In this demonstration, I’ll use CodeBuild to build a Docker image from a Dockerfile and a buildspec file. I’ve already created a CodeCommit repository that contains both of these files. If I click on the CodeCommit repo, and then click on Dockerfile, you can see the instructions of how I want the docker image built. For this image, we need to install git, get a hello world package from the Go sample github repository, then build the package and store the output. The expected output simply shows very simple text saying hello. 

If I go back and click on the buildspec file, I can see I’m logging into ECR to get permissions in the pre-build phase, then in the build phase I’m running the docker build command and the docker tag command. Finally, in the post-build phase, I’m running docker push to push the newly created image into my ECR repository that I’ve already created. Notice in the buildspec file, I’m using several environment variables that I’ll need to fill in for my project later, such as region, account ID, image repo name, and image tag. 

Now that all of that is done, we can move on to creating the CodeBuild project. To do this, I’ll navigate to the CodeBuild console, and then click on create project. The first thing I’ll do is give it a project name - in this case, I’ll call it HelloWorldBuild.  

I’m already in the CodeBuild console, so the first thing I’ll do is click create project. Here I have the option to enable build badges. Build badges make your project’s build status visible and embeddable. By clicking this, you’ll get a URL generated for your project, where you can see the project status, for example, if it’s passing, failing, in-progress, or unknown. I won’t be using this for this demo, so I’ll uncheck the box and move on. 

The first thing I’ll select is where CodeBuild can find our source code. As I already mentioned, the code is in CodeCommit in the demo-ca-repo. I’ll also specify the branch as well as the commit ID, so CodeBuild can locate the code faster. 

For our build environment, we’ll select a managed image with an Ubuntu OS, the standard runtime, and the 4.0 image. You can find the githubs for each of these images in the AWS documentation. 

We’ll leave it as the latest version, and the environment type of Linux. 

Then we’ll specify the service role for this project. Since I’m going to be building a Docker image and pushing that image to ECR, this project will need permissions to ECR. I’ve already created a policy that provides those permissions - so I’ll select “existing service role”, and then choose the correct one. 

The last thing we’ll do in this section is click on “additional configurations”. This gives us more customization options in terms of specifying a timeout for our build, compute power, and a VPC for our project to access. 

What we’ll specify here is environment variables. Since our buildspec file uses environment variables, we can go ahead and put the values of those here. For example, the buildspec file uses four main environment variables. 

1. AWS_DEFAULT_REGION. In this case, the value would be the Region that ECR and CodeBuild is created in, which is us-east-1. 

2. AWS_ACCOUNT_ID. The value would be my account ID, which I can copy from under my name up here. Then paste it in. 

3. IMAGE_TAG with a value of Latest

4. IMAGE_REPO_NAME with a value of my ECR repository name, which is ca-ecr 

From there, we can scroll down to the buildspec section. Since I’ve named my file buildspec.yml and placed it at the root of my directory, that means CodeBuild should be able to pick it up and use it without further configuration. However, if I’ve named my file anything other than buildspec.yml, then I can specify that here. 

Finally, I can specify an optional S3 bucket to write my output to. Since my buildspec is already pushing my image to ECR post-build, I can leave this as the default. I’ll also choose no logging for demo purposes. Finally, we can click create build project. 

Okay, from here, we can kick off our build by selecting “start build”. This will enable the project to provision the container used for the build environment. If I click on phase details, I can see how the build is progressing and which step it’s on and how long it will take. 

Once the full build project has completed successfully, I can then go to my terminal and see if there are any images in my ECR repository by using the command: 

aws ecr describe-images --repository-name ca--ecr

It looks like I do have an image in there. We can go ahead and pull that image using the command 

docker pull 976512818487.dkr.ecr.us-east-1.amazonaws.com/ca-ecr:Latest

And then to test it out and see our newly created image, we can pull up docker, click on images, and we can run our new image. Thankfully our output is expected, and we can see the hello text. So CodeBuild successfully built the docker image and pushed it to ECR. That’s it for this one - see you next time.