How to setup codebuild with code pipelines in terraform?

Question

I am trying to setup codebuild to receive an artifact from code pipeline with terraform. The relevant part of the codebuild resource in the terraform file looks like this:

  source {
     type            = "CODEPIPELINE"
     git_clone_depth = 1
  }

I get an error when running terraform apply The error is:

Error: Error creating CodeBuild project: InvalidInputException: Invalid input: when using CodePipeline both sourceType, and artifactType must be set to: CODEPIPELINE status code: 400, request id: 2c32335e-d3c1-4abd-823b-83e26b947c77

There is nothing in the terraform docs about sourceType neither arifactType... How does one setup code build to receive an artifact from code pipeline with terraform? Thanks!

Answer 1

This is what I tested and worked for my usecase:

codebuild.tf:

resource "aws_codebuild_project" "code_build" {
  name                          = "${var.teamid}-${var.prjid}"
  description                   = "${var.teamid}-${var.prjid}"
  build_timeout                 = "5"
  service_role                  = var.codebuild_role
  artifacts {
    type                        = "CODEPIPELINE"
  }

  environment {
    compute_type                = "BUILD_GENERAL1_LARGE"
    image                       = "aws/codebuild/amazonlinux2-x86_64-standard:3.0"
    type                        = "LINUX_CONTAINER"
    privileged_mode             = true
  }

  source {
    type                          = "${var.build_source}"
    location                      = "${var.storage_bucket}"
    git_clone_depth               = var.git_clone_depth
    buildspec                     = "${file("${var.buildspec_filepath}")}"
  }

  tags = {
    Name                          = "${var.teamid}-${var.prjid}"
    Owner                         = "${var.email}"
    TeamId                        = "${var.teamid}"
    PrjId                         = "${var.prjid}"
  }
}

input.tfvars:

email                       = "demo@demo.com"
aws_region                  = "us-east-2"
codebuild_role              = "arn:aws:iam::123456789012:role/service-role/codebuild-service-role"
storage_bucket              = "codepipeline-12345"
kms_keyid                   = "12345"
github_org                  = "tomarv2"
github_repo                 = "demo"
github_oauth_token          = "xyz"
build_source                = "CODEPIPELINE"
git_clone_depth             = "0"
buildspec_filepath          = "buildspec.yml"
teamid                      = "demo"
prjid                       = "demo-pipeline"

Answer 2

This error is related to the build output artifact definition: [1]

To resolve, define type = 'CODEPIPELINE' for both 'source' and 'artifacts' properties on the TF resource: aws_codebuild_project:

From https://www.terraform.io/docs/providers/aws/r/codebuild_project.html#artifacts:

source supports the following:

type - (Required) The type of repository that contains the source code to be built. Valid values for this parameter are: CODECOMMIT, CODEPIPELINE, GITHUB, GITHUB_ENTERPRISE, BITBUCKET, S3 or NO_SOURCE.

artifacts supports the following:

type - (Required) The build output artifact's type. Valid values for this parameter are: CODEPIPELINE, NO_ARTIFACTS or S3.

Share your TF template if you are still facing the issue.

Ref:

[1] https://docs.aws.amazon.com/codebuild/latest/APIReference/API_ProjectArtifacts.html

Edit 1:

I copied your template and applied it and it ran without any issue. The only thing changed was bucket name and project name:

resource "aws_s3_bucket" "example" {
  bucket = "shariqexampletestingterrastartup"  # <======

resource "aws_codebuild_project" "example" {
  name          = "terraform-cb-project" #var.DOMAIN_NAME # <======

Response of Terraform apply:

Plan: 5 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

aws_iam_role.example: Creating...
aws_iam_policy.policy: Creating...
aws_s3_bucket.example: Creating...
aws_iam_role.example: Creation complete after 2s [id=example]
aws_iam_policy.policy: Creation complete after 3s [id=arn:aws:iam::123456789012:policy/test-policy]
aws_iam_role_policy_attachment.test-attach: Creating...
aws_iam_role_policy_attachment.test-attach: Creation complete after 2s [id=example-20200113052522878300000001]
aws_s3_bucket.example: Still creating... [10s elapsed]
aws_s3_bucket.example: Creation complete after 15s [id=shariqexampletestingterrastartup]
aws_codebuild_project.example: Creating...
aws_codebuild_project.example: Creation complete after 3s [id=arn:aws:codebuild:us-east-1:123456789012:project/terraform-cb-project]

For reference, my TF version is as follows:

terraform --version
Terraform v0.12.10
+ provider.aws v2.44.0

Your version of Terraform is out of date! The latest version
is 0.12.19. You can update by downloading from www.terraform.io/downloads.html