Menu
I have a buildspec.yml file in my CodeBuild that I want to read values out of EC2 Systems Manager Parameter Store. CodeBuild supports doing this via the parameter-store attribute in your spec file.
Problem is, I can't figure out how to use enviornment Variables that are set BEFORE the buidlspec executes.
Here is an example:
version: 0.2
env:
variables:
RUNTIME: "nodejs8.10"
#parameter-store vars are in the format /[stage]/[repo]/[branch]/[eyecatcher]/key
parameter-store: #see https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec-ref-syntax
LAMBDA_EXECUTION_ROLE_ARN: "/${STAGE}/deep-link/${BRANCH}/GetUri/lambdaExecutionRoleArn"
ENV_SAMPLE_KEY: "/${STAGE}/deep-link/${BRANCH}/GetUri/key1"
phases:
install:
commands:
...
As you can see I'm doing the AWS best practice for name-spacing the EC2 Systems Manager Parameter Store keys. I want to re-use this build spec for all my stages, so hard coding is not an option. The vars I use in the Value string are populated as EnvironmentVariables in my CodeBuild project - so they are available before the spec runs.
How do I dynamically populate the Value of the parameter-store Keys with something that is not hard coded?
569
Choose an existing CodeBuild build project name or choose Create project. On Create build project, create a build project, and then choose Return to CodePipeline. Under Environment variables, choose Add environment variables. For example, enter the execution ID with the variable syntax #{codepipeline.
When you create a codebuild you can pass environment variables. Then in your buildspec. yml you can refer them like regular environment variables with $IMAGE_REPO_NAME . What you can not do is create only 1 codebuild and pass variables to it like a script, so you need to create 2 codebuilds, but 1 buildspec.
If you include a buildspec as part of the source code, by default, the buildspec file must be named buildspec. yml and placed in the root of your source directory.
The artifacts section also uses the $CODEBUILD_BUILD_NUMBER variable as a namespace to better associate the reports with a specific build when sending to the S3 bucket. For more details on how to configure artifacts in a project build, read the artifacts section in the AWS CodeBuild buildspec reference guide.
This variable expansion is now supported in CodeBuild for parameter-store use case. You can define any environment variable in your buildspec and have that referenced in the path to fetch the parameter store.
version: 0.2
env:
variables:
stage: PRE_PROD
parameter-store:
encryptedVar: CodeBuild-$stage
phases:
build:
commands:
- echo $encryptedVar
I found this StackOverflow post - unfortunately the feature you describe does not seem to exist.
It would have been nice to be able to use parameters and functions akin to the features in CloudFormation templates.
22
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
