Getting started with CodeBuild - AWS CodeBuild
Getting started using the consoleGetting started using the AWS CLI

Getting started with CodeBuild

In the following tutorials, you use AWS CodeBuild to build a collection of sample source code input files into a deployable version of the source code.

Both tutorials have the same input and results, but one uses the AWS CodeBuild console and the other uses the AWS CLI.

Important

We do not recommend that you use your AWS root account to complete this tutorial.

Getting started with AWS CodeBuild using the console

In this tutorial, you use AWS CodeBuild to build a collection of sample source code input files (build input artifacts or build input) into a deployable version of the source code (build output artifact or build output). Specifically, you instruct CodeBuild to use Apache Maven, a common build tool, to build a set of Java class files into a Java Archive (JAR) file. You do not need to be familiar with Apache Maven or Java to complete this tutorial.

You can work with CodeBuild through the CodeBuild console, AWS CodePipeline, the AWS CLI, or the AWS SDKs. This tutorial demonstrates how to use the CodeBuild console. For information about using CodePipeline, see Use CodeBuild with CodePipeline.

Important

The steps in this tutorial require you to create resources (for example, an S3 bucket) that might result in charges to your AWS account. These include possible charges for CodeBuild and for AWS resources and actions related to Amazon S3, AWS KMS, and CloudWatch Logs. For more information, see AWS CodeBuild pricing, Amazon S3 pricing, AWS Key Management Service pricing, and Amazon CloudWatch pricing.

Step 1: Create the source code

(Part of: Getting started with AWS CodeBuild using the console)

In this step, you create the source code that you want CodeBuild to build to the output bucket. This source code consists of two Java class files and an Apache Maven Project Object Model (POM) file.

  1. In an empty directory on your local computer or instance, create this directory structure.

    (root directory name)
    `-- src
         |-- main
         |     `-- java
         `-- test
               `-- java

  2. Using a text editor of your choice, create this file, name it MessageUtil.java, and then save it in the src/main/java directory.

    public class MessageUtil {
  private String message;

  public MessageUtil(String message) {
    this.message = message;
  }

  public String printMessage() {
    System.out.println(message);
    return message;
  }

  public String salutationMessage() {
    message = "Hi!" + message;
    System.out.println(message);
    return message;
  }
}

    This class file creates as output the string of characters passed into it. The MessageUtil constructor sets the string of characters. The printMessage method creates the output. The salutationMessage method outputs Hi! followed by the string of characters.

  3. Create this file, name it TestMessageUtil.java, and then save it in the /src/test/java directory.

    import org.junit.Test;
import org.junit.Ignore;
import static org.junit.Assert.assertEquals;

public class TestMessageUtil {

  String message = "Robert";    
  MessageUtil messageUtil = new MessageUtil(message);
   
  @Test
  public void testPrintMessage() {      
    System.out.println("Inside testPrintMessage()");     
    assertEquals(message,messageUtil.printMessage());
  }

  @Test
  public void testSalutationMessage() {
    System.out.println("Inside testSalutationMessage()");
    message = "Hi!" + "Robert";
    assertEquals(message,messageUtil.salutationMessage());
  }
}

    This class file sets the message variable in the MessageUtil class to Robert. It then tests to see if the message variable was successfully set by checking whether the strings Robert and Hi!Robert appear in the output.

  4. Create this file, name it pom.xml, and then save it in the root (top level) directory.

    <project xmlns="http://maven.apache.org/POM/4.0.0" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
  <modelVersion>4.0.0</modelVersion>
  <groupId>org.example</groupId>
  <artifactId>messageUtil</artifactId>
  <version>1.0</version>
  <packaging>jar</packaging>
  <name>Message Utility Java Sample App</name>
  <dependencies>
    <dependency>
      <groupId>junit</groupId>
      <artifactId>junit</artifactId>
      <version>4.11</version>
      <scope>test</scope>
    </dependency>	
  </dependencies>
  <build>
    <plugins>
      <plugin>
        <groupId>org.apache.maven.plugins</groupId>
        <artifactId>maven-compiler-plugin</artifactId>
        <version>3.8.0</version>
      </plugin>
    </plugins>
  </build>
</project>

    Apache Maven uses the instructions in this file to convert the MessageUtil.java and TestMessageUtil.java files into a file named messageUtil-1.0.jar and then run the specified tests.

At this point, your directory structure should look like this.

(root directory name)
    |-- pom.xml
    `-- src
         |-- main
         |     `-- java
         |           `-- MessageUtil.java
         `-- test
               `-- java
                     `-- TestMessageUtil.java

Step 2: Create the buildspec file

(Previous step: Step 1: Create the source code)

In this step, you create a build specification (build spec) file. A buildspec is a collection of build commands and related settings, in YAML format, that CodeBuild uses to run a build. Without a build spec, CodeBuild cannot successfully convert your build input into build output or locate the build output artifact in the build environment to upload to your output bucket.

Create this file, name it buildspec.yml, and then save it in the root (top level) directory.

version: 0.2

phases:
  install:
    runtime-versions:
      java: corretto11
  pre_build:
    commands:
      - echo Nothing to do in the pre_build phase...
  build:
    commands:
      - echo Build started on `date`
      - mvn install
  post_build:
    commands:
      - echo Build completed on `date`
artifacts:
  files:
    - target/messageUtil-1.0.jar
Important

Because a build spec declaration must be valid YAML, the spacing in a build spec declaration is important. If the number of spaces in your build spec declaration does not match this one, the build might fail immediately. You can use a YAML validator to test whether your build spec declaration is valid YAML.

Note

Instead of including a build spec file in your source code, you can declare build commands separately when you create a build project. This is helpful if you want to build your source code with different build commands without updating your source code's repository each time. For more information, see Buildspec syntax.

In this build spec declaration:

  • version represents the version of the build spec standard being used. This build spec declaration uses the latest version, 0.2.

