From a9d61b814a4b0a1a1b2f3fb3b2f691137f5c25d2 Mon Sep 17 00:00:00 2001
From: Patrick Madec <ec2-user@ip-172-31-7-200.eu-west-1.compute.internal>
Date: Tue, 28 Sep 2021 09:13:59 +0000
Subject: [PATCH 1/2] Add integration with AWS Codecommit

---
 README.md                   | 66 +++++++++++++++++++++++++++++++++++++
 infra/lib/addons/aws-lbc.ts |  2 +-
 infra/lib/addons/fluxv2.ts  |  9 ++++-
 3 files changed, 75 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 13707b2..1831f7f 100644
--- a/README.md
+++ b/README.md
@@ -105,6 +105,72 @@ podinfo-746d58c87-gjkdl   1/1     Running   0          2m3s
 podinfo-746d58c87-qfjwk   1/1     Running   0          2m3s
 ```
 
+### 4. (Alternative) Using AWS CodeCommit for source control
+You can also use [AWS CodeCommit](https://aws.amazon.com/codecommit/) to host your private repository. In order to do so, follow the step below.
+
+#### 4.1. Create and clone your AWS Codecommit repository
+
+Create an AWS Codecommit repository using 
+```
+aws codecommit create-repository --repository-name MyDemoRepo --repository-description "My demonstration repository"
+```
+
+Setup your git credentials in AWS IAM following those [instructions](https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-gc.html).
+
+Clone the repository using the below command. Replace `YOUR-AWS_REGION` with your AWS region (e.g. eu-west-1). Use your newly created git credentials when asked for.
+```
+git clone https://git-codecommit.<YOUR-AWS_REGION>.amazonaws.com/v1/repos/MyDemoRepo my-demo-repo
+```
+
+#### 4.2. Copy and Push the GitHub repository content to your new repository
+
+Clone the repository `git clone https://github.com/aws-samples/aws-cdk-eks-fluxv2-example.git ./github-repository`
+
+copy the content to our AWS Codecommit repository `cp github-repository/k8s-config  my-demo-repo/k8s-config`
+
+Commit the changes `cd my-demo-repo & git commit -m "first commit"`
+
+Push the changes `git push`
+
+#### 4.3. Setting up the SSH connection to AWS Codecommit
+
+Follow Step 3 of on this [page](https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-ssh-unixes.html) of the AWS Codecommit documentation.
+
+#### 4.4. Deploy the infrastructure
+
+Jump into the the `infra/` directory and deploy the CDK stack, passing along a set of parameters to
+the CDK command. These parameters define which git repository, branch, and path in that repository
+that will be used for initial flux bootstrapping of the cluster.
+
+```shell
+cd infra/
+
+npm i
+
+cdk deploy InfraStack \
+  --parameters FluxRepoURL="ssh://<YOUR_SSH_KEY_ID>@git-codecommit.<YOUR_AWS_REGION>.amazonaws.com/v1/repos/MyDemoRepo" \
+  --parameters FluxRepoBranch="master" \
+  --parameters FluxRepoPath="./k8s-config/clusters/demo"
+```
+
+### 4.5. Create a Kubernetes secret
+
+```bash
+#!/bin/sh
+cat <<EOF | kubectl -n flux-system apply -f -
+apiVersion: v1
+kind: Secret
+type: Opaque
+metadata:
+  name: codecommit-keypair
+  namespace: flux-system
+data:
+  known_hosts: $(ssh-keyscan -t rsa git-codecommit.<YOUR-AWS-REGION>.amazonaws.com 2>/dev/null|grep -E '^git-codecommit.<YOUR-AWS-REGION>.amazonaws\.com'|base64 | tr -d '\n')
+  identity: $(cat ${HOME}/.ssh/codecommit_rsa |base64 | tr -d '\n')
+  'identity.pub': $(cat ${HOME}/.ssh/codecommit_rsa.pub|base64 | tr -d '\n')
+EOF
+```
+
 ## Security
 
 See [CONTRIBUTING](CONTRIBUTING.md) for more information.
diff --git a/infra/lib/addons/aws-lbc.ts b/infra/lib/addons/aws-lbc.ts
index 4a8e22a..fcd3602 100644
--- a/infra/lib/addons/aws-lbc.ts
+++ b/infra/lib/addons/aws-lbc.ts
@@ -22,7 +22,7 @@ export class AWSLoadBalancerController extends cdk.Construct {
     });
 
     const awsLbcCrdsUrl = 'https://raw.githubusercontent.com/aws/eks-charts/master/stable/aws-load-balancer-controller/crds/crds.yaml'
-    const awsLbcCrdsManifest = yaml.loadAll(request.default('GET', awsLbcCrdsUrl).getBody().toString());
+    const awsLbcCrdsManifest : any = yaml.loadAll(request.default('GET', awsLbcCrdsUrl).getBody().toString());
     const awsLbcCrdsManifestResource = props.cluster.addManifest('awsLbcCrdManifest', ...awsLbcCrdsManifest);
     
     const chart = props.cluster.addHelmChart('AWSLBCHelmChart', {
diff --git a/infra/lib/addons/fluxv2.ts b/infra/lib/addons/fluxv2.ts
index b30c636..0402571 100644
--- a/infra/lib/addons/fluxv2.ts
+++ b/infra/lib/addons/fluxv2.ts
@@ -60,6 +60,12 @@ export class FluxV2 extends cdk.Construct {
     // Actually install Flux components onto the cluster
     const fluxRelease = new FluxRelease(props.fluxVersion);
     const fluxManifest = props.cluster.addManifest('fluxManifest', ...fluxRelease.getManifest());
+    let gitImplementation: string = 'go-git';
+
+    //Use the git library libgit2 if AWS Codecommit is used
+    if(props.repoUrl.includes('@git-codecommit.')){
+      gitImplementation = 'libgit2';
+    }
 
     // Bootstrap manifests
     const gitRepoManifest = props.cluster.addManifest('GitRepoSelf', {
@@ -77,7 +83,8 @@ export class FluxV2 extends cdk.Construct {
         secretRef: {
           name: props.secretName
         },
-        url: props.repoUrl
+        url: props.repoUrl,
+        gitImplementation: gitImplementation
       }  
     });
     gitRepoManifest.node.addDependency(fluxManifest);

From 29e1f4d957e498897f3f2bf36b1a2c94c400feca Mon Sep 17 00:00:00 2001
From: Patrick Madec <ec2-user@ip-172-31-7-200.eu-west-1.compute.internal>
Date: Tue, 28 Sep 2021 09:40:40 +0000
Subject: [PATCH 2/2] update readme and remove git implementation option

---
 README.md                  | 15 +++++++--------
 infra/lib/addons/fluxv2.ts |  9 +--------
 2 files changed, 8 insertions(+), 16 deletions(-)

diff --git a/README.md b/README.md
index 1831f7f..82d6ffb 100644
--- a/README.md
+++ b/README.md
@@ -115,7 +115,7 @@ Create an AWS Codecommit repository using
 aws codecommit create-repository --repository-name MyDemoRepo --repository-description "My demonstration repository"
 ```
 
