CodeBuild Meets GitHub Actions: A Seamless CI Workflow with Lambda

Serverless GitHub Actions? Yes! Learn how to use AWS Lambda/ CodeBuild for Github Actions workflow execution GitHub Actions provides a powerful CI/CD pipeline, but sometimes you need more control over the environment where your workflows run. AWS CodeBuild now supports Lambda-based self-hosted runners, allowing you to execute GitHub Actions workflows in a cost-efficient, on-demand AWS environment. This guide will walk you through setting up a self-hosted GitHub Actions runner using AWS CodeBuild's Lambda Runner environment. Prerequisites Before getting started, ensure you have: An AWS account with permissions to create CodeBuild projects and Lambda functions A GitHub repository where you want to run the actions AWS CLI and GitHub CLI installed on your local machine An IAM role with necessary permissions for CodeBuild and Lambda execution Step 1: Create an AWS CodeBuild Project AWS CodeBuild will serve as our self-hosted GitHub Actions runner. Follow these steps: 1.1 Navigate to AWS CodeBuild Open the AWS CodeBuild Console Click Create build project 1.2 Configure Project Settings Project Name: github-actions-runner Description: Self-hosted GitHub Actions runner using AWS CodeBuild Lambda Runner Source: Select GitHub and connect to your repository 1.3 Select Environment Environment Image: Choose Managed Image Operating System: Amazon Linux 2 Runtime: AWS Lambda Compute Type: Lambda Execution Environment Operating System System: Amazon Linux Runtime: Python Image & Version: Select the latest 1.4 Configure IAM Role Choose New Service Role or select an existing role with permissions to execute CodeBuild, interact with GitHub, and access AWS Lambda. Attach the following policies if needed: { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": ["lambda:InvokeFunction"], "Resource": "arn:aws:lambda:::function:" }, { "Effect": "Allow", "Action": ["codebuild:StartBuild"], "Resource": "" } ] } Click Create Build Project to finalize. Step 2: Setup the GitHub action workflow. Navigate to your GitHub repository Go to Actions tab and create a simple workflow. To point the lambda self-hosted runner in place, update your .github/workflows/main.yml to use it: Please note the runs-on: section here that you need to at to the workflow file. # The type of runner that the job will run on runs-on: - codebuild-gha-runner-lambda-test-${{ github.run_id }}-${{ github.run_attempt }} Here is a full example of the workflow file. # This is a basic workflow to help you get started with Actions name: CI AWS Lambda Pipeline Test # Controls when the workflow will run on: # Triggers the workflow on push or pull request events but only for the "master" branch push: branches: [ "master" ] pull_request: branches: [ "master" ] # Allows you to run this workflow manually from the Actions tab workflow_dispatch: # A workflow run is made up of one or more jobs that can run sequentially or in parallel jobs: # This workflow contains a single job called "build" build: # The type of runner that the job will run on runs-on: - codebuild-gha-runner-lambda-test-${{ github.run_id }}-${{ github.run_attempt }} # Steps represent a sequence of tasks that will be executed as part of the job steps: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - uses: actions/checkout@v4 # Runs a single command using the runners shell - name: Run a one-line script run: echo Hello, world! # Runs a set of commands using the runners shell - name: Run a multi-line script run: | echo Add other actions to build, echo test, and deploy your project. Push changes to your repository, and the self-hosted runner in AWS CodeBuild will pick up the job and the lambda function will run your job. 2.1 Limitations Lambda compute is designed for speed, optimizing startup times for builds. However, it does have some limitations and does not support the following use cases: Reserved Capacity Caching Across Builds Restricting Runtime with Timeouts Tools Requiring Root-User Permissions Long-Running Builds (Lambda has a maximum timeout of 15 minutes) Using AWS CodeBuild's Lambda Runner for GitHub Actions provides a scalable, cost-efficient alternative to traditional self-hosted runners. You only pay for execution time, and the Lambda-based environment ensures seamless scaling. Try this setup for your CI/CD workflows and enjoy the flexibility of AWS CodeBuild in your GitHub Actions pipelines! Happy coding!