  • phases represents the build phases during which you can instruct CodeBuild to run commands. These build phases are listed here as install, pre_build, build, and post_build. You cannot change the spelling of these build phase names, and you cannot create more build phase names.

    In this example, during the build phase, CodeBuild runs the mvn install command. This command instructs Apache Maven to compile, test, and package the compiled Java class files into a build output artifact. For completeness, a few echo commands are placed in each build phase in this example. When you view detailed build information later in this tutorial, the output of these echo commands can help you better understand how CodeBuild runs commands and in which order. (Although all build phases are included in this example, you are not required to include a build phase if you do not plan to run any commands during that phase.) For each build phase, CodeBuild runs each specified command, one at a time, in the order listed, from beginning to end.

  • artifacts represents the set of build output artifacts that CodeBuild uploads to the output bucket. files represents the files to include in the build output. CodeBuild uploads the single messageUtil-1.0.jar file found in the target relative directory in the build environment. The file name messageUtil-1.0.jar and the directory name target are based on the way Apache Maven creates and stores build output artifacts for this example only. In your own builds, these file names and directories are different.

For more information, see the Buildspec reference.

At this point, your directory structure should look like this.

(root directory name)
    |-- pom.xml
    |-- buildspec.yml
    `-- src
         |-- main
         |     `-- java
         |           `-- MessageUtil.java
         `-- test
               `-- java
                     `-- TestMessageUtil.java

Step 3: Create two S3 buckets

(Previous step: Step 2: Create the buildspec file)

Although you can use a single bucket for this tutorial, two buckets makes it easier to see where the build input is coming from and where the build output is going.

  • One of these buckets (the input bucket) stores the build input. In this tutorial, the name of this input bucket is codebuild-region-ID-account-ID-input-bucket, where region-ID is the AWS Region of the bucket and account-ID is your AWS account ID.

  • The other bucket (the output bucket) stores the build output. In this tutorial, the name of this output bucket is codebuild-region-ID-account-ID-output-bucket.

If you chose different names for these buckets, be sure to use them throughout this tutorial.

These two buckets must be in the same AWS Region as your builds. For example, if you instruct CodeBuild to run a build in the US East (Ohio) Region, these buckets must also be in the US East (Ohio) Region.

For more information, see Creating a Bucket in the Amazon Simple Storage Service User Guide.

Note

Although CodeBuild also supports build input stored in CodeCommit, GitHub, and Bitbucket repositories, this tutorial does not show you how to use them. For more information, see Plan a build.

Step 4: Upload the source code and the buildspec file

(Previous step: Step 3: Create two S3 buckets)

In this step, you add the source code and build spec file to the input bucket.

Using your operating system's zip utility, create a file named MessageUtil.zip that includes MessageUtil.java, TestMessageUtil.java, pom.xml, and buildspec.yml.

The MessageUtil.zip file's directory structure must look like this.

MessageUtil.zip
    |-- pom.xml
    |-- buildspec.yml
    `-- src
         |-- main
         |     `-- java
         |           `-- MessageUtil.java
         `-- test
               `-- java
                     `-- TestMessageUtil.java
Important

Do not include the (root directory name) directory, only the directories and files in the (root directory name) directory.

Upload the MessageUtil.zip file to the input bucket named codebuild-region-ID-account-ID-input-bucket.

Important

For CodeCommit, GitHub, and Bitbucket repositories, by convention, you must store a build spec file named buildspec.yml in the root (top level) of each repository or include the build spec declaration as part of the build project definition. Do not create a ZIP file that contains the repository's source code and build spec file.

For build input stored in S3 buckets only, you must create a ZIP file that contains the source code and, by convention, a build spec file named buildspec.yml at the root (top level) or include the build spec declaration as part of the build project definition.

If you want to use a different name for your build spec file, or you want to reference a build spec in a location other than the root, you can specify a build spec override as part of the build project definition. For more information, see Buildspec file name and storage location.

Step 5: Create the build project

(Previous step: Step 4: Upload the source code and the buildspec file)

In this step, you create a build project that AWS CodeBuild uses to run the build. A build project includes information about how to run a build, including where to get the source code, which build environment to use, which build commands to run, and where to store the build output. A build environment represents a combination of operating system, programming language runtime, and tools that CodeBuild uses to run a build. The build environment is expressed as a Docker image. For more information, see Docker overview on the Docker Docs website.

For this build environment, you instruct CodeBuild to use a Docker image that contains a version of the Java Development Kit (JDK) and Apache Maven.

To create the build project

  1. Sign in to the AWS Management Console and open the AWS CodeBuild console at https://console.aws.amazon.com/codesuite/codebuild/home.

  2. Use the AWS region selector to choose an AWS Region where CodeBuild is supported. For more information, see AWS CodeBuild endpoints and quotas in the Amazon Web Services General Reference.

  3. If a CodeBuild information page is displayed, choose Create build project. Otherwise, on the navigation pane, expand Build, choose Build projects, and then choose Create build project.

  4. On the Create build project page, in Project configuration, for Project name, enter a name for this build project (in this example, codebuild-demo-project). Build project names must be unique across each AWS account. If you use a different name, be sure to use it throughout this tutorial.

    Note

    On the Create build project page, you might see an error message similar to the following: You are not authorized to perform this operation.. This is most likely because you signed in to the AWS Management Console as an user who does not have permissions to create a build project.. To fix this, sign out of the AWS Management Console, and then sign back in with credentials belonging to one of the following IAM entities:

    • An administrator user in your AWS account. For more information, see Creating your first AWS account root user and group in the user Guide.

    • An user in your AWS account with the AWSCodeBuildAdminAccess, AmazonS3ReadOnlyAccess, and IAMFullAccess managed policies attached to that user or to an IAM group that the user belongs to. If you do not have an user or group in your AWS account with these permissions, and you cannot add these permissions to your user or group, contact your AWS account administrator for assistance. For more information, see AWS managed (predefined) policies for AWS CodeBuild.

