xdr-terraform-modules/base/codebuild_ecr_base/README.md

CodeBuild ECR Base

This module is the building blocks for the AWS CodeBuild projects. It has the foundational pieces for using codebuild to build Linux software / RPMs. You may need to compile an RPM for a specific release of an OS, and CodeBuild by default only has Docker images for Amazon Linux 2 and Ubuntu. So part of this builds RHEL Docker images so that you can compile software in a RHEL userspace.

It builds these resources:

• IAM role for Codebuild jobs to run and be launched by Eventbridge (codebuild-role)
• S3 bucket for holding Codebuild artifacts (xdr-codebuild-artifacts)
• ECR Repos for OS-specific containers
• Codebuild jobs to docker build containers for the OS-specific containers
  • RHEL 7
  • RHEL 8
  • RHEL 9 beta (not working right now)

The ECR repo and related codebuild jobs use a submodule. The OS-specific containers are rebuilt daily to keep them up to date with the latest RHEL patches.