Batch builds in AWS CodeBuild
You can use AWS CodeBuild to run concurrent and coordinated builds of a project with batch builds.
Security role
Batch builds introduce a new security role in the batch configuration. This new role
is required as CodeBuild must be able to call the StartBuild, StopBuild, and
RetryBuild actions on your behalf to run builds as part of a batch. Customers should use a new
role, and
not the same role they use in their build, for two reasons:
-
Giving the build role
StartBuild,StopBuild, andRetryBuildpermissions would allow a single build to start more builds via the buildspec. -
CodeBuild batch builds provide restrictions that restrict the number of builds and compute types that can be used for the builds in the batch. If the build role has these permissions, it is possible the builds themselves could bypass these restrictions.
Batch build types
CodeBuild supports the following batch build types:
Batch build types
Build graph
A build graph defines a set of tasks that have dependencies on other tasks in the batch.
The following example defines a build graph that creates a dependency chain.
batch: fast-fail: false build-graph: - identifier: build1 env: variables: BUILD_ID: build1 ignore-failure: false - identifier: build2 buildspec: build2.yml env: variables: BUILD_ID: build2 depend-on: - build1 - identifier: build3 env: variables: BUILD_ID: build3 depend-on: - build2
In this example:
-
build1runs first because it has no dependencies. -
build2has a dependency onbuild1, sobuild2runs afterbuild1completes. -
build3has a dependency onbuild2, sobuild3runs afterbuild2completes.
For more information about the build graph buildspec syntax, see batch/build-graph.
Build list
A build list defines a number of tasks that run in parallel.
The following example defines a build list. The build1 and
build2 builds will run in parallel.
batch: fast-fail: false build-list: - identifier: build1 env: variables: BUILD_ID: build1 ignore-failure: false - identifier: build2 buildspec: build2.yml env: variables: BUILD_ID: build2 ignore-failure: true
For more information about the build list buildspec syntax, see batch/build-list.
Build matrix
A build matrix defines tasks with different configurations that run in parallel. CodeBuild creates a separate build for each possible configuration combination.
The following example shows a build matrix with two buildspec files and three values for an environment variable.
batch: build-matrix: static: ignore-failure: false env: type: LINUX_CONTAINER image: aws/codebuild/amazonlinux2-x86_64-standard:3.0 privileged-mode: true dynamic: buildspec: - matrix1.yml - matrix2.yml env: variables: MY_VAR: - VALUE1 - VALUE2 - VALUE3
In this example, CodeBuild creates six builds:
-
matrix1.ymlwith$MY_VAR=VALUE1 -
matrix1.ymlwith$MY_VAR=VALUE2 -
matrix1.ymlwith$MY_VAR=VALUE3 -
matrix2.ymlwith$MY_VAR=VALUE1 -
matrix2.ymlwith$MY_VAR=VALUE2 -
matrix2.ymlwith$MY_VAR=VALUE3
Each build will have the following settings:
-
ignore-failureset tofalse -
env/typeset toLINUX_CONTAINER -
env/imageset toaws/codebuild/amazonlinux2-x86_64-standard:3.0 -
env/privileged-modeset totrue
These builds run in parallel.
For more information about the build matrix buildspec syntax, see batch/build-matrix.
Batch report mode
If the source provider for your project is Bitbucket, GitHub, or GitHub Enterprise, and your project is configured to report build statuses to the source provider, you can select how you want your batch build statuses sent to the source provider. You can select to have the statuses sent as a single aggregate status report for the batch, or have the status of each build in the batch reported individually.
For more information, see the following topics:
More information
For more information, see the following topics:
