Class: AWS.CodeBuild
- Inherits:
-
AWS.Service
- Object
- AWS.Service
- AWS.CodeBuild
- Identifier:
- codebuild
- API Version:
- 2016-10-06
- Defined in:
- (unknown)
Overview
Constructs a service interface object. Each API operation is exposed as a function on service.
Service Description
CodeBuild is a fully managed build service in the cloud. CodeBuild compiles your source code, runs unit tests, and produces artifacts that are ready to deploy. CodeBuild eliminates the need to provision, manage, and scale your own build servers. It provides prepackaged build environments for the most popular programming languages and build tools, such as Apache Maven, Gradle, and more. You can also fully customize build environments in CodeBuild to use your own build tools. CodeBuild scales automatically to meet peak build requests. You pay only for the build time you consume. For more information about CodeBuild, see the CodeBuild User Guide.
Sending a Request Using CodeBuild
var codebuild = new AWS.CodeBuild();
codebuild.batchDeleteBuilds(params, function (err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Locking the API Version
In order to ensure that the CodeBuild object uses this specific API, you can
construct the object by passing the apiVersion
option to the constructor:
var codebuild = new AWS.CodeBuild({apiVersion: '2016-10-06'});
You can also set the API version globally in AWS.config.apiVersions
using
the codebuild service identifier:
AWS.config.apiVersions = {
codebuild: '2016-10-06',
// other service API versions
};
var codebuild = new AWS.CodeBuild();
Version:
-
2016-10-06
Constructor Summary collapse
-
new AWS.CodeBuild(options = {}) ⇒ Object
constructor
Constructs a service object.
Property Summary collapse
-
endpoint ⇒ AWS.Endpoint
readwrite
An Endpoint object representing the endpoint URL for service requests.
Properties inherited from AWS.Service
Method Summary collapse
-
batchDeleteBuilds(params = {}, callback) ⇒ AWS.Request
Deletes one or more builds.
.
-
batchGetBuildBatches(params = {}, callback) ⇒ AWS.Request
Retrieves information about one or more batch builds.
.
-
batchGetBuilds(params = {}, callback) ⇒ AWS.Request
Gets information about one or more builds.
.
-
batchGetFleets(params = {}, callback) ⇒ AWS.Request
Gets information about one or more compute fleets.
.
-
batchGetProjects(params = {}, callback) ⇒ AWS.Request
Gets information about one or more build projects.
.
-
batchGetReportGroups(params = {}, callback) ⇒ AWS.Request
Returns an array of report groups.
-
batchGetReports(params = {}, callback) ⇒ AWS.Request
Returns an array of reports.
-
createFleet(params = {}, callback) ⇒ AWS.Request
Creates a compute fleet.
.
-
createProject(params = {}, callback) ⇒ AWS.Request
Creates a build project.
.
-
createReportGroup(params = {}, callback) ⇒ AWS.Request
Creates a report group.
-
createWebhook(params = {}, callback) ⇒ AWS.Request
For an existing CodeBuild build project that has its source code stored in a GitHub or Bitbucket repository, enables CodeBuild to start rebuilding the source code every time a code change is pushed to the repository.
If you enable webhooks for an CodeBuild project, and the project is used as a build step in CodePipeline, then two identical builds are created for each commit.
-
deleteBuildBatch(params = {}, callback) ⇒ AWS.Request
Deletes a batch build.
.
-
deleteFleet(params = {}, callback) ⇒ AWS.Request
Deletes a compute fleet.
-
deleteProject(params = {}, callback) ⇒ AWS.Request
Deletes a build project.
-
deleteReport(params = {}, callback) ⇒ AWS.Request
Deletes a report.
-
deleteReportGroup(params = {}, callback) ⇒ AWS.Request
Deletes a report group.
-
deleteResourcePolicy(params = {}, callback) ⇒ AWS.Request
Deletes a resource policy that is identified by its resource ARN.
-
deleteSourceCredentials(params = {}, callback) ⇒ AWS.Request
Deletes a set of GitHub, GitHub Enterprise, or Bitbucket source credentials.
-
deleteWebhook(params = {}, callback) ⇒ AWS.Request
For an existing CodeBuild build project that has its source code stored in a GitHub or Bitbucket repository, stops CodeBuild from rebuilding the source code every time a code change is pushed to the repository.
.
-
describeCodeCoverages(params = {}, callback) ⇒ AWS.Request
Retrieves one or more code coverage reports.
.
-
describeTestCases(params = {}, callback) ⇒ AWS.Request
Returns a list of details about test cases for a report.
-
getReportGroupTrend(params = {}, callback) ⇒ AWS.Request
Analyzes and accumulates test report values for the specified test reports.
.
-
getResourcePolicy(params = {}, callback) ⇒ AWS.Request
Gets a resource policy that is identified by its resource ARN.
-
importSourceCredentials(params = {}, callback) ⇒ AWS.Request
Imports the source repository credentials for an CodeBuild project that has its source code stored in a GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket repository.
-
invalidateProjectCache(params = {}, callback) ⇒ AWS.Request
Resets the cache for a project.
.
-
listBuildBatches(params = {}, callback) ⇒ AWS.Request
Retrieves the identifiers of your build batches in the current region.
.
-
listBuildBatchesForProject(params = {}, callback) ⇒ AWS.Request
Retrieves the identifiers of the build batches for a specific project.
.
-
listBuilds(params = {}, callback) ⇒ AWS.Request
Gets a list of build IDs, with each build ID representing a single build.
.
-
listBuildsForProject(params = {}, callback) ⇒ AWS.Request
Gets a list of build identifiers for the specified build project, with each build identifier representing a single build.
.
-
listCuratedEnvironmentImages(params = {}, callback) ⇒ AWS.Request
Gets information about Docker images that are managed by CodeBuild.
.
-
listFleets(params = {}, callback) ⇒ AWS.Request
Gets a list of compute fleet names with each compute fleet name representing a single compute fleet.
.
-
listProjects(params = {}, callback) ⇒ AWS.Request
Gets a list of build project names, with each build project name representing a single build project.
.
-
listReportGroups(params = {}, callback) ⇒ AWS.Request
Gets a list ARNs for the report groups in the current Amazon Web Services account.
-
listReports(params = {}, callback) ⇒ AWS.Request
Returns a list of ARNs for the reports in the current Amazon Web Services account.
-
listReportsForReportGroup(params = {}, callback) ⇒ AWS.Request
Returns a list of ARNs for the reports that belong to a
ReportGroup
. -
listSharedProjects(params = {}, callback) ⇒ AWS.Request
Gets a list of projects that are shared with other Amazon Web Services accounts or users.
-
listSharedReportGroups(params = {}, callback) ⇒ AWS.Request
Gets a list of report groups that are shared with other Amazon Web Services accounts or users.
-
listSourceCredentials(params = {}, callback) ⇒ AWS.Request
Returns a list of
SourceCredentialsInfo
objects. -
putResourcePolicy(params = {}, callback) ⇒ AWS.Request
Stores a resource policy for the ARN of a
Project
orReportGroup
object. -
retryBuild(params = {}, callback) ⇒ AWS.Request
Restarts a build.
.
-
retryBuildBatch(params = {}, callback) ⇒ AWS.Request
Restarts a failed batch build.
-
startBuild(params = {}, callback) ⇒ AWS.Request
Starts running a build with the settings defined in the project.
-
startBuildBatch(params = {}, callback) ⇒ AWS.Request
Starts a batch build for a project.
.
-
stopBuild(params = {}, callback) ⇒ AWS.Request
Attempts to stop running a build.
.
-
stopBuildBatch(params = {}, callback) ⇒ AWS.Request
Stops a running batch build.
.
-
updateFleet(params = {}, callback) ⇒ AWS.Request
Updates a compute fleet.
.
-
updateProject(params = {}, callback) ⇒ AWS.Request
Changes the settings of a build project.
.
-
updateProjectVisibility(params = {}, callback) ⇒ AWS.Request
Changes the public visibility for a project.
-
updateReportGroup(params = {}, callback) ⇒ AWS.Request
Updates a report group.
-
updateWebhook(params = {}, callback) ⇒ AWS.Request
Updates the webhook associated with an CodeBuild build project.
Methods inherited from AWS.Service
makeRequest, makeUnauthenticatedRequest, waitFor, setupRequestListeners, defineService
Constructor Details
new AWS.CodeBuild(options = {}) ⇒ Object
Constructs a service object. This object has one method for each API operation.
Examples:
Constructing a CodeBuild object
var codebuild = new AWS.CodeBuild({apiVersion: '2016-10-06'});
Options Hash (options):
-
params
(map)
—
An optional map of parameters to bind to every request sent by this service object. For more information on bound parameters, see "Working with Services" in the Getting Started Guide.
-
endpoint
(String|AWS.Endpoint)
—
The endpoint URI to send requests to. The default endpoint is built from the configured
region
. The endpoint should be a string like'https://{service}.{region}.amazonaws.com'
or an Endpoint object. -
accessKeyId
(String)
—
your AWS access key ID.
-
secretAccessKey
(String)
—
your AWS secret access key.
-
sessionToken
(AWS.Credentials)
—
the optional AWS session token to sign requests with.
-
credentials
(AWS.Credentials)
—
the AWS credentials to sign requests with. You can either specify this object, or specify the accessKeyId and secretAccessKey options directly.
-
credentialProvider
(AWS.CredentialProviderChain)
—
the provider chain used to resolve credentials if no static
credentials
property is set. -
region
(String)
—
the region to send service requests to. See AWS.CodeBuild.region for more information.
-
maxRetries
(Integer)
—
the maximum amount of retries to attempt with a request. See AWS.CodeBuild.maxRetries for more information.
-
maxRedirects
(Integer)
—
the maximum amount of redirects to follow with a request. See AWS.CodeBuild.maxRedirects for more information.
-
sslEnabled
(Boolean)
—
whether to enable SSL for requests.
-
paramValidation
(Boolean|map)
—
whether input parameters should be validated against the operation description before sending the request. Defaults to true. Pass a map to enable any of the following specific validation features:
- min [Boolean] — Validates that a value meets the min
constraint. This is enabled by default when paramValidation is set
to
true
. - max [Boolean] — Validates that a value meets the max constraint.
- pattern [Boolean] — Validates that a string value matches a regular expression.
- enum [Boolean] — Validates that a string value matches one of the allowable enum values.
- min [Boolean] — Validates that a value meets the min
constraint. This is enabled by default when paramValidation is set
to
-
computeChecksums
(Boolean)
—
whether to compute checksums for payload bodies when the service accepts it (currently supported in S3 only)
-
convertResponseTypes
(Boolean)
—
whether types are converted when parsing response data. Currently only supported for JSON based services. Turning this off may improve performance on large response payloads. Defaults to
true
. -
correctClockSkew
(Boolean)
—
whether to apply a clock skew correction and retry requests that fail because of an skewed client clock. Defaults to
false
. -
s3ForcePathStyle
(Boolean)
—
whether to force path style URLs for S3 objects.
-
s3BucketEndpoint
(Boolean)
—
whether the provided endpoint addresses an individual bucket (false if it addresses the root API endpoint). Note that setting this configuration option requires an
endpoint
to be provided explicitly to the service constructor. -
s3DisableBodySigning
(Boolean)
—
whether S3 body signing should be disabled when using signature version
v4
. Body signing can only be disabled when using https. Defaults totrue
. -
s3UsEast1RegionalEndpoint
('legacy'|'regional')
—
when region is set to 'us-east-1', whether to send s3 request to global endpoints or 'us-east-1' regional endpoints. This config is only applicable to S3 client. Defaults to
legacy
-
s3UseArnRegion
(Boolean)
—
whether to override the request region with the region inferred from requested resource's ARN. Only available for S3 buckets Defaults to
true
-
retryDelayOptions
(map)
—
A set of options to configure the retry delay on retryable errors. Currently supported options are:
- base [Integer] — The base number of milliseconds to use in the exponential backoff for operation retries. Defaults to 100 ms for all services except DynamoDB, where it defaults to 50ms.
- customBackoff [function] — A custom function that accepts a
retry count and error and returns the amount of time to delay in
milliseconds. If the result is a non-zero negative value, no further
retry attempts will be made. The
base
option will be ignored if this option is supplied. The function is only called for retryable errors.
-
httpOptions
(map)
—
A set of options to pass to the low-level HTTP request. Currently supported options are:
- proxy [String] — the URL to proxy requests through
- agent [http.Agent, https.Agent] — the Agent object to perform
HTTP requests with. Used for connection pooling. Defaults to the global
agent (
http.globalAgent
) for non-SSL connections. Note that for SSL connections, a special Agent object is used in order to enable peer certificate verification. This feature is only available in the Node.js environment. - connectTimeout [Integer] — Sets the socket to timeout after
failing to establish a connection with the server after
connectTimeout
milliseconds. This timeout has no effect once a socket connection has been established. - timeout [Integer] — Sets the socket to timeout after timeout milliseconds of inactivity on the socket. Defaults to two minutes (120000).
- xhrAsync [Boolean] — Whether the SDK will send asynchronous HTTP requests. Used in the browser environment only. Set to false to send requests synchronously. Defaults to true (async on).
- xhrWithCredentials [Boolean] — Sets the "withCredentials" property of an XMLHttpRequest object. Used in the browser environment only. Defaults to false.
-
apiVersion
(String, Date)
—
a String in YYYY-MM-DD format (or a date) that represents the latest possible API version that can be used in all services (unless overridden by
apiVersions
). Specify 'latest' to use the latest possible version. -
apiVersions
(map<String, String|Date>)
—
a map of service identifiers (the lowercase service class name) with the API version to use when instantiating a service. Specify 'latest' for each individual that can use the latest available version.
-
logger
(#write, #log)
—
an object that responds to .write() (like a stream) or .log() (like the console object) in order to log information about requests
-
systemClockOffset
(Number)
—
an offset value in milliseconds to apply to all signing times. Use this to compensate for clock skew when your system may be out of sync with the service time. Note that this configuration option can only be applied to the global
AWS.config
object and cannot be overridden in service-specific configuration. Defaults to 0 milliseconds. -
signatureVersion
(String)
—
the signature version to sign requests with (overriding the API configuration). Possible values are: 'v2', 'v3', 'v4'.
-
signatureCache
(Boolean)
—
whether the signature to sign requests with (overriding the API configuration) is cached. Only applies to the signature version 'v4'. Defaults to
true
. -
dynamoDbCrc32
(Boolean)
—
whether to validate the CRC32 checksum of HTTP response bodies returned by DynamoDB. Default:
true
. -
useAccelerateEndpoint
(Boolean)
—
Whether to use the S3 Transfer Acceleration endpoint with the S3 service. Default:
false
. -
clientSideMonitoring
(Boolean)
—
whether to collect and publish this client's performance metrics of all its API requests.
-
endpointDiscoveryEnabled
(Boolean|undefined)
—
whether to call operations with endpoints given by service dynamically. Setting this
-
endpointCacheSize
(Number)
—
the size of the global cache storing endpoints from endpoint discovery operations. Once endpoint cache is created, updating this setting cannot change existing cache size. Defaults to 1000
-
hostPrefixEnabled
(Boolean)
—
whether to marshal request parameters to the prefix of hostname. Defaults to
true
. -
stsRegionalEndpoints
('legacy'|'regional')
—
whether to send sts request to global endpoints or regional endpoints. Defaults to 'legacy'.
-
useFipsEndpoint
(Boolean)
—
Enables FIPS compatible endpoints. Defaults to
false
. -
useDualstackEndpoint
(Boolean)
—
Enables IPv6 dualstack endpoint. Defaults to
false
.
Property Details
Method Details
batchDeleteBuilds(params = {}, callback) ⇒ AWS.Request
Deletes one or more builds.
Service Reference:
Examples:
Calling the batchDeleteBuilds operation
var params = {
ids: [ /* required */
'STRING_VALUE',
/* more items */
]
};
codebuild.batchDeleteBuilds(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
ids
— (Array<String>
)The IDs of the builds to delete.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:buildsDeleted
— (Array<String>
)The IDs of the builds that were successfully deleted.
buildsNotDeleted
— (Array<map>
)Information about any builds that could not be successfully deleted.
id
— (String
)The ID of the build that could not be successfully deleted.
statusCode
— (String
)Additional information about the build that could not be successfully deleted.
-
(AWS.Response)
—
Returns:
batchGetBuildBatches(params = {}, callback) ⇒ AWS.Request
Retrieves information about one or more batch builds.
Service Reference:
Examples:
Calling the batchGetBuildBatches operation
var params = {
ids: [ /* required */
'STRING_VALUE',
/* more items */
]
};
codebuild.batchGetBuildBatches(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
ids
— (Array<String>
)An array that contains the batch build identifiers to retrieve.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:buildBatches
— (Array<map>
)An array of
BuildBatch
objects that represent the retrieved batch builds.id
— (String
)The identifier of the batch build.
arn
— (String
)The ARN of the batch build.
startTime
— (Date
)The date and time that the batch build started.
endTime
— (Date
)The date and time that the batch build ended.
currentPhase
— (String
)The current phase of the batch build.
buildBatchStatus
— (String
)The status of the batch build.
Possible values include:"SUCCEEDED"
"FAILED"
"FAULT"
"TIMED_OUT"
"IN_PROGRESS"
"STOPPED"
sourceVersion
— (String
)The identifier of the version of the source code to be built.
resolvedSourceVersion
— (String
)The identifier of the resolved version of this batch build's source code.
-
For CodeCommit, GitHub, GitHub Enterprise, and BitBucket, the commit ID.
-
For CodePipeline, the source revision provided by CodePipeline.
-
For Amazon S3, this does not apply.
-
projectName
— (String
)The name of the batch build project.
phases
— (Array<map>
)An array of
BuildBatchPhase
objects the specify the phases of the batch build.phaseType
— (String
)The name of the batch build phase. Valid values include:
- COMBINE_ARTIFACTS
-
Build output artifacts are being combined and uploaded to the output location.
- DOWNLOAD_BATCHSPEC
-
The batch build specification is being downloaded.
- FAILED
-
One or more of the builds failed.
- IN_PROGRESS
-
The batch build is in progress.
- STOPPED
-
The batch build was stopped.
- SUBMITTED
-
The btach build has been submitted.
- SUCCEEDED
-
The batch build succeeded.
"SUBMITTED"
"DOWNLOAD_BATCHSPEC"
"IN_PROGRESS"
"COMBINE_ARTIFACTS"
"SUCCEEDED"
"FAILED"
"STOPPED"
phaseStatus
— (String
)The current status of the batch build phase. Valid values include:
- FAILED
-
The build phase failed.
- FAULT
-
The build phase faulted.
- IN_PROGRESS
-
The build phase is still in progress.
- STOPPED
-
The build phase stopped.
- SUCCEEDED
-
The build phase succeeded.
- TIMED_OUT
-
The build phase timed out.
"SUCCEEDED"
"FAILED"
"FAULT"
"TIMED_OUT"
"IN_PROGRESS"
"STOPPED"
startTime
— (Date
)When the batch build phase started, expressed in Unix time format.
endTime
— (Date
)When the batch build phase ended, expressed in Unix time format.
durationInSeconds
— (Integer
)How long, in seconds, between the starting and ending times of the batch build's phase.
contexts
— (Array<map>
)Additional information about the batch build phase. Especially to help troubleshoot a failed batch build.
statusCode
— (String
)The status code for the context of the build phase.
message
— (String
)An explanation of the build phase's context. This might include a command ID and an exit code.
source
— (map
)Information about the build input source code for the build project.
type
— required — (String
)The type of repository that contains the source code to be built. Valid values include:
-
BITBUCKET
: The source code is in a Bitbucket repository. -
CODECOMMIT
: The source code is in an CodeCommit repository. -
CODEPIPELINE
: The source code settings are specified in the source action of a pipeline in CodePipeline. -
GITHUB
: The source code is in a GitHub repository. -
GITHUB_ENTERPRISE
: The source code is in a GitHub Enterprise Server repository. -
GITLAB
: The source code is in a GitLab repository. -
GITLAB_SELF_MANAGED
: The source code is in a self-managed GitLab repository. -
NO_SOURCE
: The project does not have input source code. -
S3
: The source code is in an Amazon S3 bucket.
"CODECOMMIT"
"CODEPIPELINE"
"GITHUB"
"GITLAB"
"GITLAB_SELF_MANAGED"
"S3"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"NO_SOURCE"
-
location
— (String
)Information about the location of the source code to be built. Valid values include:
-
For source code settings that are specified in the source action of a pipeline in CodePipeline,
location
should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. -
For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example,
https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>
). -
For source code in an Amazon S3 input bucket, one of the following.
-
The path to the ZIP file that contains the source code (for example,
<bucket-name>/<path>/<object-name>.zip
). -
The path to the folder that contains the source code (for example,
<bucket-name>/<path-to-source-code>/<folder>/
).
-
-
For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
. -
For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the
auth
object'stype
value toCODECONNECTIONS
in thesource
object. -
For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
.
If you specify
CODEPIPELINE
for theType
property, don't specify this property. For all of the other types, you must specifyLocation
.-
gitCloneDepth
— (Integer
)Information about the Git clone depth for the build project.
gitSubmodulesConfig
— (map
)Information about the Git submodules configuration for the build project.
fetchSubmodules
— required — (Boolean
)Set to true to fetch Git submodules for your CodeBuild build project.
buildspec
— (String
)The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in
CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.auth
— (map
)Information about the authorization settings for CodeBuild to access the source code to be built.
type
— required — (String
)The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The resource value that applies to the specified authorization type.
reportBuildStatus
— (Boolean
)Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an
invalidInputException
is thrown.To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.
buildStatusConfig
— (map
)Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is
GITHUB
,GITHUB_ENTERPRISE
, orBITBUCKET
.context
— (String
)Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
name
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
context
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
targetUrl
— (String
)Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
url
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
target_url
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
insecureSsl
— (Boolean
)Enable this flag to ignore SSL warnings while connecting to the project source code.
sourceIdentifier
— (String
)An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
secondarySources
— (Array<map>
)An array of
ProjectSource
objects that define the sources for the batch build.type
— required — (String
)The type of repository that contains the source code to be built. Valid values include:
-
BITBUCKET
: The source code is in a Bitbucket repository. -
CODECOMMIT
: The source code is in an CodeCommit repository. -
CODEPIPELINE
: The source code settings are specified in the source action of a pipeline in CodePipeline. -
GITHUB
: The source code is in a GitHub repository. -
GITHUB_ENTERPRISE
: The source code is in a GitHub Enterprise Server repository. -
GITLAB
: The source code is in a GitLab repository. -
GITLAB_SELF_MANAGED
: The source code is in a self-managed GitLab repository. -
NO_SOURCE
: The project does not have input source code. -
S3
: The source code is in an Amazon S3 bucket.
"CODECOMMIT"
"CODEPIPELINE"
"GITHUB"
"GITLAB"
"GITLAB_SELF_MANAGED"
"S3"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"NO_SOURCE"
-
location
— (String
)Information about the location of the source code to be built. Valid values include:
-
For source code settings that are specified in the source action of a pipeline in CodePipeline,
location
should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. -
For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example,
https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>
). -
For source code in an Amazon S3 input bucket, one of the following.
-
The path to the ZIP file that contains the source code (for example,
<bucket-name>/<path>/<object-name>.zip
). -
The path to the folder that contains the source code (for example,
<bucket-name>/<path-to-source-code>/<folder>/
).
-
-
For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
. -
For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the
auth
object'stype
value toCODECONNECTIONS
in thesource
object. -
For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
.
If you specify
CODEPIPELINE
for theType
property, don't specify this property. For all of the other types, you must specifyLocation
.-
gitCloneDepth
— (Integer
)Information about the Git clone depth for the build project.
gitSubmodulesConfig
— (map
)Information about the Git submodules configuration for the build project.
fetchSubmodules
— required — (Boolean
)Set to true to fetch Git submodules for your CodeBuild build project.
buildspec
— (String
)The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in
CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.auth
— (map
)Information about the authorization settings for CodeBuild to access the source code to be built.
type
— required — (String
)The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The resource value that applies to the specified authorization type.
reportBuildStatus
— (Boolean
)Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an
invalidInputException
is thrown.To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.
buildStatusConfig
— (map
)Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is
GITHUB
,GITHUB_ENTERPRISE
, orBITBUCKET
.context
— (String
)Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
name
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
context
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
targetUrl
— (String
)Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
url
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
target_url
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
insecureSsl
— (Boolean
)Enable this flag to ignore SSL warnings while connecting to the project source code.
sourceIdentifier
— (String
)An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
secondarySourceVersions
— (Array<map>
)An array of
ProjectSourceVersion
objects. EachProjectSourceVersion
must be one of:-
For CodeCommit: the commit ID, branch, or Git tag to use.
-
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for example,pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. -
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
-
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
sourceIdentifier
— required — (String
)An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
sourceVersion
— required — (String
)The source version for the corresponding source identifier. If specified, must be one of:
-
For CodeCommit: the commit ID, branch, or Git tag to use.
-
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for example,pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. -
For GitLab: the commit ID, branch, or Git tag to use.
-
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
-
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
-
-
artifacts
— (map
)A
BuildArtifacts
object the defines the build artifacts for this batch build.location
— (String
)Information about the location of the build artifacts.
sha256sum
— (String
)The SHA-256 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.md5sum
— (String
)The MD5 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.overrideArtifactName
— (Boolean
)If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.
encryptionDisabled
— (Boolean
)Information that tells you if encryption for build artifacts is disabled.
artifactIdentifier
— (String
)An identifier for this artifact definition.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
secondaryArtifacts
— (Array<map>
)An array of
BuildArtifacts
objects the define the build artifacts for this batch build.location
— (String
)Information about the location of the build artifacts.
sha256sum
— (String
)The SHA-256 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.md5sum
— (String
)The MD5 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.overrideArtifactName
— (Boolean
)If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.
encryptionDisabled
— (Boolean
)Information that tells you if encryption for build artifacts is disabled.
artifactIdentifier
— (String
)An identifier for this artifact definition.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
cache
— (map
)Information about the cache for the build project.
type
— required — (String
)The type of cache used by the build project. Valid values include:
-
NO_CACHE
: The build project does not use any cache. -
S3
: The build project reads and writes from and to S3. -
LOCAL
: The build project stores a cache locally on a build host that is only available to that build host.
"NO_CACHE"
"S3"
"LOCAL"
-
location
— (String
)Information about the cache location:
-
NO_CACHE
orLOCAL
: This value is ignored. -
S3
: This is the S3 bucket name/prefix.
-
modes
— (Array<String>
)An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for
LOCAL
cache types.Possible values are:
- LOCAL_SOURCE_CACHE
-
Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.
- LOCAL_DOCKER_LAYER_CACHE
-
Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.
Note:- You can use a Docker layer cache in the Linux environment only.
- The
privileged
flag must be set so that your project has the required Docker permissions. - You should consider the security implications before you use a Docker layer cache.
- LOCAL_CUSTOM_CACHE
-
Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:
-
Only directories can be specified for caching. You cannot specify individual files.
-
Symlinks are used to reference cached directories.
-
Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.
-
environment
— (map
)Information about the build environment of the build project.
type
— required — (String
)The type of build environment to use for related builds.
-
The environment type
ARM_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and EU (Frankfurt). -
The environment type
LINUX_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia). -
The environment type
LINUX_GPU_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) , China (Beijing), and China (Ningxia).
-
The environment types
ARM_LAMBDA_CONTAINER
andLINUX_LAMBDA_CONTAINER
are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Frankfurt), EU (Ireland), and South America (São Paulo).
-
The environment types
WINDOWS_CONTAINER
andWINDOWS_SERVER_2019_CONTAINER
are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and EU (Ireland).
Note: If you're using compute fleets during project creation,type
will be ignored.For more information, see Build environment compute types in the CodeBuild user guide.
Possible values include:"WINDOWS_CONTAINER"
"LINUX_CONTAINER"
"LINUX_GPU_CONTAINER"
"ARM_CONTAINER"
"WINDOWS_SERVER_2019_CONTAINER"
"LINUX_LAMBDA_CONTAINER"
"ARM_LAMBDA_CONTAINER"
"MAC_ARM"
-
image
— required — (String
)The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:
-
For an image tag:
<registry>/<repository>:<tag>
. For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would beaws/codebuild/standard:4.0
. -
For an image digest:
<registry>/<repository>@<digest>
. For example, to specify an image with the digest "sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use<registry>/<repository>@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf
.
For more information, see Docker images provided by CodeBuild in the CodeBuild user guide.
-
computeType
— required — (String
)Information about the compute resources the build project uses. Available values include:
-
BUILD_GENERAL1_SMALL
: Use up to 3 GB memory and 2 vCPUs for builds. -
BUILD_GENERAL1_MEDIUM
: Use up to 7 GB memory and 4 vCPUs for builds. -
BUILD_GENERAL1_LARGE
: Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_XLARGE
: Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_2XLARGE
: Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. -
BUILD_LAMBDA_1GB
: Use up to 1 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_2GB
: Use up to 2 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_4GB
: Use up to 4 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_8GB
: Use up to 8 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_10GB
: Use up to 10 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
.
If you use
BUILD_GENERAL1_SMALL
:-
For environment type
LINUX_CONTAINER
, you can use up to 3 GB memory and 2 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 16 GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. -
For environment type
ARM_CONTAINER
, you can use up to 4 GB memory and 2 vCPUs on ARM-based processors for builds.
If you use
BUILD_GENERAL1_LARGE
:-
For environment type
LINUX_CONTAINER
, you can use up to 15 GB memory and 8 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. -
For environment type
ARM_CONTAINER
, you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.
Note: If you're using compute fleets during project creation,computeType
will be ignored.For more information, see Build Environment Compute Types in the CodeBuild User Guide.
Possible values include:"BUILD_GENERAL1_SMALL"
"BUILD_GENERAL1_MEDIUM"
"BUILD_GENERAL1_LARGE"
"BUILD_GENERAL1_XLARGE"
"BUILD_GENERAL1_2XLARGE"
"BUILD_LAMBDA_1GB"
"BUILD_LAMBDA_2GB"
"BUILD_LAMBDA_4GB"
"BUILD_LAMBDA_8GB"
"BUILD_LAMBDA_10GB"
-
fleet
— (map
)A ProjectFleet object to use for this build project.
fleetArn
— (String
)Specifies the compute fleet ARN for the build project.
environmentVariables
— (Array<map>
)A set of environment variables to make available to builds for this build project.
name
— required — (String
)The name or key of the environment variable.
value
— required — (String
)The value of the environment variable.
We strongly discourage the use of
PLAINTEXT
environment variables to store sensitive values, especially Amazon Web Services secret key IDs.PLAINTEXT
environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of typePARAMETER_STORE
orSECRETS_MANAGER
.type
— (String
)The type of environment variable. Valid values include:
-
PARAMETER_STORE
: An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as thevalue
of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the CodeBuild User Guide. -
PLAINTEXT
: An environment variable in plain text format. This is the default value. -
SECRETS_MANAGER
: An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as thevalue
of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the CodeBuild User Guide.
"PLAINTEXT"
"PARAMETER_STORE"
"SECRETS_MANAGER"
-
privilegedMode
— (Boolean
)Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is
false
.You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:
If the operating system's base image is Ubuntu Linux:
- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&
- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"
If the operating system's base image is Alpine Linux and the previous command does not work, add the
-t
argument totimeout
:- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&
- timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"
certificate
— (String
)The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the CodeBuild User Guide.
registryCredential
— (map
)The credentials for access to a private registry.
credential
— required — (String
)The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager.
Note: Thecredential
can use the name of the credentials only if they exist in your current Amazon Web Services Region.credentialProvider
— required — (String
)The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager.
Possible values include:"SECRETS_MANAGER"
imagePullCredentialsType
— (String
)The type of credentials CodeBuild uses to pull images in your build. There are two valid values:
-
CODEBUILD
specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal. -
SERVICE_ROLE
specifies that CodeBuild uses your build project's service role.
When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials.
Possible values include:"CODEBUILD"
"SERVICE_ROLE"
-
serviceRole
— (String
)The name of a service role used for builds in the batch.
logConfig
— (map
)Information about logs for a build project. These can be logs in CloudWatch Logs, built in a specified S3 bucket, or both.
cloudWatchLogs
— (map
)Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default.
status
— required — (String
)The current status of the logs in CloudWatch Logs for a build project. Valid values are:
-
ENABLED
: CloudWatch Logs are enabled for this build project. -
DISABLED
: CloudWatch Logs are not enabled for this build project.
"ENABLED"
"DISABLED"
-
groupName
— (String
)The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
streamName
— (String
)The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
s3Logs
— (map
)Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default.
status
— required — (String
)The current status of the S3 build logs. Valid values are:
-
ENABLED
: S3 build logs are enabled for this build project. -
DISABLED
: S3 build logs are not enabled for this build project.
"ENABLED"
"DISABLED"
-
location
— (String
)The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is
my-bucket
, and your path prefix isbuild-log
, then acceptable formats aremy-bucket/build-log
orarn:aws:s3:::my-bucket/build-log
.encryptionDisabled
— (Boolean
)Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
buildTimeoutInMinutes
— (Integer
)Specifies the maximum amount of time, in minutes, that the build in a batch must be completed in.
queuedTimeoutInMinutes
— (Integer
)Specifies the amount of time, in minutes, that the batch build is allowed to be queued before it times out.
complete
— (Boolean
)Indicates if the batch build is complete.
initiator
— (String
)The entity that started the batch build. Valid values include:
-
If CodePipeline started the build, the pipeline's name (for example,
codepipeline/my-demo-pipeline
). -
If a user started the build, the user's name.
-
If the Jenkins plugin for CodeBuild started the build, the string
CodeBuild-Jenkins-Plugin
.
-
vpcConfig
— (map
)Information about the VPC configuration that CodeBuild accesses.
vpcId
— (String
)The ID of the Amazon VPC.
subnets
— (Array<String>
)A list of one or more subnet IDs in your Amazon VPC.
securityGroupIds
— (Array<String>
)A list of one or more security groups IDs in your Amazon VPC.
encryptionKey
— (String
)The Key Management Service customer master key (CMK) to be used for encrypting the batch build output artifacts.
Note: You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format
alias/<alias-name>
).buildBatchNumber
— (Integer
)The number of the batch build. For each project, the
buildBatchNumber
of its first batch build is1
. ThebuildBatchNumber
of each subsequent batch build is incremented by1
. If a batch build is deleted, thebuildBatchNumber
of other batch builds does not change.fileSystemLocations
— (Array<map>
)An array of
ProjectFileSystemLocation
objects for the batch build project. AProjectFileSystemLocation
object specifies theidentifier
,location
,mountOptions
,mountPoint
, andtype
of a file system created using Amazon Elastic File System.type
— (String
)The type of the file system. The one supported type is
Possible values include:EFS
."EFS"
location
— (String
)A string that specifies the location of the file system created by Amazon EFS. Its format is
efs-dns-name:/directory-path
. You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system isfs-abcd1234.efs.us-west-2.amazonaws.com
, and its mount directory ismy-efs-mount-directory
, then thelocation
isfs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory
.The directory path in the format
efs-dns-name:/directory-path
is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.mountPoint
— (String
)The location in the container where you mount the file system.
identifier
— (String
)The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the
identifier
in all capital letters toCODEBUILD_
. For example, if you specifymy_efs
foridentifier
, a new environment variable is create namedCODEBUILD_MY_EFS
.The
identifier
is used to mount your file system.mountOptions
— (String
)The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are
nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2
. For more information, see Recommended NFS Mount Options.
buildBatchConfig
— (map
)Contains configuration information about a batch build project.
serviceRole
— (String
)Specifies the service role ARN for the batch build project.
combineArtifacts
— (Boolean
)Specifies if the build artifacts for the batch build should be combined into a single artifact location.
restrictions
— (map
)A
BatchRestrictions
object that specifies the restrictions for the batch build.maximumBuildsAllowed
— (Integer
)Specifies the maximum number of builds allowed.
computeTypesAllowed
— (Array<String>
)An array of strings that specify the compute types that are allowed for the batch build. See Build environment compute types in the CodeBuild User Guide for these values.
timeoutInMins
— (Integer
)Specifies the maximum amount of time, in minutes, that the batch build must be completed in.
batchReportMode
— (String
)Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider.
- REPORT_AGGREGATED_BATCH
-
(Default) Aggregate all of the build statuses into a single status report.
- REPORT_INDIVIDUAL_BUILDS
-
Send a separate status report for each individual build.
"REPORT_INDIVIDUAL_BUILDS"
"REPORT_AGGREGATED_BATCH"
buildGroups
— (Array<map>
)An array of
BuildGroup
objects that define the build groups for the batch build.identifier
— (String
)Contains the identifier of the build group.
dependsOn
— (Array<String>
)An array of strings that contain the identifiers of the build groups that this build group depends on.
ignoreFailure
— (Boolean
)Specifies if failures in this build group can be ignored.
currentBuildSummary
— (map
)A
BuildSummary
object that contains a summary of the current build group.arn
— (String
)The batch build ARN.
requestedOn
— (Date
)When the build was started, expressed in Unix time format.
buildStatus
— (String
)The status of the build group.
- FAILED
-
The build group failed.
- FAULT
-
The build group faulted.
- IN_PROGRESS
-
The build group is still in progress.
- STOPPED
-
The build group stopped.
- SUCCEEDED
-
The build group succeeded.
- TIMED_OUT
-
The build group timed out.
"SUCCEEDED"
"FAILED"
"FAULT"
"TIMED_OUT"
"IN_PROGRESS"
"STOPPED"
primaryArtifact
— (map
)A
ResolvedArtifact
object that represents the primary build artifacts for the build group.type
— (String
)Specifies the type of artifact.
Possible values include:"CODEPIPELINE"
"S3"
"NO_ARTIFACTS"
location
— (String
)The location of the artifact.
identifier
— (String
)The identifier of the artifact.
secondaryArtifacts
— (Array<map>
)An array of
ResolvedArtifact
objects that represents the secondary build artifacts for the build group.type
— (String
)Specifies the type of artifact.
Possible values include:"CODEPIPELINE"
"S3"
"NO_ARTIFACTS"
location
— (String
)The location of the artifact.
identifier
— (String
)The identifier of the artifact.
priorBuildSummaryList
— (Array<map>
)An array of
BuildSummary
objects that contain summaries of previous build groups.arn
— (String
)The batch build ARN.
requestedOn
— (Date
)When the build was started, expressed in Unix time format.
buildStatus
— (String
)The status of the build group.
- FAILED
-
The build group failed.
- FAULT
-
The build group faulted.
- IN_PROGRESS
-
The build group is still in progress.
- STOPPED
-
The build group stopped.
- SUCCEEDED
-
The build group succeeded.
- TIMED_OUT
-
The build group timed out.
"SUCCEEDED"
"FAILED"
"FAULT"
"TIMED_OUT"
"IN_PROGRESS"
"STOPPED"
primaryArtifact
— (map
)A
ResolvedArtifact
object that represents the primary build artifacts for the build group.type
— (String
)Specifies the type of artifact.
Possible values include:"CODEPIPELINE"
"S3"
"NO_ARTIFACTS"
location
— (String
)The location of the artifact.
identifier
— (String
)The identifier of the artifact.
secondaryArtifacts
— (Array<map>
)An array of
ResolvedArtifact
objects that represents the secondary build artifacts for the build group.type
— (String
)Specifies the type of artifact.
Possible values include:"CODEPIPELINE"
"S3"
"NO_ARTIFACTS"
location
— (String
)The location of the artifact.
identifier
— (String
)The identifier of the artifact.
debugSessionEnabled
— (Boolean
)Specifies if session debugging is enabled for this batch build. For more information, see Viewing a running build in Session Manager. Batch session debugging is not supported for matrix batch builds.
buildBatchesNotFound
— (Array<String>
)An array that contains the identifiers of any batch builds that are not found.
-
(AWS.Response)
—
Returns:
batchGetBuilds(params = {}, callback) ⇒ AWS.Request
Gets information about one or more builds.
Service Reference:
Examples:
Calling the batchGetBuilds operation
var params = {
ids: [ /* required */
'STRING_VALUE',
/* more items */
]
};
codebuild.batchGetBuilds(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
ids
— (Array<String>
)The IDs of the builds.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:builds
— (Array<map>
)Information about the requested builds.
id
— (String
)The unique ID for the build.
arn
— (String
)The Amazon Resource Name (ARN) of the build.
buildNumber
— (Integer
)The number of the build. For each project, the
buildNumber
of its first build is1
. ThebuildNumber
of each subsequent build is incremented by1
. If a build is deleted, thebuildNumber
of other builds does not change.startTime
— (Date
)When the build process started, expressed in Unix time format.
endTime
— (Date
)When the build process ended, expressed in Unix time format.
currentPhase
— (String
)The current build phase.
buildStatus
— (String
)The current status of the build. Valid values include:
-
FAILED
: The build failed. -
FAULT
: The build faulted. -
IN_PROGRESS
: The build is still in progress. -
STOPPED
: The build stopped. -
SUCCEEDED
: The build succeeded. -
TIMED_OUT
: The build timed out.
"SUCCEEDED"
"FAILED"
"FAULT"
"TIMED_OUT"
"IN_PROGRESS"
"STOPPED"
-
sourceVersion
— (String
)Any version identifier for the version of the source code to be built. If
sourceVersion
is specified at the project level, then thissourceVersion
(at the build level) takes precedence.For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
resolvedSourceVersion
— (String
)An identifier for the version of this build's source code.
-
For CodeCommit, GitHub, GitHub Enterprise, and BitBucket, the commit ID.
-
For CodePipeline, the source revision provided by CodePipeline.
-
For Amazon S3, this does not apply.
-
projectName
— (String
)The name of the CodeBuild project.
phases
— (Array<map>
)Information about all previous build phases that are complete and information about any current build phase that is not yet complete.
phaseType
— (String
)The name of the build phase. Valid values include:
- BUILD
-
Core build activities typically occur in this build phase.
- COMPLETED
-
The build has been completed.
- DOWNLOAD_SOURCE
-
Source code is being downloaded in this build phase.
- FINALIZING
-
The build process is completing in this build phase.
- INSTALL
-
Installation activities typically occur in this build phase.
- POST_BUILD
-
Post-build activities typically occur in this build phase.
- PRE_BUILD
-
Pre-build activities typically occur in this build phase.
- PROVISIONING
-
The build environment is being set up.
- QUEUED
-
The build has been submitted and is queued behind other submitted builds.
- SUBMITTED
-
The build has been submitted.
- UPLOAD_ARTIFACTS
-
Build output artifacts are being uploaded to the output location.
"SUBMITTED"
"QUEUED"
"PROVISIONING"
"DOWNLOAD_SOURCE"
"INSTALL"
"PRE_BUILD"
"BUILD"
"POST_BUILD"
"UPLOAD_ARTIFACTS"
"FINALIZING"
"COMPLETED"
phaseStatus
— (String
)The current status of the build phase. Valid values include:
- FAILED
-
The build phase failed.
- FAULT
-
The build phase faulted.
- IN_PROGRESS
-
The build phase is still in progress.
- STOPPED
-
The build phase stopped.
- SUCCEEDED
-
The build phase succeeded.
- TIMED_OUT
-
The build phase timed out.
"SUCCEEDED"
"FAILED"
"FAULT"
"TIMED_OUT"
"IN_PROGRESS"
"STOPPED"
startTime
— (Date
)When the build phase started, expressed in Unix time format.
endTime
— (Date
)When the build phase ended, expressed in Unix time format.
durationInSeconds
— (Integer
)How long, in seconds, between the starting and ending times of the build's phase.
contexts
— (Array<map>
)Additional information about a build phase, especially to help troubleshoot a failed build.
statusCode
— (String
)The status code for the context of the build phase.
message
— (String
)An explanation of the build phase's context. This might include a command ID and an exit code.
source
— (map
)Information about the source code to be built.
type
— required — (String
)The type of repository that contains the source code to be built. Valid values include:
-
BITBUCKET
: The source code is in a Bitbucket repository. -
CODECOMMIT
: The source code is in an CodeCommit repository. -
CODEPIPELINE
: The source code settings are specified in the source action of a pipeline in CodePipeline. -
GITHUB
: The source code is in a GitHub repository. -
GITHUB_ENTERPRISE
: The source code is in a GitHub Enterprise Server repository. -
GITLAB
: The source code is in a GitLab repository. -
GITLAB_SELF_MANAGED
: The source code is in a self-managed GitLab repository. -
NO_SOURCE
: The project does not have input source code. -
S3
: The source code is in an Amazon S3 bucket.
"CODECOMMIT"
"CODEPIPELINE"
"GITHUB"
"GITLAB"
"GITLAB_SELF_MANAGED"
"S3"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"NO_SOURCE"
-
location
— (String
)Information about the location of the source code to be built. Valid values include:
-
For source code settings that are specified in the source action of a pipeline in CodePipeline,
location
should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. -
For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example,
https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>
). -
For source code in an Amazon S3 input bucket, one of the following.
-
The path to the ZIP file that contains the source code (for example,
<bucket-name>/<path>/<object-name>.zip
). -
The path to the folder that contains the source code (for example,
<bucket-name>/<path-to-source-code>/<folder>/
).
-
-
For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
. -
For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the
auth
object'stype
value toCODECONNECTIONS
in thesource
object. -
For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
.
If you specify
CODEPIPELINE
for theType
property, don't specify this property. For all of the other types, you must specifyLocation
.-
gitCloneDepth
— (Integer
)Information about the Git clone depth for the build project.
gitSubmodulesConfig
— (map
)Information about the Git submodules configuration for the build project.
fetchSubmodules
— required — (Boolean
)Set to true to fetch Git submodules for your CodeBuild build project.
buildspec
— (String
)The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in
CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.auth
— (map
)Information about the authorization settings for CodeBuild to access the source code to be built.
type
— required — (String
)The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The resource value that applies to the specified authorization type.
reportBuildStatus
— (Boolean
)Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an
invalidInputException
is thrown.To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.
buildStatusConfig
— (map
)Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is
GITHUB
,GITHUB_ENTERPRISE
, orBITBUCKET
.context
— (String
)Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
name
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
context
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
targetUrl
— (String
)Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
url
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
target_url
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
insecureSsl
— (Boolean
)Enable this flag to ignore SSL warnings while connecting to the project source code.
sourceIdentifier
— (String
)An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
secondarySources
— (Array<map>
)An array of
ProjectSource
objects.type
— required — (String
)The type of repository that contains the source code to be built. Valid values include:
-
BITBUCKET
: The source code is in a Bitbucket repository. -
CODECOMMIT
: The source code is in an CodeCommit repository. -
CODEPIPELINE
: The source code settings are specified in the source action of a pipeline in CodePipeline. -
GITHUB
: The source code is in a GitHub repository. -
GITHUB_ENTERPRISE
: The source code is in a GitHub Enterprise Server repository. -
GITLAB
: The source code is in a GitLab repository. -
GITLAB_SELF_MANAGED
: The source code is in a self-managed GitLab repository. -
NO_SOURCE
: The project does not have input source code. -
S3
: The source code is in an Amazon S3 bucket.
"CODECOMMIT"
"CODEPIPELINE"
"GITHUB"
"GITLAB"
"GITLAB_SELF_MANAGED"
"S3"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"NO_SOURCE"
-
location
— (String
)Information about the location of the source code to be built. Valid values include:
-
For source code settings that are specified in the source action of a pipeline in CodePipeline,
location
should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. -
For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example,
https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>
). -
For source code in an Amazon S3 input bucket, one of the following.
-
The path to the ZIP file that contains the source code (for example,
<bucket-name>/<path>/<object-name>.zip
). -
The path to the folder that contains the source code (for example,
<bucket-name>/<path-to-source-code>/<folder>/
).
-
-
For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
. -
For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the
auth
object'stype
value toCODECONNECTIONS
in thesource
object. -
For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
.
If you specify
CODEPIPELINE
for theType
property, don't specify this property. For all of the other types, you must specifyLocation
.-
gitCloneDepth
— (Integer
)Information about the Git clone depth for the build project.
gitSubmodulesConfig
— (map
)Information about the Git submodules configuration for the build project.
fetchSubmodules
— required — (Boolean
)Set to true to fetch Git submodules for your CodeBuild build project.
buildspec
— (String
)The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in
CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.auth
— (map
)Information about the authorization settings for CodeBuild to access the source code to be built.
type
— required — (String
)The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The resource value that applies to the specified authorization type.
reportBuildStatus
— (Boolean
)Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an
invalidInputException
is thrown.To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.
buildStatusConfig
— (map
)Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is
GITHUB
,GITHUB_ENTERPRISE
, orBITBUCKET
.context
— (String
)Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
name
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
context
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
targetUrl
— (String
)Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
url
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
target_url
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
insecureSsl
— (Boolean
)Enable this flag to ignore SSL warnings while connecting to the project source code.
sourceIdentifier
— (String
)An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
secondarySourceVersions
— (Array<map>
)An array of
ProjectSourceVersion
objects. EachProjectSourceVersion
must be one of:-
For CodeCommit: the commit ID, branch, or Git tag to use.
-
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for example,pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. -
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
-
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
sourceIdentifier
— required — (String
)An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
sourceVersion
— required — (String
)The source version for the corresponding source identifier. If specified, must be one of:
-
For CodeCommit: the commit ID, branch, or Git tag to use.
-
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for example,pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. -
For GitLab: the commit ID, branch, or Git tag to use.
-
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
-
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
-
-
artifacts
— (map
)Information about the output artifacts for the build.
location
— (String
)Information about the location of the build artifacts.
sha256sum
— (String
)The SHA-256 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.md5sum
— (String
)The MD5 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.overrideArtifactName
— (Boolean
)If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.
encryptionDisabled
— (Boolean
)Information that tells you if encryption for build artifacts is disabled.
artifactIdentifier
— (String
)An identifier for this artifact definition.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
secondaryArtifacts
— (Array<map>
)An array of
ProjectArtifacts
objects.location
— (String
)Information about the location of the build artifacts.
sha256sum
— (String
)The SHA-256 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.md5sum
— (String
)The MD5 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.overrideArtifactName
— (Boolean
)If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.
encryptionDisabled
— (Boolean
)Information that tells you if encryption for build artifacts is disabled.
artifactIdentifier
— (String
)An identifier for this artifact definition.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
cache
— (map
)Information about the cache for the build.
type
— required — (String
)The type of cache used by the build project. Valid values include:
-
NO_CACHE
: The build project does not use any cache. -
S3
: The build project reads and writes from and to S3. -
LOCAL
: The build project stores a cache locally on a build host that is only available to that build host.
"NO_CACHE"
"S3"
"LOCAL"
-
location
— (String
)Information about the cache location:
-
NO_CACHE
orLOCAL
: This value is ignored. -
S3
: This is the S3 bucket name/prefix.
-
modes
— (Array<String>
)An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for
LOCAL
cache types.Possible values are:
- LOCAL_SOURCE_CACHE
-
Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.
- LOCAL_DOCKER_LAYER_CACHE
-
Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.
Note:- You can use a Docker layer cache in the Linux environment only.
- The
privileged
flag must be set so that your project has the required Docker permissions. - You should consider the security implications before you use a Docker layer cache.
- LOCAL_CUSTOM_CACHE
-
Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:
-
Only directories can be specified for caching. You cannot specify individual files.
-
Symlinks are used to reference cached directories.
-
Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.
-
environment
— (map
)Information about the build environment for this build.
type
— required — (String
)The type of build environment to use for related builds.
-
The environment type
ARM_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and EU (Frankfurt). -
The environment type
LINUX_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia). -
The environment type
LINUX_GPU_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) , China (Beijing), and China (Ningxia).
-
The environment types
ARM_LAMBDA_CONTAINER
andLINUX_LAMBDA_CONTAINER
are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Frankfurt), EU (Ireland), and South America (São Paulo).
-
The environment types
WINDOWS_CONTAINER
andWINDOWS_SERVER_2019_CONTAINER
are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and EU (Ireland).
Note: If you're using compute fleets during project creation,type
will be ignored.For more information, see Build environment compute types in the CodeBuild user guide.
Possible values include:"WINDOWS_CONTAINER"
"LINUX_CONTAINER"
"LINUX_GPU_CONTAINER"
"ARM_CONTAINER"
"WINDOWS_SERVER_2019_CONTAINER"
"LINUX_LAMBDA_CONTAINER"
"ARM_LAMBDA_CONTAINER"
"MAC_ARM"
-
image
— required — (String
)The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:
-
For an image tag:
<registry>/<repository>:<tag>
. For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would beaws/codebuild/standard:4.0
. -
For an image digest:
<registry>/<repository>@<digest>
. For example, to specify an image with the digest "sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use<registry>/<repository>@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf
.
For more information, see Docker images provided by CodeBuild in the CodeBuild user guide.
-
computeType
— required — (String
)Information about the compute resources the build project uses. Available values include:
-
BUILD_GENERAL1_SMALL
: Use up to 3 GB memory and 2 vCPUs for builds. -
BUILD_GENERAL1_MEDIUM
: Use up to 7 GB memory and 4 vCPUs for builds. -
BUILD_GENERAL1_LARGE
: Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_XLARGE
: Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_2XLARGE
: Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. -
BUILD_LAMBDA_1GB
: Use up to 1 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_2GB
: Use up to 2 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_4GB
: Use up to 4 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_8GB
: Use up to 8 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_10GB
: Use up to 10 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
.
If you use
BUILD_GENERAL1_SMALL
:-
For environment type
LINUX_CONTAINER
, you can use up to 3 GB memory and 2 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 16 GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. -
For environment type
ARM_CONTAINER
, you can use up to 4 GB memory and 2 vCPUs on ARM-based processors for builds.
If you use
BUILD_GENERAL1_LARGE
:-
For environment type
LINUX_CONTAINER
, you can use up to 15 GB memory and 8 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. -
For environment type
ARM_CONTAINER
, you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.
Note: If you're using compute fleets during project creation,computeType
will be ignored.For more information, see Build Environment Compute Types in the CodeBuild User Guide.
Possible values include:"BUILD_GENERAL1_SMALL"
"BUILD_GENERAL1_MEDIUM"
"BUILD_GENERAL1_LARGE"
"BUILD_GENERAL1_XLARGE"
"BUILD_GENERAL1_2XLARGE"
"BUILD_LAMBDA_1GB"
"BUILD_LAMBDA_2GB"
"BUILD_LAMBDA_4GB"
"BUILD_LAMBDA_8GB"
"BUILD_LAMBDA_10GB"
-
fleet
— (map
)A ProjectFleet object to use for this build project.
fleetArn
— (String
)Specifies the compute fleet ARN for the build project.
environmentVariables
— (Array<map>
)A set of environment variables to make available to builds for this build project.
name
— required — (String
)The name or key of the environment variable.
value
— required — (String
)The value of the environment variable.
We strongly discourage the use of
PLAINTEXT
environment variables to store sensitive values, especially Amazon Web Services secret key IDs.PLAINTEXT
environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of typePARAMETER_STORE
orSECRETS_MANAGER
.type
— (String
)The type of environment variable. Valid values include:
-
PARAMETER_STORE
: An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as thevalue
of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the CodeBuild User Guide. -
PLAINTEXT
: An environment variable in plain text format. This is the default value. -
SECRETS_MANAGER
: An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as thevalue
of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the CodeBuild User Guide.
"PLAINTEXT"
"PARAMETER_STORE"
"SECRETS_MANAGER"
-
privilegedMode
— (Boolean
)Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is
false
.You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:
If the operating system's base image is Ubuntu Linux:
- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&
- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"
If the operating system's base image is Alpine Linux and the previous command does not work, add the
-t
argument totimeout
:- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&
- timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"
certificate
— (String
)The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the CodeBuild User Guide.
registryCredential
— (map
)The credentials for access to a private registry.
credential
— required — (String
)The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager.
Note: Thecredential
can use the name of the credentials only if they exist in your current Amazon Web Services Region.credentialProvider
— required — (String
)The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager.
Possible values include:"SECRETS_MANAGER"
imagePullCredentialsType
— (String
)The type of credentials CodeBuild uses to pull images in your build. There are two valid values:
-
CODEBUILD
specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal. -
SERVICE_ROLE
specifies that CodeBuild uses your build project's service role.
When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials.
Possible values include:"CODEBUILD"
"SERVICE_ROLE"
-
serviceRole
— (String
)The name of a service role used for this build.
logs
— (map
)Information about the build's logs in CloudWatch Logs.
groupName
— (String
)The name of the CloudWatch Logs group for the build logs.
streamName
— (String
)The name of the CloudWatch Logs stream for the build logs.
deepLink
— (String
)The URL to an individual build log in CloudWatch Logs. The log stream is created during the PROVISIONING phase of a build and the
deeplink
will not be valid until it is created.s3DeepLink
— (String
)The URL to a build log in an S3 bucket.
cloudWatchLogsArn
— (String
)The ARN of the CloudWatch Logs stream for a build execution. Its format is
arn:${Partition}:logs:${Region}:${Account}:log-group:${LogGroupName}:log-stream:${LogStreamName}
. The CloudWatch Logs stream is created during the PROVISIONING phase of a build and the ARN will not be valid until it is created. For more information, see Resources Defined by CloudWatch Logs.s3LogsArn
— (String
)The ARN of S3 logs for a build project. Its format is
arn:${Partition}:s3:::${BucketName}/${ObjectName}
. For more information, see Resources Defined by Amazon S3.cloudWatchLogs
— (map
)Information about CloudWatch Logs for a build project.
status
— required — (String
)The current status of the logs in CloudWatch Logs for a build project. Valid values are:
-
ENABLED
: CloudWatch Logs are enabled for this build project. -
DISABLED
: CloudWatch Logs are not enabled for this build project.
"ENABLED"
"DISABLED"
-
groupName
— (String
)The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
streamName
— (String
)The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
s3Logs
— (map
)Information about S3 logs for a build project.
status
— required — (String
)The current status of the S3 build logs. Valid values are:
-
ENABLED
: S3 build logs are enabled for this build project. -
DISABLED
: S3 build logs are not enabled for this build project.
"ENABLED"
"DISABLED"
-
location
— (String
)The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is
my-bucket
, and your path prefix isbuild-log
, then acceptable formats aremy-bucket/build-log
orarn:aws:s3:::my-bucket/build-log
.encryptionDisabled
— (Boolean
)Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
timeoutInMinutes
— (Integer
)How long, in minutes, from 5 to 2160 (36 hours), for CodeBuild to wait before timing out this build if it does not get marked as completed.
queuedTimeoutInMinutes
— (Integer
)The number of minutes a build is allowed to be queued before it times out.
buildComplete
— (Boolean
)Whether the build is complete. True if complete; otherwise, false.
initiator
— (String
)The entity that started the build. Valid values include:
-
If CodePipeline started the build, the pipeline's name (for example,
codepipeline/my-demo-pipeline
). -
If a user started the build, the user's name (for example,
MyUserName
). -
If the Jenkins plugin for CodeBuild started the build, the string
CodeBuild-Jenkins-Plugin
.
-
vpcConfig
— (map
)If your CodeBuild project accesses resources in an Amazon VPC, you provide this parameter that identifies the VPC ID and the list of security group IDs and subnet IDs. The security groups and subnets must belong to the same VPC. You must provide at least one security group and one subnet ID.
vpcId
— (String
)The ID of the Amazon VPC.
subnets
— (Array<String>
)A list of one or more subnet IDs in your Amazon VPC.
securityGroupIds
— (Array<String>
)A list of one or more security groups IDs in your Amazon VPC.
networkInterface
— (map
)Describes a network interface.
subnetId
— (String
)The ID of the subnet.
networkInterfaceId
— (String
)The ID of the network interface.
encryptionKey
— (String
)The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.
Note: You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format
alias/<alias-name>
).exportedEnvironmentVariables
— (Array<map>
)A list of exported environment variables for this build.
Exported environment variables are used in conjunction with CodePipeline to export environment variables from the current build stage to subsequent stages in the pipeline. For more information, see Working with variables in the CodePipeline User Guide.
name
— (String
)The name of the exported environment variable.
value
— (String
)The value assigned to the exported environment variable.
reportArns
— (Array<String>
)An array of the ARNs associated with this build's reports.
fileSystemLocations
— (Array<map>
)An array of
ProjectFileSystemLocation
objects for a CodeBuild build project. AProjectFileSystemLocation
object specifies theidentifier
,location
,mountOptions
,mountPoint
, andtype
of a file system created using Amazon Elastic File System.type
— (String
)The type of the file system. The one supported type is
Possible values include:EFS
."EFS"
location
— (String
)A string that specifies the location of the file system created by Amazon EFS. Its format is
efs-dns-name:/directory-path
. You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system isfs-abcd1234.efs.us-west-2.amazonaws.com
, and its mount directory ismy-efs-mount-directory
, then thelocation
isfs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory
.The directory path in the format
efs-dns-name:/directory-path
is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.mountPoint
— (String
)The location in the container where you mount the file system.
identifier
— (String
)The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the
identifier
in all capital letters toCODEBUILD_
. For example, if you specifymy_efs
foridentifier
, a new environment variable is create namedCODEBUILD_MY_EFS
.The
identifier
is used to mount your file system.mountOptions
— (String
)The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are
nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2
. For more information, see Recommended NFS Mount Options.
debugSession
— (map
)Contains information about the debug session for this build.
sessionEnabled
— (Boolean
)Specifies if session debugging is enabled for this build.
sessionTarget
— (String
)Contains the identifier of the Session Manager session used for the build. To work with the paused build, you open this session to examine, control, and resume the build.
buildBatchArn
— (String
)The ARN of the batch build that this build is a member of, if applicable.
buildsNotFound
— (Array<String>
)The IDs of builds for which information could not be found.
-
(AWS.Response)
—
Returns:
batchGetFleets(params = {}, callback) ⇒ AWS.Request
Gets information about one or more compute fleets.
Service Reference:
Examples:
Calling the batchGetFleets operation
var params = {
names: [ /* required */
'STRING_VALUE',
/* more items */
]
};
codebuild.batchGetFleets(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
names
— (Array<String>
)The names or ARNs of the compute fleets.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:fleets
— (Array<map>
)Information about the requested compute fleets.
arn
— (String
)The ARN of the compute fleet.
name
— (String
)The name of the compute fleet.
id
— (String
)The ID of the compute fleet.
created
— (Date
)The time at which the compute fleet was created.
lastModified
— (Date
)The time at which the compute fleet was last modified.
status
— (map
)The status of the compute fleet.
statusCode
— (String
)The status code of the compute fleet. Valid values include:
-
CREATING
: The compute fleet is being created. -
UPDATING
: The compute fleet is being updated. -
ROTATING
: The compute fleet is being rotated. -
PENDING_DELETION
: The compute fleet is pending deletion. -
DELETING
: The compute fleet is being deleted. -
CREATE_FAILED
: The compute fleet has failed to create. -
UPDATE_ROLLBACK_FAILED
: The compute fleet has failed to update and could not rollback to previous state. -
ACTIVE
: The compute fleet has succeeded and is active.
"CREATING"
"UPDATING"
"ROTATING"
"PENDING_DELETION"
"DELETING"
"CREATE_FAILED"
"UPDATE_ROLLBACK_FAILED"
"ACTIVE"
-
context
— (String
)Additional information about a compute fleet. Valid values include:
-
CREATE_FAILED
: The compute fleet has failed to create. -
UPDATE_FAILED
: The compute fleet has failed to update.
"CREATE_FAILED"
"UPDATE_FAILED"
"ACTION_REQUIRED"
"PENDING_DELETION"
"INSUFFICIENT_CAPACITY"
-
message
— (String
)A message associated with the status of a compute fleet.
baseCapacity
— (Integer
)The initial number of machines allocated to the compute fleet, which defines the number of builds that can run in parallel.
environmentType
— (String
)The environment type of the compute fleet.
-
The environment type
ARM_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), EU (Frankfurt), and South America (São Paulo). -
The environment type
LINUX_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (São Paulo), and Asia Pacific (Mumbai). -
The environment type
LINUX_GPU_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), and Asia Pacific (Sydney). -
The environment type
MAC_ARM
is available for Medium fleets only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), and EU (Frankfurt) -
The environment type
MAC_ARM
is available for Large fleets only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and Asia Pacific (Sydney). -
The environment type
WINDOWS_SERVER_2019_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), Asia Pacific (Tokyo), Asia Pacific (Mumbai) and EU (Ireland). -
The environment type
WINDOWS_SERVER_2022_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Sydney), Asia Pacific (Singapore), Asia Pacific (Tokyo), South America (São Paulo) and Asia Pacific (Mumbai).
For more information, see Build environment compute types in the CodeBuild user guide.
Possible values include:"WINDOWS_CONTAINER"
"LINUX_CONTAINER"
"LINUX_GPU_CONTAINER"
"ARM_CONTAINER"
"WINDOWS_SERVER_2019_CONTAINER"
"LINUX_LAMBDA_CONTAINER"
"ARM_LAMBDA_CONTAINER"
"MAC_ARM"
-
computeType
— (String
)Information about the compute resources the compute fleet uses. Available values include:
-
BUILD_GENERAL1_SMALL
: Use up to 3 GB memory and 2 vCPUs for builds. -
BUILD_GENERAL1_MEDIUM
: Use up to 7 GB memory and 4 vCPUs for builds. -
BUILD_GENERAL1_LARGE
: Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_XLARGE
: Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_2XLARGE
: Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.
If you use
BUILD_GENERAL1_SMALL
:-
For environment type
LINUX_CONTAINER
, you can use up to 3 GB memory and 2 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 16 GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. -
For environment type
ARM_CONTAINER
, you can use up to 4 GB memory and 2 vCPUs on ARM-based processors for builds.
If you use
BUILD_GENERAL1_LARGE
:-
For environment type
LINUX_CONTAINER
, you can use up to 15 GB memory and 8 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. -
For environment type
ARM_CONTAINER
, you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.
For more information, see Build environment compute types in the CodeBuild User Guide.
Possible values include:"BUILD_GENERAL1_SMALL"
"BUILD_GENERAL1_MEDIUM"
"BUILD_GENERAL1_LARGE"
"BUILD_GENERAL1_XLARGE"
"BUILD_GENERAL1_2XLARGE"
"BUILD_LAMBDA_1GB"
"BUILD_LAMBDA_2GB"
"BUILD_LAMBDA_4GB"
"BUILD_LAMBDA_8GB"
"BUILD_LAMBDA_10GB"
-
scalingConfiguration
— (map
)The scaling configuration of the compute fleet.
scalingType
— (String
)The scaling type for a compute fleet.
Possible values include:"TARGET_TRACKING_SCALING"
targetTrackingScalingConfigs
— (Array<map>
)A list of
TargetTrackingScalingConfiguration
objects.metricType
— (String
)The metric type to determine auto-scaling.
Possible values include:"FLEET_UTILIZATION_RATE"
targetValue
— (Float
)The value of
metricType
when to start scaling.
maxCapacity
— (Integer
)The maximum number of instances in the fleet when auto-scaling.
desiredCapacity
— (Integer
)The desired number of instances in the fleet when auto-scaling.
overflowBehavior
— (String
)The compute fleet overflow behavior.
-
For overflow behavior
QUEUE
, your overflow builds need to wait on the existing fleet instance to become available. -
For overflow behavior
ON_DEMAND
, your overflow builds run on CodeBuild on-demand.Note: If you choose to set your overflow behavior to on-demand while creating a VPC-connected fleet, make sure that you add the required VPC permissions to your project service role. For more information, see Example policy statement to allow CodeBuild access to Amazon Web Services services required to create a VPC network interface.
"QUEUE"
"ON_DEMAND"
-
vpcConfig
— (map
)Information about the VPC configuration that CodeBuild accesses.
vpcId
— (String
)The ID of the Amazon VPC.
subnets
— (Array<String>
)A list of one or more subnet IDs in your Amazon VPC.
securityGroupIds
— (Array<String>
)A list of one or more security groups IDs in your Amazon VPC.
imageId
— (String
)The Amazon Machine Image (AMI) of the compute fleet.
fleetServiceRole
— (String
)The service role associated with the compute fleet. For more information, see Allow a user to add a permission policy for a fleet service role in the CodeBuild User Guide.
tags
— (Array<map>
)A list of tag key and value pairs associated with this compute fleet.
These tags are available for use by Amazon Web Services services that support CodeBuild build project tags.
key
— (String
)The tag's key.
value
— (String
)The tag's value.
fleetsNotFound
— (Array<String>
)The names of compute fleets for which information could not be found.
-
(AWS.Response)
—
Returns:
batchGetProjects(params = {}, callback) ⇒ AWS.Request
Gets information about one or more build projects.
Service Reference:
Examples:
Calling the batchGetProjects operation
var params = {
names: [ /* required */
'STRING_VALUE',
/* more items */
]
};
codebuild.batchGetProjects(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
names
— (Array<String>
)The names or ARNs of the build projects. To get information about a project shared with your Amazon Web Services account, its ARN must be specified. You cannot specify a shared project using its name.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:projects
— (Array<map>
)Information about the requested build projects.
name
— (String
)The name of the build project.
arn
— (String
)The Amazon Resource Name (ARN) of the build project.
description
— (String
)A description that makes the build project easy to identify.
source
— (map
)Information about the build input source code for this build project.
type
— required — (String
)The type of repository that contains the source code to be built. Valid values include:
-
BITBUCKET
: The source code is in a Bitbucket repository. -
CODECOMMIT
: The source code is in an CodeCommit repository. -
CODEPIPELINE
: The source code settings are specified in the source action of a pipeline in CodePipeline. -
GITHUB
: The source code is in a GitHub repository. -
GITHUB_ENTERPRISE
: The source code is in a GitHub Enterprise Server repository. -
GITLAB
: The source code is in a GitLab repository. -
GITLAB_SELF_MANAGED
: The source code is in a self-managed GitLab repository. -
NO_SOURCE
: The project does not have input source code. -
S3
: The source code is in an Amazon S3 bucket.
"CODECOMMIT"
"CODEPIPELINE"
"GITHUB"
"GITLAB"
"GITLAB_SELF_MANAGED"
"S3"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"NO_SOURCE"
-
location
— (String
)Information about the location of the source code to be built. Valid values include:
-
For source code settings that are specified in the source action of a pipeline in CodePipeline,
location
should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. -
For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example,
https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>
). -
For source code in an Amazon S3 input bucket, one of the following.
-
The path to the ZIP file that contains the source code (for example,
<bucket-name>/<path>/<object-name>.zip
). -
The path to the folder that contains the source code (for example,
<bucket-name>/<path-to-source-code>/<folder>/
).
-
-
For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
. -
For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the
auth
object'stype
value toCODECONNECTIONS
in thesource
object. -
For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
.
If you specify
CODEPIPELINE
for theType
property, don't specify this property. For all of the other types, you must specifyLocation
.-
gitCloneDepth
— (Integer
)Information about the Git clone depth for the build project.
gitSubmodulesConfig
— (map
)Information about the Git submodules configuration for the build project.
fetchSubmodules
— required — (Boolean
)Set to true to fetch Git submodules for your CodeBuild build project.
buildspec
— (String
)The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in
CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.auth
— (map
)Information about the authorization settings for CodeBuild to access the source code to be built.
type
— required — (String
)The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The resource value that applies to the specified authorization type.
reportBuildStatus
— (Boolean
)Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an
invalidInputException
is thrown.To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.
buildStatusConfig
— (map
)Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is
GITHUB
,GITHUB_ENTERPRISE
, orBITBUCKET
.context
— (String
)Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
name
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
context
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
targetUrl
— (String
)Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
url
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
target_url
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
insecureSsl
— (Boolean
)Enable this flag to ignore SSL warnings while connecting to the project source code.
sourceIdentifier
— (String
)An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
secondarySources
— (Array<map>
)An array of
ProjectSource
objects.type
— required — (String
)The type of repository that contains the source code to be built. Valid values include:
-
BITBUCKET
: The source code is in a Bitbucket repository. -
CODECOMMIT
: The source code is in an CodeCommit repository. -
CODEPIPELINE
: The source code settings are specified in the source action of a pipeline in CodePipeline. -
GITHUB
: The source code is in a GitHub repository. -
GITHUB_ENTERPRISE
: The source code is in a GitHub Enterprise Server repository. -
GITLAB
: The source code is in a GitLab repository. -
GITLAB_SELF_MANAGED
: The source code is in a self-managed GitLab repository. -
NO_SOURCE
: The project does not have input source code. -
S3
: The source code is in an Amazon S3 bucket.
"CODECOMMIT"
"CODEPIPELINE"
"GITHUB"
"GITLAB"
"GITLAB_SELF_MANAGED"
"S3"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"NO_SOURCE"
-
location
— (String
)Information about the location of the source code to be built. Valid values include:
-
For source code settings that are specified in the source action of a pipeline in CodePipeline,
location
should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. -
For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example,
https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>
). -
For source code in an Amazon S3 input bucket, one of the following.
-
The path to the ZIP file that contains the source code (for example,
<bucket-name>/<path>/<object-name>.zip
). -
The path to the folder that contains the source code (for example,
<bucket-name>/<path-to-source-code>/<folder>/
).
-
-
For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
. -
For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the
auth
object'stype
value toCODECONNECTIONS
in thesource
object. -
For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
.
If you specify
CODEPIPELINE
for theType
property, don't specify this property. For all of the other types, you must specifyLocation
.-
gitCloneDepth
— (Integer
)Information about the Git clone depth for the build project.
gitSubmodulesConfig
— (map
)Information about the Git submodules configuration for the build project.
fetchSubmodules
— required — (Boolean
)Set to true to fetch Git submodules for your CodeBuild build project.
buildspec
— (String
)The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in
CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.auth
— (map
)Information about the authorization settings for CodeBuild to access the source code to be built.
type
— required — (String
)The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The resource value that applies to the specified authorization type.
reportBuildStatus
— (Boolean
)Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an
invalidInputException
is thrown.To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.
buildStatusConfig
— (map
)Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is
GITHUB
,GITHUB_ENTERPRISE
, orBITBUCKET
.context
— (String
)Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
name
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
context
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
targetUrl
— (String
)Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
url
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
target_url
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
insecureSsl
— (Boolean
)Enable this flag to ignore SSL warnings while connecting to the project source code.
sourceIdentifier
— (String
)An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
sourceVersion
— (String
)A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:
-
For CodeCommit: the commit ID, branch, or Git tag to use.
-
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for examplepr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. -
For GitLab: the commit ID, branch, or Git tag to use.
-
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
-
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
If
sourceVersion
is specified at the build level, then that version takes precedence over thissourceVersion
(at the project level).For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
-
secondarySourceVersions
— (Array<map>
)An array of
ProjectSourceVersion
objects. IfsecondarySourceVersions
is specified at the build level, then they take over thesesecondarySourceVersions
(at the project level).sourceIdentifier
— required — (String
)An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
sourceVersion
— required — (String
)The source version for the corresponding source identifier. If specified, must be one of:
-
For CodeCommit: the commit ID, branch, or Git tag to use.
-
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for example,pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. -
For GitLab: the commit ID, branch, or Git tag to use.
-
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
-
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
-
artifacts
— (map
)Information about the build output artifacts for the build project.
type
— required — (String
)The type of build output artifact. Valid values include:
-
CODEPIPELINE
: The build project has build output generated through CodePipeline.Note: TheCODEPIPELINE
type is not supported forsecondaryArtifacts
. -
NO_ARTIFACTS
: The build project does not produce any build output. -
S3
: The build project stores build output in Amazon S3.
"CODEPIPELINE"
"S3"
"NO_ARTIFACTS"
-
location
— (String
)Information about the build output artifact location:
-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the name of the output bucket.
-
path
— (String
)Along with
namespaceType
andname
, the pattern that CodeBuild uses to name and store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the path to the output artifact. Ifpath
is not specified,path
is not used.
For example, if
path
is set toMyArtifacts
,namespaceType
is set toNONE
, andname
is set toMyArtifact.zip
, the output artifact is stored in the output bucket atMyArtifacts/MyArtifact.zip
.-
namespaceType
— (String
)Along with
path
andname
, the pattern that CodeBuild uses to determine the name and location to store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, valid values include:-
BUILD_ID
: Include the build ID in the location of the build output artifact. -
NONE
: Do not include the build ID. This is the default ifnamespaceType
is not specified.
-
For example, if
Possible values include:path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set toMyArtifact.zip
, the output artifact is stored inMyArtifacts/<build-ID>/MyArtifact.zip
."NONE"
"BUILD_ID"
-
name
— (String
)Along with
path
andnamespaceType
, the pattern that CodeBuild uses to name and store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket.
For example:
-
If
path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set toMyArtifact.zip
, then the output artifact is stored inMyArtifacts/<build-ID>/MyArtifact.zip
. -
If
path
is empty,namespaceType
is set toNONE
, andname
is set to "/
", the output artifact is stored in the root of the output bucket. -
If
path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set to "/
", the output artifact is stored inMyArtifacts/<build-ID>
.
-
packaging
— (String
)The type of build output artifact to create:
-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, valid values include:-
NONE
: CodeBuild creates in the output bucket a folder that contains the build output. This is the default ifpackaging
is not specified. -
ZIP
: CodeBuild creates in the output bucket a ZIP file that contains the build output.
-
"NONE"
"ZIP"
-
overrideArtifactName
— (Boolean
)If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.
encryptionDisabled
— (Boolean
)Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown.
artifactIdentifier
— (String
)An identifier for this artifact definition.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
secondaryArtifacts
— (Array<map>
)An array of
ProjectArtifacts
objects.type
— required — (String
)The type of build output artifact. Valid values include:
-
CODEPIPELINE
: The build project has build output generated through CodePipeline.Note: TheCODEPIPELINE
type is not supported forsecondaryArtifacts
. -
NO_ARTIFACTS
: The build project does not produce any build output. -
S3
: The build project stores build output in Amazon S3.
"CODEPIPELINE"
"S3"
"NO_ARTIFACTS"
-
location
— (String
)Information about the build output artifact location:
-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the name of the output bucket.
-
path
— (String
)Along with
namespaceType
andname
, the pattern that CodeBuild uses to name and store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the path to the output artifact. Ifpath
is not specified,path
is not used.
For example, if
path
is set toMyArtifacts
,namespaceType
is set toNONE
, andname
is set toMyArtifact.zip
, the output artifact is stored in the output bucket atMyArtifacts/MyArtifact.zip
.-
namespaceType
— (String
)Along with
path
andname
, the pattern that CodeBuild uses to determine the name and location to store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, valid values include:-
BUILD_ID
: Include the build ID in the location of the build output artifact. -
NONE
: Do not include the build ID. This is the default ifnamespaceType
is not specified.
-
For example, if
Possible values include:path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set toMyArtifact.zip
, the output artifact is stored inMyArtifacts/<build-ID>/MyArtifact.zip
."NONE"
"BUILD_ID"
-
name
— (String
)Along with
path
andnamespaceType
, the pattern that CodeBuild uses to name and store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket.
For example:
-
If
path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set toMyArtifact.zip
, then the output artifact is stored inMyArtifacts/<build-ID>/MyArtifact.zip
. -
If
path
is empty,namespaceType
is set toNONE
, andname
is set to "/
", the output artifact is stored in the root of the output bucket. -
If
path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set to "/
", the output artifact is stored inMyArtifacts/<build-ID>
.
-
packaging
— (String
)The type of build output artifact to create:
-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, valid values include:-
NONE
: CodeBuild creates in the output bucket a folder that contains the build output. This is the default ifpackaging
is not specified. -
ZIP
: CodeBuild creates in the output bucket a ZIP file that contains the build output.
-
"NONE"
"ZIP"
-
overrideArtifactName
— (Boolean
)If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.
encryptionDisabled
— (Boolean
)Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown.
artifactIdentifier
— (String
)An identifier for this artifact definition.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
cache
— (map
)Information about the cache for the build project.
type
— required — (String
)The type of cache used by the build project. Valid values include:
-
NO_CACHE
: The build project does not use any cache. -
S3
: The build project reads and writes from and to S3. -
LOCAL
: The build project stores a cache locally on a build host that is only available to that build host.
"NO_CACHE"
"S3"
"LOCAL"
-
location
— (String
)Information about the cache location:
-
NO_CACHE
orLOCAL
: This value is ignored. -
S3
: This is the S3 bucket name/prefix.
-
modes
— (Array<String>
)An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for
LOCAL
cache types.Possible values are:
- LOCAL_SOURCE_CACHE
-
Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.
- LOCAL_DOCKER_LAYER_CACHE
-
Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.
Note:- You can use a Docker layer cache in the Linux environment only.
- The
privileged
flag must be set so that your project has the required Docker permissions. - You should consider the security implications before you use a Docker layer cache.
- LOCAL_CUSTOM_CACHE
-
Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:
-
Only directories can be specified for caching. You cannot specify individual files.
-
Symlinks are used to reference cached directories.
-
Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.
-
environment
— (map
)Information about the build environment for this build project.
type
— required — (String
)The type of build environment to use for related builds.
-
The environment type
ARM_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and EU (Frankfurt). -
The environment type
LINUX_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia). -
The environment type
LINUX_GPU_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) , China (Beijing), and China (Ningxia).
-
The environment types
ARM_LAMBDA_CONTAINER
andLINUX_LAMBDA_CONTAINER
are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Frankfurt), EU (Ireland), and South America (São Paulo).
-
The environment types
WINDOWS_CONTAINER
andWINDOWS_SERVER_2019_CONTAINER
are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and EU (Ireland).
Note: If you're using compute fleets during project creation,type
will be ignored.For more information, see Build environment compute types in the CodeBuild user guide.
Possible values include:"WINDOWS_CONTAINER"
"LINUX_CONTAINER"
"LINUX_GPU_CONTAINER"
"ARM_CONTAINER"
"WINDOWS_SERVER_2019_CONTAINER"
"LINUX_LAMBDA_CONTAINER"
"ARM_LAMBDA_CONTAINER"
"MAC_ARM"
-
image
— required — (String
)The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:
-
For an image tag:
<registry>/<repository>:<tag>
. For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would beaws/codebuild/standard:4.0
. -
For an image digest:
<registry>/<repository>@<digest>
. For example, to specify an image with the digest "sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use<registry>/<repository>@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf
.
For more information, see Docker images provided by CodeBuild in the CodeBuild user guide.
-
computeType
— required — (String
)Information about the compute resources the build project uses. Available values include:
-
BUILD_GENERAL1_SMALL
: Use up to 3 GB memory and 2 vCPUs for builds. -
BUILD_GENERAL1_MEDIUM
: Use up to 7 GB memory and 4 vCPUs for builds. -
BUILD_GENERAL1_LARGE
: Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_XLARGE
: Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_2XLARGE
: Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. -
BUILD_LAMBDA_1GB
: Use up to 1 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_2GB
: Use up to 2 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_4GB
: Use up to 4 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_8GB
: Use up to 8 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_10GB
: Use up to 10 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
.
If you use
BUILD_GENERAL1_SMALL
:-
For environment type
LINUX_CONTAINER
, you can use up to 3 GB memory and 2 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 16 GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. -
For environment type
ARM_CONTAINER
, you can use up to 4 GB memory and 2 vCPUs on ARM-based processors for builds.
If you use
BUILD_GENERAL1_LARGE
:-
For environment type
LINUX_CONTAINER
, you can use up to 15 GB memory and 8 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. -
For environment type
ARM_CONTAINER
, you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.
Note: If you're using compute fleets during project creation,computeType
will be ignored.For more information, see Build Environment Compute Types in the CodeBuild User Guide.
Possible values include:"BUILD_GENERAL1_SMALL"
"BUILD_GENERAL1_MEDIUM"
"BUILD_GENERAL1_LARGE"
"BUILD_GENERAL1_XLARGE"
"BUILD_GENERAL1_2XLARGE"
"BUILD_LAMBDA_1GB"
"BUILD_LAMBDA_2GB"
"BUILD_LAMBDA_4GB"
"BUILD_LAMBDA_8GB"
"BUILD_LAMBDA_10GB"
-
fleet
— (map
)A ProjectFleet object to use for this build project.
fleetArn
— (String
)Specifies the compute fleet ARN for the build project.
environmentVariables
— (Array<map>
)A set of environment variables to make available to builds for this build project.
name
— required — (String
)The name or key of the environment variable.
value
— required — (String
)The value of the environment variable.
We strongly discourage the use of
PLAINTEXT
environment variables to store sensitive values, especially Amazon Web Services secret key IDs.PLAINTEXT
environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of typePARAMETER_STORE
orSECRETS_MANAGER
.type
— (String
)The type of environment variable. Valid values include:
-
PARAMETER_STORE
: An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as thevalue
of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the CodeBuild User Guide. -
PLAINTEXT
: An environment variable in plain text format. This is the default value. -
SECRETS_MANAGER
: An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as thevalue
of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the CodeBuild User Guide.
"PLAINTEXT"
"PARAMETER_STORE"
"SECRETS_MANAGER"
-
privilegedMode
— (Boolean
)Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is
false
.You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:
If the operating system's base image is Ubuntu Linux:
- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&
- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"
If the operating system's base image is Alpine Linux and the previous command does not work, add the
-t
argument totimeout
:- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&
- timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"
certificate
— (String
)The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the CodeBuild User Guide.
registryCredential
— (map
)The credentials for access to a private registry.
credential
— required — (String
)The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager.
Note: Thecredential
can use the name of the credentials only if they exist in your current Amazon Web Services Region.credentialProvider
— required — (String
)The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager.
Possible values include:"SECRETS_MANAGER"
imagePullCredentialsType
— (String
)The type of credentials CodeBuild uses to pull images in your build. There are two valid values:
-
CODEBUILD
specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal. -
SERVICE_ROLE
specifies that CodeBuild uses your build project's service role.
When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials.
Possible values include:"CODEBUILD"
"SERVICE_ROLE"
-
serviceRole
— (String
)The ARN of the IAM role that enables CodeBuild to interact with dependent Amazon Web Services services on behalf of the Amazon Web Services account.
timeoutInMinutes
— (Integer
)How long, in minutes, from 5 to 2160 (36 hours), for CodeBuild to wait before timing out any related build that did not get marked as completed. The default is 60 minutes.
queuedTimeoutInMinutes
— (Integer
)The number of minutes a build is allowed to be queued before it times out.
encryptionKey
— (String
)The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.
Note: You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format
alias/<alias-name>
). If you don't specify a value, CodeBuild uses the managed CMK for Amazon Simple Storage Service (Amazon S3).tags
— (Array<map>
)A list of tag key and value pairs associated with this build project.
These tags are available for use by Amazon Web Services services that support CodeBuild build project tags.
key
— (String
)The tag's key.
value
— (String
)The tag's value.
created
— (Date
)When the build project was created, expressed in Unix time format.
lastModified
— (Date
)When the build project's settings were last modified, expressed in Unix time format.
webhook
— (map
)Information about a webhook that connects repository events to a build project in CodeBuild.
url
— (String
)The URL to the webhook.
payloadUrl
— (String
)The CodeBuild endpoint where webhook events are sent.
secret
— (String
)The secret token of the associated repository.
Note: A Bitbucket webhook does not supportsecret
.branchFilter
— (String
)A regular expression used to determine which repository branches are built when a webhook is triggered. If the name of a branch matches the regular expression, then it is built. If
branchFilter
is empty, then all branches are built.Note: It is recommended that you usefilterGroups
instead ofbranchFilter
.filterGroups
— (Array<Array<map>>
)An array of arrays of
WebhookFilter
objects used to determine which webhooks are triggered. At least oneWebhookFilter
in the array must specifyEVENT
as itstype
.For a build to be triggered, at least one filter group in the
filterGroups
array must pass. For a filter group to pass, each of its filters must pass.type
— required — (String
)The type of webhook filter. There are nine webhook filter types:
EVENT
,ACTOR_ACCOUNT_ID
,HEAD_REF
,BASE_REF
,FILE_PATH
,COMMIT_MESSAGE
,TAG_NAME
,RELEASE_NAME
, andWORKFLOW_NAME
.-
EVENT
-
A webhook event triggers a build when the provided
pattern
matches one of nine event types:PUSH
,PULL_REQUEST_CREATED
,PULL_REQUEST_UPDATED
,PULL_REQUEST_CLOSED
,PULL_REQUEST_REOPENED
,PULL_REQUEST_MERGED
,RELEASED
,PRERELEASED
, andWORKFLOW_JOB_QUEUED
. TheEVENT
patterns are specified as a comma-separated string. For example,PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED
filters all push, pull request created, and pull request updated events.Note: TypesPULL_REQUEST_REOPENED
andWORKFLOW_JOB_QUEUED
work with GitHub and GitHub Enterprise only. TypesRELEASED
andPRERELEASED
work with GitHub only.
-
-
ACTOR_ACCOUNT_ID
-
A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression
pattern
.
-
-
HEAD_REF
-
A webhook event triggers a build when the head reference matches the regular expression
pattern
. For example,refs/heads/branch-name
andrefs/tags/tag-name
.Note: Works with GitHub and GitHub Enterprise push, GitHub and GitHub Enterprise pull request, Bitbucket push, and Bitbucket pull request events.
-
-
BASE_REF
-
A webhook event triggers a build when the base reference matches the regular expression
pattern
. For example,refs/heads/branch-name
.Note: Works with pull request events only.
-
-
FILE_PATH
-
A webhook triggers a build when the path of a changed file matches the regular expression
pattern
.Note: Works with GitHub and Bitbucket events push and pull requests events. Also works with GitHub Enterprise push events, but does not work with GitHub Enterprise pull request events.
-
-
COMMIT_MESSAGE
-
A webhook triggers a build when the head commit message matches the regular expression
pattern
.Note: Works with GitHub and Bitbucket events push and pull requests events. Also works with GitHub Enterprise push events, but does not work with GitHub Enterprise pull request events.
-
-
TAG_NAME
-
A webhook triggers a build when the tag name of the release matches the regular expression
pattern
.Note: Works withRELEASED
andPRERELEASED
events only.
-
-
RELEASE_NAME
-
A webhook triggers a build when the release name matches the regular expression
pattern
.Note: Works withRELEASED
andPRERELEASED
events only.
-
-
REPOSITORY_NAME
-
A webhook triggers a build when the repository name matches the regular expression pattern.
Note: Works with GitHub global or organization webhooks only.
-
-
WORKFLOW_NAME
-
A webhook triggers a build when the workflow name matches the regular expression
pattern
.Note: Works withWORKFLOW_JOB_QUEUED
events only.
-
"EVENT"
"BASE_REF"
"HEAD_REF"
"ACTOR_ACCOUNT_ID"
"FILE_PATH"
"COMMIT_MESSAGE"
"WORKFLOW_NAME"
"TAG_NAME"
"RELEASE_NAME"
-
pattern
— required — (String
)For a
WebHookFilter
that usesEVENT
type, a comma-separated string that specifies one or more events. For example, the webhook filterPUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED
allows all push, pull request created, and pull request updated events to trigger a build.For a
WebHookFilter
that uses any of the other filter types, a regular expression pattern. For example, aWebHookFilter
that usesHEAD_REF
for itstype
and the pattern^refs/heads/
triggers a build when the head reference is a branch with a reference namerefs/heads/branch-name
.excludeMatchedPattern
— (Boolean
)Used to indicate that the
pattern
determines which webhook events do not trigger a build. If true, then a webhook event that does not match thepattern
triggers a build. If false, then a webhook event that matches thepattern
triggers a build.
buildType
— (String
)Specifies the type of build this webhook will trigger.
Possible values include:"BUILD"
"BUILD_BATCH"
manualCreation
— (Boolean
)If manualCreation is true, CodeBuild doesn't create a webhook in GitHub and instead returns
payloadUrl
andsecret
values for the webhook. ThepayloadUrl
andsecret
values in the output can be used to manually create a webhook within GitHub.Note: manualCreation is only available for GitHub webhooks.lastModifiedSecret
— (Date
)A timestamp that indicates the last time a repository's secret token was modified.
scopeConfiguration
— (map
)The scope configuration for global or organization webhooks.
Note: Global or organization webhooks are only available for GitHub and Github Enterprise webhooks.name
— required — (String
)The name of either the enterprise or organization that will send webhook events to CodeBuild, depending on if the webhook is a global or organization webhook respectively.
domain
— (String
)The domain of the GitHub Enterprise organization. Note that this parameter is only required if your project's source type is GITHUB_ENTERPRISE
scope
— required — (String
)The type of scope for a GitHub webhook.
Possible values include:"GITHUB_ORGANIZATION"
"GITHUB_GLOBAL"
vpcConfig
— (map
)Information about the VPC configuration that CodeBuild accesses.
vpcId
— (String
)The ID of the Amazon VPC.
subnets
— (Array<String>
)A list of one or more subnet IDs in your Amazon VPC.
securityGroupIds
— (Array<String>
)A list of one or more security groups IDs in your Amazon VPC.
badge
— (map
)Information about the build badge for the build project.
badgeEnabled
— (Boolean
)Set this to true to generate a publicly accessible URL for your project's build badge.
badgeRequestUrl
— (String
)The publicly-accessible URL through which you can access the build badge for your project.
logsConfig
— (map
)Information about logs for the build project. A project can create logs in CloudWatch Logs, an S3 bucket, or both.
cloudWatchLogs
— (map
)Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default.
status
— required — (String
)The current status of the logs in CloudWatch Logs for a build project. Valid values are:
-
ENABLED
: CloudWatch Logs are enabled for this build project. -
DISABLED
: CloudWatch Logs are not enabled for this build project.
"ENABLED"
"DISABLED"
-
groupName
— (String
)The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
streamName
— (String
)The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
s3Logs
— (map
)Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default.
status
— required — (String
)The current status of the S3 build logs. Valid values are:
-
ENABLED
: S3 build logs are enabled for this build project. -
DISABLED
: S3 build logs are not enabled for this build project.
"ENABLED"
"DISABLED"
-
location
— (String
)The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is
my-bucket
, and your path prefix isbuild-log
, then acceptable formats aremy-bucket/build-log
orarn:aws:s3:::my-bucket/build-log
.encryptionDisabled
— (Boolean
)Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
fileSystemLocations
— (Array<map>
)An array of
ProjectFileSystemLocation
objects for a CodeBuild build project. AProjectFileSystemLocation
object specifies theidentifier
,location
,mountOptions
,mountPoint
, andtype
of a file system created using Amazon Elastic File System.type
— (String
)The type of the file system. The one supported type is
Possible values include:EFS
."EFS"
location
— (String
)A string that specifies the location of the file system created by Amazon EFS. Its format is
efs-dns-name:/directory-path
. You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system isfs-abcd1234.efs.us-west-2.amazonaws.com
, and its mount directory ismy-efs-mount-directory
, then thelocation
isfs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory
.The directory path in the format
efs-dns-name:/directory-path
is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.mountPoint
— (String
)The location in the container where you mount the file system.
identifier
— (String
)The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the
identifier
in all capital letters toCODEBUILD_
. For example, if you specifymy_efs
foridentifier
, a new environment variable is create namedCODEBUILD_MY_EFS
.The
identifier
is used to mount your file system.mountOptions
— (String
)The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are
nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2
. For more information, see Recommended NFS Mount Options.
buildBatchConfig
— (map
)A ProjectBuildBatchConfig object that defines the batch build options for the project.
serviceRole
— (String
)Specifies the service role ARN for the batch build project.
combineArtifacts
— (Boolean
)Specifies if the build artifacts for the batch build should be combined into a single artifact location.
restrictions
— (map
)A
BatchRestrictions
object that specifies the restrictions for the batch build.maximumBuildsAllowed
— (Integer
)Specifies the maximum number of builds allowed.
computeTypesAllowed
— (Array<String>
)An array of strings that specify the compute types that are allowed for the batch build. See Build environment compute types in the CodeBuild User Guide for these values.
timeoutInMins
— (Integer
)Specifies the maximum amount of time, in minutes, that the batch build must be completed in.
batchReportMode
— (String
)Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider.
- REPORT_AGGREGATED_BATCH
-
(Default) Aggregate all of the build statuses into a single status report.
- REPORT_INDIVIDUAL_BUILDS
-
Send a separate status report for each individual build.
"REPORT_INDIVIDUAL_BUILDS"
"REPORT_AGGREGATED_BATCH"
concurrentBuildLimit
— (Integer
)The maximum number of concurrent builds that are allowed for this project.
New builds are only started if the current number of builds is less than or equal to this limit. If the current build count meets this limit, new builds are throttled and are not run.
projectVisibility
— (String
)Specifies the visibility of the project's builds. Possible values are:
- PUBLIC_READ
-
The project builds are visible to the public.
- PRIVATE
-
The project builds are not visible to the public.
"PUBLIC_READ"
"PRIVATE"
publicProjectAlias
— (String
)Contains the project identifier used with the public build APIs.
resourceAccessRole
— (String
)The ARN of the IAM role that enables CodeBuild to access the CloudWatch Logs and Amazon S3 artifacts for the project's builds.
projectsNotFound
— (Array<String>
)The names of build projects for which information could not be found.
-
(AWS.Response)
—
Returns:
batchGetReportGroups(params = {}, callback) ⇒ AWS.Request
Returns an array of report groups.
Service Reference:
Examples:
Calling the batchGetReportGroups operation
var params = {
reportGroupArns: [ /* required */
'STRING_VALUE',
/* more items */
]
};
codebuild.batchGetReportGroups(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
reportGroupArns
— (Array<String>
)An array of report group ARNs that identify the report groups to return.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:reportGroups
— (Array<map>
)The array of report groups returned by
BatchGetReportGroups
.arn
— (String
)The ARN of the
ReportGroup
.name
— (String
)The name of the
ReportGroup
.type
— (String
)The type of the
ReportGroup
. This can be one of the following values:- CODE_COVERAGE
-
The report group contains code coverage reports.
- TEST
-
The report group contains test reports.
"TEST"
"CODE_COVERAGE"
exportConfig
— (map
)Information about the destination where the raw data of this
ReportGroup
is exported.exportConfigType
— (String
)The export configuration type. Valid values are:
-
S3
: The report results are exported to an S3 bucket. -
NO_EXPORT
: The report results are not exported.
"S3"
"NO_EXPORT"
-
s3Destination
— (map
)A
S3ReportExportConfig
object that contains information about the S3 bucket where the run of a report is exported.bucket
— (String
)The name of the S3 bucket where the raw data of a report are exported.
bucketOwner
— (String
)The Amazon Web Services account identifier of the owner of the Amazon S3 bucket. This allows report data to be exported to an Amazon S3 bucket that is owned by an account other than the account running the build.
path
— (String
)The path to the exported report's raw data results.
packaging
— (String
)The type of build output artifact to create. Valid values include:
-
NONE
: CodeBuild creates the raw data in the output bucket. This is the default if packaging is not specified. -
ZIP
: CodeBuild creates a ZIP file with the raw data in the output bucket.
"ZIP"
"NONE"
-
encryptionKey
— (String
)The encryption key for the report's encrypted raw data.
encryptionDisabled
— (Boolean
)A boolean value that specifies if the results of a report are encrypted.
created
— (Date
)The date and time this
ReportGroup
was created.lastModified
— (Date
)The date and time this
ReportGroup
was last modified.tags
— (Array<map>
)A list of tag key and value pairs associated with this report group.
These tags are available for use by Amazon Web Services services that support CodeBuild report group tags.
key
— (String
)The tag's key.
value
— (String
)The tag's value.
status
— (String
)The status of the report group. This property is read-only.
This can be one of the following values:
- ACTIVE
-
The report group is active.
- DELETING
-
The report group is in the process of being deleted.
"ACTIVE"
"DELETING"
reportGroupsNotFound
— (Array<String>
)An array of ARNs passed to
BatchGetReportGroups
that are not associated with aReportGroup
.
-
(AWS.Response)
—
Returns:
batchGetReports(params = {}, callback) ⇒ AWS.Request
Returns an array of reports.
Service Reference:
Examples:
Calling the batchGetReports operation
var params = {
reportArns: [ /* required */
'STRING_VALUE',
/* more items */
]
};
codebuild.batchGetReports(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
reportArns
— (Array<String>
)An array of ARNs that identify the
Report
objects to return.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:reports
— (Array<map>
)The array of
Report
objects returned byBatchGetReports
.arn
— (String
)The ARN of the report run.
type
— (String
)The type of the report that was run.
- CODE_COVERAGE
-
A code coverage report.
- TEST
-
A test report.
"TEST"
"CODE_COVERAGE"
name
— (String
)The name of the report that was run.
reportGroupArn
— (String
)The ARN of the report group associated with this report.
executionId
— (String
)The ARN of the build run that generated this report.
status
— (String
)The status of this report.
Possible values include:"GENERATING"
"SUCCEEDED"
"FAILED"
"INCOMPLETE"
"DELETING"
created
— (Date
)The date and time this report run occurred.
expired
— (Date
)The date and time a report expires. A report expires 30 days after it is created. An expired report is not available to view in CodeBuild.
exportConfig
— (map
)Information about where the raw data used to generate this report was exported.
exportConfigType
— (String
)The export configuration type. Valid values are:
-
S3
: The report results are exported to an S3 bucket. -
NO_EXPORT
: The report results are not exported.
"S3"
"NO_EXPORT"
-
s3Destination
— (map
)A
S3ReportExportConfig
object that contains information about the S3 bucket where the run of a report is exported.bucket
— (String
)The name of the S3 bucket where the raw data of a report are exported.
bucketOwner
— (String
)The Amazon Web Services account identifier of the owner of the Amazon S3 bucket. This allows report data to be exported to an Amazon S3 bucket that is owned by an account other than the account running the build.
path
— (String
)The path to the exported report's raw data results.
packaging
— (String
)The type of build output artifact to create. Valid values include:
-
NONE
: CodeBuild creates the raw data in the output bucket. This is the default if packaging is not specified. -
ZIP
: CodeBuild creates a ZIP file with the raw data in the output bucket.
"ZIP"
"NONE"
-
encryptionKey
— (String
)The encryption key for the report's encrypted raw data.
encryptionDisabled
— (Boolean
)A boolean value that specifies if the results of a report are encrypted.
truncated
— (Boolean
)A boolean that specifies if this report run is truncated. The list of test cases is truncated after the maximum number of test cases is reached.
testSummary
— (map
)A
TestReportSummary
object that contains information about this test report.total
— required — (Integer
)The number of test cases in this
TestReportSummary
. The total includes truncated test cases.statusCounts
— required — (map<Integer>
)A map that contains the number of each type of status returned by the test results in this
TestReportSummary
.durationInNanoSeconds
— required — (Integer
)The number of nanoseconds it took to run all of the test cases in this report.
codeCoverageSummary
— (map
)A
CodeCoverageReportSummary
object that contains a code coverage summary for this report.lineCoveragePercentage
— (Float
)The percentage of lines that are covered by your tests.
linesCovered
— (Integer
)The number of lines that are covered by your tests.
linesMissed
— (Integer
)The number of lines that are not covered by your tests.
branchCoveragePercentage
— (Float
)The percentage of branches that are covered by your tests.
branchesCovered
— (Integer
)The number of conditional branches that are covered by your tests.
branchesMissed
— (Integer
)The number of conditional branches that are not covered by your tests.
reportsNotFound
— (Array<String>
)An array of ARNs passed to
BatchGetReportGroups
that are not associated with aReport
.
-
(AWS.Response)
—
Returns:
createFleet(params = {}, callback) ⇒ AWS.Request
Creates a compute fleet.
Service Reference:
Examples:
Calling the createFleet operation
var params = {
baseCapacity: 'NUMBER_VALUE', /* required */
computeType: BUILD_GENERAL1_SMALL | BUILD_GENERAL1_MEDIUM | BUILD_GENERAL1_LARGE | BUILD_GENERAL1_XLARGE | BUILD_GENERAL1_2XLARGE | BUILD_LAMBDA_1GB | BUILD_LAMBDA_2GB | BUILD_LAMBDA_4GB | BUILD_LAMBDA_8GB | BUILD_LAMBDA_10GB, /* required */
environmentType: WINDOWS_CONTAINER | LINUX_CONTAINER | LINUX_GPU_CONTAINER | ARM_CONTAINER | WINDOWS_SERVER_2019_CONTAINER | LINUX_LAMBDA_CONTAINER | ARM_LAMBDA_CONTAINER | MAC_ARM, /* required */
name: 'STRING_VALUE', /* required */
fleetServiceRole: 'STRING_VALUE',
imageId: 'STRING_VALUE',
overflowBehavior: QUEUE | ON_DEMAND,
scalingConfiguration: {
maxCapacity: 'NUMBER_VALUE',
scalingType: TARGET_TRACKING_SCALING,
targetTrackingScalingConfigs: [
{
metricType: FLEET_UTILIZATION_RATE,
targetValue: 'NUMBER_VALUE'
},
/* more items */
]
},
tags: [
{
key: 'STRING_VALUE',
value: 'STRING_VALUE'
},
/* more items */
],
vpcConfig: {
securityGroupIds: [
'STRING_VALUE',
/* more items */
],
subnets: [
'STRING_VALUE',
/* more items */
],
vpcId: 'STRING_VALUE'
}
};
codebuild.createFleet(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
name
— (String
)The name of the compute fleet.
baseCapacity
— (Integer
)The initial number of machines allocated to the fleet, which defines the number of builds that can run in parallel.
environmentType
— (String
)The environment type of the compute fleet.
-
The environment type
ARM_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), EU (Frankfurt), and South America (São Paulo). -
The environment type
LINUX_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (São Paulo), and Asia Pacific (Mumbai). -
The environment type
LINUX_GPU_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), and Asia Pacific (Sydney). -
The environment type
MAC_ARM
is available for Medium fleets only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), and EU (Frankfurt) -
The environment type
MAC_ARM
is available for Large fleets only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and Asia Pacific (Sydney). -
The environment type
WINDOWS_SERVER_2019_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), Asia Pacific (Tokyo), Asia Pacific (Mumbai) and EU (Ireland). -
The environment type
WINDOWS_SERVER_2022_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Sydney), Asia Pacific (Singapore), Asia Pacific (Tokyo), South America (São Paulo) and Asia Pacific (Mumbai).
For more information, see Build environment compute types in the CodeBuild user guide.
Possible values include:"WINDOWS_CONTAINER"
"LINUX_CONTAINER"
"LINUX_GPU_CONTAINER"
"ARM_CONTAINER"
"WINDOWS_SERVER_2019_CONTAINER"
"LINUX_LAMBDA_CONTAINER"
"ARM_LAMBDA_CONTAINER"
"MAC_ARM"
-
computeType
— (String
)Information about the compute resources the compute fleet uses. Available values include:
-
BUILD_GENERAL1_SMALL
: Use up to 3 GB memory and 2 vCPUs for builds. -
BUILD_GENERAL1_MEDIUM
: Use up to 7 GB memory and 4 vCPUs for builds. -
BUILD_GENERAL1_LARGE
: Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_XLARGE
: Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_2XLARGE
: Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.
If you use
BUILD_GENERAL1_SMALL
:-
For environment type
LINUX_CONTAINER
, you can use up to 3 GB memory and 2 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 16 GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. -
For environment type
ARM_CONTAINER
, you can use up to 4 GB memory and 2 vCPUs on ARM-based processors for builds.
If you use
BUILD_GENERAL1_LARGE
:-
For environment type
LINUX_CONTAINER
, you can use up to 15 GB memory and 8 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. -
For environment type
ARM_CONTAINER
, you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.
For more information, see Build environment compute types in the CodeBuild User Guide.
Possible values include:"BUILD_GENERAL1_SMALL"
"BUILD_GENERAL1_MEDIUM"
"BUILD_GENERAL1_LARGE"
"BUILD_GENERAL1_XLARGE"
"BUILD_GENERAL1_2XLARGE"
"BUILD_LAMBDA_1GB"
"BUILD_LAMBDA_2GB"
"BUILD_LAMBDA_4GB"
"BUILD_LAMBDA_8GB"
"BUILD_LAMBDA_10GB"
-
scalingConfiguration
— (map
)The scaling configuration of the compute fleet.
scalingType
— (String
)The scaling type for a compute fleet.
Possible values include:"TARGET_TRACKING_SCALING"
targetTrackingScalingConfigs
— (Array<map>
)A list of
TargetTrackingScalingConfiguration
objects.metricType
— (String
)The metric type to determine auto-scaling.
Possible values include:"FLEET_UTILIZATION_RATE"
targetValue
— (Float
)The value of
metricType
when to start scaling.
maxCapacity
— (Integer
)The maximum number of instances in the fleet when auto-scaling.
overflowBehavior
— (String
)The compute fleet overflow behavior.
-
For overflow behavior
QUEUE
, your overflow builds need to wait on the existing fleet instance to become available. -
For overflow behavior
ON_DEMAND
, your overflow builds run on CodeBuild on-demand.Note: If you choose to set your overflow behavior to on-demand while creating a VPC-connected fleet, make sure that you add the required VPC permissions to your project service role. For more information, see Example policy statement to allow CodeBuild access to Amazon Web Services services required to create a VPC network interface.
"QUEUE"
"ON_DEMAND"
-
vpcConfig
— (map
)Information about the VPC configuration that CodeBuild accesses.
vpcId
— (String
)The ID of the Amazon VPC.
subnets
— (Array<String>
)A list of one or more subnet IDs in your Amazon VPC.
securityGroupIds
— (Array<String>
)A list of one or more security groups IDs in your Amazon VPC.
imageId
— (String
)The Amazon Machine Image (AMI) of the compute fleet.
fleetServiceRole
— (String
)The service role associated with the compute fleet. For more information, see Allow a user to add a permission policy for a fleet service role in the CodeBuild User Guide.
tags
— (Array<map>
)A list of tag key and value pairs associated with this compute fleet.
These tags are available for use by Amazon Web Services services that support CodeBuild build project tags.
key
— (String
)The tag's key.
value
— (String
)The tag's value.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:fleet
— (map
)Information about the compute fleet
arn
— (String
)The ARN of the compute fleet.
name
— (String
)The name of the compute fleet.
id
— (String
)The ID of the compute fleet.
created
— (Date
)The time at which the compute fleet was created.
lastModified
— (Date
)The time at which the compute fleet was last modified.
status
— (map
)The status of the compute fleet.
statusCode
— (String
)The status code of the compute fleet. Valid values include:
-
CREATING
: The compute fleet is being created. -
UPDATING
: The compute fleet is being updated. -
ROTATING
: The compute fleet is being rotated. -
PENDING_DELETION
: The compute fleet is pending deletion. -
DELETING
: The compute fleet is being deleted. -
CREATE_FAILED
: The compute fleet has failed to create. -
UPDATE_ROLLBACK_FAILED
: The compute fleet has failed to update and could not rollback to previous state. -
ACTIVE
: The compute fleet has succeeded and is active.
"CREATING"
"UPDATING"
"ROTATING"
"PENDING_DELETION"
"DELETING"
"CREATE_FAILED"
"UPDATE_ROLLBACK_FAILED"
"ACTIVE"
-
context
— (String
)Additional information about a compute fleet. Valid values include:
-
CREATE_FAILED
: The compute fleet has failed to create. -
UPDATE_FAILED
: The compute fleet has failed to update.
"CREATE_FAILED"
"UPDATE_FAILED"
"ACTION_REQUIRED"
"PENDING_DELETION"
"INSUFFICIENT_CAPACITY"
-
message
— (String
)A message associated with the status of a compute fleet.
baseCapacity
— (Integer
)The initial number of machines allocated to the compute fleet, which defines the number of builds that can run in parallel.
environmentType
— (String
)The environment type of the compute fleet.
-
The environment type
ARM_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), EU (Frankfurt), and South America (São Paulo). -
The environment type
LINUX_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (São Paulo), and Asia Pacific (Mumbai). -
The environment type
LINUX_GPU_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), and Asia Pacific (Sydney). -
The environment type
MAC_ARM
is available for Medium fleets only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), and EU (Frankfurt) -
The environment type
MAC_ARM
is available for Large fleets only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and Asia Pacific (Sydney). -
The environment type
WINDOWS_SERVER_2019_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), Asia Pacific (Tokyo), Asia Pacific (Mumbai) and EU (Ireland). -
The environment type
WINDOWS_SERVER_2022_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Sydney), Asia Pacific (Singapore), Asia Pacific (Tokyo), South America (São Paulo) and Asia Pacific (Mumbai).
For more information, see Build environment compute types in the CodeBuild user guide.
Possible values include:"WINDOWS_CONTAINER"
"LINUX_CONTAINER"
"LINUX_GPU_CONTAINER"
"ARM_CONTAINER"
"WINDOWS_SERVER_2019_CONTAINER"
"LINUX_LAMBDA_CONTAINER"
"ARM_LAMBDA_CONTAINER"
"MAC_ARM"
-
computeType
— (String
)Information about the compute resources the compute fleet uses. Available values include:
-
BUILD_GENERAL1_SMALL
: Use up to 3 GB memory and 2 vCPUs for builds. -
BUILD_GENERAL1_MEDIUM
: Use up to 7 GB memory and 4 vCPUs for builds. -
BUILD_GENERAL1_LARGE
: Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_XLARGE
: Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_2XLARGE
: Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.
If you use
BUILD_GENERAL1_SMALL
:-
For environment type
LINUX_CONTAINER
, you can use up to 3 GB memory and 2 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 16 GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. -
For environment type
ARM_CONTAINER
, you can use up to 4 GB memory and 2 vCPUs on ARM-based processors for builds.
If you use
BUILD_GENERAL1_LARGE
:-
For environment type
LINUX_CONTAINER
, you can use up to 15 GB memory and 8 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. -
For environment type
ARM_CONTAINER
, you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.
For more information, see Build environment compute types in the CodeBuild User Guide.
Possible values include:"BUILD_GENERAL1_SMALL"
"BUILD_GENERAL1_MEDIUM"
"BUILD_GENERAL1_LARGE"
"BUILD_GENERAL1_XLARGE"
"BUILD_GENERAL1_2XLARGE"
"BUILD_LAMBDA_1GB"
"BUILD_LAMBDA_2GB"
"BUILD_LAMBDA_4GB"
"BUILD_LAMBDA_8GB"
"BUILD_LAMBDA_10GB"
-
scalingConfiguration
— (map
)The scaling configuration of the compute fleet.
scalingType
— (String
)The scaling type for a compute fleet.
Possible values include:"TARGET_TRACKING_SCALING"
targetTrackingScalingConfigs
— (Array<map>
)A list of
TargetTrackingScalingConfiguration
objects.metricType
— (String
)The metric type to determine auto-scaling.
Possible values include:"FLEET_UTILIZATION_RATE"
targetValue
— (Float
)The value of
metricType
when to start scaling.
maxCapacity
— (Integer
)The maximum number of instances in the fleet when auto-scaling.
desiredCapacity
— (Integer
)The desired number of instances in the fleet when auto-scaling.
overflowBehavior
— (String
)The compute fleet overflow behavior.
-
For overflow behavior
QUEUE
, your overflow builds need to wait on the existing fleet instance to become available. -
For overflow behavior
ON_DEMAND
, your overflow builds run on CodeBuild on-demand.Note: If you choose to set your overflow behavior to on-demand while creating a VPC-connected fleet, make sure that you add the required VPC permissions to your project service role. For more information, see Example policy statement to allow CodeBuild access to Amazon Web Services services required to create a VPC network interface.
"QUEUE"
"ON_DEMAND"
-
vpcConfig
— (map
)Information about the VPC configuration that CodeBuild accesses.
vpcId
— (String
)The ID of the Amazon VPC.
subnets
— (Array<String>
)A list of one or more subnet IDs in your Amazon VPC.
securityGroupIds
— (Array<String>
)A list of one or more security groups IDs in your Amazon VPC.
imageId
— (String
)The Amazon Machine Image (AMI) of the compute fleet.
fleetServiceRole
— (String
)The service role associated with the compute fleet. For more information, see Allow a user to add a permission policy for a fleet service role in the CodeBuild User Guide.
tags
— (Array<map>
)A list of tag key and value pairs associated with this compute fleet.
These tags are available for use by Amazon Web Services services that support CodeBuild build project tags.
key
— (String
)The tag's key.
value
— (String
)The tag's value.
-
(AWS.Response)
—
Returns:
createProject(params = {}, callback) ⇒ AWS.Request
Creates a build project.
Service Reference:
Examples:
Calling the createProject operation
var params = {
artifacts: { /* required */
type: CODEPIPELINE | S3 | NO_ARTIFACTS, /* required */
artifactIdentifier: 'STRING_VALUE',
bucketOwnerAccess: NONE | READ_ONLY | FULL,
encryptionDisabled: true || false,
location: 'STRING_VALUE',
name: 'STRING_VALUE',
namespaceType: NONE | BUILD_ID,
overrideArtifactName: true || false,
packaging: NONE | ZIP,
path: 'STRING_VALUE'
},
environment: { /* required */
computeType: BUILD_GENERAL1_SMALL | BUILD_GENERAL1_MEDIUM | BUILD_GENERAL1_LARGE | BUILD_GENERAL1_XLARGE | BUILD_GENERAL1_2XLARGE | BUILD_LAMBDA_1GB | BUILD_LAMBDA_2GB | BUILD_LAMBDA_4GB | BUILD_LAMBDA_8GB | BUILD_LAMBDA_10GB, /* required */
image: 'STRING_VALUE', /* required */
type: WINDOWS_CONTAINER | LINUX_CONTAINER | LINUX_GPU_CONTAINER | ARM_CONTAINER | WINDOWS_SERVER_2019_CONTAINER | LINUX_LAMBDA_CONTAINER | ARM_LAMBDA_CONTAINER | MAC_ARM, /* required */
certificate: 'STRING_VALUE',
environmentVariables: [
{
name: 'STRING_VALUE', /* required */
value: 'STRING_VALUE', /* required */
type: PLAINTEXT | PARAMETER_STORE | SECRETS_MANAGER
},
/* more items */
],
fleet: {
fleetArn: 'STRING_VALUE'
},
imagePullCredentialsType: CODEBUILD | SERVICE_ROLE,
privilegedMode: true || false,
registryCredential: {
credential: 'STRING_VALUE', /* required */
credentialProvider: SECRETS_MANAGER /* required */
}
},
name: 'STRING_VALUE', /* required */
serviceRole: 'STRING_VALUE', /* required */
source: { /* required */
type: CODECOMMIT | CODEPIPELINE | GITHUB | GITLAB | GITLAB_SELF_MANAGED | S3 | BITBUCKET | GITHUB_ENTERPRISE | NO_SOURCE, /* required */
auth: {
type: OAUTH | CODECONNECTIONS | SECRETS_MANAGER, /* required */
resource: 'STRING_VALUE'
},
buildStatusConfig: {
context: 'STRING_VALUE',
targetUrl: 'STRING_VALUE'
},
buildspec: 'STRING_VALUE',
gitCloneDepth: 'NUMBER_VALUE',
gitSubmodulesConfig: {
fetchSubmodules: true || false /* required */
},
insecureSsl: true || false,
location: 'STRING_VALUE',
reportBuildStatus: true || false,
sourceIdentifier: 'STRING_VALUE'
},
badgeEnabled: true || false,
buildBatchConfig: {
batchReportMode: REPORT_INDIVIDUAL_BUILDS | REPORT_AGGREGATED_BATCH,
combineArtifacts: true || false,
restrictions: {
computeTypesAllowed: [
'STRING_VALUE',
/* more items */
],
maximumBuildsAllowed: 'NUMBER_VALUE'
},
serviceRole: 'STRING_VALUE',
timeoutInMins: 'NUMBER_VALUE'
},
cache: {
type: NO_CACHE | S3 | LOCAL, /* required */
location: 'STRING_VALUE',
modes: [
LOCAL_DOCKER_LAYER_CACHE | LOCAL_SOURCE_CACHE | LOCAL_CUSTOM_CACHE,
/* more items */
]
},
concurrentBuildLimit: 'NUMBER_VALUE',
description: 'STRING_VALUE',
encryptionKey: 'STRING_VALUE',
fileSystemLocations: [
{
identifier: 'STRING_VALUE',
location: 'STRING_VALUE',
mountOptions: 'STRING_VALUE',
mountPoint: 'STRING_VALUE',
type: EFS
},
/* more items */
],
logsConfig: {
cloudWatchLogs: {
status: ENABLED | DISABLED, /* required */
groupName: 'STRING_VALUE',
streamName: 'STRING_VALUE'
},
s3Logs: {
status: ENABLED | DISABLED, /* required */
bucketOwnerAccess: NONE | READ_ONLY | FULL,
encryptionDisabled: true || false,
location: 'STRING_VALUE'
}
},
queuedTimeoutInMinutes: 'NUMBER_VALUE',
secondaryArtifacts: [
{
type: CODEPIPELINE | S3 | NO_ARTIFACTS, /* required */
artifactIdentifier: 'STRING_VALUE',
bucketOwnerAccess: NONE | READ_ONLY | FULL,
encryptionDisabled: true || false,
location: 'STRING_VALUE',
name: 'STRING_VALUE',
namespaceType: NONE | BUILD_ID,
overrideArtifactName: true || false,
packaging: NONE | ZIP,
path: 'STRING_VALUE'
},
/* more items */
],
secondarySourceVersions: [
{
sourceIdentifier: 'STRING_VALUE', /* required */
sourceVersion: 'STRING_VALUE' /* required */
},
/* more items */
],
secondarySources: [
{
type: CODECOMMIT | CODEPIPELINE | GITHUB | GITLAB | GITLAB_SELF_MANAGED | S3 | BITBUCKET | GITHUB_ENTERPRISE | NO_SOURCE, /* required */
auth: {
type: OAUTH | CODECONNECTIONS | SECRETS_MANAGER, /* required */
resource: 'STRING_VALUE'
},
buildStatusConfig: {
context: 'STRING_VALUE',
targetUrl: 'STRING_VALUE'
},
buildspec: 'STRING_VALUE',
gitCloneDepth: 'NUMBER_VALUE',
gitSubmodulesConfig: {
fetchSubmodules: true || false /* required */
},
insecureSsl: true || false,
location: 'STRING_VALUE',
reportBuildStatus: true || false,
sourceIdentifier: 'STRING_VALUE'
},
/* more items */
],
sourceVersion: 'STRING_VALUE',
tags: [
{
key: 'STRING_VALUE',
value: 'STRING_VALUE'
},
/* more items */
],
timeoutInMinutes: 'NUMBER_VALUE',
vpcConfig: {
securityGroupIds: [
'STRING_VALUE',
/* more items */
],
subnets: [
'STRING_VALUE',
/* more items */
],
vpcId: 'STRING_VALUE'
}
};
codebuild.createProject(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
name
— (String
)The name of the build project.
description
— (String
)A description that makes the build project easy to identify.
source
— (map
)Information about the build input source code for the build project.
type
— required — (String
)The type of repository that contains the source code to be built. Valid values include:
-
BITBUCKET
: The source code is in a Bitbucket repository. -
CODECOMMIT
: The source code is in an CodeCommit repository. -
CODEPIPELINE
: The source code settings are specified in the source action of a pipeline in CodePipeline. -
GITHUB
: The source code is in a GitHub repository. -
GITHUB_ENTERPRISE
: The source code is in a GitHub Enterprise Server repository. -
GITLAB
: The source code is in a GitLab repository. -
GITLAB_SELF_MANAGED
: The source code is in a self-managed GitLab repository. -
NO_SOURCE
: The project does not have input source code. -
S3
: The source code is in an Amazon S3 bucket.
"CODECOMMIT"
"CODEPIPELINE"
"GITHUB"
"GITLAB"
"GITLAB_SELF_MANAGED"
"S3"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"NO_SOURCE"
-
location
— (String
)Information about the location of the source code to be built. Valid values include:
-
For source code settings that are specified in the source action of a pipeline in CodePipeline,
location
should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. -
For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example,
https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>
). -
For source code in an Amazon S3 input bucket, one of the following.
-
The path to the ZIP file that contains the source code (for example,
<bucket-name>/<path>/<object-name>.zip
). -
The path to the folder that contains the source code (for example,
<bucket-name>/<path-to-source-code>/<folder>/
).
-
-
For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
. -
For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the
auth
object'stype
value toCODECONNECTIONS
in thesource
object. -
For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
.
