AWS CodeBuild Buildspec File Elements Examples

Hello Everyone

Welcome to CloudAffaire and this is Debjeet.

In the last blog post, we have discussed how to create an AWS CodeBuild project using AWS CLI.

https://cloudaffaire.com/how-to-create-an-aws-codebuild-build-project-using-aws-cli/

In this blog post, we will discuss different elements and syntax of a CodeBuild buildspec file.

What Is A Buildspec File In AWS CodeBuild:

A buildspec is a collection of build commands and related settings, in YAML format, that CodeBuild uses
to run a build. You can include a buildspec as part of the source code or you can define a buildspec when
you create a build project. By default, the buildspec file must be named buildspec.yml and placed in the
root of your source directory but you can override the default buildspec file name and location.

CodeBuild buildspec Elements:

 version: (required) Defines the version of your buildspec file. You can choose between version
0.1 or 0.2 (latest).
 run-as: (optional) Specifies a Linux user that runs commands in this buildspec file, the scope can
be entire buildspec file if defined at the begging or within phases blocks if defined in phases
block.
 env: (optional) Specifies the custom environemnt variables that you want to expose during your
build.
o env/shell: Specifies the supported shell for Linux or Windows operating systems. For Linux
you can use bash or /bin/sh and for Window, you can use cmd.exe or powershell.exe.
o env/variables: Specifies the actual environment variable in the form of key (variable name)
value (variable value) pair format in plain text.
o env/parameter-store: Specifies AWS provided parameter store config which you can use as
source of your environment variable.
o env/secrets-manager: Specifies AWS provided secret manager config which you can use as
source of your environment variable.
o env/exported-variables: Specifies environment variable that can be exported to post build
phase in your artifacts.
o env/git-credential-helper: Specifies if CodeBuild uses its Git credential helper to provide Git
credentials. yes if it is used.
 proxy: (optional) Used to represent settings if you run your build in an explicit proxy server.
o proxy/upload-artifacts: Set to yes if you want your build in an explicit proxy server to upload
artifacts. The default is no.
o proxy/logs: Set to yes for your build in a explicit proxy server to create CloudWatch logs. The
default is no.
 phases: (required) Represents the commands CodeBuild runs during each phase of the build.
o phases/*/run-as: Specifies a Linux user that runs commands inside the build phase.
 o phases/install: You can define all your package installation commands that are required by
your build.
 phases/install/runtime-versions: Specify the runtime version of your packages that you
want to install.
 phases/install/commands: The commands to execute to install your package.
 phases/install/finally: The commands to execute at the end of install phase.
o phases/pre_build: Represents the commands, if any, that CodeBuild runs before the build.
 phases/pre_build/commands: The commands to execute during pre-build phase.
 phases/pre_build/finally: The commands to execute at the end of pre-build phase.
o phases/build: Represents the commands, if any, that CodeBuild runs during the build.
 phases/build/commands: The commands to execute during build phase.
 phases/build/finally: The commands to execute at the end of build phase.
o phases/post_build: Represents the commands, if any, that CodeBuild runs during the post
build.
 phases/post_build/commands: The commands to execute during post-build phase.
 phases/post_build/finally: The commands to execute at the end of post-build phase.
 reports: (optional) Specifies the CodeBuild test report configuration for your build testing.
o report-group-name-or-arn: Specifies the report group that the reports are sent to.
o reports/<report-group>/files: Represents the locations that contain the raw data of test
results generated by the report.
o reports/<report-group>/file-format: Represents the report file format. If not specified,
JUNITXML is used.
o reports/<report-group>/base-directory: Represents one or more top-level directories,
relative to the original build location, that CodeBuild uses to determine where to find the
raw test files.
o reports/<report-group>/discard-paths: Specifies if the report file directories are flattened in
the output. If this contains yes, all of the test files are placed in the same output directory.
 artifacts: (optional) Represents information about where CodeBuild can find the build output
and how CodeBuild prepares it for uploading to the S3 output bucket.
o artifacts/files: Represents the locations that contain the build output artifacts in the build
environment.
o artifacts/name: Specifies a name for your build artifact.
o artifacts/discard-paths: Specifies if the build artifact directories are flattened in the output.
If this contains yes, all of the build artifacts are placed in the same output directory.
o artifacts/base-directory: Represents one or more top-level directories, relative to the
original build location, that CodeBuild uses to determine which files and subdirectories to
include in the build output artifact.
o artifacts/secondary-artifacts: Represents one or more artifact definitions as a mapping
between an artifact identifier and an artifact definition.
 cache: (optional) Represents information about where CodeBuild can prepare the files for
uploading cache to an S3 cache bucket.
o cache/paths: Represents the locations of the cache.
Hope you have enjoyed this blog post. To get more details on AWS CodeBuild, please refer below AWS
documentation

https://docs.aws.amazon.com/codebuild/index.html