General updates

Author: strohm-a

doc_source/auth-and-access-control-using-tags.md

@@ -2,7 +2,7 @@
 
 Conditions in IAM policy statements are part of the syntax that you can use to specify permissions to CodeBuild project\-based actions\. You can create a policy that allows or denies actions on projects based on the tags associated with those projects, and then apply those policies to the IAM groups you configure for managing IAM users\. For information about applying tags to a project using the console or AWS CLI, see [Create a build project in AWS CodeBuild](create-project.md)\. For information about applying tags using the CodeBuild SDK, see [CreateProject ](https://docs.aws.amazon.com/codebuild/latest/APIReference/API_CreateProject.html#API_CreateProject_RequestSyntax) and [Tags](https://docs.aws.amazon.com/codebuild/latest/APIReference/API_Tag.html) in the *CodeBuild API Reference*\. For information about using tags to control access to AWS resources, see [Controlling Access to AWS Resources Using Resource Tags](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html) in the *IAM User Guide*\.
 
-**Example Example 1: Limit CodeBuild project actions based on resource tags**  
+**Example 1: Limit CodeBuild project actions based on resource tags**  
  The following example denies all `BatchGetProjects` actions on projects tagged with the key `Environment` with the key value of `Production`\. A user's administrator must attach this IAM policy in addition to the managed user policy to unauthorized IAM users\. The `aws:ResourceTag` condition key is used to control access to resources based on their tags\.   
 
 ```
@@ -25,7 +25,7 @@ Conditions in IAM policy statements are part of the syntax that you can use to s
 }
 ```
 
-**Example Example 2: Limit CodeBuild project actions based on request tags**  
+**Example 2: Limit CodeBuild project actions based on request tags**  
 The following policy denies users permission to the `CreateProject` action if the request contains a tag with the key `Environment` and the key value `Production`\. In addition, the policy prevents these unauthorized users from modifying projects by using the `aws:TagKeys` condition key to not allow `UpdateProject` if the request contains a tag with the key `Environment`\. An administrator must attach this IAM policy in addition to the managed user policy to users who are not authorized to perform these actions\. The `aws:RequestTag` condition key is used to control which tags can be passed in an IAM request  
 
 ```
@@ -60,7 +60,7 @@ The following policy denies users permission to the `CreateProject` action if th
 }
 ```
 
-**Example Example 3: Deny or allow actions on report groups based on resource tags**  
+**Example 3: Deny or allow actions on report groups based on resource tags**  
 You can create a policy that allows or denies actions on CodeBuild resources \(projects and report groups\) based on the AWS tags associated with those resources, and then apply those policies to the IAM groups you configure for managing IAM users\. For example, you can create a policy that denies all CodeBuild actions on any report group with the AWS tag key `Status` and the key value of `Secret`, and then apply that policy to the IAM group you created for general developers \(*Developers*\)\. You then need to make sure that the developers working on those tagged report groups are not members of that general *Developers* group, but belong instead to a different IAM group that does not have the restrictive policy applied \(`SecretDevelopers`\)\.  
 The following example denies all CodeBuild actions on report groups tagged with the key `Status` and the key value of `Secret`:  
 
@@ -87,7 +87,7 @@ The following example denies all CodeBuild actions on report groups tagged with
 }
 ```
 
-**Example Example 4: Limit CodeBuild actions to AWSCodeBuildDeveloperAccess based on resource tags**  
+**Example 4: Limit CodeBuild actions to AWSCodeBuildDeveloperAccess based on resource tags**  
 You can create policies that allow CodeBuild actions on all report groups and projects that are not tagged with specific tags\. For example, the following policy allows the equivalent of [AWSCodeBuildDeveloperAccess](auth-and-access-control-iam-identity-based-access-control.md#developer-access-policy) permissions for all report groups and projects except those tagged with the specified tags:  
 
 ```

doc_source/build-env-ref-cmd.md

@@ -13,4 +13,4 @@ You can specify any Shell Command Language \(sh\) command\. In buildspec version
 
 If CodeBuild encounters an error, the error might be more difficult to troubleshoot compared to running a single command in its own instance of the default shell\.
 
-Commands that are run in a Windows Server Core 2016 image use the PowerShell shell\.
+Commands that are run in a Windows Server Core image use the PowerShell shell\.

doc_source/build-env-ref-env-vars.md

@@ -42,7 +42,8 @@ An identifier for the version of a build's source code\. Its format depends on t
 + For Amazon S3, this does not apply\. 
 
