Blog
Thoughts on engineering, design, and building great products.
CodeBuild Test Reports: A Build Must Not Only Run, It Must Be Correct
A successful build does not mean the code is correct — it only means the commands ran without error. This article has CodeBuild run real tests (pytest) and collect the results into a viewable test report: total count, pass/fail, each case. And why you should let a failing test fail the build, blocking broken code before it reaches deploy.
CodeBuild Advanced: Environment Variables, Secrets, and Cache
Real builds need config and secrets: an API URL, a key, a database password. This article passes them into CodeBuild the right way — plain variables declared inline, sensitive values pulled from SSM Parameter Store and Secrets Manager and masked automatically by CodeBuild in the logs. Plus enabling cache for faster builds. All tested for real, with logs.
CodeBuild: Project, buildspec.yml, and the First Build
Build the build stage: create a CodeBuild project wired to the CodeCommit repo, write buildspec.yml defining the build phases, run a real build, then read the CloudWatch log to see how each phase runs. Dissect the mechanism — CodeBuild stands up a temporary container, runs buildspec in phase order, pushes the artifact to S3 and logs to CloudWatch.