Each service or productive piece of software should be automatically tested, before merged to develop. We use AWS CodeBuild for building/testing code. For every software we have two Codebuild projects
- One which is triggered by Pull Request CREATE and UPDATE event
- This one lints, checks formatting, builds and test the code
- One which is triggered by Pull Request merge event
- This one builds and releases the build artefact (release on S3 build artifact or ECR repository)
- Each Codebuild project is managed via terraform in a dedicated repository
buildspec.ymlfile is located within the terraform module of the Codebuild project which is in a private repository. This ensure security where a non authorized person cannot see and edit the buildspec and trigger a build on a public repository.- Don't use secrets/password inside the buildspec but use AWS SSM AWS System Manager (SSM)
- Use build badge in the software github repository see Build Badge
Build badge should be added to the top of the README.md file of the github project using the following template:
| Branch | Status |
|--------|-----------|
| develop |  |
| master |  |To get the badge see Access your AWS CodeBuild build badges.