DevOps Asked by Daniel Viglione on August 22, 2021
For my CodeBuild projects, I have a dev, staging and production project. Each project has an environment variable called $BUILD_ENVIRONMENT set to dev, staging and production, respectively. Each stage has its own key/value pair in Systems Manager Parameter Store. I want to use one buildspec.yml across all branches, so if I try to merge a branch or checkout a new branch, it does not copy hardcoded values in buildspec.yml. This is what I tried to do:
version: 0.2
env:
parameter-store:
SECRET_KEY_BASE: /myproject/$BUILD_ENVIRONMENT/secret_key_base
But it doesn’t work. There is no interpolation done and I get the following error:
Decrypted Variables Error Message: parameter does not exist:
/myproject/$BUILD_ENVIRONMENT/secret_base_key
Since this is such a common use case, I am wondering if anyone found any type of solution to this?
I faced the same problem while using different SSH key pairs for different deployment environment. Usually I used to create different ssm variables per environment and then changed the name of ssm per git branch in buildspec.yml. That worked perfectly for me. For example, for deploying to stage environment i used the git branch "dev" which had following buidlspec.yml config
env:
parameter-store:
SECRET_KEY_BASE: "DEV_SECRET_KEY_BASE"
for "release" environment it was,
env:
parameter-store:
SECRET_KEY_BASE: "RELEASE_SECRET_KEY_BASE"
make sure you resolve merge conflicts between inter git branches before you apply.
Answered by chaks on August 22, 2021
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP