Reputation: 123
How to pass variable (environment property) from CodeBuild to Beanstalk app in CodePipeline?
I have a simple CodePipeline with three stages - source checkout, CodeBuild build docker image using buildspec.yml and producing Dockerrun.json artifact, and deploy to Beanstalk.
Now I want the application, which runs in the docker, to read a variable (environment property) set by CodeBuild stage during a build--a build number. How can I do that?
I have set APPLICATION_BUILDNUMBER variable in the buildspec.yml in pre_build:commands and listed it under exported-variables. It then appeared in AWS Console under CodeBuild Build status under Environment Variables tab under Exported environment variables with desired value.
Now how can I read it in my application running in docker in Beanstalk, which is a Spring Boot app (JAR)?
When I set the variable APPLICATION_BUILDNUMBER manually in Beanstalk > Configuration > Software > Environment properties, I can read it easily. But I don't know, how to pass it from CodeBuild.
Upvotes: 2
Views: 1835
Answers (2)
Reputation: 241
I needed to get the CODEBUILD_BUILD_NUMBER environment variable from CodeBuild to ElasticBeanstalk so I could get the right release in Sentry.
The solution I ended up using was to update the ElasticBeanstalk environment variable from CodeBuild with aws-cli.
Make sure to leave enough time after this command so that ElasticBeanstalk isn't still updating when CodeBuild starts deploying your app, resulting in a failed deployment. Putting it in the pre_build section of your buildspec.yaml would probably help with that.
Here's an example:
pre_build:
commands:
- export BUILD_NUM=${CODEBUILD_BUILD_NUMBER}
- aws elasticbeanstalk update-environment --environment-name YOUR-ENV --option-settings Namespace=aws:elasticbeanstalk:application:environment,OptionName=CODEBUILD_BUILD_NUMBER,Value=$BUILD_NUM --region YOUR-REGION
Upvotes: 0
Reputation: 8890
Taking a quick look at the configuration properties of an Elastic Beanstalk action 1, it cannot take an environment property from an external source.
A workaround can be to:
a. Set a SSM Parameter store variable from your CodeBuild action and then
b. Read the SSM parameter value in Elastic Beanstalk environment "hook" and export to the environment.
For a: Run this command from the CodeBuild buildspec:
$ aws ssm put-parameter --name "parameter-name" --type String --value "parameter-value"
For b:
You can deploy the hooks file in /opt/elasticbeanstalk/hooks/appdeploy/pre/ . Create the hook script via ebextension 'files' construct 2. A minimal hook script to get the secret from SSM or Secrets Manager and exporting the secret to system, would look like:
#!/usr/bin/env bash
set -e
export MySecret=$(aws ssm get-parameters ---blah --blah......... )
It goes without saying that CodeBuild service role and EC2 Instance role (used with EB) needs to have the required permissions:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ssm:GetParameters",
"ssm:GetParameter",
"ssm:PutParameter",
"secretsmanager:GetSecretValue",
"kms:Decrypt"
],
"Resource": [
"arn:aws:ssm:*:*:*",
"arn:aws:secretsmanager:*:*:*",
"arn:aws:kms:*:*:*"
]
}
]
}
Upvotes: 1
Related Questions
- Pass environment created in codebuild action to downstream action in codepipeline
- Access AWS CodeBuild Variables in AWS CodePipeline
- How to pass environment variable to the buildspec.yml for AWS codebuild
- Passing EnvironmentVariables from AWS Codepipeline to CodeBuild
- How to use environment variables defined in the Codebuild console, within the buildspec.yml
- AWS code build with env variables from build-spec.yml
- How do you pass environment variables from the Source to the Build in AWS CodePipelines?
- How to set and get environment variables in CodeDeploy
- AWS codebuild not passing down environment variables?
- How do you pass custom environment variable on Amazon Elastic Beanstalk (AWS EBS)?