AWS使用Terraform中名称空间的AWS CodePipeline
有没有人使用Codepipeline中的名称空间?我有来自AWS的参考链接Terraform没有实际的例子。我想做的是在一个阶段中从一个构建者中获取输出变量,然后在我部署阶段后期访问这些变量。我觉得我正在使用下面使用的语法沿着正确的道路走去,但是我一直在使用命名空间的使用错误。
阶段构建:代码的摘要
action {
run_order = 1
name = "Terraform-Plan"
category = "Build"
owner = "AWS"
provider = "CodeBuild"
version = "1"
input_artifacts = ["CodeWorkspace"]
output_artifacts = ["CodeSource","TerraformPlanFile"]
namespace = "buildvariables"
configuration = {
ProjectName = var.codebuild_project_name
EnvironmentVariables = jsonencode([
{
name = "CONFIG"
value = "#{buildvariables.CONFIG}"
type = "PLAINTEXT"
}
])
}
}
这是我尝试在buildSpec_plan文件中引用名称空间的阶段。不确定我是否正确调用它:
version: 0.2
env:
variables:
...some variables here
parameter-store:
...some variables here
secrets-manager:
...some variables here
git-credential-helper: yes
exported-variables:
- CONFIG
phases:
install:
commands:
- ...some commands here
pre_build:
- ...some commands here
build:
on-failure: ABORT
commands:
# Import S3 Folder Location Variable
- ...some commands here
- CONFIG=newvariable
我已删除了与此无关的buildSpec的一部分,但我的第一个问题是,我是否正确使用它,因为它似乎错误地出现了以下错误:
错误创建CodePipeline:InvalidActionDeclarationException: 变量只能参考早期阶段产生的名称空间 或在同一阶段进行订单。参考 以下变量无效。 stagename = [plan], ActionName = [Terraform-plan], ActionConfigurationKey = [Environment Variables], variablereferenceText = [buildvariables.config]
我相信我朝着正确的方向前进,但找不到有关Terraform用法的工作示例。
我问题的最后一部分与我的当前问题无关,而与在另一个阶段使用变量的更多相关,一旦我最终越过了名称空间声明。我计划通过执行以下操作来调用称为buildspec_apply的不同构建规范中的此变量:
build:
commands:
- cd ${CODEBUILD_SRC_DIR}
- ls
- echo ${buildvariables.CONFIG}
我显然正在使用Echo作为示例来验证变量的作品,但我不确定这是正确的。
欢迎链接和提示谢谢
Has anyone out there worked with namespaces in was Codepipeline? I have the reference link from AWS but as always Terraform does not have actual examples. What I want to do is take the output variable from one buildspec in one phase and access those later in my deploy stage. I feel like I am headed down the right path with the syntax I am using below but I keep getting an error regarding the usage of the namespace.
Stage Build: Snippet from the code
action {
run_order = 1
name = "Terraform-Plan"
category = "Build"
owner = "AWS"
provider = "CodeBuild"
version = "1"
input_artifacts = ["CodeWorkspace"]
output_artifacts = ["CodeSource","TerraformPlanFile"]
namespace = "buildvariables"
configuration = {
ProjectName = var.codebuild_project_name
EnvironmentVariables = jsonencode([
{
name = "CONFIG"
value = "#{buildvariables.CONFIG}"
type = "PLAINTEXT"
}
])
}
}
This is the stage where I tried to reference the namespace inside my buildspec_plan file. Not sure i am invoking it correctly:
version: 0.2
env:
variables:
...some variables here
parameter-store:
...some variables here
secrets-manager:
...some variables here
git-credential-helper: yes
exported-variables:
- CONFIG
phases:
install:
commands:
- ...some commands here
pre_build:
- ...some commands here
build:
on-failure: ABORT
commands:
# Import S3 Folder Location Variable
- ...some commands here
- CONFIG=newvariable
I have removed parts of the buildspec which are not relevant to this but my first question is, am I using it correctly because it seems to error out with the following error:
Error creating CodePipeline: InvalidActionDeclarationException:
Variables can only reference namespaces produced by an earlier stage
or earlier run order in the same stage. The references for the
following variables are not valid. StageName=[Plan],
ActionName=[Terraform-Plan],
ActionConfigurationKey=[EnvironmentVariables],
VariableReferenceText=[buildvariables.CONFIG]
I believe i am headed in the right direction but can not find working examples on the terraform usage.
The last part of my question does not relate to my current issue but more with using the variable in another stage once I finally get past the namespace declaration. I plan on invoking this variable in a different build spec known as buildspec_apply by doing the following:
build:
commands:
- cd ${CODEBUILD_SRC_DIR}
- ls
- echo ${buildvariables.CONFIG}
I am obviously using an echo as a sample to verify the variable works but i am not sure this is correct.
