LinuxBuildImage

class aws_cdk.aws_codebuild.LinuxBuildImage(*args: Any, **kwargs)

Bases: object

A CodeBuild image running x86-64 Linux.

This class has a bunch of public constants that represent the most popular images.

You can also specify a custom image using one of the static methods:

  • LinuxBuildImage.fromDockerRegistry(image[, { secretsManagerCredentials }])

  • LinuxBuildImage.fromEcrRepository(repo[, tag])

  • LinuxBuildImage.fromAsset(parent, id, props)

See:

https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-available.html

ExampleMetadata:

infused

Example:

pipeline = pipelines.CodePipeline(self, "Pipeline",
    synth=pipelines.ShellStep("Synth",
        input=pipelines.CodePipelineSource.connection("my-org/my-app", "main",
            connection_arn="arn:aws:codestar-connections:us-east-1:222222222222:connection/7d2469ff-514a-4e4f-9003-5ca4a43cdc41"
        ),
        commands=["npm ci", "npm run build", "npx cdk synth"]
    ),

    # Turn this on because the pipeline uses Docker image assets
    docker_enabled_for_self_mutation=True
)

pipeline.add_wave("MyWave",
    post=[
        pipelines.CodeBuildStep("RunApproval",
            commands=["command-from-image"],
            build_environment=codebuild.BuildEnvironment(
                # The user of a Docker image asset in the pipeline requires turning on
                # 'dockerEnabledForSelfMutation'.
                build_image=codebuild.LinuxBuildImage.from_asset(self, "Image",
                    directory="./docker-image"
                )
            )
        )
    ]
)

Methods

run_script_buildspec(entrypoint)

Make a buildspec to run the indicated script.

Parameters:

entrypoint (str) –

Return type:

BuildSpec

validate(*, build_image=None, certificate=None, compute_type=None, environment_variables=None, privileged=None)

Allows the image a chance to validate whether the passed configuration is correct.

Parameters:

  • build_image (Optional[IBuildImage]) – The image used for the builds. Default: LinuxBuildImage.STANDARD_1_0

  • certificate (Union[BuildEnvironmentCertificate, Dict[str, Any], None]) – The location of the PEM-encoded certificate for the build project. Default: - No external certificate is added to the project

  • compute_type (Optional[ComputeType]) – The type of compute to use for this build. See the ComputeType enum for the possible values. Default: taken from #buildImage#defaultComputeType

  • environment_variables (Optional[Mapping[str, Union[BuildEnvironmentVariable, Dict[str, Any]]]]) – The environment variables that your builds can use.

  • privileged (Optional[bool]) – Indicates how the project builds Docker images. Specify true to enable running the Docker daemon inside a Docker container. This value must be set to true only if this build project will be used to build Docker images, and the specified build environment image is not one provided by AWS CodeBuild with Docker support. Otherwise, all associated builds that attempt to interact with the Docker daemon will fail. Default: false

Return type:

List[str]

Attributes

AMAZON_LINUX_2 = <aws_cdk.aws_codebuild.LinuxBuildImage object>
AMAZON_LINUX_2_2 = <aws_cdk.aws_codebuild.LinuxBuildImage object>
AMAZON_LINUX_2_3 = <aws_cdk.aws_codebuild.LinuxBuildImage object>
AMAZON_LINUX_2_4 = <aws_cdk.aws_codebuild.LinuxBuildImage object>
AMAZON_LINUX_2_5 = <aws_cdk.aws_codebuild.LinuxBuildImage object>
AMAZON_LINUX_2_ARM
AMAZON_LINUX_2_ARM_2
AMAZON_LINUX_2_ARM_3
STANDARD_1_0 = <aws_cdk.aws_codebuild.LinuxBuildImage object>
STANDARD_2_0 = <aws_cdk.aws_codebuild.LinuxBuildImage object>
STANDARD_3_0 = <aws_cdk.aws_codebuild.LinuxBuildImage object>
STANDARD_4_0 = <aws_cdk.aws_codebuild.LinuxBuildImage object>
STANDARD_5_0 = <aws_cdk.aws_codebuild.LinuxBuildImage object>
STANDARD_6_0 = <aws_cdk.aws_codebuild.LinuxBuildImage object>
STANDARD_7_0 = <aws_cdk.aws_codebuild.LinuxBuildImage object>
default_compute_type

The default ComputeType to use with this image, if one was not specified in BuildEnvironment#computeType explicitly.

image_id

The Docker image identifier that the build environment uses.

image_pull_principal_type

The type of principal that CodeBuild will use to pull this build Docker image.

repository

An optional ECR repository that the image is hosted in.

secrets_manager_credentials

The secretsManagerCredentials for access to a private registry.

type

The type of build environment.