-Setup your git credentials in AWS IAM following those [instructions](https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-gc.html).
+Setup your git credentials in AWS IAM following those [instructions](https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-gc.html) (Steps 1, 2, 3 only).
 
 Clone the repository using the below command. Replace `YOUR-AWS_REGION` with your AWS region (e.g. eu-west-1). Use your newly created git credentials when asked for.
 ```
@@ -126,11 +126,9 @@ git clone https://git-codecommit.<YOUR-AWS_REGION>.amazonaws.com/v1/repos/MyDemo
 
 Clone the repository `git clone https://github.com/aws-samples/aws-cdk-eks-fluxv2-example.git ./github-repository`
 
-copy the content to our AWS Codecommit repository `cp github-repository/k8s-config  my-demo-repo/k8s-config`
+copy the content to our AWS Codecommit repository `(mkdir my-demo-repo/k8s-config; cp -R github-repository/k8s-config/* my-demo-repo/k8s-config) &`
 
-Commit the changes `cd my-demo-repo & git commit -m "first commit"`
-
-Push the changes `git push`
+Commit and push the changes `(cd my-demo-repo; git add .; git commit -m "first commit"; git push) &`
 
 #### 4.3. Setting up the SSH connection to AWS Codecommit
 
@@ -138,12 +136,12 @@ Follow Step 3 of on this [page](https://docs.aws.amazon.com/codecommit/latest/us
 
 #### 4.4. Deploy the infrastructure
 
-Jump into the the `infra/` directory and deploy the CDK stack, passing along a set of parameters to
+Jump into the the `github-repository/infra/` directory and deploy the CDK stack, passing along a set of parameters to
 the CDK command. These parameters define which git repository, branch, and path in that repository
 that will be used for initial flux bootstrapping of the cluster.
 
 ```shell
-cd infra/
+cd github-repository/infra/
 
 npm i
 
@@ -154,6 +152,7 @@ cdk deploy InfraStack \
 ```
 
 ### 4.5. Create a Kubernetes secret
+Use the following script to craft and apply the secret to the flux-system namespace
 
 ```bash
 #!/bin/sh
@@ -162,7 +161,7 @@ apiVersion: v1
 kind: Secret
 type: Opaque
 metadata:
-  name: codecommit-keypair
+  name: github-keypair
   namespace: flux-system
 data:
   known_hosts: $(ssh-keyscan -t rsa git-codecommit.<YOUR-AWS-REGION>.amazonaws.com 2>/dev/null|grep -E '^git-codecommit.<YOUR-AWS-REGION>.amazonaws\.com'|base64 | tr -d '\n')
diff --git a/infra/lib/addons/fluxv2.ts b/infra/lib/addons/fluxv2.ts
index 0402571..b30c636 100644
--- a/infra/lib/addons/fluxv2.ts
+++ b/infra/lib/addons/fluxv2.ts
@@ -60,12 +60,6 @@ export class FluxV2 extends cdk.Construct {
     // Actually install Flux components onto the cluster
     const fluxRelease = new FluxRelease(props.fluxVersion);
     const fluxManifest = props.cluster.addManifest('fluxManifest', ...fluxRelease.getManifest());
-    let gitImplementation: string = 'go-git';
-
-    //Use the git library libgit2 if AWS Codecommit is used
-    if(props.repoUrl.includes('@git-codecommit.')){
-      gitImplementation = 'libgit2';
-    }
 
     // Bootstrap manifests
     const gitRepoManifest = props.cluster.addManifest('GitRepoSelf', {
@@ -83,8 +77,7 @@ export class FluxV2 extends cdk.Construct {
         secretRef: {
           name: props.secretName
         },
-        url: props.repoUrl,
-        gitImplementation: gitImplementation
+        url: props.repoUrl
       }  
     });
     gitRepoManifest.node.addDependency(fluxManifest);