Integrating AWS CodeCommit with Bitrise

This guide was originally shared at https://github.com/dmarklein/AWSCodeCommitBitrise, we just updated it, added some notes & did some formatting here

If you store your source code on AWS CodeCommit, and you want to start using the bitrise.io CI platform, this setup can seem daunting (and even impossible). Connecting an AWS CodeCommit repository is probably the most complicated part of using Bitrise, but it’s not hard to do, and once it’s done, CodeCommit behaves just about like any other popular hosted source control service.

Setting up/Connecting a Repository

Here’s how to connect a repo:

  1. Generate an SSH key pair, in RSA format, with an empty passphrase, by following this guide.
  2. Create an IAM user specifically for Bitrise CodeCommit access (make sure it has the proper CodeCommit permissions), and register the generated SSH key for this IAM user - related AWS documentation.
  3. Start the Add an App process on bitrise.io, and under “Connect your repository” select “Own/Manual”.
  4. Input the SSH URL to your repo in the form of ssh://SSH_KEY_ID@REPO_URL.
    • Here, SSH_KEY_ID is the ID of the key you attached the IAM user we mentioned earlier
    • And REPO_URL is the SSH clone URL of your repository (minus the ssh:// prefix).
  5. Next, in the Setup repository access section select the Add Own SSH mode and paste in the SSH private key from before (you did save that somewhere safe, didn’t you?).
  6. Now Bitrise will validate your repo, and you should be good to go!

Note: if you have multiple repositories to connect to Bitrise, you can use the same keypair for all of them, if you wish, just make sure to save the generated SSH keypair somewhere safe!

Triggering a build on push

One of the downsides to using AWS CodeCommit is that it does not provide a native webhook mechanism like what you get with GitHub or other popular hosted source control providers.

On the other hand, given that CodeCommit is part of the AWS ecosystem, we have an arsenal of handy tools and services that can be combined to implement just about any functionality we desire around our repositories.

Thus, at TicketBiscuit we have come up with a simple mechanism that gives us basic webhook functionality – and thus allows us to trigger Bitrise builds automatically on a push to one of our mobile app repositories.

The three key parts of this mechanism are the CodeCommit repo, a Lambda function (written in Python), and the Bitrise Build Trigger API.

The mechanism works as follows:

  • We have written an AWS Lambda function that, when triggered by a CodeCommit event, parses the event and converts it into the form of a GitHub webhook push event – this is something the Bitrise API can easily digest (the code for this function can be found here) .
  • The CodeCommit trigger is also responsible for passing the correct app slug and API token to the Lambda function – this way the Lambda function is sure to trigger the right build.
    • This is passed via the CustomData of the trigger, in the format “{APP_SLUG}:{API_TOKEN}” – these values come from the Code tab of your build job in Bitrise.
  • As you could guess, once the parsing is done, the Lambda function POSTs the resultant JSON to the proper Bitrise endpoint, and our mobile app build is off and running.

Gotchas:

  • As with anything within the AWS ecosystem, permissions and policies are important. Not only does your Lambda function need permission to access each CodeCommit repo you want to integrate, each of the CodeCommit repo’s needs permission to trigger the Lambda function.
  • You probably want to read this doc thoroughly before trying to implement this in your own system.
1 Like