 CODEBUILD\_SOURCE\_REPO\_URL  
-The URL to the input artifact or source code repository\. For Amazon S3, this is `s3://` followed by the bucket name and path to the input artifact\. For CodeCommit and GitHub, this is the repository's clone URL\. If a build originates from CodePipeline, then this might be empty\.
+The URL to the input artifact or source code repository\. For Amazon S3, this is `s3://` followed by the bucket name and path to the input artifact\. For CodeCommit and GitHub, this is the repository's clone URL\. If a build originates from CodePipeline, this environment variable may be empty\.  
+For secondary sources, the environment variable for the secondary source repository URL is `CODEBUILD_SOURCE_REPO_URL_<sourceIdentifier>`, where `<sourceIdentifier>` is the source identifier you create\. 
 
 CODEBUILD\_SOURCE\_VERSION  
 The value's format depends on the source repository\.  
@@ -51,10 +52,11 @@ The value's format depends on the source repository\.
 + For GitHub, GitHub Enterprise Server, and Bitbucket it is the commit ID, branch name, or tag name associated with the version of the source code to be built\.
 **Note**  
 For a GitHub or GitHub Enterprise Server build that is triggered by a webhook pull request event, it is `pr/pull-request-number`\.
+For secondary sources, the environment variable for the secondary source version is `CODEBUILD_SOURCE_VERSION_<sourceIdentifier>`, where `<sourceIdentifier>` is the source identifier you create\. For more information, see [Multiple input sources and output artifacts sample](sample-multi-in-out.md)\.
 
 CODEBUILD\_SRC\_DIR  
 The directory path that CodeBuild uses for the build \(for example, `/tmp/src123456789/src`\)\.  
-If you use a secondary source, the environment variable for its directory path is `CODEBUILD_SRC_DIR_sourceIdentifier`, where `sourceIdentifier` is the source identifier you create\. For more information, see [Multiple input sources and output artifacts sample](sample-multi-in-out.md)\.
+For secondary sources, the environment variable for the secondary source directory path is `CODEBUILD_SRC_DIR_<sourceIdentifier>`, where `<sourceIdentifier>` is the source identifier you create\. For more information, see [Multiple input sources and output artifacts sample](sample-multi-in-out.md)\.
 
 CODEBUILD\_START\_TIME  
 The start time of the build specified as a Unix timestamp in milliseconds\.

doc_source/build-spec-ref.md

@@ -294,17 +294,30 @@ Required sequence\. Represents the locations that contain the raw data of test r
 + `my-subdirectory/**/*` represents all files recursively starting from a subdirectory named *my\-subdirectory*\.
 
 reports/<report\-group>/**file\-format**  <a name="build-spec.reports.file-format"></a>
-Optional mapping\. Represents the test report file format\. If not specified, `JunitXml` is used\. The following test report file formats are supported:  
-+ `CucumberJson`
-+ `JunitXml`
-+ `NunitXml`
-+ `TestNGXml`
-+ `VisualStudioTrx`
-The following code coverage report formats are supported:  
-+ `JaCoCoXml`
-+ `SimpleCov`
-+ `CloverXml`
-+ `CoberturaXml`
+Optional mapping\. Represents the report file format\. If not specified, `JUNITXML` is used\. This value is not case sensitive\. Possible values are:  
+**Test reports**    
+ `CUCUMBERJSON`   
+Cucumber JSON  
+ `JUNITXML`   
+JUnit XML  
+ `NUNITXML`   
+NUnit XML  
+ `NUNIT3XML`   
+NUnit 3 XML  
+ `TESTNGXML`   
+TestNG XML  
+ `VISUALSTUDIOTRX`   
+Visual Studio TRX
+**Code coverage reports**    
+ `CLOVERXML`   
+Clover XML  
+ `COBERTURAXML`   
+Cobertura XML  
+ `JACOCOXML`   
+JaCoCo XML  
+ `SIMPLECOV`   
+SimpleCov JSON  
+CodeBuild accepts JSON code coverage reports generated by [simplecov](https://github.com/simplecov-ruby/simplecov), not [simplecov\-json](https://github.com/vicentllongo/simplecov-json)\.
 
