90 Days of DevOps

Building a CI/CD Pipeline with AWS CodeCommit and AWS CodeBuild

Kanav Gathe's photo
Kanav Gathe
·

3 min read

In today's guide, I'll walk you through creating a CI/CD pipeline using AWS native services to deploy a simple HTML website. We'll be focusing on AWS CodeCommit and CodeBuild as the first steps in our pipeline.

Prerequisites

  • AWS Account with appropriate IAM permissions

  • AWS CLI configured locally

  • Basic understanding of Git

  • AWS CodeCommit repository created

Setting Up AWS CodeCommit

First, let's create our repository and set up our initial files:

# Clone your CodeCommit repository
git clone https://git-codecommit.{region}.amazonaws.com/v1/repos/{your-repo-name}
cd {your-repo-name}

Creating the Required Files

We need three key files for our setup:

  1. index.html - Our main webpage

  2. buildspec.yml - Instructions for AWS CodeBuild

  3. nginx.conf - Nginx server configuration

Let's look at each file:

index.html

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>AWS CI/CD Demo</title>
</head>
<body>
    <h1>Welcome to my AWS CI/CD Pipeline Demo!</h1>
    <p>This page was built using AWS CodeBuild.</p>
</body>
</html>

buildspec.yml

version: 0.2

phases:
  pre_build:
    commands:
      - echo Logging in to Amazon ECR...
      - aws ecr get-login-password --region $AWS_DEFAULT_REGION | docker login --username AWS --password-stdin $AWS_ACCOUNT_ID.dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com

  build:
    commands:
      - echo Build started on `date`
      - echo Building the Docker image...
      - docker build -t $IMAGE_REPO_NAME:$IMAGE_TAG .
      - docker tag $IMAGE_REPO_NAME:$IMAGE_TAG $AWS_ACCOUNT_ID.dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com/$IMAGE_REPO_NAME:$IMAGE_TAG

  post_build:
    commands:
      - echo Build completed on `date`
      - echo Pushing the Docker image...
      - docker push $AWS_ACCOUNT_ID.dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com/$IMAGE_REPO_NAME:$IMAGE_TAG

artifacts:
  files:
    - index.html
    - nginx.conf
    - Dockerfile
  discard-paths: yes

Dockerfile

FROM nginx:alpine
COPY index.html /usr/share/nginx/html/
COPY nginx.conf /etc/nginx/conf.d/default.conf
EXPOSE 80

nginx.conf

server {
    listen 80;
    server_name localhost;

    location / {
        root /usr/share/nginx/html;
        index index.html;
    }
}

Setting Up AWS CodeBuild

  1. Create a new build project in AWS CodeBuild:

    • Go to AWS CodeBuild console

    • Click "Create build project"

    • Name your project

    • Select AWS CodeCommit as source

    • Choose your repository and branch

    • For environment, select "Amazon Linux 2" with runtime "Standard"

    • Enable privileged mode for Docker builds

    • Use the buildspec.yml in your repository

  2. Configure IAM Role: Your CodeBuild service role needs permissions for:

    • CodeCommit access

    • ECR access

    • S3 access for artifacts

    • CloudWatch Logs for logging

Pushing Code and Triggering Build

# Add your files
git add .
git commit -m "Initial setup for CI/CD pipeline"
git push origin main

Key Differences from GitHub Actions

  1. Integration:

    • AWS CodeCommit integrates natively with other AWS services

    • No need for external credentials or secrets management

    • Seamless IAM role-based permissions

  2. Security:

    • Everything stays within AWS ecosystem

    • VPC support for builds

    • AWS KMS encryption by default

  3. Scaling:

    • Automatic scaling of build infrastructure

    • No need to manage runners or build agents

    • Pay-per-use pricing model

Best Practices

  1. Always use versioned buildspec files

  2. Implement proper IAM roles with least privilege

  3. Use parameter store for sensitive values

  4. Enable build logs for troubleshooting

  5. Tag resources appropriately

Next Steps

This setup forms the foundation of your AWS CI/CD pipeline. To make it complete, you would:

  1. Add AWS CodeDeploy for deployment

  2. Implement AWS CodePipeline to orchestrate the entire process

  3. Add testing stages

  4. Set up monitoring and notifications

Remember that while this setup might seem more complex than GitHub Actions, it provides deeper integration with AWS services and better security controls for enterprise applications.

Conclusion

AWS CodeCommit and CodeBuild provide a robust foundation for building CI/CD pipelines within the AWS ecosystem. While the initial setup might require more configuration than GitHub Actions, it offers better integration with other AWS services and more granular control over the build process.

The key advantage here is having everything within the AWS ecosystem, which is particularly valuable for organizations already heavily invested in AWS services.

#90daysofdevops#90daysofdevops chanllenge#90daysofdevopschallenge#90daysofdevops #DevOps #ProjectDevelopment #NonITBackground #GitHub #Docker #CloudPlatforms #EC2 #AWS #ElasticBeanstalk #LambdaFunctions #DevOpsPipelines #Terraform #Jenkins #Docker #DevSecOps #SCM #Git #GitLab #BitBucket #BuildTools #Griddle #Maven #Ant #MSBuild #MonitoringTools #Prometheus #Grafana #Ansible #AI #ChatGPT #ValueAddition #RealWorldProblems.Devopsgithub-actionsAWS CODECOMMIT