    Both options include administrator permissions that allow you to create a build project so you can complete this tutorial. We recommend that you always use the minimum permissions required to accomplish your task. For more information, see AWS CodeBuild permissions reference.

  5. In Source, for Source provider, choose Amazon S3.

  6. For Bucket, choose codebuild-region-ID-account-ID-input-bucket.

  7. For S3 object key, enter MessageUtil.zip.

  8. In Environment, for Environment image, leave Managed image selected.

  9. For Operating system, choose Amazon Linux 2.

  10. For Runtime(s), choose Standard.

  11. For Image, choose aws/codebuild/amazonlinux2-x86_64-standard:4.0.

  12. In Service role, leave New service role selected, and leave Role name unchanged.

  13. For Buildspec, leave Use a buildspec file selected.

  14. In Artifacts, for Type, choose Amazon S3.

  15. For Bucket name, choose codebuild-region-ID-account-ID-output-bucket.

  16. Leave Name and Path blank.

  17. Choose Create build project.

Step 6: Run the build

(Previous step: Step 5: Create the build project)

In this step, you instruct AWS CodeBuild to run the build with the settings in the build project.

To run the build

  1. Open the AWS CodeBuild console at https://console.aws.amazon.com/codesuite/codebuild/home.

  2. In the navigation pane, choose Build projects.

  3. In the list of build projects, choose codebuild-demo-project, and then choose Start build. The build starts immediately.

Step 7: View summarized build information

(Previous step: Step 6: Run the build)

In this step, you view summarized information about the status of your build.

To view summarized build information

  1. If the codebuild-demo-project:<build-ID> page is not displayed, in the navigation bar, choose Build history. Next, in the list of build projects, for Project, choose the Build run link for codebuild-demo-project. There should be only one matching link. (If you have completed this tutorial before, choose the link with the most recent value in the Completed column.)

  2. On the Build status page, in Phase details, the following build phases should be displayed, with Succeeded in the Status column:

    • SUBMITTED

    • QUEUED

    • PROVISIONING

    • DOWNLOAD_SOURCE

    • INSTALL

    • PRE_BUILD

    • BUILD

    • POST_BUILD

    • UPLOAD_ARTIFACTS

    • FINALIZING

    • COMPLETED

    In Build Status, Succeeded should be displayed.

    If you see In Progress instead, choose the refresh button.

  3. Next to each build phase, the Duration value indicates how long the build phase lasted. The End time value indicates when that build phase ended.

Step 8: View detailed build information

(Previous step: Step 7: View summarized build information)

In this step, you view detailed information about your build in CloudWatch Logs.

Note

To protect sensitive information, the following are hidden in CodeBuild logs:

To view detailed build information

  1. With the build details page still displayed from the previous step, the last 10,000 lines of the build log are displayed in Build logs. To see the entire build log in CloudWatch Logs, choose the View entire log link.

  2. In the CloudWatch Logs log stream, you can browse the log events. By default, only the last set of log events is displayed. To see earlier log events, scroll to the beginning of the list.

  3. In this tutorial, most of the log events contain verbose information about CodeBuild downloading and installing build dependency files into its build environment, which you probably don't care about. You can use the Filter events box to reduce the information displayed. For example, if you enter "[INFO]" in Filter events, only those events that contain [INFO] are displayed. For more information, see Filter and pattern syntax in the Amazon CloudWatch User Guide.

Step 9: Get the build output artifact

(Previous step: Step 8: View detailed build information)

In this step, you get the messageUtil-1.0.jar file that CodeBuild built and uploaded to the output bucket.

You can use the CodeBuild console or the Amazon S3 console to complete this step.

To get the build output artifact (AWS CodeBuild console)

  1. With the CodeBuild console still open and the build details page still displayed from the previous step, choose the Build details tab and scroll down to the Artifacts section.

    Note

    If the build details page is not displayed, in the navigation bar, choose Build history, and then choose the Build run link.

  2. The link to the Amazon S3 folder is under the Artifacts upload location. This link opens the folder in Amazon S3 where you find the messageUtil-1.0.jar build output artifact file.

To get the build output artifact (Amazon S3 console)

  1. Open the Amazon S3 console at https://console.aws.amazon.com/s3/.

  2. Open codebuild-region-ID-account-ID-output-bucket.

  3. Open the codebuild-demo-project folder.

  4. Open the target folder, where you find the messageUtil-1.0.jar build output artifact file.

Step 10: Delete the S3 buckets

(Previous step: Step 9: Get the build output artifact)

To prevent ongoing charges to your AWS account, you can delete the input and output buckets used in this tutorial. For instructions, see Deleting or Emptying a Bucket in the Amazon Simple Storage Service User Guide.

If you are using the IAM user or an administrator IAM user to delete these buckets, the user must have more access permissions. Add the following statement between the markers (### BEGIN ADDING STATEMENT HERE ### and ### END ADDING STATEMENTS HERE ###) to an existing access policy for the user.

The ellipses (...) in this statement are used for brevity. Do not remove any statements in the existing access policy. Do not enter these ellipses into the policy.

{
  "Version": "2012-10-17",
  "Id": "...",
  "Statement": [
    ### BEGIN ADDING STATEMENT HERE ###
    {
      "Effect": "Allow",
      "Action": [
        "s3:DeleteBucket",
        "s3:DeleteObject"
      ],
      "Resource": "*"
    }
    ### END ADDING STATEMENT HERE ###
  ]
}

Wrapping up

In this tutorial, you used AWS CodeBuild to build a set of Java class files into a JAR file. You then viewed the build's results.

You can now try using CodeBuild in your own scenarios. Follow the instructions in Plan a build. If you don't feel ready yet, you might want to try building some of the samples. For more information, see Use case-based samples for CodeBuild.

