Description
Describe the issue
I have a few stacks (ServiceStack,AuthenticationStack, and DataStorageStack). All of which work when deployed locally from the CLI. I decided to try and create a simple CICD pipeline using thePipeline construct from the aws-cdk-lib/aws-codepipeline module. A simple github source to main, along with a simple build step (npm ci, cdk synth). I then use the cdk.out generated in an artifact to perform actions specifically the CloudFormationCreateUpdateStackAction on the stacks (essentially update them). Below is the code for the PipelineStack:
export class PipelineStack extends Stack {
constructor(scope: Construct, id: string, props?: StackProps) {
super(scope, id, props);
const pipeline = new Pipeline(this, "Pipeline", {
pipelineName: "CombatSportsRankingPipeline",
crossAccountKeys: false,
});
const sourceOutput = new Artifact("sourceOutput");
pipeline.addStage({
stageName: "Source",
actions: [
new GitHubSourceAction({
owner: "XXXX",
repo: "XXXX",
branch: "main",
actionName: "Pipeline_Source",
oauthToken: SecretValue.secretsManager(
"XXXX"
),
output: sourceOutput,
}),
],
});
const codeBuildOutput = new Artifact("codeBuildOutput");
pipeline.addStage({
stageName: "Build",
actions: [
new CodeBuildAction({
actionName: "Code_Build",
input: sourceOutput,
outputs: [codeBuildOutput],
project: new PipelineProject(this, "CodeBuildProject", {
environment: {
buildImage: LinuxBuildImage.STANDARD_7_0,
},
buildSpec: BuildSpec.fromSourceFilename(
"build-specs/code-build.yml"
),
}),
}),
],
});
pipeline.addStage({
stageName: "Pipeline_Update",
actions: [
new CloudFormationCreateUpdateStackAction({
actionName: "Pipeline_Update",
stackName: "PipelineStack",
templatePath: codeBuildOutput.atPath("PipelineStack.template.json"),
adminPermissions: true,
}),
],
});
pipeline.addStage({
stageName: "DataStorage_Update",
actions: [
new CloudFormationCreateUpdateStackAction({
actionName: "DataStorage_Update",
stackName: "DataStorageStack",
templatePath: codeBuildOutput.atPath(
"DataStorageStack.template.json"
),
adminPermissions: true,
}),
],
});
pipeline.addStage({
stageName: "Authorization_Update",
actions: [
new CloudFormationCreateUpdateStackAction({
actionName: "Authorization_Update",
stackName: "AuthorizationStack",
templatePath: codeBuildOutput.atPath(
"AuthorizationStack.template.json"
),
adminPermissions: true,
}),
],
});
pipeline.addStage({
stageName: "CsrService_Update",
actions: [
new CloudFormationCreateUpdateStackAction({
actionName: "CsrService_Update",
stackName: "CsrServiceStack",
templatePath: codeBuildOutput.atPath("CsrServiceStack.template.json"),
adminPermissions: true,
}),
],
});
}
}The Authorization_Update stage fails with the error:
Resource handler returned message: "Error occurred while GetObject. S3 Error Code: NoSuchKey. S3 Error Message: The specified key does not exist. (Service: Lambda, Status Code: 400)"
I did check the S3 bucket and the asset.zip file found in the template was there. I don't know if there is any other steps I need to do on my part.
I checked the documentation and couldn't find anywhere that suggested whether I should enabled any pipeline service principles access to the lambdas or if there were other parameters (selfMutating doesn't seem to be an option in this v2 version of code pipelines). I may be lost a little as to what this entails.
I've looked through codepipeline module and the CloudFormationCreateUpdateStackAction which seemed extra lean. Any guidance is appreciated.
Links
- https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_codepipeline_actions.CloudFormationCreateUpdateStackAction.html
- https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_codepipeline_actions-readme.html
- https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_codepipeline-readme.html
Activity