Package management in Spring Boot using AWS CodeArtifact
While working with Spring boot microservice architecture, we need to manage many dependencies privately and securely, such as project dependencies, common jar, third-party jar, and client-supplied SDK. To accomplish the same, we need Secure, scalable, and cost-effective package management for Spring boot microservice development and make them accessible to the CI/CD pipeline.
AWS CodeArtifact service not only connects to maven to download code artifacts, but also hosts application jar or client jar privately for the client project. CodeArtifacts can be readily integrated into the CI/CD build cycle and aids in automating the end-to-end build and deployment of a project.
Solution Diagram
There are two steps to achieve the build and make it available to all the microservice.
- Build and Push the Dependency.
In the diagram above, we can use the code Pipeline to build our shared jar and published it into the AWS CodeArtifact. This can be done by following the CodeArtifact setup, Spring boot maven pom.xml, and setting.xml files, which are explained in more depth in the actual implementation part.
2. Pull the dependencies from the AWS CodeArtifact
In the diagram above, it was shown how the spring boot project pulls the dependencies from the AWS CodeArtifact during the build stage, pushes them to the ECR, and then deploys them into the ECS cluster.
Configuration of AWS CodeArtifacts and Spring Boot
The whole setup is broken down into 5 steps: configure CodeArtifacts first, then set up the SpringBoot project second.
1. Setting up AWS CodeArtifact
a. Create Domain:
goto console →CodeArtifact →Domains → Create domain
b. Create Repository
goto console →CodeArtifact →Repositories → Create Repository
1. Setup AWS CLI access
a. Download and install the AWS CLI refer the link.
b. Configure the AWS CLI access. Please follow here
$ aws configure
AWS Access Key ID [None]: <<ACCESS-KEY>>
AWS Secret Access Key [None]: << SECRET-ACCESS-KEY >>
Default region name [None]: <<REGION>>
Default output format [None]: json
2. Project creation.
This is divided into two parts: the first is creating a common project, and the second is creating a Spring Boot project that will use the common jar and pull it from AWS CodeArtifact.
a. Create a java project.
Please refer to the code here.
b. Create a Spring Boot Project using spring initializr and add the common.jar as dependency.
Please refer to the code here.
3. Building and pushing the common project in CodeArtifact
a. POM.xml
Add distribution Management:
<distributionManagement>
<repository>
<id>abc-dev</id>
<name>abc-dev</name>
<url>https://abc-<<account-id>>.d.codeartifact.us-east-2.amazonaws.com/maven/dev/</url>
</repository>
</distributionManagement>
b. Create a file titled setting.xml in the project’s root and add the following element to it.
<servers>
<server>
<id>abc-dev</id>
<username>aws</username>
<password><<token>></password>
</server>
</servers>
c. Generate a token.
Use the command below to generate the token and append it to the setting.xml file.
aws codeartifact get-authorization-token --domain abc --domain-owner <<account-id>> --region us-east-2 --query authorizationToken
d. Building and pushing the jar in CodeArtifact
mvn -s settings.xml clean package deploy
4. SpringBoot builds and pulls up the shared project from CodeArtifact.
a) Create a setting.xml file in the project’s root and include the following element.
<servers>
<server>
<id>abc-dev</id>
<username>aws</username>
<password><<token>></password>
</server>
</servers>
<profiles>
<profile>
<id>abc-dev</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<repositories>
<repository>
<id>abc-dev</id>
<url>https://abc-<<account-id>>.d.codeartifact.us-east-2.amazonaws.com/maven/dev/</url>
</repository>
</repositories>
</profile>
</profiles>
b) Generate a token.
Use the command below to generate the token and append it to the setting.xml file.
aws codeartifact get-authorization-token --domain abc --domain-owner <<account-id>> --region us-east-2 --query authorizationToken
c) Building the jar
mvn -s settings.xml clean package
Conclusion:
Dependency management is a typical difficulty when creating a Spring boot microservice, especially when dealing with common framework, SDK and third-party dependencies. The CI/CD workflow is greatly facilitated by the simplification and automation afforded by AWS CodeArtifact. The primary benefit of CodeArtifact is the ease with which dependencies can be shared across a wide range of teams and projects with appropriate levels of access granted to your teams and build systems, which in turn reduces operational overhead like ensuring security of dependencies and keeping track of their various versions.