☁️Using GitHub Access Token for CodeArts Pipeline Automation
Introduction
Hi everyone, in today’s article, we’ll be focusing on using the infamous code repository GitHub and Huawei Cloud’s DevSecOps platform, CodeArts. In this exercise, we will attempt to automate processes using the CodeArts Pipeline, much like we have already demonstrated in previous articles. However, this time, we will utilize a GitHub repository as our source code, and the commits we make there will trigger the pipeline. Also, I want to emphasize the GitHub trigger aspect in this article, rather than other aspects such as building and deploying the code.
Before we begin the demo, although I expect you to be already familiar with these services, I will briefly overview CodeArts and GitHub.
1️⃣ ECS: Elastic Cloud Server (ECS) is a versatile and scalable cloud computing service that empowers users to create and manage virtual servers in the cloud.
2️⃣ CodeArts: CodeArts is a one-stop DevSecOps platform that provides out-of-the-box cloud services for requirement delivery, code commit, check, build, verification, deployment, and release throughout the entire software lifecycle. It consists of the following services: Req (Project Management), Repo (Code Hosting), Check (Code Quality), Build (Code Build), Artifact (Build Hosting), Deploy (Build Deployment), Pipeline (Continuous Delivery), TestPlan (Deployment Test).
3️⃣ GitHub: GitHub is a cloud-based platform where you can store, share, and work together with others to write code. Storing your code in a “repository” on GitHub allows you to showcase or share your work, track and manage changes to your code, and collaborate on a shared project with others.
Demo
Preliminaries
⚡️ CodeArts project with ECS added to basic resources
We need an ECS instance onto which we are going to deploy our application. Additionally, if we want our application to be accessible from the internet, we need to associate an Elastic IP (EIP) so that the server will have a public IP address. If you’re unsure how to procure an ECS instance, you can refer to this guide.
To utilize the ECS within our project, we need to incorporate it as a basic resource. After creating the project, navigate to ‘Settings > General > Basic Resources’ to establish a host cluster. This process enables us to include the ECS instances we’ve generated in the project. Once the cluster is created, proceed to add the ECS as a basic resource within this project.
⚡️ GitHub repository
As we will be inspecting the commits made in GitHub, we require a repository to store our code. Here is the repository I’ll be utilizing for this exercise, which you may also choose to use. (You can also locate it as a template in the CodeArts Repo under the name ‘Java Web Demo’)
Step 1️⃣: Generate a GitHub access token and add it as a service endpoint in a CodeArts project
This step is perhaps the most crucial for this exercise. Typically, CodeArts cannot access your private repositories on other Git providers. However, by using a token as a service endpoint, CodeArts can gain access to your repositories on GitHub. Therefore, we need to navigate to ‘Settings > Developer settings > Personal access tokens > Fine-grained tokens’ on GitHub. Once there, click on ‘Generate new token’.
Next, we’ll give our token a name. By default, the expiration time for a token is 30 days, which I’ll maintain, but you can also customize it. Finally, we’ll adjust the repository access settings, which determine the token’s attributes on the account. Here, you can specify whether the token should have access to only public repositories, all repositories, or only selected ones. For this exercise, I’ll select only the repository we’ll be using. Also, ensure that you grant all the necessary permissions to the token.
After the token is generated, you’ll be redirected to a page where your token is displayed. It’s crucial to copy and securely note down your token at this point because GitHub won’t allow you to view it again.
Now that we have generated the token, we can utilize it in our CodeArts project. Navigate to ‘Settings > General > Service Endpoints’ in your CodeArts project, then click on ‘Create Endpoint’. A dropdown menu will appear; select ‘GitHub’ from the options.
A pop-up will appear where we’ll select ‘Access token’ as the authentication method and use the token we generated earlier. Then, click on ‘Verify and OK’.
After it’s verified, as depicted in the screenshot below, you’ll be able to see the endpoint.
