CodeBuildActionProps

class aws_cdk.aws_codepipeline_actions.CodeBuildActionProps(*, action_name, run_order=None, variables_namespace=None, role=None, input, project, check_secrets_in_plain_text_env_variables=None, combine_batch_build_artifacts=None, environment_variables=None, execute_batch_build=None, extra_inputs=None, outputs=None, type=None)

Bases: CommonAwsActionProps

Construction properties of the CodeBuildAction CodeBuild build CodePipeline action.

Parameters:

  • action_name (str) – The physical, human-readable name of the Action. Note that Action names must be unique within a single Stage.

  • run_order (Union[int, float, None]) – The runOrder property for this Action. RunOrder determines the relative order in which multiple Actions in the same Stage execute. Default: 1

  • variables_namespace (Optional[str]) – The name of the namespace to use for variables emitted by this action. Default: - a name will be generated, based on the stage and action names, if any of the action’s variables were referenced - otherwise, no namespace will be set

  • role (Optional[IRole]) – The Role in which context’s this Action will be executing in. The Pipeline’s Role will assume this Role (the required permissions for that will be granted automatically) right before executing this Action. This Action will be passed into your IAction.bind method in the ActionBindOptions.role property. Default: a new Role will be generated

  • input (Artifact) – The source to use as input for this action.

  • project (IProject) – The action’s Project.

  • check_secrets_in_plain_text_env_variables (Optional[bool]) – Whether to check for the presence of any secrets in the environment variables of the default type, BuildEnvironmentVariableType.PLAINTEXT. Since using a secret for the value of that kind of variable would result in it being displayed in plain text in the AWS Console, the construct will throw an exception if it detects a secret was passed there. Pass this property as false if you want to skip this validation, and keep using a secret in a plain text environment variable. Default: true

  • combine_batch_build_artifacts (Optional[bool]) – Combine the build artifacts for a batch builds. Enabling this will combine the build artifacts into the same location for batch builds. If executeBatchBuild is not set to true, this property is ignored. Default: false

  • environment_variables (Optional[Mapping[str, Union[BuildEnvironmentVariable, Dict[str, Any]]]]) – The environment variables to pass to the CodeBuild project when this action executes. If a variable with the same name was set both on the project level, and here, this value will take precedence. Default: - No additional environment variables are specified.

  • execute_batch_build (Optional[bool]) – Trigger a batch build. Enabling this will enable batch builds on the CodeBuild project. Default: false

  • extra_inputs (Optional[Sequence[Artifact]]) – The list of additional input Artifacts for this action. The directories the additional inputs will be available at are available during the project’s build in the CODEBUILD_SRC_DIR_ environment variables. The project’s build always starts in the directory with the primary input artifact checked out, the one pointed to by the input property. For more information, see https://docs.aws.amazon.com/codebuild/latest/userguide/sample-multi-in-out.html .

  • outputs (Optional[Sequence[Artifact]]) – The list of output Artifacts for this action. Note: if you specify more than one output Artifact here, you cannot use the primary ‘artifacts’ section of the buildspec; you have to use the ‘secondary-artifacts’ section instead. See https://docs.aws.amazon.com/codebuild/latest/userguide/sample-multi-in-out.html for details. Default: the action will not have any outputs

  • type (Optional[CodeBuildActionType]) – The type of the action that determines its CodePipeline Category - Build, or Test. Default: CodeBuildActionType.BUILD

ExampleMetadata:

infused

Example:

# Create a Cloudfront Web Distribution
import aws_cdk.aws_cloudfront as cloudfront
# distribution: cloudfront.Distribution


# Create the build project that will invalidate the cache
invalidate_build_project = codebuild.PipelineProject(self, "InvalidateProject",
    build_spec=codebuild.BuildSpec.from_object({
        "version": "0.2",
        "phases": {
            "build": {
                "commands": ["aws cloudfront create-invalidation --distribution-id ${CLOUDFRONT_ID} --paths "/*""
                ]
            }
        }
    }),
    environment_variables={
        "CLOUDFRONT_ID": codebuild.BuildEnvironmentVariable(value=distribution.distribution_id)
    }
)

# Add Cloudfront invalidation permissions to the project
distribution_arn = f"arn:aws:cloudfront::{this.account}:distribution/{distribution.distributionId}"
invalidate_build_project.add_to_role_policy(iam.PolicyStatement(
    resources=[distribution_arn],
    actions=["cloudfront:CreateInvalidation"
    ]
))

# Create the pipeline (here only the S3 deploy and Invalidate cache build)
deploy_bucket = s3.Bucket(self, "DeployBucket")
deploy_input = codepipeline.Artifact()
codepipeline.Pipeline(self, "Pipeline",
    stages=[codepipeline.StageProps(
        stage_name="Deploy",
        actions=[
            codepipeline_actions.S3DeployAction(
                action_name="S3Deploy",
                bucket=deploy_bucket,
                input=deploy_input,
                run_order=1
            ),
            codepipeline_actions.CodeBuildAction(
                action_name="InvalidateCache",
                project=invalidate_build_project,
                input=deploy_input,
                run_order=2
            )
        ]
    )
    ]
)

Attributes

action_name

The physical, human-readable name of the Action.

Note that Action names must be unique within a single Stage.

check_secrets_in_plain_text_env_variables

Whether to check for the presence of any secrets in the environment variables of the default type, BuildEnvironmentVariableType.PLAINTEXT. Since using a secret for the value of that kind of variable would result in it being displayed in plain text in the AWS Console, the construct will throw an exception if it detects a secret was passed there. Pass this property as false if you want to skip this validation, and keep using a secret in a plain text environment variable.

Default:

true

combine_batch_build_artifacts

Combine the build artifacts for a batch builds.

Enabling this will combine the build artifacts into the same location for batch builds. If executeBatchBuild is not set to true, this property is ignored.

Default:

false

environment_variables

The environment variables to pass to the CodeBuild project when this action executes.

If a variable with the same name was set both on the project level, and here, this value will take precedence.

Default:

  • No additional environment variables are specified.

execute_batch_build

Trigger a batch build.

Enabling this will enable batch builds on the CodeBuild project.

Default:

false

extra_inputs

The list of additional input Artifacts for this action.

The directories the additional inputs will be available at are available during the project’s build in the CODEBUILD_SRC_DIR_ environment variables. The project’s build always starts in the directory with the primary input artifact checked out, the one pointed to by the input property. For more information, see https://docs.aws.amazon.com/codebuild/latest/userguide/sample-multi-in-out.html .

input

The source to use as input for this action.

outputs

The list of output Artifacts for this action.

Note: if you specify more than one output Artifact here, you cannot use the primary ‘artifacts’ section of the buildspec; you have to use the ‘secondary-artifacts’ section instead. See https://docs.aws.amazon.com/codebuild/latest/userguide/sample-multi-in-out.html for details.

Default:

the action will not have any outputs

project

The action’s Project.

role

The Role in which context’s this Action will be executing in.

The Pipeline’s Role will assume this Role (the required permissions for that will be granted automatically) right before executing this Action. This Action will be passed into your IAction.bind method in the ActionBindOptions.role property.

Default:

a new Role will be generated

run_order

The runOrder property for this Action.

RunOrder determines the relative order in which multiple Actions in the same Stage execute.

Default:

1

See:

https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html

type

The type of the action that determines its CodePipeline Category - Build, or Test.

Default:

CodeBuildActionType.BUILD

variables_namespace

The name of the namespace to use for variables emitted by this action.

Default:

  • a name will be generated, based on the stage and action names,

if any of the action’s variables were referenced - otherwise, no namespace will be set