Definition:
What is AWS CodeBuild?
AWS CodeBuild is a fully managed build service that automates the process of compiling source code, running tests, and producing software packages. It eliminates the need to provision and manage dedicated build servers, and you only pay for the actual compute time used during builds.
As part of a continuous integration (CI) workflow, CodeBuild helps detect issues early by automatically testing code changes as soon as they are pushed. This ensures that new code integrates smoothly with the existing codebase, improving software quality and accelerating development.
Go to CodeBuild in AWS console.
In build projects menu → Create Build projects
What is a CodeBuild project?
A CodeBuild project is basically the blueprint for your CI process. It's where you tell AWS everything it needs to know about how to build your application. This includes things like where your code lives (like GitHub), what kind of environment you need (Linux or Windows? Java or Python?), exactly what commands to run during the build, and where to store the results when it's done. Think of it as a recipe that CodeBuild follows every time it needs to build your application.
Give a project name → Select project type as Default project
What are the CodeBuild project types?
CodeBuild gives you two main types of projects, each designed for different CI/CD needs:
- Default project: This is your standard option that most teams use. It's perfect when you want to manage your entire build process within AWS. You get full control over how your build runs, what goes in, and what comes out - all without leaving the AWS ecosystem.
- Runner project: This option is for teams who already have CI systems like GitHub Actions or GitLab CI but want to tap into the power of CodeBuild's build environment. It's like having CodeBuild do the heavy lifting while your existing CI system orchestrates the overall process.
Under source → Select source provider as GitHub .
It will show that you have not connected to GitHub. Click on Manage account credentials. Click on it.
Select GitHub App for credential type
What are the Credential types for GitHub?
When connecting to GitHub, CodeConnections gives you a few different options, each with their own trade-offs:
- GitHub App: This is generally the simplest and most secure option. AWS manages the application and connection, reducing the need for you to handle tokens or keys directly. It's recommended for most use cases due to its ease of use and enhanced security.
- Personal access token: This method uses a personal access token generated from your GitHub account. You might remember using this for authenticating to GitHub from the terminal. While straightforward, it requires you to manage and rotate tokens, which can be less secure and more operationally intensive.
- OAuth app: This involves setting up an OAuth application in GitHub and configuring CodeConnections to use it. It provides a more granular control over permissions but is more complex to set up compared to GitHub App.
Click on create a new GitHub connection → Enter a connection name → Click Next → Click Authorize AWS Connector for GitHub → Authenticate → Select username → Connect
NOTE: You might be wondering why there are so many steps just to connect to GitHub. The multi-step process ensures that AWS can securely access your repositories without needing your GitHub password or storing sensitive credentials. This method is much more secure than manually managing tokens that need to be rotated regularly.
Select newly created connection and click on Save. Now it will show that account is connected to AWS managed GitHub app
Why save default source credential?
By saving the GitHub App connection as the default credential, you make it easier to reuse this connection for future CodeBuild projects. This avoids the need to repeat the connection setup process each time you create a new project that uses the same GitHub account.
When we were taken to different pages to connect to GitHub, that was CodeBuild passing us to another Code service (called AWS CodeConnections) behind the scenes.
What is AWS CodeConnections?
AWS CodeConnections is like a secure bridge between AWS and your external code repositories. Instead of dealing with the headache of managing API keys, tokens (like GitHub's Personal Access Tokens!), or SSH credentials, CodeConnections handles all that authentication complexity for you - so you can focus on building your application.
If you'd like, you can open the left hand navigation menu, expand Settings at the bottom of the list, and open the Connections page. You can manage all connections you set up with CodeConnections there.
Now we can select the github repositories under Repository dropdown.
(This includes the operating system, runtime, and compute resources)