Links and tips are welcomed thank you
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
大家好,经过几天的研究,我终于让它开始工作并理解它。对于任何寻求类似答案的人来说,这里是我对自己问题的最佳指导。
首先,请记住此部分的命名空间必须在使用之前在上一个阶段声明。您无法在声明的同一阶段使用名称空间。同样重要的是,环境变量直接与名称空间绑定,并且您在名称空间阶段声明的变量直接绑定到命名空间。您无法在不同阶段添加其他变量。必须在声明名称空间的阶段定义它们。
声明名称空间:
注意名称空间声明,正在寻找字符串变量。对于此示例,我使用了“ your_name_space_name”,请用您喜欢的名称替换它。我会尽可能建议大写。
名称空间的关键是环境变量声明。这发生在您阶段的配置部分内。请注意,必须在JSON中设置环境变量。任何想知道的人,我都会使用PL进行管道,只是为了避免与任何可能的本地变量发生碰撞,可以随意以任何方式命名它们,但了解有本地环境变量可以编码。这里最大的收获是,您在此阶段声明的任何变量现在都是名称空间的一部分。
buildspec
在当前阶段的BuildSpec中,您可以利用名称空间变量传递值。请注意,在当前阶段,您可以通过向变量声明一个值来通过buildSpec更改命名空间的值。
请注意,您可以在安装,预构建或构建阶段期间声明变量。
请注意,在示例中,我们在导出阶段和构建阶段定义了变量。这是为了确保我们在构建阶段结束时输出新值。
下一个代码序列阶段:
在下一个Codepipeline阶段,您要引用名称空间。为此,您需要像上一个阶段一样声明环境部分中的变量并声明相同的变量。请记住,每个阶段都将变量视为不会从其他阶段延续的新变量。为了解决这个问题,我们将利用名称空间。
请注意,我们再次声明了pl_testvariable,但请查看我们对变量的值所做的。请记住,这是JSON,而不是实际的Terraform,因此变量被视为JSON输入。要从上一个阶段引用名称空间值,请遵循此语法,命名空间。注意PL_TestVariable值遵循我们的语法,将其从上一个阶段的导出分配值。
当前阶段构建标志:
要在您的buildspec中的此阶段调用此变量,您只需称呼环境变量pl_testvariable,就像buildSpec的任何部分一样。
在此BuildSpec参考中,我演示了使用该变量的各种方法。这说明了如何利用命名空间。您不必以顺序引用它,只要定义名称空间,您就可以在任何阶段都利用该变量。
希望这有助于任何试图在Terraform中利用它的人。
干杯
Hello everyone after several days of research I finally got this to work and understand it. For anyone looking for a similar answer here is my best guidance to my own question.
First, remember this part the namespace has to be declared in a previous phase before its use. You can not use the namespace in the same phase you declared it. Equally important is the fact that environment variables are tied directly to the Namespace, and the variables you declare in the namespace phase are tied directly to the namespace. You can not add additional variables in different phases. They must be defined in the phase where the namespace is declared.
Declaring Namespace:
Notice the Namespace declaration, it's looking for a string variable. For this example, I used "YOUR_NAME_SPACE_NAME", please replace it with the name you prefer. I would recommend uppercase as much as possible.
The key to the Namespace is the environment variable declaration. This happens inside the configuration portion of your phase. Notice that the environment variables have to be set up in JSON. Anyone wondering, I use PL for Pipeline just to avoid a collision with any would-be native variables, feel free to name them any way you want but understand there are native environment variables to Codepipeline. The big takeaway here is that any variable you declare in this phase is now part of the Namespace.
THE BUILDSPEC
In the Buildspec of the current phase, you can leverage the Namespace variable to pass values. Please note that in the current stage you can change the value of the Namespace through the Buildspec by declaring a value to the variable.
Note you can declare the variable during the Install, pre-build, or build stage.
Notice that in the example we defined the variable in the Export phase and in the Build phase. This is to ensure we output the new value at the end of the build phase.
THE NEXT CODEPIPELINE PHASE:
In the next Codepipeline phase, you want to reference the Namespace. To do this you need to declare the variable within the environment section just like in the previous phase and declare the same variable. Keep in mind each phase treats variables as new variables that don't carry over from other phases. To remedy this we will leverage the Namespace.
Notice that we declared PL_TESTVARIABLE again but see what we did with the value of the variable. Remember this is json, not actual terraform so variables are treated as json inputs. To reference the namespace value from the previous phase follow this syntax, Namespace.YourVariableName. Notice PL_TESTVARIABLE value follows our syntax to assign it the value from the export from the previous phase.
CURRENT PHASE BUILDSPEC:
To call this variable in this stage inside your Buildspec you would just call the environment variable PL_TESTVARIABLE as you would any part of the Buildspec.
In this Buildspec reference, I demonstrate various ways to use the variable. This explains how to leverage the Namespace. You don't have to reference it in a sequential manner you could leverage the variable at any stage at any point as long as the Namespace is defined.
Hopefully, this helps anyone trying to leverage this in Terraform.
Cheers