Getting started with AWS CodeBuild using the AWS CLI

In this tutorial, you use AWS CodeBuild to build a collection of sample source code input files (called build input artifacts or build input) into a deployable version of the source code (called build output artifact or build output). Specifically, you instruct CodeBuild to use Apache Maven, a common build tool, to build a set of Java class files into a Java Archive (JAR) file. You do not need to be familiar with Apache Maven or Java to complete this tutorial.

You can work with CodeBuild through the CodeBuild console, AWS CodePipeline, the AWS CLI, or the AWS SDKs. This tutorial demonstrates how to use CodeBuild with the AWS CLI. For information about using CodePipeline, see Use CodeBuild with CodePipeline.

Important

The steps in this tutorial require you to create resources (for example, an S3 bucket) that might result in charges to your AWS account. These include possible charges for CodeBuild and for AWS resources and actions related to Amazon S3, AWS KMS, and CloudWatch Logs. For more information, see CodeBuild pricing, Amazon S3 pricing, AWS Key Management Service pricing, and Amazon CloudWatch pricing.

Step 1: Create the source code

(Part of: Getting started with AWS CodeBuild using the AWS CLI)

In this step, you create the source code that you want CodeBuild to build to the output bucket. This source code consists of two Java class files and an Apache Maven Project Object Model (POM) file.

  1. In an empty directory on your local computer or instance, create this directory structure.

    (root directory name)
    `-- src
         |-- main
         |     `-- java
         `-- test
               `-- java

  2. Using a text editor of your choice, create this file, name it MessageUtil.java, and then save it in the src/main/java directory.

    public class MessageUtil {
  private String message;

  public MessageUtil(String message) {
    this.message = message;
  }

  public String printMessage() {
    System.out.println(message);
    return message;
  }

  public String salutationMessage() {
    message = "Hi!" + message;
    System.out.println(message);
    return message;
  }
}

    This class file creates as output the string of characters passed into it. The MessageUtil constructor sets the string of characters. The printMessage method creates the output. The salutationMessage method outputs Hi! followed by the string of characters.

  3. Create this file, name it TestMessageUtil.java, and then save it in the /src/test/java directory.

    import org.junit.Test;
import org.junit.Ignore;
import static org.junit.Assert.assertEquals;

public class TestMessageUtil {

  String message = "Robert";    
  MessageUtil messageUtil = new MessageUtil(message);
   
  @Test
  public void testPrintMessage() {      
    System.out.println("Inside testPrintMessage()");     
    assertEquals(message,messageUtil.printMessage());
  }

  @Test
  public void testSalutationMessage() {
    System.out.println("Inside testSalutationMessage()");
    message = "Hi!" + "Robert";
    assertEquals(message,messageUtil.salutationMessage());
  }
}

    This class file sets the message variable in the MessageUtil class to Robert. It then tests to see if the message variable was successfully set by checking whether the strings Robert and Hi!Robert appear in the output.

  4. Create this file, name it pom.xml, and then save it in the root (top level) directory.

    <project xmlns="http://maven.apache.org/POM/4.0.0" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
  <modelVersion>4.0.0</modelVersion>
  <groupId>org.example</groupId>
  <artifactId>messageUtil</artifactId>
  <version>1.0</version>
  <packaging>jar</packaging>
  <name>Message Utility Java Sample App</name>
  <dependencies>
    <dependency>
      <groupId>junit</groupId>
      <artifactId>junit</artifactId>
      <version>4.11</version>
      <scope>test</scope>
    </dependency>	
  </dependencies>
  <build>
    <plugins>
      <plugin>
        <groupId>org.apache.maven.plugins</groupId>
        <artifactId>maven-compiler-plugin</artifactId>
        <version>3.8.0</version>
      </plugin>
    </plugins>
  </build>
</project>

    Apache Maven uses the instructions in this file to convert the MessageUtil.java and TestMessageUtil.java files into a file named messageUtil-1.0.jar and then run the specified tests.

At this point, your directory structure should look like this.

(root directory name)
    |-- pom.xml
    `-- src
         |-- main
         |     `-- java
         |           `-- MessageUtil.java
         `-- test
               `-- java
                     `-- TestMessageUtil.java

Step 2: Create the buildspec file

(Previous step: Step 1: Create the source code)

In this step, you create a build specification (build spec) file. A buildspec is a collection of build commands and related settings, in YAML format, that CodeBuild uses to run a build. Without a build spec, CodeBuild cannot successfully convert your build input into build output or locate the build output artifact in the build environment to upload to your output bucket.

Create this file, name it buildspec.yml, and then save it in the root (top level) directory.

version: 0.2

phases:
  install:
    runtime-versions:
      java: corretto11
  pre_build:
    commands:
      - echo Nothing to do in the pre_build phase...
  build:
    commands:
      - echo Build started on `date`
      - mvn install
  post_build:
    commands:
      - echo Build completed on `date`
artifacts:
  files:
    - target/messageUtil-1.0.jar
Important

Because a build spec declaration must be valid YAML, the spacing in a build spec declaration is important. If the number of spaces in your build spec declaration does not match this one, the build might fail immediately. You can use a YAML validator to test whether your build spec declaration is valid YAML.

Note

Instead of including a build spec file in your source code, you can declare build commands separately when you create a build project. This is helpful if you want to build your source code with different build commands without updating your source code's repository each time. For more information, see Buildspec syntax.

In this build spec declaration:

  • version represents the version of the build spec standard being used. This build spec declaration uses the latest version, 0.2.

  • phases represents the build phases during which you can instruct CodeBuild to run commands. These build phases are listed here as install, pre_build, build, and post_build. You cannot change the spelling of these build phase names, and you cannot create more build phase names.

