How to configure Azure DevOps to access a private package via GIT+SSH hosted in Amazon AWS CodeCommit

Scenario: you have a frontend SPA (Angular, React, Vue, etc) that uses a private package from Amazon AWS CodeCommit (or similar git repo).
The package is specified in package.json as:
"your-private-package": "git+ssh://"


First we need to setup our user in Amazon CodeCommit, please follow the official guide:
– for Windows:
– for Linux, macOS, or Unix:

In short:
1) Create your public and private key for Git
2) Upload your SSH public key in CodeCommit
3) Update/Create the file .ssh/config with the CodeCommit related settings (as the User and IdentityFile)
4) Make sure the CodeCommit host you want to connect to is included in .ssh/known_hosts
5) Test the connection to the CodeCommit repo
6) Make sure your build works locally

You should then have your .ssh folder looking like this:

And the “AWS CodeCommit credentials” looking like this:

Azure DevOps Pipeline

Now we can setup our pipeline in Azure DevOps to build the SPA as usual.
The package will require a valid SSH authentication to be able to run with success npm install.
Hence we need to add – before npm install – our SSH user auth configuration.

1) Add an extra task “Install SSH key” from the “Add task” menu.
2) Find the “Known Hosts entry” from your .ssh/known_hosts file.
NB. Copy the full line, not only the hash (ex. ssh-rsa AAAAB3...YDT)
3) Create a “Pipeline variable” (es. yourname_pub) and set his type as “Private” (you must have the “lock” icon)

4) Add the “SSH Public Key” using the “Link” functionality, specify your pipeline variable name using the $() variable notation, ex. $(yourname_pub)
5) Add the private SSH Key using the “Link” functionality (basically upload the file and follow the wizard)
6) In the “Advanced” section, fill out the settings based on your .ssh/config file:
a. Alias: just a name, it’s not important
b. Host name: the host you need to connect to
c. User: the “User” you have in your file.
Basically it’s the “SSH Key ID” that CodeCommit generated for you when you uploaded your SSH key.

The final configuration should look like this:

Now you just need to Save the pipeline and Run it.

NB. The same configuration should work for other repository, like Github.

Let me know if you found this guide helpful!

Add a Comment

Your email address will not be published.