One of my repo's in codecommit is trying to pull from another of my codecommit repos.
Inside the first repo's package.json there is the dependency:
"dependencies": {
"repo-2": "git+https://git-codecommit.eu-west-1.amazonaws.com/v1/repos/repo-2.git#TAG"
}
My codebuild is throwing the error when attempting to npm install (codebuild is using nodejs12):
npm ERR! Command failed: git clone --mirror -q https://git-codecommit.eu-west-1.amazonaws.com/v1/repos/repo-2.git
/root/.npm/_cacache/tmp/git-clone-3d2bf4b6/.git
npm ERR! warning: templates not found in /tmp/pacote-git-template-tmp/git-clone-7cae5b66
npm ERR!
npm ERR! A complete log of this run can be found in:
npm ERR! /root/.npm/_logs/2021-01-26T11_58_45_260Z-debug.log
I've made sure to give the correct permissions in my policy:
- Sid: CodeCommitRepoAccess
Effect: Allow
Action:
- codecommit:GetRepository
- codecommit:GitPull
- codecommit:GetFolder
Resource:
- arn:aws:codecommit:eu-west-1:*
- Sid: CodeCommitListRepos
Effect: Allow
Action:
- codecommit:ListRepositories
Resource: "*"
And I've added in the git-credential helper in the buildspec.yaml:
env:
git-credential-helper: yes
I'm really at a loss about why this is failing, and the error message isn't giving me any ideas of what needs fixing. Perhaps I have the missed some permissions in the policy? - but as its not a 403 error I'm not sure. I can npm install locally on my machine without any issues.
EDIT:
To actually be clearer, I am trying to build from repo-1, which has a dependencies on repo-2 and repo-3. Additionally, repo-2 has a dependency on repo-3 as well. I tried running npm install without the nested private repository (removed it from the package.json as a test) but the build still failed the same way.
UPDATE:
I added the line git ls-remote -h -t https://git-codecommit.eu-west-1.amazonaws.com/v1/repos/repo-2.gitto my buildspec and this correctly returns the branches/tags in repo-2, so permissions look fine.
