search

aws / aws-cdk

The AWS Cloud Development Kit is a framework for defining cloud infrastructure in code
https://aws.amazon.com/cdk
Apache License 2.0
11.6k stars 3.9k forks source link

(CodePipeline): use source S3 trigger without cloudtrail #22828

Open tamerin-tech opened 1 year ago

tamerin-tech commented 1 year ago

Describe the bug

when using CodePipeline with S3 source:

 const pipeline = new CodePipeline(this, `Pipeline-dev`, {
      selfMutation: true,
      pipelineName,
      synth: new CodeBuildStep('Synth', {
        input: CodePipelineSource.s3(sourceBucket, artifactZipName, {
      trigger: S3Trigger.EVENTS
    }),

the template generated contains the following EventBridge rule:

{
  "detail-type": ["AWS API Call via CloudTrail"],
  "source": ["aws.s3"],
  "detail": {...

This event pattern is not triggered since the source is wrong. Contacting AWS Support, they told us we need to use the following event source instead:

"eventSource": ["s3.amazonaws.com"]

As also mentioned in this documentation https://docs.aws.amazon.com/codepipeline/latest/userguide/create-cloudtrail-S3-source-console.html

Even after upgrading CDK to the latest version, the event source is still not created correctly.

Expected Behavior

Generate template with correct event source for S3 triggered CodePipeline source: "eventSource": ["s3.amazonaws.com"]

Current Behavior

Template is generated with wrong source for S3 triggered CodePipeline source: "source": ["aws.s3"]

Reproduction Steps

use a simple CodePipeline as described here https://cdkworkshop.com/20-typescript/70-advanced-topics/200-pipelines/3000-new-pipeline.html

and use S3 as source instead, with event based trigger https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.pipelines.CodePipelineSource.html#static-s3bucket-objectkey-props

Possible Solution

No response

Additional Information/Context

No response

CDK CLI Version

2.50.0 (build 4c11af6)

Framework Version

2.50.0

Node.js Version

16.17.0

OS

Windows 10

Language

Typescript

Language Version

TypeScript (4.6.4)

Other information

No response

peterwoodworth commented 1 year ago

Does this work as a workaround?

    pipeline.buildPipeline(); // The rule will not be created until the pipeline is built, calling this directly may have adverse effects in your application
    for (const child of sourceBucket.node.children) {
      if (child instanceof Rule) {
        child.addEventPattern({
          detail: {
            eventSource: ['s3.amazonaws.com']
          }
        })
      }
    }

If so, I think we will need to make this same call (.addEventPattern()) in the code here https://github.com/aws/aws-cdk/blob/4c11af6067b35125781aa590bb33c7990078d1ed/packages/%40aws-cdk/aws-codepipeline-actions/lib/s3/source-action.ts#L118