Step 2️⃣: Create a build task
Now that we’ve established the connection to our GitHub repository within our CodeArts project, we can proceed to build the application itself. Navigate to ‘CICD > Build’ and then click on ‘Create Task’.
Then, we need to name the task and select its source code. Since we’re importing the code from GitHub, we need to choose GitHub as the code source. Next, we’ll select the endpoint we created earlier. After that, we can choose the source code repository and its branch.
Next, we will select the Maven template and click on ‘Next’. This template will automatically add the required steps to the task.
Here we can see the automatically configured steps for a Maven project. This eliminates the need to configure each step individually, simplifying the process. Now, we can simply click on ‘Create and Run’.
Then, a new page will appear where you can observe the logs in real time. As you can see, our task successfully finished in under a minute.
You can also view the build result in CodeArts Artifact. Navigate to ‘Artifact > Release Repos’ to see the package created from the build task.
Step 3️⃣: Create a deploy task
We’ve completed the build task and obtained the package. Now, let’s create a deploy task to make our application accessible from the internet. Navigate to ‘CICD > Deploy’ and click on ‘Create Application’.
Here, set the name of the task and then click on ‘Next’.
Next, we will select a template called ‘Deploy a Spring Boot Application’, and similar to the build task, it will automatically configure some of the steps in our task.
After the deploy task page appears, click on ‘Environment Management’.
On the environment management page, click on ‘Create Environment’ to create an environment and add the ECS instance to that environment. Once added, it should resemble the screenshot below. After configuring, click on ‘Parameters’.
In this Spring Boot template, some parameters need to be filled in. Adjust the parameter settings as indicated in the screenshot below. Then, click on ‘Deployment Actions’.
Here in these steps, make the same configurations as me step by step.
Install JDK: We don’t make any changes here
Select a Deployment Source: Here, we will choose ‘Build task’ as the source. Then, select the build task we created earlier. For the download path, we can use ‘/usr/local’.
Stop SpringBoot: Make sure that we have the same absolute path in this step.
Start SpringBoot: Make sure that we have the same absolute path in this step.
Health Test Through URLs: We will disable this step in this exercise.
After all of the configurations, we can click on ‘Save & Deploy’, and a pop-up will appear. We will fill out the blank form as shown in the screenshot below and then click on ‘OK’.
As we did with the build task, we can observe real-time logs here as well. As you can see, the task finished successfully in just around a minute.
You can also refer to the screenshot below and observe that we can access the application from the Internet.
Step 4️⃣: Create a pipeline task
The application is live, and now let’s see how we can create a pipeline using these build and deploy tasks. Navigate to ‘CICD > Pipeline’ and click on ‘Create Pipeline’.
Here, we’ll name the pipeline and then select the repository, similar to what we did when creating the build task.
Here, we will continue with the blank template.
The pipeline is ready, and now we will configure it. Configure the pipeline as shown in the screenshot below, and then click on ‘Execution Parameters’.
Here, we will enable the code commit option so that when we make a commit in our GitHub repository, this pipeline will run. Click on ‘Save’, and then let’s navigate to GitHub.
Next, I’ll make a small change and then commit it.
After committing, the pipeline starts automatically without any delay. This is exactly what we wanted to achieve with this exercise.
Now, let’s examine the changes from the browser. The pipeline has successfully finished, but is there any difference? Let’s find out… As depicted in the screenshot below, the differences are visible, and our exercise is now complete.
Conclusion
In this exercise, we’ve generated a GitHub access token and incorporated it as a service endpoint in the CodeArts project. This enabled us to utilize the repository within CodeArts and monitor commits to trigger the pipeline. This scenario can be particularly useful when you need to maintain your source code in GitHub while also leveraging CodeArts services. (I’d recommend keeping your code in the CodeArts Repo as well for additional trigger options, etc.) This article can serve as a fundamental guide, and you can adapt and customize this task to suit your specific tasks and business requirements. Until the next article, take care!
