search

aws / aws-cdk

The AWS Cloud Development Kit is a framework for defining cloud infrastructure in code
https://aws.amazon.com/cdk
Apache License 2.0
11.52k stars 3.86k forks source link

(pipelines): ManualApprovalStep should support SNS notifications #18065

Open shanman190 opened 2 years ago

shanman190 commented 2 years ago

Description

pipelines.ManualApprovalStep should be able to send an SNS notification to a user when their approval is requested.

Use Case

I'm migrating an old pipelines.CdkPipeline to pipelines.CodePipeline. The previous pipeline is using codepipeline_actions.ManualApprovalAction which supports the above functionality, but the parallel pipelines.ManualApprovalStep does not.

Proposed Solution

pipelines.ManualApprovalStep exposes an SNS notification topic property for providing this configuration.

Other information

As a workaround, one could implement a custom Step that exposes the codepipeline_actions.ManualApprovalAction for the pipelines.CodePipeline version.

Acknowledge

rix0rrr commented 2 years ago

The problem is that ManualApprovalStep might need to work with a backend that doesn't have SNS (like GitHub actions).

But, I suppose it would be okay to add an SNS action and other CDK Pipelines backends would reject that feature if set.

shanman190 commented 2 years ago

@rix0rrr, I see the issue there. What if there was a way to expose EventBridge configuration(s) more easily? This way it would scale across all of the different approval backends.

Maybe something of the form:

  1. Pipeline:

    pipeline = pipelines.CodePipeline(...)
pipeline_rule: events.Rule = pipeline.on_started(...) # on_failed, etc

  2. Stage:

    stage = ...
stage_rule: events.Rule = stage.on_started(...) # on_failed, etc

  3. Step:

    step = ...
step_rule: events.Rule = step.on_started(...) # on_failed, etc

https://docs.aws.amazon.com/codepipeline/latest/userguide/detect-state-changes-cloudwatch-events.html

shanman190 commented 2 years ago

Now if you also meant different pipeline backends, such as replacing AWS CodePipeline with a GitHub Actions pipeline, then I can also see where this would create a wrinkle as well.

entest-hai commented 2 years ago

Description

pipelines.ManualApprovalStep should be able to send an SNS notification to a user when their approval is requested.

Use Case

I'm migrating an old pipelines.CdkPipeline to pipelines.CodePipeline. The previous pipeline is using codepipeline_actions.ManualApprovalAction which supports the above functionality, but the parallel pipelines.ManualApprovalStep does not.

Proposed Solution

pipelines.ManualApprovalStep exposes an SNS notification topic property for providing this configuration.

Other information

As a workaround, one could implement a custom Step that exposes the codepipeline_actions.ManualApprovalAction for the pipelines.CodePipeline version.

Acknowledge

  • [x] I may be able to implement this feature request
  • [ ] This feature might incur a breaking change

Same issue, can you please share the workaround solution in with detail? How to create a custom "Step?

My workaround is to go to the CodePipeline console (GUI) and manually add an SNS topic into the ManualApprovalStep action, but this break the cdk python code.

ytsipun commented 2 years ago

+1

mywogunleye commented 2 years ago

+1

Pandafriendd commented 2 years ago

Any workaround? For now I am using ConfirmPermissionsBroadening where it has a notificationTopic property.

iselcuk commented 2 years ago

How about using CodeStar Notifications as a workaround? This approach only works if you want to get notified about all of your manual approval steps though.

    const pipelineUpdatesTopic = new aws_sns.Topic(
      this,
      "PipelineUpdatesTopic"
    );

    const slack = new aws_chatbot.SlackChannelConfiguration(
      this,
      "aws-cicd-demo",
      {
        slackChannelConfigurationName,
        slackWorkspaceId,
        slackChannelId,
      }
    );

    /**
     * We must build the pipeline before creating the notification rule
     */
    pipeline.buildPipeline();

    const rule = new aws_codestarnotifications.NotificationRule(
      this,
      "PipelineNotificationRule",
      {
        source: pipeline.pipeline,
        events: [
          "codepipeline-pipeline-manual-approval-needed",
          "codepipeline-pipeline-manual-approval-failed",
          "codepipeline-pipeline-manual-approval-succeeded",
          "codepipeline-pipeline-pipeline-execution-failed",
          "codepipeline-pipeline-pipeline-execution-canceled",
          "codepipeline-pipeline-pipeline-execution-started",
          "codepipeline-pipeline-pipeline-execution-resumed",
          "codepipeline-pipeline-pipeline-execution-succeeded",
          "codepipeline-pipeline-pipeline-execution-superseded",
        ],
        targets: [pipelineUpdatesTopic],
      }
    );
    // Targeting slack
    rule.addTarget(slack);

    // Targeting a specific email
    pipelineUpdatesTopic.addSubscription(
      new aws_sns_subscriptions.EmailSubscription("test@email.com")
    );

The NotificationRule can only be created after the pipeline has been built. And after the pipeline has been built, no modifications can be made on the pipeline.

yvthepief commented 2 years ago

+1

DharmSonariya commented 1 year ago

+1

yvthepief commented 1 year ago

I've implemented it via Arbitrary CodePipeline Action/Step. Little blog on it can be found here: https://yvovanzee.nl/cdk-pipeline-manual-approval-step-with-sns-notification

code used is: ` @jsii.implements(pipelines.ICodePipelineActionFactory) class ManualApprovalWithSNSStep(pipelines.Step): """ Create an Arbitrary CodePipeline step to enable SNS with manual approval https://docs.aws.amazon.com/cdk/api/v2/python/aws_cdk.pipelines/README.html#arbitrary-codepipeline-actions """

def __init__(self, id_, topic: aws_sns.ITopic):
    super().__init__(id_)

    self.topic = topic

@jsii.member(jsii_name="produceAction")
def produce_action(
    self,
    stage: aws_codepipeline.IStage,
    options: pipelines.ProduceActionOptions,
) -> pipelines.CodePipelineActionFactoryResult:
    stage.add_action(
        aws_codepipeline_actions.ManualApprovalAction(
            action_name=options.action_name,
            additional_information="please approve",
            run_order=options.run_order,
            notification_topic=self.topic,
        )
    )

    return pipelines.CodePipelineActionFactoryResult(run_orders_consumed=1)

`

DharmSonariya commented 1 year ago

+1

mccauleyp commented 1 year ago

+1