    In this example, during the build phase, CodeBuild runs the mvn install command. This command instructs Apache Maven to compile, test, and package the compiled Java class files into a build output artifact. For completeness, a few echo commands are placed in each build phase in this example. When you view detailed build information later in this tutorial, the output of these echo commands can help you better understand how CodeBuild runs commands and in which order. (Although all build phases are included in this example, you are not required to include a build phase if you do not plan to run any commands during that phase.) For each build phase, CodeBuild runs each specified command, one at a time, in the order listed, from beginning to end.

  • artifacts represents the set of build output artifacts that CodeBuild uploads to the output bucket. files represents the files to include in the build output. CodeBuild uploads the single messageUtil-1.0.jar file found in the target relative directory in the build environment. The file name messageUtil-1.0.jar and the directory name target are based on the way Apache Maven creates and stores build output artifacts for this example only. In your own builds, these file names and directories are different.

For more information, see the Buildspec reference.

At this point, your directory structure should look like this.

(root directory name)
    |-- pom.xml
    |-- buildspec.yml
    `-- src
         |-- main
         |     `-- java
         |           `-- MessageUtil.java
         `-- test
               `-- java
                     `-- TestMessageUtil.java

Step 3: Create two S3 buckets

(Previous step: Step 2: Create the buildspec file)

Although you can use a single bucket for this tutorial, two buckets makes it easier to see where the build input is coming from and where the build output is going.

  • One of these buckets (the input bucket) stores the build input. In this tutorial, the name of this input bucket is codebuild-region-ID-account-ID-input-bucket, where region-ID is the AWS Region of the bucket and account-ID is your AWS account ID.

  • The other bucket (the output bucket) stores the build output. In this tutorial, the name of this output bucket is codebuild-region-ID-account-ID-output-bucket.

If you chose different names for these buckets, be sure to use them throughout this tutorial.

These two buckets must be in the same AWS Region as your builds. For example, if you instruct CodeBuild to run a build in the US East (Ohio) Region, these buckets must also be in the US East (Ohio) Region.

For more information, see Creating a Bucket in the Amazon Simple Storage Service User Guide.

Note

Although CodeBuild also supports build input stored in CodeCommit, GitHub, and Bitbucket repositories, this tutorial does not show you how to use them. For more information, see Plan a build.

Step 4: Upload the source code and the buildspec file

(Previous step: Step 3: Create two S3 buckets)

In this step, you add the source code and build spec file to the input bucket.

Using your operating system's zip utility, create a file named MessageUtil.zip that includes MessageUtil.java, TestMessageUtil.java, pom.xml, and buildspec.yml.

The MessageUtil.zip file's directory structure must look like this.

MessageUtil.zip
    |-- pom.xml
    |-- buildspec.yml
    `-- src
         |-- main
         |     `-- java
         |           `-- MessageUtil.java
         `-- test
               `-- java
                     `-- TestMessageUtil.java
Important

Do not include the (root directory name) directory, only the directories and files in the (root directory name) directory.

Upload the MessageUtil.zip file to the input bucket named codebuild-region-ID-account-ID-input-bucket.

Important

For CodeCommit, GitHub, and Bitbucket repositories, by convention, you must store a build spec file named buildspec.yml in the root (top level) of each repository or include the build spec declaration as part of the build project definition. Do not create a ZIP file that contains the repository's source code and build spec file.

For build input stored in S3 buckets only, you must create a ZIP file that contains the source code and, by convention, a build spec file named buildspec.yml at the root (top level) or include the build spec declaration as part of the build project definition.

If you want to use a different name for your build spec file, or you want to reference a build spec in a location other than the root, you can specify a build spec override as part of the build project definition. For more information, see Buildspec file name and storage location.

Step 5: Create the build project

(Previous step: Step 4: Upload the source code and the buildspec file)

In this step, you create a build project that AWS CodeBuild uses to run the build. A build project includes information about how to run a build, including where to get the source code, which build environment to use, which build commands to run, and where to store the build output. A build environment represents a combination of operating system, programming language runtime, and tools that CodeBuild uses to run a build. The build environment is expressed as a Docker image. For more information, see Docker overview on the Docker Docs website.

For this build environment, you instruct CodeBuild to use a Docker image that contains a version of the Java Development Kit (JDK) and Apache Maven.

To create the build project

  1. Use the AWS CLI to run the create-project command:

    aws codebuild create-project --generate-cli-skeleton

    JSON-formatted data appears in the output. Copy the data to a file named create-project.json in a location on the local computer or instance where the AWS CLI is installed. If you choose to use a different file name, be sure to use it throughout this tutorial.

    Modify the copied data to follow this format, and then save your results:

    {
  "name": "codebuild-demo-project",
  "source": {
    "type": "S3",
    "location": "codebuild-region-ID-account-ID-input-bucket/MessageUtil.zip"
  },
  "artifacts": {
    "type": "S3",
    "location": "codebuild-region-ID-account-ID-output-bucket"
  },
  "environment": {
    "type": "LINUX_CONTAINER",
    "image": "aws/codebuild/standard:5.0",
    "computeType": "BUILD_GENERAL1_SMALL"
  },
  "serviceRole": "serviceIAMRole"
}

    Replace serviceIAMRole with the Amazon Resource Name (ARN) of a CodeBuild service role (for example, arn:aws:iam::account-ID:role/role-name). To create one, see Allow CodeBuild to interact with other AWS services.

    In this data:

    • name represents a required identifier for this build project (in this example, codebuild-demo-project). Build project names must be unique across all build projects in your account.

    • For source, type is a required value that represents the source code's repository type (in this example, S3 for an Amazon S3 bucket).

    • For source, location represents the path to the source code (in this example, the input bucket name followed by the ZIP file name).

    • For artifacts, type is a required value that represents the build output artifact's repository type (in this example, S3 for an Amazon S3 bucket).

    • For artifacts, location represents the name of the output bucket you created or identified earlier (in this example, codebuild-region-ID-account-ID-output-bucket).

