LoginSignup
gabakugik
@gabakugik (GABAKU GIK)

Are you sure you want to delete the question?

Leaving a resolved question undeleted may help others!

codepipelineを使ってcodebuildを使ってみたい

Q&A

Closed

GitAWSCodePipelineCodeBuild

解決したいこと

gitにpushしてcodebuildを動かしたい。
参考資料
https://zoo200.net/deploy-ecs-with-cicd-codepipeline-codebuild/
参考資料の通りにやっているんですができません。

発生している問題・エラー

[Container] 2025/02/20 08:37:50.223536 Running on CodeBuild On-demand
[Container] 2025/02/20 08:37:50.223554 Waiting for agent ping
[Container] 2025/02/20 08:37:50.425826 Waiting for DOWNLOAD_SOURCE
[Container] 2025/02/20 08:37:52.016935 Phase is DOWNLOAD_SOURCE
[Container] 2025/02/20 08:37:52.056544 CODEBUILD_SRC_DIR=/codebuild/output/src4124269803/src
[Container] 2025/02/20 08:37:52.057387 YAML location is /codebuild/readonly/buildspec.yml
[Container] 2025/02/20 08:37:52.060785 Setting HTTP client timeout to higher timeout for S3 source
[Container] 2025/02/20 08:37:52.060923 Processing environment variables
[Container] 2025/02/20 08:37:52.247625 No runtime version selected in buildspec.
[Container] 2025/02/20 08:37:52.278039 Moving to directory /codebuild/output/src4124269803/src
[Container] 2025/02/20 08:37:52.278168 Cache is not defined in the buildspec
[Container] 2025/02/20 08:37:52.278179 Cache is not defined in the buildspec
[Container] 2025/02/20 08:37:52.320969 Unable to initialize cache download: no paths specified to be cached
[Container] 2025/02/20 08:37:52.404475 Configuring ssm agent with target id: codebuild:1f405fd4-49f4-44ee-a1de-101997d08be6
[Container] 2025/02/20 08:37:52.458763 Successfully updated ssm agent configuration
[Container] 2025/02/20 08:37:52.459147 Registering with agent
[Container] 2025/02/20 08:37:52.498976 Phases found in YAML: 3
[Container] 2025/02/20 08:37:52.498998  PRE_BUILD: 1 commands
[Container] 2025/02/20 08:37:52.499004  BUILD: 2 commands
[Container] 2025/02/20 08:37:52.499007  POST_BUILD: 2 commands
[Container] 2025/02/20 08:37:52.499285 Phase complete: DOWNLOAD_SOURCE State: SUCCEEDED
[Container] 2025/02/20 08:37:52.499299 Phase context status code:  Message: 
[Container] 2025/02/20 08:37:52.569212 Entering phase INSTALL
[Container] 2025/02/20 08:37:52.608281 Phase complete: INSTALL State: SUCCEEDED
[Container] 2025/02/20 08:37:52.608299 Phase context status code:  Message: 
[Container] 2025/02/20 08:37:52.643097 Entering phase PRE_BUILD
[Container] 2025/02/20 08:37:52.680103 Running command aws ecr get-login-password --region ap-northeast-1 | docker login --username AWS --password-stdin アカウント名.dkr.ecr.ap-northeast-1.amazonaws.com
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credential-stores

Login Succeeded

[Container] 2025/02/20 08:38:04.024246 Phase complete: PRE_BUILD State: SUCCEEDED
[Container] 2025/02/20 08:38:04.024263 Phase context status code:  Message: 
[Container] 2025/02/20 08:38:04.060281 Entering phase BUILD
[Container] 2025/02/20 08:38:04.061709 Running command docker build -t $ImageName -f ./Dockerfile .
#0 building with "default" instance using docker driver

#1 [internal] load build definition from Dockerfile
#1 transferring dockerfile: 2B done
#1 DONE 0.0s
ERROR: failed to solve: failed to read dockerfile: open Dockerfile: no such file or directory

[Container] 2025/02/20 08:38:04.375154 Command did not exit successfully docker build -t $ImageName -f ./Dockerfile . exit status 1
[Container] 2025/02/20 08:38:04.380714 Phase complete: BUILD State: FAILED
[Container] 2025/02/20 08:38:04.380734 Phase context status code: COMMAND_EXECUTION_ERROR Message: Error while executing command: docker build -t $ImageName -f ./Dockerfile .. Reason: exit status 1
[Container] 2025/02/20 08:38:04.420422 Entering phase POST_BUILD
[Container] 2025/02/20 08:38:04.421670 Running command docker tag $ImageName:latest アカウント名.dkr.ecr.ap-northeast-1.amazonaws.com/$ImageName:latest
Error response from daemon: No such image: simple-docker-service-0a2fef3e6675:latest

