Get startedGet started for free

Automating builds with CodeBuild and buildspec.yml

1. Automating builds with CodeBuild and buildspec.yml

Welcome back. Last video we orchestrated stages with CodePipeline. Now we'll zoom into the Build stage and master CodeBuild and the buildspec.yml file that drives it. Let's get started.

2. What CodeBuild does

CodeBuild is a fully managed build service. You do not provision servers. When a build starts, CodeBuild spins up a temporary container, runs your commands, produces an artifact, and shuts down. You pay only for build minutes used. It scales automatically for parallel builds. In CodePipeline, CodeBuild serves as the Build stage, receiving the source artifact and producing the build artifact. Because each build runs in a fresh container, your builds are reproducible: the same source always builds the same way, with no leftover state from a previous run.

3. The buildspec.yml file

The buildspec.yml is a YAML file at the root of your repository that tells CodeBuild what to do. It runs four phases in order. Install sets up your dependencies and tools, then pre_build handles setup tasks like validating environment variables. Build compiles your code and runs tests, and finally post_build packages the artifact and cleans up. Without a buildspec.yml, CodeBuild has no commands to run, and the build fails.

4. A real buildspec.yml example

Here is a buildspec.yml for a Python Lambda function. Install runs pip install for dependencies. Pre_build validates that required environment variables exist, exiting if they are missing. Build runs pytest for our unit tests. Once tests pass, post_build packages everything into app.zip and logs a completion message. Separately from the phases, the artifacts section tells CodeBuild to output app.zip, which CodePipeline passes to the Deploy stage.

5. Build environment configuration

You can configure the build environment. Compute types range from small to 2xlarge; larger types build faster but cost more. Environment variables pass configuration without hardcoding values. For secrets like API keys, reference Parameter Store or Secrets Manager instead of plain text. Dependency caching stores downloaded packages between builds, so you skip re-downloading every time. This can cut build times dramatically. For a project with hundreds of dependencies, caching can turn a five-minute build into a one-minute build, which adds up fast across dozens of builds a day.

6. Artifact outputs and pipeline integration

The artifacts section controls what CodeBuild outputs. The files field lists which files to include, and base-directory sets the root path. CodeBuild uploads the artifact to S3 automatically, and CodePipeline passes it to the next stage. Getting this right is critical; wrong artifact paths cause deploy failures even when the build succeeds. This is one of the most common mistakes new users make with CodeBuild. If the build log shows success but the deploy reports a missing file, the artifacts section is almost always the first place to look.

7. The full build-test-deploy chain

Let's put it all together. A developer pushes code to CodeCommit. CodePipeline triggers and sends the source to CodeBuild, which executes the four phases: install, pre_build, build, post_build. If all succeed, the artifact flows to CodeDeploy for deployment. If any phase fails, the pipeline stops and your team gets notified through EventBridge. This is the complete CI/CD chain, automated on every push. From a single git push to a running deployment, no one has to copy a file or click through a console by hand.

8. Let's practice!

Time to practice, let's jump into some exercises!

Create Your Free Account

or

By continuing, you accept our Terms of Use, our Privacy Policy and that your data is stored in the USA.