Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
AWS Automation Cookbook

You're reading from   AWS Automation Cookbook Continuous Integration and Continuous Deployment using AWS services

Arrow left icon
Product type Paperback
Published in Nov 2017
Publisher Packt
ISBN-13 9781788394925
Length 388 pages
Edition 1st Edition
Tools
Arrow right icon
Author (1):
Arrow left icon
Nikit Swaraj Nikit Swaraj
Author Profile Icon Nikit Swaraj
Nikit Swaraj
Arrow right icon
View More author details
Toc

Table of Contents (11) Chapters Close

Preface 1. Using AWS CodeCommit 2. Building an Application using CodeBuild FREE CHAPTER 3. Deploying Application using CodeDeploy & CodePipeline 4. Building Scalable and Fault-Tolerant CI/CD Pipeline 5. Understanding Microservices and ECS 6. Continuous Deployment to ECS Using Developer Tools and CloudFormation 7. IaC Using CloudFormation and Ansible 8. Automating AWS Resource Control Using AWS Lambda 9. Microservice Applications in Kubernetes Using Jenkins Pipeline 2.0 10. Best Practices and Troubleshooting Tips

Setting up CodeCommit for SSH users using AWS CLI

In the previous recipe, we saw how we can access the repository using the username and password. In this section, we will use SSH private and public keys to access the repository. We will be accessing the repository using SSH connections.

This topic assumes that you already have, or know how to create, a pair of public/private keys. You should be familiar with SSH and its configuration files.

Getting ready

Before setting up CodeCommit for SSH users, we need the AWS CLI installed and configured with the respective AWS account. To install the AWS CLI on our development machine, we need to perform these steps:

  1. We need to install python-pip and AWS CLI tools. Usually, in CentOS/RHEL, python-pip comes with EPEL (Extra Package for Enterprise Linux):
    # yum install epel-release python-pip
# pip install awscli
  1. Once we have the awscli command installed in our system, we have to configure it using the access and secret Key, as well as the region we will use the AWS account in. If you remember, we had created a user while generating the https git credentials, but at that moment, we also downloaded another type of credentials, the secret and access key. So, we need that over here.
  2. Now, let's configure AWS CLI:
    awsstar@awsstar:~$ aws configure
AWS Access Key ID [None]: AKIxxxxxxxxxxxxxDDA
AWS Secret Access Key [None]: b+GEuc2u3xxxxxxxxxxxxxx+av/5eK
Default region name [None]: us-east-1
Default output format [None]:
  1. Once the configuration is done, let's try to list the repository:
    awsstar@awsstar:~$ aws codecommit list-repositories
{
"repositories": [
{
"repositoryName": "NixSrj",
"repositoryId": "73caf1e3-65a9-44bf-8c6a-a3bd3e0260b0"
},
{
"repositoryName": "ECS-POC",
"repositoryId": "62063220-b0fc-4519-9d54-896be46a7521"
},
{
"repositoryName": "terraform-Openshift",
"repositoryId": "20f88492-81bb-4068-8867-5d17a1d3ec5b"
}
]
}
  1. So it's showing the repository, which means the credentials are working fine and we are good to go to create a repository now.

How to do it...

