AWS CodeBuild and buildah/podman with Amazon Linux image

buildspec.yml

# This build is for a CodeBuild that builds an image with buildah or podman and pushes it to ECR.
# You will get whatever buildah / podman is/was the last supported one for CentOS 7. So the version won't be the latest.
# This is mainly useful to get your first custom image pushed to ECR so you can switch to that.
# Note: this config is for ARM images. Check pkgs org for the paths to other builds if needed.
version: 0.2

env:
  shell: /bin/sh

phases:
  install:
    commands:
      - yum -y install yum-utils
      - yum-config-manager --add-repo=http://mirror.centos.org/altarch/7/os/aarch64/
      - yum-config-manager --add-repo=http://mirror.centos.org/altarch/7/extras/aarch64/
      # Note: not ideal to disable the gpg check. Look into installing gpg keys if planning long term use
      # Note: You can replace buildah with podman if you want to use podman instead.
      - yum -y install buildah --disableplugin=priorities --nogpgcheck
  pre_build:
    commands:
      - echo Logging in to Amazon ECR...
      - REPO_URI=${AWS_ACCOUNT_ID}.dkr.ecr.${AWS_DEFAULT_REGION}.amazonaws.com
      - aws ecr get-login-password --region $AWS_DEFAULT_REGION | buildah login --username AWS --password-stdin ${REPO_URI}
  build:
    commands:
      - echo Build started on `date`
      - echo Building the container image...
      - buildah bud --storage-driver=vfs -f Containerfile -t $IMAGE_REPO_NAME:$CODEBUILD_RESOLVED_SOURCE_VERSION-$CODEBUILD_BUILD_NUMBER
  post_build:
    commands:
      - echo Build completed on `date`
      - buildah tag --storage-driver=vfs $IMAGE_REPO_NAME:$CODEBUILD_RESOLVED_SOURCE_VERSION-$CODEBUILD_BUILD_NUMBER $AWS_ACCOUNT_ID.dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com/$IMAGE_REPO_NAME:$IMAGE_TAG
      - echo Pushing the container image...
      - buildah push --storage-driver=vfs $AWS_ACCOUNT_ID.dkr.ecr.$AWS_DEFAULT_REGION.amazonaws.com/$IMAGE_REPO_NAME:$IMAGE_TAG