If you specify
CODEPIPELINE
for theType
property, don't specify this property. For all of the other types, you must specifyLocation
.-
gitCloneDepth
— (Integer
)Information about the Git clone depth for the build project.
gitSubmodulesConfig
— (map
)Information about the Git submodules configuration for the build project.
fetchSubmodules
— required — (Boolean
)Set to true to fetch Git submodules for your CodeBuild build project.
buildspec
— (String
)The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in
CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.auth
— (map
)Information about the authorization settings for CodeBuild to access the source code to be built.
type
— required — (String
)The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The resource value that applies to the specified authorization type.
reportBuildStatus
— (Boolean
)Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an
invalidInputException
is thrown.To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.
buildStatusConfig
— (map
)Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is
GITHUB
,GITHUB_ENTERPRISE
, orBITBUCKET
.context
— (String
)Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
name
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
context
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
targetUrl
— (String
)Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
url
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
target_url
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
insecureSsl
— (Boolean
)Enable this flag to ignore SSL warnings while connecting to the project source code.
sourceIdentifier
— (String
)An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
secondarySources
— (Array<map>
)An array of
ProjectSource
objects.type
— required — (String
)The type of repository that contains the source code to be built. Valid values include:
-
BITBUCKET
: The source code is in a Bitbucket repository. -
CODECOMMIT
: The source code is in an CodeCommit repository. -
CODEPIPELINE
: The source code settings are specified in the source action of a pipeline in CodePipeline. -
GITHUB
: The source code is in a GitHub repository. -
GITHUB_ENTERPRISE
: The source code is in a GitHub Enterprise Server repository. -
GITLAB
: The source code is in a GitLab repository. -
GITLAB_SELF_MANAGED
: The source code is in a self-managed GitLab repository. -
NO_SOURCE
: The project does not have input source code. -
S3
: The source code is in an Amazon S3 bucket.
"CODECOMMIT"
"CODEPIPELINE"
"GITHUB"
"GITLAB"
"GITLAB_SELF_MANAGED"
"S3"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"NO_SOURCE"
-
location
— (String
)Information about the location of the source code to be built. Valid values include:
-
For source code settings that are specified in the source action of a pipeline in CodePipeline,
location
should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. -
For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example,
https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>
). -
For source code in an Amazon S3 input bucket, one of the following.
-
The path to the ZIP file that contains the source code (for example,
<bucket-name>/<path>/<object-name>.zip
). -
The path to the folder that contains the source code (for example,
<bucket-name>/<path-to-source-code>/<folder>/
).
-
-
For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
. -
For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the
auth
object'stype
value toCODECONNECTIONS
in thesource
object. -
For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
.
If you specify
CODEPIPELINE
for theType
property, don't specify this property. For all of the other types, you must specifyLocation
.-
gitCloneDepth
— (Integer
)Information about the Git clone depth for the build project.
gitSubmodulesConfig
— (map
)Information about the Git submodules configuration for the build project.
fetchSubmodules
— required — (Boolean
)Set to true to fetch Git submodules for your CodeBuild build project.
buildspec
— (String
)The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in
CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.auth
— (map
)Information about the authorization settings for CodeBuild to access the source code to be built.
type
— required — (String
)The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The resource value that applies to the specified authorization type.
reportBuildStatus
— (Boolean
)Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an
invalidInputException
is thrown.To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.
buildStatusConfig
— (map
)Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is
GITHUB
,GITHUB_ENTERPRISE
, orBITBUCKET
.context
— (String
)Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
name
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
context
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
targetUrl
— (String
)Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
url
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
target_url
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
insecureSsl
— (Boolean
)Enable this flag to ignore SSL warnings while connecting to the project source code.
sourceIdentifier
— (String
)An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
sourceVersion
— (String
)A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:
-
For CodeCommit: the commit ID, branch, or Git tag to use.
-
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for examplepr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. -
For GitLab: the commit ID, branch, or Git tag to use.
-
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
-
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
If
sourceVersion
is specified at the build level, then that version takes precedence over thissourceVersion
(at the project level).For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
-
secondarySourceVersions
— (Array<map>
)An array of
ProjectSourceVersion
objects. IfsecondarySourceVersions
is specified at the build level, then they take precedence over thesesecondarySourceVersions
(at the project level).sourceIdentifier
— required — (String
)An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
sourceVersion
— required — (String
)The source version for the corresponding source identifier. If specified, must be one of:
-
For CodeCommit: the commit ID, branch, or Git tag to use.
-
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for example,pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. -
For GitLab: the commit ID, branch, or Git tag to use.
-
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
-
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
-
artifacts
— (map
)Information about the build output artifacts for the build project.
type
— required — (String
)The type of build output artifact. Valid values include:
-
CODEPIPELINE
: The build project has build output generated through CodePipeline.Note: TheCODEPIPELINE
type is not supported forsecondaryArtifacts
. -
NO_ARTIFACTS
: The build project does not produce any build output. -
S3
: The build project stores build output in Amazon S3.
"CODEPIPELINE"
"S3"
"NO_ARTIFACTS"
-
location
— (String
)Information about the build output artifact location:
-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the name of the output bucket.
-
path
— (String
)Along with
namespaceType
andname
, the pattern that CodeBuild uses to name and store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the path to the output artifact. Ifpath
is not specified,path
is not used.
For example, if
path
is set toMyArtifacts
,namespaceType
is set toNONE
, andname
is set toMyArtifact.zip
, the output artifact is stored in the output bucket atMyArtifacts/MyArtifact.zip
.-
namespaceType
— (String
)Along with
path
andname
, the pattern that CodeBuild uses to determine the name and location to store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, valid values include:-
BUILD_ID
: Include the build ID in the location of the build output artifact. -
NONE
: Do not include the build ID. This is the default ifnamespaceType
is not specified.
-
For example, if
Possible values include:path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set toMyArtifact.zip
, the output artifact is stored inMyArtifacts/<build-ID>/MyArtifact.zip
."NONE"
"BUILD_ID"
-
name
— (String
)Along with
path
andnamespaceType
, the pattern that CodeBuild uses to name and store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket.
For example:
-
If
path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set toMyArtifact.zip
, then the output artifact is stored inMyArtifacts/<build-ID>/MyArtifact.zip
. -
If
path
is empty,namespaceType
is set toNONE
, andname
is set to "/
", the output artifact is stored in the root of the output bucket. -
If
path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set to "/
", the output artifact is stored inMyArtifacts/<build-ID>
.
-
packaging
— (String
)The type of build output artifact to create:
-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, valid values include:-
NONE
: CodeBuild creates in the output bucket a folder that contains the build output. This is the default ifpackaging
is not specified. -
ZIP
: CodeBuild creates in the output bucket a ZIP file that contains the build output.
-
"NONE"
"ZIP"
-
overrideArtifactName
— (Boolean
)If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.
encryptionDisabled
— (Boolean
)Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown.
artifactIdentifier
— (String
)An identifier for this artifact definition.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
secondaryArtifacts
— (Array<map>
)An array of
ProjectArtifacts
objects.type
— required — (String
)The type of build output artifact. Valid values include:
-
CODEPIPELINE
: The build project has build output generated through CodePipeline.Note: TheCODEPIPELINE
type is not supported forsecondaryArtifacts
. -
NO_ARTIFACTS
: The build project does not produce any build output. -
S3
: The build project stores build output in Amazon S3.
"CODEPIPELINE"
"S3"
"NO_ARTIFACTS"
-
location
— (String
)Information about the build output artifact location:
-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the name of the output bucket.
-
path
— (String
)Along with
namespaceType
andname
, the pattern that CodeBuild uses to name and store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the path to the output artifact. Ifpath
is not specified,path
is not used.
For example, if
path
is set toMyArtifacts
,namespaceType
is set toNONE
, andname
is set toMyArtifact.zip
, the output artifact is stored in the output bucket atMyArtifacts/MyArtifact.zip
.-
namespaceType
— (String
)Along with
path
andname
, the pattern that CodeBuild uses to determine the name and location to store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, valid values include:-
BUILD_ID
: Include the build ID in the location of the build output artifact. -
NONE
: Do not include the build ID. This is the default ifnamespaceType
is not specified.
-
For example, if
Possible values include:path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set toMyArtifact.zip
, the output artifact is stored inMyArtifacts/<build-ID>/MyArtifact.zip
."NONE"
"BUILD_ID"
-
name
— (String
)Along with
path
andnamespaceType
, the pattern that CodeBuild uses to name and store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket.
For example:
-
If
path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set toMyArtifact.zip
, then the output artifact is stored inMyArtifacts/<build-ID>/MyArtifact.zip
. -
If
path
is empty,namespaceType
is set toNONE
, andname
is set to "/
", the output artifact is stored in the root of the output bucket. -
If
path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set to "/
", the output artifact is stored inMyArtifacts/<build-ID>
.
-
packaging
— (String
)The type of build output artifact to create:
-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, valid values include:-
NONE
: CodeBuild creates in the output bucket a folder that contains the build output. This is the default ifpackaging
is not specified. -
ZIP
: CodeBuild creates in the output bucket a ZIP file that contains the build output.
-
"NONE"
"ZIP"
-
overrideArtifactName
— (Boolean
)If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.
encryptionDisabled
— (Boolean
)Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown.
artifactIdentifier
— (String
)An identifier for this artifact definition.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
cache
— (map
)Stores recently used information so that it can be quickly accessed at a later time.
type
— required — (String
)The type of cache used by the build project. Valid values include:
-
NO_CACHE
: The build project does not use any cache. -
S3
: The build project reads and writes from and to S3. -
LOCAL
: The build project stores a cache locally on a build host that is only available to that build host.
"NO_CACHE"
"S3"
"LOCAL"
-
location
— (String
)Information about the cache location:
-
NO_CACHE
orLOCAL
: This value is ignored. -
S3
: This is the S3 bucket name/prefix.
-
modes
— (Array<String>
)An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for
LOCAL
cache types.Possible values are:
- LOCAL_SOURCE_CACHE
-
Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.
- LOCAL_DOCKER_LAYER_CACHE
-
Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.
Note:- You can use a Docker layer cache in the Linux environment only.
- The
privileged
flag must be set so that your project has the required Docker permissions. - You should consider the security implications before you use a Docker layer cache.
- LOCAL_CUSTOM_CACHE
-
Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:
-
Only directories can be specified for caching. You cannot specify individual files.
-
Symlinks are used to reference cached directories.
-
Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.
-
environment
— (map
)Information about the build environment for the build project.
type
— required — (String
)The type of build environment to use for related builds.
-
The environment type
ARM_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and EU (Frankfurt). -
The environment type
LINUX_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia). -
The environment type
LINUX_GPU_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) , China (Beijing), and China (Ningxia).
-
The environment types
ARM_LAMBDA_CONTAINER
andLINUX_LAMBDA_CONTAINER
are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Frankfurt), EU (Ireland), and South America (São Paulo).
-
The environment types
WINDOWS_CONTAINER
andWINDOWS_SERVER_2019_CONTAINER
are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and EU (Ireland).
Note: If you're using compute fleets during project creation,type
will be ignored.For more information, see Build environment compute types in the CodeBuild user guide.
Possible values include:"WINDOWS_CONTAINER"
"LINUX_CONTAINER"
"LINUX_GPU_CONTAINER"
"ARM_CONTAINER"
"WINDOWS_SERVER_2019_CONTAINER"
"LINUX_LAMBDA_CONTAINER"
"ARM_LAMBDA_CONTAINER"
"MAC_ARM"
-
image
— required — (String
)The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:
-
For an image tag:
<registry>/<repository>:<tag>
. For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would beaws/codebuild/standard:4.0
. -
For an image digest:
<registry>/<repository>@<digest>
. For example, to specify an image with the digest "sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use<registry>/<repository>@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf
.
For more information, see Docker images provided by CodeBuild in the CodeBuild user guide.
-
computeType
— required — (String
)Information about the compute resources the build project uses. Available values include:
-
BUILD_GENERAL1_SMALL
: Use up to 3 GB memory and 2 vCPUs for builds. -
BUILD_GENERAL1_MEDIUM
: Use up to 7 GB memory and 4 vCPUs for builds. -
BUILD_GENERAL1_LARGE
: Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_XLARGE
: Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_2XLARGE
: Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. -
BUILD_LAMBDA_1GB
: Use up to 1 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_2GB
: Use up to 2 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_4GB
: Use up to 4 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_8GB
: Use up to 8 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_10GB
: Use up to 10 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
.
If you use
BUILD_GENERAL1_SMALL
:-
For environment type
LINUX_CONTAINER
, you can use up to 3 GB memory and 2 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 16 GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. -
For environment type
ARM_CONTAINER
, you can use up to 4 GB memory and 2 vCPUs on ARM-based processors for builds.
If you use
BUILD_GENERAL1_LARGE
:-
For environment type
LINUX_CONTAINER
, you can use up to 15 GB memory and 8 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. -
For environment type
ARM_CONTAINER
, you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.
Note: If you're using compute fleets during project creation,computeType
will be ignored.For more information, see Build Environment Compute Types in the CodeBuild User Guide.
Possible values include:"BUILD_GENERAL1_SMALL"
"BUILD_GENERAL1_MEDIUM"
"BUILD_GENERAL1_LARGE"
"BUILD_GENERAL1_XLARGE"
"BUILD_GENERAL1_2XLARGE"
"BUILD_LAMBDA_1GB"
"BUILD_LAMBDA_2GB"
"BUILD_LAMBDA_4GB"
"BUILD_LAMBDA_8GB"
"BUILD_LAMBDA_10GB"
-
fleet
— (map
)A ProjectFleet object to use for this build project.
fleetArn
— (String
)Specifies the compute fleet ARN for the build project.
environmentVariables
— (Array<map>
)A set of environment variables to make available to builds for this build project.
name
— required — (String
)The name or key of the environment variable.
value
— required — (String
)The value of the environment variable.
We strongly discourage the use of
PLAINTEXT
environment variables to store sensitive values, especially Amazon Web Services secret key IDs.PLAINTEXT
environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of typePARAMETER_STORE
orSECRETS_MANAGER
.type
— (String
)The type of environment variable. Valid values include:
-
PARAMETER_STORE
: An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as thevalue
of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the CodeBuild User Guide. -
PLAINTEXT
: An environment variable in plain text format. This is the default value. -
SECRETS_MANAGER
: An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as thevalue
of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the CodeBuild User Guide.
"PLAINTEXT"
"PARAMETER_STORE"
"SECRETS_MANAGER"
-
privilegedMode
— (Boolean
)Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is
false
.You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:
If the operating system's base image is Ubuntu Linux:
- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&
- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"
If the operating system's base image is Alpine Linux and the previous command does not work, add the
-t
argument totimeout
:- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&
- timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"
certificate
— (String
)The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the CodeBuild User Guide.
registryCredential
— (map
)The credentials for access to a private registry.
credential
— required — (String
)The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager.
Note: Thecredential
can use the name of the credentials only if they exist in your current Amazon Web Services Region.credentialProvider
— required — (String
)The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager.
Possible values include:"SECRETS_MANAGER"
imagePullCredentialsType
— (String
)The type of credentials CodeBuild uses to pull images in your build. There are two valid values:
-
CODEBUILD
specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal. -
SERVICE_ROLE
specifies that CodeBuild uses your build project's service role.
When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials.
Possible values include:"CODEBUILD"
"SERVICE_ROLE"
-
serviceRole
— (String
)The ARN of the IAM role that enables CodeBuild to interact with dependent Amazon Web Services services on behalf of the Amazon Web Services account.
timeoutInMinutes
— (Integer
)How long, in minutes, from 5 to 2160 (36 hours), for CodeBuild to wait before it times out any build that has not been marked as completed. The default is 60 minutes.
queuedTimeoutInMinutes
— (Integer
)The number of minutes a build is allowed to be queued before it times out.
encryptionKey
— (String
)The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.
Note: You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format
alias/<alias-name>
).tags
— (Array<map>
)A list of tag key and value pairs associated with this build project.
These tags are available for use by Amazon Web Services services that support CodeBuild build project tags.
key
— (String
)The tag's key.
value
— (String
)The tag's value.
vpcConfig
— (map
)VpcConfig enables CodeBuild to access resources in an Amazon VPC.
Note: If you're using compute fleets during project creation, do not provide vpcConfig.vpcId
— (String
)The ID of the Amazon VPC.
subnets
— (Array<String>
)A list of one or more subnet IDs in your Amazon VPC.
securityGroupIds
— (Array<String>
)A list of one or more security groups IDs in your Amazon VPC.
badgeEnabled
— (Boolean
)Set this to true to generate a publicly accessible URL for your project's build badge.
logsConfig
— (map
)Information about logs for the build project. These can be logs in CloudWatch Logs, logs uploaded to a specified S3 bucket, or both.
cloudWatchLogs
— (map
)Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default.
status
— required — (String
)The current status of the logs in CloudWatch Logs for a build project. Valid values are:
-
ENABLED
: CloudWatch Logs are enabled for this build project. -
DISABLED
: CloudWatch Logs are not enabled for this build project.
"ENABLED"
"DISABLED"
-
groupName
— (String
)The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
streamName
— (String
)The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
s3Logs
— (map
)Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default.
status
— required — (String
)The current status of the S3 build logs. Valid values are:
-
ENABLED
: S3 build logs are enabled for this build project. -
DISABLED
: S3 build logs are not enabled for this build project.
"ENABLED"
"DISABLED"
-
location
— (String
)The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is
my-bucket
, and your path prefix isbuild-log
, then acceptable formats aremy-bucket/build-log
orarn:aws:s3:::my-bucket/build-log
.encryptionDisabled
— (Boolean
)Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
fileSystemLocations
— (Array<map>
)An array of
ProjectFileSystemLocation
objects for a CodeBuild build project. AProjectFileSystemLocation
object specifies theidentifier
,location
,mountOptions
,mountPoint
, andtype
of a file system created using Amazon Elastic File System.type
— (String
)The type of the file system. The one supported type is
Possible values include:EFS
."EFS"
location
— (String
)A string that specifies the location of the file system created by Amazon EFS. Its format is
efs-dns-name:/directory-path
. You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system isfs-abcd1234.efs.us-west-2.amazonaws.com
, and its mount directory ismy-efs-mount-directory
, then thelocation
isfs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory
.The directory path in the format
efs-dns-name:/directory-path
is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.mountPoint
— (String
)The location in the container where you mount the file system.
identifier
— (String
)The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the
identifier
in all capital letters toCODEBUILD_
. For example, if you specifymy_efs
foridentifier
, a new environment variable is create namedCODEBUILD_MY_EFS
.The
identifier
is used to mount your file system.mountOptions
— (String
)The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are
nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2
. For more information, see Recommended NFS Mount Options.
buildBatchConfig
— (map
)A ProjectBuildBatchConfig object that defines the batch build options for the project.
serviceRole
— (String
)Specifies the service role ARN for the batch build project.
combineArtifacts
— (Boolean
)Specifies if the build artifacts for the batch build should be combined into a single artifact location.
restrictions
— (map
)A
BatchRestrictions
object that specifies the restrictions for the batch build.maximumBuildsAllowed
— (Integer
)Specifies the maximum number of builds allowed.
computeTypesAllowed
— (Array<String>
)An array of strings that specify the compute types that are allowed for the batch build. See Build environment compute types in the CodeBuild User Guide for these values.
timeoutInMins
— (Integer
)Specifies the maximum amount of time, in minutes, that the batch build must be completed in.
batchReportMode
— (String
)Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider.
- REPORT_AGGREGATED_BATCH
-
(Default) Aggregate all of the build statuses into a single status report.
- REPORT_INDIVIDUAL_BUILDS
-
Send a separate status report for each individual build.
"REPORT_INDIVIDUAL_BUILDS"
"REPORT_AGGREGATED_BATCH"
concurrentBuildLimit
— (Integer
)The maximum number of concurrent builds that are allowed for this project.
New builds are only started if the current number of builds is less than or equal to this limit. If the current build count meets this limit, new builds are throttled and are not run.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:project
— (map
)Information about the build project that was created.
name
— (String
)The name of the build project.
arn
— (String
)The Amazon Resource Name (ARN) of the build project.
description
— (String
)A description that makes the build project easy to identify.
source
— (map
)Information about the build input source code for this build project.
type
— required — (String
)The type of repository that contains the source code to be built. Valid values include:
-
BITBUCKET
: The source code is in a Bitbucket repository. -
CODECOMMIT
: The source code is in an CodeCommit repository. -
CODEPIPELINE
: The source code settings are specified in the source action of a pipeline in CodePipeline. -
GITHUB
: The source code is in a GitHub repository. -
GITHUB_ENTERPRISE
: The source code is in a GitHub Enterprise Server repository. -
GITLAB
: The source code is in a GitLab repository. -
GITLAB_SELF_MANAGED
: The source code is in a self-managed GitLab repository. -
NO_SOURCE
: The project does not have input source code. -
S3
: The source code is in an Amazon S3 bucket.
"CODECOMMIT"
"CODEPIPELINE"
"GITHUB"
"GITLAB"
"GITLAB_SELF_MANAGED"
"S3"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"NO_SOURCE"
-
location
— (String
)Information about the location of the source code to be built. Valid values include:
-
For source code settings that are specified in the source action of a pipeline in CodePipeline,
location
should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. -
For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example,
https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>
). -
For source code in an Amazon S3 input bucket, one of the following.
-
The path to the ZIP file that contains the source code (for example,
<bucket-name>/<path>/<object-name>.zip
). -
The path to the folder that contains the source code (for example,
<bucket-name>/<path-to-source-code>/<folder>/
).
-
-
For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
. -
For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the
auth
object'stype
value toCODECONNECTIONS
in thesource
object. -
For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
.
If you specify
CODEPIPELINE
for theType
property, don't specify this property. For all of the other types, you must specifyLocation
.-
gitCloneDepth
— (Integer
)Information about the Git clone depth for the build project.
gitSubmodulesConfig
— (map
)Information about the Git submodules configuration for the build project.
fetchSubmodules
— required — (Boolean
)Set to true to fetch Git submodules for your CodeBuild build project.
buildspec
— (String
)The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in
CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.auth
— (map
)Information about the authorization settings for CodeBuild to access the source code to be built.
type
— required — (String
)The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The resource value that applies to the specified authorization type.
reportBuildStatus
— (Boolean
)Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an
invalidInputException
is thrown.To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.
buildStatusConfig
— (map
)Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is
GITHUB
,GITHUB_ENTERPRISE
, orBITBUCKET
.context
— (String
)Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
name
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
context
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
targetUrl
— (String
)Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
url
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
target_url
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
insecureSsl
— (Boolean
)Enable this flag to ignore SSL warnings while connecting to the project source code.
sourceIdentifier
— (String
)An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
secondarySources
— (Array<map>
)An array of
ProjectSource
objects.type
— required — (String
)The type of repository that contains the source code to be built. Valid values include:
-
BITBUCKET
: The source code is in a Bitbucket repository. -
CODECOMMIT
: The source code is in an CodeCommit repository. -
CODEPIPELINE
: The source code settings are specified in the source action of a pipeline in CodePipeline. -
GITHUB
: The source code is in a GitHub repository. -
GITHUB_ENTERPRISE
: The source code is in a GitHub Enterprise Server repository. -
GITLAB
: The source code is in a GitLab repository. -
GITLAB_SELF_MANAGED
: The source code is in a self-managed GitLab repository. -
NO_SOURCE
: The project does not have input source code. -
S3
: The source code is in an Amazon S3 bucket.
"CODECOMMIT"
"CODEPIPELINE"
"GITHUB"
"GITLAB"
"GITLAB_SELF_MANAGED"
"S3"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"NO_SOURCE"
-
location
— (String
)Information about the location of the source code to be built. Valid values include:
-
For source code settings that are specified in the source action of a pipeline in CodePipeline,
location
should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. -
For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example,
https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>
). -
For source code in an Amazon S3 input bucket, one of the following.
-
The path to the ZIP file that contains the source code (for example,
<bucket-name>/<path>/<object-name>.zip
). -
The path to the folder that contains the source code (for example,
<bucket-name>/<path-to-source-code>/<folder>/
).
-
-
For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
. -
For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the
auth
object'stype
value toCODECONNECTIONS
in thesource
object. -
For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
.
If you specify
CODEPIPELINE
for theType
property, don't specify this property. For all of the other types, you must specifyLocation
.-
gitCloneDepth
— (Integer
)Information about the Git clone depth for the build project.
gitSubmodulesConfig
— (map
)Information about the Git submodules configuration for the build project.
fetchSubmodules
— required — (Boolean
)Set to true to fetch Git submodules for your CodeBuild build project.
buildspec
— (String
)The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in
CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.auth
— (map
)Information about the authorization settings for CodeBuild to access the source code to be built.
type
— required — (String
)The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The resource value that applies to the specified authorization type.
reportBuildStatus
— (Boolean
)Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an
invalidInputException
is thrown.To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.
buildStatusConfig
— (map
)Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is
GITHUB
,GITHUB_ENTERPRISE
, orBITBUCKET
.context
— (String
)Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
name
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
context
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
targetUrl
— (String
)Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
url
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
target_url
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
insecureSsl
— (Boolean
)Enable this flag to ignore SSL warnings while connecting to the project source code.
sourceIdentifier
— (String
)An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
sourceVersion
— (String
)A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:
-
For CodeCommit: the commit ID, branch, or Git tag to use.
-
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for examplepr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. -
For GitLab: the commit ID, branch, or Git tag to use.
-
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
-
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
If
sourceVersion
is specified at the build level, then that version takes precedence over thissourceVersion
(at the project level).For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
-
secondarySourceVersions
— (Array<map>
)An array of
ProjectSourceVersion
objects. IfsecondarySourceVersions
is specified at the build level, then they take over thesesecondarySourceVersions
(at the project level).sourceIdentifier
— required — (String
)An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
sourceVersion
— required — (String
)The source version for the corresponding source identifier. If specified, must be one of:
-
For CodeCommit: the commit ID, branch, or Git tag to use.
-
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for example,pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. -
For GitLab: the commit ID, branch, or Git tag to use.
-
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
-
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
-
artifacts
— (map
)Information about the build output artifacts for the build project.
type
— required — (String
)The type of build output artifact. Valid values include:
-
CODEPIPELINE
: The build project has build output generated through CodePipeline.Note: TheCODEPIPELINE
type is not supported forsecondaryArtifacts
. -
NO_ARTIFACTS
: The build project does not produce any build output. -
S3
: The build project stores build output in Amazon S3.
"CODEPIPELINE"
"S3"
"NO_ARTIFACTS"
-
location
— (String
)Information about the build output artifact location:
-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the name of the output bucket.
-
path
— (String
)Along with
namespaceType
andname
, the pattern that CodeBuild uses to name and store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the path to the output artifact. Ifpath
is not specified,path
is not used.
For example, if
path
is set toMyArtifacts
,namespaceType
is set toNONE
, andname
is set toMyArtifact.zip
, the output artifact is stored in the output bucket atMyArtifacts/MyArtifact.zip
.-
namespaceType
— (String
)Along with
path
andname
, the pattern that CodeBuild uses to determine the name and location to store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, valid values include:-
BUILD_ID
: Include the build ID in the location of the build output artifact. -
NONE
: Do not include the build ID. This is the default ifnamespaceType
is not specified.
-
For example, if
Possible values include:path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set toMyArtifact.zip
, the output artifact is stored inMyArtifacts/<build-ID>/MyArtifact.zip
."NONE"
"BUILD_ID"
-
name
— (String
)Along with
path
andnamespaceType
, the pattern that CodeBuild uses to name and store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket.
For example:
-
If
path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set toMyArtifact.zip
, then the output artifact is stored inMyArtifacts/<build-ID>/MyArtifact.zip
. -
If
path
is empty,namespaceType
is set toNONE
, andname
is set to "/
", the output artifact is stored in the root of the output bucket. -
If
path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set to "/
", the output artifact is stored inMyArtifacts/<build-ID>
.
-
packaging
— (String
)The type of build output artifact to create:
-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, valid values include:-
NONE
: CodeBuild creates in the output bucket a folder that contains the build output. This is the default ifpackaging
is not specified. -
ZIP
: CodeBuild creates in the output bucket a ZIP file that contains the build output.
-
"NONE"
"ZIP"
-
overrideArtifactName
— (Boolean
)If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.
encryptionDisabled
— (Boolean
)Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown.
artifactIdentifier
— (String
)An identifier for this artifact definition.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
secondaryArtifacts
— (Array<map>
)An array of
ProjectArtifacts
objects.type
— required — (String
)The type of build output artifact. Valid values include:
-
CODEPIPELINE
: The build project has build output generated through CodePipeline.Note: TheCODEPIPELINE
type is not supported forsecondaryArtifacts
. -
NO_ARTIFACTS
: The build project does not produce any build output. -
S3
: The build project stores build output in Amazon S3.
"CODEPIPELINE"
"S3"
"NO_ARTIFACTS"
-
location
— (String
)Information about the build output artifact location:
-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the name of the output bucket.
-
path
— (String
)Along with
namespaceType
andname
, the pattern that CodeBuild uses to name and store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the path to the output artifact. Ifpath
is not specified,path
is not used.
For example, if
path
is set toMyArtifacts
,namespaceType
is set toNONE
, andname
is set toMyArtifact.zip
, the output artifact is stored in the output bucket atMyArtifacts/MyArtifact.zip
.-
namespaceType
— (String
)Along with
path
andname
, the pattern that CodeBuild uses to determine the name and location to store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, valid values include:-
BUILD_ID
: Include the build ID in the location of the build output artifact. -
NONE
: Do not include the build ID. This is the default ifnamespaceType
is not specified.
-
For example, if
Possible values include:path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set toMyArtifact.zip
, the output artifact is stored inMyArtifacts/<build-ID>/MyArtifact.zip
."NONE"
"BUILD_ID"
-
name
— (String
)Along with
path
andnamespaceType
, the pattern that CodeBuild uses to name and store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket.
For example:
-
If
path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set toMyArtifact.zip
, then the output artifact is stored inMyArtifacts/<build-ID>/MyArtifact.zip
. -
If
path
is empty,namespaceType
is set toNONE
, andname
is set to "/
", the output artifact is stored in the root of the output bucket. -
If
path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set to "/
", the output artifact is stored inMyArtifacts/<build-ID>
.
-
packaging
— (String
)The type of build output artifact to create:
-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, valid values include:-
NONE
: CodeBuild creates in the output bucket a folder that contains the build output. This is the default ifpackaging
is not specified. -
ZIP
: CodeBuild creates in the output bucket a ZIP file that contains the build output.
-
"NONE"
"ZIP"
-
overrideArtifactName
— (Boolean
)If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.
encryptionDisabled
— (Boolean
)Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown.
artifactIdentifier
— (String
)An identifier for this artifact definition.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
cache
— (map
)Information about the cache for the build project.
type
— required — (String
)The type of cache used by the build project. Valid values include:
-
NO_CACHE
: The build project does not use any cache. -
S3
: The build project reads and writes from and to S3. -
LOCAL
: The build project stores a cache locally on a build host that is only available to that build host.
"NO_CACHE"
"S3"
"LOCAL"
-
location
— (String
)Information about the cache location:
-
NO_CACHE
orLOCAL
: This value is ignored. -
S3
: This is the S3 bucket name/prefix.
-
modes
— (Array<String>
)An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for
LOCAL
cache types.Possible values are:
- LOCAL_SOURCE_CACHE
-
Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.
- LOCAL_DOCKER_LAYER_CACHE
-
Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.
Note:- You can use a Docker layer cache in the Linux environment only.
- The
privileged
flag must be set so that your project has the required Docker permissions. - You should consider the security implications before you use a Docker layer cache.
- LOCAL_CUSTOM_CACHE
-
Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:
-
Only directories can be specified for caching. You cannot specify individual files.
-
Symlinks are used to reference cached directories.
-
Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.
-
environment
— (map
)Information about the build environment for this build project.
type
— required — (String
)The type of build environment to use for related builds.
-
The environment type
ARM_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and EU (Frankfurt). -
The environment type
LINUX_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia). -
The environment type
LINUX_GPU_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) , China (Beijing), and China (Ningxia).
-
The environment types
ARM_LAMBDA_CONTAINER
andLINUX_LAMBDA_CONTAINER
are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Frankfurt), EU (Ireland), and South America (São Paulo).
-
The environment types
WINDOWS_CONTAINER
andWINDOWS_SERVER_2019_CONTAINER
are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and EU (Ireland).
Note: If you're using compute fleets during project creation,type
will be ignored.For more information, see Build environment compute types in the CodeBuild user guide.
Possible values include:"WINDOWS_CONTAINER"
"LINUX_CONTAINER"
"LINUX_GPU_CONTAINER"
"ARM_CONTAINER"
"WINDOWS_SERVER_2019_CONTAINER"
"LINUX_LAMBDA_CONTAINER"
"ARM_LAMBDA_CONTAINER"
"MAC_ARM"
-
image
— required — (String
)The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:
-
For an image tag:
<registry>/<repository>:<tag>
. For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would beaws/codebuild/standard:4.0
. -
For an image digest:
<registry>/<repository>@<digest>
. For example, to specify an image with the digest "sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use<registry>/<repository>@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf
.
For more information, see Docker images provided by CodeBuild in the CodeBuild user guide.
-
computeType
— required — (String
)Information about the compute resources the build project uses. Available values include:
-
BUILD_GENERAL1_SMALL
: Use up to 3 GB memory and 2 vCPUs for builds. -
BUILD_GENERAL1_MEDIUM
: Use up to 7 GB memory and 4 vCPUs for builds. -
BUILD_GENERAL1_LARGE
: Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_XLARGE
: Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_2XLARGE
: Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. -
BUILD_LAMBDA_1GB
: Use up to 1 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_2GB
: Use up to 2 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_4GB
: Use up to 4 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_8GB
: Use up to 8 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_10GB
: Use up to 10 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
.
If you use
BUILD_GENERAL1_SMALL
:-
For environment type
LINUX_CONTAINER
, you can use up to 3 GB memory and 2 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 16 GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. -
For environment type
ARM_CONTAINER
, you can use up to 4 GB memory and 2 vCPUs on ARM-based processors for builds.
If you use
BUILD_GENERAL1_LARGE
:-
For environment type
LINUX_CONTAINER
, you can use up to 15 GB memory and 8 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. -
For environment type
ARM_CONTAINER
, you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.
Note: If you're using compute fleets during project creation,computeType
will be ignored.For more information, see Build Environment Compute Types in the CodeBuild User Guide.
Possible values include:"BUILD_GENERAL1_SMALL"
"BUILD_GENERAL1_MEDIUM"
"BUILD_GENERAL1_LARGE"
"BUILD_GENERAL1_XLARGE"
"BUILD_GENERAL1_2XLARGE"
"BUILD_LAMBDA_1GB"
"BUILD_LAMBDA_2GB"
"BUILD_LAMBDA_4GB"
"BUILD_LAMBDA_8GB"
"BUILD_LAMBDA_10GB"
-
fleet
— (map
)A ProjectFleet object to use for this build project.
fleetArn
— (String
)Specifies the compute fleet ARN for the build project.
environmentVariables
— (Array<map>
)A set of environment variables to make available to builds for this build project.
name
— required — (String
)The name or key of the environment variable.
value
— required — (String
)The value of the environment variable.
We strongly discourage the use of
PLAINTEXT
environment variables to store sensitive values, especially Amazon Web Services secret key IDs.PLAINTEXT
environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of typePARAMETER_STORE
orSECRETS_MANAGER
.type
— (String
)The type of environment variable. Valid values include:
-
PARAMETER_STORE
: An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as thevalue
of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the CodeBuild User Guide. -
PLAINTEXT
: An environment variable in plain text format. This is the default value. -
SECRETS_MANAGER
: An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as thevalue
of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the CodeBuild User Guide.
"PLAINTEXT"
"PARAMETER_STORE"
"SECRETS_MANAGER"
-
privilegedMode
— (Boolean
)Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is
false
.You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:
If the operating system's base image is Ubuntu Linux:
- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&
- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"
If the operating system's base image is Alpine Linux and the previous command does not work, add the
-t
argument totimeout
:- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&
- timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"
certificate
— (String
)The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the CodeBuild User Guide.
registryCredential
— (map
)The credentials for access to a private registry.
credential
— required — (String
)The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager.
Note: Thecredential
can use the name of the credentials only if they exist in your current Amazon Web Services Region.credentialProvider
— required — (String
)The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager.
Possible values include:"SECRETS_MANAGER"
imagePullCredentialsType
— (String
)The type of credentials CodeBuild uses to pull images in your build. There are two valid values:
-
CODEBUILD
specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal. -
SERVICE_ROLE
specifies that CodeBuild uses your build project's service role.
When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials.
Possible values include:"CODEBUILD"
"SERVICE_ROLE"
-
serviceRole
— (String
)The ARN of the IAM role that enables CodeBuild to interact with dependent Amazon Web Services services on behalf of the Amazon Web Services account.
timeoutInMinutes
— (Integer
)How long, in minutes, from 5 to 2160 (36 hours), for CodeBuild to wait before timing out any related build that did not get marked as completed. The default is 60 minutes.
queuedTimeoutInMinutes
— (Integer
)The number of minutes a build is allowed to be queued before it times out.
encryptionKey
— (String
)The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.
Note: You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format
alias/<alias-name>
). If you don't specify a value, CodeBuild uses the managed CMK for Amazon Simple Storage Service (Amazon S3).tags
— (Array<map>
)A list of tag key and value pairs associated with this build project.
These tags are available for use by Amazon Web Services services that support CodeBuild build project tags.
key
— (String
)The tag's key.
value
— (String
)The tag's value.
created
— (Date
)When the build project was created, expressed in Unix time format.
lastModified
— (Date
)When the build project's settings were last modified, expressed in Unix time format.
webhook
— (map
)Information about a webhook that connects repository events to a build project in CodeBuild.
url
— (String
)The URL to the webhook.
payloadUrl
— (String
)The CodeBuild endpoint where webhook events are sent.
secret
— (String
)The secret token of the associated repository.
Note: A Bitbucket webhook does not supportsecret
.branchFilter
— (String
)A regular expression used to determine which repository branches are built when a webhook is triggered. If the name of a branch matches the regular expression, then it is built. If
branchFilter
is empty, then all branches are built.Note: It is recommended that you usefilterGroups
instead ofbranchFilter
.filterGroups
— (Array<Array<map>>
)An array of arrays of
WebhookFilter
objects used to determine which webhooks are triggered. At least oneWebhookFilter
in the array must specifyEVENT
as itstype
.For a build to be triggered, at least one filter group in the
filterGroups
array must pass. For a filter group to pass, each of its filters must pass.type
— required — (String
)The type of webhook filter. There are nine webhook filter types:
EVENT
,ACTOR_ACCOUNT_ID
,HEAD_REF
,BASE_REF
,FILE_PATH
,COMMIT_MESSAGE
,TAG_NAME
,RELEASE_NAME
, andWORKFLOW_NAME
.-
EVENT
-
A webhook event triggers a build when the provided
pattern
matches one of nine event types:PUSH
,PULL_REQUEST_CREATED
,PULL_REQUEST_UPDATED
,PULL_REQUEST_CLOSED
,PULL_REQUEST_REOPENED
,PULL_REQUEST_MERGED
,RELEASED
,PRERELEASED
, andWORKFLOW_JOB_QUEUED
. TheEVENT
patterns are specified as a comma-separated string. For example,PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED
filters all push, pull request created, and pull request updated events.Note: TypesPULL_REQUEST_REOPENED
andWORKFLOW_JOB_QUEUED
work with GitHub and GitHub Enterprise only. TypesRELEASED
andPRERELEASED
work with GitHub only.
-
-
ACTOR_ACCOUNT_ID
-
A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression
pattern
.
-
-
HEAD_REF
-
A webhook event triggers a build when the head reference matches the regular expression
pattern
. For example,refs/heads/branch-name
andrefs/tags/tag-name
.Note: Works with GitHub and GitHub Enterprise push, GitHub and GitHub Enterprise pull request, Bitbucket push, and Bitbucket pull request events.
-
-
BASE_REF
-
A webhook event triggers a build when the base reference matches the regular expression
pattern
. For example,refs/heads/branch-name
.Note: Works with pull request events only.
-
-
FILE_PATH
-
A webhook triggers a build when the path of a changed file matches the regular expression
pattern
.Note: Works with GitHub and Bitbucket events push and pull requests events. Also works with GitHub Enterprise push events, but does not work with GitHub Enterprise pull request events.
-
-
COMMIT_MESSAGE
-
A webhook triggers a build when the head commit message matches the regular expression
pattern
.Note: Works with GitHub and Bitbucket events push and pull requests events. Also works with GitHub Enterprise push events, but does not work with GitHub Enterprise pull request events.
-
-
TAG_NAME
-
A webhook triggers a build when the tag name of the release matches the regular expression
pattern
.Note: Works withRELEASED
andPRERELEASED
events only.
-
-
RELEASE_NAME
-
A webhook triggers a build when the release name matches the regular expression
pattern
.Note: Works withRELEASED
andPRERELEASED
events only.
-
-
REPOSITORY_NAME
-
A webhook triggers a build when the repository name matches the regular expression pattern.
Note: Works with GitHub global or organization webhooks only.
-
-
WORKFLOW_NAME
-
A webhook triggers a build when the workflow name matches the regular expression
pattern
.Note: Works withWORKFLOW_JOB_QUEUED
events only.
-
"EVENT"
"BASE_REF"
"HEAD_REF"
"ACTOR_ACCOUNT_ID"
"FILE_PATH"
"COMMIT_MESSAGE"
"WORKFLOW_NAME"
"TAG_NAME"
"RELEASE_NAME"
-
pattern
— required — (String
)For a
WebHookFilter
that usesEVENT
type, a comma-separated string that specifies one or more events. For example, the webhook filterPUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED
allows all push, pull request created, and pull request updated events to trigger a build.For a
WebHookFilter
that uses any of the other filter types, a regular expression pattern. For example, aWebHookFilter
that usesHEAD_REF
for itstype
and the pattern^refs/heads/
triggers a build when the head reference is a branch with a reference namerefs/heads/branch-name
.excludeMatchedPattern
— (Boolean
)Used to indicate that the
pattern
determines which webhook events do not trigger a build. If true, then a webhook event that does not match thepattern
triggers a build. If false, then a webhook event that matches thepattern
triggers a build.
buildType
— (String
)Specifies the type of build this webhook will trigger.
Possible values include:"BUILD"
"BUILD_BATCH"
manualCreation
— (Boolean
)If manualCreation is true, CodeBuild doesn't create a webhook in GitHub and instead returns
payloadUrl
andsecret
values for the webhook. ThepayloadUrl
andsecret
values in the output can be used to manually create a webhook within GitHub.Note: manualCreation is only available for GitHub webhooks.lastModifiedSecret
— (Date
)A timestamp that indicates the last time a repository's secret token was modified.
scopeConfiguration
— (map
)The scope configuration for global or organization webhooks.
Note: Global or organization webhooks are only available for GitHub and Github Enterprise webhooks.name
— required — (String
)The name of either the enterprise or organization that will send webhook events to CodeBuild, depending on if the webhook is a global or organization webhook respectively.
domain
— (String
)The domain of the GitHub Enterprise organization. Note that this parameter is only required if your project's source type is GITHUB_ENTERPRISE
scope
— required — (String
)The type of scope for a GitHub webhook.
Possible values include:"GITHUB_ORGANIZATION"
"GITHUB_GLOBAL"
vpcConfig
— (map
)Information about the VPC configuration that CodeBuild accesses.
vpcId
— (String
)The ID of the Amazon VPC.
subnets
— (Array<String>
)A list of one or more subnet IDs in your Amazon VPC.
securityGroupIds
— (Array<String>
)A list of one or more security groups IDs in your Amazon VPC.
badge
— (map
)Information about the build badge for the build project.
badgeEnabled
— (Boolean
)Set this to true to generate a publicly accessible URL for your project's build badge.
badgeRequestUrl
— (String
)The publicly-accessible URL through which you can access the build badge for your project.
logsConfig
— (map
)Information about logs for the build project. A project can create logs in CloudWatch Logs, an S3 bucket, or both.
cloudWatchLogs
— (map
)Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default.
status
— required — (String
)The current status of the logs in CloudWatch Logs for a build project. Valid values are:
-
ENABLED
: CloudWatch Logs are enabled for this build project. -
DISABLED
: CloudWatch Logs are not enabled for this build project.
"ENABLED"
"DISABLED"
-
groupName
— (String
)The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
streamName
— (String
)The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
s3Logs
— (map
)Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default.
status
— required — (String
)The current status of the S3 build logs. Valid values are:
-
ENABLED
: S3 build logs are enabled for this build project. -
DISABLED
: S3 build logs are not enabled for this build project.
"ENABLED"
"DISABLED"
-
location
— (String
)The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is
my-bucket
, and your path prefix isbuild-log
, then acceptable formats aremy-bucket/build-log
orarn:aws:s3:::my-bucket/build-log
.encryptionDisabled
— (Boolean
)Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
fileSystemLocations
— (Array<map>
)An array of
ProjectFileSystemLocation
objects for a CodeBuild build project. AProjectFileSystemLocation
object specifies theidentifier
,location
,mountOptions
,mountPoint
, andtype
of a file system created using Amazon Elastic File System.type
— (String
)The type of the file system. The one supported type is
Possible values include:EFS
."EFS"
location
— (String
)A string that specifies the location of the file system created by Amazon EFS. Its format is
efs-dns-name:/directory-path
. You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system isfs-abcd1234.efs.us-west-2.amazonaws.com
, and its mount directory ismy-efs-mount-directory
, then thelocation
isfs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory
.The directory path in the format
efs-dns-name:/directory-path
is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.mountPoint
— (String
)The location in the container where you mount the file system.
identifier
— (String
)The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the
identifier
in all capital letters toCODEBUILD_
. For example, if you specifymy_efs
foridentifier
, a new environment variable is create namedCODEBUILD_MY_EFS
.The
identifier
is used to mount your file system.mountOptions
— (String
)The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are
nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2
. For more information, see Recommended NFS Mount Options.
buildBatchConfig
— (map
)A ProjectBuildBatchConfig object that defines the batch build options for the project.
serviceRole
— (String
)Specifies the service role ARN for the batch build project.
combineArtifacts
— (Boolean
)Specifies if the build artifacts for the batch build should be combined into a single artifact location.
restrictions
— (map
)A
BatchRestrictions
object that specifies the restrictions for the batch build.maximumBuildsAllowed
— (Integer
)Specifies the maximum number of builds allowed.
computeTypesAllowed
— (Array<String>
)An array of strings that specify the compute types that are allowed for the batch build. See Build environment compute types in the CodeBuild User Guide for these values.
timeoutInMins
— (Integer
)Specifies the maximum amount of time, in minutes, that the batch build must be completed in.
batchReportMode
— (String
)Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider.
- REPORT_AGGREGATED_BATCH
-
(Default) Aggregate all of the build statuses into a single status report.
- REPORT_INDIVIDUAL_BUILDS
-
Send a separate status report for each individual build.
"REPORT_INDIVIDUAL_BUILDS"
"REPORT_AGGREGATED_BATCH"
concurrentBuildLimit
— (Integer
)The maximum number of concurrent builds that are allowed for this project.
New builds are only started if the current number of builds is less than or equal to this limit. If the current build count meets this limit, new builds are throttled and are not run.
projectVisibility
— (String
)Specifies the visibility of the project's builds. Possible values are:
- PUBLIC_READ
-
The project builds are visible to the public.
- PRIVATE
-
The project builds are not visible to the public.
"PUBLIC_READ"
"PRIVATE"
publicProjectAlias
— (String
)Contains the project identifier used with the public build APIs.
resourceAccessRole
— (String
)The ARN of the IAM role that enables CodeBuild to access the CloudWatch Logs and Amazon S3 artifacts for the project's builds.
-
(AWS.Response)
—
Returns:
createReportGroup(params = {}, callback) ⇒ AWS.Request
Creates a report group. A report group contains a collection of reports.
Service Reference:
Examples:
Calling the createReportGroup operation
var params = {
exportConfig: { /* required */
exportConfigType: S3 | NO_EXPORT,
s3Destination: {
bucket: 'STRING_VALUE',
bucketOwner: 'STRING_VALUE',
encryptionDisabled: true || false,
encryptionKey: 'STRING_VALUE',
packaging: ZIP | NONE,
path: 'STRING_VALUE'
}
},
name: 'STRING_VALUE', /* required */
type: TEST | CODE_COVERAGE, /* required */
tags: [
{
key: 'STRING_VALUE',
value: 'STRING_VALUE'
},
/* more items */
]
};
codebuild.createReportGroup(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
name
— (String
)The name of the report group.
type
— (String
)The type of report group.
Possible values include:"TEST"
"CODE_COVERAGE"
exportConfig
— (map
)A
ReportExportConfig
object that contains information about where the report group test results are exported.exportConfigType
— (String
)The export configuration type. Valid values are:
-
S3
: The report results are exported to an S3 bucket. -
NO_EXPORT
: The report results are not exported.
"S3"
"NO_EXPORT"
-
s3Destination
— (map
)A
S3ReportExportConfig
object that contains information about the S3 bucket where the run of a report is exported.bucket
— (String
)The name of the S3 bucket where the raw data of a report are exported.
bucketOwner
— (String
)The Amazon Web Services account identifier of the owner of the Amazon S3 bucket. This allows report data to be exported to an Amazon S3 bucket that is owned by an account other than the account running the build.
path
— (String
)The path to the exported report's raw data results.
packaging
— (String
)The type of build output artifact to create. Valid values include:
-
NONE
: CodeBuild creates the raw data in the output bucket. This is the default if packaging is not specified. -
ZIP
: CodeBuild creates a ZIP file with the raw data in the output bucket.
"ZIP"
"NONE"
-
encryptionKey
— (String
)The encryption key for the report's encrypted raw data.
encryptionDisabled
— (Boolean
)A boolean value that specifies if the results of a report are encrypted.
tags
— (Array<map>
)A list of tag key and value pairs associated with this report group.
These tags are available for use by Amazon Web Services services that support CodeBuild report group tags.
key
— (String
)The tag's key.
value
— (String
)The tag's value.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:reportGroup
— (map
)Information about the report group that was created.
arn
— (String
)The ARN of the
ReportGroup
.name
— (String
)The name of the
ReportGroup
.type
— (String
)The type of the
ReportGroup
. This can be one of the following values:- CODE_COVERAGE
-
The report group contains code coverage reports.
- TEST
-
The report group contains test reports.
"TEST"
"CODE_COVERAGE"
exportConfig
— (map
)Information about the destination where the raw data of this
ReportGroup
is exported.exportConfigType
— (String
)The export configuration type. Valid values are:
-
S3
: The report results are exported to an S3 bucket. -
NO_EXPORT
: The report results are not exported.
"S3"
"NO_EXPORT"
-
s3Destination
— (map
)A
S3ReportExportConfig
object that contains information about the S3 bucket where the run of a report is exported.bucket
— (String
)The name of the S3 bucket where the raw data of a report are exported.
bucketOwner
— (String
)The Amazon Web Services account identifier of the owner of the Amazon S3 bucket. This allows report data to be exported to an Amazon S3 bucket that is owned by an account other than the account running the build.
path
— (String
)The path to the exported report's raw data results.
packaging
— (String
)The type of build output artifact to create. Valid values include:
-
NONE
: CodeBuild creates the raw data in the output bucket. This is the default if packaging is not specified. -
ZIP
: CodeBuild creates a ZIP file with the raw data in the output bucket.
"ZIP"
"NONE"
-
encryptionKey
— (String
)The encryption key for the report's encrypted raw data.
encryptionDisabled
— (Boolean
)A boolean value that specifies if the results of a report are encrypted.
created
— (Date
)The date and time this
ReportGroup
was created.lastModified
— (Date
)The date and time this
ReportGroup
was last modified.tags
— (Array<map>
)A list of tag key and value pairs associated with this report group.
These tags are available for use by Amazon Web Services services that support CodeBuild report group tags.
key
— (String
)The tag's key.
value
— (String
)The tag's value.
status
— (String
)The status of the report group. This property is read-only.
This can be one of the following values:
- ACTIVE
-
The report group is active.
- DELETING
-
The report group is in the process of being deleted.
"ACTIVE"
"DELETING"
-
(AWS.Response)
—
Returns:
createWebhook(params = {}, callback) ⇒ AWS.Request
For an existing CodeBuild build project that has its source code stored in a GitHub or Bitbucket repository, enables CodeBuild to start rebuilding the source code every time a code change is pushed to the repository.
If you enable webhooks for an CodeBuild project, and the project is used as a build step in CodePipeline, then two identical builds are created for each commit. One build is triggered through webhooks, and one through CodePipeline. Because billing is on a per-build basis, you are billed for both builds. Therefore, if you are using CodePipeline, we recommend that you disable webhooks in CodeBuild. In the CodeBuild console, clear the Webhook box. For more information, see step 5 in Change a Build Project's Settings.
Service Reference:
Examples:
Calling the createWebhook operation
var params = {
projectName: 'STRING_VALUE', /* required */
branchFilter: 'STRING_VALUE',
buildType: BUILD | BUILD_BATCH,
filterGroups: [
[
{
pattern: 'STRING_VALUE', /* required */
type: EVENT | BASE_REF | HEAD_REF | ACTOR_ACCOUNT_ID | FILE_PATH | COMMIT_MESSAGE | WORKFLOW_NAME | TAG_NAME | RELEASE_NAME, /* required */
excludeMatchedPattern: true || false
},
/* more items */
],
/* more items */
],
manualCreation: true || false,
scopeConfiguration: {
name: 'STRING_VALUE', /* required */
scope: GITHUB_ORGANIZATION | GITHUB_GLOBAL, /* required */
domain: 'STRING_VALUE'
}
};
codebuild.createWebhook(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
projectName
— (String
)The name of the CodeBuild project.
branchFilter
— (String
)A regular expression used to determine which repository branches are built when a webhook is triggered. If the name of a branch matches the regular expression, then it is built. If
branchFilter
is empty, then all branches are built.Note: It is recommended that you usefilterGroups
instead ofbranchFilter
.filterGroups
— (Array<Array<map>>
)An array of arrays of
WebhookFilter
objects used to determine which webhooks are triggered. At least oneWebhookFilter
in the array must specifyEVENT
as itstype
.For a build to be triggered, at least one filter group in the
filterGroups
array must pass. For a filter group to pass, each of its filters must pass.type
— required — (String
)The type of webhook filter. There are nine webhook filter types:
EVENT
,ACTOR_ACCOUNT_ID
,HEAD_REF
,BASE_REF
,FILE_PATH
,COMMIT_MESSAGE
,TAG_NAME
,RELEASE_NAME
, andWORKFLOW_NAME
.-
EVENT
-
A webhook event triggers a build when the provided
pattern
matches one of nine event types:PUSH
,PULL_REQUEST_CREATED
,PULL_REQUEST_UPDATED
,PULL_REQUEST_CLOSED
,PULL_REQUEST_REOPENED
,PULL_REQUEST_MERGED
,RELEASED
,PRERELEASED
, andWORKFLOW_JOB_QUEUED
. TheEVENT
patterns are specified as a comma-separated string. For example,PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED
filters all push, pull request created, and pull request updated events.Note: TypesPULL_REQUEST_REOPENED
andWORKFLOW_JOB_QUEUED
work with GitHub and GitHub Enterprise only. TypesRELEASED
andPRERELEASED
work with GitHub only.
-
-
ACTOR_ACCOUNT_ID
-
A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression
pattern
.
-
-
HEAD_REF
-
A webhook event triggers a build when the head reference matches the regular expression
pattern
. For example,refs/heads/branch-name
andrefs/tags/tag-name
.Note: Works with GitHub and GitHub Enterprise push, GitHub and GitHub Enterprise pull request, Bitbucket push, and Bitbucket pull request events.
-
-
BASE_REF
-
A webhook event triggers a build when the base reference matches the regular expression
pattern
. For example,refs/heads/branch-name
.Note: Works with pull request events only.
-
-
FILE_PATH
-
A webhook triggers a build when the path of a changed file matches the regular expression
pattern
.Note: Works with GitHub and Bitbucket events push and pull requests events. Also works with GitHub Enterprise push events, but does not work with GitHub Enterprise pull request events.
-
-
COMMIT_MESSAGE
-
A webhook triggers a build when the head commit message matches the regular expression
pattern
.Note: Works with GitHub and Bitbucket events push and pull requests events. Also works with GitHub Enterprise push events, but does not work with GitHub Enterprise pull request events.
-
-
TAG_NAME
-
A webhook triggers a build when the tag name of the release matches the regular expression
pattern
.Note: Works withRELEASED
andPRERELEASED
events only.
-
-
RELEASE_NAME
-
A webhook triggers a build when the release name matches the regular expression
pattern
.Note: Works withRELEASED
andPRERELEASED
events only.
-
-
REPOSITORY_NAME
-
A webhook triggers a build when the repository name matches the regular expression pattern.
Note: Works with GitHub global or organization webhooks only.
-
-
WORKFLOW_NAME
-
A webhook triggers a build when the workflow name matches the regular expression
pattern
.Note: Works withWORKFLOW_JOB_QUEUED
events only.
-
"EVENT"
"BASE_REF"
"HEAD_REF"
"ACTOR_ACCOUNT_ID"
"FILE_PATH"
"COMMIT_MESSAGE"
"WORKFLOW_NAME"
"TAG_NAME"
"RELEASE_NAME"
-
pattern
— required — (String
)For a
WebHookFilter
that usesEVENT
type, a comma-separated string that specifies one or more events. For example, the webhook filterPUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED
allows all push, pull request created, and pull request updated events to trigger a build.For a
WebHookFilter
that uses any of the other filter types, a regular expression pattern. For example, aWebHookFilter
that usesHEAD_REF
for itstype
and the pattern^refs/heads/
triggers a build when the head reference is a branch with a reference namerefs/heads/branch-name
.excludeMatchedPattern
— (Boolean
)Used to indicate that the
pattern
determines which webhook events do not trigger a build. If true, then a webhook event that does not match thepattern
triggers a build. If false, then a webhook event that matches thepattern
triggers a build.
buildType
— (String
)Specifies the type of build this webhook will trigger.
Possible values include:"BUILD"
"BUILD_BATCH"
manualCreation
— (Boolean
)If manualCreation is true, CodeBuild doesn't create a webhook in GitHub and instead returns
payloadUrl
andsecret
values for the webhook. ThepayloadUrl
andsecret
values in the output can be used to manually create a webhook within GitHub.Note:manualCreation
is only available for GitHub webhooks.scopeConfiguration
— (map
)The scope configuration for global or organization webhooks.
Note: Global or organization webhooks are only available for GitHub and Github Enterprise webhooks.name
— required — (String
)The name of either the enterprise or organization that will send webhook events to CodeBuild, depending on if the webhook is a global or organization webhook respectively.
domain
— (String
)The domain of the GitHub Enterprise organization. Note that this parameter is only required if your project's source type is GITHUB_ENTERPRISE
scope
— required — (String
)The type of scope for a GitHub webhook.
Possible values include:"GITHUB_ORGANIZATION"
"GITHUB_GLOBAL"
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:webhook
— (map
)Information about a webhook that connects repository events to a build project in CodeBuild.
url
— (String
)The URL to the webhook.
payloadUrl
— (String
)The CodeBuild endpoint where webhook events are sent.
secret
— (String
)The secret token of the associated repository.
Note: A Bitbucket webhook does not supportsecret
.branchFilter
— (String
)A regular expression used to determine which repository branches are built when a webhook is triggered. If the name of a branch matches the regular expression, then it is built. If
branchFilter
is empty, then all branches are built.Note: It is recommended that you usefilterGroups
instead ofbranchFilter
.filterGroups
— (Array<Array<map>>
)An array of arrays of
WebhookFilter
objects used to determine which webhooks are triggered. At least oneWebhookFilter
in the array must specifyEVENT
as itstype
.For a build to be triggered, at least one filter group in the
filterGroups
array must pass. For a filter group to pass, each of its filters must pass.type
— required — (String
)The type of webhook filter. There are nine webhook filter types:
EVENT
,ACTOR_ACCOUNT_ID
,HEAD_REF
,BASE_REF
,FILE_PATH
,COMMIT_MESSAGE
,TAG_NAME
,RELEASE_NAME
, andWORKFLOW_NAME
.-
EVENT
-
A webhook event triggers a build when the provided
pattern
matches one of nine event types:PUSH
,PULL_REQUEST_CREATED
,PULL_REQUEST_UPDATED
,PULL_REQUEST_CLOSED
,PULL_REQUEST_REOPENED
,PULL_REQUEST_MERGED
,RELEASED
,PRERELEASED
, andWORKFLOW_JOB_QUEUED
. TheEVENT
patterns are specified as a comma-separated string. For example,PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED
filters all push, pull request created, and pull request updated events.Note: TypesPULL_REQUEST_REOPENED
andWORKFLOW_JOB_QUEUED
work with GitHub and GitHub Enterprise only. TypesRELEASED
andPRERELEASED
work with GitHub only.
-
-
ACTOR_ACCOUNT_ID
-
A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression
pattern
.
-
-
HEAD_REF
-
A webhook event triggers a build when the head reference matches the regular expression
pattern
. For example,refs/heads/branch-name
andrefs/tags/tag-name
.Note: Works with GitHub and GitHub Enterprise push, GitHub and GitHub Enterprise pull request, Bitbucket push, and Bitbucket pull request events.
-
-
BASE_REF
-
A webhook event triggers a build when the base reference matches the regular expression
pattern
. For example,refs/heads/branch-name
.Note: Works with pull request events only.
-
-
FILE_PATH
-
A webhook triggers a build when the path of a changed file matches the regular expression
pattern
.Note: Works with GitHub and Bitbucket events push and pull requests events. Also works with GitHub Enterprise push events, but does not work with GitHub Enterprise pull request events.
-
-
COMMIT_MESSAGE
-
A webhook triggers a build when the head commit message matches the regular expression
pattern
.Note: Works with GitHub and Bitbucket events push and pull requests events. Also works with GitHub Enterprise push events, but does not work with GitHub Enterprise pull request events.
-
-
TAG_NAME
-
A webhook triggers a build when the tag name of the release matches the regular expression
pattern
.Note: Works withRELEASED
andPRERELEASED
events only.
-
-
RELEASE_NAME
-
A webhook triggers a build when the release name matches the regular expression
pattern
.Note: Works withRELEASED
andPRERELEASED
events only.
-
-
REPOSITORY_NAME
-
A webhook triggers a build when the repository name matches the regular expression pattern.
Note: Works with GitHub global or organization webhooks only.
-
-
WORKFLOW_NAME
-
A webhook triggers a build when the workflow name matches the regular expression
pattern
.Note: Works withWORKFLOW_JOB_QUEUED
events only.
-
"EVENT"
"BASE_REF"
"HEAD_REF"
"ACTOR_ACCOUNT_ID"
"FILE_PATH"
"COMMIT_MESSAGE"
"WORKFLOW_NAME"
"TAG_NAME"
"RELEASE_NAME"
-
pattern
— required — (String
)For a
WebHookFilter
that usesEVENT
type, a comma-separated string that specifies one or more events. For example, the webhook filterPUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED
allows all push, pull request created, and pull request updated events to trigger a build.For a
WebHookFilter
that uses any of the other filter types, a regular expression pattern. For example, aWebHookFilter
that usesHEAD_REF
for itstype
and the pattern^refs/heads/
triggers a build when the head reference is a branch with a reference namerefs/heads/branch-name
.excludeMatchedPattern
— (Boolean
)Used to indicate that the
pattern
determines which webhook events do not trigger a build. If true, then a webhook event that does not match thepattern
triggers a build. If false, then a webhook event that matches thepattern
triggers a build.
buildType
— (String
)Specifies the type of build this webhook will trigger.
