search

aws-solutions / aws-control-tower-customizations

The Customizations for AWS Control Tower solution combines AWS Control Tower and other highly-available, trusted AWS services to help customers more quickly set up a secure, multi-account AWS environment using AWS best practices.
https://docs.aws.amazon.com/controltower/latest/userguide/cfct-overview.html
Apache License 2.0
354 stars 205 forks source link

Use Double Quotes in Build Project Spec #148

Open akefirad opened 1 year ago

akefirad commented 1 year ago

Describe the bug Using single quote in the build project spec disable inline evaluation.

The current spec is as below:

version: 0.2
phases:
  install:
    runtime-versions:
      python: 3.8
      ruby: 2.6
    commands:
      - export current=$(pwd)
      - if [ -f manifest.yaml ];then export current=$(pwd);else if [ -f custom-control-tower-configuration/manifest.yaml ]; then export current=$(pwd)/custom-control-tower-configuration;  else echo 'manifest.yaml does not exist at the root level of custom-control-tower-configuration.zip or inside custom-control-tower-configuration folder, please check the ZIP file'; exit 1;    fi; fi;
      - apt-get -q update 1> /dev/null
      - apt-get -q install zip wget python3-pip libyaml-dev -y 1>/dev/null
      - export LC_ALL='en_US.UTF-8'
      - locale-gen en_US en_US.UTF-8
      - dpkg-reconfigure locales --frontend noninteractive
  pre_build:
    commands:
      - cd $current
      - echo 'Download CustomControlTower Scripts'
      - aws s3 cp --quiet s3://control-tower-cfct-assets-prod/customizations-for-aws-control-tower/v2.5.2/custom-control-tower-scripts.zip $current
      - unzip -q -o $current/custom-control-tower-scripts.zip -d $current
      - cp codebuild_scripts/* .
      - bash install_stage_dependencies.sh $STAGE_NAME
  build:
    commands:
      - echo 'Starting build $(date) in $(pwd)'
      - echo 'bash execute_stage_scripts.sh $STAGE_NAME $LOG_LEVEL $WAIT_TIME $SM_ARN $ARTIFACT_BUCKET $KMS_KEY_ALIAS_NAME $BOOL_VALUES $NONE_TYPE_VALUES'
      - bash execute_stage_scripts.sh $STAGE_NAME $LOG_LEVEL $WAIT_TIME $SM_ARN $ARTIFACT_BUCKET $KMS_KEY_ALIAS_NAME $BOOL_VALUES $NONE_TYPE_VALUES 
      - echo 'Running build scripts completed $(date)'
  post_build:
    commands:
      - echo 'Starting post build $(date) in $(pwd)'
      - echo 'build completed on $(date)'

artifacts:
  files:
      - '**/*'

As you can see in the above, echo commands are enclosed in single quotes, but they should be in double quotes.

balltrev commented 1 year ago

@akefirad Thanks for the call out here. I've gone ahead and created a backlog with the team to address the updates to the buildspec you've mentioned

climbertjh2 commented 1 year ago

+1 on this one - I just noticed it today. With the single quotes, the embedded command invocations never run, i.e. $(date) and $(pwd).