By using AWS re:Post, you agree to the Terms of Use
/AWS CodeCommit/

Questions tagged with AWS CodeCommit

Sort by most recent
  • 1
  • 90 / page

Browse through the questions and answers listed below or filter and sort to narrow down your results.

Pull requests wrongly marked as "Merged"?

We like to create pull requests early for new branches, meaning the developer who makes the branch will immediately create one or more pull requests to signal the intended destination branch(es) (for example both "dev" and "main" for hot-fixes). While the task is in progress, the related, pending pull request(s) are marked with status "Open" But sometimes a pull request changes status to "Merged" even before the developer has had time to push any changes. However, when we click on the "Changes" tab, we see that nothing has actually been merged, and instead there is a message saying: > Differences between the source branch and the destination branch cannot be displayed for this pull request. The branch specified as the destination branch includes all the changes in the branch specified as the source branch as well as additional changes. You might have mixed up which branch should be the source, and which branch should be the destination. We suspect this happens when another pull request is being merged, and that this triggers some kind of global check of all pull requests in the repo, to see if there is a diff, and if a pull request has no diff, AWS CodeCommit "helps" us clean up our "obsolete" PRs. However, to us this is just counter-productive and confusing: Pull requests that nobody has merged are marked as merged, when the exact opposite is true. Had there been at least another status, like "Nothing to merge", then it would have been less mysterious, but still very counter-productive: Whenever this happens, we need to click on the "Changes" tab to make sure that this is actually a "Nothing to merge" status, and create a NEW pull request for anything that has been pushed to the branch after this unwanted "clean up". Question: Is there a way to avoid early pull requests from being updated automatically like this, so that it will be entirely up to the developers to decide when a pull request should be marked as merged (i.e. have it marked as merged when it is actually merged, and only then)? Thanks, and best regards, wab
0
answers
0
votes
7
views
asked 17 days ago

Import an existing CodeCommit repo to a stack in the cdk app

Hi all, I'm new to cdk app programing, and trying to build a stack that import my existing codecommit repo to a codebuild project as the build source, build a docker image and push it to an ECR private repo. My Questions are: 1. ~~When I casted `cdk synth`, I encountered a `TypeError` saying `Cannot read properties of undefined (reading 'repositoryArn')` at the line of `new FFimgBuildStack()`. Does it mean that the `Repository.fromRepositoryArn()` get nothing by reading the ARN I offered, or I offered an invalid ARN? What is the proper way to import an existing codecommit repo?~~ 2. When we share a resource between stacks or import an existing resource to a stack, do we have to grant the permissions manually for those stacks that consumes the resources, or the cdk app will take care of it? The following is my source code: ```javascript import { App } from "aws-cdk-lib" import { BuildSpec, Project, Source, Cache, LocalCacheMode, LinuxBuildImage } from "aws-cdk-lib/aws-codebuild" import { Repository } from "aws-cdk-lib/aws-codecommit" export class FFimgBuildStack extends Stack { constructor(scope, id, props) { super(scope, id, props) // importing the existing git repo from codecommit const gitRepo = Repository.fromRepositoryArn( this, "project-git-repo-by-arn", "arn:aws:codecommit:my-region:1234567890:my-repo-name" ) // init codebuild project new Project(this, "codec-image-build-project", { source: Source.codeCommit({ gitRepo }), buildSpec: BuildSpec.fromSourceFilename("buildspec.yml"), cache: Cache.local(LocalCacheMode.DOCKER_LAYER), environment: { buildImage: LinuxBuildImage.STANDARD_5_0, privileged: true } }) } } const app = new App() const stackEnv = { account: process.env.CDK_DEFAULT_ACCOUNT, region: process.env.CDK_DEFAULT_REGION } new FFimgBuildStack(app, "ffmpeg-image-build-stack", { description: "The FFmpeg env image build.", env: stackEnv, }) ``` Thank you!
1
answers
0
votes
17
views
asked a month ago

CodeCommit Git Windows fatal: Failed to write item to store [0x6c6]