    • For environment, type is a required value that represents the type of build environment (in this example, LINUX_CONTAINER).

    • For environment, image is a required value that represents the Docker image name and tag combination this build project uses, as specified by the Docker image repository type (in this example, aws/codebuild/standard:5.0 for a Docker image in the CodeBuild Docker images repository). aws/codebuild/standard is the name of the Docker image. 5.0 is the tag of the Docker image.

      To find more Docker images you can use in your scenarios, see the Build environment reference.

    • For environment, computeType is a required value that represents the computing resources CodeBuild uses (in this example, BUILD_GENERAL1_SMALL).

    Note

    Other available values in the original JSON-formatted data, such as description, buildspec, auth (including type and resource), path, namespaceType, name (for artifacts), packaging, environmentVariables (including name and value), timeoutInMinutes, encryptionKey, and tags (including key and value) are optional. They are not used in this tutorial, so they are not shown here. For more information, see Create a build project (AWS CLI).

  2. Switch to the directory that contains the file you just saved, and then run the create-project command again.

    aws codebuild create-project --cli-input-json file://create-project.json

    If successful, data similar to this appears in the output.

    {
  "project": {
    "name": "codebuild-demo-project",
    "serviceRole": "serviceIAMRole",
    "tags": [],
    "artifacts": {
      "packaging": "NONE",
      "type": "S3",
      "location": "codebuild-region-ID-account-ID-output-bucket",
      "name": "message-util.zip"
    },
    "lastModified": 1472661575.244,
    "timeoutInMinutes": 60,
    "created": 1472661575.244,
    "environment": {
      "computeType": "BUILD_GENERAL1_SMALL",
      "image": "aws/codebuild/standard:5.0",
      "type": "LINUX_CONTAINER",
      "environmentVariables": []
    },
    "source": {
      "type": "S3",
      "location": "codebuild-region-ID-account-ID-input-bucket/MessageUtil.zip"
    },
    "encryptionKey": "arn:aws:kms:region-ID:account-ID:alias/aws/s3",
    "arn": "arn:aws:codebuild:region-ID:account-ID:project/codebuild-demo-project"
  }
}

    • project represents information about this build project.

      • tags represents any tags that were declared.

      • packaging represents how the build output artifact is stored in the output bucket. NONE means that a folder is created in the output bucket. The build output artifact is stored in that folder.

      • lastModified represents the time, in Unix time format, when information about the build project was last changed.

      • timeoutInMinutes represents the number of minutes after which CodeBuild stops the build if the build has not been completed. (The default is 60 minutes.)

      • created represents the time, in Unix time format, when the build project was created.

      • environmentVariables represents any environment variables that were declared and are available for CodeBuild to use during the build.

      • encryptionKey represents the ARN of the customer managed key that CodeBuild used to encrypt the build output artifact.

      • arn represents the ARN of the build project.

Note

After you run the create-project command, an error message similar to the following might be output: User: user-ARN is not authorized to perform: codebuild:CreateProject. This is most likely because you configured the AWS CLI with the credentials of an user who does not have sufficient permissions to use CodeBuild to create build projects. To fix this, configure the AWS CLI with credentials belonging to one of the following IAM entities:

  • An administrator user in your AWS account. For more information, see Creating your first AWS account root user and group in the user Guide.

  • An user in your AWS account with the AWSCodeBuildAdminAccess, AmazonS3ReadOnlyAccess, and IAMFullAccess managed policies attached to that user or to an IAM group that the user belongs to. If you do not have an user or group in your AWS account with these permissions, and you cannot add these permissions to your user or group, contact your AWS account administrator for assistance. For more information, see AWS managed (predefined) policies for AWS CodeBuild.

Step 6: Run the build

(Previous step: Step 5: Create the build project)

In this step, you instruct AWS CodeBuild to run the build with the settings in the build project.

To run the build

  1. Use the AWS CLI to run the start-build command:

    aws codebuild start-build --project-name project-name

    Replace project-name with your build project name from the previous step (for example, codebuild-demo-project).

  2. If successful, data similar to the following appears in the output:

    {
  "build": { 
    "buildComplete": false,
    "initiator": "user-name",   
    "artifacts": { 
      "location": "arn:aws:s3:::codebuild-region-ID-account-ID-output-bucket/message-util.zip"
    },
    "projectName": "codebuild-demo-project",
    "timeoutInMinutes": 60, 
    "buildStatus": "IN_PROGRESS",
    "environment": {
      "computeType": "BUILD_GENERAL1_SMALL",
      "image": "aws/codebuild/standard:5.0",
      "type": "LINUX_CONTAINER",
      "environmentVariables": []
    },
    "source": {
      "type": "S3",
      "location": "codebuild-region-ID-account-ID-input-bucket/MessageUtil.zip"
    },
    "currentPhase": "SUBMITTED",
    "startTime": 1472848787.882,
    "id": "codebuild-demo-project:0cfbb6ec-3db9-4e8c-992b-1ab28EXAMPLE",
    "arn": "arn:aws:codebuild:region-ID:account-ID:build/codebuild-demo-project:0cfbb6ec-3db9-4e8c-992b-1ab28EXAMPLE"    
  }
}

    • build represents information about this build.

      • buildComplete represents whether the build was completed (true). Otherwise, false.

      • initiator represents the entity that started the build.

      • artifacts represents information about the build output, including its location.

      • projectName represents the name of the build project.

      • buildStatus represents the current build status when the start-build command was run.

      • currentPhase represents the current build phase when the start-build command was run.

      • startTime represents the time, in Unix time format, when the build process started.

      • id represents the ID of the build.

      • arn represents the ARN of the build.

    Make a note of the id value. You need it in the next step.

Step 7: View summarized build information

(Previous step: Step 6: Run the build)

In this step, you view summarized information about the status of your build.

