- Get spurce code from Github, CodeCommit, CodePipeline, S3 …
- Build instructions are in buildspec.yml file
- Build logs to S3 and CloudWatch logs
- CloudWatch metrics for build statistics
- CloudWatch events to detect failed builds
- CloudWatch alarms and SNS notifications
- Create a Build Project
- Define Source for the code build, choose CodeCommit
- Choose a reference type (Branch, Git tag and Commit ID)
- Choose a Service Role (automatic)
- Can define additional configuration(timeout, queue timeout..)
- Can setup env var
- buildspec file
- Artifacts
- Logs –> CloudWatch or S3
- Click Create build project
- Click Start Build –> docker container will start…
- Check status and build duration in Build History
buildspec.yml
Check Build projects / Build project, you can see the phases and their durations
Artifacts
Environment variables and Parameter Store
–> printenv
Check AWS_REGION for eg
You can define env. Even secrets with SSM Paameter Store (SecureString with KMS key)
You must have IAM a read policy for codebuild to access SSM –> add AmazonSSMReadOnlyAccess policy to the user
Artifacts and S3
Generate output files
CodeBuild / Buid Project / Edit Artifacts