You are working on a Jenkins continuous delivery pipeline for a Golang project.
The pipeline uses AWS CodeBuild to build the Docker image and push it to an AWS ECR repository.
You already have the Dockerfile, and now you need to create the buildspec.yml file for the CodeBuild project.
The buildspec.yml file has several stages, including install, pre_build, build and post_build.
Before the build stage, you should have already logged in to ECR.
Which commands are suitable to be placed in the CodeBuild build stage?
Click on the arrows to vote for the correct answer
A. B. C. B. E. F. B. H. .Correct Answer - C.
Option A is incorrect: Because ECR login (aws ecr get-login) should be put in the pre_build phase.
Option C is better than this option.
Option B is incorrect: Because the docker run should not be placed in the build phase.
CodeBuild is used to build an artifact, and it is not suitable to run the Docker here.
Option C is CORRECT: Because in the build phase, the Docker image should be built and tagged.
Then the Docker image should be pushed to ECR.
Option D is incorrect: Because docker start and docker run are inappropriate in the CodeBuild build phase.
When building a Docker image, you do not need to run a Docker container.
The buildspec.yml file has several phases such as install, pre_build, build, and post_build.
Check https://docs.aws.amazon.com/codebuild/latest/userguide/sample-docker.html for how to use CodeBuild to work with Docker image and ECR.
The correct answer for the CodeBuild build stage is A:
A. build: commands:
Explanation: In the build stage, we need to build the Docker image and push it to the ECR repository. The first command is to authenticate to ECR, which is done using the AWS CLI command "aws ecr get-login". This command retrieves an authentication token from ECR and logs in to the registry with Docker. The --no-include-email flag is used to avoid including the email address in the output. The $AWS_DEFAULT_REGION variable is used to specify the AWS region where the ECR repository is located.
The second command builds the Docker image using the Dockerfile in the current directory. The -t option is used to tag the image with the repository name and tag, which are specified by the $IMAGE_REPO_NAME and $IMAGE_TAG variables respectively.
The third command tags the Docker image with the ECR repository URI, which is formed by concatenating the AWS account ID, the ECR repository name, and the tag.
The fourth command pushes the Docker image to the ECR repository, using the $AWS_ACCOUNT_ID variable to specify the AWS account ID.
Option B is incorrect because it only specifies the ECR repository URI, but it does not include the necessary commands to build and push the Docker image.
Option C is incorrect because it includes a command to run the Docker image, but this is not necessary for building and pushing the image to ECR.
Option E is incorrect because it does not include the command to authenticate to ECR before pushing the Docker image.
Option F is incorrect because it includes the ECR repository URI twice, but it does not include the necessary commands to build and push the Docker image.
Option H is incorrect because it includes a command to start the Docker image, but this is not necessary for building and pushing the image to ECR.