There are three possible ways in which Gearset can connect to your CodeCommit repository. This document outlines how to create the git repository in Section 1, then how to connect to this repository in Gearset depending on your authentication type in Section 2 (OAuth, HTTPS or SSH).
Section 1. Creating a new CodeCommit repository
Step 1: Navigate to CodeCommit in AWS console
Step 2: Click Create repository
Step 3: Choose a Repository name and click Create
Step 4: In the Clone URL menu, choose Clone HTTPS and save the URL of the repository
Provisioning a user for access to CodeCommit repository from Gearset
Step 1: Navigate to Identity and Access Management (IAM)
Step 2: Click Add User or choose an existing one with programmatic access
Step 3: If you're creating a new user, please mark Access type as Programmatic access
Step 4: On the last step of user creation, copy user's Access key ID and Secret access key - these are only required if you will be connecting via OAuth
Step 5: Navigate to Users menu and click Add inline policy
Step 6: Choose JSON tab
Step 7: You have a choice of two policies. The first policy grants Gearset broad access to your AWS CodeCommit repository, so as Gearset implements new features you won't need to modify this policy. The other policy contains the minimum set of actions that Gearset uses at the time of writing, but this could change as new versions of Gearset are related so you may need to update the policy from time to time
Broad policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"codecommit:Merge*",
"codecommit:Post*",
"codecommit:Update*",
"codecommit:Get*",
"codecommit:Test*",
"codecommit:BatchGet*",
"codecommit:GitPull",
"codecommit:Create*",
"codecommit:Put*",
"codecommit:GitPush",
"codecommit:DeleteBranch",
"codecommit:List*"
],
"Resource": [ "arn:aws:codecommit:$aws_repo_region:$aws_account_number:$aws_codecommit_repository_name"
]
},
{
"Effect": "Allow",
"Action": [
"codecommit:ListRepositories"
],
"Resource": [
"*"
]
}
]
}Policy containing minimum set of rights (correct as of Friday 4th February 2022):
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"codecommit:GetRepository",
"codecommit:GetCommit",
"codecommit:GetBranch",
"codecommit:GitPull",
"codecommit:GitPush",
"codecommit:ListBranches",
"codecommit:CreateBranch",
"codecommit:CreatePullRequest",
"codecommit:CreateCommit",
"codecommit:PutRepositoryTriggers",
"codecommit:TestRepositoryTriggers"
],
"Resource": [
"arn:aws:codecommit:$aws_repo_region:$aws_account_number:$aws_codecommit_repository_name"
]
},
{
"Effect": "Allow",
"Action": [
"codecommit:ListRepositories"
],
"Resource": [
"*"
]
}
]
}
In those examples you need to replace the following values:
$aws_repo_region - region where AWS CodeCommit repository created
$aws_account_number - AWS account identifier number
$aws_codecommit_repository_name - name of AWS CodeCommit repository
Step 8: Click Review policy
Step 9: Name the policy and click Create policy
Section 2a - Integrate CodeCommit into Gearset via OAuth
(Note: if you need to add the repository as a Custom git repository, jump to the "Integrate CodeCommit into Gearset as a custom git repository" sections below.)
Step 1: Go to Source control and services in the Gearset app
Step 2: Click on + Connect to AWS CodeCommit
Step 3: In the connection modal, paste all values from previous steps, ensuring that in the Url field you paste the complete link to your git repository. Make sure that this is the repository Url and not the page address from your web browser.
Step 4: Press Test connection, and it should become Connection succeeded
Step 5: Press Connect - you should now see your CodeCommit connection listed in Source control and services
Section 2b - Integrate CodeCommit into Gearset as a custom git repository via HTTPS
Step 1: Go to Source control and services in the Gearset app
Step 2: Select ADD NEW CUSTOM GIT REPOSITORY...
Step 3: In the Add new linked Git repository modal, enter the required information
Usernameandpasswordneed to be generated in AWS. Open theIdentity and Access Management (IAM)console, selectUsers, select the user that was selected for step 2 of "Provisioning a user for access to CodeCommit repository from Gearset", select theSecurity credentialstab and scroll toHTTPS Git credentials for AWS CodeCommitthen selectGenerate credentials. Copy these into GearsetFor
Repo URLin the AWS code commit console, selectRepositories, you'll then be able to copy the repo URL - ensure you copy the HTTPS URL
Step 4: Select Test connection, and you should then see this change to show that the connection has succeeded
Step 5: Select Add repository and your new repository will then be listed as a Custom git repository
Section 2c - Integrate CodeCommit into Gearset as a custom git repository via SSH
Step 1: Go to Source control and services in the Gearset app
Step 2: Select ADD NEW CUSTOM GIT REPOSITORY...
Step 3: Select the SSH radio button and copy the Public key
Step 4: In AWS open the Identity and Access Management (IAM) console, select Users, select the user that was selected for step 2 of "Provisioning a user for access to CodeCommit repository from Gearset", then select the Security credentials tab, scroll to SSH keys for AWS CodeCommit and select Upload SSH public key; now paste the Public key copied in step 3 from Gearset and press enter
Step 5: In the SSH keys for AWS CodeCommit table, find the SSH key ID that was created and copy down the 20 character ID
Step 6: In AWS go to CodeCommit, select the git repository you are connecting to, and then clone the SSH URL
Step 7: In Gearset, in the Add new linked Git repository modal paste the repo address that was cloned in CodeCommit. Then make the following changes:
¹ssh_keyID@git-codecommit.²us-region.amazonaws.com³:/v1/repos/your_git_repo
¹ Enter the 20 character SSH ID copied in step 5
² The region stated in your SSH repo URL
³ A colon needs to be added after .com in the URL
Step 8: Select Test Connection; if successful, the box will change colour to green
Step 9: Select Add repository. The new connection will then be listed as a Custom git repository