Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

"Invalid CodePipeline artifact" after change Codebuild from EC2 to Lambda

0

Hi!

I have the following cloudformation, that is working fine

  CodebuildProject:
    Type: AWS::CodeBuild::Project
    Properties:
      Name: !Sub project-${AccountID}
      ServiceRole: !GetAtt CodeBuildRole.Arn
      Artifacts:
        Type: CODEPIPELINE
      SecondaryArtifacts:
        - ArtifactIdentifier: foo_bar
          Path: foo_bar
          Name: foo_bar
          Type: S3
          Packaging: ZIP
          Location: !Sub artifacts3-${AccountID}
      Environment:
        Type: LINUX_CONTAINER
        ComputeType: BUILD_GENERAL1_SMALL
        Image: aws/codebuild/amazonlinux2-x86_64-standard:4.0
      Source:
        Type: CODEPIPELINE
        BuildSpec: "foo_bar.yml"
      TimeoutInMinutes: 10

I have changed the ComputeType, Type, Image and removed the Timeout to use Lambda.

      Environment:
        Type: LINUX_LAMBDA_CONTAINER
        ComputeType: BUILD_LAMBDA_1GB
        Image: aws/codebuild/amazonlinux-x86_64-lambda-standard:python3.12

And now I get a very strange error

"errorMessage": "Invalid CodePipeline artifact: must be a valid S3 arn"

I haven't changed anything on the artifacts.

If I check con cloudtrail, I can get the parameters from the EC2 call, that works fine.

   "requestParameters": {
        "sourceVersion": "arn:aws:s3:::artifacts3-123145678901/DevOps.123145678901-/SourceOutp/5dso5re",
        "artifactsOverride": {
            "type": "CODEPIPELINE",
            "encryptionDisabled": false,
            "name": "project-123145678901",
            "packaging": "NONE",
            "location": "arn:aws:s3:::artifacts3-123145678901/DevOps.123145678901-/SASTOutput/NDlDQN7"
        },
        "environmentVariablesOverride": [
            {
                "type": "HIDDEN_DUE_TO_SECURITY_REASONS",
                "value": "HIDDEN_DUE_TO_SECURITY_REASONS",
                "name": "HIDDEN_DUE_TO_SECURITY_REASONS"
            }
        ],
        "projectName": "project-123145678901"
    },

And the call with the lambda, that fails

   "requestParameters": {
        "sourceVersion": "arn:aws:s3:::artifacts3-123145678901/DevOps.123145678901-/SourceOutp/QN7RAxk",
        "artifactsOverride": {
            "type": "CODEPIPELINE",
            "encryptionDisabled": false,
            "name": "project-123145678901",
            "packaging": "NONE",
            "location": "arn:aws:s3:::artifacts3-123145678901/DevOps.123145678901-/SASTOutput/v4ECBPh"
        },
        "environmentVariablesOverride": [
            {
                "type": "HIDDEN_DUE_TO_SECURITY_REASONS",
                "value": "HIDDEN_DUE_TO_SECURITY_REASONS",
                "name": "HIDDEN_DUE_TO_SECURITY_REASONS"
            }
        ],
        "projectName": "project-123145678901"
    }

Both calls are the same, but with lambda I get

"errorCode": "InvalidInputException",

"errorMessage": "Invalid CodePipeline artifact: must be a valid S3 arn",

There is any limitation on CodeBuild and Lambda related to s3 artifacts?

Topics
Developer Tools
Tags
AWS CodeBuildAWS CodePipeline
Language
English
asked a year ago172 views
1 Answer
0

The issue you're experiencing is likely related to limitations of AWS CodeBuild when using Lambda compute mode. While the CloudFormation template and the API calls appear to be similar for both EC2 and Lambda modes, there are some important restrictions to consider when using Lambda compute mode in CodeBuild.

When using Lambda compute mode for CodeBuild:

  1. The maximum project duration is limited to 15 minutes. Custom build timeouts are not supported.

  2. Local caching is not supported.

  3. Batch builds are not supported.

  4. Docker image builds are not supported.

  5. There may be limitations on artifact handling, which could be causing the error you're seeing.

The error message "Invalid CodePipeline artifact: must be a valid S3 arn" suggests that there might be an issue with how CodeBuild is interpreting or handling the artifact information when using Lambda compute mode.

To resolve this issue, you might need to:

  1. Ensure that your buildspec file is compatible with Lambda compute mode and doesn't rely on features not supported in this mode.

  2. Check if your project requires any of the unsupported features mentioned above.

  3. Verify that the S3 bucket permissions are correctly set for Lambda compute mode.

  4. Consider simplifying your artifact configuration to see if it resolves the issue.

If the problem persists, you may need to revert to using EC2 compute type for your CodeBuild project, especially if your build process requires features not supported in Lambda compute mode. Alternatively, you could reach out to AWS support for further assistance in troubleshooting this specific error with Lambda compute mode.
Sources
AWS CodeBuild adds support for AWS Lambda compute mode | AWS DevOps Blog
AWS::CodeBuild::Project Artifacts - AWS CloudFormation

answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content