Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(pipelines): Assets are missing to be packaged since StackSynthesizer being ignored #31070

Open
mrlikl opened this issue Aug 9, 2024 · 3 comments
Open

(pipelines): Assets are missing to be packaged since StackSynthesizer being ignored #31070

mrlikl opened this issue Aug 9, 2024 · 3 comments
Labels
@aws-cdk/pipelines CDK Pipelines library bug This issue is a bug. effort/medium Medium work item – several days of effort p1

Comments

@mrlikl
Copy link
Contributor

mrlikl commented Aug 9, 2024

Describe the bug

When a CDK pipeline with 2 stages targeting the same account and region but with different synthesizers, the assets are packaged only once.

Expected Behavior

The assets be packaged for both the Stages. The stages along with assets are generated correctly only that the asset stage in the pipeline is missing publish for the stage.

Current Behavior

The BuildSpec generate is missing asset publish prd stage:

{
    "version": "0.2",
    "phases": {
        "install": {
            "commands": [
                "npm install -g cdk-assets@2"
            ]
        },
        "build": {
            "commands": [
                "cdk-assets --path assembly-Pipeline-Staging/PipelineStagingA8C81619.assets.json --verbose publish 652f12ad2ae83a553600995736a7129bd3f2c46d13f49048a9f92059e6c66822:012345678901-ap-southeast-2"
            ]
        }
    }
}

Reproduction Steps

Sample code to replicate the issue:

from aws_cdk import (
    Stack,
    Stage,
    pipelines,
    aws_codecommit,
    Environment,
    DefaultStackSynthesizer,
)
from aws_cdk import aws_lambda as _lambda
from constructs import Construct

class DeploymentStage(Stage):
    def __init__(
        self,
        scope: Construct,
        construct_id: str,
        account_id: str,
        region: str,
        environment_abbreviation: str,
        **kwargs,
    ) -> None:
        super().__init__(scope, construct_id, **kwargs)
        if environment_abbreviation == "stg" and account_id == "012345678901":
            synth = DefaultStackSynthesizer(
                qualifier="hnb659fdj",
                file_assets_bucket_name="cdk-hnb659fdj-assets-012345678901-ap-southeast-2"
            )
        elif environment_abbreviation == "prd" and account_id == "012345678901":
            synth = DefaultStackSynthesizer(
                qualifier="hnb659fdk",
                file_assets_bucket_name="cdk-hnb659fdk-assets-012345678901-ap-southeast-2"
            )
        stack = TestCdkStack(
            scope=self,
            stack_name=f"{environment_abbreviation}-aie-sagemaker-studio-cdk",
            construct_id=construct_id,
            env=Environment(
                account=f"{account_id}", region=f"{region}"
            ),
            synthesizer=synth,
        )

class Pipeline(Stack):
    def __init__(
        self,
        scope: Construct,
        construct_id: str,
        **kwargs,
    ) -> None:
        super().__init__(
            scope, construct_id, **kwargs
        )
        existing_repository = aws_codecommit.Repository.from_repository_name(
            scope=self,
            id="ExistingRepository",
            repository_name='cdkpipeline',
        )
        pipeline = pipelines.CodePipeline(
            scope=self,
            id="Pipeline",
            synth=pipelines.ShellStep(
                id="Synthesis",
                input=pipelines.CodePipelineSource.code_commit(
                    repository=existing_repository,
                    branch='main',
                ),
                commands=[
                    "cdk synth",
                ],
                install_commands=[
                    "npm install -g aws-cdk",
                    "python -m pip install -r requirements.txt",
                    "python -m pip install -r requirements-dev.txt",
                ],
            ),
            cross_account_keys=True,
        )
        staging_stage = DeploymentStage(
            scope=self,
            construct_id="Staging",
            account_id="012345678901",
            environment_abbreviation="stg",
            region="ap-southeast-2"
        )
        pipeline.add_stage(staging_stage)
        production_stage = DeploymentStage(
            scope=self,
            construct_id="Production",
            account_id="012345678901",
            environment_abbreviation="prd",
            region="ap-southeast-2"
        )
        pipeline.add_stage(production_stage)

class TestCdkStack(Stack):
    def get_associated_id(self, table, environment, account_number):
        return table.get(environment, {}).get(account_number)
    def __init__(
        self,
        scope: Construct,
        construct_id: str,
        **kwargs,
    ) -> None:
        super().__init__(
            scope=scope,
            id=construct_id,
            **kwargs,
        )
        _lambda.Function(self, "test", runtime=_lambda.Runtime.PYTHON_3_9, handler="index.handler",
                         code=_lambda.Code.from_asset("lambda-handler"))

Possible Solution

No response

Additional Information/Context

No response

CDK CLI Version

2.151

Framework Version

No response

Node.js Version

v18.20.4

OS

macos

Language

TypeScript, Python

Language Version

No response

Other information

No response
@mrlikl mrlikl added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Aug 9, 2024
@github-actions github-actions bot added the @aws-cdk/pipelines CDK Pipelines library label Aug 9, 2024
@pahud pahud self-assigned this Aug 9, 2024
@pahud
Copy link
Contributor

pahud commented Aug 9, 2024

I didn't manage to deploy your provided code snippet but I will bring this to team's attention.

