1
00:00:00,050 --> 00:00:01,940
‫So now let's talk about code builds.

2
00:00:01,970 --> 00:00:04,880
‫So code build is actually takes a source of code.

3
00:00:04,880 --> 00:00:07,730
‫For example, code commit, Amazon, S3, Bitbucket or GitHub.

4
00:00:07,730 --> 00:00:11,310
‫And then in that source there will be some build instructions.

5
00:00:11,330 --> 00:00:14,120
‫Now, from an exam perspective, you need to know the name of that file.

6
00:00:14,120 --> 00:00:20,240
‫So it's buildspec.yml and that file needs to leave at the root of your code.

7
00:00:20,240 --> 00:00:22,610
‫And I will show this what it means in the hands on.

8
00:00:22,610 --> 00:00:25,340
‫Or you can also insert these instructions in the console.

9
00:00:25,340 --> 00:00:30,040
‫But the best practice is to use Buildspec.yml and this is what the exam will test you on.

10
00:00:30,050 --> 00:00:35,510
‫So once the application is built, the output logs can be stored into Amazon, S3 and Cloudwatch logs

11
00:00:35,510 --> 00:00:36,610
‫for later analysis.

12
00:00:36,620 --> 00:00:42,140
‫You can use metrics to Cloudwatch metrics to look at the build statistics Eventbridge to detect failed

13
00:00:42,140 --> 00:00:43,820
‫builds and trigger notifications.

14
00:00:43,820 --> 00:00:44,690
‫Cloudwatch alarms.

15
00:00:44,690 --> 00:00:46,940
‫In case you have too many failures, for example.

16
00:00:46,940 --> 00:00:52,730
‫And then the build projects themselves can be and this is a bit confusing, define either within codebuild

17
00:00:52,730 --> 00:00:55,460
‫of course, or also within Codepipeline.

18
00:00:55,460 --> 00:00:59,270
‫But Codepipeline can also invoke an existing code build build project.

19
00:00:59,270 --> 00:01:02,160
‫So if we look at code build, what can I test?

20
00:01:02,190 --> 00:01:05,790
‫Well, if you have a Java ruby python, go NodeJS android.

21
00:01:05,990 --> 00:01:08,520
‫Net core PHP application.

22
00:01:08,520 --> 00:01:15,660
‫Then there is a pre-built image for you to run your test in code build and if you want to have any other

23
00:01:15,660 --> 00:01:21,870
‫environments well, you can extend a Docker image and by extending it you can test for whatever language

24
00:01:21,870 --> 00:01:22,290
‫you want.

25
00:01:22,290 --> 00:01:25,160
‫But again, this is up to you to support your own environment.

26
00:01:25,170 --> 00:01:27,260
‫So how does code build works?

27
00:01:27,270 --> 00:01:30,600
‫Well, we have our code and in this example it's in code commit.

28
00:01:30,600 --> 00:01:32,640
‫So we have our source code, a bunch of files.

29
00:01:32,640 --> 00:01:38,280
‫And then there is this very important file that lives at the top of your repo, which is buildspec.yml

30
00:01:38,670 --> 00:01:44,580
‫now could build, is going to fetch this code and then Codebuild itself will have to have a container.

31
00:01:44,580 --> 00:01:47,100
‫So as I said, there is going to be a build environment.

32
00:01:47,100 --> 00:01:53,640
‫So Java go and so on and this container is going to load all the source code and the buildspec.yml and

33
00:01:53,640 --> 00:01:59,340
‫it's going to run all the instructions that are inserted into this Buildspec.yml file.

34
00:01:59,490 --> 00:02:03,240
‫Now to build this container, our code build will pull a Docker image.

35
00:02:03,240 --> 00:02:08,340
‫So either it's prepackaged by AWS for the environments I just told you before or you provide your own

36
00:02:08,340 --> 00:02:11,910
‫Docker image to run whatever code you need.

37
00:02:11,970 --> 00:02:17,040
‫Okay, so code build will run all the instructions from buildspec.yml and sometimes they can be quite

38
00:02:17,040 --> 00:02:17,370
‫lengthy.

39
00:02:17,370 --> 00:02:22,710
‫So there is a feature in code build to be able to cache a bunch of files in S3 buckets.

40
00:02:22,740 --> 00:02:25,830
‫If you want to reuse some files from build to build.

41
00:02:25,830 --> 00:02:29,280
‫Okay, this is an optimization, but there is a way for you to cache some files.

42
00:02:29,280 --> 00:02:30,330
‫This is optional though.

43
00:02:30,480 --> 00:02:35,610
‫Then all the logs are going to be into cloudwatch logs and Amazon S3 if you enable it.

44
00:02:35,610 --> 00:02:41,070
‫And then once Codebuild is done to build your code or even test your code, it can produce some artifacts

45
00:02:41,070 --> 00:02:45,570
‫and these artifacts will be extracted out of the container, put into an S3 bucket.

46
00:02:45,570 --> 00:02:49,230
‫And this is where you can find your final outputs of code build.

47
00:02:49,680 --> 00:02:52,890
‫So the Buildspec.yml file is super important.

