Updating My AWS CodeBuild Project from Ubuntu 14.04 to 18.04

2019-05-08 Builder's Forge Hammer

I received a cheery notification email (twice) from AWS that they’re deprecating Ubuntu 14.04 on CodeBuild:

Ubuntu 14.04 EOL Notification for AWS CodeBuild
Hello,
As of April 2019, Ubuntu 14.04 has reached end of life (EOL). We will be removing it as an option in the CodeBuild console on May 15, 2019. Existing CodeBuild projects configured to use Ubuntu 14.04 will continue to work after this date but we highly recommend that customers update their projects to use “aws/codebuild/standard” build images, which are based on Ubuntu 18.04.
Note that all offered programming language runtimes are already included in the Ubuntu 18.04 image, as described in Docker Images Provided by CodeBuild. Therefore, it is no longer necessary to select runtimes separately.
Sincerely, Amazon Web Services

It’s nice the old ones will continue to work, however they gave 9 days notice that it won’t be available on the console any more. This will certainly break some workflows where projects are build and destroyed regularly. They don’t say if it creation will be removed from the API too, but if it will then some workflows with automated creation through e.g. CloudFormation will also break.

Anyway, on with the story. Checking the Personal Health Dashboard (PHD) link at the bottom, I saw the notification there too:

Personal Health Dashboard doesn’t email you automatically for every event. Thankfully, someone at AWS checked the box for “this notification is actually important so email the suckers.”

(If you want email notifications for everything on PHD, it’s not so easy as ticking a box. You have to roll up your sleeves and set it up via CloudWatch Events!)

I have just one CodeBuild project on my AWS account, and it’s running a script checking for Python package updates on my open source repositories. It’s a hack that it’s on CodeBuild in the first place, it’s just because it takes too long to fit within AWS Lambda’s limits.

After reading the linked guide “Docker Images Provided by CodeBuild”, I discovered all I needed to do was change to aws/codebuild/standard:2.0:

My first fix didn’t work when I ran it. I saw this error in the logs:

[Container] 2019/05/08 10:56:08 Waiting for agent ping
[Container] 2019/05/08 10:56:10 Waiting for DOWNLOAD_SOURCE
[Container] 2019/05/08 10:56:11 Phase is DOWNLOAD_SOURCE
[Container] 2019/05/08 10:56:11 CODEBUILD_SRC_DIR=/codebuild/output/src870287925/src
[Container] 2019/05/08 10:56:11 YAML location is /codebuild/readonly/buildspec.yml
[Container] 2019/05/08 10:56:11 Processing environment variables
[Container] 2019/05/08 10:56:11 Moving to directory /codebuild/output/src870287925/src
[Container] 2019/05/08 10:56:11 Phase complete: DOWNLOAD_SOURCE State: FAILED
[Container] 2019/05/08 10:56:11 Phase context status code: YAML_FILE_ERROR Message: This build image requires selecting at least one runtime version.

Sad face!

The new image works differently, and AWS didn’t describe this in the announcement. The runtimes are “already included” but you still need to “install” them. You do this with the runtime-versions key in the install phase of the buildspec - I needed to install Python 3.7 to run my script.

I changed my AWS::CodeBuild::Project CloudFormation resource in the Environment.Image and Source.BuildSpec properties:

PipCheckerBuildProject:
    Type: AWS::CodeBuild::Project
    Properties:
      Name: pip-checker
      Description: Checks pip
      Artifacts:
        Type: NO_ARTIFACTS
      ServiceRole: !ImportValue LambdaLogAndEmailIAMRoleArn
      Environment:
        Type: LINUX_CONTAINER
        ComputeType: BUILD_GENERAL1_SMALL
        Image: aws/codebuild/standard:2.0
      Source:
        Type: S3
        Location: !Sub ${S3Bucket}/${S3Key}
        BuildSpec: !Sub |
          version: 0.2
          phases:
            install:
              runtime-versions:
                python: 3.7
              commands:
              - pip3 install -r requirements.txt
              - apt-get update
              - apt-get install -y mysql-client
            build:
              commands:
              - python pip_checker.py
      TimeoutInMinutes: 60

That is, I applied this diff:

@@ -80,7 +80,7 @@ Resources:
       Environment:
         Type: LINUX_CONTAINER
         ComputeType: BUILD_GENERAL1_SMALL
-        Image: aws/codebuild/python:3.7.1
+        Image: aws/codebuild/standard:2.0
       Source:
         Type: S3
         Location: !Sub ${S3Bucket}/${S3Key}
@@ -88,6 +88,8 @@ Resources:
           version: 0.2
           phases:
             install:
+              runtime-versions:
+                python: 3.7
               commands:
               - pip3 install -r requirements.txt
               - apt-get update

I deployed this and tested the script, it worked the second time.

Phew.

Fin

Hope this helps you with this or similar CodeBuild upgrades,

—Adam

Newly updated: my book Boost Your Django DX now covers Django 5.0 and Python 3.12.

One summary email a week, no spam, I pinky promise.

Related posts:

Running CloudFormation Drift Detection on All Your Stacks

Tags: aws, cloudformation