Internal

• CodePipeline Concepts
• CodeBuild Concepts

Overview

CodeBuild can be integrated with CodePipeline so CodeBuild build projects can be used at the build stage of a CodePipeline release pipeline, backing a CodePipeline build action.

Integration

The integration consists in the following steps:

Create the CodeBuild Build Project

The CodeBuild build project can be created automatically as part of an CloudFormation stack, most likely the same one that creates other resources required by the CodePipeline, and the pipeline itself. A typical CloudFormation specification is shown below. Aside from typical configuration details such as image type and build environment size, the CloudFormation "AWS::CodeBuild::Project" section can be used to declare stack-specific and project-specific configuration information in the "EnvironmentVariables" section. This configuration will be injected as environment variables into the build container.

This configuration information can be inferred from the context, as is the case in Fn::ImportValue: !Sub '${AWS::Region}-BuildBucket' or ${ECRRepository}, or simply declared as parameters in the "Parameters" section of the template.

Parameters:
  ...
  CFEnvironment:
    Type: String
    Default: dev
  SvcTemplate:
    Type: String
    Default: generic-template.yaml
...
Resources:
  ...
  CodeBuildProject:
    Type: AWS::CodeBuild::Project
    Properties:
      Name: !Sub '${AWS::StackName}-build-project'
      Source:
        Type: CODEPIPELINE
        BuildSpec: 'buildspec.yml'
      Artifacts:
        Type: CODEPIPELINE
      Environment:
        Type: LINUX_CONTAINER
        ComputeType: BUILD_GENERAL1_SMALL
        Image: 'aws/codebuild/java:openjdk-8'
        PrivilegedMode: true
        EnvironmentVariables:
          - Name: TARGET_BUCKET
            Value:   Fn::ImportValue: !Sub '${AWS::Region}-BuildBucket'
          - Name: REPOSITORY_URI
            Value: !Sub ${AWS::AccountId}.dkr.ecr.${AWS::Region}.amazonaws.com/${ECRRepository}
          - Name: SVC_TEMPLATE
            Value: !Ref SvcTemplate
          - Name: ENV
            Value: !Ref CFEnvironment
      ServiceRole:
        Fn::ImportValue: !Sub '${AWS::Region}-CodeBuildServiceRole'
      TimeoutInMinutes: 20

Create the Pipeline that Delegates the Build to the CodeBuild Build Project

Resources:
  ...
  Pipeline:
    Type: AWS::CodePipeline::Pipeline
    Properties:
      Name: !Sub '${AWS::StackName}-pipeline'
      RoleArn: Fn::ImportValue: !Sub '${AWS::Region}-CodePipelineServiceRole'
      ArtifactStore:
        Type: S3
        Location: Fn::ImportValue: !Sub '${AWS::Region}-BuildBucket'
      RestartExecutionOnUpdate: true
      Stages:
        - Name: Source
          ...
        - Name: Build
          Actions:
          - Name: !Sub 'CodeBuild-driven-by-${Buildspec}'
            ActionTypeId:
              Category: Build
              Owner: AWS
              Version: '1'
              Provider: CodeBuild
            InputArtifacts:
              - Name: ContainerSrc
            OutputArtifacts:
              - Name: ContainerBuild
            Configuration:
              ProjectName: !Ref CodeBuildProject
            RunOrder: 1
        - Name: Deploy
          ...

Passing Configuration from CodePipeline to Build

Use the EnvironmentVariables section of the CodeBuild build project declaration.

Artifacts

CodeBuild action provider looks for ZIPped sources into the S3 bucket subdirectory corresponding to the "OutputArtifacts.Name" configuration value of the source action. The subdirectory is created into a directory with the same name as the pipeline physical ID. The locations can be retrieved from the build project's build information:

Example

For a complete, albeit simple example of GitHub pipeline, see:

Simple GitHub - Simulated Shell Build - Simulated Deployment Pipeline