All the way to this point, we have created the resources that allow us to store our source code and deploy it to S3 bucket. However, this build/deploy process has to be triggered manually by going to the console, finding the CodeBuild project and clicking Start build button.
This doesn't sound good enough for a complete development cycle. We need something that links changes in CodeCommit repository and CodeBuild project together so the build process is triggered automatically when changes are pushed to git. That magic link is called CloudWatch
Amazon CloudWatch is a monitoring service for AWS cloud resources and applications you run on AWS. Amongst other things it allows to create event rules that watch service events and trigger actions on target services. In this case we are going to watch changes in CodeCommit repository and link that to the Start build action on CodeBuild.
Creating the Rule
First, we need to go to CloudWatch console, to get there, select Services from the top menu, then under Management Tools, select CloudWatch. Once there, select Rules from the left hand side menu, under Events category.
Configure the Event source
We'll see two panes, the left hand side is for the event source, the right one is to choose the target of our rule.
On the left side, select Event Pattern radio button option (default one), next from the drop down menu, select Events by Service. For Service Name, find the option corresponding to CodeCommit and Event Type CodeCommit Repository State Change.
Since we are only interested in the changes of the repository we previously created, select Specific resource(s) by ARN radio button option. Then, enter the ARN of the corresponding CodeCommit repository, which can be found by going to Settings in CodeCommit console. It should be something like arn:aws:codecommit:eu-west-1:111111111111:abelperez.info-web.
Configure the Target
On the right side, click Add Target, then from the drop down menu, select CodeBuild project. A new form is displayed where we need to enter the project ARN, this is a bit tricky because for some reason, CodeBuild console doesn't show this information. Head to ARN namespaces documentation page and find CodeBuild, the format will be something like arn:aws:codebuild:us-east-1:111111111111:project/abelperez.info-builder.
Next step is to define the role, which in this case, we'll leave as it is proposed to Create a new role for this specific resource, AWS will figure out what permissions based on the type of resource we set as target, this might not be entirely accurate in the case of Lambda as target, we'd need to edit the role and add some policy for specific access.
We skipped Configure input on purpose as no input is required to trigger the build, so no need to change that setting.
Finish the process
Click on Configure details to go to step 2 where the process will finish.
Enter name and optionally a description, leave State as Enabled so it will be active from the moment we create it. Click on Create rule finish the process.
Let's test it
How can we know if the rule is working as expected? Since we connected changes on CodeCommit repository with starting a build on CodeBuild, let's do some changes to our repository, for example, adding a new file index3.html
abel@ABEL-DESKTOP:~/Downloads/abelperez.info-web$ git add index3.html abel@ABEL-DESKTOP:~/Downloads/abelperez.info-web$ git commit -m "3rd file" [master e953674] 3rd file 1 file changed, 1 insertion(+) create mode 100644 index3.html abel@ABEL-DESKTOP:~/Downloads/abelperez.info-web$ git push Counting objects: 3, done. Delta compression using up to 4 threads. Compressing objects: 100% (2/2), done. Writing objects: 100% (3/3), 328 bytes | 0 bytes/s, done. Total 3 (delta 1), reused 0 (delta 0) To ssh://git-codecommit.eu-west-1.amazonaws.com/v1/repos/abelperez.info-web 27967c1..e953674 master -> master
Now let's check CodeBuild console to see the build being triggered by the rule we've created
As expected, the build ran without any human intervention, which was the goal of the CloudWatch Event rule. Since the build succeeded, we can also check the existence of the new file in the bucket.
abel@ABEL-DESKTOP:~/Downloads$ aws s3 ls s3://www.abelperez.info 2018-02-21 23:19:53 18 index.html 2018-02-21 23:19:53 49 index2.html 2018-02-21 23:19:53 49 index3.html