To view summarized build information

  • Use the AWS CLI to run the batch-get-builds command.

    aws codebuild batch-get-builds --ids id

    Replace id with the id value that appeared in the output of the previous step.

    If successful, data similar to this appears in the output.

    {
  "buildsNotFound": [],
  "builds": [
    {
      "buildComplete": true,
      "phases": [
        {
          "phaseStatus": "SUCCEEDED",
          "endTime": 1472848788.525,
          "phaseType": "SUBMITTED",
          "durationInSeconds": 0,
          "startTime": 1472848787.882
        },
        ... The full list of build phases has been omitted for brevity ...
        {
          "phaseType": "COMPLETED",
          "startTime": 1472848878.079
        }
      ],
      "logs": {
        "groupName": "/aws/codebuild/codebuild-demo-project",
        "deepLink": "https://console.aws.amazon.com/cloudwatch/home?region=region-ID#logEvent:group=/aws/codebuild/codebuild-demo-project;stream=38ca1c4a-e9ca-4dbc-bef1-d52bfEXAMPLE",
        "streamName": "38ca1c4a-e9ca-4dbc-bef1-d52bfEXAMPLE"
      },
      "artifacts": {
        "md5sum": "MD5-hash",
        "location": "arn:aws:s3:::codebuild-region-ID-account-ID-output-bucket/message-util.zip",
        "sha256sum": "SHA-256-hash"
      },
      "projectName": "codebuild-demo-project",
      "timeoutInMinutes": 60,
      "initiator": "user-name",
      "buildStatus": "SUCCEEDED",
      "environment": {
        "computeType": "BUILD_GENERAL1_SMALL",
        "image": "aws/codebuild/standard:5.0",
        "type": "LINUX_CONTAINER",
        "environmentVariables": []
      },
      "source": {
        "type": "S3",
        "location": "codebuild-region-ID-account-ID-input-bucket/MessageUtil.zip"
      },
      "currentPhase": "COMPLETED",
      "startTime": 1472848787.882,
      "endTime": 1472848878.079,
      "id": "codebuild-demo-project:38ca1c4a-e9ca-4dbc-bef1-d52bfEXAMPLE",
      "arn": "arn:aws:codebuild:region-ID:account-ID:build/codebuild-demo-project:38ca1c4a-e9ca-4dbc-bef1-d52bfEXAMPLE"      
    }
  ]
}

    • buildsNotFound represents the build IDs for any builds where information is not available. In this example, it should be empty.

    • builds represents information about each build where information is available. In this example, information about only one build appears in the output.

      • phases represents the set of build phases CodeBuild runs during the build process. Information about each build phase is listed separately as startTime, endTime, and durationInSeconds (when the build phase started and ended, expressed in Unix time format, and how long it lasted, in seconds), and phaseType such as (SUBMITTED, PROVISIONING, DOWNLOAD_SOURCE, INSTALL, PRE_BUILD, BUILD, POST_BUILD, UPLOAD_ARTIFACTS, FINALIZING, or COMPLETED) and phaseStatus (such as SUCCEEDED, FAILED, FAULT, TIMED_OUT, IN_PROGRESS, or STOPPED). The first time you run the batch-get-builds command, there might not be many (or any) phases. After subsequent runs of the batch-get-builds command with the same build ID, more build phases should appear in the output.

      • logs represents information in Amazon CloudWatch Logs about the build's logs.

      • md5sum and sha256sum represent MD5 and SHA-256 hashes of the build's output artifact. These appear in the output only if the build project's packaging value is set to ZIP. (You did not set this value in this tutorial.) You can use these hashes along with a checksum tool to confirm file integrity and authenticity.

        Note

        You can also use the Amazon S3 console to view these hashes. Select the box next to the build output artifact, choose Actions, and then choose Properties. In the Properties pane, expand Metadata, and view the values for x-amz-meta-codebuild-content-md5 and x-amz-meta-codebuild-content-sha256. (In the Amazon S3 console, the build output artifact's ETag value should not be interpreted to be either the MD5 or SHA-256 hash.)

        If you use the AWS SDKs to get these hashes, the values are named codebuild-content-md5 and codebuild-content-sha256.

      • endTime represents the time, in Unix time format, when the build process ended.

    Note

    Amazon S3 metadata has a CodeBuild header named x-amz-meta-codebuild-buildarn which contains the buildArn of the CodeBuild build that publishes artifacts to Amazon S3. The buildArn is added to allow source tracking for notifications and to reference which build the artifact is generated from.

Step 8: View detailed build information

(Previous step: Step 7: View summarized build information)

In this step, you view detailed information about your build in CloudWatch Logs.

Note

To protect sensitive information, the following are hidden in CodeBuild logs:

To view detailed build information

  1. Use your web browser to go to the deepLink location that appeared in the output in the previous step (for example, https://console.aws.amazon.com/cloudwatch/home?region=region-ID#logEvent:group=/aws/codebuild/codebuild-demo-project;stream=38ca1c4a-e9ca-4dbc-bef1-d52bfEXAMPLE).

  2. In the CloudWatch Logs log stream, you can browse the log events. By default, only the last set of log events is displayed. To see earlier log events, scroll to the beginning of the list.

  3. In this tutorial, most of the log events contain verbose information about CodeBuild downloading and installing build dependency files into its build environment, which you probably don't care about. You can use the Filter events box to reduce the information displayed. For example, if you enter "[INFO]" in Filter events, only those events that contain [INFO] are displayed. For more information, see Filter and pattern syntax in the Amazon CloudWatch User Guide.

These portions of a CloudWatch Logs log stream pertain to this tutorial.