Possible values include:"BUILD"
"BUILD_BATCH"
manualCreation
— (Boolean
)If manualCreation is true, CodeBuild doesn't create a webhook in GitHub and instead returns
payloadUrl
andsecret
values for the webhook. ThepayloadUrl
andsecret
values in the output can be used to manually create a webhook within GitHub.Note: manualCreation is only available for GitHub webhooks.lastModifiedSecret
— (Date
)A timestamp that indicates the last time a repository's secret token was modified.
scopeConfiguration
— (map
)The scope configuration for global or organization webhooks.
Note: Global or organization webhooks are only available for GitHub and Github Enterprise webhooks.name
— required — (String
)The name of either the enterprise or organization that will send webhook events to CodeBuild, depending on if the webhook is a global or organization webhook respectively.
domain
— (String
)The domain of the GitHub Enterprise organization. Note that this parameter is only required if your project's source type is GITHUB_ENTERPRISE
scope
— required — (String
)The type of scope for a GitHub webhook.
Possible values include:"GITHUB_ORGANIZATION"
"GITHUB_GLOBAL"
-
(AWS.Response)
—
Returns:
deleteBuildBatch(params = {}, callback) ⇒ AWS.Request
Deletes a batch build.
Service Reference:
Examples:
Calling the deleteBuildBatch operation
var params = {
id: 'STRING_VALUE' /* required */
};
codebuild.deleteBuildBatch(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
id
— (String
)The identifier of the batch build to delete.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:statusCode
— (String
)The status code.
buildsDeleted
— (Array<String>
)An array of strings that contain the identifiers of the builds that were deleted.
buildsNotDeleted
— (Array<map>
)An array of
BuildNotDeleted
objects that specify the builds that could not be deleted.id
— (String
)The ID of the build that could not be successfully deleted.
statusCode
— (String
)Additional information about the build that could not be successfully deleted.
-
(AWS.Response)
—
Returns:
deleteFleet(params = {}, callback) ⇒ AWS.Request
Deletes a compute fleet. When you delete a compute fleet, its builds are not deleted.
Service Reference:
Examples:
Calling the deleteFleet operation
var params = {
arn: 'STRING_VALUE' /* required */
};
codebuild.deleteFleet(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
arn
— (String
)The ARN of the compute fleet.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs.
-
(AWS.Response)
—
Returns:
deleteProject(params = {}, callback) ⇒ AWS.Request
Deletes a build project. When you delete a project, its builds are not deleted.
Service Reference:
Examples:
Calling the deleteProject operation
var params = {
name: 'STRING_VALUE' /* required */
};
codebuild.deleteProject(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
name
— (String
)The name of the build project.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs.
-
(AWS.Response)
—
Returns:
deleteReport(params = {}, callback) ⇒ AWS.Request
Deletes a report.
Service Reference:
Examples:
Calling the deleteReport operation
var params = {
arn: 'STRING_VALUE' /* required */
};
codebuild.deleteReport(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
arn
— (String
)The ARN of the report to delete.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs.
-
(AWS.Response)
—
Returns:
deleteReportGroup(params = {}, callback) ⇒ AWS.Request
Deletes a report group. Before you delete a report group, you must delete its reports.
Service Reference:
Examples:
Calling the deleteReportGroup operation
var params = {
arn: 'STRING_VALUE', /* required */
deleteReports: true || false
};
codebuild.deleteReportGroup(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
arn
— (String
)The ARN of the report group to delete.
deleteReports
— (Boolean
)If
true
, deletes any reports that belong to a report group before deleting the report group.If
false
, you must delete any reports in the report group. Use ListReportsForReportGroup to get the reports in a report group. Use DeleteReport to delete the reports. If you callDeleteReportGroup
for a report group that contains one or more reports, an exception is thrown.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs.
-
(AWS.Response)
—
Returns:
deleteResourcePolicy(params = {}, callback) ⇒ AWS.Request
Deletes a resource policy that is identified by its resource ARN.
Service Reference:
Examples:
Calling the deleteResourcePolicy operation
var params = {
resourceArn: 'STRING_VALUE' /* required */
};
codebuild.deleteResourcePolicy(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
resourceArn
— (String
)The ARN of the resource that is associated with the resource policy.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs.
-
(AWS.Response)
—
Returns:
deleteSourceCredentials(params = {}, callback) ⇒ AWS.Request
Deletes a set of GitHub, GitHub Enterprise, or Bitbucket source credentials.
Service Reference:
Examples:
Calling the deleteSourceCredentials operation
var params = {
arn: 'STRING_VALUE' /* required */
};
codebuild.deleteSourceCredentials(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
arn
— (String
)The Amazon Resource Name (ARN) of the token.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:arn
— (String
)The Amazon Resource Name (ARN) of the token.
-
(AWS.Response)
—
Returns:
deleteWebhook(params = {}, callback) ⇒ AWS.Request
For an existing CodeBuild build project that has its source code stored in a GitHub or Bitbucket repository, stops CodeBuild from rebuilding the source code every time a code change is pushed to the repository.
Service Reference:
Examples:
Calling the deleteWebhook operation
var params = {
projectName: 'STRING_VALUE' /* required */
};
codebuild.deleteWebhook(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
projectName
— (String
)The name of the CodeBuild project.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs.
-
(AWS.Response)
—
Returns:
describeCodeCoverages(params = {}, callback) ⇒ AWS.Request
Retrieves one or more code coverage reports.
Service Reference:
Examples:
Calling the describeCodeCoverages operation
var params = {
reportArn: 'STRING_VALUE', /* required */
maxLineCoveragePercentage: 'NUMBER_VALUE',
maxResults: 'NUMBER_VALUE',
minLineCoveragePercentage: 'NUMBER_VALUE',
nextToken: 'STRING_VALUE',
sortBy: LINE_COVERAGE_PERCENTAGE | FILE_PATH,
sortOrder: ASCENDING | DESCENDING
};
codebuild.describeCodeCoverages(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
reportArn
— (String
)The ARN of the report for which test cases are returned.
nextToken
— (String
)The
nextToken
value returned from a previous call toDescribeCodeCoverages
. This specifies the next item to return. To return the beginning of the list, exclude this parameter.maxResults
— (Integer
)The maximum number of results to return.
sortOrder
— (String
)Specifies if the results are sorted in ascending or descending order.
Possible values include:"ASCENDING"
"DESCENDING"
sortBy
— (String
)Specifies how the results are sorted. Possible values are:
- FILE_PATH
-
The results are sorted by file path.
- LINE_COVERAGE_PERCENTAGE
-
The results are sorted by the percentage of lines that are covered.
"LINE_COVERAGE_PERCENTAGE"
"FILE_PATH"
minLineCoveragePercentage
— (Float
)The minimum line coverage percentage to report.
maxLineCoveragePercentage
— (Float
)The maximum line coverage percentage to report.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:nextToken
— (String
)If there are more items to return, this contains a token that is passed to a subsequent call to
DescribeCodeCoverages
to retrieve the next set of items.codeCoverages
— (Array<map>
)An array of
CodeCoverage
objects that contain the results.id
— (String
)The identifier of the code coverage report.
reportARN
— (String
)The ARN of the report.
filePath
— (String
)The path of the test report file.
lineCoveragePercentage
— (Float
)The percentage of lines that are covered by your tests.
linesCovered
— (Integer
)The number of lines that are covered by your tests.
linesMissed
— (Integer
)The number of lines that are not covered by your tests.
branchCoveragePercentage
— (Float
)The percentage of branches that are covered by your tests.
branchesCovered
— (Integer
)The number of conditional branches that are covered by your tests.
branchesMissed
— (Integer
)The number of conditional branches that are not covered by your tests.
expired
— (Date
)The date and time that the tests were run.
-
(AWS.Response)
—
Returns:
describeTestCases(params = {}, callback) ⇒ AWS.Request
Returns a list of details about test cases for a report.
Service Reference:
Examples:
Calling the describeTestCases operation
var params = {
reportArn: 'STRING_VALUE', /* required */
filter: {
keyword: 'STRING_VALUE',
status: 'STRING_VALUE'
},
maxResults: 'NUMBER_VALUE',
nextToken: 'STRING_VALUE'
};
codebuild.describeTestCases(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
reportArn
— (String
)The ARN of the report for which test cases are returned.
nextToken
— (String
)During a previous call, the maximum number of items that can be returned is the value specified in
maxResults
. If there more items in the list, then a unique string called a nextToken is returned. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned.maxResults
— (Integer
)The maximum number of paginated test cases returned per response. Use
nextToken
to iterate pages in the list of returnedTestCase
objects. The default value is 100.filter
— (map
)A
TestCaseFilter
object used to filter the returned reports.status
— (String
)The status used to filter test cases. A
TestCaseFilter
can have one status. Valid values are:-
SUCCEEDED
-
FAILED
-
ERROR
-
SKIPPED
-
UNKNOWN
-
keyword
— (String
)A keyword that is used to filter on the
name
or theprefix
of the test cases. Only test cases where the keyword is a substring of thename
or theprefix
will be returned.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:nextToken
— (String
)During a previous call, the maximum number of items that can be returned is the value specified in
maxResults
. If there more items in the list, then a unique string called a nextToken is returned. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned.testCases
— (Array<map>
)The returned list of test cases.
reportArn
— (String
)The ARN of the report to which the test case belongs.
testRawDataPath
— (String
)The path to the raw data file that contains the test result.
prefix
— (String
)A string that is applied to a series of related test cases. CodeBuild generates the prefix. The prefix depends on the framework used to generate the tests.
name
— (String
)The name of the test case.
status
— (String
)The status returned by the test case after it was run. Valid statuses are
SUCCEEDED
,FAILED
,ERROR
,SKIPPED
, andUNKNOWN
.durationInNanoSeconds
— (Integer
)The number of nanoseconds it took to run this test case.
message
— (String
)A message associated with a test case. For example, an error message or stack trace.
expired
— (Date
)The date and time a test case expires. A test case expires 30 days after it is created. An expired test case is not available to view in CodeBuild.
-
(AWS.Response)
—
Returns:
getReportGroupTrend(params = {}, callback) ⇒ AWS.Request
Analyzes and accumulates test report values for the specified test reports.
Service Reference:
Examples:
Calling the getReportGroupTrend operation
var params = {
reportGroupArn: 'STRING_VALUE', /* required */
trendField: PASS_RATE | DURATION | TOTAL | LINE_COVERAGE | LINES_COVERED | LINES_MISSED | BRANCH_COVERAGE | BRANCHES_COVERED | BRANCHES_MISSED, /* required */
numOfReports: 'NUMBER_VALUE'
};
codebuild.getReportGroupTrend(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
reportGroupArn
— (String
)The ARN of the report group that contains the reports to analyze.
numOfReports
— (Integer
)The number of reports to analyze. This operation always retrieves the most recent reports.
If this parameter is omitted, the most recent 100 reports are analyzed.
trendField
— (String
)The test report value to accumulate. This must be one of the following values:
- Test reports:
-
- DURATION
-
Accumulate the test run times for the specified reports.
- PASS_RATE
-
Accumulate the percentage of tests that passed for the specified test reports.
- TOTAL
-
Accumulate the total number of tests for the specified test reports.
- Code coverage reports:
-
- BRANCH_COVERAGE
-
Accumulate the branch coverage percentages for the specified test reports.
- BRANCHES_COVERED
-
Accumulate the branches covered values for the specified test reports.
- BRANCHES_MISSED
-
Accumulate the branches missed values for the specified test reports.
- LINE_COVERAGE
-
Accumulate the line coverage percentages for the specified test reports.
- LINES_COVERED
-
Accumulate the lines covered values for the specified test reports.
- LINES_MISSED
-
Accumulate the lines not covered values for the specified test reports.
"PASS_RATE"
"DURATION"
"TOTAL"
"LINE_COVERAGE"
"LINES_COVERED"
"LINES_MISSED"
"BRANCH_COVERAGE"
"BRANCHES_COVERED"
"BRANCHES_MISSED"
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:stats
— (map
)Contains the accumulated trend data.
average
— (String
)Contains the average of all values analyzed.
max
— (String
)Contains the maximum value analyzed.
min
— (String
)Contains the minimum value analyzed.
rawData
— (Array<map>
)An array that contains the raw data for each report.
reportArn
— (String
)The ARN of the report.
data
— (String
)The value of the requested data field from the report.
-
(AWS.Response)
—
Returns:
getResourcePolicy(params = {}, callback) ⇒ AWS.Request
Gets a resource policy that is identified by its resource ARN.
Service Reference:
Examples:
Calling the getResourcePolicy operation
var params = {
resourceArn: 'STRING_VALUE' /* required */
};
codebuild.getResourcePolicy(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
resourceArn
— (String
)The ARN of the resource that is associated with the resource policy.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:policy
— (String
)The resource policy for the resource identified by the input ARN parameter.
-
(AWS.Response)
—
Returns:
importSourceCredentials(params = {}, callback) ⇒ AWS.Request
Imports the source repository credentials for an CodeBuild project that has its source code stored in a GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket repository.
Service Reference:
Examples:
Calling the importSourceCredentials operation
var params = {
authType: OAUTH | BASIC_AUTH | PERSONAL_ACCESS_TOKEN | CODECONNECTIONS | SECRETS_MANAGER, /* required */
serverType: GITHUB | BITBUCKET | GITHUB_ENTERPRISE | GITLAB | GITLAB_SELF_MANAGED, /* required */
token: 'STRING_VALUE', /* required */
shouldOverwrite: true || false,
username: 'STRING_VALUE'
};
codebuild.importSourceCredentials(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
username
— (String
)The Bitbucket username when the
authType
is BASIC_AUTH. This parameter is not valid for other types of source providers or connections.token
— (String
)For GitHub or GitHub Enterprise, this is the personal access token. For Bitbucket, this is either the access token or the app password. For the
authType
CODECONNECTIONS, this is theconnectionArn
. For theauthType
SECRETS_MANAGER, this is thesecretArn
.serverType
— (String
)The source provider used for this project.
Possible values include:"GITHUB"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"GITLAB"
"GITLAB_SELF_MANAGED"
authType
— (String
)The type of authentication used to connect to a GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket repository. An OAUTH connection is not supported by the API and must be created using the CodeBuild console.
Possible values include:"OAUTH"
"BASIC_AUTH"
"PERSONAL_ACCESS_TOKEN"
"CODECONNECTIONS"
"SECRETS_MANAGER"
shouldOverwrite
— (Boolean
)Set to
false
to prevent overwriting the repository source credentials. Set totrue
to overwrite the repository source credentials. The default value istrue
.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:arn
— (String
)The Amazon Resource Name (ARN) of the token.
-
(AWS.Response)
—
Returns:
invalidateProjectCache(params = {}, callback) ⇒ AWS.Request
Resets the cache for a project.
Service Reference:
Examples:
Calling the invalidateProjectCache operation
var params = {
projectName: 'STRING_VALUE' /* required */
};
codebuild.invalidateProjectCache(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
projectName
— (String
)The name of the CodeBuild build project that the cache is reset for.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs.
-
(AWS.Response)
—
Returns:
listBuildBatches(params = {}, callback) ⇒ AWS.Request
Retrieves the identifiers of your build batches in the current region.
Service Reference:
Examples:
Calling the listBuildBatches operation
var params = {
filter: {
status: SUCCEEDED | FAILED | FAULT | TIMED_OUT | IN_PROGRESS | STOPPED
},
maxResults: 'NUMBER_VALUE',
nextToken: 'STRING_VALUE',
sortOrder: ASCENDING | DESCENDING
};
codebuild.listBuildBatches(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
filter
— (map
)A
BuildBatchFilter
object that specifies the filters for the search.status
— (String
)The status of the batch builds to retrieve. Only batch builds that have this status will be retrieved.
Possible values include:"SUCCEEDED"
"FAILED"
"FAULT"
"TIMED_OUT"
"IN_PROGRESS"
"STOPPED"
maxResults
— (Integer
)The maximum number of results to return.
sortOrder
— (String
)Specifies the sort order of the returned items. Valid values include:
-
ASCENDING
: List the batch build identifiers in ascending order by identifier. -
DESCENDING
: List the batch build identifiers in descending order by identifier.
"ASCENDING"
"DESCENDING"
-
nextToken
— (String
)The
nextToken
value returned from a previous call toListBuildBatches
. This specifies the next item to return. To return the beginning of the list, exclude this parameter.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:ids
— (Array<String>
)An array of strings that contains the batch build identifiers.
nextToken
— (String
)If there are more items to return, this contains a token that is passed to a subsequent call to
ListBuildBatches
to retrieve the next set of items.
-
(AWS.Response)
—
Returns:
listBuildBatchesForProject(params = {}, callback) ⇒ AWS.Request
Retrieves the identifiers of the build batches for a specific project.
Service Reference:
Examples:
Calling the listBuildBatchesForProject operation
var params = {
filter: {
status: SUCCEEDED | FAILED | FAULT | TIMED_OUT | IN_PROGRESS | STOPPED
},
maxResults: 'NUMBER_VALUE',
nextToken: 'STRING_VALUE',
projectName: 'STRING_VALUE',
sortOrder: ASCENDING | DESCENDING
};
codebuild.listBuildBatchesForProject(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
projectName
— (String
)The name of the project.
filter
— (map
)A
BuildBatchFilter
object that specifies the filters for the search.status
— (String
)The status of the batch builds to retrieve. Only batch builds that have this status will be retrieved.
Possible values include:"SUCCEEDED"
"FAILED"
"FAULT"
"TIMED_OUT"
"IN_PROGRESS"
"STOPPED"
maxResults
— (Integer
)The maximum number of results to return.
sortOrder
— (String
)Specifies the sort order of the returned items. Valid values include:
-
ASCENDING
: List the batch build identifiers in ascending order by identifier. -
DESCENDING
: List the batch build identifiers in descending order by identifier.
"ASCENDING"
"DESCENDING"
-
nextToken
— (String
)The
nextToken
value returned from a previous call toListBuildBatchesForProject
. This specifies the next item to return. To return the beginning of the list, exclude this parameter.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:ids
— (Array<String>
)An array of strings that contains the batch build identifiers.
nextToken
— (String
)If there are more items to return, this contains a token that is passed to a subsequent call to
ListBuildBatchesForProject
to retrieve the next set of items.
-
(AWS.Response)
—
Returns:
listBuilds(params = {}, callback) ⇒ AWS.Request
Gets a list of build IDs, with each build ID representing a single build.
Service Reference:
Examples:
Calling the listBuilds operation
var params = {
nextToken: 'STRING_VALUE',
sortOrder: ASCENDING | DESCENDING
};
codebuild.listBuilds(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
sortOrder
— (String
)The order to list build IDs. Valid values include:
-
ASCENDING
: List the build IDs in ascending order by build ID. -
DESCENDING
: List the build IDs in descending order by build ID.
"ASCENDING"
"DESCENDING"
-
nextToken
— (String
)During a previous call, if there are more than 100 items in the list, only the first 100 items are returned, along with a unique string called a nextToken. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:ids
— (Array<String>
)A list of build IDs, with each build ID representing a single build.
nextToken
— (String
)If there are more than 100 items in the list, only the first 100 items are returned, along with a unique string called a nextToken. To get the next batch of items in the list, call this operation again, adding the next token to the call.
-
(AWS.Response)
—
Returns:
listBuildsForProject(params = {}, callback) ⇒ AWS.Request
Gets a list of build identifiers for the specified build project, with each build identifier representing a single build.
Service Reference:
Examples:
Calling the listBuildsForProject operation
var params = {
projectName: 'STRING_VALUE', /* required */
nextToken: 'STRING_VALUE',
sortOrder: ASCENDING | DESCENDING
};
codebuild.listBuildsForProject(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
projectName
— (String
)The name of the CodeBuild project.
sortOrder
— (String
)The order to sort the results in. The results are sorted by build number, not the build identifier. If this is not specified, the results are sorted in descending order.
Valid values include:
-
ASCENDING
: List the build identifiers in ascending order, by build number. -
DESCENDING
: List the build identifiers in descending order, by build number.
If the project has more than 100 builds, setting the sort order will result in an error.
Possible values include:"ASCENDING"
"DESCENDING"
-
nextToken
— (String
)During a previous call, if there are more than 100 items in the list, only the first 100 items are returned, along with a unique string called a nextToken. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:ids
— (Array<String>
)A list of build identifiers for the specified build project, with each build ID representing a single build.
nextToken
— (String
)If there are more than 100 items in the list, only the first 100 items are returned, along with a unique string called a nextToken. To get the next batch of items in the list, call this operation again, adding the next token to the call.
-
(AWS.Response)
—
Returns:
listCuratedEnvironmentImages(params = {}, callback) ⇒ AWS.Request
Gets information about Docker images that are managed by CodeBuild.
Service Reference:
Examples:
Calling the listCuratedEnvironmentImages operation
var params = {
};
codebuild.listCuratedEnvironmentImages(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
- params (Object) (defaults to: {})
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:platforms
— (Array<map>
)Information about supported platforms for Docker images that are managed by CodeBuild.
platform
— (String
)The platform's name.
Possible values include:"DEBIAN"
"AMAZON_LINUX"
"UBUNTU"
"WINDOWS_SERVER"
languages
— (Array<map>
)The list of programming languages that are available for the specified platform.
language
— (String
)The programming language for the Docker images.
Possible values include:"JAVA"
"PYTHON"
"NODE_JS"
"RUBY"
"GOLANG"
"DOCKER"
"ANDROID"
"DOTNET"
"BASE"
"PHP"
images
— (Array<map>
)The list of Docker images that are related by the specified programming language.
name
— (String
)The name of the Docker image.
description
— (String
)The description of the Docker image.
versions
— (Array<String>
)A list of environment image versions.
-
(AWS.Response)
—
Returns:
listFleets(params = {}, callback) ⇒ AWS.Request
Gets a list of compute fleet names with each compute fleet name representing a single compute fleet.
Service Reference:
Examples:
Calling the listFleets operation
var params = {
maxResults: 'NUMBER_VALUE',
nextToken: 'STRING_VALUE',
sortBy: NAME | CREATED_TIME | LAST_MODIFIED_TIME,
sortOrder: ASCENDING | DESCENDING
};
codebuild.listFleets(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
nextToken
— (String
)During a previous call, if there are more than 100 items in the list, only the first 100 items are returned, along with a unique string called a nextToken. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned.
maxResults
— (Integer
)The maximum number of paginated compute fleets returned per response. Use
nextToken
to iterate pages in the list of returned compute fleets.sortOrder
— (String
)The order in which to list compute fleets. Valid values include:
-
ASCENDING
: List in ascending order. -
DESCENDING
: List in descending order.
Use
Possible values include:sortBy
to specify the criterion to be used to list compute fleet names."ASCENDING"
"DESCENDING"
-
sortBy
— (String
)The criterion to be used to list compute fleet names. Valid values include:
-
CREATED_TIME
: List based on when each compute fleet was created. -
LAST_MODIFIED_TIME
: List based on when information about each compute fleet was last changed. -
NAME
: List based on each compute fleet's name.
Use
Possible values include:sortOrder
to specify in what order to list the compute fleet names based on the preceding criteria."NAME"
"CREATED_TIME"
"LAST_MODIFIED_TIME"
-
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:nextToken
— (String
)If there are more than 100 items in the list, only the first 100 items are returned, along with a unique string called a nextToken. To get the next batch of items in the list, call this operation again, adding the next token to the call.
fleets
— (Array<String>
)The list of compute fleet names.
-
(AWS.Response)
—
Returns:
listProjects(params = {}, callback) ⇒ AWS.Request
Gets a list of build project names, with each build project name representing a single build project.
Service Reference:
Examples:
Calling the listProjects operation
var params = {
nextToken: 'STRING_VALUE',
sortBy: NAME | CREATED_TIME | LAST_MODIFIED_TIME,
sortOrder: ASCENDING | DESCENDING
};
codebuild.listProjects(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
sortBy
— (String
)The criterion to be used to list build project names. Valid values include:
-
CREATED_TIME
: List based on when each build project was created. -
LAST_MODIFIED_TIME
: List based on when information about each build project was last changed. -
NAME
: List based on each build project's name.
Use
Possible values include:sortOrder
to specify in what order to list the build project names based on the preceding criteria."NAME"
"CREATED_TIME"
"LAST_MODIFIED_TIME"
-
sortOrder
— (String
)The order in which to list build projects. Valid values include:
-
ASCENDING
: List in ascending order. -
DESCENDING
: List in descending order.
Use
Possible values include:sortBy
to specify the criterion to be used to list build project names."ASCENDING"
"DESCENDING"
-
nextToken
— (String
)During a previous call, if there are more than 100 items in the list, only the first 100 items are returned, along with a unique string called a nextToken. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:nextToken
— (String
)If there are more than 100 items in the list, only the first 100 items are returned, along with a unique string called a nextToken. To get the next batch of items in the list, call this operation again, adding the next token to the call.
projects
— (Array<String>
)The list of build project names, with each build project name representing a single build project.
-
(AWS.Response)
—
Returns:
listReportGroups(params = {}, callback) ⇒ AWS.Request
Gets a list ARNs for the report groups in the current Amazon Web Services account.
Service Reference:
Examples:
Calling the listReportGroups operation
var params = {
maxResults: 'NUMBER_VALUE',
nextToken: 'STRING_VALUE',
sortBy: NAME | CREATED_TIME | LAST_MODIFIED_TIME,
sortOrder: ASCENDING | DESCENDING
};
codebuild.listReportGroups(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
sortOrder
— (String
)Used to specify the order to sort the list of returned report groups. Valid values are
Possible values include:ASCENDING
andDESCENDING
."ASCENDING"
"DESCENDING"
sortBy
— (String
)The criterion to be used to list build report groups. Valid values include:
-
CREATED_TIME
: List based on when each report group was created. -
LAST_MODIFIED_TIME
: List based on when each report group was last changed. -
NAME
: List based on each report group's name.
"NAME"
"CREATED_TIME"
"LAST_MODIFIED_TIME"
-
nextToken
— (String
)During a previous call, the maximum number of items that can be returned is the value specified in
maxResults
. If there more items in the list, then a unique string called a nextToken is returned. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned.maxResults
— (Integer
)The maximum number of paginated report groups returned per response. Use
nextToken
to iterate pages in the list of returnedReportGroup
objects. The default value is 100.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:nextToken
— (String
)During a previous call, the maximum number of items that can be returned is the value specified in
maxResults
. If there more items in the list, then a unique string called a nextToken is returned. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned.reportGroups
— (Array<String>
)The list of ARNs for the report groups in the current Amazon Web Services account.
-
(AWS.Response)
—
Returns:
listReports(params = {}, callback) ⇒ AWS.Request
Returns a list of ARNs for the reports in the current Amazon Web Services account.
Service Reference:
Examples:
Calling the listReports operation
var params = {
filter: {
status: GENERATING | SUCCEEDED | FAILED | INCOMPLETE | DELETING
},
maxResults: 'NUMBER_VALUE',
nextToken: 'STRING_VALUE',
sortOrder: ASCENDING | DESCENDING
};
codebuild.listReports(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
sortOrder
— (String
)Specifies the sort order for the list of returned reports. Valid values are:
-
ASCENDING
: return reports in chronological order based on their creation date. -
DESCENDING
: return reports in the reverse chronological order based on their creation date.
"ASCENDING"
"DESCENDING"
-
nextToken
— (String
)During a previous call, the maximum number of items that can be returned is the value specified in
maxResults
. If there more items in the list, then a unique string called a nextToken is returned. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned.maxResults
— (Integer
)The maximum number of paginated reports returned per response. Use
nextToken
to iterate pages in the list of returnedReport
objects. The default value is 100.filter
— (map
)A
ReportFilter
object used to filter the returned reports.status
— (String
)The status used to filter reports. You can filter using one status only.
Possible values include:"GENERATING"
"SUCCEEDED"
"FAILED"
"INCOMPLETE"
"DELETING"
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:nextToken
— (String
)During a previous call, the maximum number of items that can be returned is the value specified in
maxResults
. If there more items in the list, then a unique string called a nextToken is returned. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned.reports
— (Array<String>
)The list of returned ARNs for the reports in the current Amazon Web Services account.
-
(AWS.Response)
—
Returns:
listReportsForReportGroup(params = {}, callback) ⇒ AWS.Request
Returns a list of ARNs for the reports that belong to a ReportGroup
.
Service Reference:
Examples:
Calling the listReportsForReportGroup operation
var params = {
reportGroupArn: 'STRING_VALUE', /* required */
filter: {
status: GENERATING | SUCCEEDED | FAILED | INCOMPLETE | DELETING
},
maxResults: 'NUMBER_VALUE',
nextToken: 'STRING_VALUE',
sortOrder: ASCENDING | DESCENDING
};
codebuild.listReportsForReportGroup(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
reportGroupArn
— (String
)The ARN of the report group for which you want to return report ARNs.
nextToken
— (String
)During a previous call, the maximum number of items that can be returned is the value specified in
maxResults
. If there more items in the list, then a unique string called a nextToken is returned. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned.sortOrder
— (String
)Use to specify whether the results are returned in ascending or descending order.
Possible values include:"ASCENDING"
"DESCENDING"
maxResults
— (Integer
)The maximum number of paginated reports in this report group returned per response. Use
nextToken
to iterate pages in the list of returnedReport
objects. The default value is 100.filter
— (map
)A
ReportFilter
object used to filter the returned reports.status
— (String
)The status used to filter reports. You can filter using one status only.
Possible values include:"GENERATING"
"SUCCEEDED"
"FAILED"
"INCOMPLETE"
"DELETING"
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:nextToken
— (String
)During a previous call, the maximum number of items that can be returned is the value specified in
maxResults
. If there more items in the list, then a unique string called a nextToken is returned. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned.reports
— (Array<String>
)The list of report ARNs.
-
(AWS.Response)
—
Returns:
listSharedProjects(params = {}, callback) ⇒ AWS.Request
Gets a list of projects that are shared with other Amazon Web Services accounts or users.
Service Reference:
Examples:
Calling the listSharedProjects operation
var params = {
maxResults: 'NUMBER_VALUE',
nextToken: 'STRING_VALUE',
sortBy: ARN | MODIFIED_TIME,
sortOrder: ASCENDING | DESCENDING
};
codebuild.listSharedProjects(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
sortBy
— (String
)The criterion to be used to list build projects shared with the current Amazon Web Services account or user. Valid values include:
-
ARN
: List based on the ARN. -
MODIFIED_TIME
: List based on when information about the shared project was last changed.
"ARN"
"MODIFIED_TIME"
-
sortOrder
— (String
)The order in which to list shared build projects. Valid values include:
-
ASCENDING
: List in ascending order. -
DESCENDING
: List in descending order.
"ASCENDING"
"DESCENDING"
-
maxResults
— (Integer
)The maximum number of paginated shared build projects returned per response. Use
nextToken
to iterate pages in the list of returnedProject
objects. The default value is 100.nextToken
— (String
)During a previous call, the maximum number of items that can be returned is the value specified in
maxResults
. If there more items in the list, then a unique string called a nextToken is returned. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:nextToken
— (String
)During a previous call, the maximum number of items that can be returned is the value specified in
maxResults
. If there more items in the list, then a unique string called a nextToken is returned. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned.projects
— (Array<String>
)The list of ARNs for the build projects shared with the current Amazon Web Services account or user.
-
(AWS.Response)
—
Returns:
listSharedReportGroups(params = {}, callback) ⇒ AWS.Request
Gets a list of report groups that are shared with other Amazon Web Services accounts or users.
Service Reference:
Examples:
Calling the listSharedReportGroups operation
var params = {
maxResults: 'NUMBER_VALUE',
nextToken: 'STRING_VALUE',
sortBy: ARN | MODIFIED_TIME,
sortOrder: ASCENDING | DESCENDING
};
codebuild.listSharedReportGroups(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
sortOrder
— (String
)The order in which to list shared report groups. Valid values include:
-
ASCENDING
: List in ascending order. -
DESCENDING
: List in descending order.
"ASCENDING"
"DESCENDING"
-
sortBy
— (String
)The criterion to be used to list report groups shared with the current Amazon Web Services account or user. Valid values include:
-
ARN
: List based on the ARN. -
MODIFIED_TIME
: List based on when information about the shared report group was last changed.
"ARN"
"MODIFIED_TIME"
-
nextToken
— (String
)During a previous call, the maximum number of items that can be returned is the value specified in
maxResults
. If there more items in the list, then a unique string called a nextToken is returned. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned.maxResults
— (Integer
)The maximum number of paginated shared report groups per response. Use
nextToken
to iterate pages in the list of returnedReportGroup
objects. The default value is 100.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:nextToken
— (String
)During a previous call, the maximum number of items that can be returned is the value specified in
maxResults
. If there more items in the list, then a unique string called a nextToken is returned. To get the next batch of items in the list, call this operation again, adding the next token to the call. To get all of the items in the list, keep calling this operation with each subsequent next token that is returned, until no more next tokens are returned.reportGroups
— (Array<String>
)The list of ARNs for the report groups shared with the current Amazon Web Services account or user.
-
(AWS.Response)
—
Returns:
listSourceCredentials(params = {}, callback) ⇒ AWS.Request
Returns a list of SourceCredentialsInfo
objects.
Service Reference:
Examples:
Calling the listSourceCredentials operation
var params = {
};
codebuild.listSourceCredentials(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
- params (Object) (defaults to: {})
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:sourceCredentialsInfos
— (Array<map>
)A list of
SourceCredentialsInfo
objects. EachSourceCredentialsInfo
object includes the authentication type, token ARN, and type of source provider for one set of credentials.arn
— (String
)The Amazon Resource Name (ARN) of the token.
serverType
— (String
)The type of source provider. The valid options are GITHUB, GITHUB_ENTERPRISE, GITLAB, GITLAB_SELF_MANAGED, or BITBUCKET.
Possible values include:"GITHUB"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"GITLAB"
"GITLAB_SELF_MANAGED"
authType
— (String
)The type of authentication used by the credentials. Valid options are OAUTH, BASIC_AUTH, PERSONAL_ACCESS_TOKEN, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"BASIC_AUTH"
"PERSONAL_ACCESS_TOKEN"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The connection ARN if your authType is CODECONNECTIONS or SECRETS_MANAGER.
-
(AWS.Response)
—
Returns:
putResourcePolicy(params = {}, callback) ⇒ AWS.Request
Stores a resource policy for the ARN of a Project
or ReportGroup
object.
Service Reference:
Examples:
Calling the putResourcePolicy operation
var params = {
policy: 'STRING_VALUE', /* required */
resourceArn: 'STRING_VALUE' /* required */
};
codebuild.putResourcePolicy(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
policy
— (String
)A JSON-formatted resource policy. For more information, see Sharing a Project and Sharing a Report Group in the CodeBuild User Guide.
resourceArn
— (String
)The ARN of the
Project
orReportGroup
resource you want to associate with a resource policy.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:resourceArn
— (String
)The ARN of the
Project
orReportGroup
resource that is associated with a resource policy.
-
(AWS.Response)
—
Returns:
retryBuild(params = {}, callback) ⇒ AWS.Request
Restarts a build.
Service Reference:
Examples:
Calling the retryBuild operation
var params = {
id: 'STRING_VALUE',
idempotencyToken: 'STRING_VALUE'
};
codebuild.retryBuild(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
id
— (String
)Specifies the identifier of the build to restart.
idempotencyToken
— (String
)A unique, case sensitive identifier you provide to ensure the idempotency of the
RetryBuild
request. The token is included in theRetryBuild
request and is valid for five minutes. If you repeat theRetryBuild
request with the same token, but change a parameter, CodeBuild returns a parameter mismatch error.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:build
— (map
)Information about a build.
id
— (String
)The unique ID for the build.
arn
— (String
)The Amazon Resource Name (ARN) of the build.
buildNumber
— (Integer
)The number of the build. For each project, the
buildNumber
of its first build is1
. ThebuildNumber
of each subsequent build is incremented by1
. If a build is deleted, thebuildNumber
of other builds does not change.startTime
— (Date
)When the build process started, expressed in Unix time format.
endTime
— (Date
)When the build process ended, expressed in Unix time format.
currentPhase
— (String
)The current build phase.
buildStatus
— (String
)The current status of the build. Valid values include:
-
FAILED
: The build failed. -
FAULT
: The build faulted. -
IN_PROGRESS
: The build is still in progress. -
STOPPED
: The build stopped. -
SUCCEEDED
: The build succeeded. -
TIMED_OUT
: The build timed out.
"SUCCEEDED"
"FAILED"
"FAULT"
"TIMED_OUT"
"IN_PROGRESS"
"STOPPED"
-
sourceVersion
— (String
)Any version identifier for the version of the source code to be built. If
sourceVersion
is specified at the project level, then thissourceVersion
(at the build level) takes precedence.For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
resolvedSourceVersion
— (String
)An identifier for the version of this build's source code.
-
For CodeCommit, GitHub, GitHub Enterprise, and BitBucket, the commit ID.
-
For CodePipeline, the source revision provided by CodePipeline.
-
For Amazon S3, this does not apply.
-
projectName
— (String
)The name of the CodeBuild project.
phases
— (Array<map>
)Information about all previous build phases that are complete and information about any current build phase that is not yet complete.
phaseType
— (String
)The name of the build phase. Valid values include:
- BUILD
-
Core build activities typically occur in this build phase.
- COMPLETED
-
The build has been completed.
- DOWNLOAD_SOURCE
-
Source code is being downloaded in this build phase.
- FINALIZING
-
The build process is completing in this build phase.
- INSTALL
-
Installation activities typically occur in this build phase.
- POST_BUILD
-
Post-build activities typically occur in this build phase.
- PRE_BUILD
-
Pre-build activities typically occur in this build phase.
- PROVISIONING
-
The build environment is being set up.
- QUEUED
-
The build has been submitted and is queued behind other submitted builds.
- SUBMITTED
-
The build has been submitted.
- UPLOAD_ARTIFACTS
-
Build output artifacts are being uploaded to the output location.
"SUBMITTED"
"QUEUED"
"PROVISIONING"
"DOWNLOAD_SOURCE"
"INSTALL"
"PRE_BUILD"
"BUILD"
"POST_BUILD"
"UPLOAD_ARTIFACTS"
"FINALIZING"
"COMPLETED"
phaseStatus
— (String
)The current status of the build phase. Valid values include:
- FAILED
-
The build phase failed.
- FAULT
-
The build phase faulted.
- IN_PROGRESS
-
The build phase is still in progress.
- STOPPED
-
The build phase stopped.
- SUCCEEDED
-
The build phase succeeded.
- TIMED_OUT
-
The build phase timed out.
"SUCCEEDED"
"FAILED"
"FAULT"
"TIMED_OUT"
"IN_PROGRESS"
"STOPPED"
startTime
— (Date
)When the build phase started, expressed in Unix time format.
endTime
— (Date
)When the build phase ended, expressed in Unix time format.
durationInSeconds
— (Integer
)How long, in seconds, between the starting and ending times of the build's phase.
contexts
— (Array<map>
)Additional information about a build phase, especially to help troubleshoot a failed build.
statusCode
— (String
)The status code for the context of the build phase.
message
— (String
)An explanation of the build phase's context. This might include a command ID and an exit code.
source
— (map
)Information about the source code to be built.
type
— required — (String
)The type of repository that contains the source code to be built. Valid values include:
-
BITBUCKET
: The source code is in a Bitbucket repository. -
CODECOMMIT
: The source code is in an CodeCommit repository. -
CODEPIPELINE
: The source code settings are specified in the source action of a pipeline in CodePipeline. -
GITHUB
: The source code is in a GitHub repository. -
GITHUB_ENTERPRISE
: The source code is in a GitHub Enterprise Server repository. -
GITLAB
: The source code is in a GitLab repository. -
GITLAB_SELF_MANAGED
: The source code is in a self-managed GitLab repository. -
NO_SOURCE
: The project does not have input source code. -
S3
: The source code is in an Amazon S3 bucket.
"CODECOMMIT"
"CODEPIPELINE"
"GITHUB"
"GITLAB"
"GITLAB_SELF_MANAGED"
"S3"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"NO_SOURCE"
-
location
— (String
)Information about the location of the source code to be built. Valid values include:
-
For source code settings that are specified in the source action of a pipeline in CodePipeline,
location
should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. -
For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example,
https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>
). -
For source code in an Amazon S3 input bucket, one of the following.
-
The path to the ZIP file that contains the source code (for example,
<bucket-name>/<path>/<object-name>.zip
). -
The path to the folder that contains the source code (for example,
<bucket-name>/<path-to-source-code>/<folder>/
).
-
-
For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
. -
For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the
auth
object'stype
value toCODECONNECTIONS
in thesource
object. -
For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
.
If you specify
CODEPIPELINE
for theType
property, don't specify this property. For all of the other types, you must specifyLocation
.-
gitCloneDepth
— (Integer
)Information about the Git clone depth for the build project.
gitSubmodulesConfig
— (map
)Information about the Git submodules configuration for the build project.
fetchSubmodules
— required — (Boolean
)Set to true to fetch Git submodules for your CodeBuild build project.
buildspec
— (String
)The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in
CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.auth
— (map
)Information about the authorization settings for CodeBuild to access the source code to be built.
type
— required — (String
)The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The resource value that applies to the specified authorization type.
reportBuildStatus
— (Boolean
)Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an
invalidInputException
is thrown.To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.
buildStatusConfig
— (map
)Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is
GITHUB
,GITHUB_ENTERPRISE
, orBITBUCKET
.context
— (String
)Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
name
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
context
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
targetUrl
— (String
)Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
url
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
target_url
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
insecureSsl
— (Boolean
)Enable this flag to ignore SSL warnings while connecting to the project source code.
sourceIdentifier
— (String
)An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
secondarySources
— (Array<map>
)An array of
ProjectSource
objects.type
— required — (String
)The type of repository that contains the source code to be built. Valid values include:
-
BITBUCKET
: The source code is in a Bitbucket repository. -
CODECOMMIT
: The source code is in an CodeCommit repository. -
CODEPIPELINE
: The source code settings are specified in the source action of a pipeline in CodePipeline. -
GITHUB
: The source code is in a GitHub repository. -
GITHUB_ENTERPRISE
: The source code is in a GitHub Enterprise Server repository. -
GITLAB
: The source code is in a GitLab repository. -
GITLAB_SELF_MANAGED
: The source code is in a self-managed GitLab repository. -
NO_SOURCE
: The project does not have input source code. -
S3
: The source code is in an Amazon S3 bucket.
"CODECOMMIT"
"CODEPIPELINE"
"GITHUB"
"GITLAB"
"GITLAB_SELF_MANAGED"
"S3"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"NO_SOURCE"
-
location
— (String
)Information about the location of the source code to be built. Valid values include:
-
For source code settings that are specified in the source action of a pipeline in CodePipeline,
location
should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. -
For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example,
https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>
). -
For source code in an Amazon S3 input bucket, one of the following.
-
The path to the ZIP file that contains the source code (for example,
<bucket-name>/<path>/<object-name>.zip
). -
The path to the folder that contains the source code (for example,
<bucket-name>/<path-to-source-code>/<folder>/
).
-
-
For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
. -
For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the
auth
object'stype
value toCODECONNECTIONS
in thesource
object. -
For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
.
If you specify
CODEPIPELINE
for theType
property, don't specify this property. For all of the other types, you must specifyLocation
.-
gitCloneDepth
— (Integer
)Information about the Git clone depth for the build project.
gitSubmodulesConfig
— (map
)Information about the Git submodules configuration for the build project.
fetchSubmodules
— required — (Boolean
)Set to true to fetch Git submodules for your CodeBuild build project.
buildspec
— (String
)The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in
CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.auth
— (map
)Information about the authorization settings for CodeBuild to access the source code to be built.
type
— required — (String
)The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The resource value that applies to the specified authorization type.
reportBuildStatus
— (Boolean
)Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an
invalidInputException
is thrown.To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.
buildStatusConfig
— (map
)Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is
GITHUB
,GITHUB_ENTERPRISE
, orBITBUCKET
.context
— (String
)Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
name
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
context
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
targetUrl
— (String
)Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
url
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
target_url
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
insecureSsl
— (Boolean
)Enable this flag to ignore SSL warnings while connecting to the project source code.
sourceIdentifier
— (String
)An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
secondarySourceVersions
— (Array<map>
)An array of
ProjectSourceVersion
objects. EachProjectSourceVersion
must be one of:-
For CodeCommit: the commit ID, branch, or Git tag to use.
-
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for example,pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. -
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
-
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
sourceIdentifier
— required — (String
)An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
sourceVersion
— required — (String
)The source version for the corresponding source identifier. If specified, must be one of:
-
For CodeCommit: the commit ID, branch, or Git tag to use.
-
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for example,pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. -
For GitLab: the commit ID, branch, or Git tag to use.
-
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
-
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
-
-
artifacts
— (map
)Information about the output artifacts for the build.
location
— (String
)Information about the location of the build artifacts.
sha256sum
— (String
)The SHA-256 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.md5sum
— (String
)The MD5 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.overrideArtifactName
— (Boolean
)If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.
encryptionDisabled
— (Boolean
)Information that tells you if encryption for build artifacts is disabled.
artifactIdentifier
— (String
)An identifier for this artifact definition.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
secondaryArtifacts
— (Array<map>
)An array of
ProjectArtifacts
objects.location
— (String
)Information about the location of the build artifacts.
sha256sum
— (String
)The SHA-256 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.md5sum
— (String
)The MD5 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.overrideArtifactName
— (Boolean
)If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.
encryptionDisabled
— (Boolean
)Information that tells you if encryption for build artifacts is disabled.
artifactIdentifier
— (String
)An identifier for this artifact definition.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
cache
— (map
)Information about the cache for the build.
type
— required — (String
)The type of cache used by the build project. Valid values include:
-
NO_CACHE
: The build project does not use any cache. -
S3
: The build project reads and writes from and to S3. -
LOCAL
: The build project stores a cache locally on a build host that is only available to that build host.
"NO_CACHE"
"S3"
"LOCAL"
-
location
— (String
)Information about the cache location:
-
NO_CACHE
orLOCAL
: This value is ignored. -
S3
: This is the S3 bucket name/prefix.
-
modes
— (Array<String>
)An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for
LOCAL
cache types.Possible values are:
- LOCAL_SOURCE_CACHE
-
Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.
- LOCAL_DOCKER_LAYER_CACHE
-
Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.
Note:- You can use a Docker layer cache in the Linux environment only.
- The
privileged
flag must be set so that your project has the required Docker permissions. - You should consider the security implications before you use a Docker layer cache.
- LOCAL_CUSTOM_CACHE
-
Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:
-
Only directories can be specified for caching. You cannot specify individual files.
-
Symlinks are used to reference cached directories.
-
Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.
-
environment
— (map
)Information about the build environment for this build.
type
— required — (String
)The type of build environment to use for related builds.
-
The environment type
ARM_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and EU (Frankfurt). -
The environment type
LINUX_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia). -
The environment type
LINUX_GPU_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) , China (Beijing), and China (Ningxia).
-
The environment types
ARM_LAMBDA_CONTAINER
andLINUX_LAMBDA_CONTAINER
are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Frankfurt), EU (Ireland), and South America (São Paulo).
-
The environment types
WINDOWS_CONTAINER
andWINDOWS_SERVER_2019_CONTAINER
are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and EU (Ireland).
Note: If you're using compute fleets during project creation,type
will be ignored.For more information, see Build environment compute types in the CodeBuild user guide.
Possible values include:"WINDOWS_CONTAINER"
"LINUX_CONTAINER"
"LINUX_GPU_CONTAINER"
"ARM_CONTAINER"
"WINDOWS_SERVER_2019_CONTAINER"
"LINUX_LAMBDA_CONTAINER"
"ARM_LAMBDA_CONTAINER"
"MAC_ARM"
-
image
— required — (String
)The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:
-
For an image tag:
<registry>/<repository>:<tag>
. For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would beaws/codebuild/standard:4.0
. -
For an image digest:
<registry>/<repository>@<digest>
. For example, to specify an image with the digest "sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use<registry>/<repository>@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf
.
For more information, see Docker images provided by CodeBuild in the CodeBuild user guide.
-
computeType
— required — (String
)Information about the compute resources the build project uses. Available values include:
-
BUILD_GENERAL1_SMALL
: Use up to 3 GB memory and 2 vCPUs for builds. -
BUILD_GENERAL1_MEDIUM
: Use up to 7 GB memory and 4 vCPUs for builds. -
BUILD_GENERAL1_LARGE
: Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_XLARGE
: Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_2XLARGE
: Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. -
BUILD_LAMBDA_1GB
: Use up to 1 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_2GB
: Use up to 2 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_4GB
: Use up to 4 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_8GB
: Use up to 8 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_10GB
: Use up to 10 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
.
If you use
BUILD_GENERAL1_SMALL
:-
For environment type
LINUX_CONTAINER
, you can use up to 3 GB memory and 2 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 16 GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. -
For environment type
ARM_CONTAINER
, you can use up to 4 GB memory and 2 vCPUs on ARM-based processors for builds.
If you use
BUILD_GENERAL1_LARGE
:-
For environment type
LINUX_CONTAINER
, you can use up to 15 GB memory and 8 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. -
For environment type
ARM_CONTAINER
, you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.
Note: If you're using compute fleets during project creation,computeType
will be ignored.For more information, see Build Environment Compute Types in the CodeBuild User Guide.
Possible values include:"BUILD_GENERAL1_SMALL"
"BUILD_GENERAL1_MEDIUM"
"BUILD_GENERAL1_LARGE"
"BUILD_GENERAL1_XLARGE"
"BUILD_GENERAL1_2XLARGE"
"BUILD_LAMBDA_1GB"
"BUILD_LAMBDA_2GB"
"BUILD_LAMBDA_4GB"
"BUILD_LAMBDA_8GB"
"BUILD_LAMBDA_10GB"
-
fleet
— (map
)A ProjectFleet object to use for this build project.
fleetArn
— (String
)Specifies the compute fleet ARN for the build project.
environmentVariables
— (Array<map>
)A set of environment variables to make available to builds for this build project.
name
— required — (String
)The name or key of the environment variable.
value
— required — (String
)The value of the environment variable.
We strongly discourage the use of
PLAINTEXT
environment variables to store sensitive values, especially Amazon Web Services secret key IDs.PLAINTEXT
environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of typePARAMETER_STORE
orSECRETS_MANAGER
.type
— (String
)The type of environment variable. Valid values include:
-
PARAMETER_STORE
: An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as thevalue
of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the CodeBuild User Guide. -
PLAINTEXT
: An environment variable in plain text format. This is the default value. -
SECRETS_MANAGER
: An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as thevalue
of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the CodeBuild User Guide.
"PLAINTEXT"
"PARAMETER_STORE"
"SECRETS_MANAGER"
-
privilegedMode
— (Boolean
)Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is
false
.You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:
If the operating system's base image is Ubuntu Linux:
- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&
- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"
If the operating system's base image is Alpine Linux and the previous command does not work, add the
-t
argument totimeout
:- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&
- timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"
certificate
— (String
)The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the CodeBuild User Guide.
registryCredential
— (map
)The credentials for access to a private registry.
credential
— required — (String
)The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager.
Note: Thecredential
can use the name of the credentials only if they exist in your current Amazon Web Services Region.credentialProvider
— required — (String
)The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager.
Possible values include:"SECRETS_MANAGER"
imagePullCredentialsType
— (String
)The type of credentials CodeBuild uses to pull images in your build. There are two valid values:
-
CODEBUILD
specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal. -
SERVICE_ROLE
specifies that CodeBuild uses your build project's service role.
When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials.
Possible values include:"CODEBUILD"
"SERVICE_ROLE"
-
serviceRole
— (String
)The name of a service role used for this build.
logs
— (map
)Information about the build's logs in CloudWatch Logs.
groupName
— (String
)The name of the CloudWatch Logs group for the build logs.
streamName
— (String
)The name of the CloudWatch Logs stream for the build logs.
deepLink
— (String
)The URL to an individual build log in CloudWatch Logs. The log stream is created during the PROVISIONING phase of a build and the
deeplink
will not be valid until it is created.s3DeepLink
— (String
)The URL to a build log in an S3 bucket.
cloudWatchLogsArn
— (String
)The ARN of the CloudWatch Logs stream for a build execution. Its format is
arn:${Partition}:logs:${Region}:${Account}:log-group:${LogGroupName}:log-stream:${LogStreamName}
. The CloudWatch Logs stream is created during the PROVISIONING phase of a build and the ARN will not be valid until it is created. For more information, see Resources Defined by CloudWatch Logs.s3LogsArn
— (String
)The ARN of S3 logs for a build project. Its format is
arn:${Partition}:s3:::${BucketName}/${ObjectName}
. For more information, see Resources Defined by Amazon S3.cloudWatchLogs
— (map
)Information about CloudWatch Logs for a build project.
status
— required — (String
)The current status of the logs in CloudWatch Logs for a build project. Valid values are:
-
ENABLED
: CloudWatch Logs are enabled for this build project. -
DISABLED
: CloudWatch Logs are not enabled for this build project.
"ENABLED"
"DISABLED"
-
groupName
— (String
)The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
streamName
— (String
)The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
s3Logs
— (map
)Information about S3 logs for a build project.
status
— required — (String
)The current status of the S3 build logs. Valid values are:
-
ENABLED
: S3 build logs are enabled for this build project. -
DISABLED
: S3 build logs are not enabled for this build project.
"ENABLED"
"DISABLED"
-
location
— (String
)The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is
my-bucket
, and your path prefix isbuild-log
, then acceptable formats aremy-bucket/build-log
orarn:aws:s3:::my-bucket/build-log
.encryptionDisabled
— (Boolean
)Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
timeoutInMinutes
— (Integer
)How long, in minutes, from 5 to 2160 (36 hours), for CodeBuild to wait before timing out this build if it does not get marked as completed.
queuedTimeoutInMinutes
— (Integer
)The number of minutes a build is allowed to be queued before it times out.
buildComplete
— (Boolean
)Whether the build is complete. True if complete; otherwise, false.
initiator
— (String
)The entity that started the build. Valid values include:
-
If CodePipeline started the build, the pipeline's name (for example,
codepipeline/my-demo-pipeline
). -
If a user started the build, the user's name (for example,
MyUserName
). -
If the Jenkins plugin for CodeBuild started the build, the string
CodeBuild-Jenkins-Plugin
.
-
vpcConfig
— (map
)If your CodeBuild project accesses resources in an Amazon VPC, you provide this parameter that identifies the VPC ID and the list of security group IDs and subnet IDs. The security groups and subnets must belong to the same VPC. You must provide at least one security group and one subnet ID.
vpcId
— (String
)The ID of the Amazon VPC.
subnets
— (Array<String>
)A list of one or more subnet IDs in your Amazon VPC.
securityGroupIds
— (Array<String>
)A list of one or more security groups IDs in your Amazon VPC.
networkInterface
— (map
)Describes a network interface.
subnetId
— (String
)The ID of the subnet.
networkInterfaceId
— (String
)The ID of the network interface.
encryptionKey
— (String
)The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.
Note: You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format
alias/<alias-name>
).exportedEnvironmentVariables
— (Array<map>
)A list of exported environment variables for this build.
Exported environment variables are used in conjunction with CodePipeline to export environment variables from the current build stage to subsequent stages in the pipeline. For more information, see Working with variables in the CodePipeline User Guide.
name
— (String
)The name of the exported environment variable.
value
— (String
)The value assigned to the exported environment variable.
reportArns
— (Array<String>
)An array of the ARNs associated with this build's reports.
fileSystemLocations
— (Array<map>
)An array of
ProjectFileSystemLocation
objects for a CodeBuild build project. AProjectFileSystemLocation
object specifies theidentifier
,location
,mountOptions
,mountPoint
, andtype
of a file system created using Amazon Elastic File System.type
— (String
)The type of the file system. The one supported type is
Possible values include:EFS
."EFS"
location
— (String
)A string that specifies the location of the file system created by Amazon EFS. Its format is
efs-dns-name:/directory-path
. You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system isfs-abcd1234.efs.us-west-2.amazonaws.com
, and its mount directory ismy-efs-mount-directory
, then thelocation
isfs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory
.The directory path in the format
efs-dns-name:/directory-path
is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.mountPoint
— (String
)The location in the container where you mount the file system.
identifier
— (String
)The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the
identifier
in all capital letters toCODEBUILD_
. For example, if you specifymy_efs
foridentifier
, a new environment variable is create namedCODEBUILD_MY_EFS
.The
identifier
is used to mount your file system.mountOptions
— (String
)The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are
nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2
. For more information, see Recommended NFS Mount Options.
debugSession
— (map
)Contains information about the debug session for this build.
sessionEnabled
— (Boolean
)Specifies if session debugging is enabled for this build.
sessionTarget
— (String
)Contains the identifier of the Session Manager session used for the build. To work with the paused build, you open this session to examine, control, and resume the build.
buildBatchArn
— (String
)The ARN of the batch build that this build is a member of, if applicable.
-
(AWS.Response)
—
Returns:
retryBuildBatch(params = {}, callback) ⇒ AWS.Request
Restarts a failed batch build. Only batch builds that have failed can be retried.
Service Reference:
Examples:
Calling the retryBuildBatch operation
var params = {
id: 'STRING_VALUE',
idempotencyToken: 'STRING_VALUE',
retryType: RETRY_ALL_BUILDS | RETRY_FAILED_BUILDS
};
codebuild.retryBuildBatch(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
id
— (String
)Specifies the identifier of the batch build to restart.
idempotencyToken
— (String
)A unique, case sensitive identifier you provide to ensure the idempotency of the
RetryBuildBatch
request. The token is included in theRetryBuildBatch
request and is valid for five minutes. If you repeat theRetryBuildBatch
request with the same token, but change a parameter, CodeBuild returns a parameter mismatch error.retryType
— (String
)Specifies the type of retry to perform.
Possible values include:"RETRY_ALL_BUILDS"
"RETRY_FAILED_BUILDS"
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:buildBatch
— (map
)Contains information about a batch build.
id
— (String
)The identifier of the batch build.
arn
— (String
)The ARN of the batch build.
startTime
— (Date
)The date and time that the batch build started.
endTime
— (Date
)The date and time that the batch build ended.
currentPhase
— (String
)The current phase of the batch build.
buildBatchStatus
— (String
)The status of the batch build.
Possible values include:"SUCCEEDED"
"FAILED"
"FAULT"
"TIMED_OUT"
"IN_PROGRESS"
"STOPPED"
sourceVersion
— (String
)The identifier of the version of the source code to be built.
resolvedSourceVersion
— (String
)The identifier of the resolved version of this batch build's source code.
-
For CodeCommit, GitHub, GitHub Enterprise, and BitBucket, the commit ID.
-
For CodePipeline, the source revision provided by CodePipeline.
-
For Amazon S3, this does not apply.
-
projectName
— (String
)The name of the batch build project.
phases
— (Array<map>
)An array of
BuildBatchPhase
objects the specify the phases of the batch build.phaseType
— (String
)The name of the batch build phase. Valid values include:
- COMBINE_ARTIFACTS
-
Build output artifacts are being combined and uploaded to the output location.
- DOWNLOAD_BATCHSPEC
-
The batch build specification is being downloaded.
- FAILED
-
One or more of the builds failed.
- IN_PROGRESS
-
The batch build is in progress.
- STOPPED
-
The batch build was stopped.
- SUBMITTED
-
The btach build has been submitted.
- SUCCEEDED
-
The batch build succeeded.
"SUBMITTED"
"DOWNLOAD_BATCHSPEC"
"IN_PROGRESS"
"COMBINE_ARTIFACTS"
"SUCCEEDED"
"FAILED"
"STOPPED"
phaseStatus
— (String
)The current status of the batch build phase. Valid values include:
- FAILED
-
The build phase failed.
- FAULT
-
The build phase faulted.
- IN_PROGRESS
-
The build phase is still in progress.
- STOPPED
-
The build phase stopped.
- SUCCEEDED
-
The build phase succeeded.
- TIMED_OUT
-
The build phase timed out.
"SUCCEEDED"
"FAILED"
"FAULT"
"TIMED_OUT"
"IN_PROGRESS"
"STOPPED"
startTime
— (Date
)When the batch build phase started, expressed in Unix time format.
endTime
— (Date
)When the batch build phase ended, expressed in Unix time format.
durationInSeconds
— (Integer
)How long, in seconds, between the starting and ending times of the batch build's phase.
contexts
— (Array<map>
)Additional information about the batch build phase. Especially to help troubleshoot a failed batch build.
statusCode
— (String
)The status code for the context of the build phase.
message
— (String
)An explanation of the build phase's context. This might include a command ID and an exit code.
source
— (map
)Information about the build input source code for the build project.
type
— required — (String
)The type of repository that contains the source code to be built. Valid values include:
-
BITBUCKET
: The source code is in a Bitbucket repository. -
CODECOMMIT
: The source code is in an CodeCommit repository. -
CODEPIPELINE
: The source code settings are specified in the source action of a pipeline in CodePipeline. -
GITHUB
: The source code is in a GitHub repository. -
GITHUB_ENTERPRISE
: The source code is in a GitHub Enterprise Server repository. -
GITLAB
: The source code is in a GitLab repository. -
GITLAB_SELF_MANAGED
: The source code is in a self-managed GitLab repository. -
NO_SOURCE
: The project does not have input source code. -
S3
: The source code is in an Amazon S3 bucket.
"CODECOMMIT"
"CODEPIPELINE"
"GITHUB"
"GITLAB"
"GITLAB_SELF_MANAGED"
"S3"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"NO_SOURCE"
-
location
— (String
)Information about the location of the source code to be built. Valid values include:
-
For source code settings that are specified in the source action of a pipeline in CodePipeline,
location
should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. -
For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example,
https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>
). -
For source code in an Amazon S3 input bucket, one of the following.
-
The path to the ZIP file that contains the source code (for example,
<bucket-name>/<path>/<object-name>.zip
). -
The path to the folder that contains the source code (for example,
<bucket-name>/<path-to-source-code>/<folder>/
).
-
-
For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
. -
For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the
auth
object'stype
value toCODECONNECTIONS
in thesource
object. -
For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
.
