New – Add Your Swift Packages to AWS CodeArtifact

Beginning immediately, Swift builders who write code for Apple platforms (iOS, iPadOS, macOS, tvOS, watchOS, or visionOS) or for Swift functions operating on the server aspect can use AWS CodeArtifact to securely retailer and retrieve their bundle dependencies. CodeArtifact integrates with normal developer instruments corresponding to Xcode, xcodebuild, and the Swift Bundle Supervisor (the swift bundle command).

Easy functions routinely embody dozens of packages. Massive enterprise functions might need a whole bunch of dependencies. These packages assist builders pace up the event and testing course of by offering code that solves frequent programming challenges corresponding to community entry, cryptographic capabilities, or information format manipulation. Builders additionally embed SDKs–such because the AWS SDKs–to entry distant providers. These packages may be produced by different groups in your group or maintained by third-parties, corresponding to open-source tasks. Managing packages and their dependencies is an integral a part of the software program growth course of. Trendy programming languages embody instruments to obtain and resolve dependencies: Maven in Java, NuGet in C#, npm or yarn in JavaScript, and pip in Python simply to say a number of. Builders for Apple platforms use CocoaPods or the Swift Bundle Supervisor (SwiftPM).

Downloading and integrating packages is a routine operation for software builders. Nonetheless, it presents no less than two important challenges for organizations.

The primary problem is authorized. Organizations should be certain that licenses for third-party packages are appropriate with the anticipated use of licenses to your particular undertaking and that the bundle doesn’t violate another person’s mental property (IP). The second problem is safety. Organizations should be certain that the included code is protected to make use of and doesn’t embody again doorways or intentional vulnerabilities designed to introduce safety flaws in your app. Injecting vulnerabilities in fashionable open-source tasks is named a provide chain assault and has turn into more and more fashionable lately.

To deal with these challenges, organizations usually set up non-public bundle servers on premises or within the cloud. Builders can solely use packages vetted by their group’s safety and authorized groups and made obtainable via non-public repositories.

AWS CodeArtifact is a managed service that permits you to safely distribute packages to your inner groups of builders. There isn’t a want to put in, handle, or scale the underlying infrastructure. We handle that for you, supplying you with extra time to work in your apps as an alternative of the software program growth infrastructure.

I’m excited to announce that CodeArtifact now helps native Swift packages, along with npm, PyPI, Maven, NuGet, and generic bundle codecs. Swift packages are a well-liked method to bundle and distribute reusable Swift code parts. To discover ways to create your individual Swift bundle, you’ll be able to observe this tutorial. The group has additionally created greater than 6,000 Swift packages that you should use in your Swift functions.

Now you can publish and obtain your Swift bundle dependencies out of your CodeArtifact repository within the AWS Cloud. CodeArtifact SwiftPM works with current developer instruments corresponding to Xcode, VSCode, and the Swift Bundle Supervisor command line device. After your packages are saved in CodeArtifact, you’ll be able to reference them in your undertaking’s Bundle.swift file or in your Xcode undertaking, in an identical approach you utilize Git endpoints to entry public Swift packages.

After the configuration is full, your network-jailed construct system will obtain the packages from the CodeArtifact repository, guaranteeing that solely authorized and managed packages are used throughout your software’s construct course of.

How To Get Began
As regular on this weblog, I’ll present you the way it works. Think about I’m engaged on an iOS software that makes use of Amazon DynamoDB as a database. My software embeds the AWS SDK for Swift as a dependency. To adjust to my group insurance policies, the applying should use a selected model of the AWS SDK for Swift, compiled in-house and authorized by my group’s authorized and safety groups. On this demo, I present you ways I put together my atmosphere, add the bundle to the repository, and use this particular bundle construct as a dependency for my undertaking.

For this demo, I deal with the steps particular to Swift packages. You possibly can learn the tutorial written by my colleague Steven to get began with CodeArtifact.

I exploit an AWS account that has a bundle repository (MySwiftRepo) and area (stormacq-test) already configured.

