search

hashicorp / terraform-provider-aws

The AWS Provider enables Terraform to manage AWS resources.
https://registry.terraform.io/providers/hashicorp/aws
Mozilla Public License 2.0
9.74k stars 9.1k forks source link

Error in creating CodedeployDeploymentGroup with targetGroupPairInfo #26719

Open Samith88 opened 2 years ago

Samith88 commented 2 years ago

I need create an aws codedeploy deployment group for Blue/Green deployments with EC2 using cdktf. My code for codedeploy deployment group as follows,

new CodedeployDeploymentGroup(
  this,
  `${APP_ENV}-codedeploy-deploymentGroup`,
  {
    appName: codedeployApp.name,
    deploymentGroupName: props.environment,
    serviceRoleArn: new DataAwsIamRole(this, `${APP_ENV}-codedeploy-role`, {
      name: `${APP_ENV}-codedeploy-role`,
    }).arn,
    autoscalingGroups: [asgBlue.name,asgGreen.name],
    autoRollbackConfiguration: {
      enabled: true,
      events: ["DEPLOYMENT_FAILURE"], // "DEPLOYMENT_STOP_ON_ALARM"],
    },
    blueGreenDeploymentConfig: {
      deploymentReadyOption: {
        actionOnTimeout: "CONTINUE_DEPLOYMENT",
      },
      greenFleetProvisioningOption: {
        action: "DISCOVER_EXISTING",
      },
      terminateBlueInstancesOnDeploymentSuccess: {
        action: "TERMINATE",
        terminationWaitTimeInMinutes: 300,
      },
    },
    deploymentStyle: {
      deploymentOption: "WITH_TRAFFIC_CONTROL",
      deploymentType: "BLUE_GREEN",
    },
    loadBalancerInfo: {
      targetGroupPairInfo: {
        prodTrafficRoute: {
          listenerArns: [activeListener]
        },
        targetGroup: [
          {
            name: `${APP_ENV}-green`,
          },
          {
            name: `${APP_ENV}-blue`,
          },
        ],
        testTrafficRoute: {
          listenerArns: [inactiveListener]
        }
      },
    },
  }
);

But when I'm trying to deploy this, I'm getting following error,

[2022-09-06T10:12:44.199] [ERROR] default - ╷ │ Error: Error creating CodeDeploy deployment group: InvalidLoadBalancerInfoException: The specification for load balancing in the deployment group is invalid. The deploymentOption value is set to WITH_TRAFFIC_CONTROL, but either no load balancer was specified in elbInfoList or no target group was specified in targetGroupInfoList. │ │ with aws_codedeploy_deployment_group.sre4-testapp-dev-codedeploy-deploymentGroup, │ on cdk.tf.json line 400, in resource.aws_codedeploy_deployment_group.sre4-testapp-dev-codedeploy-deploymentGroup: │ 400: }

But as per my code, I'm passing target groups for create this object.

Also, noticed that in aws docs we have loadBalancerInfo -> targetGroupPairInfo -> targetGroups which is not available in cdktf package(CodedeployDeploymentGroupConfig).

Ref: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codedeploy-deploymentgroup-targetgrouppairinfo.html

I Have ran cdktf by enabling trace logs, so the response and request I got as follows,

Request for codedeploy,

---[ REQUEST POST-SIGN ]-----------------------------
POST / HTTP/1.1
Host: codedeploy.us-east-1.amazonaws.com
User-Agent: APN/1.0 HashiCorp/1.0 Terraform/1.2.7 (+https://www.terraform.io) terraform-provider-aws/3.75.1 (+https://registry.terraform.io/providers/hashicorp/aws) aws-sdk-go/1.43.17 (go1.16; linux; amd64) cdktf/0.12.1 (+https://github.com/hashicorp/terraform-cdk)
Content-Length: 1213
Content-Type: application/x-amz-json-1.1
X-Amz-Date: 20220908T023139Z
X-Amz-Target: CodeDeploy_20141006.CreateDeploymentGroup
Accept-Encoding: gzip