Is there a solution for the *fatal* message *0x6c6* that shows up in git-bash for Windows? It's annoying since it appears that operations continue normally other than the "fatal" part. My coworkers using Windows experience the same problem. I've included the full error along with the *GIT_TRACE=1* info. 09:45:39.933420 run-command.c:654 trace: run_command: 'git credential-manager-core store' 09:45:40.042896 exec-cmd.c:237 trace: resolved executable dir: C:/Users/xxxxxxxx/AppData/Local/Programs/Git/mingw64/libexec/git-core 09:45:40.042896 git.c:748 trace: exec: git-credential-manager-core store 09:45:40.042896 run-command.c:654 trace: run_command: git-credential-manager-core store fatal: Failed to write item to store. [0x6c6] fatal: The array bounds are invalid This is a newly setup Win10 Pro system. I'm using the following: git 2.36.1, Python 3.10.4, git-remote-codecommit 1.16, and we use a non AWS identity provider for SSO. $ aws --version aws-cli/2.6.3 Python/3.9.11 Windows/10 exe/AMD64 prompt/off Here's ~/.gitconfig on the affected system. [credential "url pointing to aws codecommit"] provider = generic [protocol "codecommit"] allow = always Here's part of the repo .git/config [core] repositoryformatversion = 0 filemode = false bare = false logallrefupdates = true symlinks = false ignorecase = true [submodule] active = . [remote "origin"] url = codecommit::region://repo-name fetch = +refs/heads/*:refs/remotes/origin/* [branch "master"] remote = origin merge = refs/heads/master Linux systems don't have this problem.
1
answers
0
votes
223
views
asked a month ago

CDK Stck Failed to publish one or more assets Access Denied

Hi All, In My BuildProject/BuildSpec (in my STG Account), I run this command : - cdk deploy --require-approval never it gives me this error : ``` myStack: deploying... [0%] start: Publishing e988sdsf934da0d45effe675sdscb946f3e1sds68:current [0%] check: Check s3://cdk-hnb65dds-assets-xxxxxxxx-cregion/assets/e9882ab1236873df4sdfeffe67sdfc8ce13bsdff3e1d6sdf8d68.zip Call failed: listObjectsV2({"Bucket":"cdk-hnsd59fds-assets-xxxxxxxx-region","Prefix":"assets/e98ssdfsd87dsffsdffdsfcc8sdsdfdd6141fsdd68.zip","MaxKeys":1}) => Access Denied (code=AccessDenied) [33%] fail: Access Denied [33%] start: Publishing c24b999656e4fe6c609c31dfadffbcdfdfc2c86df:current [33%] check: Check s3://cdk-hnb659fds-assets-xxxxxxxx-cregion/assets/c24b999656e4fe6c609c31dfadffbcdfdfc2c86df.zip Call failed: listObjectsV2({"Bucket":"cdk-hnb659fds-assets-xxxxxxxx-cregion","Prefix":"assets/c24b999656e4fe6c609c31dfadffbcdfdfc2c86df.zip","MaxKeys":1}) => Access Denied (code=AccessDenied) [66%] fail: Access Denied [66%] start: Publishing werer56e4fe6c609c3ewrd17a4d9c3afwr6b8c2wer:current [66%] check: Check s3://cdk-hnb659fds-assets-xxxxxxxx-cregion/assets/werer56e4fe6c609c3ewrd17a4d9c3afwr6b8c2wer.zip Call failed: listObjectsV2({"Bucket":"cdk-hnb659fds-assets-xxxxxxxx-cregion","Prefix":"assets/werer56e4fe6c609c3ewrd17a4d9c3afwr6b8c2wer.zip","MaxKeys":1}) => Access Denied (code=AccessDenied) [100%] fail: Access Denied ❌ myStack failed: Error: Failed to publish one or more assets. See the error messages above for more information. at publishAssets (/usr/local/lib/node_modules/aws-cdk/lib/util/asset-publishing.ts:27:11) ``` How can I give CDK stack running from BuildSpec permission to publish assets? I already added this policy to my codeBuild service role, but still same issue : ``` { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:GetObject*", "s3:PutObject", "s3:PutObjectAcl", "s3:getBucketLocation" ], "Resource": [ "arn:aws:s3:::cdk*" ] } ] } ``` also had this error : ``` ser: arn:aws:sts::xxxxxx:assumed-role/codebuild-mybp-service-role/AWSCodeBuild-d1acsd11-4sad7-9sada6834ffsadbs is not authorized to perform: lambda:InvokeFunction on resource: arn:aws:lambda:region:xxxxxxxx:function:myStack-CustomCDKBucketDeployment-l5dzxcszxA7assa because no identity-based policy allows the lambda:InvokeFunction action (Service: AWSLambda; Status Code: 403; Error Code: AccessDeniedException; Request ID: eedf2-03dfdf3-4ddsfd7-bfdg7-2dfsdff5c2dfgd0; Proxy: null) ``` not sure which lamda he wants to invoke here and why? what are the right permissions for this Thank you!!
2
answers
0
votes
236
views
asked 4 months ago