 reports/<report\-group>/**base\-directory**  <a name="build-spec.reports.base-directory"></a>
 Optional mapping\. Represents one or more top\-level directories, relative to the original build location, that CodeBuild uses to determine where to find the raw test files\.
@@ -533,7 +546,7 @@ reports:
     files:
       - 'cucumber/target/cucumber-tests.xml'
     discard-paths: yes
-    file-format: CucumberJson # default is JunitXml
+    file-format: CUCUMBERJSON # default is JUNITXML
 artifacts:
   files:
     - target/messageUtil-1.0.jar
@@ -555,7 +568,7 @@ cache:
 Here is an example of the preceding buildspec, expressed as a single string, for use with the AWS CLI, or the AWS SDKs\.
 
 ```
-"version: 0.2\n\nenv:\n  variables:\n    JAVA_HOME: \"/usr/lib/jvm/java-8-openjdk-amd64\\"\n  parameter-store:\n    LOGIN_PASSWORD: /CodeBuild/dockerLoginPassword\n  phases:\n\n  install:\n    commands:\n      - echo Entered the install phase...\n      - apt-get update -y\n      - apt-get install -y maven\n    finally:\n      - echo This always runs even if the update or install command fails \n  pre_build:\n    commands:\n      - echo Entered the pre_build phase...\n      - docker login –u User –p $LOGIN_PASSWORD\n    finally:\n      - echo This always runs even if the login command fails \n  build:\n    commands:\n      - echo Entered the build phase...\n      - echo Build started on `date`\n      - mvn install\n    finally:\n      - echo This always runs even if the install command fails\n  post_build:\n    commands:\n      - echo Entered the post_build phase...\n      - echo Build completed on `date`\n\n reports:\n  reportGroupJunitXml:\n    files:\n      - \"**/*\"\n    base-directory: 'target/tests/reports'\n    discard-paths: false\n  reportGroupCucumberJson:\n    files:\n      - 'cucumber/target/cucumber-tests.xml'\n    file-format: CucumberJson\n\nartifacts:\n  files:\n    - target/messageUtil-1.0.jar\n  discard-paths: yes\n  secondary-artifacts:\n    artifact1:\n      files:\n       - target/messageUtil-1.0.jar\n      discard-paths: yes\n    artifact2:\n      files:\n       - target/messageUtil-1.0.jar\n      discard-paths: yes\n cache:\n  paths:\n    - '/root/.m2/**/*'"
+"version: 0.2\n\nenv:\n  variables:\n    JAVA_HOME: \"/usr/lib/jvm/java-8-openjdk-amd64\\"\n  parameter-store:\n    LOGIN_PASSWORD: /CodeBuild/dockerLoginPassword\n  phases:\n\n  install:\n    commands:\n      - echo Entered the install phase...\n      - apt-get update -y\n      - apt-get install -y maven\n    finally:\n      - echo This always runs even if the update or install command fails \n  pre_build:\n    commands:\n      - echo Entered the pre_build phase...\n      - docker login –u User –p $LOGIN_PASSWORD\n    finally:\n      - echo This always runs even if the login command fails \n  build:\n    commands:\n      - echo Entered the build phase...\n      - echo Build started on `date`\n      - mvn install\n    finally:\n      - echo This always runs even if the install command fails\n  post_build:\n    commands:\n      - echo Entered the post_build phase...\n      - echo Build completed on `date`\n\n reports:\n  reportGroupJunitXml:\n    files:\n      - \"**/*\"\n    base-directory: 'target/tests/reports'\n    discard-paths: false\n  reportGroupCucumberJson:\n    files:\n      - 'cucumber/target/cucumber-tests.xml'\n    file-format: CUCUMBERJSON\n\nartifacts:\n  files:\n    - target/messageUtil-1.0.jar\n  discard-paths: yes\n  secondary-artifacts:\n    artifact1:\n      files:\n       - target/messageUtil-1.0.jar\n      discard-paths: yes\n    artifact2:\n      files:\n       - target/messageUtil-1.0.jar\n      discard-paths: yes\n cache:\n  paths:\n    - '/root/.m2/**/*'"
 ```
 
 Here is an example of the commands in the `build` phase, for use with the CodeBuild or CodePipeline consoles\.

doc_source/change-project-console.md

@@ -145,8 +145,8 @@ Choose to ignore SSL warnings while connecting to your GitHub Enterprise project
 By default, Docker containers do not allow access to any devices\. Privileged mode grants a build project's Docker container access to all devices\. For more information, see [Runtime Privilege and Linux Capabilities](https://docs.docker.com/engine/reference/run/#runtime-privilege-and-linux-capabilities) on the Docker Docs website\.
 
    ```
-   - nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://127.0.0.1:2375 --storage-driver=overlay&
-    - timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"
+   - nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://127.0.0.1:2375 --storage-driver=overlay2
+   - timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"
    ```
 
 1. To change information about the CodeBuild service role, in **Service role**, change the values for **New service role**, **Existing service role**, or **Role name**\.

doc_source/code-coverage-report.md

@@ -14,10 +14,12 @@ Branch coverage measures how many branches your tests cover out of every possibl
 
 The following code coverage report file formats are supported:
 + JaCoCo XML
-+ SimpleCov JSON
++ SimpleCov JSON¹
 + Clover XML
 + Cobertura XML
 
+¹ CodeBuild accepts JSON code coverage reports generated by [simplecov](https://github.com/simplecov-ruby/simplecov), not [simplecov\-json](https://github.com/vicentllongo/simplecov-json)\.
+
 ## Create a code coverage report<a name="code-coverage-report-create"></a>
 
