Mirror GitHub repository to AWS CodeCommit using GitHub Actions — Atul Anand
GitHub and AWS CodeCommit are two prominent platforms for hosting Git repositories. And, there are numerous situations where mirroring a GitHub repository to AWS CodeCommit becomes essential, particularly for businesses relying on AWS cloud services, like ensuring robust code backup, maintaining build and delivery pipelines, collaborating with AWS CodeCommit users, or leveraging AWS services.
This hands-on blog will guide you through the process of mirroring a GitHub Repository to an AWS CodeCommit Repository. It will allow us to keep our CodeCommit repository up-to-date with changes made in our GitHub repository, enabling a synchronized and streamlined development process.
Let’s achieve this using a powerful automation feature provided by GitHub, called GitHub Actions, in simple 5 Steps!
For reference, view source code on GitHub.
Step 1: Prepare Repositories in GitHub and AWS CodeCommit
Create a GitHub repository in your GitHub account
- For demo purposes, I have created a GitHub repository “mirror-code-source-repo”.
Create a CodeCommit repository in your AWS Account
- Similarly, I have created a CodeCommit repository “mirror-code-destination-repo”, where we want the GitHub repository to be mirrored.
Step 2: Set Up AWS Credentials & GitHub Secrets
Create an IAM User with CodeCommit Access
You can also use your own user. But here, we are trying to follow the least privilege principle. So, it would be better to create a separate user with only CodeCommit permissions.
- Create a User with the name
codecommit-user
by going to IAM > Users > Create user.
- Attach
AWSCodeCommitPowerUser
policy directly to the user.
- Review and Create the User.
Create an SSH Key
- Create a key pair
publickey.crt
andprivatekey.pem
in a terminal (bash) locally by running the following commands:
$ openssl genrsa -out privatekey.pem 2048
$ openssl rsa -in privatekey.pem -pubout -out publickey.crt
Note: Make sure
openssl
is installed.
Upload the SSH Public Key for CodeCommit to AWS
- On your AWS Console, go to IAM > Users > codecommit-user > Security Credentials
- Then, go to the section “SSH public keys for AWS CodeCommit” and click on “Upload SSH public key”.
- Copy and Paste the content of the file
publickey.crt
(which we created in the previous sub-step) in the console, and upload it.
- Make a note of the “SSH Key ID”, as we need it to save as a secret in the GitHub repository.
Create Secrets in the GitHub Repository
- In the GitHub repository, go to Settings > Secrets and variables > Actions > New repository secret
- Create 2 Secrets in the repository:
Key | Value
-----------------------------------------------------------
CODECOMMIT_SSH_PRIVATE_KEY | privatekey.pem (RSA Private Key Content)
CODECOMMIT_SSH_PRIVATE_KEY_ID | APKXXXXXXXXXXXXXXVKJ (SSH Key ID, created in the previous step)
Step 3: Configure GitHub Actions Workflow
Create a Workflow configuration
Create a new file called .github/workflows/mirror-to-codecommit.yml
in the GitHub repository and add the following configuration:
name: Mirror GitHub To CodeCommit
on: [push]
jobs:
mirror_to_codecommit:
runs-on: ubuntu-latest
steps:
- name: Checkout Code
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Mirror to CodeCommit
uses: pixta-dev/repository-mirroring-action@v1
with:
target_repo_url: <AWS_CodeCommit_Repository_SSH_URL>
ssh_private_key: ${{ secrets.CODECOMMIT_SSH_PRIVATE_KEY }}
ssh_username: ${{ secrets.CODECOMMIT_SSH_PRIVATE_KEY_ID }}
Replace <AWS_CodeCommit_Repository_SSH_URL>
with the SSH URL from the CodeCommit repository.
You can get it from the CodeCommit repository (mirror-code-destination-repo) > Clone URL > Clone SSH
Example:
...
with:
target_repo_url: ssh://git-codecommit.ap-northeast-1.amazonaws.com/v1/repos/mirror-code-destination-repo
...
Step 4: Push changes to the GitHub Repository
Commit and push the .github/workflows/mirror-to-codecommit.yml
file to the GitHub repository using the following commands:
$ git status
$ git add .
$ git commit -m 'Added workflow to mirror to CodeCommit'
$ git push origin main
As you can see the push is successful to the GitHub repository. GitHub Actions will automatically run the workflow every time there is a push event on the repository.
Step 5: Verify Mirroring
Check the “Actions” tab of the repository to verify that the workflow was triggered and the workflow run was successful.
Also, check the CodeCommit repository to verify that changes from the GitHub repository are mirrored accurately. You should see the same branches, commits, and files in both repositories.
Voila! You have successfully set up GitHub Actions to mirror the GitHub repository to AWS CodeCommit.
For reference, view source code on GitHub, and the Github Action which we used.
This automation workflow will ensure that the CodeCommit repository is always synchronized with the GitHub repository, facilitating seamless collaboration and integration between these platforms.
This is a minimal workflow configuration, which you can customize further to suit your specific requirements, such as mirroring multiple branches or triggering the workflow on specific events.
Happy Learning! 🚀