Codedeploy to server farm - high level understanding and confirmation

Morning all, I want to confirm I am on the right track and just logically trying to put things in order. I have a group of servers that are quite static (no need for autoscaling). It's a java app, and Beanstalk doesn't support the app. So right now the developer is going to each server via custom ports to undeploy and deploy new apps. The farm has grown and its time consuming. Some of the reading is a bit confusing, so for a quick high level, I had these questions/help items. Using the left side nav from codecommit, **Under Source** - its always just one file (a .war file). so regardless, I believe I will need to use either GIT/CodeCommit and can't just have the developer upload a file to an S3 bucket right? That would enable the version control, revert, etc. **Under Deploy** - Applications - I have created the application, service role, type and configuration (by key/value). Also have the enable load balancing checked with a test group (one server right now). I don't think I really need to worry about the artifacts or the build, all I want is for the developer to finish his WAR file, commit. So not sure what is the magic that after I he commits, it takes that code, then push's to the servers. The agent is installed and just not sure if I need a pipeline setup, or there is something between the deploy and the agent and a simple answer here may prove much faster than other resources. So thank you again for the feedback and/or suggestions if there is a better way but think once setup this really is quite simple.
2
answers
0
votes
164
views
asked 5 months ago

How to perform CodePipeline ECS deployment based on Git tag

Hi fellow AWS humans, I am running an ECS application that is automatically built and deployed using CodeCommit, CodePipeline, and ECR. The infratructure is managed with Terraform. My setup is fairly comparable to this tutorial here: https://devops-ecs-fargate.workshop.aws/en/1-introduction.html The current ci/cd workflow is as follows: 1. Git push to CodeCommit repo main branch 2. CodePipeline builds a container Image and pushes it to the ECR registry 3. Deploy the most recently built container to ECS and update the service This is fine for very simple setups and I'm ok doing trunk based development (which, according to this blog post, is the suggested way when working with CodePipeline: https://aws.amazon.com/blogs/devops/multi-branch-codepipeline-strategy-with-event-driven-architecture/). However, **I don't want the most recent build to be pushed *straight to production***. What I' like to achieve is a 2-step ci/cd process (2 pipelines, 2 separate target environments): 1. Git push to CodeCommit repo main branch 2. CodePipeline builds a container Image and pushes it to the ECR registry 3. The most recently built container is deployed in the ECS **dev environment** 4. Tagging a specific commit (using **git tag**) will trigger a separate CodePipeline 5. The pipeline triggered in step 4 deploys the associated container to the **production environment** It seems that the only way to use CodePipeline's built-in features for deployment is by specifying a fixed branch name from which all vcs commits will trigger a new build/deployment - I see no way of specifying a git tag (and no way of specifying any wildcards either). This blog post (https://aws.amazon.com/blogs/devops/adding-custom-logic-to-aws-codepipeline-with-aws-lambda-and-amazon-cloudwatch-events/) suggests that there are ways to circumvent this shortcoming by using a Lambda and CloudWatch Events. My questions are: - is there any way to achieve the illustrated ci/cd setup with AWS CodePipeline? - if it is possible: What would be a best practice to implement this? Thanks for any pointers and your help! Kind regards and big thanks, Maik
2
answers
0
votes
341
views
asked 6 months ago
  • 1
  • 90 / page