12:54:16 PM | CREATE_FAILED        | AWS::KMS::Key         | CrossRegionCodePip...ryptionKey70216490
Resource handler returned message: "Policy contains a statement with one or more invalid principals. (Service: Kms, Status Code: 400, Request ID: d999b1df-98d1
-4a21-8b3e-49ea3672e709)" (RequestToken: 7d97c070-6417-d89c-6b77-4fa7e00b516b, HandlerErrorCode: InvalidRequest)

@pahud pahud added p2 investigating This issue is being investigated and/or work is in progress to resolve the issue. and removed needs-triage This issue or PR still needs to be triaged. labels Aug 9, 2024
@pahud
Copy link
Contributor

pahud commented Aug 9, 2024

internal tracking: V1478992191

@pahud pahud removed the investigating This issue is being investigated and/or work is in progress to resolve the issue. label Aug 9, 2024
@pahud pahud removed their assignment Aug 9, 2024
@github-actions github-actions bot mentioned this issue Aug 12, 2024
Closed
@pahud
Copy link
Contributor

pahud commented Aug 12, 2024
edited
Loading

confirmed.

With code snippet like this, the assets stage codebuild would not upload assets to both destinations.

class DeploymentStage(Stage):
    def __init__(
        self,
        scope: Construct,
        construct_id: str,
        account_id: str,
        region: str,
        environment_abbreviation: str,
        **kwargs,
    ) -> None:
        super().__init__(scope, construct_id, **kwargs)
        if environment_abbreviation == "stg" and account_id == "123456789012":
            synth = DefaultStackSynthesizer(
                qualifier="dev",
                file_assets_bucket_name="cdk-dev-assets-123456789012-ap-southeast-1"
            )
        elif environment_abbreviation == "prd" and account_id == "123456789012":
            synth = DefaultStackSynthesizer(
                qualifier="hnb659fds",
                file_assets_bucket_name="cdk-hnb659fds-assets-123456789012-ap-southeast-1"
            )
        stack = TestCdkStack(
            scope=self,
            stack_name=f"{environment_abbreviation}-aie-sagemaker-studio-cdk",
            construct_id=construct_id,
            env=Environment(
                account=f"{account_id}", region=f"{region}"
            ),
            synthesizer=synth,
        )

class Pipeline(Stack):
    def __init__(
        self,
        scope: Construct,
        construct_id: str,
        **kwargs,
    ) -> None:
        super().__init__(
            scope, construct_id, **kwargs
        )
        # existing_repository = aws_codecommit.Repository.from_repository_name(
        #     scope=self,
        #     id="ExistingRepository",
        #     repository_name='cdkpipeline',
        # )
        bucket = s3.Bucket.from_bucket_name(self, "assetsBucket", "<deducted>")
        pipeline = pipelines.CodePipeline(
            scope=self,
            id="Pipeline",
            synth=pipelines.ShellStep(
                id="Synthesis",
                input=pipelines.CodePipelineSource.s3(
                    bucket,
                    "cdk-sample.zip"
                ),
                commands=[
                    "cdk synth",
                ],
                install_commands=[
                    "npm install -g aws-cdk",
                    "python -m pip install -r requirements.txt",
                    "python -m pip install -r requirements-dev.txt",
                ],
            ),
            # cross_account_keys=True,
        )
        staging_stage = DeploymentStage(
            scope=self,
            construct_id="Staging",
            account_id="903779448426",
            environment_abbreviation="stg",
            region="ap-southeast-1"
        )
        pipeline.add_stage(staging_stage)
        production_stage = DeploymentStage(
            scope=self,
            construct_id="Production",
            account_id="903779448426",
            environment_abbreviation="prd",
            region="ap-southeast-1"
        )
        pipeline.add_stage(production_stage)

class TestCdkStack(Stack):
    def get_associated_id(self, table, environment, account_number):
        return table.get(environment, {}).get(account_number)
    def __init__(
        self,
        scope: Construct,
        construct_id: str,
        **kwargs,
    ) -> None:
        super().__init__(
            scope=scope,
            id=construct_id,
            **kwargs,
        )
        _lambda.Function(self, "test", runtime=_lambda.Runtime.PYTHON_3_9, handler="index.handler",
                         code=_lambda.Code.from_asset("lambda-handler"))

buildspec for the assets stage:

{
  "version": "0.2",
  "phases": {
    "install": {
      "commands": [
        "npm install -g cdk-assets@2"
      ]
    },
    "build": {
      "commands": [
        "cdk-assets --path \"assembly-issue-triage-python-stack-Staging/<deducted>.assets.json\" --verbose publish \"<deducted>:123456789012-ap-southeast-1\""
      ]
    }
  }
}

@pahud pahud added p1 and removed p2 labels Aug 12, 2024
@ashishdhingra ashishdhingra added the effort/medium Medium work item – several days of effort label Aug 12, 2024
@github-actions github-actions bot mentioned this issue Sep 1, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
@aws-cdk/pipelines CDK Pipelines library bug This issue is a bug. effort/medium Medium work item – several days of effort p1
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@pahud @ashishdhingra @mrlikl