{"applicationName":"sre4-testapp-dev","autoRollbackConfiguration":{"enabled":true,"events":["DEPLOYMENT_FAILURE"]},"autoScalingGroups":["sre4-testapp-dev-green","sre4-testapp-dev-blue"],"blueGreenDeploymentConfiguration":{"deploymentReadyOption":{"actionOnTimeout":"CONTINUE_DEPLOYMENT","waitTimeInMinutes":0},"greenFleetProvisioningOption":{"action":"DISCOVER_EXISTING"},"terminateBlueInstancesOnDeploymentSuccess":{"action":"TERMINATE","terminationWaitTimeInMinutes":300}},"deploymentConfigName":"CodeDeployDefault.OneAtATime","deploymentGroupName":"dev","deploymentStyle":{"deploymentOption":"WITH_TRAFFIC_CONTROL","deploymentType":"BLUE_GREEN"},"loadBalancerInfo":{"targetGroupPairInfoList":[{"prodTrafficRoute":{"listenerArns":["arn:aws:elasticloadbalancing:us-east-1:177807608173:listener/app/sre4-testapp-dev-alb-dev-alb/ac37cd4a1279bd68/516cf17af4109db2"]},"targetGroups":[{"name":"sre4-testapp-dev-green"},{"name":"sre4-testapp-dev-blue"}],"testTrafficRoute":{"listenerArns":["arn:aws:elasticloadbalancing:us-east-1:177807608173:listener/app/sre4-testapp-dev-alb-dev-alb/ac37cd4a1279bd68/75083704af3281c5"]}}]},"serviceRoleArn":"arn:aws:iam::177807608173:role/sre4-testapp-dev-codedeploy-role","tags":[]}
-----------------------------------------------------: timestamp=2022-09-08T08:01:39.283+0530

Response for codedeploy,

CreateDeploymentGroup Details:
---[ RESPONSE ]--------------------------------------
HTTP/1.1 400 Bad Request
Connection: close
Content-Length: 303
Content-Type: application/x-amz-json-1.1
Date: Thu, 08 Sep 2022 02:31:41 GMT
X-Amzn-Requestid: 6bd28e9f-44e0-4edb-ba3e-fde8ec262fc0

-----------------------------------------------------: timestamp=2022-09-08T08:01:42.047+0530
2022-09-08T08:01:42.047+0530 [INFO]  provider.terraform-provider-aws_v3.75.1_x5: 2022/09/08 08:01:42 [DEBUG] [aws-sdk-go] {"__type":"InvalidLoadBalancerInfoException","message":"The specification for load balancing in the deployment group is invalid. The deploymentOption value is set to WITH_TRAFFIC_CONTROL, but either no load balancer was specified in elbInfoList or no target group was specified in targetGroupInfoList."}: timestamp=2022-09-08T08:01:42.047+0530
2022-09-08T08:01:42.047+0530 [INFO]  provider.terraform-provider-aws_v3.75.1_x5: 2022/09/08 08:01:42 [DEBUG] [aws-sdk-go] DEBUG: Validate Response codedeploy/CreateDeploymentGroup failed, attempt 0/25, error InvalidLoadBalancerInfoException: The specification for load balancing in the deployment group is invalid. The deploymentOption value is set to WITH_TRAFFIC_CONTROL, but either no load balancer was specified in elbInfoList or no target group was specified in targetGroupInfoList.: timestamp=2022-09-08T08:01:42.047+0530

Some environment details,

terraformProviders (aws)= 3.75.1

$ cdktf --version
0.12.2

$ node -v
v16.13.0

$ npm -v
8.19.1

For further information you can refer this issue which I was created in terraform-cdk repo.

