Building docker images using AWS CodeCommit, CodeBuild and storing in AWS ECR

AWS CodeCommit

Aws CodeCommit is a source control service for git based repositories.

It is similar to the most famous source control service github.com

We use the AWS CodeCommit to store the source code

AWS CodeBuild

AWS CodeBuild is a continuous integration service that can be used for compiling source code, run tests, and produce software packages.

Instead of running dedicated servers for building the code, AWS CodeBuild can be used on demand as it is a fully managed Pay as you go service. 

The service will bring up the computing resources required for building, testing and packaging the code and then the resources will be freed up once the job completes

We use the AWS CodeBuild to build Docker image of our source code

AWS ECR

AWS Elastic Container Registry is a fully managed container registry to store, manage, share and deploy container images and artifacts

We store the docker image in AWS ECR

Overview

• Apart from AWS Access Key, HTTPS Git credentials have to be created in IAM
• Create CodeCommit Repository
• Push the Code as usual as it is commonly used Git based repository
• Create Container Repository
• Write the set of instructions to perform building the software in buildspec.yml file
• Create AWS CodeBuild Project - make sure to choose Privilege flag under environments to get elevated privilege for building the Docker images
• Click on Start build
• Build trigger feature is available to automate the process

Documentation

• For creating a project in AWS CodeCommit - Refer: Creating a CodeCommit Repository
• For creating AWS ECR Repository - Refer: Creating an ECR Repository
• For building docker image using AWS CodeBuild: Build Docker Images with CodeBuild

Points to Consider

• Typically, AWS CodeBuild cannot access resources in a VPC. Additional VPC specific configurations have to be given in the CodeBuild Project.

• NAT gateway or NAT instance required to use CodeBuild with VPC so that CodeBuild can reach public endpoints - This means, there is more AWS VPC configurations required such as creating NAT gateway, internet gateway, security group and route table..etc when using docker images that uses base image available in internet which is a usual case