Delete the stack if stack creation fails instead of rolling back

[rylim]

Fix for https://github.com/intuit/cfn-deploy/issues/29

Add the option --on-failure "DELETE" to create-stack per to delete the stack instead of rolling back if stack creation fails.

From https://docs.aws.amazon.com/cli/latest/reference/cloudformation/create-stack.html:

--on-failure (string)

    Determines what action will be taken if stack creation fails. 
    This must be one of: DO_NOTHING, ROLLBACK, or DELETE. 
    You can specify either OnFailure or DisableRollback, but not both.

    Default: ROLLBACK

    Possible values:

        DO_NOTHING
        ROLLBACK
        DELETE

[mridhul]

@rylim what happens if a stack was already created and you did an update stack and it failed? Will it delete the whole stack

[mridhul]

Also could you please add a note in the Readme ?

[rylim]

Also could you please add a note in the Readme ?

@mridhul Added note in the README, please let me know of any feedback.

[rylim]

On an unrelated note, should the repository in the Dockerfile label be updated to the the current repository at https://github.com/intuit/cfn-deploy?

https://github.com/rylim/cfn-deploy/blob/2fc83b537c13c141f7653215eda63a6845023279/Dockerfile#L6

[rylim]

@rylim what happens if a stack was already created and you did an update stack and it failed? Will it delete the whole stack

@mridhul Good question, this is just for the initial stack create if it does not exist yet. If the stack create fails then this will delete the stack instead of rolling it back, let me look more into the update-stack portion.

[rylim]

@rylim what happens if a stack was already created and you did an update stack and it failed? Will it delete the whole stack

@mridhul From further research, it looks like there is a difference between stack creation failure that results in ROLLBACK_COMPLETE and existing stack update failure that results in UPDATE_ROLLBACK_COMPLETE.

• ROLLBACK_COMPLETE on stack creation failure is not recoverable and the stack needs to be deleted manually. Using the --on-failure "DELETE" option on create-stack should prevent this from happening and delete the stack on failure creation instead of rolling it back.
• UPDATE_ROLLBACK_COMPLETE on stack update failure, however, is recoverable and subsequent updates to the stack should be possible.
  • The stack update can fail and the update rollback also fails with UPDATE_ROLLBACK_FAILED but this is beyond the scope of this issue
  • https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/troubleshooting.html#troubleshooting-errors-update-rollback-failed
  • https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-continueupdaterollback.html
  • https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/troubleshooting.html#troubleshooting-errors-nested-stacks-are-stuck

This PR addresses the issue of a stack getting into the ROLLBACK_COMPLETE state on creation failure and can no longer be updated by deleting the stack instead of rolling it back when it fails to be created.

References:

• https://newbedev.com/validationerror-stack-arn-aws-cloudformation-stack-is-in-rollback-complete-state-and-can-not-be-updated
• https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-describing-stacks.html#cli-stack-status-codes
• https://docs.aws.amazon.com/cli/latest/reference/cloudformation/update-stack.html

[mridhul]

Great @rylim . Thanks a lot for the contribution.

[rylim]

Thanks so much @mridhul! Would you also be able to add the hacktoberfest-accepted label for this to officially qualify for hacktoberfest? 🙂

[mridhul]

Sure @rylim

[rylim]

Thank you @mridhul!!! On another note, you can also get a hacktoberfest t-shirt as a maintainer, I think 🙂

https://hacktoberfest.digitalocean.com/resources/maintainers

We want to thank you, Maintainers, for all the hard work you do!

This year Maintainers will be able to earn a t-shirt pack (the same pack contributors receive) without having to do 4 pull requests. In order to qualify you’ll need to meet our criteria, which are outlined below. This new feature of Hacktoberfest is intended to reward the actions you’re already doing when you manage your participating Hacktoberfest repositories.

Criteria for a t-shirt pack:

FIRST

You will need to register for Hacktoberfest and select ‘Maintainer’ as your role. It’s still okay to select other roles if you participate in multiple ways.

Then

On your GitHub/GitLab account you will need to show that you’ve completed 4 or more actions on unique PRs in a repository (or across multiple repos) that is (are) participating in Hacktoberfest*, they can be:

• Merging the PR
• Providing an approving review
• Adding the 'hacktoberfest-accepted' label
• Adding any label with the word 'invalid' or 'spam'(/\b(invalid|spam)\b/i)

*(a participating repo is one that has the ‘hacktoberfest’ topic applied.)

Important

We will only send you one swag pack. If you have received a participant swag pack as a Contributor, you won’t receive an additional Maintainer swag pack and vice versa.

Supplies are limited so only 10k Maintainers who complete their actions will receive a swag kit. If more than 10K maintainers qualify, they will be prioritized by the quantity of PRs they have actioned (merged, approving reviews, added labels.)

After the review period has completed for the final PRs of Hacktoberfest, we will review the 10k maintainers who have been approved and send them an email with a redemption code to receive the pack.