如何将环境变量传递给 AWS 代码构建的 buildspec.yml

Question

I have the following command in my buildspec.yml file in my gatsby site root directory.

version: 0.2

phases:
  install:
    commands:
      - npm i npm@latest -g
      - npm install --global gatsby-cli
      - npm install
      - pip install --upgrade pip
      - pip install --upgrade awscli
  build:
    commands:
      - gatsby build
  post_build:
    commands:
      - aws s3 sync public/ s3://stagging

I have 2 environments, staggin and production. Is there a way that i can maybe automate the sync command here to use some kind of variable to change the environment when i do codebuild. Maybe i can pass the environment name via command line.

Answer 1

When you create a codebuild you can pass environment variables.

{
  "name": "sample-docker-project",
  "source": {
    "type": "S3",
    "location": "codebuild-region-ID-account-ID-input-bucket/DockerSample.zip"
  },
  "artifacts": {
    "type": "NO_ARTIFACTS"
  },
  "environment": {
    "type": "LINUX_CONTAINER",
    "image": "aws/codebuild/docker:17.09.0",
    "computeType": "BUILD_GENERAL1_SMALL",
    "environmentVariables": [
      {
        "name": "AWS_DEFAULT_REGION",
        "value": "region-ID"
      },
      {
        "name": "AWS_ACCOUNT_ID",
        "value": "account-ID"
      },
      {
        "name": "IMAGE_REPO_NAME",
        "value": "Amazon-ECR-repo-name"
      },
      {
        "name": "IMAGE_TAG",
        "value": "latest"
      }
    ]
  },
  "serviceRole": "arn:aws:iam::account-ID:role/role-name",
  "encryptionKey": "arn:aws:kms:region-ID:account-ID:key/key-ID"
}

Then in your buildspec.yml you can refer them like regular environment variables with $IMAGE_REPO_NAME .

version: 0.2

phases:
  pre_build:
    commands:
      - echo Logging in to Amazon ECR...
      - $(aws ecr get-login --no-include-email --region $AWS_DEFAULT_REGION)
  build:
    commands:
      - echo Build started on `date`
      - echo Building the Docker image...          
      - docker build -t $IMAGE_REPO_NAME:$IMAGE_TAG .
      - docker tag $IMAGE_REPO_NAME:$IMAGE_TAG $AWS_ACCOUNT_ID.dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com/$IMAGE_REPO_NAME:$IMAGE_TAG      
  post_build:
    commands:
      - echo Build completed on `date`
      - echo Pushing the Docker image...
      - docker push $AWS_ACCOUNT_ID.dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com/$IMAGE_REPO_NAME:$IMAGE_TAG

What you can not do is create only 1 codebuild and pass variables to it like a script, so you need to create 2 codebuilds, but 1 buildspec.yml.

More information here: https://docs.aws.amazon.com/codebuild/latest/userguide/sample-docker.html

Answer 2

Based on the documentation you can use the following format:

env:
  variables:
    key: "value"
    key: "value"

Answer 3

Another approach will be prepare an script and a YAML with all the config variables needed.

The script file yaml_to_envvars.sh (modified from here https://stackoverflow.com/a/21189044/2275126 ):

#!/bin/bash

prefix=$2
s='[[:space:]]*' w='[a-zA-Z0-9_]*' fs=$(echo @|tr @ '\034')
sed -ne "s|^\($s\):|\1|" \
     -e "s|^\($s\)\($w\)$s:$s[\"']\(.*\)[\"']$s\$|\1$fs\2$fs\3|p" \
     -e "s|^\($s\)\($w\)$s:$s\(.*\)$s\$|\1$fs\2$fs\3|p"  $1 |
awk -F$fs '{
   indent = length($1)/2;
   vname[indent] = $2;
   for (i in vname) {if (i > indent) {delete vname[i]}}
   if (length($3) > 0) {
      vn=""; for (i=0; i<indent; i++) {vn=(vn)(vname[i])("_")}
      printf("conf_%s%s%s=\"%s\"\n", "'$prefix'",vn, $2, $3);
   }
}'

The YAML file settings.yml :

common:
  key1: value1
dev:
  key2: value2
test:
  key3: value3

And in your pre_build section commands run the following:

- chmod u+x yaml_to_envvars.sh
- ./yaml_to_envvars.sh settings.yml > variables.env
- |-
   for NEWVAR in $(cat variables.env); do
       export $NEWVAR
   done

Then you will have available variables inside your buildspec as:

$ echo $conf_common_key1
value1
$ echo $conf_dev_key2
value2
$ echo $conf_test_key3
value3