Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

codepipeline-actions: CloudFormationCreateUpdateStackAction fails when lambda requires assets #29776

Open
traysonkelii opened this issue Apr 10, 2024 · 2 comments
Open

codepipeline-actions: CloudFormationCreateUpdateStackAction fails when lambda requires assets #29776

traysonkelii opened this issue Apr 10, 2024 · 2 comments
Labels
@aws-cdk/aws-codepipeline Related to AWS CodePipeline @aws-cdk/aws-codepipeline-actions bug This issue is a bug. documentation This is a problem with documentation. effort/medium Medium work item – several days of effort p3

Comments

@traysonkelii
Copy link

Describe the issue

I have a few stacks (ServiceStack,AuthenticationStack, and DataStorageStack). All of which work when deployed locally from the CLI. I decided to try and create a simple CICD pipeline using thePipeline construct from the aws-cdk-lib/aws-codepipeline module. A simple github source to main, along with a simple build step (npm ci, cdk synth). I then use the cdk.out generated in an artifact to perform actions specifically the CloudFormationCreateUpdateStackAction on the stacks (essentially update them). Below is the code for the PipelineStack:

export class PipelineStack extends Stack {
  constructor(scope: Construct, id: string, props?: StackProps) {
    super(scope, id, props);

    const pipeline = new Pipeline(this, "Pipeline", {
      pipelineName: "CombatSportsRankingPipeline",
      crossAccountKeys: false,
    });

    const sourceOutput = new Artifact("sourceOutput");

    pipeline.addStage({
      stageName: "Source",
      actions: [
        new GitHubSourceAction({
          owner: "XXXX",
          repo: "XXXX",
          branch: "main",
          actionName: "Pipeline_Source",
          oauthToken: SecretValue.secretsManager(
            "XXXX"
          ),
          output: sourceOutput,
        }),
      ],
    });

    const codeBuildOutput = new Artifact("codeBuildOutput");

    pipeline.addStage({
      stageName: "Build",
      actions: [
        new CodeBuildAction({
          actionName: "Code_Build",
          input: sourceOutput,
          outputs: [codeBuildOutput],
          project: new PipelineProject(this, "CodeBuildProject", {
            environment: {
              buildImage: LinuxBuildImage.STANDARD_7_0,
            },
            buildSpec: BuildSpec.fromSourceFilename(
              "build-specs/code-build.yml"
            ),
          }),
        }),
      ],
    });

    pipeline.addStage({
      stageName: "Pipeline_Update",
      actions: [
        new CloudFormationCreateUpdateStackAction({
          actionName: "Pipeline_Update",
          stackName: "PipelineStack",
          templatePath: codeBuildOutput.atPath("PipelineStack.template.json"),
          adminPermissions: true,
        }),
      ],
    });

    pipeline.addStage({
      stageName: "DataStorage_Update",
      actions: [
        new CloudFormationCreateUpdateStackAction({
          actionName: "DataStorage_Update",
          stackName: "DataStorageStack",
          templatePath: codeBuildOutput.atPath(
            "DataStorageStack.template.json"
          ),
          adminPermissions: true,
        }),
      ],
    });

    pipeline.addStage({
      stageName: "Authorization_Update",
      actions: [
        new CloudFormationCreateUpdateStackAction({
          actionName: "Authorization_Update",
          stackName: "AuthorizationStack",
          templatePath: codeBuildOutput.atPath(
            "AuthorizationStack.template.json"
          ),
          adminPermissions: true,
        }),
      ],
    });

    pipeline.addStage({
      stageName: "CsrService_Update",
      actions: [
        new CloudFormationCreateUpdateStackAction({
          actionName: "CsrService_Update",
          stackName: "CsrServiceStack",
          templatePath: codeBuildOutput.atPath("CsrServiceStack.template.json"),
          adminPermissions: true,
        }),
      ],
    });
  }
}

The Authorization_Update stage fails with the error:

Resource handler returned message: "Error occurred while GetObject. S3 Error Code: NoSuchKey. S3 Error Message: The specified key does not exist. (Service: Lambda, Status Code: 400)"

I did check the S3 bucket and the asset.zip file found in the template was there. I don't know if there is any other steps I need to do on my part.

I checked the documentation and couldn't find anywhere that suggested whether I should enabled any pipeline service principles access to the lambdas or if there were other parameters (selfMutating doesn't seem to be an option in this v2 version of code pipelines). I may be lost a little as to what this entails.

I've looked through codepipeline module and the CloudFormationCreateUpdateStackAction which seemed extra lean. Any guidance is appreciated.

Links
@traysonkelii traysonkelii added documentation This is a problem with documentation. needs-triage This issue or PR still needs to be triaged. labels Apr 10, 2024
@github-actions github-actions bot added the @aws-cdk/aws-lambda Related to AWS Lambda label Apr 10, 2024
@pahud
Copy link
Contributor

pahud commented Apr 12, 2024

I was not able to deploy with the provided code snippets. Are you able to simplify it and provide all necessary info including the buildspec of codebuild and a sample source repo so we can simply run in our local environment and see what's happening?

@pahud pahud added p2 response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days. effort/medium Medium work item – several days of effort @aws-cdk/aws-codepipeline Related to AWS CodePipeline @aws-cdk/aws-codepipeline-actions and removed needs-triage This issue or PR still needs to be triaged. @aws-cdk/aws-lambda Related to AWS Lambda labels Apr 12, 2024
@pahud pahud changed the title aws-cdk-lib/aws-codepipeline-actions: CloudFormationCreateUpdateStackAction fails when lambda requires assets codepipeline-actions: CloudFormationCreateUpdateStackAction fails when lambda requires assets Apr 12, 2024
@traysonkelii
Copy link
Author

Here is the buildspec, I will need to work on the sample source repo:

version: 0.2

phases:
  install:
    commands:
      - npm install -g npm
      - npm install
  build:
    commands:
      - npm run clean
      - npm run build
      - npm run cdk -- synth

artifacts:
  base-directory: cdk.out
  files:
    - "**/*"

Here is the actual github repo (it should be public: https:/traysonkelii/combat-sports-ranking-cdk) I'll work on making it smaller.

@github-actions github-actions bot removed the response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days. label Apr 12, 2024
This was referenced Apr 15, 2024
Closed
Closed
@github-actions github-actions bot mentioned this issue May 1, 2024
Closed
@pahud pahud added p3 and removed p2 labels Jun 11, 2024
@moelasmar moelasmar added the bug This issue is a bug. label Aug 28, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
@aws-cdk/aws-codepipeline Related to AWS CodePipeline @aws-cdk/aws-codepipeline-actions bug This issue is a bug. documentation This is a problem with documentation. effort/medium Medium work item – several days of effort p3
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@pahud @traysonkelii @moelasmar