48
00:02:52,920 --> 00:02:53,950
‫This is what it looks like.

49
00:02:53,970 --> 00:02:55,980
‫We'll have a look at it obviously in this course.

50
00:02:55,980 --> 00:03:00,060
‫But so some very important things that the Buildspec.yml file must be at the root of your code.

51
00:03:00,060 --> 00:03:05,820
‫So at the very, very top of your code directory environment allows you to define some environment variables

52
00:03:05,820 --> 00:03:08,870
‫for the execution of buildspec.yml.

53
00:03:08,880 --> 00:03:15,330
‫So you have variables that can be plain text or you can pull them directly from the SSM parameter store,

54
00:03:15,330 --> 00:03:18,900
‫or you can pull secrets directly from Secrets Manager.

55
00:03:18,930 --> 00:03:24,120
‫This will allow you, for example, to get a password or for a database and so on that are clearly from

56
00:03:24,120 --> 00:03:28,890
‫some places that of course you wouldn't want to store these passwords in plain text into a file like

57
00:03:28,890 --> 00:03:30,030
‫Buildspec.yml.

58
00:03:30,300 --> 00:03:35,160
‫Then phases, which is actually going to define what code build is going to be doing.

59
00:03:35,160 --> 00:03:41,220
‫So it's a bunch of installs, for example, to say, Hey, what commands we want to do to install some

60
00:03:41,220 --> 00:03:46,650
‫pre necessary packages and so on pre-build, which is the commands to execute just before the build

61
00:03:46,680 --> 00:03:49,510
‫build the actual build commands very important.

62
00:03:49,510 --> 00:03:52,330
‫Then we have post build, which are the finishing touches.

63
00:03:52,330 --> 00:03:56,320
‫For example, once it's built, maybe creates a good zip output and so on.

64
00:03:56,320 --> 00:03:57,640
‫And then the artifacts.

65
00:03:57,640 --> 00:04:04,150
‫So which files at the Docker container should be extracted and sent into Amazon S3 There's also going

66
00:04:04,150 --> 00:04:04,960
‫to be encrypted.

67
00:04:04,970 --> 00:04:09,730
‫And finally there's this cache block to say which files, which dependencies are going to be cached

68
00:04:09,730 --> 00:04:10,240
‫in Amazon.

69
00:04:10,240 --> 00:04:13,810
‫S3 for for speeding up the future builds.

70
00:04:14,200 --> 00:04:14,500
‫Okay.

71
00:04:14,500 --> 00:04:16,090
‫So this is called build a high level.

72
00:04:16,090 --> 00:04:20,590
‫But from this file, just remember, you know, to me the most important thing is the name of the file

73
00:04:20,590 --> 00:04:21,340
‫where it sits.

74
00:04:21,340 --> 00:04:25,150
‫And again, just understand the general idea of how Codebuild works and you should be good to go.

75
00:04:25,390 --> 00:04:29,770
‫Now, code build is something that runs on the cloud, but it is possible for you if you need to do

76
00:04:29,770 --> 00:04:34,000
‫some deep troubleshooting beyond the logs to run code, build locally on your desktop.

77
00:04:34,000 --> 00:04:37,720
‫First, you need to install Docker obviously, and then you leverage the Codebuild agent.

78
00:04:37,750 --> 00:04:42,730
‫The instructions are here and this allows you to reproduce a codebuild build on your machine and really

79
00:04:42,730 --> 00:04:44,740
‫see what's going on when you have failures.

80
00:04:45,070 --> 00:04:48,040
‫Also could build, can be launched within a VPC.

81
00:04:48,250 --> 00:04:50,140
‫So by default your could build containers.

82
00:04:50,140 --> 00:04:52,570
‫Instances are launched outside your VPC.

83
00:04:52,840 --> 00:04:59,200
‫That means that it's going to run fine, but it cannot access some resources that are within your VPC.

84
00:04:59,440 --> 00:05:06,310
‫So you can specify a VPC configuration for Codebuild with a VPC, ID, some subnet IDs, security group

85
00:05:06,310 --> 00:05:07,090
‫IDs and so on.

86
00:05:07,090 --> 00:05:12,310
‫And then thanks to this, then could build containers, we'll be able to access resources in your VPC,

87
00:05:12,310 --> 00:05:16,390
‫such as RDS, elasticache, EC2 instances, albs, and so on.

88
00:05:16,390 --> 00:05:22,540
‫So in this example I have RDS database in a private subnet in my VPC and I can directly launch my codebuild

89
00:05:22,540 --> 00:05:28,420
‫container in here and then my codebuild container could access my database instance if he needed to.

90
00:05:28,420 --> 00:05:35,170
‫So the use case is to have codebuild inside your VPC is to do integration testing data query to talk

91
00:05:35,170 --> 00:05:37,270
‫to internal load balancers and so on.

92
00:05:37,360 --> 00:05:38,470
‫So that's it for Codebuild.

93
00:05:38,470 --> 00:05:39,130
‫I hope you liked it.

94
00:05:39,130 --> 00:05:41,350
‫And let's go into the next lecture for some practice.