Skip to content
Branch: master
Find file History
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
..
Failed to load latest commit information.
iam-codebuild-role-policy
Jenkinsfile
README.md
buildspec.yml

README.md

Usage

  • Remember CodeBuild, S3 must reside under same region when it comes to upload artifacts.
  • Gather CodeBuild service IP range from https://ip-ranges.amazonaws.com/ip-ranges.json in case you want to allow that in RDS or any other security group to make the build process successful.
  • Create IAM group with AmazonS3FullAccess (optional), AWSCodeBuildDeveloperAccess policy attached.
  • Create IAM user with programmatic access in AWS and assign the user the above group.
  • Generate IAM user access key id and secret key. Note them down for later use.
  • Create IAM role with policies in the repository. See in #Help section.
  • If you want to use ECR docker baseimage then make sure you implement permission on specific registry for CodeBuild. Follow https://docs.aws.amazon.com/codebuild/latest/userguide/sample-ecr.html documentation.
  • Install AWS CodeBuild plugin in Jenkins.
  • Create Jenkins credential as a CodeBuild Credentials type with IAM user access key ID and secret key.
  • Use IAM role ARN in advanced section of jenkins credential and make sure that no error appears in Jenkins.
  • Keep the Jenkinsfile and buildspec.yml in the root of the project.
  • Test project build from CodeBuild or from Jenkins project build. You will get project build log directly in Jenkins!
  • Change appropriate values in policies, Jenkinsfile according to your configuration.

Help

  • You can get the AWS account ID either from console or aws cli. To get from CLI implement the following command,
aws sts get-caller-identity --output text --query 'Account'
  • Create IAM role with policies in the following way,
cd iam-codebuild-role-policy/
aws iam create-role --role-name CodeBuildServiceRole --assume-role-policy-document file://create-role.json
aws iam put-role-policy --role-name CodeBuildServiceRole --policy-name CodeBuildServiceRolePolicy --policy-document file://put-role-policy.json
You can’t perform that action at this time.