diff --git a/docs/providers-guide.md b/docs/providers-guide.md index d0c0d14e7..e16e9d67f 100644 --- a/docs/providers-guide.md +++ b/docs/providers-guide.md @@ -254,16 +254,9 @@ Provider type: `codebuild`. #### Properties -- *image* *(String)* - default: `STANDARD_7_0`. +- *image* *(String|Object)* - default: `STANDARD_7_0`. - The Image that the AWS CodeBuild will use. Images can be found [here](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-codebuild.LinuxBuildImage.html). - - Image can also take an object that contains a property key of - `repository_arn` which is the repository ARN of an ECR repository on the - deployment account within the main deployment region. This allows your - pipeline to consume a custom image if required. - - Along with `repository_arn`, we also support a `tag` key which can be used - to define which image should be used (defaults to `latest`). An example of - this setup is provided [here](user-guide.md#custom-build-images). - Image can also take an object that contains a reference to a public docker hub image with a prefix of `docker-hub://`, such as `docker-hub://bitnami/mongodb`. This allows your pipeline to consume a @@ -271,6 +264,30 @@ Provider type: `codebuild`. we also support using a tag which can be provided after the docker hub image name such as `docker-hub://bitnami/mongodb:3.6.23` in order to define which image should be used (defaults to `latest`). + - For images hosted in Amazon ECR, you can define the repository and image to + use by specifying an image object. + This allows your pipeline to consume a custom image if required. + For example, to configure a specific repository ARN, configure it as: + + ```yaml + image: + repository_arn: 'arn:${partition}:ecr:${region}:${source_account_id}:repository/your-repo-name' + tag: 'latest' # Optional, defaults to latest + ``` + + Alternatively, you can set the `repository_name` if the ECR is hosted in + the deployment account in the main deployment region. + + ```yaml + image: + repository_name: 'your-repo-name' + tag: 'latest' # Optional, defaults to latest + ``` + + Along with `repository_arn` or `repository_name`, we also support a `tag` + key. This can be used to define which image should be used + (defaults to `latest`). An example of this setup is provided + [here](user-guide.md#custom-build-images). - *size* *(String)* **(small|medium|large)** - default: `small`. - The Compute type to use for the build, types can be found [here](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-compute-types.html). diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/global.yml b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/global.yml index dd4167e39..a984cf3e3 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/global.yml +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-bootstrap/deployment/global.yml @@ -358,6 +358,8 @@ Resources: - "ecr:CompleteLayerUpload" - "ecr:BatchCheckLayerAvailability" - "ecr:PutImage" + - "ecr:BatchGetImage" + - "ecr:GetDownloadUrlForLayer" Resource: - "*" - Effect: Allow diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/cdk/cdk_constructs/adf_codebuild.py b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/cdk/cdk_constructs/adf_codebuild.py index 7c1ace2e3..05a0975fa 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/cdk/cdk_constructs/adf_codebuild.py +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/cdk/cdk_constructs/adf_codebuild.py @@ -375,15 +375,30 @@ def determine_build_image(codebuild_id, scope, target, map_params): .get('image') ) if isinstance(specific_image, dict): - repo_arn = _ecr.Repository.from_repository_arn( + repository_name = specific_image.get('repository_name', '') + repository_arn = specific_image.get('repository_arn', '') + if not repository_arn and not repository_name: + raise ValueError("The repository arn or name needs to be specified") + + if repository_arn and repository_name: + raise AssertionError("Specify the arn or the name of the repository, not both.") + + if repository_name: + repository_arn = ( + f"arn:aws:ecr:{ADF_DEPLOYMENT_REGION}:" + f"{ADF_DEPLOYMENT_ACCOUNT_ID}:{repository_name}" + ) + + ecr_repo = _ecr.Repository.from_repository_arn( scope, f'custom_repo_{codebuild_id}', - specific_image.get('repository_arn', ''), + repository_arn, ) return _codebuild.LinuxBuildImage.from_ecr_repository( - repo_arn, + ecr_repo, specific_image.get('tag', 'latest'), ) + return CodeBuild.get_image_by_name(specific_image) @staticmethod diff --git a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/python/schema_validation.py b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/python/schema_validation.py index ac64b4bb6..c78209c88 100644 --- a/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/python/schema_validation.py +++ b/src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/shared/python/schema_validation.py @@ -117,7 +117,8 @@ # CodeBuild CODEBUILD_IMAGE_PROPS = { - "repository_arn": str, # arn:aws:ecr:region:111111111111:repository/test + Optional("repository_arn"): str, # arn:aws:ecr:region:111111111111:repository/test + Optional("repository_name"): str, # hello-world Optional("tag"): str, # defaults to latest } CODEBUILD_PROPS = {