使用具有PrivilegedMode = TRUE的AWS策略泊塢窗圖像創建CodeBuild項目

Question

我確認使用以下命令aws/codebuild/java:openjdk-8是策劃的CodeBuild圖像之一。

$ aws codebuild list-curated-environment-images | grep -A 1 openjdk-8 
"name": "aws/codebuild/java:openjdk-8", 
"description": "AWS CodeBuild - Java 8" 

儘管aws/codebuild/java:openjdk-8被策展的形象，當我嘗試使用圖像和PrivilegedMode = true參數創建構建項目，我得到一個4XX錯誤是沒有意義：「PrivilegedMode可以 只能設置針對具有自定義或AWS CodeBuild Docker策劃映像的項目。「

9 [main] INFO org.janusgraph.codepipelines.AwsCodePipelinesCi - 
{ 
    Name: j1pass-bdb-project, 
    Source: {Type: CODEPIPELINE,}, 
    Artifacts: {Type: CODEPIPELINE, Name: null-artifacts,Packaging: NONE}, 
    Environment: {Type: LINUX_CONTAINER, 
    Image: aws/codebuild/java:openjdk-8, 
    ComputeType: BUILD_GENERAL1_LARGE, 
    EnvironmentVariables: [{Name: MODULE,Value: janusgraph-berkeleyje}], 
    PrivilegedMode: true}, 
    ServiceRole: arn:aws:iam::############:role/cbjanus, 
    TimeoutInMinutes: 480 
} 
1454 [main] ERROR org.janusgraph.codepipelines.AwsCodePipelinesCi - 
PrivilegedMode can only be set for projects with custom or AWS CodeBuild Docker 
curated images. (Service: AWSCodeBuild; Status Code: 400; 
Error Code: InvalidInputException; Request ID: 89ab67a0-4d00-11e7-8da7-bdeb9326cb3c) 
com.amazonaws.services.codebuild.model.InvalidInputException: PrivilegedMode can 
only be set for projects with custom or AWS CodeBuild Docker curated images. 
(Service: AWSCodeBuild; Status Code: 400; 
Error Code: InvalidInputException; Request ID: 89ab67a0-4d00-11e7-8da7-bdeb9326cb3c) 

Answer 1

AWS CodeBuild「Docker」策劃的圖像是以「aws/codebuild/docker」開頭的圖像。 CodeBuild的策劃圖像的完整列表可以在這裏找到：http://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref.html。

您只能爲您的「自定義」圖像設置最近引入的此標誌。這些圖像可能在您的私有Amazon ECR註冊表或公共DockerHub註冊表中存在。關於如何啓用此標誌的示例：http://docs.aws.amazon.com/codebuild/latest/userguide/sample-docker-custom-image.html。

因此，對於你的示例，你會得到這個錯誤，因爲雖然你使用的openjdk-8圖像是一個策劃的圖像，但它不是「docker」策劃的圖像。