Access AWS CodeCommit from Jenkins running on EC2 (Ubuntu)

I’m trying to integrate Jenkins with AWS CodeCommit. Jenkins is running on an AWS EC2 Instance with Ubuntu 14.04.

I followed this Blogpost:

  • Git post-receive hook not running following push
  • How to run git pull and bypass SSH passphrase prompt in user startup script?
  • Is there Environment variable for Amazon ElasticBeanstalk containers for the deployed version?
  • Permission denied when cloning git repository
  • Why is EC2 not pulling updates from bitbucket/github via post-receive hook?
  • AWS CodePipeline, build failed & getting error as YAML_FILE_ERROR M
  • The problem is, that sudo -u jenkins aws configure isn’t executed because the jenkins user has no permissions.

    What would you do?

    The following commands aren’t working as well:

    sudo -u jenkins git config --global credential.helper '!aws codecommit credential-helper $@'
    sudo -u jenkins git config --global credential.useHttpPath true
    sudo -u jenkins git config --global ""
    sudo -u jenkins git config --global "MyJenkinsServer"

    What rights does the jenkins user need?

    Thanks in advance.

  • Can I use AWS code Deploy for pulling application code while autoscaling?
  • Why is EC2 not pulling updates from bitbucket/github via post-receive hook?
  • using git post-receive for overwriting files in multiple directories
  • AWS CodeCommit HTTPS access without setting up credential helper
  • Elastic Beanstalk failed to update local Git configuration
  • capistrano version 3 upgrade confusing
  • 2 Solutions collect form web for “Access AWS CodeCommit from Jenkins running on EC2 (Ubuntu)”

    I was able to achieve this integration using SSH. To some extent, I followed these instructions:
    Setting up for CodeCommit

    Assuming Jenkins Home is /var/lib/jenkins/

    1. Create an ssh key on the Jenkins EC2 instance (/var/lib/jenkins/.ssh/id_rsa)

      ssh-keygen -b 2048 -t rsa -f /var/lib/jenkins/.ssh/id-rsa -a -N
    2. Upload the public key to an IAM user (IAM user must have CodeCommit access)

      aws iam upload-ssh-public-key --user-name <username> --ssh-public-key-body file:///var/lib/jenkins/.ssh/
    3. Collect the SSHPublicKeyID when you upload the key

       "SSHPublicKey": {
       "UserName": "jenkins",
       "Status": "Active",
       "SSHPublicKeyBody": "ssh-rsa <rsa-key> <host>\n",
       "UploadDate": "2015-09-02T19:18:24.309Z",
       "Fingerprint": "xxx",
       "SSHPublicKeyId": "APK***"
    4. Create/modify SSH config file

      Host git-codecommit.*
        User APK*******
        IdentityFile /var/lib/jenkins/.ssh/id_rsa
        StrictHostKeyChecking no
    5. Where the APK*** is the value of the Key ID retrieved in step 3

    6. Copy or move this file to /var/lib/jenkins/.ssh/config (or wherever Jenkins is installed on your EC2 instance)
    7. Ensure ‘jenkins’ user has 0600 permissions to /var/lib/jenkins/.ssh directory
    8. Create a Jenkins job as described in the blog post you first used. For the repository URL, however, enter the SSH url instead. (no credentials needed)

    After doing all of above steps. If it is still not works.
    clone any branch within /var/lib/jenkins/.ssh. It will add known host entry.

    sudo -u jenkins git clone ssh://git-codecommit.<your-region><your test branch>`
    Git Baby is a git and github fan, let's start git clone.