Static Methods

classmethod from_asset(scope, id, *, directory, asset_name=None, build_args=None, build_secrets=None, build_ssh=None, cache_disabled=None, cache_from=None, cache_to=None, file=None, invalidation=None, network_mode=None, outputs=None, platform=None, target=None, extra_hash=None, exclude=None, follow_symlinks=None, ignore_mode=None)

Uses an Docker image asset as a x86-64 Linux build image.

Parameters:

  • scope (Construct) –

  • id (str) –

  • directory (str) – The directory where the Dockerfile is stored. Any directory inside with a name that matches the CDK output folder (cdk.out by default) will be excluded from the asset

  • asset_name (Optional[str]) – Unique identifier of the docker image asset and its potential revisions. Required if using AppScopedStagingSynthesizer. Default: - no asset name

  • build_args (Optional[Mapping[str, str]]) – Build args to pass to the docker build command. Since Docker build arguments are resolved before deployment, keys and values cannot refer to unresolved tokens (such as lambda.functionArn or queue.queueUrl). Default: - no build args are passed

  • build_secrets (Optional[Mapping[str, str]]) – Build secrets. Docker BuildKit must be enabled to use build secrets. Default: - no build secrets

  • build_ssh (Optional[str]) – SSH agent socket or keys to pass to the docker build command. Docker BuildKit must be enabled to use the ssh flag Default: - no –ssh flag

  • cache_disabled (Optional[bool]) – Disable the cache and pass --no-cache to the docker build command. Default: - cache is used

  • cache_from (Optional[Sequence[Union[DockerCacheOption, Dict[str, Any]]]]) – Cache from options to pass to the docker build command. Default: - no cache from options are passed to the build command

  • cache_to (Union[DockerCacheOption, Dict[str, Any], None]) – Cache to options to pass to the docker build command. Default: - no cache to options are passed to the build command

  • file (Optional[str]) – Path to the Dockerfile (relative to the directory). Default: ‘Dockerfile’

  • invalidation (Union[DockerImageAssetInvalidationOptions, Dict[str, Any], None]) – Options to control which parameters are used to invalidate the asset hash. Default: - hash all parameters

  • network_mode (Optional[NetworkMode]) – Networking mode for the RUN commands during build. Support docker API 1.25+. Default: - no networking mode specified (the default networking mode NetworkMode.DEFAULT will be used)

  • outputs (Optional[Sequence[str]]) – Outputs to pass to the docker build command. Default: - no outputs are passed to the build command (default outputs are used)

  • platform (Optional[Platform]) – Platform to build for. Requires Docker Buildx. Default: - no platform specified (the current machine architecture will be used)

  • target (Optional[str]) – Docker target to build to. Default: - no target

  • extra_hash (Optional[str]) – Extra information to encode into the fingerprint (e.g. build instructions and other inputs). Default: - hash is only based on source content

  • exclude (Optional[Sequence[str]]) – File paths matching the patterns will be excluded. See ignoreMode to set the matching behavior. Has no effect on Assets bundled using the bundling property. Default: - nothing is excluded

  • follow_symlinks (Optional[SymlinkFollowMode]) – A strategy for how to handle symlinks. Default: SymlinkFollowMode.NEVER

  • ignore_mode (Optional[IgnoreMode]) – The ignore behavior to use for exclude patterns. Default: IgnoreMode.GLOB

Return type:

IBuildImage

classmethod from_code_build_image_id(id)

Uses a Docker image provided by CodeBuild.

Parameters:

id (str) – The image identifier.

Return type:

IBuildImage

Returns:

A Docker image provided by CodeBuild.

See:

https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-available.html

Example:

"aws/codebuild/standard:4.0"
classmethod from_docker_registry(name, *, secrets_manager_credentials=None)
Parameters:

  • name (str) –

  • secrets_manager_credentials (Optional[ISecret]) – The credentials, stored in Secrets Manager, used for accessing the repository holding the image, if the repository is private. Default: no credentials will be used (we assume the repository is public)

Return type:

IBuildImage

Returns:

a x86-64 Linux build image from a Docker Hub image.

classmethod from_ecr_repository(repository, tag_or_digest=None)
Parameters:

  • repository (IRepository) – The ECR repository.

  • tag_or_digest (Optional[str]) – Image tag or digest (default “latest”, digests must start with sha256:).

Return type:

IBuildImage

Returns:

A x86-64 Linux build image from an ECR repository.

NOTE: if the repository is external (i.e. imported), then we won’t be able to add a resource policy statement for it so CodeBuild can pull the image.

See:

https://docs.aws.amazon.com/codebuild/latest/userguide/sample-ecr.html