AWS CodeBuild

General AWS CodeBuild Concepts

AWS CodeBuild is a fully managed continuous integration (CI) service that compiles source code, runs tests, and produces software packages that are ready to deploy.

With CodeBuild, you don’t need to provision, manage, and scale your own build servers.

CodeBuild scales continuously and processes multiple builds concurrently, so your builds are not left waiting in a queue.

CodeBuild is an alternative to other build tools such as Jenkins.

CodeBuild scales continuously and processes multiple builds concurrently.

You pay based on the time it takes to complete the builds.

AWS CodeBuild runs your builds in preconfigured build environments that contain the operating system, programming language runtime, and build tools (e.g., Apache Maven, Gradle, npm) required to complete the task.

It is possible to extend capabilities by leveraging your own Docker images.

CodeBuild is integrated with KMS for encryption of build artifacts, IAM for build permissions, VPC for network security, and CloudTrail for logging API calls.

CodeBuild takes source code from GitHub, CodeCommit, CodePipleine, S3 etc.

Build instructions can be defined in the code (buildspec.yml).

Output logs can be sent to Amazon S3 & AWS CloudWatch Logs.

There are metrics to monitor CodeBuild statistics.

You can use CloudWatch alarms to detect failed builds and trigger SNS notifications.

Builds can be defined within CodePipeline or CodeBuild itself.

AWS CodeCommit and CodeBuild CI

Benefits of CodeBuild

Fully managed by AWS.

On-demand and scales seamlessly.

Pre-configured environments for many programming languages.

CodeBuild Concepts

Build project – defines how CodeBuild will run a build defines settings including:

    • Location of the source code.
    • The build environment to use.
    • The build commands to run.
    • Where to store the output of the build.

Build environment – the operating system, language runtime, and tools that CodeBuild uses for the build.

Build Specification – a YAML file that describes the collection of commands and settings for CodeBuild to run a build.

Preconfigured build environments

AWS CodeBuild provides build environments for Java, Python, Node.js, Ruby, Go, Android, .NET Core for Linux, and Docker.

Customized build environments

You can bring your own build environments to use with AWS CodeBuild, such as for the Microsoft .NET Framework.

You can package the runtime and tools for your build into a Docker image and upload it to a public Docker Hub repository or Amazon EC2 Container Registry (Amazon ECR).

When you create a new build project, you can specify the location of your Docker image, and CodeBuild will pull the image and use it as the build project configuration.

Specifying build commands

You can define the specific commands that you want AWS CodeBuild to perform, such as installing build tool packages, running unit tests, and packaging your code.

The build specification is a YAML file that lets you choose the commands to run at each phase of the build and other settings.

You can override the default buildspec file name and location.

CodeBuild helps you get started quickly with sample build specification files for common scenarios, such as builds using Apache Maven, Gradle, or npm.

The code sample shows the contents of a buildspec.yml file that is being used to build a Docker image and push it to Amazon Elastic Container Registry (ECR):

version: 0.2

phases:
install:

runtime-versions:

docker: 18

pre_build:

commands:

- echo Logging in to Amazon ECR...

- $(aws ecr get-login --no-include-email --region $AWS_DEFAULT_REGION)
build:

commands:

- echo Build started on `date`

- echo Building the Docker image...

- docker build -t $IMAGE_REPO_NAME:$IMAGE_TAG .

- docker tag $IMAGE_REPO_NAME:$IMAGE_TAG $AWS_ACCOUNT_ID.dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com/$IMAGE_REPO_NAME:$IMAGE_TAG

post_build:

commands:

- echo Build completed on `date`

- echo Pushing the Docker image...

- docker push $AWS_ACCOUNT_ID.dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com/$IMAGE_REPO_NAME:$IMAGE_TAG

Exam tip: You must have a buildspec.yml file at the root of your source code.

You can define environment variables:

  • Plaintext variables.
  • Secure secrets using the SSM Parameter store.

Phases:

  • Install: install dependencies you may need for the build.
  • Pre-build: final commands to execute before build.
  • Build: actual build commands.
  • Post build: finishing touches (e.g. zip file output).

Artifacts: these get uploaded to S3 (encrypted with KMS).

Cache: files to cache (usually dependencies) to S3 for future builds.

CodeBuild Local Build

In case you need to do deep troubleshooting beyond analyzing log files.

Can run CodeBuild locally on your computer using Docker.

Leverages the CodeBuild agent.

Scroll to Top