If you specify
CODEPIPELINE
for theType
property, don't specify this property. For all of the other types, you must specifyLocation
.-
gitCloneDepth
— (Integer
)Information about the Git clone depth for the build project.
gitSubmodulesConfig
— (map
)Information about the Git submodules configuration for the build project.
fetchSubmodules
— required — (Boolean
)Set to true to fetch Git submodules for your CodeBuild build project.
buildspec
— (String
)The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in
CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.auth
— (map
)Information about the authorization settings for CodeBuild to access the source code to be built.
type
— required — (String
)The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The resource value that applies to the specified authorization type.
reportBuildStatus
— (Boolean
)Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an
invalidInputException
is thrown.To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.
buildStatusConfig
— (map
)Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is
GITHUB
,GITHUB_ENTERPRISE
, orBITBUCKET
.context
— (String
)Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
name
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
context
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
targetUrl
— (String
)Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
url
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
target_url
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
insecureSsl
— (Boolean
)Enable this flag to ignore SSL warnings while connecting to the project source code.
sourceIdentifier
— (String
)An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
secondarySources
— (Array<map>
)An array of
ProjectSource
objects that define the sources for the batch build.type
— required — (String
)The type of repository that contains the source code to be built. Valid values include:
-
BITBUCKET
: The source code is in a Bitbucket repository. -
CODECOMMIT
: The source code is in an CodeCommit repository. -
CODEPIPELINE
: The source code settings are specified in the source action of a pipeline in CodePipeline. -
GITHUB
: The source code is in a GitHub repository. -
GITHUB_ENTERPRISE
: The source code is in a GitHub Enterprise Server repository. -
GITLAB
: The source code is in a GitLab repository. -
GITLAB_SELF_MANAGED
: The source code is in a self-managed GitLab repository. -
NO_SOURCE
: The project does not have input source code. -
S3
: The source code is in an Amazon S3 bucket.
"CODECOMMIT"
"CODEPIPELINE"
"GITHUB"
"GITLAB"
"GITLAB_SELF_MANAGED"
"S3"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"NO_SOURCE"
-
location
— (String
)Information about the location of the source code to be built. Valid values include:
-
For source code settings that are specified in the source action of a pipeline in CodePipeline,
location
should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. -
For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example,
https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>
). -
For source code in an Amazon S3 input bucket, one of the following.
-
The path to the ZIP file that contains the source code (for example,
<bucket-name>/<path>/<object-name>.zip
). -
The path to the folder that contains the source code (for example,
<bucket-name>/<path-to-source-code>/<folder>/
).
-
-
For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
. -
For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the
auth
object'stype
value toCODECONNECTIONS
in thesource
object. -
For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
.
If you specify
CODEPIPELINE
for theType
property, don't specify this property. For all of the other types, you must specifyLocation
.-
gitCloneDepth
— (Integer
)Information about the Git clone depth for the build project.
gitSubmodulesConfig
— (map
)Information about the Git submodules configuration for the build project.
fetchSubmodules
— required — (Boolean
)Set to true to fetch Git submodules for your CodeBuild build project.
buildspec
— (String
)The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in
CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.auth
— (map
)Information about the authorization settings for CodeBuild to access the source code to be built.
type
— required — (String
)The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The resource value that applies to the specified authorization type.
reportBuildStatus
— (Boolean
)Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an
invalidInputException
is thrown.To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.
buildStatusConfig
— (map
)Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is
GITHUB
,GITHUB_ENTERPRISE
, orBITBUCKET
.context
— (String
)Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
name
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
context
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
targetUrl
— (String
)Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
url
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
target_url
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
insecureSsl
— (Boolean
)Enable this flag to ignore SSL warnings while connecting to the project source code.
sourceIdentifier
— (String
)An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
secondarySourceVersions
— (Array<map>
)An array of
ProjectSourceVersion
objects. EachProjectSourceVersion
must be one of:-
For CodeCommit: the commit ID, branch, or Git tag to use.
-
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for example,pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. -
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
-
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
sourceIdentifier
— required — (String
)An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
sourceVersion
— required — (String
)The source version for the corresponding source identifier. If specified, must be one of:
-
For CodeCommit: the commit ID, branch, or Git tag to use.
-
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for example,pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. -
For GitLab: the commit ID, branch, or Git tag to use.
-
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
-
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
-
-
artifacts
— (map
)A
BuildArtifacts
object the defines the build artifacts for this batch build.location
— (String
)Information about the location of the build artifacts.
sha256sum
— (String
)The SHA-256 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.md5sum
— (String
)The MD5 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.overrideArtifactName
— (Boolean
)If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.
encryptionDisabled
— (Boolean
)Information that tells you if encryption for build artifacts is disabled.
artifactIdentifier
— (String
)An identifier for this artifact definition.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
secondaryArtifacts
— (Array<map>
)An array of
BuildArtifacts
objects the define the build artifacts for this batch build.location
— (String
)Information about the location of the build artifacts.
sha256sum
— (String
)The SHA-256 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.md5sum
— (String
)The MD5 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.overrideArtifactName
— (Boolean
)If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.
encryptionDisabled
— (Boolean
)Information that tells you if encryption for build artifacts is disabled.
artifactIdentifier
— (String
)An identifier for this artifact definition.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
cache
— (map
)Information about the cache for the build project.
type
— required — (String
)The type of cache used by the build project. Valid values include:
-
NO_CACHE
: The build project does not use any cache. -
S3
: The build project reads and writes from and to S3. -
LOCAL
: The build project stores a cache locally on a build host that is only available to that build host.
"NO_CACHE"
"S3"
"LOCAL"
-
location
— (String
)Information about the cache location:
-
NO_CACHE
orLOCAL
: This value is ignored. -
S3
: This is the S3 bucket name/prefix.
-
modes
— (Array<String>
)An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for
LOCAL
cache types.Possible values are:
- LOCAL_SOURCE_CACHE
-
Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.
- LOCAL_DOCKER_LAYER_CACHE
-
Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.
Note:- You can use a Docker layer cache in the Linux environment only.
- The
privileged
flag must be set so that your project has the required Docker permissions. - You should consider the security implications before you use a Docker layer cache.
- LOCAL_CUSTOM_CACHE
-
Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:
-
Only directories can be specified for caching. You cannot specify individual files.
-
Symlinks are used to reference cached directories.
-
Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.
-
environment
— (map
)Information about the build environment of the build project.
type
— required — (String
)The type of build environment to use for related builds.
-
The environment type
ARM_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and EU (Frankfurt). -
The environment type
LINUX_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia). -
The environment type
LINUX_GPU_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) , China (Beijing), and China (Ningxia).
-
The environment types
ARM_LAMBDA_CONTAINER
andLINUX_LAMBDA_CONTAINER
are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Frankfurt), EU (Ireland), and South America (São Paulo).
-
The environment types
WINDOWS_CONTAINER
andWINDOWS_SERVER_2019_CONTAINER
are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and EU (Ireland).
Note: If you're using compute fleets during project creation,type
will be ignored.For more information, see Build environment compute types in the CodeBuild user guide.
Possible values include:"WINDOWS_CONTAINER"
"LINUX_CONTAINER"
"LINUX_GPU_CONTAINER"
"ARM_CONTAINER"
"WINDOWS_SERVER_2019_CONTAINER"
"LINUX_LAMBDA_CONTAINER"
"ARM_LAMBDA_CONTAINER"
"MAC_ARM"
-
image
— required — (String
)The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:
-
For an image tag:
<registry>/<repository>:<tag>
. For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would beaws/codebuild/standard:4.0
. -
For an image digest:
<registry>/<repository>@<digest>
. For example, to specify an image with the digest "sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use<registry>/<repository>@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf
.
For more information, see Docker images provided by CodeBuild in the CodeBuild user guide.
-
computeType
— required — (String
)Information about the compute resources the build project uses. Available values include:
-
BUILD_GENERAL1_SMALL
: Use up to 3 GB memory and 2 vCPUs for builds. -
BUILD_GENERAL1_MEDIUM
: Use up to 7 GB memory and 4 vCPUs for builds. -
BUILD_GENERAL1_LARGE
: Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_XLARGE
: Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_2XLARGE
: Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. -
BUILD_LAMBDA_1GB
: Use up to 1 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_2GB
: Use up to 2 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_4GB
: Use up to 4 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_8GB
: Use up to 8 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_10GB
: Use up to 10 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
.
If you use
BUILD_GENERAL1_SMALL
:-
For environment type
LINUX_CONTAINER
, you can use up to 3 GB memory and 2 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 16 GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. -
For environment type
ARM_CONTAINER
, you can use up to 4 GB memory and 2 vCPUs on ARM-based processors for builds.
If you use
BUILD_GENERAL1_LARGE
:-
For environment type
LINUX_CONTAINER
, you can use up to 15 GB memory and 8 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. -
For environment type
ARM_CONTAINER
, you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.
Note: If you're using compute fleets during project creation,computeType
will be ignored.For more information, see Build Environment Compute Types in the CodeBuild User Guide.
Possible values include:"BUILD_GENERAL1_SMALL"
"BUILD_GENERAL1_MEDIUM"
"BUILD_GENERAL1_LARGE"
"BUILD_GENERAL1_XLARGE"
"BUILD_GENERAL1_2XLARGE"
"BUILD_LAMBDA_1GB"
"BUILD_LAMBDA_2GB"
"BUILD_LAMBDA_4GB"
"BUILD_LAMBDA_8GB"
"BUILD_LAMBDA_10GB"
-
fleet
— (map
)A ProjectFleet object to use for this build project.
fleetArn
— (String
)Specifies the compute fleet ARN for the build project.
environmentVariables
— (Array<map>
)A set of environment variables to make available to builds for this build project.
name
— required — (String
)The name or key of the environment variable.
value
— required — (String
)The value of the environment variable.
We strongly discourage the use of
PLAINTEXT
environment variables to store sensitive values, especially Amazon Web Services secret key IDs.PLAINTEXT
environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of typePARAMETER_STORE
orSECRETS_MANAGER
.type
— (String
)The type of environment variable. Valid values include:
-
PARAMETER_STORE
: An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as thevalue
of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the CodeBuild User Guide. -
PLAINTEXT
: An environment variable in plain text format. This is the default value. -
SECRETS_MANAGER
: An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as thevalue
of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the CodeBuild User Guide.
"PLAINTEXT"
"PARAMETER_STORE"
"SECRETS_MANAGER"
-
privilegedMode
— (Boolean
)Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is
false
.You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:
If the operating system's base image is Ubuntu Linux:
- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&
- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"
If the operating system's base image is Alpine Linux and the previous command does not work, add the
-t
argument totimeout
:- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&
- timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"
certificate
— (String
)The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the CodeBuild User Guide.
registryCredential
— (map
)The credentials for access to a private registry.
credential
— required — (String
)The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager.
Note: Thecredential
can use the name of the credentials only if they exist in your current Amazon Web Services Region.credentialProvider
— required — (String
)The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager.
Possible values include:"SECRETS_MANAGER"
imagePullCredentialsType
— (String
)The type of credentials CodeBuild uses to pull images in your build. There are two valid values:
-
CODEBUILD
specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal. -
SERVICE_ROLE
specifies that CodeBuild uses your build project's service role.
When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials.
Possible values include:"CODEBUILD"
"SERVICE_ROLE"
-
serviceRole
— (String
)The name of a service role used for builds in the batch.
logConfig
— (map
)Information about logs for a build project. These can be logs in CloudWatch Logs, built in a specified S3 bucket, or both.
cloudWatchLogs
— (map
)Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default.
status
— required — (String
)The current status of the logs in CloudWatch Logs for a build project. Valid values are:
-
ENABLED
: CloudWatch Logs are enabled for this build project. -
DISABLED
: CloudWatch Logs are not enabled for this build project.
"ENABLED"
"DISABLED"
-
groupName
— (String
)The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
streamName
— (String
)The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
s3Logs
— (map
)Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default.
status
— required — (String
)The current status of the S3 build logs. Valid values are:
-
ENABLED
: S3 build logs are enabled for this build project. -
DISABLED
: S3 build logs are not enabled for this build project.
"ENABLED"
"DISABLED"
-
location
— (String
)The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is
my-bucket
, and your path prefix isbuild-log
, then acceptable formats aremy-bucket/build-log
orarn:aws:s3:::my-bucket/build-log
.encryptionDisabled
— (Boolean
)Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
buildTimeoutInMinutes
— (Integer
)Specifies the maximum amount of time, in minutes, that the build in a batch must be completed in.
queuedTimeoutInMinutes
— (Integer
)Specifies the amount of time, in minutes, that the batch build is allowed to be queued before it times out.
complete
— (Boolean
)Indicates if the batch build is complete.
initiator
— (String
)The entity that started the batch build. Valid values include:
-
If CodePipeline started the build, the pipeline's name (for example,
codepipeline/my-demo-pipeline
). -
If a user started the build, the user's name.
-
If the Jenkins plugin for CodeBuild started the build, the string
CodeBuild-Jenkins-Plugin
.
-
vpcConfig
— (map
)Information about the VPC configuration that CodeBuild accesses.
vpcId
— (String
)The ID of the Amazon VPC.
subnets
— (Array<String>
)A list of one or more subnet IDs in your Amazon VPC.
securityGroupIds
— (Array<String>
)A list of one or more security groups IDs in your Amazon VPC.
encryptionKey
— (String
)The Key Management Service customer master key (CMK) to be used for encrypting the batch build output artifacts.
Note: You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format
alias/<alias-name>
).buildBatchNumber
— (Integer
)The number of the batch build. For each project, the
buildBatchNumber
of its first batch build is1
. ThebuildBatchNumber
of each subsequent batch build is incremented by1
. If a batch build is deleted, thebuildBatchNumber
of other batch builds does not change.fileSystemLocations
— (Array<map>
)An array of
ProjectFileSystemLocation
objects for the batch build project. AProjectFileSystemLocation
object specifies theidentifier
,location
,mountOptions
,mountPoint
, andtype
of a file system created using Amazon Elastic File System.type
— (String
)The type of the file system. The one supported type is
Possible values include:EFS
."EFS"
location
— (String
)A string that specifies the location of the file system created by Amazon EFS. Its format is
efs-dns-name:/directory-path
. You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system isfs-abcd1234.efs.us-west-2.amazonaws.com
, and its mount directory ismy-efs-mount-directory
, then thelocation
isfs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory
.The directory path in the format
efs-dns-name:/directory-path
is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.mountPoint
— (String
)The location in the container where you mount the file system.
identifier
— (String
)The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the
identifier
in all capital letters toCODEBUILD_
. For example, if you specifymy_efs
foridentifier
, a new environment variable is create namedCODEBUILD_MY_EFS
.The
identifier
is used to mount your file system.mountOptions
— (String
)The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are
nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2
. For more information, see Recommended NFS Mount Options.
buildBatchConfig
— (map
)Contains configuration information about a batch build project.
serviceRole
— (String
)Specifies the service role ARN for the batch build project.
combineArtifacts
— (Boolean
)Specifies if the build artifacts for the batch build should be combined into a single artifact location.
restrictions
— (map
)A
BatchRestrictions
object that specifies the restrictions for the batch build.maximumBuildsAllowed
— (Integer
)Specifies the maximum number of builds allowed.
computeTypesAllowed
— (Array<String>
)An array of strings that specify the compute types that are allowed for the batch build. See Build environment compute types in the CodeBuild User Guide for these values.
timeoutInMins
— (Integer
)Specifies the maximum amount of time, in minutes, that the batch build must be completed in.
batchReportMode
— (String
)Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider.
- REPORT_AGGREGATED_BATCH
-
(Default) Aggregate all of the build statuses into a single status report.
- REPORT_INDIVIDUAL_BUILDS
-
Send a separate status report for each individual build.
"REPORT_INDIVIDUAL_BUILDS"
"REPORT_AGGREGATED_BATCH"
buildGroups
— (Array<map>
)An array of
BuildGroup
objects that define the build groups for the batch build.identifier
— (String
)Contains the identifier of the build group.
dependsOn
— (Array<String>
)An array of strings that contain the identifiers of the build groups that this build group depends on.
ignoreFailure
— (Boolean
)Specifies if failures in this build group can be ignored.
currentBuildSummary
— (map
)A
BuildSummary
object that contains a summary of the current build group.arn
— (String
)The batch build ARN.
requestedOn
— (Date
)When the build was started, expressed in Unix time format.
buildStatus
— (String
)The status of the build group.
- FAILED
-
The build group failed.
- FAULT
-
The build group faulted.
- IN_PROGRESS
-
The build group is still in progress.
- STOPPED
-
The build group stopped.
- SUCCEEDED
-
The build group succeeded.
- TIMED_OUT
-
The build group timed out.
"SUCCEEDED"
"FAILED"
"FAULT"
"TIMED_OUT"
"IN_PROGRESS"
"STOPPED"
primaryArtifact
— (map
)A
ResolvedArtifact
object that represents the primary build artifacts for the build group.type
— (String
)Specifies the type of artifact.
Possible values include:"CODEPIPELINE"
"S3"
"NO_ARTIFACTS"
location
— (String
)The location of the artifact.
identifier
— (String
)The identifier of the artifact.
secondaryArtifacts
— (Array<map>
)An array of
ResolvedArtifact
objects that represents the secondary build artifacts for the build group.type
— (String
)Specifies the type of artifact.
Possible values include:"CODEPIPELINE"
"S3"
"NO_ARTIFACTS"
location
— (String
)The location of the artifact.
identifier
— (String
)The identifier of the artifact.
priorBuildSummaryList
— (Array<map>
)An array of
BuildSummary
objects that contain summaries of previous build groups.arn
— (String
)The batch build ARN.
requestedOn
— (Date
)When the build was started, expressed in Unix time format.
buildStatus
— (String
)The status of the build group.
- FAILED
-
The build group failed.
- FAULT
-
The build group faulted.
- IN_PROGRESS
-
The build group is still in progress.
- STOPPED
-
The build group stopped.
- SUCCEEDED
-
The build group succeeded.
- TIMED_OUT
-
The build group timed out.
"SUCCEEDED"
"FAILED"
"FAULT"
"TIMED_OUT"
"IN_PROGRESS"
"STOPPED"
primaryArtifact
— (map
)A
ResolvedArtifact
object that represents the primary build artifacts for the build group.type
— (String
)Specifies the type of artifact.
Possible values include:"CODEPIPELINE"
"S3"
"NO_ARTIFACTS"
location
— (String
)The location of the artifact.
identifier
— (String
)The identifier of the artifact.
secondaryArtifacts
— (Array<map>
)An array of
ResolvedArtifact
objects that represents the secondary build artifacts for the build group.type
— (String
)Specifies the type of artifact.
Possible values include:"CODEPIPELINE"
"S3"
"NO_ARTIFACTS"
location
— (String
)The location of the artifact.
identifier
— (String
)The identifier of the artifact.
debugSessionEnabled
— (Boolean
)Specifies if session debugging is enabled for this batch build. For more information, see Viewing a running build in Session Manager. Batch session debugging is not supported for matrix batch builds.
-
(AWS.Response)
—
Returns:
startBuild(params = {}, callback) ⇒ AWS.Request
Starts running a build with the settings defined in the project. These setting include: how to run a build, where to get the source code, which build environment to use, which build commands to run, and where to store the build output.
You can also start a build run by overriding some of the build settings in the project. The overrides only apply for that specific start build request. The settings in the project are unaltered.
Service Reference:
Examples:
Calling the startBuild operation
var params = {
projectName: 'STRING_VALUE', /* required */
artifactsOverride: {
type: CODEPIPELINE | S3 | NO_ARTIFACTS, /* required */
artifactIdentifier: 'STRING_VALUE',
bucketOwnerAccess: NONE | READ_ONLY | FULL,
encryptionDisabled: true || false,
location: 'STRING_VALUE',
name: 'STRING_VALUE',
namespaceType: NONE | BUILD_ID,
overrideArtifactName: true || false,
packaging: NONE | ZIP,
path: 'STRING_VALUE'
},
buildStatusConfigOverride: {
context: 'STRING_VALUE',
targetUrl: 'STRING_VALUE'
},
buildspecOverride: 'STRING_VALUE',
cacheOverride: {
type: NO_CACHE | S3 | LOCAL, /* required */
location: 'STRING_VALUE',
modes: [
LOCAL_DOCKER_LAYER_CACHE | LOCAL_SOURCE_CACHE | LOCAL_CUSTOM_CACHE,
/* more items */
]
},
certificateOverride: 'STRING_VALUE',
computeTypeOverride: BUILD_GENERAL1_SMALL | BUILD_GENERAL1_MEDIUM | BUILD_GENERAL1_LARGE | BUILD_GENERAL1_XLARGE | BUILD_GENERAL1_2XLARGE | BUILD_LAMBDA_1GB | BUILD_LAMBDA_2GB | BUILD_LAMBDA_4GB | BUILD_LAMBDA_8GB | BUILD_LAMBDA_10GB,
debugSessionEnabled: true || false,
encryptionKeyOverride: 'STRING_VALUE',
environmentTypeOverride: WINDOWS_CONTAINER | LINUX_CONTAINER | LINUX_GPU_CONTAINER | ARM_CONTAINER | WINDOWS_SERVER_2019_CONTAINER | LINUX_LAMBDA_CONTAINER | ARM_LAMBDA_CONTAINER | MAC_ARM,
environmentVariablesOverride: [
{
name: 'STRING_VALUE', /* required */
value: 'STRING_VALUE', /* required */
type: PLAINTEXT | PARAMETER_STORE | SECRETS_MANAGER
},
/* more items */
],
fleetOverride: {
fleetArn: 'STRING_VALUE'
},
gitCloneDepthOverride: 'NUMBER_VALUE',
gitSubmodulesConfigOverride: {
fetchSubmodules: true || false /* required */
},
idempotencyToken: 'STRING_VALUE',
imageOverride: 'STRING_VALUE',
imagePullCredentialsTypeOverride: CODEBUILD | SERVICE_ROLE,
insecureSslOverride: true || false,
logsConfigOverride: {
cloudWatchLogs: {
status: ENABLED | DISABLED, /* required */
groupName: 'STRING_VALUE',
streamName: 'STRING_VALUE'
},
s3Logs: {
status: ENABLED | DISABLED, /* required */
bucketOwnerAccess: NONE | READ_ONLY | FULL,
encryptionDisabled: true || false,
location: 'STRING_VALUE'
}
},
privilegedModeOverride: true || false,
queuedTimeoutInMinutesOverride: 'NUMBER_VALUE',
registryCredentialOverride: {
credential: 'STRING_VALUE', /* required */
credentialProvider: SECRETS_MANAGER /* required */
},
reportBuildStatusOverride: true || false,
secondaryArtifactsOverride: [
{
type: CODEPIPELINE | S3 | NO_ARTIFACTS, /* required */
artifactIdentifier: 'STRING_VALUE',
bucketOwnerAccess: NONE | READ_ONLY | FULL,
encryptionDisabled: true || false,
location: 'STRING_VALUE',
name: 'STRING_VALUE',
namespaceType: NONE | BUILD_ID,
overrideArtifactName: true || false,
packaging: NONE | ZIP,
path: 'STRING_VALUE'
},
/* more items */
],
secondarySourcesOverride: [
{
type: CODECOMMIT | CODEPIPELINE | GITHUB | GITLAB | GITLAB_SELF_MANAGED | S3 | BITBUCKET | GITHUB_ENTERPRISE | NO_SOURCE, /* required */
auth: {
type: OAUTH | CODECONNECTIONS | SECRETS_MANAGER, /* required */
resource: 'STRING_VALUE'
},
buildStatusConfig: {
context: 'STRING_VALUE',
targetUrl: 'STRING_VALUE'
},
buildspec: 'STRING_VALUE',
gitCloneDepth: 'NUMBER_VALUE',
gitSubmodulesConfig: {
fetchSubmodules: true || false /* required */
},
insecureSsl: true || false,
location: 'STRING_VALUE',
reportBuildStatus: true || false,
sourceIdentifier: 'STRING_VALUE'
},
/* more items */
],
secondarySourcesVersionOverride: [
{
sourceIdentifier: 'STRING_VALUE', /* required */
sourceVersion: 'STRING_VALUE' /* required */
},
/* more items */
],
serviceRoleOverride: 'STRING_VALUE',
sourceAuthOverride: {
type: OAUTH | CODECONNECTIONS | SECRETS_MANAGER, /* required */
resource: 'STRING_VALUE'
},
sourceLocationOverride: 'STRING_VALUE',
sourceTypeOverride: CODECOMMIT | CODEPIPELINE | GITHUB | GITLAB | GITLAB_SELF_MANAGED | S3 | BITBUCKET | GITHUB_ENTERPRISE | NO_SOURCE,
sourceVersion: 'STRING_VALUE',
timeoutInMinutesOverride: 'NUMBER_VALUE'
};
codebuild.startBuild(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
projectName
— (String
)The name of the CodeBuild build project to start running a build.
secondarySourcesOverride
— (Array<map>
)An array of
ProjectSource
objects.type
— required — (String
)The type of repository that contains the source code to be built. Valid values include:
-
BITBUCKET
: The source code is in a Bitbucket repository. -
CODECOMMIT
: The source code is in an CodeCommit repository. -
CODEPIPELINE
: The source code settings are specified in the source action of a pipeline in CodePipeline. -
GITHUB
: The source code is in a GitHub repository. -
GITHUB_ENTERPRISE
: The source code is in a GitHub Enterprise Server repository. -
GITLAB
: The source code is in a GitLab repository. -
GITLAB_SELF_MANAGED
: The source code is in a self-managed GitLab repository. -
NO_SOURCE
: The project does not have input source code. -
S3
: The source code is in an Amazon S3 bucket.
"CODECOMMIT"
"CODEPIPELINE"
"GITHUB"
"GITLAB"
"GITLAB_SELF_MANAGED"
"S3"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"NO_SOURCE"
-
location
— (String
)Information about the location of the source code to be built. Valid values include:
-
For source code settings that are specified in the source action of a pipeline in CodePipeline,
location
should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. -
For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example,
https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>
). -
For source code in an Amazon S3 input bucket, one of the following.
-
The path to the ZIP file that contains the source code (for example,
<bucket-name>/<path>/<object-name>.zip
). -
The path to the folder that contains the source code (for example,
<bucket-name>/<path-to-source-code>/<folder>/
).
-
-
For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
. -
For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the
auth
object'stype
value toCODECONNECTIONS
in thesource
object. -
For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
.
If you specify
CODEPIPELINE
for theType
property, don't specify this property. For all of the other types, you must specifyLocation
.-
gitCloneDepth
— (Integer
)Information about the Git clone depth for the build project.
gitSubmodulesConfig
— (map
)Information about the Git submodules configuration for the build project.
fetchSubmodules
— required — (Boolean
)Set to true to fetch Git submodules for your CodeBuild build project.
buildspec
— (String
)The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in
CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.auth
— (map
)Information about the authorization settings for CodeBuild to access the source code to be built.
type
— required — (String
)The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The resource value that applies to the specified authorization type.
reportBuildStatus
— (Boolean
)Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an
invalidInputException
is thrown.To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.
buildStatusConfig
— (map
)Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is
GITHUB
,GITHUB_ENTERPRISE
, orBITBUCKET
.context
— (String
)Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
name
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
context
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
targetUrl
— (String
)Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
url
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
target_url
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
insecureSsl
— (Boolean
)Enable this flag to ignore SSL warnings while connecting to the project source code.
sourceIdentifier
— (String
)An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
secondarySourcesVersionOverride
— (Array<map>
)An array of
ProjectSourceVersion
objects that specify one or more versions of the project's secondary sources to be used for this build only.sourceIdentifier
— required — (String
)An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
sourceVersion
— required — (String
)The source version for the corresponding source identifier. If specified, must be one of:
-
For CodeCommit: the commit ID, branch, or Git tag to use.
-
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for example,pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. -
For GitLab: the commit ID, branch, or Git tag to use.
-
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
-
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
-
sourceVersion
— (String
)The version of the build input to be built, for this build only. If not specified, the latest version is used. If specified, the contents depends on the source provider:
- CodeCommit
-
The commit ID, branch, or Git tag to use.
- GitHub
-
The commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for examplepr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. - GitLab
-
The commit ID, branch, or Git tag to use.
- Bitbucket
-
The commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
- Amazon S3
-
The version ID of the object that represents the build input ZIP file to use.
If
sourceVersion
is specified at the project level, then thissourceVersion
(at the build level) takes precedence.For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
artifactsOverride
— (map
)Build output artifact settings that override, for this build only, the latest ones already defined in the build project.
type
— required — (String
)The type of build output artifact. Valid values include:
-
CODEPIPELINE
: The build project has build output generated through CodePipeline.Note: TheCODEPIPELINE
type is not supported forsecondaryArtifacts
. -
NO_ARTIFACTS
: The build project does not produce any build output. -
S3
: The build project stores build output in Amazon S3.
"CODEPIPELINE"
"S3"
"NO_ARTIFACTS"
-
location
— (String
)Information about the build output artifact location:
-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the name of the output bucket.
-
path
— (String
)Along with
namespaceType
andname
, the pattern that CodeBuild uses to name and store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the path to the output artifact. Ifpath
is not specified,path
is not used.
For example, if
path
is set toMyArtifacts
,namespaceType
is set toNONE
, andname
is set toMyArtifact.zip
, the output artifact is stored in the output bucket atMyArtifacts/MyArtifact.zip
.-
namespaceType
— (String
)Along with
path
andname
, the pattern that CodeBuild uses to determine the name and location to store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, valid values include:-
BUILD_ID
: Include the build ID in the location of the build output artifact. -
NONE
: Do not include the build ID. This is the default ifnamespaceType
is not specified.
-
For example, if
Possible values include:path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set toMyArtifact.zip
, the output artifact is stored inMyArtifacts/<build-ID>/MyArtifact.zip
."NONE"
"BUILD_ID"
-
name
— (String
)Along with
path
andnamespaceType
, the pattern that CodeBuild uses to name and store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket.
For example:
-
If
path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set toMyArtifact.zip
, then the output artifact is stored inMyArtifacts/<build-ID>/MyArtifact.zip
. -
If
path
is empty,namespaceType
is set toNONE
, andname
is set to "/
", the output artifact is stored in the root of the output bucket. -
If
path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set to "/
", the output artifact is stored inMyArtifacts/<build-ID>
.
-
packaging
— (String
)The type of build output artifact to create:
-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, valid values include:-
NONE
: CodeBuild creates in the output bucket a folder that contains the build output. This is the default ifpackaging
is not specified. -
ZIP
: CodeBuild creates in the output bucket a ZIP file that contains the build output.
-
"NONE"
"ZIP"
-
overrideArtifactName
— (Boolean
)If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.
encryptionDisabled
— (Boolean
)Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown.
artifactIdentifier
— (String
)An identifier for this artifact definition.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
secondaryArtifactsOverride
— (Array<map>
)An array of
ProjectArtifacts
objects.type
— required — (String
)The type of build output artifact. Valid values include:
-
CODEPIPELINE
: The build project has build output generated through CodePipeline.Note: TheCODEPIPELINE
type is not supported forsecondaryArtifacts
. -
NO_ARTIFACTS
: The build project does not produce any build output. -
S3
: The build project stores build output in Amazon S3.
"CODEPIPELINE"
"S3"
"NO_ARTIFACTS"
-
location
— (String
)Information about the build output artifact location:
-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the name of the output bucket.
-
path
— (String
)Along with
namespaceType
andname
, the pattern that CodeBuild uses to name and store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the path to the output artifact. Ifpath
is not specified,path
is not used.
For example, if
path
is set toMyArtifacts
,namespaceType
is set toNONE
, andname
is set toMyArtifact.zip
, the output artifact is stored in the output bucket atMyArtifacts/MyArtifact.zip
.-
namespaceType
— (String
)Along with
path
andname
, the pattern that CodeBuild uses to determine the name and location to store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, valid values include:-
BUILD_ID
: Include the build ID in the location of the build output artifact. -
NONE
: Do not include the build ID. This is the default ifnamespaceType
is not specified.
-
For example, if
Possible values include:path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set toMyArtifact.zip
, the output artifact is stored inMyArtifacts/<build-ID>/MyArtifact.zip
."NONE"
"BUILD_ID"
-
name
— (String
)Along with
path
andnamespaceType
, the pattern that CodeBuild uses to name and store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket.
For example:
-
If
path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set toMyArtifact.zip
, then the output artifact is stored inMyArtifacts/<build-ID>/MyArtifact.zip
. -
If
path
is empty,namespaceType
is set toNONE
, andname
is set to "/
", the output artifact is stored in the root of the output bucket. -
If
path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set to "/
", the output artifact is stored inMyArtifacts/<build-ID>
.
-
packaging
— (String
)The type of build output artifact to create:
-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, valid values include:-
NONE
: CodeBuild creates in the output bucket a folder that contains the build output. This is the default ifpackaging
is not specified. -
ZIP
: CodeBuild creates in the output bucket a ZIP file that contains the build output.
-
"NONE"
"ZIP"
-
overrideArtifactName
— (Boolean
)If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.
encryptionDisabled
— (Boolean
)Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown.
artifactIdentifier
— (String
)An identifier for this artifact definition.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
environmentVariablesOverride
— (Array<map>
)A set of environment variables that overrides, for this build only, the latest ones already defined in the build project.
name
— required — (String
)The name or key of the environment variable.
value
— required — (String
)The value of the environment variable.
We strongly discourage the use of
PLAINTEXT
environment variables to store sensitive values, especially Amazon Web Services secret key IDs.PLAINTEXT
environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of typePARAMETER_STORE
orSECRETS_MANAGER
.type
— (String
)The type of environment variable. Valid values include:
-
PARAMETER_STORE
: An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as thevalue
of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the CodeBuild User Guide. -
PLAINTEXT
: An environment variable in plain text format. This is the default value. -
SECRETS_MANAGER
: An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as thevalue
of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the CodeBuild User Guide.
"PLAINTEXT"
"PARAMETER_STORE"
"SECRETS_MANAGER"
-
sourceTypeOverride
— (String
)A source input type, for this build, that overrides the source input defined in the build project.
Possible values include:"CODECOMMIT"
"CODEPIPELINE"
"GITHUB"
"GITLAB"
"GITLAB_SELF_MANAGED"
"S3"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"NO_SOURCE"
sourceLocationOverride
— (String
)A location that overrides, for this build, the source location for the one defined in the build project.
sourceAuthOverride
— (map
)An authorization type for this build that overrides the one defined in the build project. This override applies only if the build project's source is BitBucket, GitHub, GitLab, or GitLab Self Managed.
type
— required — (String
)The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The resource value that applies to the specified authorization type.
gitCloneDepthOverride
— (Integer
)The user-defined depth of history, with a minimum value of 0, that overrides, for this build only, any previous depth of history defined in the build project.
gitSubmodulesConfigOverride
— (map
)Information about the Git submodules configuration for this build of an CodeBuild build project.
fetchSubmodules
— required — (Boolean
)Set to true to fetch Git submodules for your CodeBuild build project.
buildspecOverride
— (String
)A buildspec file declaration that overrides the latest one defined in the build project, for this build only. The buildspec defined on the project is not changed.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in
CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.Note: Since this property allows you to change the build commands that will run in the container, you should note that an IAM principal with the ability to call this API and set this parameter can override the default settings. Moreover, we encourage that you use a trustworthy buildspec location like a file in your source repository or a Amazon S3 bucket.insecureSslOverride
— (Boolean
)Enable this flag to override the insecure SSL setting that is specified in the build project. The insecure SSL setting determines whether to ignore SSL warnings while connecting to the project source code. This override applies only if the build's source is GitHub Enterprise.
reportBuildStatusOverride
— (Boolean
)Set to true to report to your source provider the status of a build's start and completion. If you use this option with a source provider other than GitHub, GitHub Enterprise, or Bitbucket, an
invalidInputException
is thrown.To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
Note: The status of a build triggered by a webhook is always reported to your source provider.buildStatusConfigOverride
— (map
)Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is
GITHUB
,GITHUB_ENTERPRISE
, orBITBUCKET
.context
— (String
)Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
name
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
context
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
targetUrl
— (String
)Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
url
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
target_url
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
environmentTypeOverride
— (String
)A container type for this build that overrides the one specified in the build project.
Possible values include:"WINDOWS_CONTAINER"
"LINUX_CONTAINER"
"LINUX_GPU_CONTAINER"
"ARM_CONTAINER"
"WINDOWS_SERVER_2019_CONTAINER"
"LINUX_LAMBDA_CONTAINER"
"ARM_LAMBDA_CONTAINER"
"MAC_ARM"
imageOverride
— (String
)The name of an image for this build that overrides the one specified in the build project.
computeTypeOverride
— (String
)The name of a compute type for this build that overrides the one specified in the build project.
Possible values include:"BUILD_GENERAL1_SMALL"
"BUILD_GENERAL1_MEDIUM"
"BUILD_GENERAL1_LARGE"
"BUILD_GENERAL1_XLARGE"
"BUILD_GENERAL1_2XLARGE"
"BUILD_LAMBDA_1GB"
"BUILD_LAMBDA_2GB"
"BUILD_LAMBDA_4GB"
"BUILD_LAMBDA_8GB"
"BUILD_LAMBDA_10GB"
certificateOverride
— (String
)The name of a certificate for this build that overrides the one specified in the build project.
cacheOverride
— (map
)A ProjectCache object specified for this build that overrides the one defined in the build project.
type
— required — (String
)The type of cache used by the build project. Valid values include:
-
NO_CACHE
: The build project does not use any cache. -
S3
: The build project reads and writes from and to S3. -
LOCAL
: The build project stores a cache locally on a build host that is only available to that build host.
"NO_CACHE"
"S3"
"LOCAL"
-
location
— (String
)Information about the cache location:
-
NO_CACHE
orLOCAL
: This value is ignored. -
S3
: This is the S3 bucket name/prefix.
-
modes
— (Array<String>
)An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for
LOCAL
cache types.Possible values are:
- LOCAL_SOURCE_CACHE
-
Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.
- LOCAL_DOCKER_LAYER_CACHE
-
Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.
Note:- You can use a Docker layer cache in the Linux environment only.
- The
privileged
flag must be set so that your project has the required Docker permissions. - You should consider the security implications before you use a Docker layer cache.
- LOCAL_CUSTOM_CACHE
-
Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:
-
Only directories can be specified for caching. You cannot specify individual files.
-
Symlinks are used to reference cached directories.
-
Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.
-
serviceRoleOverride
— (String
)The name of a service role for this build that overrides the one specified in the build project.
privilegedModeOverride
— (Boolean
)Enable this flag to override privileged mode in the build project.
timeoutInMinutesOverride
— (Integer
)The number of build timeout minutes, from 5 to 2160 (36 hours), that overrides, for this build only, the latest setting already defined in the build project.
queuedTimeoutInMinutesOverride
— (Integer
)The number of minutes a build is allowed to be queued before it times out.
encryptionKeyOverride
— (String
)The Key Management Service customer master key (CMK) that overrides the one specified in the build project. The CMK key encrypts the build output artifacts.
Note: You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format
alias/<alias-name>
).idempotencyToken
— (String
)A unique, case sensitive identifier you provide to ensure the idempotency of the StartBuild request. The token is included in the StartBuild request and is valid for 5 minutes. If you repeat the StartBuild request with the same token, but change a parameter, CodeBuild returns a parameter mismatch error.
logsConfigOverride
— (map
)Log settings for this build that override the log settings defined in the build project.
cloudWatchLogs
— (map
)Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default.
status
— required — (String
)The current status of the logs in CloudWatch Logs for a build project. Valid values are:
-
ENABLED
: CloudWatch Logs are enabled for this build project. -
DISABLED
: CloudWatch Logs are not enabled for this build project.
"ENABLED"
"DISABLED"
-
groupName
— (String
)The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
streamName
— (String
)The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
s3Logs
— (map
)Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default.
status
— required — (String
)The current status of the S3 build logs. Valid values are:
-
ENABLED
: S3 build logs are enabled for this build project. -
DISABLED
: S3 build logs are not enabled for this build project.
"ENABLED"
"DISABLED"
-
location
— (String
)The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is
my-bucket
, and your path prefix isbuild-log
, then acceptable formats aremy-bucket/build-log
orarn:aws:s3:::my-bucket/build-log
.encryptionDisabled
— (Boolean
)Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
registryCredentialOverride
— (map
)The credentials for access to a private registry.
credential
— required — (String
)The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager.
Note: Thecredential
can use the name of the credentials only if they exist in your current Amazon Web Services Region.credentialProvider
— required — (String
)The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager.
Possible values include:"SECRETS_MANAGER"
imagePullCredentialsTypeOverride
— (String
)The type of credentials CodeBuild uses to pull images in your build. There are two valid values:
- CODEBUILD
-
Specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild's service principal.
- SERVICE_ROLE
-
Specifies that CodeBuild uses your build project's service role.
When using a cross-account or private registry image, you must use
Possible values include:SERVICE_ROLE
credentials. When using an CodeBuild curated image, you must useCODEBUILD
credentials."CODEBUILD"
"SERVICE_ROLE"
debugSessionEnabled
— (Boolean
)Specifies if session debugging is enabled for this build. For more information, see Viewing a running build in Session Manager.
fleetOverride
— (map
)A ProjectFleet object specified for this build that overrides the one defined in the build project.
fleetArn
— (String
)Specifies the compute fleet ARN for the build project.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:build
— (map
)Information about the build to be run.
id
— (String
)The unique ID for the build.
arn
— (String
)The Amazon Resource Name (ARN) of the build.
buildNumber
— (Integer
)The number of the build. For each project, the
buildNumber
of its first build is1
. ThebuildNumber
of each subsequent build is incremented by1
. If a build is deleted, thebuildNumber
of other builds does not change.startTime
— (Date
)When the build process started, expressed in Unix time format.
endTime
— (Date
)When the build process ended, expressed in Unix time format.
currentPhase
— (String
)The current build phase.
buildStatus
— (String
)The current status of the build. Valid values include:
-
FAILED
: The build failed. -
FAULT
: The build faulted. -
IN_PROGRESS
: The build is still in progress. -
STOPPED
: The build stopped. -
SUCCEEDED
: The build succeeded. -
TIMED_OUT
: The build timed out.
"SUCCEEDED"
"FAILED"
"FAULT"
"TIMED_OUT"
"IN_PROGRESS"
"STOPPED"
-
sourceVersion
— (String
)Any version identifier for the version of the source code to be built. If
sourceVersion
is specified at the project level, then thissourceVersion
(at the build level) takes precedence.For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
resolvedSourceVersion
— (String
)An identifier for the version of this build's source code.
-
For CodeCommit, GitHub, GitHub Enterprise, and BitBucket, the commit ID.
-
For CodePipeline, the source revision provided by CodePipeline.
-
For Amazon S3, this does not apply.
-
projectName
— (String
)The name of the CodeBuild project.
phases
— (Array<map>
)Information about all previous build phases that are complete and information about any current build phase that is not yet complete.
phaseType
— (String
)The name of the build phase. Valid values include:
- BUILD
-
Core build activities typically occur in this build phase.
- COMPLETED
-
The build has been completed.
- DOWNLOAD_SOURCE
-
Source code is being downloaded in this build phase.
- FINALIZING
-
The build process is completing in this build phase.
- INSTALL
-
Installation activities typically occur in this build phase.
- POST_BUILD
-
Post-build activities typically occur in this build phase.
- PRE_BUILD
-
Pre-build activities typically occur in this build phase.
- PROVISIONING
-
The build environment is being set up.
- QUEUED
-
The build has been submitted and is queued behind other submitted builds.
- SUBMITTED
-
The build has been submitted.
- UPLOAD_ARTIFACTS
-
Build output artifacts are being uploaded to the output location.
"SUBMITTED"
"QUEUED"
"PROVISIONING"
"DOWNLOAD_SOURCE"
"INSTALL"
"PRE_BUILD"
"BUILD"
"POST_BUILD"
"UPLOAD_ARTIFACTS"
"FINALIZING"
"COMPLETED"
phaseStatus
— (String
)The current status of the build phase. Valid values include:
- FAILED
-
The build phase failed.
- FAULT
-
The build phase faulted.
- IN_PROGRESS
-
The build phase is still in progress.
- STOPPED
-
The build phase stopped.
- SUCCEEDED
-
The build phase succeeded.
- TIMED_OUT
-
The build phase timed out.
"SUCCEEDED"
"FAILED"
"FAULT"
"TIMED_OUT"
"IN_PROGRESS"
"STOPPED"
startTime
— (Date
)When the build phase started, expressed in Unix time format.
endTime
— (Date
)When the build phase ended, expressed in Unix time format.
durationInSeconds
— (Integer
)How long, in seconds, between the starting and ending times of the build's phase.
contexts
— (Array<map>
)Additional information about a build phase, especially to help troubleshoot a failed build.
statusCode
— (String
)The status code for the context of the build phase.
message
— (String
)An explanation of the build phase's context. This might include a command ID and an exit code.
source
— (map
)Information about the source code to be built.
type
— required — (String
)The type of repository that contains the source code to be built. Valid values include:
-
BITBUCKET
: The source code is in a Bitbucket repository. -
CODECOMMIT
: The source code is in an CodeCommit repository. -
CODEPIPELINE
: The source code settings are specified in the source action of a pipeline in CodePipeline. -
GITHUB
: The source code is in a GitHub repository. -
GITHUB_ENTERPRISE
: The source code is in a GitHub Enterprise Server repository. -
GITLAB
: The source code is in a GitLab repository. -
GITLAB_SELF_MANAGED
: The source code is in a self-managed GitLab repository. -
NO_SOURCE
: The project does not have input source code. -
S3
: The source code is in an Amazon S3 bucket.
"CODECOMMIT"
"CODEPIPELINE"
"GITHUB"
"GITLAB"
"GITLAB_SELF_MANAGED"
"S3"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"NO_SOURCE"
-
location
— (String
)Information about the location of the source code to be built. Valid values include:
-
For source code settings that are specified in the source action of a pipeline in CodePipeline,
location
should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. -
For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example,
https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>
). -
For source code in an Amazon S3 input bucket, one of the following.
-
The path to the ZIP file that contains the source code (for example,
<bucket-name>/<path>/<object-name>.zip
). -
The path to the folder that contains the source code (for example,
<bucket-name>/<path-to-source-code>/<folder>/
).
-
-
For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
. -
For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the
auth
object'stype
value toCODECONNECTIONS
in thesource
object. -
For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
.
If you specify
CODEPIPELINE
for theType
property, don't specify this property. For all of the other types, you must specifyLocation
.-
gitCloneDepth
— (Integer
)Information about the Git clone depth for the build project.
gitSubmodulesConfig
— (map
)Information about the Git submodules configuration for the build project.
fetchSubmodules
— required — (Boolean
)Set to true to fetch Git submodules for your CodeBuild build project.
buildspec
— (String
)The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in
CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.auth
— (map
)Information about the authorization settings for CodeBuild to access the source code to be built.
type
— required — (String
)The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The resource value that applies to the specified authorization type.
reportBuildStatus
— (Boolean
)Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an
invalidInputException
is thrown.To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.
buildStatusConfig
— (map
)Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is
GITHUB
,GITHUB_ENTERPRISE
, orBITBUCKET
.context
— (String
)Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
name
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
context
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
targetUrl
— (String
)Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
url
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
target_url
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
insecureSsl
— (Boolean
)Enable this flag to ignore SSL warnings while connecting to the project source code.
sourceIdentifier
— (String
)An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
secondarySources
— (Array<map>
)An array of
ProjectSource
objects.type
— required — (String
)The type of repository that contains the source code to be built. Valid values include:
-
BITBUCKET
: The source code is in a Bitbucket repository. -
CODECOMMIT
: The source code is in an CodeCommit repository. -
CODEPIPELINE
: The source code settings are specified in the source action of a pipeline in CodePipeline. -
GITHUB
: The source code is in a GitHub repository. -
GITHUB_ENTERPRISE
: The source code is in a GitHub Enterprise Server repository. -
GITLAB
: The source code is in a GitLab repository. -
GITLAB_SELF_MANAGED
: The source code is in a self-managed GitLab repository. -
NO_SOURCE
: The project does not have input source code. -
S3
: The source code is in an Amazon S3 bucket.
"CODECOMMIT"
"CODEPIPELINE"
"GITHUB"
"GITLAB"
"GITLAB_SELF_MANAGED"
"S3"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"NO_SOURCE"
-
location
— (String
)Information about the location of the source code to be built. Valid values include:
-
For source code settings that are specified in the source action of a pipeline in CodePipeline,
location
should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. -
For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example,
https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>
). -
For source code in an Amazon S3 input bucket, one of the following.
-
The path to the ZIP file that contains the source code (for example,
<bucket-name>/<path>/<object-name>.zip
). -
The path to the folder that contains the source code (for example,
<bucket-name>/<path-to-source-code>/<folder>/
).
-
-
For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
. -
For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the
auth
object'stype
value toCODECONNECTIONS
in thesource
object. -
For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
.
If you specify
CODEPIPELINE
for theType
property, don't specify this property. For all of the other types, you must specifyLocation
.-
gitCloneDepth
— (Integer
)Information about the Git clone depth for the build project.
gitSubmodulesConfig
— (map
)Information about the Git submodules configuration for the build project.
fetchSubmodules
— required — (Boolean
)Set to true to fetch Git submodules for your CodeBuild build project.
buildspec
— (String
)The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in
CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.auth
— (map
)Information about the authorization settings for CodeBuild to access the source code to be built.
type
— required — (String
)The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The resource value that applies to the specified authorization type.
reportBuildStatus
— (Boolean
)Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an
invalidInputException
is thrown.To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.
buildStatusConfig
— (map
)Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is
GITHUB
,GITHUB_ENTERPRISE
, orBITBUCKET
.context
— (String
)Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
name
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
context
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
targetUrl
— (String
)Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
url
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
target_url
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
insecureSsl
— (Boolean
)Enable this flag to ignore SSL warnings while connecting to the project source code.
sourceIdentifier
— (String
)An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
secondarySourceVersions
— (Array<map>
)An array of
ProjectSourceVersion
objects. EachProjectSourceVersion
must be one of:-
For CodeCommit: the commit ID, branch, or Git tag to use.
-
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for example,pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. -
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
-
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
sourceIdentifier
— required — (String
)An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
sourceVersion
— required — (String
)The source version for the corresponding source identifier. If specified, must be one of:
-
For CodeCommit: the commit ID, branch, or Git tag to use.
-
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for example,pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. -
For GitLab: the commit ID, branch, or Git tag to use.
-
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
-
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
-
-
artifacts
— (map
)Information about the output artifacts for the build.
location
— (String
)Information about the location of the build artifacts.
sha256sum
— (String
)The SHA-256 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.md5sum
— (String
)The MD5 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.overrideArtifactName
— (Boolean
)If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.
encryptionDisabled
— (Boolean
)Information that tells you if encryption for build artifacts is disabled.
artifactIdentifier
— (String
)An identifier for this artifact definition.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
secondaryArtifacts
— (Array<map>
)An array of
ProjectArtifacts
objects.location
— (String
)Information about the location of the build artifacts.
sha256sum
— (String
)The SHA-256 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.md5sum
— (String
)The MD5 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.overrideArtifactName
— (Boolean
)If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.
encryptionDisabled
— (Boolean
)Information that tells you if encryption for build artifacts is disabled.
artifactIdentifier
— (String
)An identifier for this artifact definition.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
cache
— (map
)Information about the cache for the build.
type
— required — (String
)The type of cache used by the build project. Valid values include:
-
NO_CACHE
: The build project does not use any cache. -
S3
: The build project reads and writes from and to S3. -
LOCAL
: The build project stores a cache locally on a build host that is only available to that build host.
"NO_CACHE"
"S3"
"LOCAL"
-
location
— (String
)Information about the cache location:
-
NO_CACHE
orLOCAL
: This value is ignored. -
S3
: This is the S3 bucket name/prefix.
-
modes
— (Array<String>
)An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for
LOCAL
cache types.Possible values are:
- LOCAL_SOURCE_CACHE
-
Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.
- LOCAL_DOCKER_LAYER_CACHE
-
Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.
Note:- You can use a Docker layer cache in the Linux environment only.
- The
privileged
flag must be set so that your project has the required Docker permissions. - You should consider the security implications before you use a Docker layer cache.
- LOCAL_CUSTOM_CACHE
-
Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:
-
Only directories can be specified for caching. You cannot specify individual files.
-
Symlinks are used to reference cached directories.
-
Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.
-
environment
— (map
)Information about the build environment for this build.
type
— required — (String
)The type of build environment to use for related builds.
-
The environment type
ARM_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and EU (Frankfurt). -
The environment type
LINUX_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia). -
The environment type
LINUX_GPU_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) , China (Beijing), and China (Ningxia).
-
The environment types
ARM_LAMBDA_CONTAINER
andLINUX_LAMBDA_CONTAINER
are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Frankfurt), EU (Ireland), and South America (São Paulo).
-
The environment types
WINDOWS_CONTAINER
andWINDOWS_SERVER_2019_CONTAINER
are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and EU (Ireland).
Note: If you're using compute fleets during project creation,type
will be ignored.For more information, see Build environment compute types in the CodeBuild user guide.
Possible values include:"WINDOWS_CONTAINER"
"LINUX_CONTAINER"
"LINUX_GPU_CONTAINER"
"ARM_CONTAINER"
"WINDOWS_SERVER_2019_CONTAINER"
"LINUX_LAMBDA_CONTAINER"
"ARM_LAMBDA_CONTAINER"
"MAC_ARM"
-
image
— required — (String
)The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:
-
For an image tag:
<registry>/<repository>:<tag>
. For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would beaws/codebuild/standard:4.0
. -
For an image digest:
<registry>/<repository>@<digest>
. For example, to specify an image with the digest "sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use<registry>/<repository>@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf
.
For more information, see Docker images provided by CodeBuild in the CodeBuild user guide.
-
computeType
— required — (String
)Information about the compute resources the build project uses. Available values include:
-
BUILD_GENERAL1_SMALL
: Use up to 3 GB memory and 2 vCPUs for builds. -
BUILD_GENERAL1_MEDIUM
: Use up to 7 GB memory and 4 vCPUs for builds. -
BUILD_GENERAL1_LARGE
: Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_XLARGE
: Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_2XLARGE
: Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. -
BUILD_LAMBDA_1GB
: Use up to 1 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_2GB
: Use up to 2 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_4GB
: Use up to 4 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_8GB
: Use up to 8 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_10GB
: Use up to 10 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
.
If you use
BUILD_GENERAL1_SMALL
:-
For environment type
LINUX_CONTAINER
, you can use up to 3 GB memory and 2 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 16 GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. -
For environment type
ARM_CONTAINER
, you can use up to 4 GB memory and 2 vCPUs on ARM-based processors for builds.
If you use
BUILD_GENERAL1_LARGE
:-
For environment type
LINUX_CONTAINER
, you can use up to 15 GB memory and 8 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. -
For environment type
ARM_CONTAINER
, you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.
Note: If you're using compute fleets during project creation,computeType
will be ignored.For more information, see Build Environment Compute Types in the CodeBuild User Guide.
Possible values include:"BUILD_GENERAL1_SMALL"
"BUILD_GENERAL1_MEDIUM"
"BUILD_GENERAL1_LARGE"
"BUILD_GENERAL1_XLARGE"
"BUILD_GENERAL1_2XLARGE"
"BUILD_LAMBDA_1GB"
"BUILD_LAMBDA_2GB"
"BUILD_LAMBDA_4GB"
"BUILD_LAMBDA_8GB"
"BUILD_LAMBDA_10GB"
-
fleet
— (map
)A ProjectFleet object to use for this build project.
fleetArn
— (String
)Specifies the compute fleet ARN for the build project.
environmentVariables
— (Array<map>
)A set of environment variables to make available to builds for this build project.
name
— required — (String
)The name or key of the environment variable.
value
— required — (String
)The value of the environment variable.
We strongly discourage the use of
PLAINTEXT
environment variables to store sensitive values, especially Amazon Web Services secret key IDs.PLAINTEXT
environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of typePARAMETER_STORE
orSECRETS_MANAGER
.type
— (String
)The type of environment variable. Valid values include:
-
PARAMETER_STORE
: An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as thevalue
of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the CodeBuild User Guide. -
PLAINTEXT
: An environment variable in plain text format. This is the default value. -
SECRETS_MANAGER
: An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as thevalue
of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the CodeBuild User Guide.
"PLAINTEXT"
"PARAMETER_STORE"
"SECRETS_MANAGER"
-
privilegedMode
— (Boolean
)Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is
false
.You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:
If the operating system's base image is Ubuntu Linux:
- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&
- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"
If the operating system's base image is Alpine Linux and the previous command does not work, add the
-t
argument totimeout
:- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&
- timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"
certificate
— (String
)The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the CodeBuild User Guide.
registryCredential
— (map
)The credentials for access to a private registry.
credential
— required — (String
)The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager.
Note: Thecredential
can use the name of the credentials only if they exist in your current Amazon Web Services Region.credentialProvider
— required — (String
)The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager.
Possible values include:"SECRETS_MANAGER"
imagePullCredentialsType
— (String
)The type of credentials CodeBuild uses to pull images in your build. There are two valid values:
-
CODEBUILD
specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal. -
SERVICE_ROLE
specifies that CodeBuild uses your build project's service role.
When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials.
Possible values include:"CODEBUILD"
"SERVICE_ROLE"
-
serviceRole
— (String
)The name of a service role used for this build.
logs
— (map
)Information about the build's logs in CloudWatch Logs.
groupName
— (String
)The name of the CloudWatch Logs group for the build logs.
streamName
— (String
)The name of the CloudWatch Logs stream for the build logs.
deepLink
— (String
)The URL to an individual build log in CloudWatch Logs. The log stream is created during the PROVISIONING phase of a build and the
deeplink
will not be valid until it is created.s3DeepLink
— (String
)The URL to a build log in an S3 bucket.
cloudWatchLogsArn
— (String
)The ARN of the CloudWatch Logs stream for a build execution. Its format is
arn:${Partition}:logs:${Region}:${Account}:log-group:${LogGroupName}:log-stream:${LogStreamName}
. The CloudWatch Logs stream is created during the PROVISIONING phase of a build and the ARN will not be valid until it is created. For more information, see Resources Defined by CloudWatch Logs.s3LogsArn
— (String
)The ARN of S3 logs for a build project. Its format is
arn:${Partition}:s3:::${BucketName}/${ObjectName}
. For more information, see Resources Defined by Amazon S3.cloudWatchLogs
— (map
)Information about CloudWatch Logs for a build project.
status
— required — (String
)The current status of the logs in CloudWatch Logs for a build project. Valid values are:
-
ENABLED
: CloudWatch Logs are enabled for this build project. -
DISABLED
: CloudWatch Logs are not enabled for this build project.
"ENABLED"
"DISABLED"
-
groupName
— (String
)The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
streamName
— (String
)The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
s3Logs
— (map
)Information about S3 logs for a build project.
status
— required — (String
)The current status of the S3 build logs. Valid values are:
-
ENABLED
: S3 build logs are enabled for this build project. -
DISABLED
: S3 build logs are not enabled for this build project.
"ENABLED"
"DISABLED"
-
location
— (String
)The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is
my-bucket
, and your path prefix isbuild-log
, then acceptable formats aremy-bucket/build-log
orarn:aws:s3:::my-bucket/build-log
.encryptionDisabled
— (Boolean
)Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
timeoutInMinutes
— (Integer
)How long, in minutes, from 5 to 2160 (36 hours), for CodeBuild to wait before timing out this build if it does not get marked as completed.
queuedTimeoutInMinutes
— (Integer
)The number of minutes a build is allowed to be queued before it times out.
buildComplete
— (Boolean
)Whether the build is complete. True if complete; otherwise, false.
initiator
— (String
)The entity that started the build. Valid values include:
-
If CodePipeline started the build, the pipeline's name (for example,
codepipeline/my-demo-pipeline
). -
If a user started the build, the user's name (for example,
MyUserName
). -
If the Jenkins plugin for CodeBuild started the build, the string
CodeBuild-Jenkins-Plugin
.
-
vpcConfig
— (map
)If your CodeBuild project accesses resources in an Amazon VPC, you provide this parameter that identifies the VPC ID and the list of security group IDs and subnet IDs. The security groups and subnets must belong to the same VPC. You must provide at least one security group and one subnet ID.
vpcId
— (String
)The ID of the Amazon VPC.
subnets
— (Array<String>
)A list of one or more subnet IDs in your Amazon VPC.
securityGroupIds
— (Array<String>
)A list of one or more security groups IDs in your Amazon VPC.
networkInterface
— (map
)Describes a network interface.
subnetId
— (String
)The ID of the subnet.
networkInterfaceId
— (String
)The ID of the network interface.
encryptionKey
— (String
)The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.
Note: You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format
alias/<alias-name>
).exportedEnvironmentVariables
— (Array<map>
)A list of exported environment variables for this build.
Exported environment variables are used in conjunction with CodePipeline to export environment variables from the current build stage to subsequent stages in the pipeline. For more information, see Working with variables in the CodePipeline User Guide.
name
— (String
)The name of the exported environment variable.
value
— (String
)The value assigned to the exported environment variable.
reportArns
— (Array<String>
)An array of the ARNs associated with this build's reports.
fileSystemLocations
— (Array<map>
)An array of
ProjectFileSystemLocation
objects for a CodeBuild build project. AProjectFileSystemLocation
object specifies theidentifier
,location
,mountOptions
,mountPoint
, andtype
of a file system created using Amazon Elastic File System.type
— (String
)The type of the file system. The one supported type is
Possible values include:EFS
."EFS"
location
— (String
)A string that specifies the location of the file system created by Amazon EFS. Its format is
efs-dns-name:/directory-path
. You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system isfs-abcd1234.efs.us-west-2.amazonaws.com
, and its mount directory ismy-efs-mount-directory
, then thelocation
isfs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory
.The directory path in the format
efs-dns-name:/directory-path
is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.mountPoint
— (String
)The location in the container where you mount the file system.
identifier
— (String
)The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the
identifier
in all capital letters toCODEBUILD_
. For example, if you specifymy_efs
foridentifier
, a new environment variable is create namedCODEBUILD_MY_EFS
.The
identifier
is used to mount your file system.mountOptions
— (String
)The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are
nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2
. For more information, see Recommended NFS Mount Options.
debugSession
— (map
)Contains information about the debug session for this build.
sessionEnabled
— (Boolean
)Specifies if session debugging is enabled for this build.
sessionTarget
— (String
)Contains the identifier of the Session Manager session used for the build. To work with the paused build, you open this session to examine, control, and resume the build.
buildBatchArn
— (String
)The ARN of the batch build that this build is a member of, if applicable.
