Samples

Ready-to-use pipeline configurations and CDK examples that demonstrate Pipeline Builder’s capabilities. Use these as starting points for your own pipelines or as reference implementations for advanced patterns.

All sample files are located in deploy/samples/.

Related docs: Plugin Catalog

Metadata Keys

API Reference

Pipeline Samples

Language-specific CI/CD pipelines based on well-known open source repos. Each sample demonstrates idiomatic build, test, security, and packaging stages for its language.

Location: deploy/samples/pipelines/

Sample	Language	Source Repo	Stages
react-frontend	JS/TS	facebook/react	Lint, Test, Build, Security, Package
spring-boot-java	Java	spring-projects/spring-boot	Quality, Build-Test, Coverage, SAST, Publish
django-python	Python	django/django	Lint, Test, Coverage, Security, Package
gin-golang	Go	gin-gonic/gin	Analysis, Test, Benchmark, Build, Security
axum-rust	Rust	tokio-rs/axum	Lint, Test, Safety, Build, Publish
rails-ruby	Ruby	rails/rails	Lint, Test-SQLite, Test-PG, Security, Publish
aspnetcore-dotnet	C#/.NET	dotnet/aspnetcore	Analysis, Build-Test, Security, Container, Publish

Patterns

Plugin filters — every plugin reference includes filter with version, accessModifier, isActive
Multi-version testing — same plugin with different alias and imageTag (e.g., Java 17 + 21)
Failure behavior — advisory checks use failureBehavior: "warn"
Step positioning — primary steps use "pre", supplementary use "post"
Compute sizing — heavy steps override to MEDIUM or LARGE via metadata

CDK TypeScript Examples

Self-contained stack classes showing PipelineBuilder usage.

Location: deploy/samples/cdk/

Sample	Pattern
basic-pipeline-ts	Simplest usage — GitHub source, plugin filters, 4 stages
vpc-isolated-pipeline-ts	VPC networking with `NetworkConfig` and step-level overrides
multi-account-pipeline-ts	Cross-account with `RoleConfig`, CodeStar source, ManualApproval
monorepo-pipeline-ts	Monorepo with factory functions, pnpm workspace, per-service Docker
custom-iam-roles-ts	Three levels of IAM role control (pipeline, step project, step action)
secrets-management-ts	Secrets Manager integration with `orgId`-scoped resolution

IAM Role Levels

From custom-iam-roles-ts:

Level	Config	Trust Principal
Pipeline	`BuilderProps.role`	`codepipeline.amazonaws.com`
Step project	`codebuildstep:role` metadata	`codebuild.amazonaws.com`
Step action	`codebuildstep:actionrole` metadata	—

Secrets Flow

From secrets-management-ts:

Set orgId on BuilderProps
Plugins declare secrets: [{ name: 'SECRET_NAME', required: true }]
At deploy, resolves from pipeline-builder/{orgId}/{secretName} in Secrets Manager
Injected as SECRETS_MANAGER-type CodeBuild env vars automatically

Loading Samples

Load all sample pipelines into a running Pipeline Builder instance:

cd deploy
bash bin/load-pipelines.sh

# Custom URL
PLATFORM_BASE_URL=https://pipeline.example.com bash bin/load-pipelines.sh

Tip: Samples are also loaded automatically by init-platform.sh during post-deploy setup.