To let SwiftPM acess my CodeArtifact repository, I begin by amassing an authentication token from CodeArtifact.

export CODEARTIFACT_AUTH_TOKEN=`aws codeartifact get-authorization-token 
                                     --domain stormacq-test              
                                     --domain-owner 012345678912         
                                     --query authorizationToken          
                                     --output textual content`

Word that the authentication token expires after 12 hours. I need to repeat this command after 12 hours to acquire a recent token.

Then, I request the repository endpoint. I move the area identify and area proprietor (the AWS account ID). Discover the --format swift choice.

export CODEARTIFACT_REPO=`aws codeartifact get-repository-endpoint  
                               --domain stormacq-test               
                               --domain-owner 012345678912          
                               --format swift                       
                               --repository MySwiftRepo             
                               --query repositoryEndpoint           
                               --output textual content`

Now that I’ve the repository endpoint and an authentication token, I exploit the AWS Command Line Interface (AWS CLI) to configure SwiftPM on my machine.

SwiftPM can retailer the repository configurations at person stage (within the file ~/.swiftpm/configurations) or at undertaking stage (within the file <your undertaking>/.swiftpm/configurations). By default, the CodeArtifact login command creates a project-level configuration to assist you to use completely different CodeArtifact repositories for various tasks.

I exploit the AWS CLI to configure SwiftPM on my construct machine.

aws codeartifact login          
    --tool swift                
    --domain stormacq-test      
    --repository MySwiftRepo    
    --namespace aws             
    --domain-owner 012345678912

The command invokes swift package-registry login with the proper choices, which in flip, creates the required SwiftPM configuration information with the given repository identify (MySwiftRepo) and scope identify (aws).

Now that my construct machine is prepared, I put together my group’s authorized model of the AWS SDK for Swift bundle after which I add it to the repository.

git clone https://github.com/awslabs/aws-sdk-swift.git
pushd aws-sdk-swift
swift bundle archive-source
mv aws-sdk-swift.zip ../aws-sdk-swift-0.24.0.zip
popd

Lastly, I add this bundle model to the repository.

When utilizing Swift 5.9 or newer, I can add my bundle to my non-public repository utilizing the SwiftPM command:

swift package-registry publish           
                       aws.aws-sdk-swift 
                       0.24.0            
                       --verbose

The variations of Swift earlier than 5.9 don’t present a swift package-registry publish command. So, I exploit the curl command as an alternative.

curl  -X PUT 
      --user "aws:$CODEARTIFACT_AUTH_TOKEN"               
      -H "Settle for: software/vnd.swift.registry.v1+json" 
      -F source-archive="@aws-sdk-swift-0.24.0.zip"       
      "${CODEARTIFACT_REPO}aws/aws-sdk-swift/0.24.0"

Discover the format of the bundle identify after the URI of the repository: <scope>/<bundle identify>/<bundle model>. The bundle model should observe the semantic versioning scheme.

I can use the CLI or the console to confirm that the bundle is accessible within the repository.

aws codeartifact list-package-versions      
                  --domain stormacq-test    
                  --repository MySwiftRepo  
                  --format swift            
                  --namespace aws           
                  --package aws-sdk-swift
{
    "variations": [
        {
            "version": "0.24.0",
            "revision": "6XB5O65J8J3jkTDZd8RMLyqz7XbxIg9IXpTudP7THbU=",
            "status": "Published",
            "origin": {
                "domainEntryPoint": {
                    "repositoryName": "MySwiftRepo"
                },
                "originType": "INTERNAL"
            }
        }
    ],
    "defaultDisplayVersion": "0.24.0",
    "format": "swift",
    "bundle": "aws-sdk-swift",
    "namespace": "aws"
}

Now that the bundle is accessible, I can use it in my tasks as regular.

Xcode makes use of SwiftPM instruments and configuration information I simply created. So as to add a bundle to my Xcode undertaking, I choose the undertaking identify on the left pane, after which I choose the Bundle Dependencies tab. I can see the packages which are already a part of my undertaking. So as to add a personal bundle, I select the + signal beneath Packages.