-
(AWS.Response)
—
Returns:
startBuildBatch(params = {}, callback) ⇒ AWS.Request
Starts a batch build for a project.
Service Reference:
Examples:
Calling the startBuildBatch operation
var params = {
projectName: 'STRING_VALUE', /* required */
artifactsOverride: {
type: CODEPIPELINE | S3 | NO_ARTIFACTS, /* required */
artifactIdentifier: 'STRING_VALUE',
bucketOwnerAccess: NONE | READ_ONLY | FULL,
encryptionDisabled: true || false,
location: 'STRING_VALUE',
name: 'STRING_VALUE',
namespaceType: NONE | BUILD_ID,
overrideArtifactName: true || false,
packaging: NONE | ZIP,
path: 'STRING_VALUE'
},
buildBatchConfigOverride: {
batchReportMode: REPORT_INDIVIDUAL_BUILDS | REPORT_AGGREGATED_BATCH,
combineArtifacts: true || false,
restrictions: {
computeTypesAllowed: [
'STRING_VALUE',
/* more items */
],
maximumBuildsAllowed: 'NUMBER_VALUE'
},
serviceRole: 'STRING_VALUE',
timeoutInMins: 'NUMBER_VALUE'
},
buildTimeoutInMinutesOverride: 'NUMBER_VALUE',
buildspecOverride: 'STRING_VALUE',
cacheOverride: {
type: NO_CACHE | S3 | LOCAL, /* required */
location: 'STRING_VALUE',
modes: [
LOCAL_DOCKER_LAYER_CACHE | LOCAL_SOURCE_CACHE | LOCAL_CUSTOM_CACHE,
/* more items */
]
},
certificateOverride: 'STRING_VALUE',
computeTypeOverride: BUILD_GENERAL1_SMALL | BUILD_GENERAL1_MEDIUM | BUILD_GENERAL1_LARGE | BUILD_GENERAL1_XLARGE | BUILD_GENERAL1_2XLARGE | BUILD_LAMBDA_1GB | BUILD_LAMBDA_2GB | BUILD_LAMBDA_4GB | BUILD_LAMBDA_8GB | BUILD_LAMBDA_10GB,
debugSessionEnabled: true || false,
encryptionKeyOverride: 'STRING_VALUE',
environmentTypeOverride: WINDOWS_CONTAINER | LINUX_CONTAINER | LINUX_GPU_CONTAINER | ARM_CONTAINER | WINDOWS_SERVER_2019_CONTAINER | LINUX_LAMBDA_CONTAINER | ARM_LAMBDA_CONTAINER | MAC_ARM,
environmentVariablesOverride: [
{
name: 'STRING_VALUE', /* required */
value: 'STRING_VALUE', /* required */
type: PLAINTEXT | PARAMETER_STORE | SECRETS_MANAGER
},
/* more items */
],
gitCloneDepthOverride: 'NUMBER_VALUE',
gitSubmodulesConfigOverride: {
fetchSubmodules: true || false /* required */
},
idempotencyToken: 'STRING_VALUE',
imageOverride: 'STRING_VALUE',
imagePullCredentialsTypeOverride: CODEBUILD | SERVICE_ROLE,
insecureSslOverride: true || false,
logsConfigOverride: {
cloudWatchLogs: {
status: ENABLED | DISABLED, /* required */
groupName: 'STRING_VALUE',
streamName: 'STRING_VALUE'
},
s3Logs: {
status: ENABLED | DISABLED, /* required */
bucketOwnerAccess: NONE | READ_ONLY | FULL,
encryptionDisabled: true || false,
location: 'STRING_VALUE'
}
},
privilegedModeOverride: true || false,
queuedTimeoutInMinutesOverride: 'NUMBER_VALUE',
registryCredentialOverride: {
credential: 'STRING_VALUE', /* required */
credentialProvider: SECRETS_MANAGER /* required */
},
reportBuildBatchStatusOverride: true || false,
secondaryArtifactsOverride: [
{
type: CODEPIPELINE | S3 | NO_ARTIFACTS, /* required */
artifactIdentifier: 'STRING_VALUE',
bucketOwnerAccess: NONE | READ_ONLY | FULL,
encryptionDisabled: true || false,
location: 'STRING_VALUE',
name: 'STRING_VALUE',
namespaceType: NONE | BUILD_ID,
overrideArtifactName: true || false,
packaging: NONE | ZIP,
path: 'STRING_VALUE'
},
/* more items */
],
secondarySourcesOverride: [
{
type: CODECOMMIT | CODEPIPELINE | GITHUB | GITLAB | GITLAB_SELF_MANAGED | S3 | BITBUCKET | GITHUB_ENTERPRISE | NO_SOURCE, /* required */
auth: {
type: OAUTH | CODECONNECTIONS | SECRETS_MANAGER, /* required */
resource: 'STRING_VALUE'
},
buildStatusConfig: {
context: 'STRING_VALUE',
targetUrl: 'STRING_VALUE'
},
buildspec: 'STRING_VALUE',
gitCloneDepth: 'NUMBER_VALUE',
gitSubmodulesConfig: {
fetchSubmodules: true || false /* required */
},
insecureSsl: true || false,
location: 'STRING_VALUE',
reportBuildStatus: true || false,
sourceIdentifier: 'STRING_VALUE'
},
/* more items */
],
secondarySourcesVersionOverride: [
{
sourceIdentifier: 'STRING_VALUE', /* required */
sourceVersion: 'STRING_VALUE' /* required */
},
/* more items */
],
serviceRoleOverride: 'STRING_VALUE',
sourceAuthOverride: {
type: OAUTH | CODECONNECTIONS | SECRETS_MANAGER, /* required */
resource: 'STRING_VALUE'
},
sourceLocationOverride: 'STRING_VALUE',
sourceTypeOverride: CODECOMMIT | CODEPIPELINE | GITHUB | GITLAB | GITLAB_SELF_MANAGED | S3 | BITBUCKET | GITHUB_ENTERPRISE | NO_SOURCE,
sourceVersion: 'STRING_VALUE'
};
codebuild.startBuildBatch(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
projectName
— (String
)The name of the project.
secondarySourcesOverride
— (Array<map>
)An array of
ProjectSource
objects that override the secondary sources defined in the batch build project.type
— required — (String
)The type of repository that contains the source code to be built. Valid values include:
-
BITBUCKET
: The source code is in a Bitbucket repository. -
CODECOMMIT
: The source code is in an CodeCommit repository. -
CODEPIPELINE
: The source code settings are specified in the source action of a pipeline in CodePipeline. -
GITHUB
: The source code is in a GitHub repository. -
GITHUB_ENTERPRISE
: The source code is in a GitHub Enterprise Server repository. -
GITLAB
: The source code is in a GitLab repository. -
GITLAB_SELF_MANAGED
: The source code is in a self-managed GitLab repository. -
NO_SOURCE
: The project does not have input source code. -
S3
: The source code is in an Amazon S3 bucket.
"CODECOMMIT"
"CODEPIPELINE"
"GITHUB"
"GITLAB"
"GITLAB_SELF_MANAGED"
"S3"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"NO_SOURCE"
-
location
— (String
)Information about the location of the source code to be built. Valid values include:
-
For source code settings that are specified in the source action of a pipeline in CodePipeline,
location
should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. -
For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example,
https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>
). -
For source code in an Amazon S3 input bucket, one of the following.
-
The path to the ZIP file that contains the source code (for example,
<bucket-name>/<path>/<object-name>.zip
). -
The path to the folder that contains the source code (for example,
<bucket-name>/<path-to-source-code>/<folder>/
).
-
-
For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
. -
For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the
auth
object'stype
value toCODECONNECTIONS
in thesource
object. -
For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
.
If you specify
CODEPIPELINE
for theType
property, don't specify this property. For all of the other types, you must specifyLocation
.-
gitCloneDepth
— (Integer
)Information about the Git clone depth for the build project.
gitSubmodulesConfig
— (map
)Information about the Git submodules configuration for the build project.
fetchSubmodules
— required — (Boolean
)Set to true to fetch Git submodules for your CodeBuild build project.
buildspec
— (String
)The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in
CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.auth
— (map
)Information about the authorization settings for CodeBuild to access the source code to be built.
type
— required — (String
)The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The resource value that applies to the specified authorization type.
reportBuildStatus
— (Boolean
)Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an
invalidInputException
is thrown.To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.
buildStatusConfig
— (map
)Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is
GITHUB
,GITHUB_ENTERPRISE
, orBITBUCKET
.context
— (String
)Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
name
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
context
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
targetUrl
— (String
)Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
url
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
target_url
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
insecureSsl
— (Boolean
)Enable this flag to ignore SSL warnings while connecting to the project source code.
sourceIdentifier
— (String
)An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
secondarySourcesVersionOverride
— (Array<map>
)An array of
ProjectSourceVersion
objects that override the secondary source versions in the batch build project.sourceIdentifier
— required — (String
)An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
sourceVersion
— required — (String
)The source version for the corresponding source identifier. If specified, must be one of:
-
For CodeCommit: the commit ID, branch, or Git tag to use.
-
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for example,pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. -
For GitLab: the commit ID, branch, or Git tag to use.
-
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
-
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
-
sourceVersion
— (String
)The version of the batch build input to be built, for this build only. If not specified, the latest version is used. If specified, the contents depends on the source provider:
- CodeCommit
-
The commit ID, branch, or Git tag to use.
- GitHub
-
The commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for examplepr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. - Bitbucket
-
The commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
- Amazon S3
-
The version ID of the object that represents the build input ZIP file to use.
If
sourceVersion
is specified at the project level, then thissourceVersion
(at the build level) takes precedence.For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
artifactsOverride
— (map
)An array of
ProjectArtifacts
objects that contains information about the build output artifact overrides for the build project.type
— required — (String
)The type of build output artifact. Valid values include:
-
CODEPIPELINE
: The build project has build output generated through CodePipeline.Note: TheCODEPIPELINE
type is not supported forsecondaryArtifacts
. -
NO_ARTIFACTS
: The build project does not produce any build output. -
S3
: The build project stores build output in Amazon S3.
"CODEPIPELINE"
"S3"
"NO_ARTIFACTS"
-
location
— (String
)Information about the build output artifact location:
-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the name of the output bucket.
-
path
— (String
)Along with
namespaceType
andname
, the pattern that CodeBuild uses to name and store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the path to the output artifact. Ifpath
is not specified,path
is not used.
For example, if
path
is set toMyArtifacts
,namespaceType
is set toNONE
, andname
is set toMyArtifact.zip
, the output artifact is stored in the output bucket atMyArtifacts/MyArtifact.zip
.-
namespaceType
— (String
)Along with
path
andname
, the pattern that CodeBuild uses to determine the name and location to store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, valid values include:-
BUILD_ID
: Include the build ID in the location of the build output artifact. -
NONE
: Do not include the build ID. This is the default ifnamespaceType
is not specified.
-
For example, if
Possible values include:path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set toMyArtifact.zip
, the output artifact is stored inMyArtifacts/<build-ID>/MyArtifact.zip
."NONE"
"BUILD_ID"
-
name
— (String
)Along with
path
andnamespaceType
, the pattern that CodeBuild uses to name and store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket.
For example:
-
If
path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set toMyArtifact.zip
, then the output artifact is stored inMyArtifacts/<build-ID>/MyArtifact.zip
. -
If
path
is empty,namespaceType
is set toNONE
, andname
is set to "/
", the output artifact is stored in the root of the output bucket. -
If
path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set to "/
", the output artifact is stored inMyArtifacts/<build-ID>
.
-
packaging
— (String
)The type of build output artifact to create:
-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, valid values include:-
NONE
: CodeBuild creates in the output bucket a folder that contains the build output. This is the default ifpackaging
is not specified. -
ZIP
: CodeBuild creates in the output bucket a ZIP file that contains the build output.
-
"NONE"
"ZIP"
-
overrideArtifactName
— (Boolean
)If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.
encryptionDisabled
— (Boolean
)Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown.
artifactIdentifier
— (String
)An identifier for this artifact definition.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
secondaryArtifactsOverride
— (Array<map>
)An array of
ProjectArtifacts
objects that override the secondary artifacts defined in the batch build project.type
— required — (String
)The type of build output artifact. Valid values include:
-
CODEPIPELINE
: The build project has build output generated through CodePipeline.Note: TheCODEPIPELINE
type is not supported forsecondaryArtifacts
. -
NO_ARTIFACTS
: The build project does not produce any build output. -
S3
: The build project stores build output in Amazon S3.
"CODEPIPELINE"
"S3"
"NO_ARTIFACTS"
-
location
— (String
)Information about the build output artifact location:
-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the name of the output bucket.
-
path
— (String
)Along with
namespaceType
andname
, the pattern that CodeBuild uses to name and store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the path to the output artifact. Ifpath
is not specified,path
is not used.
For example, if
path
is set toMyArtifacts
,namespaceType
is set toNONE
, andname
is set toMyArtifact.zip
, the output artifact is stored in the output bucket atMyArtifacts/MyArtifact.zip
.-
namespaceType
— (String
)Along with
path
andname
, the pattern that CodeBuild uses to determine the name and location to store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, valid values include:-
BUILD_ID
: Include the build ID in the location of the build output artifact. -
NONE
: Do not include the build ID. This is the default ifnamespaceType
is not specified.
-
For example, if
Possible values include:path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set toMyArtifact.zip
, the output artifact is stored inMyArtifacts/<build-ID>/MyArtifact.zip
."NONE"
"BUILD_ID"
-
name
— (String
)Along with
path
andnamespaceType
, the pattern that CodeBuild uses to name and store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket.
For example:
-
If
path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set toMyArtifact.zip
, then the output artifact is stored inMyArtifacts/<build-ID>/MyArtifact.zip
. -
If
path
is empty,namespaceType
is set toNONE
, andname
is set to "/
", the output artifact is stored in the root of the output bucket. -
If
path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set to "/
", the output artifact is stored inMyArtifacts/<build-ID>
.
-
packaging
— (String
)The type of build output artifact to create:
-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, valid values include:-
NONE
: CodeBuild creates in the output bucket a folder that contains the build output. This is the default ifpackaging
is not specified. -
ZIP
: CodeBuild creates in the output bucket a ZIP file that contains the build output.
-
"NONE"
"ZIP"
-
overrideArtifactName
— (Boolean
)If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.
encryptionDisabled
— (Boolean
)Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown.
artifactIdentifier
— (String
)An identifier for this artifact definition.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
environmentVariablesOverride
— (Array<map>
)An array of
EnvironmentVariable
objects that override, or add to, the environment variables defined in the batch build project.name
— required — (String
)The name or key of the environment variable.
value
— required — (String
)The value of the environment variable.
We strongly discourage the use of
PLAINTEXT
environment variables to store sensitive values, especially Amazon Web Services secret key IDs.PLAINTEXT
environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of typePARAMETER_STORE
orSECRETS_MANAGER
.type
— (String
)The type of environment variable. Valid values include:
-
PARAMETER_STORE
: An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as thevalue
of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the CodeBuild User Guide. -
PLAINTEXT
: An environment variable in plain text format. This is the default value. -
SECRETS_MANAGER
: An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as thevalue
of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the CodeBuild User Guide.
"PLAINTEXT"
"PARAMETER_STORE"
"SECRETS_MANAGER"
-
sourceTypeOverride
— (String
)The source input type that overrides the source input defined in the batch build project.
Possible values include:"CODECOMMIT"
"CODEPIPELINE"
"GITHUB"
"GITLAB"
"GITLAB_SELF_MANAGED"
"S3"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"NO_SOURCE"
sourceLocationOverride
— (String
)A location that overrides, for this batch build, the source location defined in the batch build project.
sourceAuthOverride
— (map
)A
SourceAuth
object that overrides the one defined in the batch build project. This override applies only if the build project's source is BitBucket or GitHub.type
— required — (String
)The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The resource value that applies to the specified authorization type.
gitCloneDepthOverride
— (Integer
)The user-defined depth of history, with a minimum value of 0, that overrides, for this batch build only, any previous depth of history defined in the batch build project.
gitSubmodulesConfigOverride
— (map
)A
GitSubmodulesConfig
object that overrides the Git submodules configuration for this batch build.fetchSubmodules
— required — (Boolean
)Set to true to fetch Git submodules for your CodeBuild build project.
buildspecOverride
— (String
)A buildspec file declaration that overrides, for this build only, the latest one already defined in the build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in
CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.insecureSslOverride
— (Boolean
)Enable this flag to override the insecure SSL setting that is specified in the batch build project. The insecure SSL setting determines whether to ignore SSL warnings while connecting to the project source code. This override applies only if the build's source is GitHub Enterprise.
reportBuildBatchStatusOverride
— (Boolean
)Set to
true
to report to your source provider the status of a batch build's start and completion. If you use this option with a source provider other than GitHub, GitHub Enterprise, or Bitbucket, aninvalidInputException
is thrown.Note: The status of a build triggered by a webhook is always reported to your source provider.environmentTypeOverride
— (String
)A container type for this batch build that overrides the one specified in the batch build project.
Possible values include:"WINDOWS_CONTAINER"
"LINUX_CONTAINER"
"LINUX_GPU_CONTAINER"
"ARM_CONTAINER"
"WINDOWS_SERVER_2019_CONTAINER"
"LINUX_LAMBDA_CONTAINER"
"ARM_LAMBDA_CONTAINER"
"MAC_ARM"
imageOverride
— (String
)The name of an image for this batch build that overrides the one specified in the batch build project.
computeTypeOverride
— (String
)The name of a compute type for this batch build that overrides the one specified in the batch build project.
Possible values include:"BUILD_GENERAL1_SMALL"
"BUILD_GENERAL1_MEDIUM"
"BUILD_GENERAL1_LARGE"
"BUILD_GENERAL1_XLARGE"
"BUILD_GENERAL1_2XLARGE"
"BUILD_LAMBDA_1GB"
"BUILD_LAMBDA_2GB"
"BUILD_LAMBDA_4GB"
"BUILD_LAMBDA_8GB"
"BUILD_LAMBDA_10GB"
certificateOverride
— (String
)The name of a certificate for this batch build that overrides the one specified in the batch build project.
cacheOverride
— (map
)A
ProjectCache
object that specifies cache overrides.type
— required — (String
)The type of cache used by the build project. Valid values include:
-
NO_CACHE
: The build project does not use any cache. -
S3
: The build project reads and writes from and to S3. -
LOCAL
: The build project stores a cache locally on a build host that is only available to that build host.
"NO_CACHE"
"S3"
"LOCAL"
-
location
— (String
)Information about the cache location:
-
NO_CACHE
orLOCAL
: This value is ignored. -
S3
: This is the S3 bucket name/prefix.
-
modes
— (Array<String>
)An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for
LOCAL
cache types.Possible values are:
- LOCAL_SOURCE_CACHE
-
Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.
- LOCAL_DOCKER_LAYER_CACHE
-
Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.
Note:- You can use a Docker layer cache in the Linux environment only.
- The
privileged
flag must be set so that your project has the required Docker permissions. - You should consider the security implications before you use a Docker layer cache.
- LOCAL_CUSTOM_CACHE
-
Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:
-
Only directories can be specified for caching. You cannot specify individual files.
-
Symlinks are used to reference cached directories.
-
Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.
-
serviceRoleOverride
— (String
)The name of a service role for this batch build that overrides the one specified in the batch build project.
privilegedModeOverride
— (Boolean
)Enable this flag to override privileged mode in the batch build project.
buildTimeoutInMinutesOverride
— (Integer
)Overrides the build timeout specified in the batch build project.
queuedTimeoutInMinutesOverride
— (Integer
)The number of minutes a batch build is allowed to be queued before it times out.
encryptionKeyOverride
— (String
)The Key Management Service customer master key (CMK) that overrides the one specified in the batch build project. The CMK key encrypts the build output artifacts.
Note: You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format
alias/<alias-name>
).idempotencyToken
— (String
)A unique, case sensitive identifier you provide to ensure the idempotency of the
StartBuildBatch
request. The token is included in theStartBuildBatch
request and is valid for five minutes. If you repeat theStartBuildBatch
request with the same token, but change a parameter, CodeBuild returns a parameter mismatch error.logsConfigOverride
— (map
)A
LogsConfig
object that override the log settings defined in the batch build project.cloudWatchLogs
— (map
)Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default.
status
— required — (String
)The current status of the logs in CloudWatch Logs for a build project. Valid values are:
-
ENABLED
: CloudWatch Logs are enabled for this build project. -
DISABLED
: CloudWatch Logs are not enabled for this build project.
"ENABLED"
"DISABLED"
-
groupName
— (String
)The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
streamName
— (String
)The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
s3Logs
— (map
)Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default.
status
— required — (String
)The current status of the S3 build logs. Valid values are:
-
ENABLED
: S3 build logs are enabled for this build project. -
DISABLED
: S3 build logs are not enabled for this build project.
"ENABLED"
"DISABLED"
-
location
— (String
)The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is
my-bucket
, and your path prefix isbuild-log
, then acceptable formats aremy-bucket/build-log
orarn:aws:s3:::my-bucket/build-log
.encryptionDisabled
— (Boolean
)Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
registryCredentialOverride
— (map
)A
RegistryCredential
object that overrides credentials for access to a private registry.credential
— required — (String
)The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager.
Note: Thecredential
can use the name of the credentials only if they exist in your current Amazon Web Services Region.credentialProvider
— required — (String
)The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager.
Possible values include:"SECRETS_MANAGER"
imagePullCredentialsTypeOverride
— (String
)The type of credentials CodeBuild uses to pull images in your batch build. There are two valid values:
- CODEBUILD
-
Specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild's service principal.
- SERVICE_ROLE
-
Specifies that CodeBuild uses your build project's service role.
When using a cross-account or private registry image, you must use
Possible values include:SERVICE_ROLE
credentials. When using an CodeBuild curated image, you must useCODEBUILD
credentials."CODEBUILD"
"SERVICE_ROLE"
buildBatchConfigOverride
— (map
)A
BuildBatchConfigOverride
object that contains batch build configuration overrides.serviceRole
— (String
)Specifies the service role ARN for the batch build project.
combineArtifacts
— (Boolean
)Specifies if the build artifacts for the batch build should be combined into a single artifact location.
restrictions
— (map
)A
BatchRestrictions
object that specifies the restrictions for the batch build.maximumBuildsAllowed
— (Integer
)Specifies the maximum number of builds allowed.
computeTypesAllowed
— (Array<String>
)An array of strings that specify the compute types that are allowed for the batch build. See Build environment compute types in the CodeBuild User Guide for these values.
timeoutInMins
— (Integer
)Specifies the maximum amount of time, in minutes, that the batch build must be completed in.
batchReportMode
— (String
)Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider.
- REPORT_AGGREGATED_BATCH
-
(Default) Aggregate all of the build statuses into a single status report.
- REPORT_INDIVIDUAL_BUILDS
-
Send a separate status report for each individual build.
"REPORT_INDIVIDUAL_BUILDS"
"REPORT_AGGREGATED_BATCH"
debugSessionEnabled
— (Boolean
)Specifies if session debugging is enabled for this batch build. For more information, see Viewing a running build in Session Manager. Batch session debugging is not supported for matrix batch builds.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:buildBatch
— (map
)A
BuildBatch
object that contains information about the batch build.id
— (String
)The identifier of the batch build.
arn
— (String
)The ARN of the batch build.
startTime
— (Date
)The date and time that the batch build started.
endTime
— (Date
)The date and time that the batch build ended.
currentPhase
— (String
)The current phase of the batch build.
buildBatchStatus
— (String
)The status of the batch build.
Possible values include:"SUCCEEDED"
"FAILED"
"FAULT"
"TIMED_OUT"
"IN_PROGRESS"
"STOPPED"
sourceVersion
— (String
)The identifier of the version of the source code to be built.
resolvedSourceVersion
— (String
)The identifier of the resolved version of this batch build's source code.
-
For CodeCommit, GitHub, GitHub Enterprise, and BitBucket, the commit ID.
-
For CodePipeline, the source revision provided by CodePipeline.
-
For Amazon S3, this does not apply.
-
projectName
— (String
)The name of the batch build project.
phases
— (Array<map>
)An array of
BuildBatchPhase
objects the specify the phases of the batch build.phaseType
— (String
)The name of the batch build phase. Valid values include:
- COMBINE_ARTIFACTS
-
Build output artifacts are being combined and uploaded to the output location.
- DOWNLOAD_BATCHSPEC
-
The batch build specification is being downloaded.
- FAILED
-
One or more of the builds failed.
- IN_PROGRESS
-
The batch build is in progress.
- STOPPED
-
The batch build was stopped.
- SUBMITTED
-
The btach build has been submitted.
- SUCCEEDED
-
The batch build succeeded.
"SUBMITTED"
"DOWNLOAD_BATCHSPEC"
"IN_PROGRESS"
"COMBINE_ARTIFACTS"
"SUCCEEDED"
"FAILED"
"STOPPED"
phaseStatus
— (String
)The current status of the batch build phase. Valid values include:
- FAILED
-
The build phase failed.
- FAULT
-
The build phase faulted.
- IN_PROGRESS
-
The build phase is still in progress.
- STOPPED
-
The build phase stopped.
- SUCCEEDED
-
The build phase succeeded.
- TIMED_OUT
-
The build phase timed out.
"SUCCEEDED"
"FAILED"
"FAULT"
"TIMED_OUT"
"IN_PROGRESS"
"STOPPED"
startTime
— (Date
)When the batch build phase started, expressed in Unix time format.
endTime
— (Date
)When the batch build phase ended, expressed in Unix time format.
durationInSeconds
— (Integer
)How long, in seconds, between the starting and ending times of the batch build's phase.
contexts
— (Array<map>
)Additional information about the batch build phase. Especially to help troubleshoot a failed batch build.
statusCode
— (String
)The status code for the context of the build phase.
message
— (String
)An explanation of the build phase's context. This might include a command ID and an exit code.
source
— (map
)Information about the build input source code for the build project.
type
— required — (String
)The type of repository that contains the source code to be built. Valid values include:
-
BITBUCKET
: The source code is in a Bitbucket repository. -
CODECOMMIT
: The source code is in an CodeCommit repository. -
CODEPIPELINE
: The source code settings are specified in the source action of a pipeline in CodePipeline. -
GITHUB
: The source code is in a GitHub repository. -
GITHUB_ENTERPRISE
: The source code is in a GitHub Enterprise Server repository. -
GITLAB
: The source code is in a GitLab repository. -
GITLAB_SELF_MANAGED
: The source code is in a self-managed GitLab repository. -
NO_SOURCE
: The project does not have input source code. -
S3
: The source code is in an Amazon S3 bucket.
"CODECOMMIT"
"CODEPIPELINE"
"GITHUB"
"GITLAB"
"GITLAB_SELF_MANAGED"
"S3"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"NO_SOURCE"
-
location
— (String
)Information about the location of the source code to be built. Valid values include:
-
For source code settings that are specified in the source action of a pipeline in CodePipeline,
location
should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. -
For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example,
https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>
). -
For source code in an Amazon S3 input bucket, one of the following.
-
The path to the ZIP file that contains the source code (for example,
<bucket-name>/<path>/<object-name>.zip
). -
The path to the folder that contains the source code (for example,
<bucket-name>/<path-to-source-code>/<folder>/
).
-
-
For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
. -
For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the
auth
object'stype
value toCODECONNECTIONS
in thesource
object. -
For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
.
If you specify
CODEPIPELINE
for theType
property, don't specify this property. For all of the other types, you must specifyLocation
.-
gitCloneDepth
— (Integer
)Information about the Git clone depth for the build project.
gitSubmodulesConfig
— (map
)Information about the Git submodules configuration for the build project.
fetchSubmodules
— required — (Boolean
)Set to true to fetch Git submodules for your CodeBuild build project.
buildspec
— (String
)The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in
CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.auth
— (map
)Information about the authorization settings for CodeBuild to access the source code to be built.
type
— required — (String
)The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The resource value that applies to the specified authorization type.
reportBuildStatus
— (Boolean
)Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an
invalidInputException
is thrown.To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.
buildStatusConfig
— (map
)Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is
GITHUB
,GITHUB_ENTERPRISE
, orBITBUCKET
.context
— (String
)Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
name
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
context
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
targetUrl
— (String
)Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
url
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
target_url
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
insecureSsl
— (Boolean
)Enable this flag to ignore SSL warnings while connecting to the project source code.
sourceIdentifier
— (String
)An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
secondarySources
— (Array<map>
)An array of
ProjectSource
objects that define the sources for the batch build.type
— required — (String
)The type of repository that contains the source code to be built. Valid values include:
-
BITBUCKET
: The source code is in a Bitbucket repository. -
CODECOMMIT
: The source code is in an CodeCommit repository. -
CODEPIPELINE
: The source code settings are specified in the source action of a pipeline in CodePipeline. -
GITHUB
: The source code is in a GitHub repository. -
GITHUB_ENTERPRISE
: The source code is in a GitHub Enterprise Server repository. -
GITLAB
: The source code is in a GitLab repository. -
GITLAB_SELF_MANAGED
: The source code is in a self-managed GitLab repository. -
NO_SOURCE
: The project does not have input source code. -
S3
: The source code is in an Amazon S3 bucket.
"CODECOMMIT"
"CODEPIPELINE"
"GITHUB"
"GITLAB"
"GITLAB_SELF_MANAGED"
"S3"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"NO_SOURCE"
-
location
— (String
)Information about the location of the source code to be built. Valid values include:
-
For source code settings that are specified in the source action of a pipeline in CodePipeline,
location
should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. -
For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example,
https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>
). -
For source code in an Amazon S3 input bucket, one of the following.
-
The path to the ZIP file that contains the source code (for example,
<bucket-name>/<path>/<object-name>.zip
). -
The path to the folder that contains the source code (for example,
<bucket-name>/<path-to-source-code>/<folder>/
).
-
-
For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
. -
For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the
auth
object'stype
value toCODECONNECTIONS
in thesource
object. -
For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
.
If you specify
CODEPIPELINE
for theType
property, don't specify this property. For all of the other types, you must specifyLocation
.-
gitCloneDepth
— (Integer
)Information about the Git clone depth for the build project.
gitSubmodulesConfig
— (map
)Information about the Git submodules configuration for the build project.
fetchSubmodules
— required — (Boolean
)Set to true to fetch Git submodules for your CodeBuild build project.
buildspec
— (String
)The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in
CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.auth
— (map
)Information about the authorization settings for CodeBuild to access the source code to be built.
type
— required — (String
)The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The resource value that applies to the specified authorization type.
reportBuildStatus
— (Boolean
)Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an
invalidInputException
is thrown.To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.
buildStatusConfig
— (map
)Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is
GITHUB
,GITHUB_ENTERPRISE
, orBITBUCKET
.context
— (String
)Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
name
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
context
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
targetUrl
— (String
)Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
url
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
target_url
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
insecureSsl
— (Boolean
)Enable this flag to ignore SSL warnings while connecting to the project source code.
sourceIdentifier
— (String
)An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
secondarySourceVersions
— (Array<map>
)An array of
ProjectSourceVersion
objects. EachProjectSourceVersion
must be one of:-
For CodeCommit: the commit ID, branch, or Git tag to use.
-
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for example,pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. -
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
-
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
sourceIdentifier
— required — (String
)An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
sourceVersion
— required — (String
)The source version for the corresponding source identifier. If specified, must be one of:
-
For CodeCommit: the commit ID, branch, or Git tag to use.
-
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for example,pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. -
For GitLab: the commit ID, branch, or Git tag to use.
-
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
-
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
-
-
artifacts
— (map
)A
BuildArtifacts
object the defines the build artifacts for this batch build.location
— (String
)Information about the location of the build artifacts.
sha256sum
— (String
)The SHA-256 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.md5sum
— (String
)The MD5 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.overrideArtifactName
— (Boolean
)If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.
encryptionDisabled
— (Boolean
)Information that tells you if encryption for build artifacts is disabled.
artifactIdentifier
— (String
)An identifier for this artifact definition.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
secondaryArtifacts
— (Array<map>
)An array of
BuildArtifacts
objects the define the build artifacts for this batch build.location
— (String
)Information about the location of the build artifacts.
sha256sum
— (String
)The SHA-256 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.md5sum
— (String
)The MD5 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.overrideArtifactName
— (Boolean
)If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.
encryptionDisabled
— (Boolean
)Information that tells you if encryption for build artifacts is disabled.
artifactIdentifier
— (String
)An identifier for this artifact definition.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
cache
— (map
)Information about the cache for the build project.
type
— required — (String
)The type of cache used by the build project. Valid values include:
-
NO_CACHE
: The build project does not use any cache. -
S3
: The build project reads and writes from and to S3. -
LOCAL
: The build project stores a cache locally on a build host that is only available to that build host.
"NO_CACHE"
"S3"
"LOCAL"
-
location
— (String
)Information about the cache location:
-
NO_CACHE
orLOCAL
: This value is ignored. -
S3
: This is the S3 bucket name/prefix.
-
modes
— (Array<String>
)An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for
LOCAL
cache types.Possible values are:
- LOCAL_SOURCE_CACHE
-
Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.
- LOCAL_DOCKER_LAYER_CACHE
-
Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.
Note:- You can use a Docker layer cache in the Linux environment only.
- The
privileged
flag must be set so that your project has the required Docker permissions. - You should consider the security implications before you use a Docker layer cache.
- LOCAL_CUSTOM_CACHE
-
Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:
-
Only directories can be specified for caching. You cannot specify individual files.
-
Symlinks are used to reference cached directories.
-
Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.
-
environment
— (map
)Information about the build environment of the build project.
type
— required — (String
)The type of build environment to use for related builds.
-
The environment type
ARM_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and EU (Frankfurt). -
The environment type
LINUX_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia). -
The environment type
LINUX_GPU_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) , China (Beijing), and China (Ningxia).
-
The environment types
ARM_LAMBDA_CONTAINER
andLINUX_LAMBDA_CONTAINER
are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Frankfurt), EU (Ireland), and South America (São Paulo).
-
The environment types
WINDOWS_CONTAINER
andWINDOWS_SERVER_2019_CONTAINER
are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and EU (Ireland).
Note: If you're using compute fleets during project creation,type
will be ignored.For more information, see Build environment compute types in the CodeBuild user guide.
Possible values include:"WINDOWS_CONTAINER"
"LINUX_CONTAINER"
"LINUX_GPU_CONTAINER"
"ARM_CONTAINER"
"WINDOWS_SERVER_2019_CONTAINER"
"LINUX_LAMBDA_CONTAINER"
"ARM_LAMBDA_CONTAINER"
"MAC_ARM"
-
image
— required — (String
)The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:
-
For an image tag:
<registry>/<repository>:<tag>
. For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would beaws/codebuild/standard:4.0
. -
For an image digest:
<registry>/<repository>@<digest>
. For example, to specify an image with the digest "sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use<registry>/<repository>@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf
.
For more information, see Docker images provided by CodeBuild in the CodeBuild user guide.
-
computeType
— required — (String
)Information about the compute resources the build project uses. Available values include:
-
BUILD_GENERAL1_SMALL
: Use up to 3 GB memory and 2 vCPUs for builds. -
BUILD_GENERAL1_MEDIUM
: Use up to 7 GB memory and 4 vCPUs for builds. -
BUILD_GENERAL1_LARGE
: Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_XLARGE
: Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_2XLARGE
: Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. -
BUILD_LAMBDA_1GB
: Use up to 1 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_2GB
: Use up to 2 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_4GB
: Use up to 4 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_8GB
: Use up to 8 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_10GB
: Use up to 10 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
.
If you use
BUILD_GENERAL1_SMALL
:-
For environment type
LINUX_CONTAINER
, you can use up to 3 GB memory and 2 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 16 GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. -
For environment type
ARM_CONTAINER
, you can use up to 4 GB memory and 2 vCPUs on ARM-based processors for builds.
If you use
BUILD_GENERAL1_LARGE
:-
For environment type
LINUX_CONTAINER
, you can use up to 15 GB memory and 8 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. -
For environment type
ARM_CONTAINER
, you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.
Note: If you're using compute fleets during project creation,computeType
will be ignored.For more information, see Build Environment Compute Types in the CodeBuild User Guide.
Possible values include:"BUILD_GENERAL1_SMALL"
"BUILD_GENERAL1_MEDIUM"
"BUILD_GENERAL1_LARGE"
"BUILD_GENERAL1_XLARGE"
"BUILD_GENERAL1_2XLARGE"
"BUILD_LAMBDA_1GB"
"BUILD_LAMBDA_2GB"
"BUILD_LAMBDA_4GB"
"BUILD_LAMBDA_8GB"
"BUILD_LAMBDA_10GB"
-
fleet
— (map
)A ProjectFleet object to use for this build project.
fleetArn
— (String
)Specifies the compute fleet ARN for the build project.
environmentVariables
— (Array<map>
)A set of environment variables to make available to builds for this build project.
name
— required — (String
)The name or key of the environment variable.
value
— required — (String
)The value of the environment variable.
We strongly discourage the use of
PLAINTEXT
environment variables to store sensitive values, especially Amazon Web Services secret key IDs.PLAINTEXT
environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of typePARAMETER_STORE
orSECRETS_MANAGER
.type
— (String
)The type of environment variable. Valid values include:
-
PARAMETER_STORE
: An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as thevalue
of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the CodeBuild User Guide. -
PLAINTEXT
: An environment variable in plain text format. This is the default value. -
SECRETS_MANAGER
: An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as thevalue
of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the CodeBuild User Guide.
"PLAINTEXT"
"PARAMETER_STORE"
"SECRETS_MANAGER"
-
privilegedMode
— (Boolean
)Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is
false
.You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:
If the operating system's base image is Ubuntu Linux:
- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&
- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"
If the operating system's base image is Alpine Linux and the previous command does not work, add the
-t
argument totimeout
:- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&
- timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"
certificate
— (String
)The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the CodeBuild User Guide.
registryCredential
— (map
)The credentials for access to a private registry.
credential
— required — (String
)The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager.
Note: Thecredential
can use the name of the credentials only if they exist in your current Amazon Web Services Region.credentialProvider
— required — (String
)The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager.
Possible values include:"SECRETS_MANAGER"
imagePullCredentialsType
— (String
)The type of credentials CodeBuild uses to pull images in your build. There are two valid values:
-
CODEBUILD
specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal. -
SERVICE_ROLE
specifies that CodeBuild uses your build project's service role.
When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials.
Possible values include:"CODEBUILD"
"SERVICE_ROLE"
-
serviceRole
— (String
)The name of a service role used for builds in the batch.
logConfig
— (map
)Information about logs for a build project. These can be logs in CloudWatch Logs, built in a specified S3 bucket, or both.
cloudWatchLogs
— (map
)Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default.
status
— required — (String
)The current status of the logs in CloudWatch Logs for a build project. Valid values are:
-
ENABLED
: CloudWatch Logs are enabled for this build project. -
DISABLED
: CloudWatch Logs are not enabled for this build project.
"ENABLED"
"DISABLED"
-
groupName
— (String
)The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
streamName
— (String
)The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
s3Logs
— (map
)Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default.
status
— required — (String
)The current status of the S3 build logs. Valid values are:
-
ENABLED
: S3 build logs are enabled for this build project. -
DISABLED
: S3 build logs are not enabled for this build project.
"ENABLED"
"DISABLED"
-
location
— (String
)The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is
my-bucket
, and your path prefix isbuild-log
, then acceptable formats aremy-bucket/build-log
orarn:aws:s3:::my-bucket/build-log
.encryptionDisabled
— (Boolean
)Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
buildTimeoutInMinutes
— (Integer
)Specifies the maximum amount of time, in minutes, that the build in a batch must be completed in.
queuedTimeoutInMinutes
— (Integer
)Specifies the amount of time, in minutes, that the batch build is allowed to be queued before it times out.
complete
— (Boolean
)Indicates if the batch build is complete.
initiator
— (String
)The entity that started the batch build. Valid values include:
-
If CodePipeline started the build, the pipeline's name (for example,
codepipeline/my-demo-pipeline
). -
If a user started the build, the user's name.
-
If the Jenkins plugin for CodeBuild started the build, the string
CodeBuild-Jenkins-Plugin
.
-
vpcConfig
— (map
)Information about the VPC configuration that CodeBuild accesses.
vpcId
— (String
)The ID of the Amazon VPC.
subnets
— (Array<String>
)A list of one or more subnet IDs in your Amazon VPC.
securityGroupIds
— (Array<String>
)A list of one or more security groups IDs in your Amazon VPC.
encryptionKey
— (String
)The Key Management Service customer master key (CMK) to be used for encrypting the batch build output artifacts.
Note: You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format
alias/<alias-name>
).buildBatchNumber
— (Integer
)The number of the batch build. For each project, the
buildBatchNumber
of its first batch build is1
. ThebuildBatchNumber
of each subsequent batch build is incremented by1
. If a batch build is deleted, thebuildBatchNumber
of other batch builds does not change.fileSystemLocations
— (Array<map>
)An array of
ProjectFileSystemLocation
objects for the batch build project. AProjectFileSystemLocation
object specifies theidentifier
,location
,mountOptions
,mountPoint
, andtype
of a file system created using Amazon Elastic File System.type
— (String
)The type of the file system. The one supported type is
Possible values include:EFS
."EFS"
location
— (String
)A string that specifies the location of the file system created by Amazon EFS. Its format is
efs-dns-name:/directory-path
. You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system isfs-abcd1234.efs.us-west-2.amazonaws.com
, and its mount directory ismy-efs-mount-directory
, then thelocation
isfs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory
.The directory path in the format
efs-dns-name:/directory-path
is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.mountPoint
— (String
)The location in the container where you mount the file system.
identifier
— (String
)The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the
identifier
in all capital letters toCODEBUILD_
. For example, if you specifymy_efs
foridentifier
, a new environment variable is create namedCODEBUILD_MY_EFS
.The
identifier
is used to mount your file system.mountOptions
— (String
)The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are
nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2
. For more information, see Recommended NFS Mount Options.
buildBatchConfig
— (map
)Contains configuration information about a batch build project.
serviceRole
— (String
)Specifies the service role ARN for the batch build project.
combineArtifacts
— (Boolean
)Specifies if the build artifacts for the batch build should be combined into a single artifact location.
restrictions
— (map
)A
BatchRestrictions
object that specifies the restrictions for the batch build.maximumBuildsAllowed
— (Integer
)Specifies the maximum number of builds allowed.
computeTypesAllowed
— (Array<String>
)An array of strings that specify the compute types that are allowed for the batch build. See Build environment compute types in the CodeBuild User Guide for these values.
timeoutInMins
— (Integer
)Specifies the maximum amount of time, in minutes, that the batch build must be completed in.
batchReportMode
— (String
)Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider.
- REPORT_AGGREGATED_BATCH
-
(Default) Aggregate all of the build statuses into a single status report.
- REPORT_INDIVIDUAL_BUILDS
-
Send a separate status report for each individual build.
"REPORT_INDIVIDUAL_BUILDS"
"REPORT_AGGREGATED_BATCH"
buildGroups
— (Array<map>
)An array of
BuildGroup
objects that define the build groups for the batch build.identifier
— (String
)Contains the identifier of the build group.
dependsOn
— (Array<String>
)An array of strings that contain the identifiers of the build groups that this build group depends on.
ignoreFailure
— (Boolean
)Specifies if failures in this build group can be ignored.
currentBuildSummary
— (map
)A
BuildSummary
object that contains a summary of the current build group.arn
— (String
)The batch build ARN.
requestedOn
— (Date
)When the build was started, expressed in Unix time format.
buildStatus
— (String
)The status of the build group.
- FAILED
-
The build group failed.
- FAULT
-
The build group faulted.
- IN_PROGRESS
-
The build group is still in progress.
- STOPPED
-
The build group stopped.
- SUCCEEDED
-
The build group succeeded.
- TIMED_OUT
-
The build group timed out.
"SUCCEEDED"
"FAILED"
"FAULT"
"TIMED_OUT"
"IN_PROGRESS"
"STOPPED"
primaryArtifact
— (map
)A
ResolvedArtifact
object that represents the primary build artifacts for the build group.type
— (String
)Specifies the type of artifact.
Possible values include:"CODEPIPELINE"
"S3"
"NO_ARTIFACTS"
location
— (String
)The location of the artifact.
identifier
— (String
)The identifier of the artifact.
secondaryArtifacts
— (Array<map>
)An array of
ResolvedArtifact
objects that represents the secondary build artifacts for the build group.type
— (String
)Specifies the type of artifact.
Possible values include:"CODEPIPELINE"
"S3"
"NO_ARTIFACTS"
location
— (String
)The location of the artifact.
identifier
— (String
)The identifier of the artifact.
priorBuildSummaryList
— (Array<map>
)An array of
BuildSummary
objects that contain summaries of previous build groups.arn
— (String
)The batch build ARN.
requestedOn
— (Date
)When the build was started, expressed in Unix time format.
buildStatus
— (String
)The status of the build group.
- FAILED
-
The build group failed.
- FAULT
-
The build group faulted.
- IN_PROGRESS
-
The build group is still in progress.
- STOPPED
-
The build group stopped.
- SUCCEEDED
-
The build group succeeded.
- TIMED_OUT
-
The build group timed out.
"SUCCEEDED"
"FAILED"
"FAULT"
"TIMED_OUT"
"IN_PROGRESS"
"STOPPED"
primaryArtifact
— (map
)A
ResolvedArtifact
object that represents the primary build artifacts for the build group.type
— (String
)Specifies the type of artifact.
Possible values include:"CODEPIPELINE"
"S3"
"NO_ARTIFACTS"
location
— (String
)The location of the artifact.
identifier
— (String
)The identifier of the artifact.
secondaryArtifacts
— (Array<map>
)An array of
ResolvedArtifact
objects that represents the secondary build artifacts for the build group.type
— (String
)Specifies the type of artifact.
Possible values include:"CODEPIPELINE"
"S3"
"NO_ARTIFACTS"
location
— (String
)The location of the artifact.
identifier
— (String
)The identifier of the artifact.
debugSessionEnabled
— (Boolean
)Specifies if session debugging is enabled for this batch build. For more information, see Viewing a running build in Session Manager. Batch session debugging is not supported for matrix batch builds.
-
(AWS.Response)
—
Returns:
stopBuild(params = {}, callback) ⇒ AWS.Request
Attempts to stop running a build.
Service Reference:
Examples:
Calling the stopBuild operation
var params = {
id: 'STRING_VALUE' /* required */
};
codebuild.stopBuild(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
id
— (String
)The ID of the build.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:build
— (map
)Information about the build.
id
— (String
)The unique ID for the build.
arn
— (String
)The Amazon Resource Name (ARN) of the build.
buildNumber
— (Integer
)The number of the build. For each project, the
buildNumber
of its first build is1
. ThebuildNumber
of each subsequent build is incremented by1
. If a build is deleted, thebuildNumber
of other builds does not change.startTime
— (Date
)When the build process started, expressed in Unix time format.
endTime
— (Date
)When the build process ended, expressed in Unix time format.
currentPhase
— (String
)The current build phase.
buildStatus
— (String
)The current status of the build. Valid values include:
-
FAILED
: The build failed. -
FAULT
: The build faulted. -
IN_PROGRESS
: The build is still in progress. -
STOPPED
: The build stopped. -
SUCCEEDED
: The build succeeded. -
TIMED_OUT
: The build timed out.
"SUCCEEDED"
"FAILED"
"FAULT"
"TIMED_OUT"
"IN_PROGRESS"
"STOPPED"
-
sourceVersion
— (String
)Any version identifier for the version of the source code to be built. If
sourceVersion
is specified at the project level, then thissourceVersion
(at the build level) takes precedence.For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
resolvedSourceVersion
— (String
)An identifier for the version of this build's source code.
-
For CodeCommit, GitHub, GitHub Enterprise, and BitBucket, the commit ID.
-
For CodePipeline, the source revision provided by CodePipeline.
-
For Amazon S3, this does not apply.
-
projectName
— (String
)The name of the CodeBuild project.
phases
— (Array<map>
)Information about all previous build phases that are complete and information about any current build phase that is not yet complete.
phaseType
— (String
)The name of the build phase. Valid values include:
- BUILD
-
Core build activities typically occur in this build phase.
- COMPLETED
-
The build has been completed.
- DOWNLOAD_SOURCE
-
Source code is being downloaded in this build phase.
- FINALIZING
-
The build process is completing in this build phase.
- INSTALL
-
Installation activities typically occur in this build phase.
- POST_BUILD
-
Post-build activities typically occur in this build phase.
- PRE_BUILD
-
Pre-build activities typically occur in this build phase.
- PROVISIONING
-
The build environment is being set up.
- QUEUED
-
The build has been submitted and is queued behind other submitted builds.
- SUBMITTED
-
The build has been submitted.
- UPLOAD_ARTIFACTS
-
Build output artifacts are being uploaded to the output location.
"SUBMITTED"
"QUEUED"
"PROVISIONING"
"DOWNLOAD_SOURCE"
"INSTALL"
"PRE_BUILD"
"BUILD"
"POST_BUILD"
"UPLOAD_ARTIFACTS"
"FINALIZING"
"COMPLETED"
phaseStatus
— (String
)The current status of the build phase. Valid values include:
- FAILED
-
The build phase failed.
- FAULT
-
The build phase faulted.
- IN_PROGRESS
-
The build phase is still in progress.
- STOPPED
-
The build phase stopped.
- SUCCEEDED
-
The build phase succeeded.
- TIMED_OUT
-
The build phase timed out.
"SUCCEEDED"
"FAILED"
"FAULT"
"TIMED_OUT"
"IN_PROGRESS"
"STOPPED"
startTime
— (Date
)When the build phase started, expressed in Unix time format.
endTime
— (Date
)When the build phase ended, expressed in Unix time format.
durationInSeconds
— (Integer
)How long, in seconds, between the starting and ending times of the build's phase.
contexts
— (Array<map>
)Additional information about a build phase, especially to help troubleshoot a failed build.
statusCode
— (String
)The status code for the context of the build phase.
message
— (String
)An explanation of the build phase's context. This might include a command ID and an exit code.
source
— (map
)Information about the source code to be built.
type
— required — (String
)The type of repository that contains the source code to be built. Valid values include:
-
BITBUCKET
: The source code is in a Bitbucket repository. -
CODECOMMIT
: The source code is in an CodeCommit repository. -
CODEPIPELINE
: The source code settings are specified in the source action of a pipeline in CodePipeline. -
GITHUB
: The source code is in a GitHub repository. -
GITHUB_ENTERPRISE
: The source code is in a GitHub Enterprise Server repository. -
GITLAB
: The source code is in a GitLab repository. -
GITLAB_SELF_MANAGED
: The source code is in a self-managed GitLab repository. -
NO_SOURCE
: The project does not have input source code. -
S3
: The source code is in an Amazon S3 bucket.
"CODECOMMIT"
"CODEPIPELINE"
"GITHUB"
"GITLAB"
"GITLAB_SELF_MANAGED"
"S3"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"NO_SOURCE"
-
location
— (String
)Information about the location of the source code to be built. Valid values include:
-
For source code settings that are specified in the source action of a pipeline in CodePipeline,
location
should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. -
For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example,
https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>
). -
For source code in an Amazon S3 input bucket, one of the following.
-
The path to the ZIP file that contains the source code (for example,
<bucket-name>/<path>/<object-name>.zip
). -
The path to the folder that contains the source code (for example,
<bucket-name>/<path-to-source-code>/<folder>/
).
-
-
For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
. -
For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the
auth
object'stype
value toCODECONNECTIONS
in thesource
object. -
For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
.
If you specify
CODEPIPELINE
for theType
property, don't specify this property. For all of the other types, you must specifyLocation
.-
gitCloneDepth
— (Integer
)Information about the Git clone depth for the build project.
gitSubmodulesConfig
— (map
)Information about the Git submodules configuration for the build project.
fetchSubmodules
— required — (Boolean
)Set to true to fetch Git submodules for your CodeBuild build project.
buildspec
— (String
)The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in
CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.auth
— (map
)Information about the authorization settings for CodeBuild to access the source code to be built.
type
— required — (String
)The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The resource value that applies to the specified authorization type.
reportBuildStatus
— (Boolean
)Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an
invalidInputException
is thrown.To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.
buildStatusConfig
— (map
)Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is
GITHUB
,GITHUB_ENTERPRISE
, orBITBUCKET
.context
— (String
)Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
name
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
context
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
targetUrl
— (String
)Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
url
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
target_url
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
insecureSsl
— (Boolean
)Enable this flag to ignore SSL warnings while connecting to the project source code.
sourceIdentifier
— (String
)An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
secondarySources
— (Array<map>
)An array of
ProjectSource
objects.type
— required — (String
)The type of repository that contains the source code to be built. Valid values include:
-
BITBUCKET
: The source code is in a Bitbucket repository. -
CODECOMMIT
: The source code is in an CodeCommit repository. -
CODEPIPELINE
: The source code settings are specified in the source action of a pipeline in CodePipeline. -
GITHUB
: The source code is in a GitHub repository. -
GITHUB_ENTERPRISE
: The source code is in a GitHub Enterprise Server repository. -
GITLAB
: The source code is in a GitLab repository. -
GITLAB_SELF_MANAGED
: The source code is in a self-managed GitLab repository. -
NO_SOURCE
: The project does not have input source code. -
S3
: The source code is in an Amazon S3 bucket.
"CODECOMMIT"
"CODEPIPELINE"
"GITHUB"
"GITLAB"
"GITLAB_SELF_MANAGED"
"S3"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"NO_SOURCE"
-
location
— (String
)Information about the location of the source code to be built. Valid values include:
-
For source code settings that are specified in the source action of a pipeline in CodePipeline,
location
should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. -
For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example,
https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>
). -
For source code in an Amazon S3 input bucket, one of the following.
-
The path to the ZIP file that contains the source code (for example,
<bucket-name>/<path>/<object-name>.zip
). -
The path to the folder that contains the source code (for example,
<bucket-name>/<path-to-source-code>/<folder>/
).
-
-
For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
. -
For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the
auth
object'stype
value toCODECONNECTIONS
in thesource
object. -
For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
.
If you specify
CODEPIPELINE
for theType
property, don't specify this property. For all of the other types, you must specifyLocation
.-
gitCloneDepth
— (Integer
)Information about the Git clone depth for the build project.
gitSubmodulesConfig
— (map
)Information about the Git submodules configuration for the build project.
fetchSubmodules
— required — (Boolean
)Set to true to fetch Git submodules for your CodeBuild build project.
buildspec
— (String
)The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in
CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.auth
— (map
)Information about the authorization settings for CodeBuild to access the source code to be built.
type
— required — (String
)The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The resource value that applies to the specified authorization type.
reportBuildStatus
— (Boolean
)Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an
invalidInputException
is thrown.To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.
buildStatusConfig
— (map
)Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is
GITHUB
,GITHUB_ENTERPRISE
, orBITBUCKET
.context
— (String
)Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
name
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
context
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
targetUrl
— (String
)Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
url
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
target_url
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
insecureSsl
— (Boolean
)Enable this flag to ignore SSL warnings while connecting to the project source code.
sourceIdentifier
— (String
)An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
secondarySourceVersions
— (Array<map>
)An array of
ProjectSourceVersion
objects. EachProjectSourceVersion
must be one of:-
For CodeCommit: the commit ID, branch, or Git tag to use.
-
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for example,pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. -
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
-
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
sourceIdentifier
— required — (String
)An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
sourceVersion
— required — (String
)The source version for the corresponding source identifier. If specified, must be one of:
-
For CodeCommit: the commit ID, branch, or Git tag to use.
-
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for example,pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. -
For GitLab: the commit ID, branch, or Git tag to use.
-
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
-
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
-
-
artifacts
— (map
)Information about the output artifacts for the build.
location
— (String
)Information about the location of the build artifacts.
sha256sum
— (String
)The SHA-256 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.md5sum
— (String
)The MD5 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.overrideArtifactName
— (Boolean
)If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.
encryptionDisabled
— (Boolean
)Information that tells you if encryption for build artifacts is disabled.
artifactIdentifier
— (String
)An identifier for this artifact definition.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
secondaryArtifacts
— (Array<map>
)An array of
ProjectArtifacts
objects.location
— (String
)Information about the location of the build artifacts.
sha256sum
— (String
)The SHA-256 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.md5sum
— (String
)The MD5 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.overrideArtifactName
— (Boolean
)If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.
encryptionDisabled
— (Boolean
)Information that tells you if encryption for build artifacts is disabled.
artifactIdentifier
— (String
)An identifier for this artifact definition.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
cache
— (map
)Information about the cache for the build.
type
— required — (String
)The type of cache used by the build project. Valid values include:
-
NO_CACHE
: The build project does not use any cache. -
S3
: The build project reads and writes from and to S3. -
LOCAL
: The build project stores a cache locally on a build host that is only available to that build host.
"NO_CACHE"
"S3"
"LOCAL"
-
location
— (String
)Information about the cache location:
-
NO_CACHE
orLOCAL
: This value is ignored. -
S3
: This is the S3 bucket name/prefix.
-
modes
— (Array<String>
)An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for
LOCAL
cache types.Possible values are:
- LOCAL_SOURCE_CACHE
-
Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.
- LOCAL_DOCKER_LAYER_CACHE
-
Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.
Note:- You can use a Docker layer cache in the Linux environment only.
- The
privileged
flag must be set so that your project has the required Docker permissions. - You should consider the security implications before you use a Docker layer cache.
- LOCAL_CUSTOM_CACHE
-
Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:
-
Only directories can be specified for caching. You cannot specify individual files.
-
Symlinks are used to reference cached directories.
-
Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.
-
environment
— (map
)Information about the build environment for this build.
type
— required — (String
)The type of build environment to use for related builds.
-
The environment type
ARM_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and EU (Frankfurt). -
The environment type
LINUX_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia). -
The environment type
LINUX_GPU_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) , China (Beijing), and China (Ningxia).
-
The environment types
ARM_LAMBDA_CONTAINER
andLINUX_LAMBDA_CONTAINER
are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Frankfurt), EU (Ireland), and South America (São Paulo).
-
The environment types
WINDOWS_CONTAINER
andWINDOWS_SERVER_2019_CONTAINER
are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and EU (Ireland).
Note: If you're using compute fleets during project creation,type
will be ignored.For more information, see Build environment compute types in the CodeBuild user guide.
Possible values include:"WINDOWS_CONTAINER"
"LINUX_CONTAINER"
"LINUX_GPU_CONTAINER"
"ARM_CONTAINER"
"WINDOWS_SERVER_2019_CONTAINER"
"LINUX_LAMBDA_CONTAINER"
"ARM_LAMBDA_CONTAINER"
"MAC_ARM"
-
image
— required — (String
)The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:
-
For an image tag:
<registry>/<repository>:<tag>
. For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would beaws/codebuild/standard:4.0
. -
For an image digest:
<registry>/<repository>@<digest>
. For example, to specify an image with the digest "sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use<registry>/<repository>@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf
.
For more information, see Docker images provided by CodeBuild in the CodeBuild user guide.
-
computeType
— required — (String
)Information about the compute resources the build project uses. Available values include:
-
BUILD_GENERAL1_SMALL
: Use up to 3 GB memory and 2 vCPUs for builds. -
BUILD_GENERAL1_MEDIUM
: Use up to 7 GB memory and 4 vCPUs for builds. -
BUILD_GENERAL1_LARGE
: Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_XLARGE
: Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_2XLARGE
: Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. -
BUILD_LAMBDA_1GB
: Use up to 1 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_2GB
: Use up to 2 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_4GB
: Use up to 4 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_8GB
: Use up to 8 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_10GB
: Use up to 10 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
.
If you use
BUILD_GENERAL1_SMALL
:-
For environment type
LINUX_CONTAINER
, you can use up to 3 GB memory and 2 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 16 GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. -
For environment type
ARM_CONTAINER
, you can use up to 4 GB memory and 2 vCPUs on ARM-based processors for builds.
If you use
BUILD_GENERAL1_LARGE
:-
For environment type
LINUX_CONTAINER
, you can use up to 15 GB memory and 8 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. -
For environment type
ARM_CONTAINER
, you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.
Note: If you're using compute fleets during project creation,computeType
will be ignored.For more information, see Build Environment Compute Types in the CodeBuild User Guide.
Possible values include:"BUILD_GENERAL1_SMALL"
"BUILD_GENERAL1_MEDIUM"
"BUILD_GENERAL1_LARGE"
"BUILD_GENERAL1_XLARGE"
"BUILD_GENERAL1_2XLARGE"
"BUILD_LAMBDA_1GB"
"BUILD_LAMBDA_2GB"
"BUILD_LAMBDA_4GB"
"BUILD_LAMBDA_8GB"
"BUILD_LAMBDA_10GB"
-
fleet
— (map
)A ProjectFleet object to use for this build project.
fleetArn
— (String
)Specifies the compute fleet ARN for the build project.
environmentVariables
— (Array<map>
)A set of environment variables to make available to builds for this build project.
name
— required — (String
)The name or key of the environment variable.
value
— required — (String
)The value of the environment variable.
We strongly discourage the use of
PLAINTEXT
environment variables to store sensitive values, especially Amazon Web Services secret key IDs.PLAINTEXT
environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of typePARAMETER_STORE
orSECRETS_MANAGER
.type
— (String
)The type of environment variable. Valid values include:
-
PARAMETER_STORE
: An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as thevalue
of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the CodeBuild User Guide. -
PLAINTEXT
: An environment variable in plain text format. This is the default value. -
SECRETS_MANAGER
: An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as thevalue
of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the CodeBuild User Guide.
"PLAINTEXT"
"PARAMETER_STORE"
"SECRETS_MANAGER"
-
privilegedMode
— (Boolean
)Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is
false
.You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:
If the operating system's base image is Ubuntu Linux:
- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&
- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"
If the operating system's base image is Alpine Linux and the previous command does not work, add the
-t
argument totimeout
:- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&
- timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"
certificate
— (String
)The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the CodeBuild User Guide.
registryCredential
— (map
)The credentials for access to a private registry.
credential
— required — (String
)The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager.
Note: Thecredential
can use the name of the credentials only if they exist in your current Amazon Web Services Region.credentialProvider
— required — (String
)The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager.
Possible values include:"SECRETS_MANAGER"
imagePullCredentialsType
— (String
)The type of credentials CodeBuild uses to pull images in your build. There are two valid values:
-
CODEBUILD
specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal. -
SERVICE_ROLE
specifies that CodeBuild uses your build project's service role.
When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials.
