AWS-based software artifact repository CodeArtifact now supports the Swift Package Manager, in addition to Maven, NuGet, npm, pip, and others. This allows developers to store and retrieve Swift packages using Apple's official package manager just like they do when using other repositories.
You can now publish and download your Swift package dependencies from your CodeArtifact repository in the AWS Cloud. CodeArtifact SwiftPM works with existing developer tools such as Xcode, VSCode, and the Swift Package Manager command line tool.
AWS CodeArtifact is targeted to organizations that want to have strict control on what dependencies their developers can add to their projects. This may have legal or security grounds, explains AWS developer advocate Sébastien Stormacq. Indeed, using a private package repository such as AWS CodeArtifact enables ensuring all available packages meet any specific license requirements the organization wants to enforce, as well as that packages are safe and do not contain backdoors which could lead to supply-chain attacks. For example, an organization could want to make sure only a given version of a package can be used that additionally has been built in-house, security checked, and legally approved.
For developers, using AWS CodeArtifact does not imply any change in their routine workflow, but it requires a specific setup comprising three steps: getting an authentication token from CodeArtifact, getting the repository endpoint, and adding the CodeArtifact repository endpoint to the Swift Package Manager.
The first two steps are accomplished executing the following requests, explains Stormacq:
export CODEARTIFACT_AUTH_TOKEN=`aws codeartifact get-authorization-token \
--domain stormacq-test \
--domain-owner 012345678912 \
--query authorizationToken \
--output text`
export CODEARTIFACT_REPO=`aws codeartifact get-repository-endpoint \
--domain stormacq-test \
--domain-owner 012345678912 \
--format swift \
--repository MySwiftRepo \
--query repositoryEndpoint \
--output text`
Once you have the authentication token and the repository endpoint, you can either manually configure the Swift Package Manager, or run another command provided by the AWS CLI to the same effect:
aws codeartifact login \
--tool swift \
--domain stormacq-test \
--repository MySwiftRepo \
--namespace aws \
--domain-owner 012345678912
With this setup in place, you can publish packages to the repository.
Once a package is available in AWS CodeArtifact, developers must simply provide the CodeArtifact URL in their Package.swift
file, just as they do when specifying a Git endpoint to retrieve a package hosted, e.g., on GitHub.
AWS CodeArtifact requires at least Swift 5.8, which is the default toolchain on macOS 13 (Ventura) and Xcode 14. For Linux machines, the required toolchain can be downloaded from Swift.org. An important point to keep in mind is that AWS authentication token expires after 12 hours, which means you will need to set up a cron job to renew it periodically.