AWS CodeCommit | DevOps With AWS Part 1

DevOps enable us Code, Build & Deliver product more rapidly & reliably, AWS enables us to do DevOps at any scale ??

Back to The Basic Question: What is DevOps?

"DevOps is the combination of cultural philosophies, practices, and tools that increases an organization’s ability to deliver applications and services at high velocity: evolving and improving products at a faster pace than organizations using traditional software development and infrastructure management processes. This speed enables organizations to better serve their customers and compete more effectively in the market."

AWS provides Services & Tools that make manual tasks automatic, helps Manage Code, Make Builds, Test and Deploy at a massive scale, monitor applications as well as infra with highly configurable security for each service.

Today in this article we will discuss AWS CodeCommit. but before that we need to know about Source Control and Git:

What is Source Control?

Source control (or version control) is the practice of tracking and managing changes to code. Source control management (SCM) systems provide a running history of code development and help to resolve conflicts when merging contributions from multiple sources.

What is Git?

Git is an open-source distributed source code management system. Git allows you to create a copy of your repository known as a branch. Using this branch, you can then work on your code independently from the stable version of your codebase. Once you are ready with your changes, you can store them as a set of differences, known as a commit. You can pull in commits from other contributors to your repository, push your commits to others, and merge your commits back into the main version of the repository.

What is AWS CodeCommit?

AWS CodeCommit is a highly scalable, managed source control service that hosts private Git repositories. You simply create a repository to store your code. There is no hardware to provision and scale or software to install, configure, and operate. CodeCommit helps you collaborate on code with pull requests, branching and merging. You can implement workflows that include code reviews and feedback by default, and control who can make changes to specific branches. You can use CodeCommit to securely store anything from source code to binaries, and it works seamlessly with your existing Git tools.

AWS CodeCommit Benefits:

Fully managed

AWS CodeCommit eliminates the need to host, maintain, back up, and scale your own source control servers. The service automatically scales to meet the growing needs of your project.

Secure

AWS CodeCommit automatically encrypts your files in transit and at rest. CodeCommit is integrated with AWS Identity and Access Management (IAM) allowing you to customize user-specific access to your repositories.

High availability

AWS CodeCommit has a highly scalable, redundant, and durable architecture. The service is designed to keep your repositories highly available and accessible.

Collaborate on code

AWS CodeCommit helps you collaborate on code with teammates via pull requests, branching and merging. You can implement workflows that include code reviews and feedback by default, and control who can make changes to specific branches.

Faster development lifecycle

AWS CodeCommit keeps your repositories close to your build, staging, and production environments in the AWS cloud. You can transfer incremental changes instead of the entire application. This allows you to increase the speed and frequency of your development lifecycle.

Use your existing tools

AWS CodeCommit supports all Git commands and works with your existing Git tools. You can keep using your preferred development environment plugins, continuous integration/continuous delivery systems, and graphical clients with CodeCommit.

AWS Code Commit Pricing:

First 5 active users*$0.00

Receives:

• Unlimited repositories
• 50 GB-month of storage
• 10,000 Git requests/month

Additional users i.e. 6th user onwards:

$1.00 per month per new user

Receives:

• Unlimited repositories
• 10 GB-month of storage per active user
• 2,000 Git requests/month per active user

Additional cost:

• $0.06 per GB-month
• $0.001 per Git request

Getting Started With AWS CodeCommit:

Create New Repository:

Go to the CodeCommit Service page:

https://us-west-2.console.aws.amazon.com/codesuite/codecommit/repositories?region=us-west-2

Click on: "Create Repository" and enter Repository Name and Description. then Click on "Create"

If you are logged in with the root user, you will see a warning:

"You are signed in using a root account. You cannot configure SSH connections for a root account, and HTTPS connections for a root account are not recommended. Consider signing in as an IAM user and then setting up your connection."

It's suggested and also best practice to have separate IAM user for CodeCommit access, so accordingly create a new IAM user and after creating the user click on the IAM username and in the details screen click on: "Security Credentials" tab, scroll down a bit and you will see: "HTTPS Git credentials for AWS CodeCommit", Click on "Generate Credentials" and after credentials get generated, either copy or download the credentials and store in a safe place, and it should not be public.

With The newly generated credentials, you can start working with the new repo.

First Clone The repo in local: (Before running git related commands, make sure git installed in the system)

git clone origin https://git-codecommit.us-west-2.amazonaws.com/v1/repos/repo_name_here

and rest is the same flow as normal git. (In the above-provided video, normal git-flow has shown, feel free to follow the same )

Usual Git Commands:

Create New Bucket: Git Checkout -b branch_name

Switching to any branch: git checkout branch_name

Fetch all remote branches: git fetch

and there are more commands hence I am attaching 3 famous git cheat sheet here:

GitHub Cheatsheet:

Atlassian Cheatsheet:

Linux Academy AWS CodeCommit Cheatsheet:

Secure Your Master (or any important ) Branch:

Usually, the master branch holds production codes and must not push any untested or unstable codes, and to prevent that we can restrict the branch.

This article started how to prevent master or any bucket push:

https://docs.aws.amazon.com/codecommit/latest/userguide/how-to-conditional-branch.html

In the provided video demo there is the example shown, follow the same to implement for your repo, the IAM policy as follows:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Deny",
            "Action": [
                "codecommit:GitPush",
                "codecommit:DeleteBranch",
                "codecommit:PutFile",
                "codecommit:MergeBranchesByFastForward",
                "codecommit:MergeBranchesBySquash",
                "codecommit:MergeBranchesByThreeWay",
                "codecommit:MergePullRequestByFastForward",
                "codecommit:MergePullRequestBySquash",
                "codecommit:MergePullRequestByThreeWay"
            ],
            "Resource": "arn:aws:codecommit:*:*:*",
            "Condition": {
                "StringEqualsIfExists": {
                    "codecommit:References": [
                        "refs/heads/master"                     ]
                },
                "Null": {
                    "codecommit:References": false
                }
            }
        }
    ]
}

I hope all this knowledge in this article, you are going to apply in your current and future projects and manage code more efficiently ??

References: AWS Official Site Documentation

About the Author:

Sandip Das works as a Sr. Cloud Solutions Architect & DevOps Engineer for multiple tech product companies/start-ups, have AWS DevOps Engineer Professional certification, also holding the title of "AWS Container Hero",

He is always in "keep on learning" mode, enjoys sharing knowledge with others, and currently holds 5 AWS Certifications. Sandip finds blogging as a great way to share knowledge: he writes articles on Linkedin about Cloud, DevOps, Programming, and more. He also creates video tutorials on his YouTube channel.

"