Possible values include:"CODEBUILD"
"SERVICE_ROLE"
-
serviceRole
— (String
)The name of a service role used for this build.
logs
— (map
)Information about the build's logs in CloudWatch Logs.
groupName
— (String
)The name of the CloudWatch Logs group for the build logs.
streamName
— (String
)The name of the CloudWatch Logs stream for the build logs.
deepLink
— (String
)The URL to an individual build log in CloudWatch Logs. The log stream is created during the PROVISIONING phase of a build and the
deeplink
will not be valid until it is created.s3DeepLink
— (String
)The URL to a build log in an S3 bucket.
cloudWatchLogsArn
— (String
)The ARN of the CloudWatch Logs stream for a build execution. Its format is
arn:${Partition}:logs:${Region}:${Account}:log-group:${LogGroupName}:log-stream:${LogStreamName}
. The CloudWatch Logs stream is created during the PROVISIONING phase of a build and the ARN will not be valid until it is created. For more information, see Resources Defined by CloudWatch Logs.s3LogsArn
— (String
)The ARN of S3 logs for a build project. Its format is
arn:${Partition}:s3:::${BucketName}/${ObjectName}
. For more information, see Resources Defined by Amazon S3.cloudWatchLogs
— (map
)Information about CloudWatch Logs for a build project.
status
— required — (String
)The current status of the logs in CloudWatch Logs for a build project. Valid values are:
-
ENABLED
: CloudWatch Logs are enabled for this build project. -
DISABLED
: CloudWatch Logs are not enabled for this build project.
"ENABLED"
"DISABLED"
-
groupName
— (String
)The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
streamName
— (String
)The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
s3Logs
— (map
)Information about S3 logs for a build project.
status
— required — (String
)The current status of the S3 build logs. Valid values are:
-
ENABLED
: S3 build logs are enabled for this build project. -
DISABLED
: S3 build logs are not enabled for this build project.
"ENABLED"
"DISABLED"
-
location
— (String
)The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is
my-bucket
, and your path prefix isbuild-log
, then acceptable formats aremy-bucket/build-log
orarn:aws:s3:::my-bucket/build-log
.encryptionDisabled
— (Boolean
)Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
timeoutInMinutes
— (Integer
)How long, in minutes, from 5 to 2160 (36 hours), for CodeBuild to wait before timing out this build if it does not get marked as completed.
queuedTimeoutInMinutes
— (Integer
)The number of minutes a build is allowed to be queued before it times out.
buildComplete
— (Boolean
)Whether the build is complete. True if complete; otherwise, false.
initiator
— (String
)The entity that started the build. Valid values include:
-
If CodePipeline started the build, the pipeline's name (for example,
codepipeline/my-demo-pipeline
). -
If a user started the build, the user's name (for example,
MyUserName
). -
If the Jenkins plugin for CodeBuild started the build, the string
CodeBuild-Jenkins-Plugin
.
-
vpcConfig
— (map
)If your CodeBuild project accesses resources in an Amazon VPC, you provide this parameter that identifies the VPC ID and the list of security group IDs and subnet IDs. The security groups and subnets must belong to the same VPC. You must provide at least one security group and one subnet ID.
vpcId
— (String
)The ID of the Amazon VPC.
subnets
— (Array<String>
)A list of one or more subnet IDs in your Amazon VPC.
securityGroupIds
— (Array<String>
)A list of one or more security groups IDs in your Amazon VPC.
networkInterface
— (map
)Describes a network interface.
subnetId
— (String
)The ID of the subnet.
networkInterfaceId
— (String
)The ID of the network interface.
encryptionKey
— (String
)The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.
Note: You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format
alias/<alias-name>
).exportedEnvironmentVariables
— (Array<map>
)A list of exported environment variables for this build.
Exported environment variables are used in conjunction with CodePipeline to export environment variables from the current build stage to subsequent stages in the pipeline. For more information, see Working with variables in the CodePipeline User Guide.
name
— (String
)The name of the exported environment variable.
value
— (String
)The value assigned to the exported environment variable.
reportArns
— (Array<String>
)An array of the ARNs associated with this build's reports.
fileSystemLocations
— (Array<map>
)An array of
ProjectFileSystemLocation
objects for a CodeBuild build project. AProjectFileSystemLocation
object specifies theidentifier
,location
,mountOptions
,mountPoint
, andtype
of a file system created using Amazon Elastic File System.type
— (String
)The type of the file system. The one supported type is
Possible values include:EFS
."EFS"
location
— (String
)A string that specifies the location of the file system created by Amazon EFS. Its format is
efs-dns-name:/directory-path
. You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system isfs-abcd1234.efs.us-west-2.amazonaws.com
, and its mount directory ismy-efs-mount-directory
, then thelocation
isfs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory
.The directory path in the format
efs-dns-name:/directory-path
is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.mountPoint
— (String
)The location in the container where you mount the file system.
identifier
— (String
)The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the
identifier
in all capital letters toCODEBUILD_
. For example, if you specifymy_efs
foridentifier
, a new environment variable is create namedCODEBUILD_MY_EFS
.The
identifier
is used to mount your file system.mountOptions
— (String
)The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are
nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2
. For more information, see Recommended NFS Mount Options.
debugSession
— (map
)Contains information about the debug session for this build.
sessionEnabled
— (Boolean
)Specifies if session debugging is enabled for this build.
sessionTarget
— (String
)Contains the identifier of the Session Manager session used for the build. To work with the paused build, you open this session to examine, control, and resume the build.
buildBatchArn
— (String
)The ARN of the batch build that this build is a member of, if applicable.
-
(AWS.Response)
—
Returns:
stopBuildBatch(params = {}, callback) ⇒ AWS.Request
Stops a running batch build.
Service Reference:
Examples:
Calling the stopBuildBatch operation
var params = {
id: 'STRING_VALUE' /* required */
};
codebuild.stopBuildBatch(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
id
— (String
)The identifier of the batch build to stop.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:buildBatch
— (map
)Contains information about a batch build.
id
— (String
)The identifier of the batch build.
arn
— (String
)The ARN of the batch build.
startTime
— (Date
)The date and time that the batch build started.
endTime
— (Date
)The date and time that the batch build ended.
currentPhase
— (String
)The current phase of the batch build.
buildBatchStatus
— (String
)The status of the batch build.
Possible values include:"SUCCEEDED"
"FAILED"
"FAULT"
"TIMED_OUT"
"IN_PROGRESS"
"STOPPED"
sourceVersion
— (String
)The identifier of the version of the source code to be built.
resolvedSourceVersion
— (String
)The identifier of the resolved version of this batch build's source code.
-
For CodeCommit, GitHub, GitHub Enterprise, and BitBucket, the commit ID.
-
For CodePipeline, the source revision provided by CodePipeline.
-
For Amazon S3, this does not apply.
-
projectName
— (String
)The name of the batch build project.
phases
— (Array<map>
)An array of
BuildBatchPhase
objects the specify the phases of the batch build.phaseType
— (String
)The name of the batch build phase. Valid values include:
- COMBINE_ARTIFACTS
-
Build output artifacts are being combined and uploaded to the output location.
- DOWNLOAD_BATCHSPEC
-
The batch build specification is being downloaded.
- FAILED
-
One or more of the builds failed.
- IN_PROGRESS
-
The batch build is in progress.
- STOPPED
-
The batch build was stopped.
- SUBMITTED
-
The btach build has been submitted.
- SUCCEEDED
-
The batch build succeeded.
"SUBMITTED"
"DOWNLOAD_BATCHSPEC"
"IN_PROGRESS"
"COMBINE_ARTIFACTS"
"SUCCEEDED"
"FAILED"
"STOPPED"
phaseStatus
— (String
)The current status of the batch build phase. Valid values include:
- FAILED
-
The build phase failed.
- FAULT
-
The build phase faulted.
- IN_PROGRESS
-
The build phase is still in progress.
- STOPPED
-
The build phase stopped.
- SUCCEEDED
-
The build phase succeeded.
- TIMED_OUT
-
The build phase timed out.
"SUCCEEDED"
"FAILED"
"FAULT"
"TIMED_OUT"
"IN_PROGRESS"
"STOPPED"
startTime
— (Date
)When the batch build phase started, expressed in Unix time format.
endTime
— (Date
)When the batch build phase ended, expressed in Unix time format.
durationInSeconds
— (Integer
)How long, in seconds, between the starting and ending times of the batch build's phase.
contexts
— (Array<map>
)Additional information about the batch build phase. Especially to help troubleshoot a failed batch build.
statusCode
— (String
)The status code for the context of the build phase.
message
— (String
)An explanation of the build phase's context. This might include a command ID and an exit code.
source
— (map
)Information about the build input source code for the build project.
type
— required — (String
)The type of repository that contains the source code to be built. Valid values include:
-
BITBUCKET
: The source code is in a Bitbucket repository. -
CODECOMMIT
: The source code is in an CodeCommit repository. -
CODEPIPELINE
: The source code settings are specified in the source action of a pipeline in CodePipeline. -
GITHUB
: The source code is in a GitHub repository. -
GITHUB_ENTERPRISE
: The source code is in a GitHub Enterprise Server repository. -
GITLAB
: The source code is in a GitLab repository. -
GITLAB_SELF_MANAGED
: The source code is in a self-managed GitLab repository. -
NO_SOURCE
: The project does not have input source code. -
S3
: The source code is in an Amazon S3 bucket.
"CODECOMMIT"
"CODEPIPELINE"
"GITHUB"
"GITLAB"
"GITLAB_SELF_MANAGED"
"S3"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"NO_SOURCE"
-
location
— (String
)Information about the location of the source code to be built. Valid values include:
-
For source code settings that are specified in the source action of a pipeline in CodePipeline,
location
should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. -
For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example,
https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>
). -
For source code in an Amazon S3 input bucket, one of the following.
-
The path to the ZIP file that contains the source code (for example,
<bucket-name>/<path>/<object-name>.zip
). -
The path to the folder that contains the source code (for example,
<bucket-name>/<path-to-source-code>/<folder>/
).
-
-
For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
. -
For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the
auth
object'stype
value toCODECONNECTIONS
in thesource
object. -
For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
.
If you specify
CODEPIPELINE
for theType
property, don't specify this property. For all of the other types, you must specifyLocation
.-
gitCloneDepth
— (Integer
)Information about the Git clone depth for the build project.
gitSubmodulesConfig
— (map
)Information about the Git submodules configuration for the build project.
fetchSubmodules
— required — (Boolean
)Set to true to fetch Git submodules for your CodeBuild build project.
buildspec
— (String
)The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in
CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.auth
— (map
)Information about the authorization settings for CodeBuild to access the source code to be built.
type
— required — (String
)The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The resource value that applies to the specified authorization type.
reportBuildStatus
— (Boolean
)Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an
invalidInputException
is thrown.To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.
buildStatusConfig
— (map
)Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is
GITHUB
,GITHUB_ENTERPRISE
, orBITBUCKET
.context
— (String
)Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
name
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
context
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
targetUrl
— (String
)Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
url
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
target_url
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
insecureSsl
— (Boolean
)Enable this flag to ignore SSL warnings while connecting to the project source code.
sourceIdentifier
— (String
)An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
secondarySources
— (Array<map>
)An array of
ProjectSource
objects that define the sources for the batch build.type
— required — (String
)The type of repository that contains the source code to be built. Valid values include:
-
BITBUCKET
: The source code is in a Bitbucket repository. -
CODECOMMIT
: The source code is in an CodeCommit repository. -
CODEPIPELINE
: The source code settings are specified in the source action of a pipeline in CodePipeline. -
GITHUB
: The source code is in a GitHub repository. -
GITHUB_ENTERPRISE
: The source code is in a GitHub Enterprise Server repository. -
GITLAB
: The source code is in a GitLab repository. -
GITLAB_SELF_MANAGED
: The source code is in a self-managed GitLab repository. -
NO_SOURCE
: The project does not have input source code. -
S3
: The source code is in an Amazon S3 bucket.
"CODECOMMIT"
"CODEPIPELINE"
"GITHUB"
"GITLAB"
"GITLAB_SELF_MANAGED"
"S3"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"NO_SOURCE"
-
location
— (String
)Information about the location of the source code to be built. Valid values include:
-
For source code settings that are specified in the source action of a pipeline in CodePipeline,
location
should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. -
For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example,
https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>
). -
For source code in an Amazon S3 input bucket, one of the following.
-
The path to the ZIP file that contains the source code (for example,
<bucket-name>/<path>/<object-name>.zip
). -
The path to the folder that contains the source code (for example,
<bucket-name>/<path-to-source-code>/<folder>/
).
-
-
For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
. -
For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the
auth
object'stype
value toCODECONNECTIONS
in thesource
object. -
For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
.
If you specify
CODEPIPELINE
for theType
property, don't specify this property. For all of the other types, you must specifyLocation
.-
gitCloneDepth
— (Integer
)Information about the Git clone depth for the build project.
gitSubmodulesConfig
— (map
)Information about the Git submodules configuration for the build project.
fetchSubmodules
— required — (Boolean
)Set to true to fetch Git submodules for your CodeBuild build project.
buildspec
— (String
)The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in
CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.auth
— (map
)Information about the authorization settings for CodeBuild to access the source code to be built.
type
— required — (String
)The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The resource value that applies to the specified authorization type.
reportBuildStatus
— (Boolean
)Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an
invalidInputException
is thrown.To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.
buildStatusConfig
— (map
)Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is
GITHUB
,GITHUB_ENTERPRISE
, orBITBUCKET
.context
— (String
)Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
name
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
context
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
targetUrl
— (String
)Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
url
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
target_url
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
insecureSsl
— (Boolean
)Enable this flag to ignore SSL warnings while connecting to the project source code.
sourceIdentifier
— (String
)An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
secondarySourceVersions
— (Array<map>
)An array of
ProjectSourceVersion
objects. EachProjectSourceVersion
must be one of:-
For CodeCommit: the commit ID, branch, or Git tag to use.
-
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for example,pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. -
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
-
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
sourceIdentifier
— required — (String
)An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
sourceVersion
— required — (String
)The source version for the corresponding source identifier. If specified, must be one of:
-
For CodeCommit: the commit ID, branch, or Git tag to use.
-
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for example,pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. -
For GitLab: the commit ID, branch, or Git tag to use.
-
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
-
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
-
-
artifacts
— (map
)A
BuildArtifacts
object the defines the build artifacts for this batch build.location
— (String
)Information about the location of the build artifacts.
sha256sum
— (String
)The SHA-256 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.md5sum
— (String
)The MD5 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.overrideArtifactName
— (Boolean
)If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.
encryptionDisabled
— (Boolean
)Information that tells you if encryption for build artifacts is disabled.
artifactIdentifier
— (String
)An identifier for this artifact definition.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
secondaryArtifacts
— (Array<map>
)An array of
BuildArtifacts
objects the define the build artifacts for this batch build.location
— (String
)Information about the location of the build artifacts.
sha256sum
— (String
)The SHA-256 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.md5sum
— (String
)The MD5 hash of the build artifact.
You can use this hash along with a checksum tool to confirm file integrity and authenticity.
Note: This value is available only if the build project'spackaging
value is set toZIP
.overrideArtifactName
— (Boolean
)If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.
encryptionDisabled
— (Boolean
)Information that tells you if encryption for build artifacts is disabled.
artifactIdentifier
— (String
)An identifier for this artifact definition.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
cache
— (map
)Information about the cache for the build project.
type
— required — (String
)The type of cache used by the build project. Valid values include:
-
NO_CACHE
: The build project does not use any cache. -
S3
: The build project reads and writes from and to S3. -
LOCAL
: The build project stores a cache locally on a build host that is only available to that build host.
"NO_CACHE"
"S3"
"LOCAL"
-
location
— (String
)Information about the cache location:
-
NO_CACHE
orLOCAL
: This value is ignored. -
S3
: This is the S3 bucket name/prefix.
-
modes
— (Array<String>
)An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for
LOCAL
cache types.Possible values are:
- LOCAL_SOURCE_CACHE
-
Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.
- LOCAL_DOCKER_LAYER_CACHE
-
Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.
Note:- You can use a Docker layer cache in the Linux environment only.
- The
privileged
flag must be set so that your project has the required Docker permissions. - You should consider the security implications before you use a Docker layer cache.
- LOCAL_CUSTOM_CACHE
-
Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:
-
Only directories can be specified for caching. You cannot specify individual files.
-
Symlinks are used to reference cached directories.
-
Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.
-
environment
— (map
)Information about the build environment of the build project.
type
— required — (String
)The type of build environment to use for related builds.
-
The environment type
ARM_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and EU (Frankfurt). -
The environment type
LINUX_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia). -
The environment type
LINUX_GPU_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) , China (Beijing), and China (Ningxia).
-
The environment types
ARM_LAMBDA_CONTAINER
andLINUX_LAMBDA_CONTAINER
are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Frankfurt), EU (Ireland), and South America (São Paulo).
-
The environment types
WINDOWS_CONTAINER
andWINDOWS_SERVER_2019_CONTAINER
are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and EU (Ireland).
Note: If you're using compute fleets during project creation,type
will be ignored.For more information, see Build environment compute types in the CodeBuild user guide.
Possible values include:"WINDOWS_CONTAINER"
"LINUX_CONTAINER"
"LINUX_GPU_CONTAINER"
"ARM_CONTAINER"
"WINDOWS_SERVER_2019_CONTAINER"
"LINUX_LAMBDA_CONTAINER"
"ARM_LAMBDA_CONTAINER"
"MAC_ARM"
-
image
— required — (String
)The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:
-
For an image tag:
<registry>/<repository>:<tag>
. For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would beaws/codebuild/standard:4.0
. -
For an image digest:
<registry>/<repository>@<digest>
. For example, to specify an image with the digest "sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use<registry>/<repository>@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf
.
For more information, see Docker images provided by CodeBuild in the CodeBuild user guide.
-
computeType
— required — (String
)Information about the compute resources the build project uses. Available values include:
-
BUILD_GENERAL1_SMALL
: Use up to 3 GB memory and 2 vCPUs for builds. -
BUILD_GENERAL1_MEDIUM
: Use up to 7 GB memory and 4 vCPUs for builds. -
BUILD_GENERAL1_LARGE
: Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_XLARGE
: Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_2XLARGE
: Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. -
BUILD_LAMBDA_1GB
: Use up to 1 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_2GB
: Use up to 2 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_4GB
: Use up to 4 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_8GB
: Use up to 8 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_10GB
: Use up to 10 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
.
If you use
BUILD_GENERAL1_SMALL
:-
For environment type
LINUX_CONTAINER
, you can use up to 3 GB memory and 2 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 16 GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. -
For environment type
ARM_CONTAINER
, you can use up to 4 GB memory and 2 vCPUs on ARM-based processors for builds.
If you use
BUILD_GENERAL1_LARGE
:-
For environment type
LINUX_CONTAINER
, you can use up to 15 GB memory and 8 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. -
For environment type
ARM_CONTAINER
, you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.
Note: If you're using compute fleets during project creation,computeType
will be ignored.For more information, see Build Environment Compute Types in the CodeBuild User Guide.
Possible values include:"BUILD_GENERAL1_SMALL"
"BUILD_GENERAL1_MEDIUM"
"BUILD_GENERAL1_LARGE"
"BUILD_GENERAL1_XLARGE"
"BUILD_GENERAL1_2XLARGE"
"BUILD_LAMBDA_1GB"
"BUILD_LAMBDA_2GB"
"BUILD_LAMBDA_4GB"
"BUILD_LAMBDA_8GB"
"BUILD_LAMBDA_10GB"
-
fleet
— (map
)A ProjectFleet object to use for this build project.
fleetArn
— (String
)Specifies the compute fleet ARN for the build project.
environmentVariables
— (Array<map>
)A set of environment variables to make available to builds for this build project.
name
— required — (String
)The name or key of the environment variable.
value
— required — (String
)The value of the environment variable.
We strongly discourage the use of
PLAINTEXT
environment variables to store sensitive values, especially Amazon Web Services secret key IDs.PLAINTEXT
environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of typePARAMETER_STORE
orSECRETS_MANAGER
.type
— (String
)The type of environment variable. Valid values include:
-
PARAMETER_STORE
: An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as thevalue
of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the CodeBuild User Guide. -
PLAINTEXT
: An environment variable in plain text format. This is the default value. -
SECRETS_MANAGER
: An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as thevalue
of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the CodeBuild User Guide.
"PLAINTEXT"
"PARAMETER_STORE"
"SECRETS_MANAGER"
-
privilegedMode
— (Boolean
)Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is
false
.You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:
If the operating system's base image is Ubuntu Linux:
- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&
- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"
If the operating system's base image is Alpine Linux and the previous command does not work, add the
-t
argument totimeout
:- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&
- timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"
certificate
— (String
)The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the CodeBuild User Guide.
registryCredential
— (map
)The credentials for access to a private registry.
credential
— required — (String
)The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager.
Note: Thecredential
can use the name of the credentials only if they exist in your current Amazon Web Services Region.credentialProvider
— required — (String
)The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager.
Possible values include:"SECRETS_MANAGER"
imagePullCredentialsType
— (String
)The type of credentials CodeBuild uses to pull images in your build. There are two valid values:
-
CODEBUILD
specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal. -
SERVICE_ROLE
specifies that CodeBuild uses your build project's service role.
When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials.
Possible values include:"CODEBUILD"
"SERVICE_ROLE"
-
serviceRole
— (String
)The name of a service role used for builds in the batch.
logConfig
— (map
)Information about logs for a build project. These can be logs in CloudWatch Logs, built in a specified S3 bucket, or both.
cloudWatchLogs
— (map
)Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default.
status
— required — (String
)The current status of the logs in CloudWatch Logs for a build project. Valid values are:
-
ENABLED
: CloudWatch Logs are enabled for this build project. -
DISABLED
: CloudWatch Logs are not enabled for this build project.
"ENABLED"
"DISABLED"
-
groupName
— (String
)The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
streamName
— (String
)The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
s3Logs
— (map
)Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default.
status
— required — (String
)The current status of the S3 build logs. Valid values are:
-
ENABLED
: S3 build logs are enabled for this build project. -
DISABLED
: S3 build logs are not enabled for this build project.
"ENABLED"
"DISABLED"
-
location
— (String
)The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is
my-bucket
, and your path prefix isbuild-log
, then acceptable formats aremy-bucket/build-log
orarn:aws:s3:::my-bucket/build-log
.encryptionDisabled
— (Boolean
)Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
buildTimeoutInMinutes
— (Integer
)Specifies the maximum amount of time, in minutes, that the build in a batch must be completed in.
queuedTimeoutInMinutes
— (Integer
)Specifies the amount of time, in minutes, that the batch build is allowed to be queued before it times out.
complete
— (Boolean
)Indicates if the batch build is complete.
initiator
— (String
)The entity that started the batch build. Valid values include:
-
If CodePipeline started the build, the pipeline's name (for example,
codepipeline/my-demo-pipeline
). -
If a user started the build, the user's name.
-
If the Jenkins plugin for CodeBuild started the build, the string
CodeBuild-Jenkins-Plugin
.
-
vpcConfig
— (map
)Information about the VPC configuration that CodeBuild accesses.
vpcId
— (String
)The ID of the Amazon VPC.
subnets
— (Array<String>
)A list of one or more subnet IDs in your Amazon VPC.
securityGroupIds
— (Array<String>
)A list of one or more security groups IDs in your Amazon VPC.
encryptionKey
— (String
)The Key Management Service customer master key (CMK) to be used for encrypting the batch build output artifacts.
Note: You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format
alias/<alias-name>
).buildBatchNumber
— (Integer
)The number of the batch build. For each project, the
buildBatchNumber
of its first batch build is1
. ThebuildBatchNumber
of each subsequent batch build is incremented by1
. If a batch build is deleted, thebuildBatchNumber
of other batch builds does not change.fileSystemLocations
— (Array<map>
)An array of
ProjectFileSystemLocation
objects for the batch build project. AProjectFileSystemLocation
object specifies theidentifier
,location
,mountOptions
,mountPoint
, andtype
of a file system created using Amazon Elastic File System.type
— (String
)The type of the file system. The one supported type is
Possible values include:EFS
."EFS"
location
— (String
)A string that specifies the location of the file system created by Amazon EFS. Its format is
efs-dns-name:/directory-path
. You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system isfs-abcd1234.efs.us-west-2.amazonaws.com
, and its mount directory ismy-efs-mount-directory
, then thelocation
isfs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory
.The directory path in the format
efs-dns-name:/directory-path
is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.mountPoint
— (String
)The location in the container where you mount the file system.
identifier
— (String
)The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the
identifier
in all capital letters toCODEBUILD_
. For example, if you specifymy_efs
foridentifier
, a new environment variable is create namedCODEBUILD_MY_EFS
.The
identifier
is used to mount your file system.mountOptions
— (String
)The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are
nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2
. For more information, see Recommended NFS Mount Options.
buildBatchConfig
— (map
)Contains configuration information about a batch build project.
serviceRole
— (String
)Specifies the service role ARN for the batch build project.
combineArtifacts
— (Boolean
)Specifies if the build artifacts for the batch build should be combined into a single artifact location.
restrictions
— (map
)A
BatchRestrictions
object that specifies the restrictions for the batch build.maximumBuildsAllowed
— (Integer
)Specifies the maximum number of builds allowed.
computeTypesAllowed
— (Array<String>
)An array of strings that specify the compute types that are allowed for the batch build. See Build environment compute types in the CodeBuild User Guide for these values.
timeoutInMins
— (Integer
)Specifies the maximum amount of time, in minutes, that the batch build must be completed in.
batchReportMode
— (String
)Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider.
- REPORT_AGGREGATED_BATCH
-
(Default) Aggregate all of the build statuses into a single status report.
- REPORT_INDIVIDUAL_BUILDS
-
Send a separate status report for each individual build.
"REPORT_INDIVIDUAL_BUILDS"
"REPORT_AGGREGATED_BATCH"
buildGroups
— (Array<map>
)An array of
BuildGroup
objects that define the build groups for the batch build.identifier
— (String
)Contains the identifier of the build group.
dependsOn
— (Array<String>
)An array of strings that contain the identifiers of the build groups that this build group depends on.
ignoreFailure
— (Boolean
)Specifies if failures in this build group can be ignored.
currentBuildSummary
— (map
)A
BuildSummary
object that contains a summary of the current build group.arn
— (String
)The batch build ARN.
requestedOn
— (Date
)When the build was started, expressed in Unix time format.
buildStatus
— (String
)The status of the build group.
- FAILED
-
The build group failed.
- FAULT
-
The build group faulted.
- IN_PROGRESS
-
The build group is still in progress.
- STOPPED
-
The build group stopped.
- SUCCEEDED
-
The build group succeeded.
- TIMED_OUT
-
The build group timed out.
"SUCCEEDED"
"FAILED"
"FAULT"
"TIMED_OUT"
"IN_PROGRESS"
"STOPPED"
primaryArtifact
— (map
)A
ResolvedArtifact
object that represents the primary build artifacts for the build group.type
— (String
)Specifies the type of artifact.
Possible values include:"CODEPIPELINE"
"S3"
"NO_ARTIFACTS"
location
— (String
)The location of the artifact.
identifier
— (String
)The identifier of the artifact.
secondaryArtifacts
— (Array<map>
)An array of
ResolvedArtifact
objects that represents the secondary build artifacts for the build group.type
— (String
)Specifies the type of artifact.
Possible values include:"CODEPIPELINE"
"S3"
"NO_ARTIFACTS"
location
— (String
)The location of the artifact.
identifier
— (String
)The identifier of the artifact.
priorBuildSummaryList
— (Array<map>
)An array of
BuildSummary
objects that contain summaries of previous build groups.arn
— (String
)The batch build ARN.
requestedOn
— (Date
)When the build was started, expressed in Unix time format.
buildStatus
— (String
)The status of the build group.
- FAILED
-
The build group failed.
- FAULT
-
The build group faulted.
- IN_PROGRESS
-
The build group is still in progress.
- STOPPED
-
The build group stopped.
- SUCCEEDED
-
The build group succeeded.
- TIMED_OUT
-
The build group timed out.
"SUCCEEDED"
"FAILED"
"FAULT"
"TIMED_OUT"
"IN_PROGRESS"
"STOPPED"
primaryArtifact
— (map
)A
ResolvedArtifact
object that represents the primary build artifacts for the build group.type
— (String
)Specifies the type of artifact.
Possible values include:"CODEPIPELINE"
"S3"
"NO_ARTIFACTS"
location
— (String
)The location of the artifact.
identifier
— (String
)The identifier of the artifact.
secondaryArtifacts
— (Array<map>
)An array of
ResolvedArtifact
objects that represents the secondary build artifacts for the build group.type
— (String
)Specifies the type of artifact.
Possible values include:"CODEPIPELINE"
"S3"
"NO_ARTIFACTS"
location
— (String
)The location of the artifact.
identifier
— (String
)The identifier of the artifact.
debugSessionEnabled
— (Boolean
)Specifies if session debugging is enabled for this batch build. For more information, see Viewing a running build in Session Manager. Batch session debugging is not supported for matrix batch builds.
-
(AWS.Response)
—
Returns:
updateFleet(params = {}, callback) ⇒ AWS.Request
Updates a compute fleet.
Service Reference:
Examples:
Calling the updateFleet operation
var params = {
arn: 'STRING_VALUE', /* required */
baseCapacity: 'NUMBER_VALUE',
computeType: BUILD_GENERAL1_SMALL | BUILD_GENERAL1_MEDIUM | BUILD_GENERAL1_LARGE | BUILD_GENERAL1_XLARGE | BUILD_GENERAL1_2XLARGE | BUILD_LAMBDA_1GB | BUILD_LAMBDA_2GB | BUILD_LAMBDA_4GB | BUILD_LAMBDA_8GB | BUILD_LAMBDA_10GB,
environmentType: WINDOWS_CONTAINER | LINUX_CONTAINER | LINUX_GPU_CONTAINER | ARM_CONTAINER | WINDOWS_SERVER_2019_CONTAINER | LINUX_LAMBDA_CONTAINER | ARM_LAMBDA_CONTAINER | MAC_ARM,
fleetServiceRole: 'STRING_VALUE',
imageId: 'STRING_VALUE',
overflowBehavior: QUEUE | ON_DEMAND,
scalingConfiguration: {
maxCapacity: 'NUMBER_VALUE',
scalingType: TARGET_TRACKING_SCALING,
targetTrackingScalingConfigs: [
{
metricType: FLEET_UTILIZATION_RATE,
targetValue: 'NUMBER_VALUE'
},
/* more items */
]
},
tags: [
{
key: 'STRING_VALUE',
value: 'STRING_VALUE'
},
/* more items */
],
vpcConfig: {
securityGroupIds: [
'STRING_VALUE',
/* more items */
],
subnets: [
'STRING_VALUE',
/* more items */
],
vpcId: 'STRING_VALUE'
}
};
codebuild.updateFleet(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
arn
— (String
)The ARN of the compute fleet.
baseCapacity
— (Integer
)The initial number of machines allocated to the compute fleet, which defines the number of builds that can run in parallel.
environmentType
— (String
)The environment type of the compute fleet.
-
The environment type
ARM_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), EU (Frankfurt), and South America (São Paulo). -
The environment type
LINUX_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (São Paulo), and Asia Pacific (Mumbai). -
The environment type
LINUX_GPU_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), and Asia Pacific (Sydney). -
The environment type
MAC_ARM
is available for Medium fleets only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), and EU (Frankfurt) -
The environment type
MAC_ARM
is available for Large fleets only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and Asia Pacific (Sydney). -
The environment type
WINDOWS_SERVER_2019_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), Asia Pacific (Tokyo), Asia Pacific (Mumbai) and EU (Ireland). -
The environment type
WINDOWS_SERVER_2022_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Sydney), Asia Pacific (Singapore), Asia Pacific (Tokyo), South America (São Paulo) and Asia Pacific (Mumbai).
For more information, see Build environment compute types in the CodeBuild user guide.
Possible values include:"WINDOWS_CONTAINER"
"LINUX_CONTAINER"
"LINUX_GPU_CONTAINER"
"ARM_CONTAINER"
"WINDOWS_SERVER_2019_CONTAINER"
"LINUX_LAMBDA_CONTAINER"
"ARM_LAMBDA_CONTAINER"
"MAC_ARM"
-
computeType
— (String
)Information about the compute resources the compute fleet uses. Available values include:
-
BUILD_GENERAL1_SMALL
: Use up to 3 GB memory and 2 vCPUs for builds. -
BUILD_GENERAL1_MEDIUM
: Use up to 7 GB memory and 4 vCPUs for builds. -
BUILD_GENERAL1_LARGE
: Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_XLARGE
: Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_2XLARGE
: Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.
If you use
BUILD_GENERAL1_SMALL
:-
For environment type
LINUX_CONTAINER
, you can use up to 3 GB memory and 2 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 16 GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. -
For environment type
ARM_CONTAINER
, you can use up to 4 GB memory and 2 vCPUs on ARM-based processors for builds.
If you use
BUILD_GENERAL1_LARGE
:-
For environment type
LINUX_CONTAINER
, you can use up to 15 GB memory and 8 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. -
For environment type
ARM_CONTAINER
, you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.
For more information, see Build environment compute types in the CodeBuild User Guide.
Possible values include:"BUILD_GENERAL1_SMALL"
"BUILD_GENERAL1_MEDIUM"
"BUILD_GENERAL1_LARGE"
"BUILD_GENERAL1_XLARGE"
"BUILD_GENERAL1_2XLARGE"
"BUILD_LAMBDA_1GB"
"BUILD_LAMBDA_2GB"
"BUILD_LAMBDA_4GB"
"BUILD_LAMBDA_8GB"
"BUILD_LAMBDA_10GB"
-
scalingConfiguration
— (map
)The scaling configuration of the compute fleet.
scalingType
— (String
)The scaling type for a compute fleet.
Possible values include:"TARGET_TRACKING_SCALING"
targetTrackingScalingConfigs
— (Array<map>
)A list of
TargetTrackingScalingConfiguration
objects.metricType
— (String
)The metric type to determine auto-scaling.
Possible values include:"FLEET_UTILIZATION_RATE"
targetValue
— (Float
)The value of
metricType
when to start scaling.
maxCapacity
— (Integer
)The maximum number of instances in the fleet when auto-scaling.
overflowBehavior
— (String
)The compute fleet overflow behavior.
-
For overflow behavior
QUEUE
, your overflow builds need to wait on the existing fleet instance to become available. -
For overflow behavior
ON_DEMAND
, your overflow builds run on CodeBuild on-demand.Note: If you choose to set your overflow behavior to on-demand while creating a VPC-connected fleet, make sure that you add the required VPC permissions to your project service role. For more information, see Example policy statement to allow CodeBuild access to Amazon Web Services services required to create a VPC network interface.
"QUEUE"
"ON_DEMAND"
-
vpcConfig
— (map
)Information about the VPC configuration that CodeBuild accesses.
vpcId
— (String
)The ID of the Amazon VPC.
subnets
— (Array<String>
)A list of one or more subnet IDs in your Amazon VPC.
securityGroupIds
— (Array<String>
)A list of one or more security groups IDs in your Amazon VPC.
imageId
— (String
)The Amazon Machine Image (AMI) of the compute fleet.
fleetServiceRole
— (String
)The service role associated with the compute fleet. For more information, see Allow a user to add a permission policy for a fleet service role in the CodeBuild User Guide.
tags
— (Array<map>
)A list of tag key and value pairs associated with this compute fleet.
These tags are available for use by Amazon Web Services services that support CodeBuild build project tags.
key
— (String
)The tag's key.
value
— (String
)The tag's value.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:fleet
— (map
)A
Fleet
object.arn
— (String
)The ARN of the compute fleet.
name
— (String
)The name of the compute fleet.
id
— (String
)The ID of the compute fleet.
created
— (Date
)The time at which the compute fleet was created.
lastModified
— (Date
)The time at which the compute fleet was last modified.
status
— (map
)The status of the compute fleet.
statusCode
— (String
)The status code of the compute fleet. Valid values include:
-
CREATING
: The compute fleet is being created. -
UPDATING
: The compute fleet is being updated. -
ROTATING
: The compute fleet is being rotated. -
PENDING_DELETION
: The compute fleet is pending deletion. -
DELETING
: The compute fleet is being deleted. -
CREATE_FAILED
: The compute fleet has failed to create. -
UPDATE_ROLLBACK_FAILED
: The compute fleet has failed to update and could not rollback to previous state. -
ACTIVE
: The compute fleet has succeeded and is active.
"CREATING"
"UPDATING"
"ROTATING"
"PENDING_DELETION"
"DELETING"
"CREATE_FAILED"
"UPDATE_ROLLBACK_FAILED"
"ACTIVE"
-
context
— (String
)Additional information about a compute fleet. Valid values include:
-
CREATE_FAILED
: The compute fleet has failed to create. -
UPDATE_FAILED
: The compute fleet has failed to update.
"CREATE_FAILED"
"UPDATE_FAILED"
"ACTION_REQUIRED"
"PENDING_DELETION"
"INSUFFICIENT_CAPACITY"
-
message
— (String
)A message associated with the status of a compute fleet.
baseCapacity
— (Integer
)The initial number of machines allocated to the compute fleet, which defines the number of builds that can run in parallel.
environmentType
— (String
)The environment type of the compute fleet.
-
The environment type
ARM_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), EU (Frankfurt), and South America (São Paulo). -
The environment type
LINUX_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Singapore), Asia Pacific (Sydney), South America (São Paulo), and Asia Pacific (Mumbai). -
The environment type
LINUX_GPU_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Tokyo), and Asia Pacific (Sydney). -
The environment type
MAC_ARM
is available for Medium fleets only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), and EU (Frankfurt) -
The environment type
MAC_ARM
is available for Large fleets only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and Asia Pacific (Sydney). -
The environment type
WINDOWS_SERVER_2019_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Sydney), Asia Pacific (Tokyo), Asia Pacific (Mumbai) and EU (Ireland). -
The environment type
WINDOWS_SERVER_2022_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), EU (Frankfurt), Asia Pacific (Sydney), Asia Pacific (Singapore), Asia Pacific (Tokyo), South America (São Paulo) and Asia Pacific (Mumbai).
For more information, see Build environment compute types in the CodeBuild user guide.
Possible values include:"WINDOWS_CONTAINER"
"LINUX_CONTAINER"
"LINUX_GPU_CONTAINER"
"ARM_CONTAINER"
"WINDOWS_SERVER_2019_CONTAINER"
"LINUX_LAMBDA_CONTAINER"
"ARM_LAMBDA_CONTAINER"
"MAC_ARM"
-
computeType
— (String
)Information about the compute resources the compute fleet uses. Available values include:
-
BUILD_GENERAL1_SMALL
: Use up to 3 GB memory and 2 vCPUs for builds. -
BUILD_GENERAL1_MEDIUM
: Use up to 7 GB memory and 4 vCPUs for builds. -
BUILD_GENERAL1_LARGE
: Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_XLARGE
: Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_2XLARGE
: Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed.
If you use
BUILD_GENERAL1_SMALL
:-
For environment type
LINUX_CONTAINER
, you can use up to 3 GB memory and 2 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 16 GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. -
For environment type
ARM_CONTAINER
, you can use up to 4 GB memory and 2 vCPUs on ARM-based processors for builds.
If you use
BUILD_GENERAL1_LARGE
:-
For environment type
LINUX_CONTAINER
, you can use up to 15 GB memory and 8 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. -
For environment type
ARM_CONTAINER
, you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.
For more information, see Build environment compute types in the CodeBuild User Guide.
Possible values include:"BUILD_GENERAL1_SMALL"
"BUILD_GENERAL1_MEDIUM"
"BUILD_GENERAL1_LARGE"
"BUILD_GENERAL1_XLARGE"
"BUILD_GENERAL1_2XLARGE"
"BUILD_LAMBDA_1GB"
"BUILD_LAMBDA_2GB"
"BUILD_LAMBDA_4GB"
"BUILD_LAMBDA_8GB"
"BUILD_LAMBDA_10GB"
-
scalingConfiguration
— (map
)The scaling configuration of the compute fleet.
scalingType
— (String
)The scaling type for a compute fleet.
Possible values include:"TARGET_TRACKING_SCALING"
targetTrackingScalingConfigs
— (Array<map>
)A list of
TargetTrackingScalingConfiguration
objects.metricType
— (String
)The metric type to determine auto-scaling.
Possible values include:"FLEET_UTILIZATION_RATE"
targetValue
— (Float
)The value of
metricType
when to start scaling.
maxCapacity
— (Integer
)The maximum number of instances in the fleet when auto-scaling.
desiredCapacity
— (Integer
)The desired number of instances in the fleet when auto-scaling.
overflowBehavior
— (String
)The compute fleet overflow behavior.
-
For overflow behavior
QUEUE
, your overflow builds need to wait on the existing fleet instance to become available. -
For overflow behavior
ON_DEMAND
, your overflow builds run on CodeBuild on-demand.Note: If you choose to set your overflow behavior to on-demand while creating a VPC-connected fleet, make sure that you add the required VPC permissions to your project service role. For more information, see Example policy statement to allow CodeBuild access to Amazon Web Services services required to create a VPC network interface.
"QUEUE"
"ON_DEMAND"
-
vpcConfig
— (map
)Information about the VPC configuration that CodeBuild accesses.
vpcId
— (String
)The ID of the Amazon VPC.
subnets
— (Array<String>
)A list of one or more subnet IDs in your Amazon VPC.
securityGroupIds
— (Array<String>
)A list of one or more security groups IDs in your Amazon VPC.
imageId
— (String
)The Amazon Machine Image (AMI) of the compute fleet.
fleetServiceRole
— (String
)The service role associated with the compute fleet. For more information, see Allow a user to add a permission policy for a fleet service role in the CodeBuild User Guide.
tags
— (Array<map>
)A list of tag key and value pairs associated with this compute fleet.
These tags are available for use by Amazon Web Services services that support CodeBuild build project tags.
key
— (String
)The tag's key.
value
— (String
)The tag's value.
-
(AWS.Response)
—
Returns:
updateProject(params = {}, callback) ⇒ AWS.Request
Changes the settings of a build project.
Service Reference:
Examples:
Calling the updateProject operation
var params = {
name: 'STRING_VALUE', /* required */
artifacts: {
type: CODEPIPELINE | S3 | NO_ARTIFACTS, /* required */
artifactIdentifier: 'STRING_VALUE',
bucketOwnerAccess: NONE | READ_ONLY | FULL,
encryptionDisabled: true || false,
location: 'STRING_VALUE',
name: 'STRING_VALUE',
namespaceType: NONE | BUILD_ID,
overrideArtifactName: true || false,
packaging: NONE | ZIP,
path: 'STRING_VALUE'
},
badgeEnabled: true || false,
buildBatchConfig: {
batchReportMode: REPORT_INDIVIDUAL_BUILDS | REPORT_AGGREGATED_BATCH,
combineArtifacts: true || false,
restrictions: {
computeTypesAllowed: [
'STRING_VALUE',
/* more items */
],
maximumBuildsAllowed: 'NUMBER_VALUE'
},
serviceRole: 'STRING_VALUE',
timeoutInMins: 'NUMBER_VALUE'
},
cache: {
type: NO_CACHE | S3 | LOCAL, /* required */
location: 'STRING_VALUE',
modes: [
LOCAL_DOCKER_LAYER_CACHE | LOCAL_SOURCE_CACHE | LOCAL_CUSTOM_CACHE,
/* more items */
]
},
concurrentBuildLimit: 'NUMBER_VALUE',
description: 'STRING_VALUE',
encryptionKey: 'STRING_VALUE',
environment: {
computeType: BUILD_GENERAL1_SMALL | BUILD_GENERAL1_MEDIUM | BUILD_GENERAL1_LARGE | BUILD_GENERAL1_XLARGE | BUILD_GENERAL1_2XLARGE | BUILD_LAMBDA_1GB | BUILD_LAMBDA_2GB | BUILD_LAMBDA_4GB | BUILD_LAMBDA_8GB | BUILD_LAMBDA_10GB, /* required */
image: 'STRING_VALUE', /* required */
type: WINDOWS_CONTAINER | LINUX_CONTAINER | LINUX_GPU_CONTAINER | ARM_CONTAINER | WINDOWS_SERVER_2019_CONTAINER | LINUX_LAMBDA_CONTAINER | ARM_LAMBDA_CONTAINER | MAC_ARM, /* required */
certificate: 'STRING_VALUE',
environmentVariables: [
{
name: 'STRING_VALUE', /* required */
value: 'STRING_VALUE', /* required */
type: PLAINTEXT | PARAMETER_STORE | SECRETS_MANAGER
},
/* more items */
],
fleet: {
fleetArn: 'STRING_VALUE'
},
imagePullCredentialsType: CODEBUILD | SERVICE_ROLE,
privilegedMode: true || false,
registryCredential: {
credential: 'STRING_VALUE', /* required */
credentialProvider: SECRETS_MANAGER /* required */
}
},
fileSystemLocations: [
{
identifier: 'STRING_VALUE',
location: 'STRING_VALUE',
mountOptions: 'STRING_VALUE',
mountPoint: 'STRING_VALUE',
type: EFS
},
/* more items */
],
logsConfig: {
cloudWatchLogs: {
status: ENABLED | DISABLED, /* required */
groupName: 'STRING_VALUE',
streamName: 'STRING_VALUE'
},
s3Logs: {
status: ENABLED | DISABLED, /* required */
bucketOwnerAccess: NONE | READ_ONLY | FULL,
encryptionDisabled: true || false,
location: 'STRING_VALUE'
}
},
queuedTimeoutInMinutes: 'NUMBER_VALUE',
secondaryArtifacts: [
{
type: CODEPIPELINE | S3 | NO_ARTIFACTS, /* required */
artifactIdentifier: 'STRING_VALUE',
bucketOwnerAccess: NONE | READ_ONLY | FULL,
encryptionDisabled: true || false,
location: 'STRING_VALUE',
name: 'STRING_VALUE',
namespaceType: NONE | BUILD_ID,
overrideArtifactName: true || false,
packaging: NONE | ZIP,
path: 'STRING_VALUE'
},
/* more items */
],
secondarySourceVersions: [
{
sourceIdentifier: 'STRING_VALUE', /* required */
sourceVersion: 'STRING_VALUE' /* required */
},
/* more items */
],
secondarySources: [
{
type: CODECOMMIT | CODEPIPELINE | GITHUB | GITLAB | GITLAB_SELF_MANAGED | S3 | BITBUCKET | GITHUB_ENTERPRISE | NO_SOURCE, /* required */
auth: {
type: OAUTH | CODECONNECTIONS | SECRETS_MANAGER, /* required */
resource: 'STRING_VALUE'
},
buildStatusConfig: {
context: 'STRING_VALUE',
targetUrl: 'STRING_VALUE'
},
buildspec: 'STRING_VALUE',
gitCloneDepth: 'NUMBER_VALUE',
gitSubmodulesConfig: {
fetchSubmodules: true || false /* required */
},
insecureSsl: true || false,
location: 'STRING_VALUE',
reportBuildStatus: true || false,
sourceIdentifier: 'STRING_VALUE'
},
/* more items */
],
serviceRole: 'STRING_VALUE',
source: {
type: CODECOMMIT | CODEPIPELINE | GITHUB | GITLAB | GITLAB_SELF_MANAGED | S3 | BITBUCKET | GITHUB_ENTERPRISE | NO_SOURCE, /* required */
auth: {
type: OAUTH | CODECONNECTIONS | SECRETS_MANAGER, /* required */
resource: 'STRING_VALUE'
},
buildStatusConfig: {
context: 'STRING_VALUE',
targetUrl: 'STRING_VALUE'
},
buildspec: 'STRING_VALUE',
gitCloneDepth: 'NUMBER_VALUE',
gitSubmodulesConfig: {
fetchSubmodules: true || false /* required */
},
insecureSsl: true || false,
location: 'STRING_VALUE',
reportBuildStatus: true || false,
sourceIdentifier: 'STRING_VALUE'
},
sourceVersion: 'STRING_VALUE',
tags: [
{
key: 'STRING_VALUE',
value: 'STRING_VALUE'
},
/* more items */
],
timeoutInMinutes: 'NUMBER_VALUE',
vpcConfig: {
securityGroupIds: [
'STRING_VALUE',
/* more items */
],
subnets: [
'STRING_VALUE',
/* more items */
],
vpcId: 'STRING_VALUE'
}
};
codebuild.updateProject(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
name
— (String
)The name of the build project.
Note: You cannot change a build project's name.description
— (String
)A new or replacement description of the build project.
source
— (map
)Information to be changed about the build input source code for the build project.
type
— required — (String
)The type of repository that contains the source code to be built. Valid values include:
-
BITBUCKET
: The source code is in a Bitbucket repository. -
CODECOMMIT
: The source code is in an CodeCommit repository. -
CODEPIPELINE
: The source code settings are specified in the source action of a pipeline in CodePipeline. -
GITHUB
: The source code is in a GitHub repository. -
GITHUB_ENTERPRISE
: The source code is in a GitHub Enterprise Server repository. -
GITLAB
: The source code is in a GitLab repository. -
GITLAB_SELF_MANAGED
: The source code is in a self-managed GitLab repository. -
NO_SOURCE
: The project does not have input source code. -
S3
: The source code is in an Amazon S3 bucket.
"CODECOMMIT"
"CODEPIPELINE"
"GITHUB"
"GITLAB"
"GITLAB_SELF_MANAGED"
"S3"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"NO_SOURCE"
-
location
— (String
)Information about the location of the source code to be built. Valid values include:
-
For source code settings that are specified in the source action of a pipeline in CodePipeline,
location
should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. -
For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example,
https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>
). -
For source code in an Amazon S3 input bucket, one of the following.
-
The path to the ZIP file that contains the source code (for example,
<bucket-name>/<path>/<object-name>.zip
). -
The path to the folder that contains the source code (for example,
<bucket-name>/<path-to-source-code>/<folder>/
).
-
-
For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
. -
For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the
auth
object'stype
value toCODECONNECTIONS
in thesource
object. -
For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
.
If you specify
CODEPIPELINE
for theType
property, don't specify this property. For all of the other types, you must specifyLocation
.-
gitCloneDepth
— (Integer
)Information about the Git clone depth for the build project.
gitSubmodulesConfig
— (map
)Information about the Git submodules configuration for the build project.
fetchSubmodules
— required — (Boolean
)Set to true to fetch Git submodules for your CodeBuild build project.
buildspec
— (String
)The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in
CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.auth
— (map
)Information about the authorization settings for CodeBuild to access the source code to be built.
type
— required — (String
)The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The resource value that applies to the specified authorization type.
reportBuildStatus
— (Boolean
)Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an
invalidInputException
is thrown.To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.
buildStatusConfig
— (map
)Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is
GITHUB
,GITHUB_ENTERPRISE
, orBITBUCKET
.context
— (String
)Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
name
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
context
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
targetUrl
— (String
)Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
url
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
target_url
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
insecureSsl
— (Boolean
)Enable this flag to ignore SSL warnings while connecting to the project source code.
sourceIdentifier
— (String
)An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
secondarySources
— (Array<map>
)An array of
ProjectSource
objects.type
— required — (String
)The type of repository that contains the source code to be built. Valid values include:
-
BITBUCKET
: The source code is in a Bitbucket repository. -
CODECOMMIT
: The source code is in an CodeCommit repository. -
CODEPIPELINE
: The source code settings are specified in the source action of a pipeline in CodePipeline. -
GITHUB
: The source code is in a GitHub repository. -
GITHUB_ENTERPRISE
: The source code is in a GitHub Enterprise Server repository. -
GITLAB
: The source code is in a GitLab repository. -
GITLAB_SELF_MANAGED
: The source code is in a self-managed GitLab repository. -
NO_SOURCE
: The project does not have input source code. -
S3
: The source code is in an Amazon S3 bucket.
"CODECOMMIT"
"CODEPIPELINE"
"GITHUB"
"GITLAB"
"GITLAB_SELF_MANAGED"
"S3"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"NO_SOURCE"
-
location
— (String
)Information about the location of the source code to be built. Valid values include:
-
For source code settings that are specified in the source action of a pipeline in CodePipeline,
location
should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. -
For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example,
https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>
). -
For source code in an Amazon S3 input bucket, one of the following.
-
The path to the ZIP file that contains the source code (for example,
<bucket-name>/<path>/<object-name>.zip
). -
The path to the folder that contains the source code (for example,
<bucket-name>/<path-to-source-code>/<folder>/
).
-
-
For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
. -
For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the
auth
object'stype
value toCODECONNECTIONS
in thesource
object. -
For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
.
If you specify
CODEPIPELINE
for theType
property, don't specify this property. For all of the other types, you must specifyLocation
.-
gitCloneDepth
— (Integer
)Information about the Git clone depth for the build project.
gitSubmodulesConfig
— (map
)Information about the Git submodules configuration for the build project.
fetchSubmodules
— required — (Boolean
)Set to true to fetch Git submodules for your CodeBuild build project.
buildspec
— (String
)The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in
CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.auth
— (map
)Information about the authorization settings for CodeBuild to access the source code to be built.
type
— required — (String
)The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The resource value that applies to the specified authorization type.
reportBuildStatus
— (Boolean
)Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an
invalidInputException
is thrown.To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.
buildStatusConfig
— (map
)Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is
GITHUB
,GITHUB_ENTERPRISE
, orBITBUCKET
.context
— (String
)Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
name
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
context
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
targetUrl
— (String
)Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
url
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
target_url
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
insecureSsl
— (Boolean
)Enable this flag to ignore SSL warnings while connecting to the project source code.
sourceIdentifier
— (String
)An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
sourceVersion
— (String
)A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:
-
For CodeCommit: the commit ID, branch, or Git tag to use.
-
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for examplepr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. -
For GitLab: the commit ID, branch, or Git tag to use.
-
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
-
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
If
sourceVersion
is specified at the build level, then that version takes precedence over thissourceVersion
(at the project level).For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
-
secondarySourceVersions
— (Array<map>
)An array of
ProjectSourceVersion
objects. IfsecondarySourceVersions
is specified at the build level, then they take over thesesecondarySourceVersions
(at the project level).sourceIdentifier
— required — (String
)An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
sourceVersion
— required — (String
)The source version for the corresponding source identifier. If specified, must be one of:
-
For CodeCommit: the commit ID, branch, or Git tag to use.
-
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for example,pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. -
For GitLab: the commit ID, branch, or Git tag to use.
-
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
-
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
-
artifacts
— (map
)Information to be changed about the build output artifacts for the build project.
type
— required — (String
)The type of build output artifact. Valid values include:
-
CODEPIPELINE
: The build project has build output generated through CodePipeline.Note: TheCODEPIPELINE
type is not supported forsecondaryArtifacts
. -
NO_ARTIFACTS
: The build project does not produce any build output. -
S3
: The build project stores build output in Amazon S3.
"CODEPIPELINE"
"S3"
"NO_ARTIFACTS"
-
location
— (String
)Information about the build output artifact location:
-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the name of the output bucket.
-
path
— (String
)Along with
namespaceType
andname
, the pattern that CodeBuild uses to name and store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the path to the output artifact. Ifpath
is not specified,path
is not used.
For example, if
path
is set toMyArtifacts
,namespaceType
is set toNONE
, andname
is set toMyArtifact.zip
, the output artifact is stored in the output bucket atMyArtifacts/MyArtifact.zip
.-
namespaceType
— (String
)Along with
path
andname
, the pattern that CodeBuild uses to determine the name and location to store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, valid values include:-
BUILD_ID
: Include the build ID in the location of the build output artifact. -
NONE
: Do not include the build ID. This is the default ifnamespaceType
is not specified.
-
For example, if
Possible values include:path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set toMyArtifact.zip
, the output artifact is stored inMyArtifacts/<build-ID>/MyArtifact.zip
."NONE"
"BUILD_ID"
-
name
— (String
)Along with
path
andnamespaceType
, the pattern that CodeBuild uses to name and store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket.
For example:
-
If
path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set toMyArtifact.zip
, then the output artifact is stored inMyArtifacts/<build-ID>/MyArtifact.zip
. -
If
path
is empty,namespaceType
is set toNONE
, andname
is set to "/
", the output artifact is stored in the root of the output bucket. -
If
path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set to "/
", the output artifact is stored inMyArtifacts/<build-ID>
.
-
packaging
— (String
)The type of build output artifact to create:
-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, valid values include:-
NONE
: CodeBuild creates in the output bucket a folder that contains the build output. This is the default ifpackaging
is not specified. -
ZIP
: CodeBuild creates in the output bucket a ZIP file that contains the build output.
-
"NONE"
"ZIP"
-
overrideArtifactName
— (Boolean
)If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.
encryptionDisabled
— (Boolean
)Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown.
artifactIdentifier
— (String
)An identifier for this artifact definition.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
secondaryArtifacts
— (Array<map>
)An array of
ProjectArtifact
objects.type
— required — (String
)The type of build output artifact. Valid values include:
-
CODEPIPELINE
: The build project has build output generated through CodePipeline.Note: TheCODEPIPELINE
type is not supported forsecondaryArtifacts
. -
NO_ARTIFACTS
: The build project does not produce any build output. -
S3
: The build project stores build output in Amazon S3.
"CODEPIPELINE"
"S3"
"NO_ARTIFACTS"
-
location
— (String
)Information about the build output artifact location:
-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the name of the output bucket.
-
path
— (String
)Along with
namespaceType
andname
, the pattern that CodeBuild uses to name and store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the path to the output artifact. Ifpath
is not specified,path
is not used.
For example, if
path
is set toMyArtifacts
,namespaceType
is set toNONE
, andname
is set toMyArtifact.zip
, the output artifact is stored in the output bucket atMyArtifacts/MyArtifact.zip
.-
namespaceType
— (String
)Along with
path
andname
, the pattern that CodeBuild uses to determine the name and location to store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, valid values include:-
BUILD_ID
: Include the build ID in the location of the build output artifact. -
NONE
: Do not include the build ID. This is the default ifnamespaceType
is not specified.
-
For example, if
Possible values include:path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set toMyArtifact.zip
, the output artifact is stored inMyArtifacts/<build-ID>/MyArtifact.zip
."NONE"
"BUILD_ID"
-
name
— (String
)Along with
path
andnamespaceType
, the pattern that CodeBuild uses to name and store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket.
For example:
-
If
path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set toMyArtifact.zip
, then the output artifact is stored inMyArtifacts/<build-ID>/MyArtifact.zip
. -
If
path
is empty,namespaceType
is set toNONE
, andname
is set to "/
", the output artifact is stored in the root of the output bucket. -
If
path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set to "/
", the output artifact is stored inMyArtifacts/<build-ID>
.
-
packaging
— (String
)The type of build output artifact to create:
-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, valid values include:-
NONE
: CodeBuild creates in the output bucket a folder that contains the build output. This is the default ifpackaging
is not specified. -
ZIP
: CodeBuild creates in the output bucket a ZIP file that contains the build output.
-
"NONE"
"ZIP"
-
overrideArtifactName
— (Boolean
)If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.
encryptionDisabled
— (Boolean
)Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown.
artifactIdentifier
— (String
)An identifier for this artifact definition.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
cache
— (map
)Stores recently used information so that it can be quickly accessed at a later time.
type
— required — (String
)The type of cache used by the build project. Valid values include:
-
NO_CACHE
: The build project does not use any cache. -
S3
: The build project reads and writes from and to S3. -
LOCAL
: The build project stores a cache locally on a build host that is only available to that build host.
"NO_CACHE"
"S3"
"LOCAL"
-
location
— (String
)Information about the cache location:
-
NO_CACHE
orLOCAL
: This value is ignored. -
S3
: This is the S3 bucket name/prefix.
-
modes
— (Array<String>
)An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for
LOCAL
cache types.Possible values are:
- LOCAL_SOURCE_CACHE
-
Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.
- LOCAL_DOCKER_LAYER_CACHE
-
Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.
Note:- You can use a Docker layer cache in the Linux environment only.
- The
privileged
flag must be set so that your project has the required Docker permissions. - You should consider the security implications before you use a Docker layer cache.
- LOCAL_CUSTOM_CACHE
-
Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:
-
Only directories can be specified for caching. You cannot specify individual files.
-
Symlinks are used to reference cached directories.
-
Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.
-
environment
— (map
)Information to be changed about the build environment for the build project.
type
— required — (String
)The type of build environment to use for related builds.
-
The environment type
ARM_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and EU (Frankfurt). -
The environment type
LINUX_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia). -
The environment type
LINUX_GPU_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) , China (Beijing), and China (Ningxia).
-
The environment types
ARM_LAMBDA_CONTAINER
andLINUX_LAMBDA_CONTAINER
are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Frankfurt), EU (Ireland), and South America (São Paulo).
-
The environment types
WINDOWS_CONTAINER
andWINDOWS_SERVER_2019_CONTAINER
are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and EU (Ireland).
Note: If you're using compute fleets during project creation,type
will be ignored.For more information, see Build environment compute types in the CodeBuild user guide.
Possible values include:"WINDOWS_CONTAINER"
"LINUX_CONTAINER"
"LINUX_GPU_CONTAINER"
"ARM_CONTAINER"
"WINDOWS_SERVER_2019_CONTAINER"
"LINUX_LAMBDA_CONTAINER"
"ARM_LAMBDA_CONTAINER"
"MAC_ARM"
-
image
— required — (String
)The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:
-
For an image tag:
<registry>/<repository>:<tag>
. For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would beaws/codebuild/standard:4.0
. -
For an image digest:
<registry>/<repository>@<digest>
. For example, to specify an image with the digest "sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use<registry>/<repository>@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf
.
For more information, see Docker images provided by CodeBuild in the CodeBuild user guide.
-
computeType
— required — (String
)Information about the compute resources the build project uses. Available values include:
-
BUILD_GENERAL1_SMALL
: Use up to 3 GB memory and 2 vCPUs for builds. -
BUILD_GENERAL1_MEDIUM
: Use up to 7 GB memory and 4 vCPUs for builds. -
BUILD_GENERAL1_LARGE
: Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_XLARGE
: Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_2XLARGE
: Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. -
BUILD_LAMBDA_1GB
: Use up to 1 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_2GB
: Use up to 2 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_4GB
: Use up to 4 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_8GB
: Use up to 8 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_10GB
: Use up to 10 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
.
If you use
BUILD_GENERAL1_SMALL
:-
For environment type
LINUX_CONTAINER
, you can use up to 3 GB memory and 2 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 16 GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. -
For environment type
ARM_CONTAINER
, you can use up to 4 GB memory and 2 vCPUs on ARM-based processors for builds.
