DEV Community

Harish Aravindan
Harish Aravindan

Posted on

Pull Request Validation for AWS CodeCommit using Lambda and CodeBuild

what is it about

Need to lint Dockerfile or perform a CI test/check when a Pull Request is raised. Lets see how to build a solution for this on AWS Codecommit using Codebuild and Lambda to perform the check when a PR is raised or updated.

overview of what we are building

ci for python Dockerfile Lint

We will take a sample solution here to perform a hado lint check on a dockerfile when a pr is raised in CodeCommit

Step 1 - Use the code from GitHub repo to create code build and lambda functions.

clone the repo
Note - add required region and account number and resource names in the files.

use the file buildspec.yaml to create the CodeBuild project
and refer the policy file codebuild_role.json for the essential permissions required ( CodeBuild needs access to CodeCommit to clone and comment on PR )

create lambda function using and for the policy required check file lambda_iam_role.json ( Permission to start CodeBuild Project )

Step 2 - Create event bridge that connect all the parts together

create an event bride rule to trigger when a pr status update change occurs.

sample for the event.

  "source": ["aws.codecommit"],
  "detail-type": ["CodeCommit Pull Request State Change"],
  "resources": ["arn:aws:codecommit:< region >:< account number >:< 
 repository name>"]
Enter fullscreen mode Exit fullscreen mode

Add the target as the lambda function which was created in the above step.

Step 3 - Raise a PR and check if Dockerfile is linted and comments are being added

once you raise PR in CodeCommit the event bridge rule reacts to that. Lambda function runs and collects the information required to do the CI test/check. Starts the code build with the information as override parameters and environment values.
Then Code Build runs the hado lint on the Dockerfile adds the result to CodeCommit through aws cli commands.

Comment made in pr after the check
PR with updated comment

Step 4 - Customize for further CI test for pull requests

we saw one sample of Dockerfile file check, this solution can be extended to add different types of test or checks on creation/update of pull requests.

Thank you for reading. Please comment if any suggestions to improve.

Top comments (0)