1

I have two AWS accounts, a shared service AWS Account, and a Development AWS account.

I have pushed my Glue scripts from my local git to my Development Account's codecommit repository, and am able to deploy glue jobs successfully using CodePipeline/CodeBuild.

Now I need to push my code from Development account's reepository to the Sharedservices code commit repository using CodePipeline/Codebuild. I have tried with the following buildspec.yml, but its failing with the error "fatal: repository 'https://git-codecommit.us-east-1.amazonaws.com/v1/repos/crsaccnt_codepush_test/' not found". I am new to codecommit & codebuild and unable to proceed from here.

The git clone in the second line of build section is working and i am able to see the files when I did the ls -lrt in the build section.

Following is my buildspec.yml, I need to use codepipeline since we dont have direct access to sharedservices account, and it has to be done this way.

version: 0.2
env:
  git-credential-helper: yes
phases:
  install:
    commands:
      - pip install git-remote-codecommit
  build:
    commands:
       - env
       - git clone codecommit::us-east-1://dev_ca_codepush_test
       - dt=$(date '+%d-%m-%Y-%H:%M:%S');
       - echo "$dt" 
       - ASSUME_ROLE_ARN="arn:aws:iam::123456789:role/cross-acc-access"
       - TEMP_ROLE=$(aws sts assume-role --role-arn $ASSUME_ROLE_ARN --role-session-name development)
       - export TEMP_ROLE
       - export AWS_ACCESS_KEY_ID=$(echo "${TEMP_ROLE}" | jq -r '.Credentials.AccessKeyId')
       - export AWS_SECRET_ACCESS_KEY=$(echo "${TEMP_ROLE}" | jq -r '.Credentials.SecretAccessKey')
       - export AWS_SESSION_TOKEN=$(echo "${TEMP_ROLE}" | jq -r '.Credentials.SessionToken')
       - echo "$AWS_ACCESS_KEY_ID"
       - echo "$AWS_SESSION_TOKEN"
       - ls -lrt
       - git init --initial-branch=master
       - git config --global init.defaultBranch master
       - git config --global user.email "abc@test.com"
       - git config --global user.name "myname"
       - git remote add target https://git-codecommit.us-east-1.amazonaws.com/v1/repos/crsaccnt_codepush_test
       - git status
       - git add .
       - git commit -m "Cross account gitpush"
       - git push target master

  post_build:
    commands:
       - echo git push completed successfully on `date`

How to perform git push from one AWS Account's code repo to another account's Code repository using CodePipeline/Codebuild, buildspec.yml.

Please help with suggestions/codes.

Yuva
  • 2,831
  • 7
  • 36
  • 60

1 Answers1

0

I assume that you have added necessary CodeCommit permissions in CodeBuild IAM role . If so, you need to configure Git credential helper for AWS. Include credential helper setup commands in buildspec.yml file https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-https-unixes.html#setting-up-https-unixes-credential-helper

Jyothish
  • 1,031
  • 1
  • 9
  • 19