aws_codebuild
- Components
- Code examples
Manage Codebuild
--- installs the codebuild module
SELECT * FROM iasql_install('<modules>');
--- check generate_put_ecr_image_build_spec with no build args
SELECT generate_put_ecr_image_build_spec('us-west-2', 'latest', 'my-repository', 'myrepouri.com', 'examples/ecs-fargate/prisma/app');
--- check generate_put_ecr_image_build_spec
SELECT generate_put_ecr_image_build_spec('us-west-2', 'latest', 'my-repository', 'myrepouri.com', 'examples/ecs-fargate/prisma/app', array['IASQL_ENV=local', 'SECRET=secret']);
--- imports a new source credential
SELECT * FROM import_source_credential('<region>', '<GH_PAT>', 'GITHUB', 'PERSONAL_ACCESS_TOKEN');
--- check new source_credentials_list
SELECT *
FROM source_credentials_list
WHERE source_type = 'GITHUB';
--- delete source_credentials_list
DELETE FROM source_credentials_list
WHERE source_type = 'GITHUB';
--- adds a new repository
INSERT INTO repository (repository_name)
VALUES ('<dbAlias>');
--- adds a new role
INSERT INTO iam_role (role_name, assume_role_policy_document, attached_policies_arns)
VALUES ('<dbAlias>', '<assumeServicePolicy>', array ['arn:aws:iam::aws:policy/CloudWatchLogsFullAccess',
'arn:aws:iam::aws:policy/AWSCodeBuildAdminAccess',
'arn:aws:iam::aws:policy/AWSCodeStarFullAccess',
'arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryFullAccess']);
--- adds a new codebuild_project with codepipeline type
INSERT INTO codebuild_project (project_name, source_type, service_role_name)
VALUES ('<dbAlias>-codepipeline', 'CODEPIPELINE', '<dbAlias>');
--- check new project exists
SELECT *
FROM codebuild_project
WHERE project_name='<dbAlias>-codepipeline';
--- deletes codebuild codepipeline project
DELETE FROM codebuild_project WHERE project_name='<dbAlias>-codepipeline';
--- start and wait for build
SELECT * FROM start_build('<dbAlias>', '<region>');
--- check build exists in list
SELECT * FROM codebuild_build_list
WHERE project_name = '<dbAlias>';
--- creates a project that pushes to ecr
INSERT INTO codebuild_project (project_name, build_spec, source_type, privileged_mode, service_role_name)
VALUES ('<dbAlias>-push-ecr', 'version: 0.2
phases:
pre_build:
commands:
- echo Logging in to Amazon ECR...
- aws ecr get-login-password --region<region>| docker login --username AWS --password-stdin ' || (SELECT repository_uri FROM repository WHERE repository_name = '<dbAlias>' ) || '
build:
commands:
- echo Building the Docker image...
- docker pull public.ecr.aws/docker/library/ubuntu:latest
- docker tag public.ecr.aws/docker/library/ubuntu:latest ' || (SELECT repository_uri FROM repository WHERE repository_name = '<dbAlias>' ) || ':latest
post_build:
commands:
- echo Pushing the Docker image...
- docker push ' || (SELECT repository_uri FROM repository WHERE repository_name = '<dbAlias>' ) || ':latest', 'NO_SOURCE', true, '<dbAlias>');
--- start ecr build and wait
SELECT * FROM start_build('<dbAlias>-push-ecr', '<region>');
--- check successful build exists in list
SELECT * FROM codebuild_build_list
WHERE project_name = '<dbAlias>-push-ecr' AND build_status='SUCCEEDED';
--- checks the image is pushed to ecr
SELECT *
FROM repository_image
WHERE private_repository_id = (SELECT id FROM repository WHERE repository_name = '<dbAlias>');
--- deletes the image
DELETE
FROM repository_image
WHERE private_repository_id = (SELECT id FROM repository WHERE repository_name = '<dbAlias>');
--- delete build
DELETE FROM codebuild_build_list
WHERE project_name in ('<dbAlias>', '<dbAlias>-push-ecr');
--- delete project
DELETE FROM codebuild_project
WHERE project_name in ('<dbAlias>', '<dbAlias>-push-ecr');
--- delete repository
DELETE FROM repository
WHERE repository_name = '<dbAlias>';
--- delete role
DELETE FROM iam_role
WHERE role_name = '<dbAlias>';