aws
feat(codebuild): add custom instance type and VPC to Fleets
https://aws.amazon.com/about-aws/whats-new/2025/04/aws-codebuild-ec2-instance-type-configurable-storage-size/
CodeBuild now supports specifying specific EC2 instance types to serve as fleet compute.
Add this support to the Fleet construct by way of adding CUSTOM_INSTANCE_TYPE to the FleetComputeType enum, and instanceType to ComputeConfiguration.
Also, add VPC support to Fleet. This mirrors the VPC support in Project. When using Fleets, the VPC configured on the Project is disallowed by CloudFormation. Only the VPC on the Fleet applies. VPC support required adding a Role to the Fleet to handle provisioning EC2 network interfaces in the configured VPC.
Describe any new or updated permissions being added
When configuring a VPC on a Fleet, IAM permissions are granted to a CodeBuild Role as described here.
Description of how you validated changes
Unit and integration tests.
Checklist
- [x] My code adheres to the CONTRIBUTING GUIDE and DESIGN GUIDELINES
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license
@alvazjor why did main get force pushed here? Every PR now has many conflicts that are challenging to resolve :(.
This PR cannot be merged because it has conflicts. Please resolve them. The PR will be considered stale and closed if it remains in an unmergeable state.
AWS CodeBuild CI Report
- CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
- Commit ID: b26bef78ee14bac24be043828df04ccf68cb7b84
- Result: SUCCEEDED
- Build Logs (available for 30 days)
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository
Thank you for your work! I've added some minor comments.
Thank you very much for reviewing.
Is there a reason for combining the two features - VPC and Instance Type support - into a single PR? I feel these should typically be split into one feature per PR.
The reason I've combined them is that I want to use both of these features myself. I do not think they strictly depend on one another, but because they modify code in the same place, if I were to split them up, whichever branch merged first would conflict with the other. So, it was easier for me to develop them together. So, I hope this it's okay to do it like this.
I have rebased and am rerunning the new integration tests in this PR, as main has changed the snapshots. It takes a really long time to run integration tests that involve fleets, because fleet instances must exist for at least an hour before they can be deleted. I will hopefully finish it tomorrow and then will push the fixed tests.
😕 the main build succeeds but I don't understand either of the other jobs that failed. Especially the security guardian one, seems all unrelated to my changes.
I don't think you need to worry much about CI processes like Security Guardian, as they are flaky and their failures don't affect the review status. Also, due to a separate issue, the needs-maintainer-review label is currently not being attached. Please wait while we address this.
#35268
@badmintoncryer do you know how to get the label added now that #35268 is fixed?
@isker Normally, this issue should have been resolved by merging the main branch, but it seems it has not been fixed yet.
it seems it has not been fixed yet.
@badmintoncryer is there an open issue for this?
Hi @ozelalisen, I see you assigned yourself a while ago. I would be grateful for a review.
@isker There are some merge conflicts, once you resolve them, I'll approve the PR
Comments on closed issues and PRs are hard for our team to see. If you need help, please open a new issue that references this one.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}