buildspec.yml

version: 0.2

env:
  shell: bash
  
phases:
  pre_build:
    commands:
      - echo Logging in to Amazon ECR...
      - docker login -u $DOCKER_USER -p $DOCKER_ACCESS_TOKEN
      - aws --version
      - ACCOUNT_ID=${CODEBUILD_BUILD_ARN} && IFS=':' && set -- $ACCOUNT_ID && ACCOUNT_ID=$5
      - aws ecr get-login-password --region $AWS_REGION | docker login --username AWS --password-stdin $ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com
      - REPOSITORY_URI=$ACCOUNT_ID.dkr.ecr.$AWS_REGION.amazonaws.com/privado-core
      - CODE_ARTIFACT_URL=privado-$ACCOUNT_ID.d.codeartifact.$AWS_REGION.amazonaws.com
      - CODEARTIFACT_AUTH_TOKEN=$(aws codeartifact get-authorization-token --domain privado --domain-owner $ACCOUNT_ID --query authorizationToken --output text)
      - |
        if [[ $AWS_REGION = "eu-west-1" ]]
        then
            LATEST_TAG="$(git describe --tags --abbrev=0)"
            VERSION=${LATEST_TAG:1}
        else
            LATEST_TAG=$(curl -i https://api.github.com/repos/Privado-Inc/privado-core/releases/latest | grep '"tag_name":' | sed -E 's/.*"([^"]+)".*/\1/')
            VERSION_INITIAL=${LATEST_TAG:1}
            VERSION=$VERSION_INITIAL-$CODEBUILD_BUILD_NUMBER
        fi
      - echo $VERSION
      - echo $BRANCH_NAME
      - |
        if [[ $AWS_REGION = "eu-west-1" ]]
        then
            TAG_1=latest
        else
            TAG_1=${CODEBUILD_WEBHOOK_TRIGGER:7}
        fi
      - TAG_2=$VERSION
      - TAG_3=${CODEBUILD_WEBHOOK_HEAD_REF##*/}

  build:
    commands:
      - echo Build started on `date`
      - echo Building the Docker image...
      - |
        if [[ $AWS_REGION = "eu-west-1" ]]
        then
            docker build -t $REPOSITORY_URI:latest --build-arg JAR_VERSION=$VERSION --build-arg VERSION=$VERSION --build-arg CODE_ARTIFACT_URL=$CODE_ARTIFACT_URL --build-arg CODEARTIFACT_AUTH_TOKEN=$CODEARTIFACT_AUTH_TOKEN --build-arg GITHUB_TOKEN=$GITHUB_TOKEN .
        else
            docker build -t $REPOSITORY_URI:latest --build-arg JAR_VERSION="dev-SNAPSHOT" --build-arg VERSION=$VERSION --build-arg CODE_ARTIFACT_URL=$CODE_ARTIFACT_URL --build-arg CODEARTIFACT_AUTH_TOKEN=$CODEARTIFACT_AUTH_TOKEN --build-arg GITHUB_TOKEN=$GITHUB_TOKEN .
        fi
      - docker tag $REPOSITORY_URI:latest $REPOSITORY_URI:$TAG_1
      - docker tag $REPOSITORY_URI:latest $REPOSITORY_URI:$TAG_2
  post_build:
    commands:
      - echo Build completed on `date`
      - echo "Removing older <untagged> images"
      - IMAGES_TO_DELETE=$(aws ecr list-images --region $AWS_REGION --repository-name privado-core --filter "tagStatus=UNTAGGED" --query 'imageIds[*]' --max-items 100 --output json)
      - echo "$IMAGES_TO_DELETE"
      - aws ecr batch-delete-image --region $AWS_REGION --repository-name privado-core --image-ids "$IMAGES_TO_DELETE" || true
      - echo Pushing the Docker images...
      - docker push $REPOSITORY_URI:$TAG_1
      - docker push $REPOSITORY_URI:$TAG_2
      - |
        if [[ -z "$TAG_3" ]]
        then
              echo "\$TAG_3 is empty"
        else
              docker tag $REPOSITORY_URI:latest $REPOSITORY_URI:$TAG_3
              docker push $REPOSITORY_URI:$TAG_3
        fi
      - echo completed pushing image to ecr