Samith88 commented 2 years ago

Is anyone has any thought on this? If anyone can share their thoughts that will be great..

justinretzolk commented 2 years ago

Hey @Samith88 👋 Thank you for taking the time to raise this! Based on the information that you provided, I did a bit of digging, and something caught my eye. You mentioned you're using EC2, but the document that you linked to regarding targetGroupPairInfo states that this is used for ECS deployments:

Information about two target groups and how traffic is routed during an Amazon ECS deployment.

It looks like you instead need loadBalancerInfo -> targetGroupInfo or elbInfo. This seems to be backed up by the following AWS document: Create a deployment group for an EC2/On-Premises blue/green deployment.

Samith88 commented 2 years ago

Hi @justinretzolk,

Thanks for the valuable response.

Yes, I have put a EC2 aws doc regarding blue/green just to have an idea. Sorry if that misleading.

Basically my requirement is to have a live traffic path and test traffic path (active and inactive listeners) with EC2 B/G deployments. Anyway I will check this doc and thanks for sharing that.

pranitach21 commented 1 year ago

how do i create a trigger to run lambda at before the code deploy and one at the success of the code deploy. via terraform


resource "aws_codedeploy_app" "codedeploy_group" {

  name             = "asg-practice-cda-use1"
}
resource "aws_codedeploy_deployment_group" "codedeploy_group" {
  app_name              = "asg-practice-cda-use1"
  deployment_group_name = "asg-practice-cdg-use1"
  service_role_arn      =  "arn:aws:iam::70773643480:role/AWSCodeDeployRole"

  auto_rollback_configuration {
    enabled = false
  }

  deployment_style {
    deployment_option = "WITH_TRAFFIC_CONTROL" 
    deployment_type   = "IN_PLACE"
  }

  dynamic load_balancer_info {
    for_each = "${local.elb_exists}"
    content {
      target_group_info {
       name = "asg-practice-web-asg-use1"
      }
    }
  }

  autoscaling_groups = ["asg-practice-web-asg-use1"]

  deployment_config_name = "CodeDeployDefault.AllAtOnce"

    trigger_configuration {
    trigger_events     = ["DeploymentStart"]
    trigger_name       = "lambda-pre-trigger"
    trigger_target_arn = aws_lambda_function.lambda-pre.arn
    # trigger_target_type = "Lambda"
  }

  trigger_configuration {
    trigger_events     = ["DeploymentSuccess"]
    trigger_name       = "lambda-post-trigger"
    trigger_target_arn = aws_lambda_function.lambda-post.arn
    # trigger_target_type = "Lambda"
  }

}

data "archive_file" "zip_the_python_code-pre" {
type        = "zip"
source_file  = "${path.module}/lambda-pre.py"
output_path = "./lambda-pre.zip"
}

resource "aws_lambda_function" "lambda-pre" {
  filename = "./lambda-pre.zip"
  # s3_bucket = "asg-trial/asg/"
  function_name = "asg-pre"
  role = "arn:aws:iam::70773643480:role/service-role/asg-trial-role-snmtxqyq"
  handler = "lambda_function"
  runtime = "python3.9"
  # source_code_hash = filebase64sha256("./lambda-pre.py")
  timeout = 900
}

data "archive_file" "zip_the_python_code-post" {
type        = "zip"
source_file  = "${path.module}/lambda-post.py"
output_path = "./lambda-post.zip"
}

resource "aws_lambda_function" "lambda-post" {
  filename = "./lambda-post.zip"
  # s3_bucket = "asg-trial/asg/"
  function_name = "asg-post-t"
  role = "arn:aws:iam::70773643480:role/service-role/asg-trial-role-snmtxqyq"
  handler = "lambda_function"
  runtime = "python3.9" 
  source_code_hash = filebase64sha256("./lambda-post.py")
  timeout = 900
}

this gives error on terraform apply 

╷
│ Error: updating CodeDeploy deployment group (082e3f7f-6284-421c-b392-c04207787295): InvalidTriggerConfigException: Topic ARN arn:aws:lambda:ap-southeast-2:70773643480:function:asg-pre is not valid