  1. Create a repository, HelloWorld:
    awsstar@awsstar:~$ aws codecommit create-repository --repository-    name HelloWorld --repository-description "This repository includes     static page of HelloWorld"
{
"repositoryMetadata": {
"repositoryName": "HelloWorld",
"cloneUrlSsh": "ssh://git-codecommit.us-east- 1.amazonaws.com/v1/repos/HelloWorld",
"lastModifiedDate": 1501778613.664,
"repositoryDescription": "This repository includes static page of HelloWorld",
"cloneUrlHttp": "https://git-codecommit.us-east- 1.amazonaws.com/v1/repos/HelloWorld",
"creationDate": 1501778613.664,
"repositoryId": "53866a81-8576-4e79-ab5a-36882c33b717",
"Arn": "arn:aws:codecommit:us-east-1:160384169139:HelloWorld",
"accountId": "160384169139"
}
}
  1. Now, check it using the following command:
    awsstar@awsstar:~$ aws codecommit list-repositories
{
"repositories": [
{
"repositoryName": "HelloWorld",
"repositoryId": "53866a81-8576-4e79-ab5a-36882c33b717"
}
]
}
  1. Let's try to clone the HelloWorld repository from CodeCommit to our development machine; but before that, we have to establish SSH authentication. To do that, we have to perform the following operations to generate the SSH keys:
    awsstar@awsstar:~$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/awsstar/.ssh/id_rsa):
Created directory '/home/awsstar/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/awsstar/.ssh/id_rsa.
Your public key has been saved in /home/awsstar/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:NMUiRSDRD9SxrSIcYm9A4BYau2TOaeEfk5TgRmy3i4o root@aa21529d724f
The key's randomart image is:
+---[RSA 2048]----+
|+=. o+o=+o. |
|=*o...+ o+. |
|+O=oo ++.. |
|Oo+*.. ..o |
|.*.+* . S |
|...oo. . |
|o . |
|E |
| |
+----[SHA256]-----+
  1. The preceding command will create two keys; one is the public key (id_rsa.pub) and the other one is the private key (id_rsa).
  2. Now, we have to upload the public key to the user of AWS we created:
    awsstar@awsstar:~$ cd .ssh
awsstar@awsstar:~/.ssh$ aws iam upload-ssh-public-key --user-name awsccuser --ssh-public-key-body "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCk437p8/JmhGOdM9oYNK/r1xpOnuA2cQNfYys7lnE9gXJdTEjniHNFcJZMkIVmtYQGAqEh37BWGfXl4s5iw/NSfkDuZf8zegAgyPryR0KTTUG2f/rrtyLtlAPlSXjtCmHakZzhwIoRJtzkDbSpKoUOD8fNnS3kKIwk7Dp3+gGLLgo9eoZdud9h/E5+NpORog7wg7xaTgg3mwa9StaPHKMxJNwNc71dIuUyAh2S6bDbHB3QWLNfrJABYqPq5HGFh3KLogH9GHBMajshLEOS4Ygk3uC8FzB+eP4oneuWd2n68N3qg5RmX0U5lAL8s3+ppuhmjlbSvDOdBUJdpgEL/AQZ awsstar@awsstar"
  1. We need to make a note of some details, such as the SSHPublicKeyId provided as output in thew JSON format, while uploading the SSH public key.
  2. We have to bring about some modification in the config file lying in $HOME/.ssh/config:
    awsstar@awsstar:~$ vi .ssh/config
Host git-codecommit.us-east-1.amazonaws.com
User APKAIGJDPRJL3INHSJ6Q
IdentityFile ~/.ssh/id_rsa
  1. Once we are done saving the config file, let's see the connectivity between the development machine and AWS CodeCommit:
    awsstar@awsstar:~$ ssh git-codecommit.us-east-1.amazonaws.com
The authenticity of host 'git-codecommit.us-east-1.amazonaws.com (54.239.20.155)' can't be established.
RSA key fingerprint is SHA256:eLMY1j0DKA4uvDZcl/KgtIayZANwX6t8+8isPtotBoY.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'git-codecommit.us-east- 1.amazonaws.com,54.239.20.155' (RSA) to the list of known hosts.
You have successfully authenticated over SSH. You can use Git to interact with AWS CodeCommit. Interactive shells are not supported.Connection to git-codecommit.us-east-1.amazonaws.com closed by remote host.
Connection to git-codecommit.us-east-1.amazonaws.com closed.
  1. We get the output that says Successfully authenticated over SSH, so now we are ready to clone the repository. We can clone the SSH URL of the repository, which we obtain from the JSON output while creating the repository:
    awsstar@awsstar:~$ git clone ssh://git-codecommit.us-east-    1.amazonaws.com/v1/repos/HelloWorld
Cloning into 'HelloWorld'...
warning: You appear to have cloned an empty repository.
checking connectivity... done
awsstar@awsstar:~$ ls
HelloWorld
awsstar@awsstar:~$
  1. So, we cloned an empty repository; now it's time to put a sample index.html file in the CodeCommit HelloWorld repository:
     awsstar@awsstar:~/HelloWorld$ echo '<h1> Hello World </h1>' >     index.html
awsstar@awsstar:~/HelloWorld$ git add .
awsstar@awsstar:~/HelloWorld$ git commit -m " index.html push "
[master (root-commit) bc76f76] index.html push
1 file changed, 1 insertion(+)
create mode 100644 index.html
root@awsstar:~/HelloWorld# git push origin master
Counting objects: 3, done.
Writing objects: 100% (3/3), 233 bytes | 0 bytes/s, done.
Total 3 (delta 0), reused 0 (delta 0)
To ssh://git-codecommit.us-east- 1.amazonaws.com/v1/repos/HelloWorld
* [new branch] master -> master
  1. In this stage, we successfully pushed our local file into the AWS CodeCommit HelloWorld repository.
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image