If you use
BUILD_GENERAL1_LARGE
:-
For environment type
LINUX_CONTAINER
, you can use up to 15 GB memory and 8 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. -
For environment type
ARM_CONTAINER
, you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.
Note: If you're using compute fleets during project creation,computeType
will be ignored.For more information, see Build Environment Compute Types in the CodeBuild User Guide.
Possible values include:"BUILD_GENERAL1_SMALL"
"BUILD_GENERAL1_MEDIUM"
"BUILD_GENERAL1_LARGE"
"BUILD_GENERAL1_XLARGE"
"BUILD_GENERAL1_2XLARGE"
"BUILD_LAMBDA_1GB"
"BUILD_LAMBDA_2GB"
"BUILD_LAMBDA_4GB"
"BUILD_LAMBDA_8GB"
"BUILD_LAMBDA_10GB"
-
fleet
— (map
)A ProjectFleet object to use for this build project.
fleetArn
— (String
)Specifies the compute fleet ARN for the build project.
environmentVariables
— (Array<map>
)A set of environment variables to make available to builds for this build project.
name
— required — (String
)The name or key of the environment variable.
value
— required — (String
)The value of the environment variable.
We strongly discourage the use of
PLAINTEXT
environment variables to store sensitive values, especially Amazon Web Services secret key IDs.PLAINTEXT
environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of typePARAMETER_STORE
orSECRETS_MANAGER
.type
— (String
)The type of environment variable. Valid values include:
-
PARAMETER_STORE
: An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as thevalue
of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the CodeBuild User Guide. -
PLAINTEXT
: An environment variable in plain text format. This is the default value. -
SECRETS_MANAGER
: An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as thevalue
of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the CodeBuild User Guide.
"PLAINTEXT"
"PARAMETER_STORE"
"SECRETS_MANAGER"
-
privilegedMode
— (Boolean
)Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is
false
.You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:
If the operating system's base image is Ubuntu Linux:
- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&
- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"
If the operating system's base image is Alpine Linux and the previous command does not work, add the
-t
argument totimeout
:- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&
- timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"
certificate
— (String
)The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the CodeBuild User Guide.
registryCredential
— (map
)The credentials for access to a private registry.
credential
— required — (String
)The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager.
Note: Thecredential
can use the name of the credentials only if they exist in your current Amazon Web Services Region.credentialProvider
— required — (String
)The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager.
Possible values include:"SECRETS_MANAGER"
imagePullCredentialsType
— (String
)The type of credentials CodeBuild uses to pull images in your build. There are two valid values:
-
CODEBUILD
specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal. -
SERVICE_ROLE
specifies that CodeBuild uses your build project's service role.
When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials.
Possible values include:"CODEBUILD"
"SERVICE_ROLE"
-
serviceRole
— (String
)The replacement ARN of the IAM role that enables CodeBuild to interact with dependent Amazon Web Services services on behalf of the Amazon Web Services account.
timeoutInMinutes
— (Integer
)The replacement value in minutes, from 5 to 2160 (36 hours), for CodeBuild to wait before timing out any related build that did not get marked as completed.
queuedTimeoutInMinutes
— (Integer
)The number of minutes a build is allowed to be queued before it times out.
encryptionKey
— (String
)The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.
Note: You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format
alias/<alias-name>
).tags
— (Array<map>
)An updated list of tag key and value pairs associated with this build project.
These tags are available for use by Amazon Web Services services that support CodeBuild build project tags.
key
— (String
)The tag's key.
value
— (String
)The tag's value.
vpcConfig
— (map
)VpcConfig enables CodeBuild to access resources in an Amazon VPC.
vpcId
— (String
)The ID of the Amazon VPC.
subnets
— (Array<String>
)A list of one or more subnet IDs in your Amazon VPC.
securityGroupIds
— (Array<String>
)A list of one or more security groups IDs in your Amazon VPC.
badgeEnabled
— (Boolean
)Set this to true to generate a publicly accessible URL for your project's build badge.
logsConfig
— (map
)Information about logs for the build project. A project can create logs in CloudWatch Logs, logs in an S3 bucket, or both.
cloudWatchLogs
— (map
)Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default.
status
— required — (String
)The current status of the logs in CloudWatch Logs for a build project. Valid values are:
-
ENABLED
: CloudWatch Logs are enabled for this build project. -
DISABLED
: CloudWatch Logs are not enabled for this build project.
"ENABLED"
"DISABLED"
-
groupName
— (String
)The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
streamName
— (String
)The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
s3Logs
— (map
)Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default.
status
— required — (String
)The current status of the S3 build logs. Valid values are:
-
ENABLED
: S3 build logs are enabled for this build project. -
DISABLED
: S3 build logs are not enabled for this build project.
"ENABLED"
"DISABLED"
-
location
— (String
)The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is
my-bucket
, and your path prefix isbuild-log
, then acceptable formats aremy-bucket/build-log
orarn:aws:s3:::my-bucket/build-log
.encryptionDisabled
— (Boolean
)Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
fileSystemLocations
— (Array<map>
)An array of
ProjectFileSystemLocation
objects for a CodeBuild build project. AProjectFileSystemLocation
object specifies theidentifier
,location
,mountOptions
,mountPoint
, andtype
of a file system created using Amazon Elastic File System.type
— (String
)The type of the file system. The one supported type is
Possible values include:EFS
."EFS"
location
— (String
)A string that specifies the location of the file system created by Amazon EFS. Its format is
efs-dns-name:/directory-path
. You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system isfs-abcd1234.efs.us-west-2.amazonaws.com
, and its mount directory ismy-efs-mount-directory
, then thelocation
isfs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory
.The directory path in the format
efs-dns-name:/directory-path
is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.mountPoint
— (String
)The location in the container where you mount the file system.
identifier
— (String
)The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the
identifier
in all capital letters toCODEBUILD_
. For example, if you specifymy_efs
foridentifier
, a new environment variable is create namedCODEBUILD_MY_EFS
.The
identifier
is used to mount your file system.mountOptions
— (String
)The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are
nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2
. For more information, see Recommended NFS Mount Options.
buildBatchConfig
— (map
)Contains configuration information about a batch build project.
serviceRole
— (String
)Specifies the service role ARN for the batch build project.
combineArtifacts
— (Boolean
)Specifies if the build artifacts for the batch build should be combined into a single artifact location.
restrictions
— (map
)A
BatchRestrictions
object that specifies the restrictions for the batch build.maximumBuildsAllowed
— (Integer
)Specifies the maximum number of builds allowed.
computeTypesAllowed
— (Array<String>
)An array of strings that specify the compute types that are allowed for the batch build. See Build environment compute types in the CodeBuild User Guide for these values.
timeoutInMins
— (Integer
)Specifies the maximum amount of time, in minutes, that the batch build must be completed in.
batchReportMode
— (String
)Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider.
- REPORT_AGGREGATED_BATCH
-
(Default) Aggregate all of the build statuses into a single status report.
- REPORT_INDIVIDUAL_BUILDS
-
Send a separate status report for each individual build.
"REPORT_INDIVIDUAL_BUILDS"
"REPORT_AGGREGATED_BATCH"
concurrentBuildLimit
— (Integer
)The maximum number of concurrent builds that are allowed for this project.
New builds are only started if the current number of builds is less than or equal to this limit. If the current build count meets this limit, new builds are throttled and are not run.
To remove this limit, set this value to -1.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:project
— (map
)Information about the build project that was changed.
name
— (String
)The name of the build project.
arn
— (String
)The Amazon Resource Name (ARN) of the build project.
description
— (String
)A description that makes the build project easy to identify.
source
— (map
)Information about the build input source code for this build project.
type
— required — (String
)The type of repository that contains the source code to be built. Valid values include:
-
BITBUCKET
: The source code is in a Bitbucket repository. -
CODECOMMIT
: The source code is in an CodeCommit repository. -
CODEPIPELINE
: The source code settings are specified in the source action of a pipeline in CodePipeline. -
GITHUB
: The source code is in a GitHub repository. -
GITHUB_ENTERPRISE
: The source code is in a GitHub Enterprise Server repository. -
GITLAB
: The source code is in a GitLab repository. -
GITLAB_SELF_MANAGED
: The source code is in a self-managed GitLab repository. -
NO_SOURCE
: The project does not have input source code. -
S3
: The source code is in an Amazon S3 bucket.
"CODECOMMIT"
"CODEPIPELINE"
"GITHUB"
"GITLAB"
"GITLAB_SELF_MANAGED"
"S3"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"NO_SOURCE"
-
location
— (String
)Information about the location of the source code to be built. Valid values include:
-
For source code settings that are specified in the source action of a pipeline in CodePipeline,
location
should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. -
For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example,
https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>
). -
For source code in an Amazon S3 input bucket, one of the following.
-
The path to the ZIP file that contains the source code (for example,
<bucket-name>/<path>/<object-name>.zip
). -
The path to the folder that contains the source code (for example,
<bucket-name>/<path-to-source-code>/<folder>/
).
-
-
For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
. -
For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the
auth
object'stype
value toCODECONNECTIONS
in thesource
object. -
For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
.
If you specify
CODEPIPELINE
for theType
property, don't specify this property. For all of the other types, you must specifyLocation
.-
gitCloneDepth
— (Integer
)Information about the Git clone depth for the build project.
gitSubmodulesConfig
— (map
)Information about the Git submodules configuration for the build project.
fetchSubmodules
— required — (Boolean
)Set to true to fetch Git submodules for your CodeBuild build project.
buildspec
— (String
)The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in
CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.auth
— (map
)Information about the authorization settings for CodeBuild to access the source code to be built.
type
— required — (String
)The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The resource value that applies to the specified authorization type.
reportBuildStatus
— (Boolean
)Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an
invalidInputException
is thrown.To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.
buildStatusConfig
— (map
)Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is
GITHUB
,GITHUB_ENTERPRISE
, orBITBUCKET
.context
— (String
)Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
name
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
context
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
targetUrl
— (String
)Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
url
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
target_url
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
insecureSsl
— (Boolean
)Enable this flag to ignore SSL warnings while connecting to the project source code.
sourceIdentifier
— (String
)An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
secondarySources
— (Array<map>
)An array of
ProjectSource
objects.type
— required — (String
)The type of repository that contains the source code to be built. Valid values include:
-
BITBUCKET
: The source code is in a Bitbucket repository. -
CODECOMMIT
: The source code is in an CodeCommit repository. -
CODEPIPELINE
: The source code settings are specified in the source action of a pipeline in CodePipeline. -
GITHUB
: The source code is in a GitHub repository. -
GITHUB_ENTERPRISE
: The source code is in a GitHub Enterprise Server repository. -
GITLAB
: The source code is in a GitLab repository. -
GITLAB_SELF_MANAGED
: The source code is in a self-managed GitLab repository. -
NO_SOURCE
: The project does not have input source code. -
S3
: The source code is in an Amazon S3 bucket.
"CODECOMMIT"
"CODEPIPELINE"
"GITHUB"
"GITLAB"
"GITLAB_SELF_MANAGED"
"S3"
"BITBUCKET"
"GITHUB_ENTERPRISE"
"NO_SOURCE"
-
location
— (String
)Information about the location of the source code to be built. Valid values include:
-
For source code settings that are specified in the source action of a pipeline in CodePipeline,
location
should not be specified. If it is specified, CodePipeline ignores it. This is because CodePipeline uses the settings in a pipeline's source action instead of this value. -
For source code in an CodeCommit repository, the HTTPS clone URL to the repository that contains the source code and the buildspec file (for example,
https://git-codecommit.<region-ID>.amazonaws.com/v1/repos/<repo-name>
). -
For source code in an Amazon S3 input bucket, one of the following.
-
The path to the ZIP file that contains the source code (for example,
<bucket-name>/<path>/<object-name>.zip
). -
The path to the folder that contains the source code (for example,
<bucket-name>/<path-to-source-code>/<folder>/
).
-
-
For source code in a GitHub repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitHub account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitHub, on the GitHub Authorize application page, for Organization access, choose Request access next to each repository you want to allow CodeBuild to have access to, and then choose Authorize application. (After you have connected to your GitHub account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
. -
For source code in an GitLab or self-managed GitLab repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your GitLab account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with GitLab, on the Connections Authorize application page, choose Authorize. Then on the CodeConnections Create GitLab connection page, choose Connect to GitLab. (After you have connected to your GitLab account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to override the default connection and use this connection instead, set the
auth
object'stype
value toCODECONNECTIONS
in thesource
object. -
For source code in a Bitbucket repository, the HTTPS clone URL to the repository that contains the source and the buildspec file. You must connect your Amazon Web Services account to your Bitbucket account. Use the CodeBuild console to start creating a build project. When you use the console to connect (or reconnect) with Bitbucket, on the Bitbucket Confirm access to your account page, choose Grant access. (After you have connected to your Bitbucket account, you do not need to finish creating the build project. You can leave the CodeBuild console.) To instruct CodeBuild to use this connection, in the
source
object, set theauth
object'stype
value toOAUTH
.
If you specify
CODEPIPELINE
for theType
property, don't specify this property. For all of the other types, you must specifyLocation
.-
gitCloneDepth
— (Integer
)Information about the Git clone depth for the build project.
gitSubmodulesConfig
— (map
)Information about the Git submodules configuration for the build project.
fetchSubmodules
— required — (Boolean
)Set to true to fetch Git submodules for your CodeBuild build project.
buildspec
— (String
)The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in
CODEBUILD_SRC_DIR
environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example,arn:aws:s3:::my-codebuild-sample2/buildspec.yml
). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.auth
— (map
)Information about the authorization settings for CodeBuild to access the source code to be built.
type
— required — (String
)The authorization type to use. Valid options are OAUTH, CODECONNECTIONS, or SECRETS_MANAGER.
Possible values include:"OAUTH"
"CODECONNECTIONS"
"SECRETS_MANAGER"
resource
— (String
)The resource value that applies to the specified authorization type.
reportBuildStatus
— (Boolean
)Set to true to report the status of a build's start and finish to your source provider. This option is valid only when your source provider is GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket. If this is set and you use a different source provider, an
invalidInputException
is thrown.To be able to report the build status to the source provider, the user associated with the source provider must have write access to the repo. If the user does not have write access, the build status cannot be updated. For more information, see Source provider access in the CodeBuild User Guide.
The status of a build triggered by a webhook is always reported to your source provider.
If your project's builds are triggered by a webhook, you must push a new commit to the repo for a change to this property to take effect.
buildStatusConfig
— (map
)Contains information that defines how the build project reports the build status to the source provider. This option is only used when the source provider is
GITHUB
,GITHUB_ENTERPRISE
, orBITBUCKET
.context
— (String
)Specifies the context of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
name
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
context
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
targetUrl
— (String
)Specifies the target url of the build status CodeBuild sends to the source provider. The usage of this parameter depends on the source provider.
- Bitbucket
-
This parameter is used for the
url
parameter in the Bitbucket commit status. For more information, see build in the Bitbucket API documentation. - GitHub/GitHub Enterprise Server
-
This parameter is used for the
target_url
parameter in the GitHub commit status. For more information, see Create a commit status in the GitHub developer guide.
insecureSsl
— (Boolean
)Enable this flag to ignore SSL warnings while connecting to the project source code.
sourceIdentifier
— (String
)An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
sourceVersion
— (String
)A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:
-
For CodeCommit: the commit ID, branch, or Git tag to use.
-
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for examplepr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. -
For GitLab: the commit ID, branch, or Git tag to use.
-
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
-
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
If
sourceVersion
is specified at the build level, then that version takes precedence over thissourceVersion
(at the project level).For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
-
secondarySourceVersions
— (Array<map>
)An array of
ProjectSourceVersion
objects. IfsecondarySourceVersions
is specified at the build level, then they take over thesesecondarySourceVersions
(at the project level).sourceIdentifier
— required — (String
)An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
sourceVersion
— required — (String
)The source version for the corresponding source identifier. If specified, must be one of:
-
For CodeCommit: the commit ID, branch, or Git tag to use.
-
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format
pr/pull-request-ID
(for example,pr/25
). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used. -
For GitLab: the commit ID, branch, or Git tag to use.
-
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
-
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
-
artifacts
— (map
)Information about the build output artifacts for the build project.
type
— required — (String
)The type of build output artifact. Valid values include:
-
CODEPIPELINE
: The build project has build output generated through CodePipeline.Note: TheCODEPIPELINE
type is not supported forsecondaryArtifacts
. -
NO_ARTIFACTS
: The build project does not produce any build output. -
S3
: The build project stores build output in Amazon S3.
"CODEPIPELINE"
"S3"
"NO_ARTIFACTS"
-
location
— (String
)Information about the build output artifact location:
-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the name of the output bucket.
-
path
— (String
)Along with
namespaceType
andname
, the pattern that CodeBuild uses to name and store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the path to the output artifact. Ifpath
is not specified,path
is not used.
For example, if
path
is set toMyArtifacts
,namespaceType
is set toNONE
, andname
is set toMyArtifact.zip
, the output artifact is stored in the output bucket atMyArtifacts/MyArtifact.zip
.-
namespaceType
— (String
)Along with
path
andname
, the pattern that CodeBuild uses to determine the name and location to store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, valid values include:-
BUILD_ID
: Include the build ID in the location of the build output artifact. -
NONE
: Do not include the build ID. This is the default ifnamespaceType
is not specified.
-
For example, if
Possible values include:path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set toMyArtifact.zip
, the output artifact is stored inMyArtifacts/<build-ID>/MyArtifact.zip
."NONE"
"BUILD_ID"
-
name
— (String
)Along with
path
andnamespaceType
, the pattern that CodeBuild uses to name and store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket.
For example:
-
If
path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set toMyArtifact.zip
, then the output artifact is stored inMyArtifacts/<build-ID>/MyArtifact.zip
. -
If
path
is empty,namespaceType
is set toNONE
, andname
is set to "/
", the output artifact is stored in the root of the output bucket. -
If
path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set to "/
", the output artifact is stored inMyArtifacts/<build-ID>
.
-
packaging
— (String
)The type of build output artifact to create:
-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, valid values include:-
NONE
: CodeBuild creates in the output bucket a folder that contains the build output. This is the default ifpackaging
is not specified. -
ZIP
: CodeBuild creates in the output bucket a ZIP file that contains the build output.
-
"NONE"
"ZIP"
-
overrideArtifactName
— (Boolean
)If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.
encryptionDisabled
— (Boolean
)Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown.
artifactIdentifier
— (String
)An identifier for this artifact definition.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
secondaryArtifacts
— (Array<map>
)An array of
ProjectArtifacts
objects.type
— required — (String
)The type of build output artifact. Valid values include:
-
CODEPIPELINE
: The build project has build output generated through CodePipeline.Note: TheCODEPIPELINE
type is not supported forsecondaryArtifacts
. -
NO_ARTIFACTS
: The build project does not produce any build output. -
S3
: The build project stores build output in Amazon S3.
"CODEPIPELINE"
"S3"
"NO_ARTIFACTS"
-
location
— (String
)Information about the build output artifact location:
-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the name of the output bucket.
-
path
— (String
)Along with
namespaceType
andname
, the pattern that CodeBuild uses to name and store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the path to the output artifact. Ifpath
is not specified,path
is not used.
For example, if
path
is set toMyArtifacts
,namespaceType
is set toNONE
, andname
is set toMyArtifact.zip
, the output artifact is stored in the output bucket atMyArtifacts/MyArtifact.zip
.-
namespaceType
— (String
)Along with
path
andname
, the pattern that CodeBuild uses to determine the name and location to store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, valid values include:-
BUILD_ID
: Include the build ID in the location of the build output artifact. -
NONE
: Do not include the build ID. This is the default ifnamespaceType
is not specified.
-
For example, if
Possible values include:path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set toMyArtifact.zip
, the output artifact is stored inMyArtifacts/<build-ID>/MyArtifact.zip
."NONE"
"BUILD_ID"
-
name
— (String
)Along with
path
andnamespaceType
, the pattern that CodeBuild uses to name and store the output artifact:-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, this is the name of the output artifact object. If you set the name to be a forward slash ("/"), the artifact is stored in the root of the output bucket.
For example:
-
If
path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set toMyArtifact.zip
, then the output artifact is stored inMyArtifacts/<build-ID>/MyArtifact.zip
. -
If
path
is empty,namespaceType
is set toNONE
, andname
is set to "/
", the output artifact is stored in the root of the output bucket. -
If
path
is set toMyArtifacts
,namespaceType
is set toBUILD_ID
, andname
is set to "/
", the output artifact is stored inMyArtifacts/<build-ID>
.
-
packaging
— (String
)The type of build output artifact to create:
-
If
type
is set toCODEPIPELINE
, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output artifacts instead of CodeBuild. -
If
type
is set toNO_ARTIFACTS
, this value is ignored if specified, because no build output is produced. -
If
type
is set toS3
, valid values include:-
NONE
: CodeBuild creates in the output bucket a folder that contains the build output. This is the default ifpackaging
is not specified. -
ZIP
: CodeBuild creates in the output bucket a ZIP file that contains the build output.
-
"NONE"
"ZIP"
-
overrideArtifactName
— (Boolean
)If this flag is set, a name specified in the buildspec file overrides the artifact name. The name specified in a buildspec file is calculated at build time and uses the Shell Command Language. For example, you can append a date and time to your artifact name so that it is always unique.
encryptionDisabled
— (Boolean
)Set to true if you do not want your output artifacts encrypted. This option is valid only if your artifacts type is Amazon S3. If this is set with another artifacts type, an invalidInputException is thrown.
artifactIdentifier
— (String
)An identifier for this artifact definition.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
cache
— (map
)Information about the cache for the build project.
type
— required — (String
)The type of cache used by the build project. Valid values include:
-
NO_CACHE
: The build project does not use any cache. -
S3
: The build project reads and writes from and to S3. -
LOCAL
: The build project stores a cache locally on a build host that is only available to that build host.
"NO_CACHE"
"S3"
"LOCAL"
-
location
— (String
)Information about the cache location:
-
NO_CACHE
orLOCAL
: This value is ignored. -
S3
: This is the S3 bucket name/prefix.
-
modes
— (Array<String>
)An array of strings that specify the local cache modes. You can use one or more local cache modes at the same time. This is only used for
LOCAL
cache types.Possible values are:
- LOCAL_SOURCE_CACHE
-
Caches Git metadata for primary and secondary sources. After the cache is created, subsequent builds pull only the change between commits. This mode is a good choice for projects with a clean working directory and a source that is a large Git repository. If you choose this option and your project does not use a Git repository (GitHub, GitHub Enterprise, or Bitbucket), the option is ignored.
- LOCAL_DOCKER_LAYER_CACHE
-
Caches existing Docker layers. This mode is a good choice for projects that build or pull large Docker images. It can prevent the performance issues caused by pulling large Docker images down from the network.
Note:- You can use a Docker layer cache in the Linux environment only.
- The
privileged
flag must be set so that your project has the required Docker permissions. - You should consider the security implications before you use a Docker layer cache.
- LOCAL_CUSTOM_CACHE
-
Caches directories you specify in the buildspec file. This mode is a good choice if your build scenario is not suited to one of the other three local cache modes. If you use a custom cache:
-
Only directories can be specified for caching. You cannot specify individual files.
-
Symlinks are used to reference cached directories.
-
Cached directories are linked to your build before it downloads its project sources. Cached items are overridden if a source item has the same name. Directories are specified using cache paths in the buildspec file.
-
environment
— (map
)Information about the build environment for this build project.
type
— required — (String
)The type of build environment to use for related builds.
-
The environment type
ARM_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), EU (Ireland), Asia Pacific (Mumbai), Asia Pacific (Tokyo), Asia Pacific (Sydney), and EU (Frankfurt). -
The environment type
LINUX_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney), China (Beijing), and China (Ningxia). -
The environment type
LINUX_GPU_CONTAINER
is available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Canada (Central), EU (Ireland), EU (London), EU (Frankfurt), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Singapore), Asia Pacific (Sydney) , China (Beijing), and China (Ningxia).
-
The environment types
ARM_LAMBDA_CONTAINER
andLINUX_LAMBDA_CONTAINER
are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Frankfurt), EU (Ireland), and South America (São Paulo).
-
The environment types
WINDOWS_CONTAINER
andWINDOWS_SERVER_2019_CONTAINER
are available only in regions US East (N. Virginia), US East (Ohio), US West (Oregon), and EU (Ireland).
Note: If you're using compute fleets during project creation,type
will be ignored.For more information, see Build environment compute types in the CodeBuild user guide.
Possible values include:"WINDOWS_CONTAINER"
"LINUX_CONTAINER"
"LINUX_GPU_CONTAINER"
"ARM_CONTAINER"
"WINDOWS_SERVER_2019_CONTAINER"
"LINUX_LAMBDA_CONTAINER"
"ARM_LAMBDA_CONTAINER"
"MAC_ARM"
-
image
— required — (String
)The image tag or image digest that identifies the Docker image to use for this build project. Use the following formats:
-
For an image tag:
<registry>/<repository>:<tag>
. For example, in the Docker repository that CodeBuild uses to manage its Docker images, this would beaws/codebuild/standard:4.0
. -
For an image digest:
<registry>/<repository>@<digest>
. For example, to specify an image with the digest "sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf," use<registry>/<repository>@sha256:cbbf2f9a99b47fc460d422812b6a5adff7dfee951d8fa2e4a98caa0382cfbdbf
.
For more information, see Docker images provided by CodeBuild in the CodeBuild user guide.
-
computeType
— required — (String
)Information about the compute resources the build project uses. Available values include:
-
BUILD_GENERAL1_SMALL
: Use up to 3 GB memory and 2 vCPUs for builds. -
BUILD_GENERAL1_MEDIUM
: Use up to 7 GB memory and 4 vCPUs for builds. -
BUILD_GENERAL1_LARGE
: Use up to 16 GB memory and 8 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_XLARGE
: Use up to 70 GB memory and 36 vCPUs for builds, depending on your environment type. -
BUILD_GENERAL1_2XLARGE
: Use up to 145 GB memory, 72 vCPUs, and 824 GB of SSD storage for builds. This compute type supports Docker images up to 100 GB uncompressed. -
BUILD_LAMBDA_1GB
: Use up to 1 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_2GB
: Use up to 2 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_4GB
: Use up to 4 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_8GB
: Use up to 8 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
. -
BUILD_LAMBDA_10GB
: Use up to 10 GB memory for builds. Only available for environment typeLINUX_LAMBDA_CONTAINER
andARM_LAMBDA_CONTAINER
.
If you use
BUILD_GENERAL1_SMALL
:-
For environment type
LINUX_CONTAINER
, you can use up to 3 GB memory and 2 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 16 GB memory, 4 vCPUs, and 1 NVIDIA A10G Tensor Core GPU for builds. -
For environment type
ARM_CONTAINER
, you can use up to 4 GB memory and 2 vCPUs on ARM-based processors for builds.
If you use
BUILD_GENERAL1_LARGE
:-
For environment type
LINUX_CONTAINER
, you can use up to 15 GB memory and 8 vCPUs for builds. -
For environment type
LINUX_GPU_CONTAINER
, you can use up to 255 GB memory, 32 vCPUs, and 4 NVIDIA Tesla V100 GPUs for builds. -
For environment type
ARM_CONTAINER
, you can use up to 16 GB memory and 8 vCPUs on ARM-based processors for builds.
Note: If you're using compute fleets during project creation,computeType
will be ignored.For more information, see Build Environment Compute Types in the CodeBuild User Guide.
Possible values include:"BUILD_GENERAL1_SMALL"
"BUILD_GENERAL1_MEDIUM"
"BUILD_GENERAL1_LARGE"
"BUILD_GENERAL1_XLARGE"
"BUILD_GENERAL1_2XLARGE"
"BUILD_LAMBDA_1GB"
"BUILD_LAMBDA_2GB"
"BUILD_LAMBDA_4GB"
"BUILD_LAMBDA_8GB"
"BUILD_LAMBDA_10GB"
-
fleet
— (map
)A ProjectFleet object to use for this build project.
fleetArn
— (String
)Specifies the compute fleet ARN for the build project.
environmentVariables
— (Array<map>
)A set of environment variables to make available to builds for this build project.
name
— required — (String
)The name or key of the environment variable.
value
— required — (String
)The value of the environment variable.
We strongly discourage the use of
PLAINTEXT
environment variables to store sensitive values, especially Amazon Web Services secret key IDs.PLAINTEXT
environment variables can be displayed in plain text using the CodeBuild console and the CLI. For sensitive values, we recommend you use an environment variable of typePARAMETER_STORE
orSECRETS_MANAGER
.type
— (String
)The type of environment variable. Valid values include:
-
PARAMETER_STORE
: An environment variable stored in Systems Manager Parameter Store. For environment variables of this type, specify the name of the parameter as thevalue
of the EnvironmentVariable. The parameter value will be substituted for the name at runtime. You can also define Parameter Store environment variables in the buildspec. To learn how to do so, see env/parameter-store in the CodeBuild User Guide. -
PLAINTEXT
: An environment variable in plain text format. This is the default value. -
SECRETS_MANAGER
: An environment variable stored in Secrets Manager. For environment variables of this type, specify the name of the secret as thevalue
of the EnvironmentVariable. The secret value will be substituted for the name at runtime. You can also define Secrets Manager environment variables in the buildspec. To learn how to do so, see env/secrets-manager in the CodeBuild User Guide.
"PLAINTEXT"
"PARAMETER_STORE"
"SECRETS_MANAGER"
-
privilegedMode
— (Boolean
)Enables running the Docker daemon inside a Docker container. Set to true only if the build project is used to build Docker images. Otherwise, a build that attempts to interact with the Docker daemon fails. The default setting is
false
.You can initialize the Docker daemon during the install phase of your build by adding one of the following sets of commands to the install phase of your buildspec file:
If the operating system's base image is Ubuntu Linux:
- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&
- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"
If the operating system's base image is Alpine Linux and the previous command does not work, add the
-t
argument totimeout
:- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://0.0.0.0:2375 --storage-driver=overlay&
- timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"
certificate
— (String
)The ARN of the Amazon S3 bucket, path prefix, and object key that contains the PEM-encoded certificate for the build project. For more information, see certificate in the CodeBuild User Guide.
registryCredential
— (map
)The credentials for access to a private registry.
credential
— required — (String
)The Amazon Resource Name (ARN) or name of credentials created using Secrets Manager.
Note: Thecredential
can use the name of the credentials only if they exist in your current Amazon Web Services Region.credentialProvider
— required — (String
)The service that created the credentials to access a private Docker registry. The valid value, SECRETS_MANAGER, is for Secrets Manager.
Possible values include:"SECRETS_MANAGER"
imagePullCredentialsType
— (String
)The type of credentials CodeBuild uses to pull images in your build. There are two valid values:
-
CODEBUILD
specifies that CodeBuild uses its own credentials. This requires that you modify your ECR repository policy to trust CodeBuild service principal. -
SERVICE_ROLE
specifies that CodeBuild uses your build project's service role.
When you use a cross-account or private registry image, you must use SERVICE_ROLE credentials. When you use an CodeBuild curated image, you must use CODEBUILD credentials.
Possible values include:"CODEBUILD"
"SERVICE_ROLE"
-
serviceRole
— (String
)The ARN of the IAM role that enables CodeBuild to interact with dependent Amazon Web Services services on behalf of the Amazon Web Services account.
timeoutInMinutes
— (Integer
)How long, in minutes, from 5 to 2160 (36 hours), for CodeBuild to wait before timing out any related build that did not get marked as completed. The default is 60 minutes.
queuedTimeoutInMinutes
— (Integer
)The number of minutes a build is allowed to be queued before it times out.
encryptionKey
— (String
)The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.
Note: You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format
alias/<alias-name>
). If you don't specify a value, CodeBuild uses the managed CMK for Amazon Simple Storage Service (Amazon S3).tags
— (Array<map>
)A list of tag key and value pairs associated with this build project.
These tags are available for use by Amazon Web Services services that support CodeBuild build project tags.
key
— (String
)The tag's key.
value
— (String
)The tag's value.
created
— (Date
)When the build project was created, expressed in Unix time format.
lastModified
— (Date
)When the build project's settings were last modified, expressed in Unix time format.
webhook
— (map
)Information about a webhook that connects repository events to a build project in CodeBuild.
url
— (String
)The URL to the webhook.
payloadUrl
— (String
)The CodeBuild endpoint where webhook events are sent.
secret
— (String
)The secret token of the associated repository.
Note: A Bitbucket webhook does not supportsecret
.branchFilter
— (String
)A regular expression used to determine which repository branches are built when a webhook is triggered. If the name of a branch matches the regular expression, then it is built. If
branchFilter
is empty, then all branches are built.Note: It is recommended that you usefilterGroups
instead ofbranchFilter
.filterGroups
— (Array<Array<map>>
)An array of arrays of
WebhookFilter
objects used to determine which webhooks are triggered. At least oneWebhookFilter
in the array must specifyEVENT
as itstype
.For a build to be triggered, at least one filter group in the
filterGroups
array must pass. For a filter group to pass, each of its filters must pass.type
— required — (String
)The type of webhook filter. There are nine webhook filter types:
EVENT
,ACTOR_ACCOUNT_ID
,HEAD_REF
,BASE_REF
,FILE_PATH
,COMMIT_MESSAGE
,TAG_NAME
,RELEASE_NAME
, andWORKFLOW_NAME
.-
EVENT
-
A webhook event triggers a build when the provided
pattern
matches one of nine event types:PUSH
,PULL_REQUEST_CREATED
,PULL_REQUEST_UPDATED
,PULL_REQUEST_CLOSED
,PULL_REQUEST_REOPENED
,PULL_REQUEST_MERGED
,RELEASED
,PRERELEASED
, andWORKFLOW_JOB_QUEUED
. TheEVENT
patterns are specified as a comma-separated string. For example,PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED
filters all push, pull request created, and pull request updated events.Note: TypesPULL_REQUEST_REOPENED
andWORKFLOW_JOB_QUEUED
work with GitHub and GitHub Enterprise only. TypesRELEASED
andPRERELEASED
work with GitHub only.
-
-
ACTOR_ACCOUNT_ID
-
A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression
pattern
.
-
-
HEAD_REF
-
A webhook event triggers a build when the head reference matches the regular expression
pattern
. For example,refs/heads/branch-name
andrefs/tags/tag-name
.Note: Works with GitHub and GitHub Enterprise push, GitHub and GitHub Enterprise pull request, Bitbucket push, and Bitbucket pull request events.
-
-
BASE_REF
-
A webhook event triggers a build when the base reference matches the regular expression
pattern
. For example,refs/heads/branch-name
.Note: Works with pull request events only.
-
-
FILE_PATH
-
A webhook triggers a build when the path of a changed file matches the regular expression
pattern
.Note: Works with GitHub and Bitbucket events push and pull requests events. Also works with GitHub Enterprise push events, but does not work with GitHub Enterprise pull request events.
-
-
COMMIT_MESSAGE
-
A webhook triggers a build when the head commit message matches the regular expression
pattern
.Note: Works with GitHub and Bitbucket events push and pull requests events. Also works with GitHub Enterprise push events, but does not work with GitHub Enterprise pull request events.
-
-
TAG_NAME
-
A webhook triggers a build when the tag name of the release matches the regular expression
pattern
.Note: Works withRELEASED
andPRERELEASED
events only.
-
-
RELEASE_NAME
-
A webhook triggers a build when the release name matches the regular expression
pattern
.Note: Works withRELEASED
andPRERELEASED
events only.
-
-
REPOSITORY_NAME
-
A webhook triggers a build when the repository name matches the regular expression pattern.
Note: Works with GitHub global or organization webhooks only.
-
-
WORKFLOW_NAME
-
A webhook triggers a build when the workflow name matches the regular expression
pattern
.Note: Works withWORKFLOW_JOB_QUEUED
events only.
-
"EVENT"
"BASE_REF"
"HEAD_REF"
"ACTOR_ACCOUNT_ID"
"FILE_PATH"
"COMMIT_MESSAGE"
"WORKFLOW_NAME"
"TAG_NAME"
"RELEASE_NAME"
-
pattern
— required — (String
)For a
WebHookFilter
that usesEVENT
type, a comma-separated string that specifies one or more events. For example, the webhook filterPUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED
allows all push, pull request created, and pull request updated events to trigger a build.For a
WebHookFilter
that uses any of the other filter types, a regular expression pattern. For example, aWebHookFilter
that usesHEAD_REF
for itstype
and the pattern^refs/heads/
triggers a build when the head reference is a branch with a reference namerefs/heads/branch-name
.excludeMatchedPattern
— (Boolean
)Used to indicate that the
pattern
determines which webhook events do not trigger a build. If true, then a webhook event that does not match thepattern
triggers a build. If false, then a webhook event that matches thepattern
triggers a build.
buildType
— (String
)Specifies the type of build this webhook will trigger.
Possible values include:"BUILD"
"BUILD_BATCH"
manualCreation
— (Boolean
)If manualCreation is true, CodeBuild doesn't create a webhook in GitHub and instead returns
payloadUrl
andsecret
values for the webhook. ThepayloadUrl
andsecret
values in the output can be used to manually create a webhook within GitHub.Note: manualCreation is only available for GitHub webhooks.lastModifiedSecret
— (Date
)A timestamp that indicates the last time a repository's secret token was modified.
scopeConfiguration
— (map
)The scope configuration for global or organization webhooks.
Note: Global or organization webhooks are only available for GitHub and Github Enterprise webhooks.name
— required — (String
)The name of either the enterprise or organization that will send webhook events to CodeBuild, depending on if the webhook is a global or organization webhook respectively.
domain
— (String
)The domain of the GitHub Enterprise organization. Note that this parameter is only required if your project's source type is GITHUB_ENTERPRISE
scope
— required — (String
)The type of scope for a GitHub webhook.
Possible values include:"GITHUB_ORGANIZATION"
"GITHUB_GLOBAL"
vpcConfig
— (map
)Information about the VPC configuration that CodeBuild accesses.
vpcId
— (String
)The ID of the Amazon VPC.
subnets
— (Array<String>
)A list of one or more subnet IDs in your Amazon VPC.
securityGroupIds
— (Array<String>
)A list of one or more security groups IDs in your Amazon VPC.
badge
— (map
)Information about the build badge for the build project.
badgeEnabled
— (Boolean
)Set this to true to generate a publicly accessible URL for your project's build badge.
badgeRequestUrl
— (String
)The publicly-accessible URL through which you can access the build badge for your project.
logsConfig
— (map
)Information about logs for the build project. A project can create logs in CloudWatch Logs, an S3 bucket, or both.
cloudWatchLogs
— (map
)Information about CloudWatch Logs for a build project. CloudWatch Logs are enabled by default.
status
— required — (String
)The current status of the logs in CloudWatch Logs for a build project. Valid values are:
-
ENABLED
: CloudWatch Logs are enabled for this build project. -
DISABLED
: CloudWatch Logs are not enabled for this build project.
"ENABLED"
"DISABLED"
-
groupName
— (String
)The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
streamName
— (String
)The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
s3Logs
— (map
)Information about logs built to an S3 bucket for a build project. S3 logs are not enabled by default.
status
— required — (String
)The current status of the S3 build logs. Valid values are:
-
ENABLED
: S3 build logs are enabled for this build project. -
DISABLED
: S3 build logs are not enabled for this build project.
"ENABLED"
"DISABLED"
-
location
— (String
)The ARN of an S3 bucket and the path prefix for S3 logs. If your Amazon S3 bucket name is
my-bucket
, and your path prefix isbuild-log
, then acceptable formats aremy-bucket/build-log
orarn:aws:s3:::my-bucket/build-log
.encryptionDisabled
— (Boolean
)Set to true if you do not want your S3 build log output encrypted. By default S3 build logs are encrypted.
bucketOwnerAccess
— (String
)Specifies the bucket owner's access for objects that another account uploads to their Amazon S3 bucket. By default, only the account that uploads the objects to the bucket has access to these objects. This property allows you to give the bucket owner access to these objects.
Note: To use this property, your CodeBuild service role must have thes3:PutBucketAcl
permission. This permission allows CodeBuild to modify the access control list for the bucket.This property can be one of the following values:
- NONE
-
The bucket owner does not have access to the objects. This is the default.
- READ_ONLY
-
The bucket owner has read-only access to the objects. The uploading account retains ownership of the objects.
- FULL
-
The bucket owner has full access to the objects. Object ownership is determined by the following criteria:
-
If the bucket is configured with the Bucket owner preferred setting, the bucket owner owns the objects. The uploading account will have object access as specified by the bucket's policy.
-
Otherwise, the uploading account retains ownership of the objects.
For more information about Amazon S3 object ownership, see Controlling ownership of uploaded objects using S3 Object Ownership in the Amazon Simple Storage Service User Guide.
-
"NONE"
"READ_ONLY"
"FULL"
fileSystemLocations
— (Array<map>
)An array of
ProjectFileSystemLocation
objects for a CodeBuild build project. AProjectFileSystemLocation
object specifies theidentifier
,location
,mountOptions
,mountPoint
, andtype
of a file system created using Amazon Elastic File System.type
— (String
)The type of the file system. The one supported type is
Possible values include:EFS
."EFS"
location
— (String
)A string that specifies the location of the file system created by Amazon EFS. Its format is
efs-dns-name:/directory-path
. You can find the DNS name of file system when you view it in the Amazon EFS console. The directory path is a path to a directory in the file system that CodeBuild mounts. For example, if the DNS name of a file system isfs-abcd1234.efs.us-west-2.amazonaws.com
, and its mount directory ismy-efs-mount-directory
, then thelocation
isfs-abcd1234.efs.us-west-2.amazonaws.com:/my-efs-mount-directory
.The directory path in the format
efs-dns-name:/directory-path
is optional. If you do not specify a directory path, the location is only the DNS name and CodeBuild mounts the entire file system.mountPoint
— (String
)The location in the container where you mount the file system.
identifier
— (String
)The name used to access a file system created by Amazon EFS. CodeBuild creates an environment variable by appending the
identifier
in all capital letters toCODEBUILD_
. For example, if you specifymy_efs
foridentifier
, a new environment variable is create namedCODEBUILD_MY_EFS
.The
identifier
is used to mount your file system.mountOptions
— (String
)The mount options for a file system created by Amazon EFS. The default mount options used by CodeBuild are
nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2
. For more information, see Recommended NFS Mount Options.
buildBatchConfig
— (map
)A ProjectBuildBatchConfig object that defines the batch build options for the project.
serviceRole
— (String
)Specifies the service role ARN for the batch build project.
combineArtifacts
— (Boolean
)Specifies if the build artifacts for the batch build should be combined into a single artifact location.
restrictions
— (map
)A
BatchRestrictions
object that specifies the restrictions for the batch build.maximumBuildsAllowed
— (Integer
)Specifies the maximum number of builds allowed.
computeTypesAllowed
— (Array<String>
)An array of strings that specify the compute types that are allowed for the batch build. See Build environment compute types in the CodeBuild User Guide for these values.
timeoutInMins
— (Integer
)Specifies the maximum amount of time, in minutes, that the batch build must be completed in.
batchReportMode
— (String
)Specifies how build status reports are sent to the source provider for the batch build. This property is only used when the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider.
- REPORT_AGGREGATED_BATCH
-
(Default) Aggregate all of the build statuses into a single status report.
- REPORT_INDIVIDUAL_BUILDS
-
Send a separate status report for each individual build.
"REPORT_INDIVIDUAL_BUILDS"
"REPORT_AGGREGATED_BATCH"
concurrentBuildLimit
— (Integer
)The maximum number of concurrent builds that are allowed for this project.
New builds are only started if the current number of builds is less than or equal to this limit. If the current build count meets this limit, new builds are throttled and are not run.
projectVisibility
— (String
)Specifies the visibility of the project's builds. Possible values are:
- PUBLIC_READ
-
The project builds are visible to the public.
- PRIVATE
-
The project builds are not visible to the public.
"PUBLIC_READ"
"PRIVATE"
publicProjectAlias
— (String
)Contains the project identifier used with the public build APIs.
resourceAccessRole
— (String
)The ARN of the IAM role that enables CodeBuild to access the CloudWatch Logs and Amazon S3 artifacts for the project's builds.
-
(AWS.Response)
—
Returns:
updateProjectVisibility(params = {}, callback) ⇒ AWS.Request
Changes the public visibility for a project. The project's build results, logs, and artifacts are available to the general public. For more information, see Public build projects in the CodeBuild User Guide.
The following should be kept in mind when making your projects public: All of a project's build results, logs, and artifacts, including builds that were run when the project was private, are available to the general public. All build logs and artifacts are available to the public. Environment variables, source code, and other sensitive information may have been output to the build logs and artifacts. You must be careful about what information is output to the build logs. Some best practice are: Do not store sensitive values in environment variables. We recommend that you use an Amazon EC2 Systems Manager Parameter Store or Secrets Manager to store sensitive values. Follow Best practices for using webhooks in the CodeBuild User Guide to limit which entities can trigger a build, and do not store the buildspec in the project itself, to ensure that your webhooks are as secure as possible. A malicious user can use public builds to distribute malicious artifacts. We recommend that you review all pull requests to verify that the pull request is a legitimate change. We also recommend that you validate any artifacts with their checksums to make sure that the correct artifacts are being downloaded.
Service Reference:
Examples:
Calling the updateProjectVisibility operation
var params = {
projectArn: 'STRING_VALUE', /* required */
projectVisibility: PUBLIC_READ | PRIVATE, /* required */
resourceAccessRole: 'STRING_VALUE'
};
codebuild.updateProjectVisibility(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
projectArn
— (String
)The Amazon Resource Name (ARN) of the build project.
projectVisibility
— (String
)Specifies the visibility of the project's builds. Possible values are:
- PUBLIC_READ
-
The project builds are visible to the public.
- PRIVATE
-
The project builds are not visible to the public.
"PUBLIC_READ"
"PRIVATE"
resourceAccessRole
— (String
)The ARN of the IAM role that enables CodeBuild to access the CloudWatch Logs and Amazon S3 artifacts for the project's builds.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:projectArn
— (String
)The Amazon Resource Name (ARN) of the build project.
publicProjectAlias
— (String
)Contains the project identifier used with the public build APIs.
projectVisibility
— (String
)Specifies the visibility of the project's builds. Possible values are:
- PUBLIC_READ
-
The project builds are visible to the public.
- PRIVATE
-
The project builds are not visible to the public.
"PUBLIC_READ"
"PRIVATE"
-
(AWS.Response)
—
Returns:
updateReportGroup(params = {}, callback) ⇒ AWS.Request
Updates a report group.
Service Reference:
Examples:
Calling the updateReportGroup operation
var params = {
arn: 'STRING_VALUE', /* required */
exportConfig: {
exportConfigType: S3 | NO_EXPORT,
s3Destination: {
bucket: 'STRING_VALUE',
bucketOwner: 'STRING_VALUE',
encryptionDisabled: true || false,
encryptionKey: 'STRING_VALUE',
packaging: ZIP | NONE,
path: 'STRING_VALUE'
}
},
tags: [
{
key: 'STRING_VALUE',
value: 'STRING_VALUE'
},
/* more items */
]
};
codebuild.updateReportGroup(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
arn
— (String
)The ARN of the report group to update.
exportConfig
— (map
)Used to specify an updated export type. Valid values are:
-
S3
: The report results are exported to an S3 bucket. -
NO_EXPORT
: The report results are not exported.
exportConfigType
— (String
)The export configuration type. Valid values are:
-
S3
: The report results are exported to an S3 bucket. -
NO_EXPORT
: The report results are not exported.
"S3"
"NO_EXPORT"
-
s3Destination
— (map
)A
S3ReportExportConfig
object that contains information about the S3 bucket where the run of a report is exported.bucket
— (String
)The name of the S3 bucket where the raw data of a report are exported.
bucketOwner
— (String
)The Amazon Web Services account identifier of the owner of the Amazon S3 bucket. This allows report data to be exported to an Amazon S3 bucket that is owned by an account other than the account running the build.
path
— (String
)The path to the exported report's raw data results.
packaging
— (String
)The type of build output artifact to create. Valid values include:
-
NONE
: CodeBuild creates the raw data in the output bucket. This is the default if packaging is not specified. -
ZIP
: CodeBuild creates a ZIP file with the raw data in the output bucket.
"ZIP"
"NONE"
-
encryptionKey
— (String
)The encryption key for the report's encrypted raw data.
encryptionDisabled
— (Boolean
)A boolean value that specifies if the results of a report are encrypted.
-
tags
— (Array<map>
)An updated list of tag key and value pairs associated with this report group.
These tags are available for use by Amazon Web Services services that support CodeBuild report group tags.
key
— (String
)The tag's key.
value
— (String
)The tag's value.
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:reportGroup
— (map
)Information about the updated report group.
arn
— (String
)The ARN of the
ReportGroup
.name
— (String
)The name of the
ReportGroup
.type
— (String
)The type of the
ReportGroup
. This can be one of the following values:- CODE_COVERAGE
-
The report group contains code coverage reports.
- TEST
-
The report group contains test reports.
"TEST"
"CODE_COVERAGE"
exportConfig
— (map
)Information about the destination where the raw data of this
ReportGroup
is exported.exportConfigType
— (String
)The export configuration type. Valid values are:
-
S3
: The report results are exported to an S3 bucket. -
NO_EXPORT
: The report results are not exported.
"S3"
"NO_EXPORT"
-
s3Destination
— (map
)A
S3ReportExportConfig
object that contains information about the S3 bucket where the run of a report is exported.bucket
— (String
)The name of the S3 bucket where the raw data of a report are exported.
bucketOwner
— (String
)The Amazon Web Services account identifier of the owner of the Amazon S3 bucket. This allows report data to be exported to an Amazon S3 bucket that is owned by an account other than the account running the build.
path
— (String
)The path to the exported report's raw data results.
packaging
— (String
)The type of build output artifact to create. Valid values include:
-
NONE
: CodeBuild creates the raw data in the output bucket. This is the default if packaging is not specified. -
ZIP
: CodeBuild creates a ZIP file with the raw data in the output bucket.
"ZIP"
"NONE"
-
encryptionKey
— (String
)The encryption key for the report's encrypted raw data.
encryptionDisabled
— (Boolean
)A boolean value that specifies if the results of a report are encrypted.
created
— (Date
)The date and time this
ReportGroup
was created.lastModified
— (Date
)The date and time this
ReportGroup
was last modified.tags
— (Array<map>
)A list of tag key and value pairs associated with this report group.
These tags are available for use by Amazon Web Services services that support CodeBuild report group tags.
key
— (String
)The tag's key.
value
— (String
)The tag's value.
status
— (String
)The status of the report group. This property is read-only.
This can be one of the following values:
- ACTIVE
-
The report group is active.
- DELETING
-
The report group is in the process of being deleted.
"ACTIVE"
"DELETING"
-
(AWS.Response)
—
Returns:
updateWebhook(params = {}, callback) ⇒ AWS.Request
Updates the webhook associated with an CodeBuild build project.
rotateSecret
is ignored. Service Reference:
Examples:
Calling the updateWebhook operation
var params = {
projectName: 'STRING_VALUE', /* required */
branchFilter: 'STRING_VALUE',
buildType: BUILD | BUILD_BATCH,
filterGroups: [
[
{
pattern: 'STRING_VALUE', /* required */
type: EVENT | BASE_REF | HEAD_REF | ACTOR_ACCOUNT_ID | FILE_PATH | COMMIT_MESSAGE | WORKFLOW_NAME | TAG_NAME | RELEASE_NAME, /* required */
excludeMatchedPattern: true || false
},
/* more items */
],
/* more items */
],
rotateSecret: true || false
};
codebuild.updateWebhook(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Parameters:
-
params
(Object)
(defaults to: {})
—
projectName
— (String
)The name of the CodeBuild project.
branchFilter
— (String
)A regular expression used to determine which repository branches are built when a webhook is triggered. If the name of a branch matches the regular expression, then it is built. If
branchFilter
is empty, then all branches are built.Note: It is recommended that you usefilterGroups
instead ofbranchFilter
.rotateSecret
— (Boolean
)A boolean value that specifies whether the associated GitHub repository's secret token should be updated. If you use Bitbucket for your repository,
rotateSecret
is ignored.filterGroups
— (Array<Array<map>>
)An array of arrays of
WebhookFilter
objects used to determine if a webhook event can trigger a build. A filter group must contain at least oneEVENT
WebhookFilter
.type
— required — (String
)The type of webhook filter. There are nine webhook filter types:
EVENT
,ACTOR_ACCOUNT_ID
,HEAD_REF
,BASE_REF
,FILE_PATH
,COMMIT_MESSAGE
,TAG_NAME
,RELEASE_NAME
, andWORKFLOW_NAME
.-
EVENT
-
A webhook event triggers a build when the provided
pattern
matches one of nine event types:PUSH
,PULL_REQUEST_CREATED
,PULL_REQUEST_UPDATED
,PULL_REQUEST_CLOSED
,PULL_REQUEST_REOPENED
,PULL_REQUEST_MERGED
,RELEASED
,PRERELEASED
, andWORKFLOW_JOB_QUEUED
. TheEVENT
patterns are specified as a comma-separated string. For example,PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED
filters all push, pull request created, and pull request updated events.Note: TypesPULL_REQUEST_REOPENED
andWORKFLOW_JOB_QUEUED
work with GitHub and GitHub Enterprise only. TypesRELEASED
andPRERELEASED
work with GitHub only.
-
-
ACTOR_ACCOUNT_ID
-
A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression
pattern
.
-
-
HEAD_REF
-
A webhook event triggers a build when the head reference matches the regular expression
pattern
. For example,refs/heads/branch-name
andrefs/tags/tag-name
.Note: Works with GitHub and GitHub Enterprise push, GitHub and GitHub Enterprise pull request, Bitbucket push, and Bitbucket pull request events.
-
-
BASE_REF
-
A webhook event triggers a build when the base reference matches the regular expression
pattern
. For example,refs/heads/branch-name
.Note: Works with pull request events only.
-
-
FILE_PATH
-
A webhook triggers a build when the path of a changed file matches the regular expression
pattern
.Note: Works with GitHub and Bitbucket events push and pull requests events. Also works with GitHub Enterprise push events, but does not work with GitHub Enterprise pull request events.
-
-
COMMIT_MESSAGE
-
A webhook triggers a build when the head commit message matches the regular expression
pattern
.Note: Works with GitHub and Bitbucket events push and pull requests events. Also works with GitHub Enterprise push events, but does not work with GitHub Enterprise pull request events.
-
-
TAG_NAME
-
A webhook triggers a build when the tag name of the release matches the regular expression
pattern
.Note: Works withRELEASED
andPRERELEASED
events only.
-
-
RELEASE_NAME
-
A webhook triggers a build when the release name matches the regular expression
pattern
.Note: Works withRELEASED
andPRERELEASED
events only.
-
-
REPOSITORY_NAME
-
A webhook triggers a build when the repository name matches the regular expression pattern.
Note: Works with GitHub global or organization webhooks only.
-
-
WORKFLOW_NAME
-
A webhook triggers a build when the workflow name matches the regular expression
pattern
.Note: Works withWORKFLOW_JOB_QUEUED
events only.
-
"EVENT"
"BASE_REF"
"HEAD_REF"
"ACTOR_ACCOUNT_ID"
"FILE_PATH"
"COMMIT_MESSAGE"
"WORKFLOW_NAME"
"TAG_NAME"
"RELEASE_NAME"
-
pattern
— required — (String
)For a
WebHookFilter
that usesEVENT
type, a comma-separated string that specifies one or more events. For example, the webhook filterPUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED
allows all push, pull request created, and pull request updated events to trigger a build.For a
WebHookFilter
that uses any of the other filter types, a regular expression pattern. For example, aWebHookFilter
that usesHEAD_REF
for itstype
and the pattern^refs/heads/
triggers a build when the head reference is a branch with a reference namerefs/heads/branch-name
.excludeMatchedPattern
— (Boolean
)Used to indicate that the
pattern
determines which webhook events do not trigger a build. If true, then a webhook event that does not match thepattern
triggers a build. If false, then a webhook event that matches thepattern
triggers a build.
buildType
— (String
)Specifies the type of build this webhook will trigger.
Possible values include:"BUILD"
"BUILD_BATCH"
Callback (callback):
-
function(err, data) { ... }
Called when a response from the service is returned. If a callback is not supplied, you must call AWS.Request.send() on the returned request object to initiate the request.
Context (this):
-
(AWS.Response)
—
the response object containing error, data properties, and the original request object.
Parameters:
-
err
(Error)
—
the error object returned from the request. Set to
null
if the request is successful. -
data
(Object)
—
the de-serialized data returned from the request. Set to
null
if a request error occurs. Thedata
object has the following properties:webhook
— (map
)Information about a repository's webhook that is associated with a project in CodeBuild.
url
— (String
)The URL to the webhook.
payloadUrl
— (String
)The CodeBuild endpoint where webhook events are sent.
secret
— (String
)The secret token of the associated repository.
Note: A Bitbucket webhook does not supportsecret
.branchFilter
— (String
)A regular expression used to determine which repository branches are built when a webhook is triggered. If the name of a branch matches the regular expression, then it is built. If
branchFilter
is empty, then all branches are built.Note: It is recommended that you usefilterGroups
instead ofbranchFilter
.filterGroups
— (Array<Array<map>>
)An array of arrays of
WebhookFilter
objects used to determine which webhooks are triggered. At least oneWebhookFilter
in the array must specifyEVENT
as itstype
.For a build to be triggered, at least one filter group in the
filterGroups
array must pass. For a filter group to pass, each of its filters must pass.type
— required — (String
)The type of webhook filter. There are nine webhook filter types:
EVENT
,ACTOR_ACCOUNT_ID
,HEAD_REF
,BASE_REF
,FILE_PATH
,COMMIT_MESSAGE
,TAG_NAME
,RELEASE_NAME
, andWORKFLOW_NAME
.-
EVENT
-
A webhook event triggers a build when the provided
pattern
matches one of nine event types:PUSH
,PULL_REQUEST_CREATED
,PULL_REQUEST_UPDATED
,PULL_REQUEST_CLOSED
,PULL_REQUEST_REOPENED
,PULL_REQUEST_MERGED
,RELEASED
,PRERELEASED
, andWORKFLOW_JOB_QUEUED
. TheEVENT
patterns are specified as a comma-separated string. For example,PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED
filters all push, pull request created, and pull request updated events.Note: TypesPULL_REQUEST_REOPENED
andWORKFLOW_JOB_QUEUED
work with GitHub and GitHub Enterprise only. TypesRELEASED
andPRERELEASED
work with GitHub only.
-
-
ACTOR_ACCOUNT_ID
-
A webhook event triggers a build when a GitHub, GitHub Enterprise, or Bitbucket account ID matches the regular expression
pattern
.
-
-
HEAD_REF
-
A webhook event triggers a build when the head reference matches the regular expression
pattern
. For example,refs/heads/branch-name
andrefs/tags/tag-name
.Note: Works with GitHub and GitHub Enterprise push, GitHub and GitHub Enterprise pull request, Bitbucket push, and Bitbucket pull request events.
-
-
BASE_REF
-
A webhook event triggers a build when the base reference matches the regular expression
pattern
. For example,refs/heads/branch-name
.Note: Works with pull request events only.
-
-
FILE_PATH
-
A webhook triggers a build when the path of a changed file matches the regular expression
pattern
.Note: Works with GitHub and Bitbucket events push and pull requests events. Also works with GitHub Enterprise push events, but does not work with GitHub Enterprise pull request events.
-
-
COMMIT_MESSAGE
-
A webhook triggers a build when the head commit message matches the regular expression
pattern
.Note: Works with GitHub and Bitbucket events push and pull requests events. Also works with GitHub Enterprise push events, but does not work with GitHub Enterprise pull request events.
-
-
TAG_NAME
-
A webhook triggers a build when the tag name of the release matches the regular expression
pattern
.Note: Works withRELEASED
andPRERELEASED
events only.
-
-
RELEASE_NAME
-
A webhook triggers a build when the release name matches the regular expression
pattern
.Note: Works withRELEASED
andPRERELEASED
events only.
-
-
REPOSITORY_NAME
-
A webhook triggers a build when the repository name matches the regular expression pattern.
Note: Works with GitHub global or organization webhooks only.
-
-
WORKFLOW_NAME
-
A webhook triggers a build when the workflow name matches the regular expression
pattern
.Note: Works withWORKFLOW_JOB_QUEUED
events only.
-
"EVENT"
"BASE_REF"
"HEAD_REF"
"ACTOR_ACCOUNT_ID"
"FILE_PATH"
"COMMIT_MESSAGE"
"WORKFLOW_NAME"
"TAG_NAME"
"RELEASE_NAME"
-
pattern
— required — (String
)For a
WebHookFilter
that usesEVENT
type, a comma-separated string that specifies one or more events. For example, the webhook filterPUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED
allows all push, pull request created, and pull request updated events to trigger a build.For a
WebHookFilter
that uses any of the other filter types, a regular expression pattern. For example, aWebHookFilter
that usesHEAD_REF
for itstype
and the pattern^refs/heads/
triggers a build when the head reference is a branch with a reference namerefs/heads/branch-name
.excludeMatchedPattern
— (Boolean
)Used to indicate that the
pattern
determines which webhook events do not trigger a build. If true, then a webhook event that does not match thepattern
triggers a build. If false, then a webhook event that matches thepattern
triggers a build.
buildType
— (String
)Specifies the type of build this webhook will trigger.
Possible values include:"BUILD"
"BUILD_BATCH"
manualCreation
— (Boolean
)If manualCreation is true, CodeBuild doesn't create a webhook in GitHub and instead returns
payloadUrl
andsecret
values for the webhook. ThepayloadUrl
andsecret
values in the output can be used to manually create a webhook within GitHub.Note: manualCreation is only available for GitHub webhooks.lastModifiedSecret
— (Date
)A timestamp that indicates the last time a repository's secret token was modified.
scopeConfiguration
— (map
)The scope configuration for global or organization webhooks.
Note: Global or organization webhooks are only available for GitHub and Github Enterprise webhooks.name
— required — (String
)The name of either the enterprise or organization that will send webhook events to CodeBuild, depending on if the webhook is a global or organization webhook respectively.
domain
— (String
)The domain of the GitHub Enterprise organization. Note that this parameter is only required if your project's source type is GITHUB_ENTERPRISE
scope
— required — (String
)The type of scope for a GitHub webhook.
Possible values include:"GITHUB_ORGANIZATION"
"GITHUB_GLOBAL"
-
(AWS.Response)
—
Returns: