How to integrate AWS CodeBuild and AWS CodeCommit to SonarCloud

Posted on Temitope Odemo By Temitope Odemo No Comments on How to integrate AWS CodeBuild and AWS CodeCommit to SonarCloud
AWS CodeBuild

It is always a challenge to have your code released without bugs or vulnerabilities. There is a need to have a quality code and a very efficient code review process. We have several tools in the marketplace that can be integrated into your DevOps to provide you insights into your code and one of the best tools out there is SonarCloud. This tool conduct code analysis and defined the process to enforce code control on three levels which are syntax, code standards, and structure. SonarCloud will always ensure that all issues are flagged before code is sent for testing and can be quickly fixed by the developer so that high-quality code is released to the production all the time.

If you want to read more on AWS you can check these guides: How to manage and use Amazon S3 access points using the AWS Management Console, how to enable Amazon S3 default bucket encryption using S3 Console, how to deploy a .NET application to AWS Elastic Beanstalk using AWS Tool Kit, How to Deploy MVC Application to AWS EC2 Using RDP Connection and Web Deploy.

AWS CodeCommit is a secure, highly scalable, managed source control service provided by amazon web services that you can use to host your Git-based code repositories. This service makes it very easy for teams to securely collaborate on code whereby the code is properly encrypted in transit and at rest. AWS CodeBuild is another fully managed service by AWS that can be used for a continuous integration service that compiles source code, run tests, and produces software packages or software installation files that are ready for deployment.

In this guide, I will be showing you how to integrate AWS CodeBuild and AWS CodeCommit to SonarCloud. Before we start, make sure you have a SonarCloud account and AWS account, as we will be pushing some codes to the AWS CodeCommit repository.

Initiating Project Analysis on SonarCloud

Go ahead and login to your SonarCloud Account. Then click on the plus icon on the right side and click Analyze new Project. In the next page, click on Create a Project Manually and enter a project key and display the name you like and click the Setup button.

AWS CodeCommit
Setting up your project Manually

We will not be using the recommended GitHub Actions rather we will be setting up manually.

SonarCloud integration
Choose Analysis Method

Then again Sonarcloud will request for your build and Operating system. Please select Other for the build while Linux as the OS because CodeBuild projects run on Linux.

You will now need to copy the SONAR_TOKEN details and the command and saved in a place that it can easily be access.

SonarCloud integration
Setting up your Build

Creating an AWS CodeCommit Repository: Step-by-Step Guide

Login to your AWS account and create a CodeCommit Project. Navigate to CodeCommit and click Create Repository and give the repository a name and click Create.

DevOps pipeline
Creating Repository

After creating the repository, clone the repository. After that, you can add your code into the repository. You can check this guide on how to add your code into the repository

Here, we need to add a special file to initiate the build process in CodeBuild. It is known as the buildspec.yml file. Create a file called buildspec.yml and paste the below content in it. You can copy the content from here

image-57
Creating file into your CodeCommit repo

You can change the buildspec.yml file values with the values you got when creating the sonar cloud project. Check below:

  • SONARCLOUD_ORG = Your Sonar Cloud Organization name
  • PROJECT_KEY = Your Sonar Project Key
  • SONARCLOUD_TOKEN = Your Sonar Project Token

After that you can then push the entire codebase to the repository.

The next step is Creating CodeBuild Project. Now let us navigate to CodeBuild and create a project. Give the build project a name and supply other details.

image-58
Create Build Project

Supply other source code details

image-59
Adding Source for your Build Project

Optimal CodeBuild Environment Configuration

For the CodeBuild Environment, you can use AWS managed image with Ubuntu Operating System and Standard runtime with image “aws/codebuild/standard:4.0

After setting up the build project, you can initiate the build process. If everything is properly configured and progresses as planned, the Sonar scanner will effectively analyze the project. Learn how to integrate AWS CodeBuild to streamline this process and ensure successful project analysis.

image-60
Project Created

Build started

image-61
Build Started

Once you’ve successfully completed the build without any errors, you’ll have the opportunity to view the analysis report on SonarCloud. Discover insights on how to integrate AWS CodeBuild for a streamlined development process.

image-62
Code Analysis

I hope you found this blog post on How to integrate AWS CodeBuild and AWS CodeCommit to SonarCloud interesting and helpful. In case you have any questions do not hesitate to ask in the comment section.

Rate this post
AWS/Azure/OpenShift, Version Control System Tags:, , , ,

Related Posts

More Related Articles

TLS1.2 Unable to install Azure AD Connect, TLS 1.2 is required: How to enable or disable TLS 1.2 on a Windows Server via the Registry and PowerShell AWS/Azure/OpenShift
Create your own Network on AWS from Scratch VPC, Subnet, NACL, Security Group: Create your own Network on AWS from Scratch [Part 2] AWS/Azure/OpenShift
Azure logo 1 Azure Active Directory: Why do I need to deploy Azure AD? AWS/Azure/OpenShift
react 1 How to deploy a React Application to AWS S3 AWS/Azure/OpenShift
Install Packages to Amazon Virtual Machine Using Terraform How to Install Packages to Amazon VM using Terraform AWS/Azure/OpenShift
Slide2 How to Setup Jenkins Pipelines Environment for Docker Container Deployment Containers

Leave a Reply