I'm trying to create an app with the new AWS Amplify Console.
As repository service I'm using GitLab.
If my repository is in a Gitlab subgroup the app creation failed with status:
Create app failed
The repository url is not valid.
I tried any other combination with public groups, private groups, protected or not. As long as you do not use a subgroup in GitLab everything worked fine.
I want to use subgroups in GitLab to structure many client projects.
Is this a known issue or does anyone know how to use GitLab subgroup with AWS Amplify Console?
For those who've ended up here, the Amplify Console supports GitLab subgroups.
Related
I'm using CodePipeline for my CI/CD process. Currently migrating from CodeCommit to a private GitHub repo, I want to keep automating my tag and release process.
The issue is that I'd need a personal token to do so. However, that being said, we do use CodeStar connection for the same repo. Now my question is, is it possible to extract the token provided in the connection for CodeBuild?
TIA
I have gone through the documents and couldn't find a solution for this..
I have two accounts dev and prod. my amplify app exist in dev but code-commit exist prod. Is there any way to connect them?
I have configured assume-role and have also tried using temporary credentials in a different profile and connecting it with:
aws amplify create-app --name app-name-in-dev --repository repo-in-prod
aws amplify create-app --name app-name-in-dev --repository repo-in-prod --iam-service-role-arn arn:aws:sts::prod:assumed-role/CrossAccountRepositoryContributorRole/cross-account
The problem remains the same. It seems impossible to connect amplify with code-commit until, repository and amplify-app exist in the same account.
Is there anyway to achieve this or is it really not configurable?
references:
https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html
https://docs.aws.amazon.com/cli/latest/reference/sts/assume-role.html
https://forums.aws.amazon.com/thread.jspa?threadID=300224
Incase Anyone comes looking for same:
After creating a ticket with AWS, I have received back a response that it is not currently possible as Amplify is still a newer service and only allow repository from same account.
I have tried setting this up at my end and observed the same. I was able to connect to the repositories only in the same account. I did further research on this and could confirm that currently, we cannot integrated with a cross account CodeCommit repository for Amplify applications.
With AWS CodeBuild you define GitHub as the source. If your repo is private, you can pass a personal token. I've built a CodeBuild process and confirmed this worked.
What I'd like to do is not use a personal token, instead use a GitHub Deploy Key to authenticate to the private repo. I've setup the Deploy Key in GitHub. How do I configure this either in the AWS CodeBuild Console or in the YAML script?
CodeBuild doesn't natively support deploy keys. It is on our product backlog and is a feature that we will likely support in a future release.
In order to use your existing deploy key in CodeBuild, please follow the instruction that Adrian has highlighted in https://adrianhesketh.com/2018/05/02/go-private-repositories-and-aws-codebuild/. You will need to setup the key in parameter-store and use that in your buildspec.
You can use the source type as "no_source", since you would be doing the source cloning with the deploy key in this case.
For those struggling using your SSH Keys in CodeBuild, you can use AWS' System Manager Service.
Simply put, can store your key in the Parameter Store and use that in your buildspec.yml
You can refer to this tutorial for a detailed implementation: https://medium.com/#cristiano.ventura/working-with-git-submodules-in-codepipeline-83e843e5d0a
It works for my case. Bitbucket webhook integration with private repo deps in the package.json
Best of luck y'all!
I have a repository in a [company hosted] GitHub enterprise site that I need to integrate within a CI/CD pipeline in AWS using the CodePipeline service. The CodePipeline service then will connect with a Jenkins Service running in an EC2 instance. I am following this AWS documentation to do this.
Note that this is an enterprise GitHub repo and not hosted on GitHub.com.
I am unable to connect to the GitHub Enterprise site in the "Create a pipeline" wizard. Selecting GitHub as a source only lets me connect to GitHub.com, and not to my organization's enterprise site.
How do I connect to the enterprise GitHub site so that I can add the repo as a source for my codepipeline?
UPDATE: An integration was finally released for github enterprise to work with AWS Codepipeline. Please see this answer by Pedreiro
As Sid Malani said in the comments, there's no straightforward or direct way to use a privately hosted GitHub Enterprise Repository in AWS CodePipeline.
One way would be to use CodeBuild, which allows to add custom github repositories which can then be used in CodePipeline. This, however, should only be considered as a stop-gap solution.
Thank you Sid Malani for the alternative strategy
I doubt AWS will ship this feature anytime soon (hopefully I eat my words) since the workaround is well-documented and works fine. The gist of it can be found here, which I'll summarize as follows:
Create a CodeBuild project (which can take GitHub Enterprise as a source) which essentially just listens to a push event (webhook) of your development or master branch and outputs a .zip file of the source-code into an S3 bucket.
Use the S3 bucket as the source of your CodePipeline.
The official integration was finally released.
https://aws.amazon.com/about-aws/whats-new/2020/09/aws-codepipeline-supports-github-enterprise-server
Here is the documentation:
https://docs.aws.amazon.com/codepipeline/latest/userguide/connections-ghes.html
There is a way to integrate 3rd party Git repos with AWS CodePipeline. AWS suggested the following process. It used S3 buckets and API Gateways and Lambdas to connected Github enterprise repos to CodePipeline. It's not ideal but it can work.
Unofficial: I've heard CodePipeline support for Github Enterprise will be out second half of 2019.
I recently converted a private GitHub account to an Organization and that seems to have totally screwed up my authentication with AWS Code Deploy on every one of my repositories.
I checked the Webhooks & services for AWS Code Deploy and my keys are set properly.
I also re-authenticated with GitHub when creating a new deployment.
My AIM permissions have not changed and pass the GitHub Test
But, I receive the following message every time I try to deploy...
Could not download bundle at 'https://api.github.com/repos/artofdev/django/tarball/1ec682b03d3f160d401d0aaf565a66d99f28734e' after 3 retries. Server returned codes: 404 'Not Found'; 404 'Not Found'; 404 'Not Found'; 404 'Not Found'.
[EDIT]: I setup a test repo and code deploy application on a personal github account and was able to deploy successfully. Does AWS Code Deploy work with Organization repos?
There is one more step authorization you need to do if you want to deploy from a private repo controlled by organization.
CodeDeploy just updated with a doc section here: http://docs.aws.amazon.com/codedeploy/latest/userguide/github-integ.html#github-integ-behaviors-org-repositories
Have you retried authenticating CodeDeploy with your new GitHub organization? It is likely that by changing your configuration on GitHub's side your previous authentications were invalidated.
To re-authenticate, you need to create a new deployment from the web console.
You won't need to fully finish creating the deployment, but before you get to the final step, you should see a "Reconnect to GitHub" link.
See GitHub Authentication with Applications in AWS CodeDeploy
I faced an exactly same issue. Resolution worked for me was:
Delete the application
Create new application and deployment
Re-authenticate with GitHub
Authorize codedeploy to access GitHub
Deploy
Here without deleting an application, it was not providing a way to re-authorize codedeploy to GitHub and that's the root cause of this issue.
for working your CI integration correctly, Go to -- You profile -->setting --> Application --> Authorize OAuth app should list codedeploy.