In this post, we’ll show how to use the Jenkins pipeline to push artifacts to AWS CodeArtifact.
· Prerequisites
· Overview
∘ What is AWS CodeArtifact?
∘ Why use AWS CodeArtifact?
· Setting Up the AWS CodeArtifact repository
· Project Maven pom.xml
· Jenkins Pipeline Setup
· Let’s try
· Conclusion
· References
Prerequisites
This is the list of all the prerequisites:
- A Spring Boot project with Maven
- Jenkins instance installed with Java 17 and AWS CLI
- GitHub account
- An active AWS account.
Overview
What is AWS CodeArtifact?
AWS CodeArtifact is a secure, highly scalable, managed artifact repository service that helps organizations store and share software packages for application development. You can use CodeArtifact with popular build tools and package managers such as the NuGet CLI, Maven, Gradle, npm, yarn, pip, and twine.
CodeArtifact helps reduce the need for you to manage your own artifact storage system or worry about scaling its infrastructure. There are no limits on the number or total size of the packages that you can store in a CodeArtifact repository.
Why use AWS CodeArtifact?
- Easy to use.
- Integration with other AWS Services.
- Store and share artifacts across accounts.
- Only pay for software packages stored.
- Support for multiple Package Types.
- Working with Amazon VPC endpoints
- AWS Free Usage Tier (CodeArtifact offers free storage of up to 2GB and 100,000 requests per month, ensuring cost savings for smaller projects)
Setting Up the AWS CodeArtifact repository
- Log in to the AWS Management Console and open the AWS CodeArtifact. Then click on the “Create repository” button.
- When creating the repository, add the repository name. Other fields are optional.
- Next, we need to add the repository domain.
- It’s done. We can find all the connection instructions by clicking on the “View connection instructions” button
- Maven Push
- Maven Pull
IAM Permissions
We need to grant access to IAM access keys with AWSCodeArtifactAdminAccess permission to interact with CodeArtifact resources.
Project Maven pom.xml
In the Spring boot project, Add this distribution management configuration to the pom.xml file.
<distributionManagement>
<repository>
<id>boottech-mvn-code-repository</id>
<name>boottech-mvn-code-repository</name>
<url>${env.AWS_ARTIFACT_REPOSITORY_URL}/maven/mvn-code-repository/</url>
</repository>
</distributionManagement>Push the code to GitHub.
Jenkins Pipeline Setup
- Login to Jenkins
- Click New Item on Jenkins home page.
- Add a Branch Source (for example, Git) and enter the location of the repository.
If you have a private repository, you must provide a personal access token in GitHub to use in Jenkins jobs.
The new repository link for Jenkins will look like the following syntax:
- Save the Pipeline project.
The last step is to add the Jenkinsfile to the project root directory. Here is the full content of Jenkinsfile.
#!/usr/bin/env groovy
pipeline {
agent any
environment {
RELEASE_BRANCH = 'main'
}
parameters {
validatingString(
name: 'RELEASE_VERSION',
regex: /^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$/,
failedValidationMessage: 'The version format is not valid',
description: 'The release version to build (format: X.Y.Z)'
)
validatingString(
name: 'DEVELOPMENT_VERSION',
regex: /^(0|[1-9]\d*)\.(0|[1-9]\d*)\.(0|[1-9]\d*)(?:-((?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$/,
failedValidationMessage: 'The version format is not valid',
description: 'The next version that the pom will be set to once the build has been completed. (format : X.Y.Z-SNAPSHOT)'
)
}
options {
timestamps()
disableConcurrentBuilds()
// Timeout counter starts AFTER agent is allocated
timeout(time: 30, unit: 'MINUTES')
// Keep the 10 most recent builds
buildDiscarder(logRotator(numToKeepStr: '10'))
}
stages {
stage('Check existing tag') {
when {
expression {
RELEASE_TAG = sh (script: 'git tag -l $RELEASE_VERSION',returnStdout: true).trim()
return RELEASE_TAG == params.RELEASE_VERSION
}
}
steps {
echo(">> Tag $RELEASE_VERSION already exists")
sh 'git tag -d $RELEASE_VERSION'
}
}
stage("Release setup") {
steps {
echo ">> RELEASE_VERSION: $params.RELEASE_VERSION"
echo ">> Version update"
withMaven(maven: 'MAVEN_ENV') {
sh 'mvn versions:set -DnewVersion=$RELEASE_VERSION -DprocessAllModules -DgenerateBackupPoms=false'
}
echo ">> Commit the modified POM file and tag the release"
sh('''
git config user.name 'aek'
git config user.email 'anicetkeric@outlook.com'
git add :/*pom.xml
git commit -m "Release $RELEASE_VERSION"
git tag -a $RELEASE_VERSION -m "New Tag $RELEASE_VERSION"
''')
echo ">> Release setup successfully"
}
}
stage("Release Build and deploy") {
steps {
// build release version
withMaven(maven: 'MAVEN_ENV') {
sh "mvn clean install -DskipTests=true"
}
echo ">> Publish tag to repository"
configFileProvider([configFile(fileId: '1e855f66-f777-4538-9d9a-782c61054866', variable: 'MyGlobalSettings')]) {
withAWS(credentials: 'AWS_IAM_CREDENTIALS', region: 'us-east-1') {
script {
// generate a new authorization token with the access and secret key
env.CODEARTIFACT_AUTH_TOKEN = sh (script: 'aws codeartifact get-authorization-token --domain boottech --domain-owner $AWS_ACCOUNT_ID --region us-east-2 --query authorizationToken --output text',returnStdout: true).trim()
}
// deploy to codeartifact
withMaven(maven: 'MAVEN_ENV') {
sh "mvn -s $MyGlobalSettings clean deploy -DskipTests=true"
}
}
}
}
}
stage("Adding next version") {
steps {
echo ">> DEVELOPMENT_VERSION: $DEVELOPMENT_VERSION"
withMaven(maven: 'MAVEN_ENV') {
sh "mvn versions:set -DnewVersion=$DEVELOPMENT_VERSION -DprocessAllModules -DgenerateBackupPoms=false"
}
echo ">> Commit the modified POM file and push next version"
withCredentials([gitUsernamePassword(credentialsId: 'GITHUB_TOKEN', gitToolName: 'Default')]) {
sh('''
git add :/*pom.xml
git commit -m "Prepare the next snapshot version : $DEVELOPMENT_VERSION"
git push origin $RELEASE_BRANCH
git push origin refs/tags/$RELEASE_VERSION
''')
}
echo ">> The next snapshot version pushed successfully"
}
}
}
}The pipeline is composed of four (4) main steps which will allow us to create a release and push it to our AWS CodeArtifact repository.
The user enters the release and development versions he wants and then launches the job to create this release.
- Check if there is already a tag in git for this version. if so, we delete it.
- Update the release version in the pom.xml and create the new tag with git
- Build the maven project with the release version and push the artifact to the AWS CodeArtifact repository
- Adding the next version in pom.xml and pushing all commits to GitHub
Let’s try
Build with parameters
Successful build
Successful deployment on AWS CodeArtifact
Well done !!.💪
Now, we can pull this artifact into the local projects.
Conclusion
In this post, we have seen how to build and publish Maven artifacts to AWS CodeArtifact using Jenkins. AWS CodeArtifact can be a good alternative to JFrog Artifactory or Sonatype Nexus if you want to store your online artifacts securely in the cloud.
The complete source code is available on GitHub.
