Validate your commit messages for Jira issue number or ServiceNow ticket number using AWS Lambda and notify result with SNS email notification. This blog covers steps to build your own serverless commit message validation based on which you can take actions earlier in the DevOps pipeline.
- AWS Account and basics of on CodeCommit, Lambda, SNS & IAM roles
- Basic Python with regular expression
Creating Code Commit repository
Head to the CodeCommit service in AWS , I am using North Virginia for this example. Select the region which you want to use but make sure you are using the same region throughout rest of this blog. I have set it to N Virginia (see top right corner on AWS console for region drop down and select the region which you want to use)
Go to AWS console → Services → CodeCommit under the Developer Tools section
click on create repository, then fill out the name and description. Click create once done.
repository is created
scroll down to section where we can see create file and click on that
write few comments into the first text box, then continue to add details of file name, author and commit message. Click on commit changes.
While using code commit follow the AWS document if you want to use a local editor in your machine https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-gc.html and connect to you repository.
- Roles give permission to AWS services on what it can access and execute
- We need to create a role which has access to code commit repository
so the backend logic can read the commit message. And SNS to access to send notification email.
- Role will have policies associated with them which enables that permissions
Go to AWS console → IAM service under Security, Identity & Compliance section
Select Roles from the menu in the Left side → Click on create role.
Then select lambda → click on Next:Permissions
Search for AWSCodeCommit and select AWSCodeCommitReadOnly, again search for AmazonSNS and select AmazonSNSFullAccess
Tagging is always necessary to identify who created the resources for what purpose
Next:Review page, check the details and provide a name. I have given commitCheckRole. Then hit Create Role
SNS topic and subscription with email
SNS is a notification service which works on a pub sub model. We are using this to send email to our users based on validation result.
AWS Console → Simple Notification Service (SNS) under Application Integration section → hit Topics on the left side → Then select Create Topic on the right. Give a name to the topic like commitCheckNotification scroll down and click Create Topic
Create a subscription by clicking on Create Subscription so user can receive email if there a message published to this topic. Lambda function will publish to this topic, email address subscribed to this topic will receive that message.
Select Protocol as Email and give your email address in the Endpoint.
Then click on Create Subscription.
After this SNS sends an email verification to confirm your subscription to this topic. Click on Confirm Subscription in the email. This is necessary to receive notification on the subscribed email.
Then if you check in the topic there should be one subscription with status as confirmed, protocol as EMAIL and the endpoint with the correct email address.
AWS lambda is a serverless service which has function that respond to events. In our case commit to the repository is an event which will trigger the function. Logic to verify the commit message is written in the function using python3.7 (note — lambda supports 5 other languages as well)
- In the AWS console Go to services → Lambda under compute section
- Click on create function → author from scratch
- Give your function a name like commitCheck
- select runtime as python 3.7
- expand the choose or create an execution role
- under the drop down select use existing role
- select the role commitCheckRole created in the earlier step
- Select Create function
Code which needs to added in the Lambda console is available in the Github Repo https://github.com/uptownaravi/serverless
Clone the repo. Edit the app.py file, we need to add some details before moving on. Find the ARN for topic which was created from the SNS service. Then add that to the code ( see the app.py file for REPLACE_WITH_SNS_TOPIC_ARN).
See below screen shot to find the topic ARN
AWS console → SimpleNotificationService(SNS) → Topics → select your topic → copy the ARN ( starts with arn:aws:sns )
Once code is ready (added with topic ARN ). Copy paste that into the function code section of the Lambda function (replace the default python code already present in the editor). Then hit Save.
We need to add a trigger for this function from the code commit repository.
So that push events to the repository will trigger this function.
Click on the Designer section above the Function code.
Click on Add trigger → Select CodeCommit from the list
Choose the repository which we had created earlier and give a name for your trigger. And click on Add in the bottom. Which will add the trigger for CodeCommit. Then Save on top right of the Lambda function console.
Note: here we have all repository events as event to respond, this can be left as such. But if required change it to Push to existing branch for only push events.
And that’s it lets test that out with a commit
Head over to the code commit repository which was created earlier.
Click on edit and that will take you to a editor
Add some comments then scroll down and add the details of author, email address and commit message. Click on Commit Changes.
I am not adding a Jira issue number in the commit message here on purpose to check our functionality.
Check your inbox for email from SNS and see the subject line. As we have not added a Jira issue number it will say Code Commit Message Validation Failed
Try a new commit in the same CodeCommit repository but this time add commit message which has a sample Jira issue number like JIRA-1101
Then a success message Code Commit Message Validation Passed
Thank you for reading through. Give a Thumbs up and Share.