[Container] 2025/02/20 08:38:04.438880 Command did not exit successfully docker tag $ImageName:latest 684591648795.dkr.ecr.ap-northeast-1.amazonaws.com/$ImageName:latest exit status 1
[Container] 2025/02/20 08:38:04.443905 Phase complete: POST_BUILD State: FAILED
[Container] 2025/02/20 08:38:04.443922 Phase context status code: COMMAND_EXECUTION_ERROR Message: Error while executing command: docker tag $ImageName:latest アカウント名.dkr.ecr.ap-northeast-1.amazonaws.com/$ImageName:latest. Reason: exit status 1
[Container] 2025/02/20 08:38:04.498945 Set report auto-discover timeout to 5 seconds
[Container] 2025/02/20 08:38:04.498993 Expanding base directory path:  .
[Container] 2025/02/20 08:38:04.502334 Assembling file list
[Container] 2025/02/20 08:38:04.502350 Expanding .
[Container] 2025/02/20 08:38:04.505651 Expanding file paths for base directory .
[Container] 2025/02/20 08:38:04.505667 Assembling file list
[Container] 2025/02/20 08:38:04.505671 Expanding **/*
[Container] 2025/02/20 08:38:04.510085 No matching auto-discover report paths found
[Container] 2025/02/20 08:38:04.510138 Report auto-discover file discovery took 0.011192 seconds
[Container] 2025/02/20 08:38:04.510161 Phase complete: UPLOAD_ARTIFACTS State: SUCCEEDED
[Container] 2025/02/20 08:38:04.510168 Phase context status code:  Message:

codepiplineを作成すると
スクリーンショット 2025-02-20 175706.png

になり
codebuild画面で
スクリーンショット 2025-02-20 174652.png

フォルダの中身

buildspec.yml
version: 0.2
phases:
  pre_build:
    commands:
      - aws --version
      - AWS_ACCOUNT_ID=xxxxxxx
      - ECR_URI=${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_DEFAULT_REGION}.amazonaws.com
      - REPOSITORY_URI=${ECR_URI}/demo-repo:latest
      - CONTAINER_NAME=demo-repo
      - COMMIT_HASH=$(echo $CODEBUILD_RESOLVED_SOURCE_VERSION | cut -c 1-7)
      - IMAGE_TAG=${COMMIT_HASH:=latest}
      - echo Logging in to Amazon ECR...
      - aws ecr get-login-password --region $AWS_DEFAULT_REGION | docker login --username AWS --password-stdin $ECR_URI
  build:
    commands:
      - echo Build started on `date`
      - echo Building the Docker image...
      - docker build -t $REPOSITORY_URI:latest .
      - docker tag $REPOSITORY_URI:latest $REPOSITORY_URI:$IMAGE_TAG
  post_build:
    commands:
      - echo Build completed on `date`
      - echo Pushing the Docker images...
      - docker push $REPOSITORY_URI:latest
      - docker push $REPOSITORY_URI:$IMAGE_TAG
      - echo Writing image definitions file...
      - printf '[{"name":"%s","imageUri":"%s"}]' $CONTAINER_NAME $REPOSITORY_URI:$IMAGE_TAG > imagedefinitions.json
artifacts:
    files: imagedefinitions.json

Dockerfile

FROM nginx
COPY index.html /usr/share/nginx/html
index.html
Hello CI/CD!

自分で試したこと

codepipelineを作成してみました。

0

3Answer

Yu_yukk_Y
@Yu_yukk_Y

Github Appsを使用した連携をしているとお見受けられますが、codebuildのIAMロールにに下記のようなIAMポリシーは追加されておりますでしょうか?

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "codeconnections:GetConnectionToken",
        "codeconnections:GetConnection"
      ],
      "Resource": [
        <あなたのcodeconnection(旧CodeStar Connections)のARN>
      ]
    }
  ]
}

codebuildが連携先のGithubトークンを使用するためには上記2つのIAMアクセス許可が必要です。
参考: https://docs.aws.amazon.com/ja_jp/codebuild/latest/userguide/connections-github-app.html#connections-github-role-access

1Like

Comments

  1. @gabakugik

    Questioner

    "codeconnections:GetConnectionToken",
    "codeconnections:GetConnection"
    をjsonに追加すればいいということでしょうか?

