Installing Linux Homebrew in AWS CodeBuild container

3
votes

I have an AWS CodeBuild project, and I need to call the SAM CLI inside my CodeBuild container. In the build phase, I added a command to install Linux Homebrew, so that I can install the SAM CLI from the AWS Homebrew tap, per the documentation.

However, upon running this command, I am receiving the error below.

[Container] 2020/01/20 05:29:26 Running command bash -c "$(curl -fsSL https://raw.githubusercontent.com/Linuxbrew/install/master/install.sh)"
-e:196: warning: Insecure world writable dir /go/bin in PATH, mode 040777
Don't run this as root!

[Container] 2020/01/20 05:29:28 Command did not exit successfully bash -c "$(curl -fsSL https://raw.githubusercontent.com/Linuxbrew/install/master/install.sh)" exit status 1
[Container] 2020/01/20 05:29:28 Phase complete: BUILD State: FAILED
[Container] 2020/01/20 05:29:28 Phase context status code: COMMAND_EXECUTION_ERROR Message: Error while executing command: bash -c "$(curl -fsSL https://raw.githubusercontent.com/Linuxbrew/install/master/install.sh)". Reason: exit status 1

I'm using the Ubuntu Standard "3.0" build environment, that AWS provides.

buildspec.yml

version: 0.2
phases:
  install:
    runtime-versions:
      docker: 18
      nodejs: 10
      python: 3.8
  build:
    commands:
      - echo Installing SAM CLI
      - sh -c "$(curl -fsSL https://raw.githubusercontent.com/Linuxbrew/install/master/install.sh)"
      - brew tap aws/tap
      - brew install aws-sam-cli
      - sam version

Question: How can I successfully install Linux Homebrew inside an AWS CodeBuild project?

2
amazon-web-servicesaws-codebuildaws-serverless
I think sam has been already in Codebuild containers (sure with python: 3.8 image), you can skip install aws-sam-cli via brew, just check sam version with sam --version commandhoangdv

2 Answers

1
votes

First and recommended option is to bring your own build image with CodeBuild, e.g. use [1] which is an image that includes aws sam cli.

Second and more difficult option is to install the SAM CLI yourself. Since brew cannot be used as root in any way and the CodeBuild build container is running as root, this gets tricky. Following is a buildspec I have tested and can confirm will install the aws sam cli:

Buildspec:

version: 0.2

phases:
    install:
        commands:
            - curl -fsSL https://raw.githubusercontent.com/Linuxbrew/install/master/install.sh > /tmp/install.sh
            - cat /tmp/install.sh
            - chmod +x /tmp/install.sh
            - useradd -m brewuser
            - echo "brewuser:brewuser" | chpasswd 
            - adduser brewuser sudo
            - /bin/su -c /tmp/install.sh - brewuser
            - /bin/su -c '/home/brewuser/.linuxbrew/bin/brew tap aws/tap' - brewuser
            - /bin/su -c '/home/brewuser/.linuxbrew/bin/brew install aws-sam-cli' - brewuser

build:
    commands:
        - PATH=/home/brewuser/.linuxbrew/bin:$PATH
        - sam --version

Note: As per my tests, Python 3.8 does not include sam cli.

0
votes

Building on @shariqmaws answer, I used a public ECR image that includes AWS SAM and Node.js 10: public.ecr.aws/sam/build-nodejs10.x:latest. You can find out more here: https://gallery.ecr.aws/sam/build-nodejs10.x

CloudFormation template:

  CodeBuildIntegrationProject:
    Type: AWS::CodeBuild::Project
    Properties:
      Artifacts:
        Type: CODEPIPELINE
      Environment:
        Type: LINUX_CONTAINER
        Image: public.ecr.aws/sam/build-nodejs10.x:latest
        ImagePullCredentialsType: CODEBUILD
        ComputeType: BUILD_GENERAL1_SMALL
      LogsConfig:
        CloudWatchLogs:
          Status: ENABLED
      Name: !Sub ${GitHubRepositoryName}-integration
      ServiceRole: !Sub ${CodeBuildRole.Arn}
      Source:
        Type: CODEPIPELINE