Open shindeja opened 2 years ago
kaizencc
commented
2 years ago Hi @shindeja! Do you have a minimally reproducible stack that I can test on? I don't know what openSearchStack or the other stacks in your stage are. Do you know if those stacks deploy correctly on their own, outside of the pipeline?
shindeja
commented
2 years ago Hi @kaizencc this is my opensearch stack and all the stacks works well as part of pipeline expect opensearch.
import { CfnResource, Construct, Stack, CfnParameter } from '@aws-cdk/core';
import { Domain, EngineVersion, IDomain } from '@aws-cdk/aws-opensearchservice';
import { SubnetType } from '@aws-cdk/aws-ec2';
import { opensearchProps } from '../interfaces/iconfig'
export class openSearchStack extends Stack {
public readonly openSearchCluster: IDomain;
constructor(scope: Construct, id: string, props: opensearchProps) {
super(scope, id, props);
const devDomain = new Domain(this, `opensearchdomain${props.wEnv}`, {
version: EngineVersion.OPENSEARCH_1_1,
enableVersionUpgrade: true,
vpc: props.vpc,
vpcSubnets:[ props.vpc.selectSubnets({
subnetType: SubnetType.PRIVATE_WITH_NAT,
onePerAz: true
})],
removalPolicy: props.config.os.removalPolicy,
// encryptionAtRest: {
// enabled: true,
// },
//nodeToNodeEncryption: true,
ebs: {
volumeSize: props.config.os.ebsVolume,
volumeType: props.config.os.volumeType
},
zoneAwareness: {
availabilityZoneCount: props.config.os.azCount
},
nodeToNodeEncryption: false,
domainName: `${props.config.os.domainName}${props.wEnv}`,
logging: {
slowSearchLogEnabled: props.config.os.slowSearchLogEnabled,
appLogEnabled: props.config.os.appLogEnabled,
slowIndexLogEnabled: props.config.os.slowIndexLogEnabled,
//appLogGroup:
//auditLogGroup:
},
capacity: {
dataNodes: props.config.os.dataNodes,
dataNodeInstanceType: props.config.os.instanceType,
// masterNodes:
// masterNodeInstanceType:
},
enforceHttps: true,
// accessPolicies: {
// },
fineGrainedAccessControl: {
// masterUserArn:
// masterUserName: '',
// masterUserPassword: '',
},
});
const serviceLinkedRole = new CfnResource(this, `es-service-linked-role${props.wEnv}`, {
type: 'AWS::IAM::ServiceLinkedRole',
properties: {
AWSServiceName: 'es.amazonaws.com',
Description: 'Role for ES to access resources in VPC'
}
});
devDomain.node.addDependency(serviceLinkedRole);
this.openSearchCluster = devDomain;
}
}This is my pipeline code
export class AppiPipeline extends Stack {
public readonly iPipeline: CodePipeline;
constructor(scope: Construct, id: string, props?: StackProps) {
super(scope, id, props);
const repoName = Repository.fromRepositoryName(this, 'APIRepos', devConfig.repoName);
const infraPipeline = new CodePipeline(this, `ApiRepos${devConfig.wEnv}`, {
pipelineName: 'NonProd',
crossAccountKeys: false,
selfMutation: false,
publishAssetsInParallel: false,
cliVersion: devConfig.CDK_CLI_VERSION,
synth: new ShellStep('Synth', {
input: CodePipelineSource.codeCommit(repoName, devConfig.branchName),
installCommands: [
`npm i -g aws-cdk@${devConfig.CDK_CLI_VERSION}`
],
commands: [
'npm ci',
'npm run build',
'npx cdk synth',
'npx cdk ',
],
}),
});
infraPipeline.addStage(new AppiInfraStage(this, `deployDevStacks${devConfig.wEnv}`, {
wEnv: devConfig.wEnv,
config: devConfig
}), {
post: [],
pre: [],
});
infraPipeline.buildPipeline();
this.iPipeline = infraPipeline;
}
}This is my stage code
export class AppiInfraStage extends Stage {
constructor(scope: Construct, id: string, props: pEnvPros) {
super(scope, id, props);
const vpcStack = new iVPCStack(this, `avpcStack${props.wEnv}`, {
wEnv: props.wEnv,
config: props.config,
});
const kmsStack = new ikmsStack(this, `ikmsStack${props.wEnv}`, {
wEnv: props.wEnv,
config: props.config,
});
const iopenSearchStack = new openSearchStack(this, `iopenSearchStack${props.wEnv}`, {
wEnv: props.wEnv,
config: props.config,
vpc: vpcStack.iVPC,
privateSB: vpcStack.privateSN,
publicSB: vpcStack.publicSN,
});
}
}This is the screenshot for the pipeline
So as pipeline stack gets failed, but getting deployed individually correctly. This is done any extra just simple plain configurations, but its getting failed as part of pipeline.
pahud
commented
3 months ago Hi
Are you able to just deploy one single stack that has opensearch, kms and vpc via the pipeline?
Does it just fail when you separate them into three stacks?
As CDK v1 is end-of-support now. Can you help verify is this issue still relevant in CDK v2?
jayeshinde
commented
3 months ago Its failes for seperate stacks
Describe the bug
When we try to deploy the OpenSearch stack as part of Pipeline, stack is getting failing due to missing asset parameters.
Action execution failed Parameters: [AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3BucketB21FB59F, AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90ArtifactHashC00C7285, AssetParameters9d784cf317cead201dfe56ed0404d6d23eba6d499ca7354138230c2267f2fe90S3VersionKey73D4F058] must have values (Service: AmazonCloudFormation; Status Code: 400; Error Code: ValidationError; Request ID: c6ae6178-62de-42a5-b8e1-23f975401e97; Proxy: null)Expected Behavior
Pipeline should failed due to asset parameter missing error.
Current Behavior
It should not fail as it creates nested stacks which needs s3 buckets to create Lambdas.
Reproduction Steps
deploy the stack, you will get the error for opensearch stack deployment.
Possible Solution
No response
Additional Information/Context
No response
CDK CLI Version
1.157.0
Framework Version
CDK v1.
Node.js Version
16
OS
MAC
Language
Typescript
Language Version
typescript 4.4.0
Other information
No response