  2. @Yu_yukk_Y

    はい。添付されているIAM Policyのjsonのstatementに下記を追加してください。「<あなたのcodeconnection(旧CodeStar Connections)のARN>」はgabakugikさんの環境に合わせて書き換えてください。

    {
  "Effect": "Allow",
  "Action": [
    "codeconnections:GetConnectionToken",
    "codeconnections:GetConnection"
  ],
  "Resource": [
    <あなたのcodeconnection(旧CodeStar Connections)のARN>
  ]
}

  3. @gabakugik

    Questioner

    追記して昨日試したんですが
    まだ
    [Container] 2025/02/17 14:08:39.347724 Running on CodeBuild On-demand
    [Container] 2025/02/17 14:08:39.347735 Waiting for agent ping
    [Container] 2025/02/17 14:08:39.448632 Waiting for DOWNLOAD_SOURCE
    repository not found for primary source
    が出ます。

  4. @Yu_yukk_Y

    コードビルドがソースリポジトリにアクセスできてなさそうですね。。
    3つ確認させてください。

    1. Code Connections(旧Codestar Connections)を用いたGithub Apps経由での接続は作成済みですか?また、Github側に接続用のGithub Appsは特録できていますか?
      Codebuildがソースリポジトリからソースコードを取得するにはCode Connections(旧Codestar Connections)による接続設定が必須です。
      参照されている記事だと下記の部分です。
      https://zoo200.net/deploy-ecs-with-cicd-codepipeline-codebuild/#toc17

    2. codepipelineで設定しているリポジトリ名・ブランチ名は合っていますか?

    3. CodebuildはVPCの外で作成していますか?もしVPCの中で作成している場合はインターネット接続用にNat Gatewayを設置する必要があります。
      VPCの外で作成しているのであればご放念ください。(何も設定しなければVPCの外で作成されるはずです)

  5. @gabakugik

    Questioner

    githubとの連携
    CodePipelineは作ることは成功したのですが
    途中でエラーがでてしまいました。

    InternalError: failed to create container model: failed to normalize image reference "アカウント名.dkr.ecr.ap-northeast-1.amazonaws.com/demo-repo:アカウント名.dkr.ecr.ap-northeast-1.amazonaws.com/demo-repo". Launch a new task to retry.

    [Container] 2025/02/19 16:13:09.689678 Phase context status code: COMMAND_EXECUTION_ERROR Message: Error while executing command: docker build -t $ImageName -f ./Dockerfile .. Reason: exit status 1
    [Container] 2025/02/19 16:13:09.728251 Entering phase POST_BUILD
    [Container] 2025/02/19 16:13:09.729699 Running command docker tag $ImageName:latest アカウント名.dkr.ecr.ap-northeast-1.amazonaws.com/$ImageName:latest
    Error response from daemon: No such image: simple-docker-service-0a73a9754cb5:latest

    [Container] 2025/02/19 16:13:09.745340 Command did not exit successfully docker tag $ImageName:latest アカウント名.dkr.ecr.ap-northeast-1.amazonaws.com/$ImageName:latest exit status 1
    [Container] 2025/02/19 16:13:09.750253 Phase complete: POST_BUILD State: FAILED
    [Container] 2025/02/19 16:13:09.750268 Phase context status code: COMMAND_EXECUTION_ERROR Message: Error while executing command: docker tag $ImageName:latest アカウント名.dkr.ecr.ap-northeast-1.amazonaws.com/$ImageName:latest. Reason: exit status 1

  6. @gabakugik

    Questioner

    後codepipelineのスクリーンショット 2025-02-20 013242.png
    これであっていますか?

  8. @gabakugik

    Questioner

    これであっていますでしょうか?
    すいません。よろしくお願いします。

  9. @Yu_yukk_Y

    CodePipeline作成時のエラーは「ECRにlatestタグのついたコンテナイメージがないよ」というものです。まだECRに何もpushしていないため発生しているのではないでしょうか?(あるいはlatestタグがついていない or pushが失敗している)

    Code Connectionsが作成できて紐付けまで完了したのであればCodebuildが動かせるはずです。動かしてみてログを確認してみてください。

  10. @gabakugik

    Questioner

    CodePipeline作成すると勝手に
    スクリーンショット 2025-02-20 174324.png
    作成され失敗になります。
    スクリーンショット 2025-02-20 174652.png

  11. @Yu_yukk_Y

    ログに下記のような表示があります

    ERROR: failed to solve: failed to read dockerfile: open Dockerfile: no such file or directory

    Dockerfile.ymlのファイル名をDockerfileに修正してみてください。

Comments

  1. @gabakugik

    Questioner

    git push
    Username for 'https://github.com':
    Password for 'https://gichioka@github.com':
    Enumerating objects: 305, done.
    Counting objects: 100% (305/305), done.
    Delta compression using up to 20 threads
    Compressing objects: 100% (185/185), done.
    Writing objects: 100% (305/305), 45.07 KiB | 45.07 MiB/s, done.
    Total 305 (delta 78), reused 299 (delta 76), pack-reused 0
    remote: Resolving deltas: 100% (78/78), done.
    To https://github.com/gichioka/deploy-ecs-with-cicd-codepipeline-codebuild

    • [new branch] main -> main
      でできました
gabakugik
@gabakugik

すいません。できないみたいなので勉強して再度できるようになったらやります。

0Like

Your answer might help someone💌

LoginSign Up