuild, and now is time to CodeDepoly
In CodeDeploy, go to Applications and click on Create Application
Provide the Application name and ComputePlatform.
Click on Create Application
- An application is successfully created.
- To run or deploy one or more applications on multiple servers we need a deployment group
Create deployment group
Click on create deployment group, give it a name
Under service role , we need to create a new role and attach it here
- Let's navigate to IAM and create a role code-deploy-service-role with the below permissions
- Once the role is created get back to CodeDeploy you will be able to view a service role that we have created, select it
Under Environment Configuration, the deployment will be based on AMAZON EC2 instances, so select it
Select the Key as Name and Value will be the EC2 instance name that we are using for deployment.
- Uncheck on Enable the Load Balancer and click on Create deployment group
If you are getting any errors while creating a Deployment Group refer to this link
- Deployment group is successfully created.
Installing CodeDeploy agent on EC2 to deploy code
1. To deploy your app to EC2, CodeDeploy needs an agent which deploys the code on your EC2.
Before installing the Agent, we need to create IAM role for EC2 instance and attach it.
Create a role with the below polices
AmazonEC2FullAccess
AmazonS3FullAccess
AWSCodeDeployFullAccess
The role is created and now we need to attach this role to the EC2 instance
Go to the EC2 instance and select it. Click on> Actions > Security > Modify IAM role
- Update the role we created for this instance and click on Update IAM role
Connect to the EC2 instance and write a shell script file to install the CodeDeployAgent
vi agentinstall.sh with the below contents and run it.
#!/bin/bash
# This installs the CodeDeploy agent and its prerequisites on Ubuntu 22.04.
sudo apt-get update
sudo apt-get install ruby-full ruby-webrick wget -y
cd /tmp
wget https://aws-codedeploy-us-east-1.s3.us-east-1.amazonaws.com/releases/codedeploy-agent_1.3.2-1902_all.deb
mkdir codedeploy-agent_1.3.2-1902_ubuntu22
dpkg-deb -R codedeploy-agent_1.3.2-1902_all.deb codedeploy-agent_1.3.2-1902_ubuntu22
sed 's/Depends:.*/Depends:ruby3.0/' -i ./codedeploy-agent_1.3.2-1902_ubuntu22/DEBIAN/control
dpkg-deb -b codedeploy-agent_1.3.2-1902_ubuntu22/
sudo dpkg -i codedeploy-agent_1.3.2-1902_ubuntu22.deb
systemctl list-units --type=service | grep codedeploy
sudo service codedeploy-agent status
Note : This script file is for Ubuntu 22.04 version
- Run this command to install the DeployAgent sh agentinstall.sh
- DeployAgent is installed in EC2 and Active running.
Creating a CI/CD Pipeline
Navigate to CodePipeline > Create Pipeline
Provide a name for Pipeline and
Select the new service role and a new service will by created by the Pipeline name that we provided for Pipeline project.
Click on Next
Add details about Source provider, here we are taking all the source code from AWS CodeCommit repo name myrepo from master branch
Click on Next
Add details about Build. So the provider AWS CodeBuild the project name is CICD
- Add details about Deploy. So the provider AWS CodeDeploy the project name CICDDeploy and Deployment group is CICDdeploymentgroup
- Review all the details we provided and
Click on Create pipeline
Source, Build and Deploy all stages are successfull
Now you can access the application by using the PublicIP of Ec2instance
Try this sample app
https://github.com/rjthapaa/sample-CICD
https://github.com/rjthapaa/React-SourceCode-For-CodePipeline
in Amazon Linux for your self.