 To create a code coverage report, you run a build project that is configured with at least one code coverage report group in its buildspec file\. AWS CodeBuild will interpret the code coverage results and provide a code coverage report for the run\. A new test report is generated for each subsequent build that uses the same buildspec file\. 
@@ -39,7 +41,7 @@ To create a code coverage report, you run a build project that is configured wit
         jacoco-report:
           files:
             - 'test-results/jacoco-coverage-report.xml'
-          file-format: 'JaCoCoXml'
+          file-format: 'JACOCOXML'
       ```
 
    1. In the `commands` section of the `build` or `post_build` sequence, specify the commands that run the code coverage analysis\. For more information, see [ Specify test commands ](report-group-test-case-commands.md)\. 

doc_source/create-project-cli.md

@@ -382,7 +382,7 @@ Set to `true` only if you plan to use this build project to build Docker images,
 By default, Docker containers do not allow access to any devices\. Privileged mode grants a build project's Docker container access to all devices\. For more information, see [Runtime Privilege and Linux Capabilities](https://docs.docker.com/engine/reference/run/#runtime-privilege-and-linux-capabilities) on the Docker Docs website\.
 
 ```
-- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://127.0.0.1:2375 --storage-driver=overlay&
+- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://127.0.0.1:2375 --storage-driver=overlay2
 - timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"
 ```
 

doc_source/create-project-console.md

@@ -169,7 +169,7 @@ Do one of the following:
 By default, Docker containers do not allow access to any devices\. Privileged mode grants a build project's Docker container access to all devices\. For more information, see [Runtime Privilege and Linux Capabilities](https://docs.docker.com/engine/reference/run/#runtime-privilege-and-linux-capabilities) on the Docker Docs website\.
 
 ```
-- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://127.0.0.1:2375 --storage-driver=overlay&
+- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --host=tcp://127.0.0.1:2375 --storage-driver=overlay2
 - timeout -t 15 sh -c "until docker info; do echo .; sleep 1; done"
 ```
 

doc_source/create-project.md

@@ -2,13 +2,13 @@
 
 You can use the AWS CodeBuild console, AWS CLI, or AWS SDKs to create a build project\.
 
+## Prerequisites<a name="create-project-prerequisites"></a>
+
+Before creating a build project, answer the questions in [Plan a build](planning.md)\.
+
 **Topics**
 + [Prerequisites](#create-project-prerequisites)
 + [Create a build project \(console\)](create-project-console.md)
 + [Create a build project \(AWS CLI\)](create-project-cli.md)
 + [Create a build project \(AWS SDKs\)](create-project-sdks.md)
-+ [Create a build project \(AWS CloudFormation\)](create-project-cloud-formation.md)
-
-## Prerequisites<a name="create-project-prerequisites"></a>
-
-Answer the questions in [Plan a build](planning.md)\.
++ [Create a build project \(AWS CloudFormation\)](create-project-cloud-formation.md)

doc_source/history.md

@@ -7,7 +7,7 @@ The following table describes the important changes to the documentation since t
 | Change | Description | Date | 
 | --- |--- |--- |
 | [Code coverage reporting](#history) | CodeBuild now provides code coverage reports\. For more information, see [Code coverage reports](https://docs.aws.amazon.com/codebuild/latest/userguide/code-coverage-report.html)\.  | July 30, 2020 | 
-| [Batch builds](#history) | CodeBuild now supports the execution of concurrent and coordinated builds of a project\. For more information, see [Batch builds in CodeBuild\.](https://docs.aws.amazon.com/codebuild/latest/userguide/batch-build.html)\.  | July 30, 2020 | 
+| [Batch builds](#history) | CodeBuild now supports the execution of concurrent and coordinated builds of a project\. For more information, see [Batch builds in CodeBuild](https://docs.aws.amazon.com/codebuild/latest/userguide/batch-build.html)\. | July 30, 2020 | 
 | [Windows Server 2019 image](#history) | CodeBuild now provides a Windows Server Core 2019 build image\. For more information, see [Docker images provided by CodeBuild](https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-available.html)\.  | July 20, 2020 | 
 | [Session Manager](#history) | CodeBuild now allows you to pause a running build and then use AWS Systems Manager Session Manager to connect to the build container and view the state of the container\. For more information, see [Session Manager](https://docs.aws.amazon.com/codebuild/latest/userguide/session-manager.html)\. | July 20, 2020 | 
 | [Updated topic](#history) |  CodeBuild now supports specifying a shell to use in their build environments in the buildspec file\. For more information, see [Build specification reference](https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html)\.  | June 25, 2020 |