Bitbucket Pipelines Manual S3 Download
I'm using Bitbuckets Pipeline. I want it to push the entire contents of my repo (very small) to S3. I don't want to have to zip it up, push to S3 and then unzip things.
This tutorial explains how to deploy automatically from bitbucket (or github) to AWS S3.
Create a bitbucket repository (public or private).
Add this repo on Wercker
- Go to Create Application
- Select use bitbucket (or github)
- Choose your repo
- For the next questions, choose the default answers
Add a file wercker.yml in your project
Get your AWS credentials
- on AWS, go to
Security Credentials - Go to
Access Keys (Access Key ID and Secret Access Key) - Create a new key and keep the
Access key IDand theSecret Access Keyin a safe place.
Setup Deployment on Wercker
- on Wercker, go to the settings of your app
- in
Deploy targets, click onadd deploy targetand choosecustom deploy - Target name can be
production - Select Autodeploy
- Branch name is
master - Click on
add new variableand create a new environement variable with the nameS3_ACCESS_KEY_IDand your access key id as text - Create another new variable with the name
S3_SECRET_KEYand your secret access key as text - Create another variable with the name
S3_BUCKET_NAMEands3://example.comas text (change example.com with the name of your bucket)
Push your files to bitbucket
Wercker should run the build (that does nothing so far) and deploy on s3.
A month ago I blogged about using Bitbucket Pipelines as a deployment tool to deploy my Hugo website to AWS S3. It was a fully automated setup that deployed a new version of the site every time I pushed a commit to the master branch of the git repo.
Lately I’ve been moving more things to AWS, as having everything on AWS makes it easier to integrate stuff, including my Hugo blog. Let me show you how I set up the build process on AWS.
CodeCommit
Firstly I moved my git repo from the public, free Bitbucket server to AWS CodeCommit. There really is nothing special to say about that: CodeCommit is simply git on AWS (details on pricing)
The only thing I want to stress, again, is that you should not use your admin user to push code but create a new IAM user with limited access so it can only push code and nothing more. The CodeCommit page will guide you with that, up to the point of creating SSH keys.
The AWS Managed Policy AWSCodeCommitFullAccess should be all the access needed, there is no need to write your own policy.
Aws Code Pipeline Bitbucket
CodeBuild
Secondly, I needed a replacement for Bitbucket Pipelines: AWS CodeBuild. Launched in December 2016, CodeBuild is almost exactly the same build system as Bitbucket Pipelines (and Travis CI, and GitLab templates, and so many other Docker-driven build systems) and there is just one thing you need to create yourself: a build template.
Here’s what I used as buildspec.yml for building and deploying my Hugo blog:
The Docker image I used was the standard Ubuntu Linux 14.04 one since I don’t require any custom software during my build plan.
For more complex jobs you can provide your own Docker image to run the build process in. Make sure it includes libc, otherwise AWS will not be able to run it. Sadly this will exclude most alpine-based images, but for a build process that probably shouldn’t be a big issue.
Instead of using an IAM user by providing the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY in my build template, I used the CodeBuild IAM role to define my access to the S3 bucket. CodeBuild will generate this role for you when creating a build plan, just add this custom IAM policy to that role:
Replace BUCKETNAME with the name of your S3 bucket.
Some remarks
Bitbucket Pipeline Example
Right now deployment is a manual action: I log into the AWS CodeBuild site and push the Run build button. CodeBuild has no easy “Build on new commits” option, but you can of course use AWS Lambda to build that yourself. I will do that soon for my blog, and then I’ll update this post with the Lambda I used.
Bitbucket Pipelines Artifact
If you are looking for a complete pipeline system like GoCD, AWS CodePipeline is what you need.