...
[Container] 2016/04/15 17:49:42 Entering phase PRE_BUILD 
[Container] 2016/04/15 17:49:42 Running command echo Entering pre_build phase...
[Container] 2016/04/15 17:49:42 Entering pre_build phase... 
[Container] 2016/04/15 17:49:42 Phase complete: PRE_BUILD Success: true 
[Container] 2016/04/15 17:49:42 Entering phase BUILD 
[Container] 2016/04/15 17:49:42 Running command echo Entering build phase... 
[Container] 2016/04/15 17:49:42 Entering build phase...
[Container] 2016/04/15 17:49:42 Running command mvn install 
[Container] 2016/04/15 17:49:44 [INFO] Scanning for projects... 
[Container] 2016/04/15 17:49:44 [INFO]
[Container] 2016/04/15 17:49:44 [INFO] ------------------------------------------------------------------------ 
[Container] 2016/04/15 17:49:44 [INFO] Building Message Utility Java Sample App 1.0 
[Container] 2016/04/15 17:49:44 [INFO] ------------------------------------------------------------------------ 
... 
[Container] 2016/04/15 17:49:55 ------------------------------------------------------- 
[Container] 2016/04/15 17:49:55  T E S T S 
[Container] 2016/04/15 17:49:55 ------------------------------------------------------- 
[Container] 2016/04/15 17:49:55 Running TestMessageUtil 
[Container] 2016/04/15 17:49:55 Inside testSalutationMessage() 
[Container] 2016/04/15 17:49:55 Hi!Robert 
[Container] 2016/04/15 17:49:55 Inside testPrintMessage() 
[Container] 2016/04/15 17:49:55 Robert 
[Container] 2016/04/15 17:49:55 Tests run: 2, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 0.018 sec
[Container] 2016/04/15 17:49:55  
[Container] 2016/04/15 17:49:55 Results : 
[Container] 2016/04/15 17:49:55  
[Container] 2016/04/15 17:49:55 Tests run: 2, Failures: 0, Errors: 0, Skipped: 0 
...
[Container] 2016/04/15 17:49:56 [INFO] ------------------------------------------------------------------------ 
[Container] 2016/04/15 17:49:56 [INFO] BUILD SUCCESS 
[Container] 2016/04/15 17:49:56 [INFO] ------------------------------------------------------------------------ 
[Container] 2016/04/15 17:49:56 [INFO] Total time: 11.845 s 
[Container] 2016/04/15 17:49:56 [INFO] Finished at: 2016-04-15T17:49:56+00:00 
[Container] 2016/04/15 17:49:56 [INFO] Final Memory: 18M/216M 
[Container] 2016/04/15 17:49:56 [INFO] ------------------------------------------------------------------------ 
[Container] 2016/04/15 17:49:56 Phase complete: BUILD Success: true 
[Container] 2016/04/15 17:49:56 Entering phase POST_BUILD 
[Container] 2016/04/15 17:49:56 Running command echo Entering post_build phase... 
[Container] 2016/04/15 17:49:56 Entering post_build phase... 
[Container] 2016/04/15 17:49:56 Phase complete: POST_BUILD Success: true 
[Container] 2016/04/15 17:49:57 Preparing to copy artifacts 
[Container] 2016/04/15 17:49:57 Assembling file list 
[Container] 2016/04/15 17:49:57 Expanding target/messageUtil-1.0.jar 
[Container] 2016/04/15 17:49:57 Found target/messageUtil-1.0.jar 
[Container] 2016/04/15 17:49:57 Creating zip artifact

In this example, CodeBuild successfully completed the pre-build, build, and post-build build phases. It ran the unit tests and successfully built the messageUtil-1.0.jar file.

Step 9: Get the build output artifact

(Previous step: Step 8: View detailed build information)

In this step, you get the messageUtil-1.0.jar file that CodeBuild built and uploaded to the output bucket.

You can use the CodeBuild console or the Amazon S3 console to complete this step.

To get the build output artifact (AWS CodeBuild console)

  1. With the CodeBuild console still open and the build details page still displayed from the previous step, choose the Build details tab and scroll down to the Artifacts section.

    Note

    If the build details page is not displayed, in the navigation bar, choose Build history, and then choose the Build run link.

  2. The link to the Amazon S3 folder is under the Artifacts upload location. This link opens the folder in Amazon S3 where you find the messageUtil-1.0.jar build output artifact file.

To get the build output artifact (Amazon S3 console)

  1. Open the Amazon S3 console at https://console.aws.amazon.com/s3/.

  2. Open codebuild-region-ID-account-ID-output-bucket.

  3. Open the codebuild-demo-project folder.

  4. Open the target folder, where you find the messageUtil-1.0.jar build output artifact file.

Step 10: Delete the S3 buckets

(Previous step: Step 9: Get the build output artifact)

To prevent ongoing charges to your AWS account, you can delete the input and output buckets used in this tutorial. For instructions, see Deleting or Emptying a Bucket in the Amazon Simple Storage Service User Guide.

If you are using the IAM user or an administrator IAM user to delete these buckets, the user must have more access permissions. Add the following statement between the markers (### BEGIN ADDING STATEMENT HERE ### and ### END ADDING STATEMENTS HERE ###) to an existing access policy for the user.

The ellipses (...) in this statement are used for brevity. Do not remove any statements in the existing access policy. Do not enter these ellipses into the policy.

{
  "Version": "2012-10-17",
  "Id": "...",
  "Statement": [
    ### BEGIN ADDING STATEMENT HERE ###
    {
      "Effect": "Allow",
      "Action": [
        "s3:DeleteBucket",
        "s3:DeleteObject"
      ],
      "Resource": "*"
    }
    ### END ADDING STATEMENT HERE ###
  ]
}

Wrapping up

In this tutorial, you used AWS CodeBuild to build a set of Java class files into a JAR file. You then viewed the build's results.

You can now try using CodeBuild in your own scenarios. Follow the instructions in Plan a build. If you don't feel ready yet, you might want to try building some of the samples. For more information, see Use case-based samples for CodeBuild.