A Comprehensive Guide to Using the AWS CodeBuild Plugin for Jenkins

Jul 16, 2021 | Programming

Are you looking to enhance your Jenkins setup with automated build capabilities using AWS CodeBuild? This guide will walk you through the entire process, from installation to usage, ensuring that you can effectively manage your builds within your Jenkins projects.

Plugin Installation

If you’re already rocking a Jenkins setup and want to install the AWS CodeBuild plugin, follow these simple steps:

  • Open your Jenkins instance.
  • Navigate to the Plugin Manager.
  • Search for “AWS CodeBuild”.
  • Click on Install and wait for the process to complete.

Plugin Usage

This section breaks down the steps required to use the AWS CodeBuild plugin effectively.

Using AWS CodeBuild with Source Available Outside of Your VPC

  1. Create a Project

    Head over to the AWS CodeBuild console and:

    • Switch to your preferred region.
    • Consider setting Amazon VPC configuration if you need access to resources within your VPC.
    • Take note of your project name for future reference.
    • Optional: If your source isn’t natively supported, set the input source type as S3.

  2. Create AWS IAM User

    You need a dedicated IAM user for Jenkins. Here’s the process:

    • Create a policy similar to the one used below.
    • Access the IAM console and create a new user.
    • Set the access type to Programmatic Access.
    • Attach the policy to the user you just created.

  3. Create a Freestyle Project in Jenkins

    On the Configure page, follow these steps:

    • Select Add build step and click on Run build on AWS CodeBuild.
    • Input your Region, Credentials from the user you just created, and ProjectName.
    • Select Use Project source.
    • Save your configuration and run a build from Jenkins.

  4. Source Code Management

    Choose how you’d like to retrieve your source code. You may need to install plugins like GitHub Plugin or another appropriate source repository provider for Jenkins.

    Repeat the build step configuration as mentioned earlier, selecting Use Jenkins source this time to finalize.

Policy Sample for IAM User

Below is a sample policy for your IAM user:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Resource": ["arn:aws:logs:region:awsAccountId:log-group:awscodebuildprojectName:*"],
            "Action": ["logs:GetLogEvents"]
        },
        {
            "Effect": "Allow",
            "Resource": ["arn:aws:s3:::inputBucket"],
            "Action": ["s3:GetBucketVersioning"]
        },
        {
            "Effect": "Allow",
            "Resource": ["arn:aws:s3:::inputBucketinputObject"],
            "Action": ["s3:PutObject"]
        },
        {
            "Effect": "Allow",
            "Resource": ["arn:aws:s3:::outputBucket*"],
            "Action": ["s3:GetObject"]
        },
        {
            "Effect": "Allow",
            "Resource": ["arn:aws:codebuild:region:awsAccountId:projectprojectName"],
            "Action": [
                "codebuild:StartBuild",
                "codebuild:BatchGetBuilds",
                "codebuild:BatchGetProjects"
            ]
        }
    ]
}

Using the AWS CodeBuild Plugin with Jenkins Pipeline Plugin

For those interested in integrating with the Jenkins Pipeline Plugin, you can utilize the snippet generator to create a pipeline script:

This is what it might look like:

awsCodeBuild projectName: project, credentialsType: keys, region: us-west-2, sourceControlType: jenkins

This snippet returns a result object with helpful methods for later steps, such as:

  • getBuildId(): Retrieves the build ID.
  • getArn(): Retrieves the ARN of the build.
  • getArtifactsLocation(): Gets the S3 ARN of the artifacts location.

AWS Credentials in Jenkins

It’s best practice to use the Jenkins credentials store for your AWS credentials. Make sure your credentials are of type CodeBuild Credentials to be compatible with the plugin.

Here’s how to specify your credentials in the CodeBuild configuration:

awsCodeBuild projectName: project,
credentialsType: keys,
awsAccessKey: env.AWS_ACCESS_KEY_ID,
awsSecretKey: env.AWS_SECRET_ACCESS_KEY,
awsSessionToken: env.AWS_SESSION_TOKEN

If you don’t specify the access and secret keys, the plugin will try to use the default credentials provider chain.

Troubleshooting Tips

If you encounter any issues while setting up or using the AWS CodeBuild plugin, here are some troubleshooting ideas:

  • Double-check the AWS IAM user permissions are correctly set for AWS CodeBuild operations.
  • Ensure you’ve attached policies that allow access to necessary resources like logs and S3 buckets.
  • If you are struggling with credentials, consider logging onto the Jenkins console and verifying that the credentials are stored in the right format.
  • Restart Jenkins to refresh configurations if necessary.

For more insights, updates, or to collaborate on AI development projects, stay connected with fxis.ai.

Conclusion

Combining Jenkins with AWS CodeBuild can greatly streamline your build processes, fostering efficient and robust application deployment. At fxis.ai, we believe that such advancements are crucial for the future of AI, as they enable more comprehensive and effective solutions. Our team is continually exploring new methodologies to push the envelope in artificial intelligence, ensuring that our clients benefit from the latest technological innovations.

Stay Informed with the Newest F(x) Insights and Blogs

Tech News and Blog Highlights, Straight to Your Inbox

Let’s Build Success Together