Feb 28, 2025 - 00:53

CodeBuild Meets GitHub Actions: A Seamless CI Workflow with Lambda

Serverless GitHub Actions? Yes! Learn how to use AWS Lambda/ CodeBuild for Github Actions workflow execution

GitHub Actions provides a powerful CI/CD pipeline, but sometimes you need more control over the environment where your workflows run. AWS CodeBuild now supports Lambda-based self-hosted runners, allowing you to execute GitHub Actions workflows in a cost-efficient, on-demand AWS environment. This guide will walk you through setting up a self-hosted GitHub Actions runner using AWS CodeBuild's Lambda Runner environment.

Prerequisites

Before getting started, ensure you have:

An AWS account with permissions to create CodeBuild projects and Lambda functions
A GitHub repository where you want to run the actions
AWS CLI and GitHub CLI installed on your local machine
An IAM role with necessary permissions for CodeBuild and Lambda execution

Step 1: Create an AWS CodeBuild Project

AWS CodeBuild will serve as our self-hosted GitHub Actions runner. Follow these steps:

1.1 Navigate to AWS CodeBuild

Open the AWS CodeBuild Console
Click Create build project

1.2 Configure Project Settings

Project Name: github-actions-runner
Description: Self-hosted GitHub Actions runner using AWS CodeBuild Lambda Runner
Source: Select GitHub and connect to your repository

1.3 Select Environment

Environment Image: Choose Managed Image
Operating System: Amazon Linux 2
Runtime: AWS Lambda
Compute Type: Lambda Execution Environment
Operating System System: Amazon Linux
Runtime: Python
Image & Version: Select the latest

1.4 Configure IAM Role

Choose New Service Role or select an existing role with permissions to execute CodeBuild, interact with GitHub, and access AWS Lambda.

Attach the following policies if needed:

  {
      "Version": "2012-10-17",
      "Statement": [
          {
              "Effect": "Allow",
              "Action": ["lambda:InvokeFunction"],
              "Resource": "arn:aws:lambda:*:*:function:*"
          },
          {
              "Effect": "Allow",
              "Action": ["codebuild:StartBuild"],
              "Resource": "*"
          }
      ]
  }

Click Create Build Project to finalize.

Step 2: Setup the GitHub action workflow.

Navigate to your GitHub repository
Go to Actions tab and create a simple workflow.
To point the lambda self-hosted runner in place, update your .github/workflows/main.yml to use it: Please note the runs-on: section here that you need to at to the workflow file.

    # The type of runner that the job will run on
    runs-on: 
      - codebuild-gha-runner-lambda-test-${{ github.run_id }}-${{ github.run_attempt }}

Here is a full example of the workflow file.

# This is a basic workflow to help you get started with Actions

name: CI AWS Lambda Pipeline Test

# Controls when the workflow will run
on:
  # Triggers the workflow on push or pull request events but only for the "master" branch
  push:
    branches: [ "master" ]
  pull_request:
    branches: [ "master" ]

  # Allows you to run this workflow manually from the Actions tab
  workflow_dispatch:

# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
  # This workflow contains a single job called "build"
  build:
    # The type of runner that the job will run on
    runs-on: 
      - codebuild-gha-runner-lambda-test-${{ github.run_id }}-${{ github.run_attempt }}

    # Steps represent a sequence of tasks that will be executed as part of the job
    steps:
      # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
      - uses: actions/checkout@v4

      # Runs a single command using the runners shell
      - name: Run a one-line script
        run: echo Hello, world!

      # Runs a set of commands using the runners shell
      - name: Run a multi-line script
        run: |
          echo Add other actions to build,
          echo test, and deploy your project.

Push changes to your repository, and the self-hosted runner in AWS CodeBuild will pick up the job and the lambda function will run your job.

2.1 Limitations

Lambda compute is designed for speed, optimizing startup times for builds. However, it does have some limitations and does not support the following use cases:

Reserved Capacity
Caching Across Builds
Restricting Runtime with Timeouts
Tools Requiring Root-User Permissions
Long-Running Builds (Lambda has a maximum timeout of 15 minutes)

Using AWS CodeBuild's Lambda Runner for GitHub Actions provides a scalable, cost-efficient alternative to traditional self-hosted runners. You only pay for execution time, and the Lambda-based environment ensures seamless scaling. Try this setup for your CI/CD workflows and enjoy the flexibility of AWS CodeBuild in your GitHub Actions pipelines!

Happy coding!