On the highest proper search area, I enter aws.aws-sdk-swift (that is <scope identify>.<bundle identify>). After a second or two, the bundle identify seems on the checklist. On the highest proper aspect, you’ll be able to confirm the supply repository (subsequent to the Registry label). Earlier than choosing the Add Bundle button, choose the model of the bundle, similar to you do for publicly obtainable packages.

Alternatively, for my server-side or command-line functions, I add the dependency within the Bundle.swift file. I additionally use the format (<scope>.<bundle identify>) as the primary parameter of .bundle(id:from:)perform.

    dependencies: [
        .package(id: "aws.aws-sdk-swift", from: "0.24.0")
    ],

Once I kind swift bundle replace, SwiftPM downloads the bundle from the CodeArtifact repository.

Issues to Know
There are some issues to bear in mind earlier than importing your first Swift packages.

• Be certain to replace to the newest model of the CLI earlier than attempting any command proven within the previous directions.
• You must use Swift model 5.8 or newer to make use of CodeArtifact with the swift bundle command. On macOS, the Swift toolchain comes with Xcode. Swift 5.8 is accessible on macOS 13 (Ventura) and Xcode 14. On Linux and Home windows, you’ll be able to obtain the Swift toolchain from swift.org.
• You must use Xcode 15 to your iOS, iPadOS, tvOS, or watchOS functions. I examined this with Xcode 15 beta8.
• The swift package-registry publish command is accessible with Swift 5.9 or newer. If you use Swift 5.8, you should use curlto add your bundle, as I confirmed within the demo (or use any HTTP consumer of your selection).
• Swift packages have the idea of scope. A scope supplies a namespace for associated packages inside a bundle repository. Scopes are mapped to CodeArtifact namespaces.
• The authentication token expires after 12 hours. We advise writing a script to automate its renewal or utilizing a scheduled AWS Lambda perform and securely storing the token in AWS Secrets and techniques Supervisor (for instance).

Troubleshooting
If Xcode cannot discover your non-public bundle, double-check the registry configuration in ~/.swiftpm/configurations/registries.json. Specifically, verify if the scope identify is current. Additionally confirm that the authentication token is current within the keychain. The identify of the entry is the URL of your repository. You possibly can confirm the entries within the keychain with the /Utility/Utilities/Keychain Entry.app software or utilizing the safety command line device.

safety find-internet-password                                                  
          -s "stormacq-test-012345678912.d.codeartifact.us-west-2.amazonaws.com" 
          -g

Right here is the SwiftPM configuration on my machine.

cat ~/.swiftpm/configuration/registries.json

{
  "authentication" : {
    "stormacq-test-012345678912.d.codeartifact.us-west-2.amazonaws.com" : {
      "loginAPIPath" : "/swift/MySwiftRepo/login",
      "kind" : "token"
    }
  },
  "registries" : {
    "aws" : { // <-- that is the scope identify!
      "url" : "https://stormacq-test-012345678912.d.codeartifact.us-west-2.amazonaws.com/swift/MySwiftRepo/"
    }
  },
  "model" : 1
}

Pricing and Availability
CodeArtifact prices for Swift packages are the identical as for the opposite bundle codecs already supported. CodeArtifact billing relies on three metrics: the storage (measured in GB per 30 days), the variety of requests, and the information switch out to the web or to different AWS Areas. Information switch to AWS providers in the identical Area is just not charged, which means you’ll be able to run your CICD jobs on Amazon EC2 Mac situations, for instance, with out incurring a cost for the CodeArtifact information switch. As regular, the pricing web page has the main points.

CodeArtifact for Swift packages is accessible in all 13 Areas the place CodeArtifact is accessible.

Now go construct your Swift functions and add your non-public packages to CodeArtifact!

— seb

PS : Are you aware you’ll be able to write Lambda capabilities within the Swift programming language? Examine the fast begin information or observe this 35-minute tutorial.