Diff status code 1 should failed the check

[lielran]

if there is a diff in the stack I expect the action act as the command line. changes in the stack should fail the action

[youyo]

Certainly, the cdk diff command returns status code 1 if there is a difference. However, the cdk command has been executed successfully. I judge it as a success.

If you want to use the status code in subsequent actions, use outputs.status_code. outputs.status_code is available from v1.1.4 released a while ago.

[lielran]

Thanks for the quick response. Yes I would like to catch the status code in case of diff and failed to PR action along with PR message. I'm pretty new to Github actions, how can I used the outputs.status_code to do that?

On Sun, Dec 8, 2019, 17:59 youyo notifications@github.com wrote:

Certainly, the cdk diff command returns status code 1 if there is a difference. However, the cdk command has been executed successfully. I judge it as a success.

If you want to use the status code in subsequent actions, use outputs.status_code. outputs.status_code is available from v1.1.4 released a while ago.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/youyo/aws-cdk-github-actions/issues/2?email_source=notifications&email_token=AAHVI63WXAOMQFONVFCR7U3QXUKV5A5CNFSM4JXZ7H22YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEGHCF3Q#issuecomment-562963182, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAHVI65EBALOLDBGHWTYWKDQXUKV5ANCNFSM4JXZ7H2Q .

[youyo]

Example here. In this example, If there is a difference, it notifies slack. https://github.com/youyo/aws-cdk-github-actions/blob/master/examples/notify_difference_to_slack.yaml

If you want to execute an action when the status_code is 1, you can do this by writing if: steps.diff.outputs.status_code == 1. The id is required for the previous action. Syntax is steps.<step id>.outputs.<output name> . https://help.github.com/ja/actions/automating-your-workflow-with-github-actions/contexts-and-expression-syntax-for-github-actions

[lielran]

Thanks @youyo. it works!

I do spot other issues with this action return status code that are unexpected from the user perspective. for example: this output

Install aws-cdk 1.9.0
Successful install aws-cdk 1.9.0
Run cdk diff  "myStack"
--app is required either in command-line, in cdk.json or in ~/.cdk.json

or this:

npx: installed 8 in 1.525s
Cannot find module 'typescript'
Require stack:
- /github/home/.npm/_npx/43/lib/node_modules/ts-node/dist/index.js
- /github/home/.npm/_npx/43/lib/node_modules/ts-node/dist/bin.js
Subprocess exited with error 1

both finish with success and mark the job as green

[dberhane]

Was able to resolve this issue by doing "npm install" for cdk directory. Please note the use of "working-directory" for cdk installation base path. And make sure you put this directive before cdk commands:

      - name: npm install for cdk
        run: yarn install
        working-directory: ./cdk

[michaelconnor00]

I also get a green success status when running diff, even when the exit code is a 1, and cdk deploy hasn't even run. I had some bugs in my python and exceptions were thrown, yet the jobs show as success.

[dumastaylorPFG]

I am now seeing that the "cdk diff" command is returning an exit code of 0 when there is a diff and when there isn't a diff.

Example output from latest aws cdk when there is a stack diff (echoing out cdk command exit code at bottom):

Run cdk diff --context isProdDeployment=false "test-repo-config-checker"
Stack test-repo-config-checker
Parameters
[-] Parameter AssetParametersb2eae00f661931cf0f6d8580b222fab3185bdbe5ce2149d7c8331dbcef74aef3S3Bucket4F4B140B: {"Type":"String","Description":"S3 bucket for asset \"b2eae00f661931cf0f6d8580b222fab3185bdbe5ce2149d7c8331dbcef74aef3\""}
[-] Parameter AssetParametersb2eae00f661931cf0f6d8580b222fab3185bdbe5ce2149d7c8331dbcef74aef3S3VersionKey3C0CEDD8: {"Type":"String","Description":"S3 key for asset version \"b2eae00f661931cf0f6d8580b222fab3185bdbe5ce2149d7c8331dbcef74aef3\""}
[-] Parameter AssetParametersb2eae00f661931cf0f6d8580b222fab3185bdbe5ce2149d7c8331dbcef74aef3ArtifactHash9CD1F597: {"Type":"String","Description":"Artifact hash for asset \"b2eae00f661931cf0f6d8580b222fab3185bdbe5ce2149d7c8331dbcef74aef3\""}
[+] Parameter AssetParameters/dfd1ded58f05dca42237fbda77d6adb4ea46f942b952f7c43c34accd47f8c0dc/S3Bucket AssetParametersdfd1ded58f05dca42237fbda77d6adb4ea46f942b952f7c43c34accd47f8c0dcS3Bucket99962541: {"Type":"String","Description":"S3 bucket for asset \"dfd1ded58f05dca42237fbda77d6adb4ea46f942b952f7c43c34accd47f8c0dc\""}
[+] Parameter AssetParameters/dfd1ded58f05dca42237fbda77d6adb4ea46f942b952f7c43c34accd47f8c0dc/S3VersionKey AssetParametersdfd1ded58f05dca42237fbda77d6adb4ea46f942b952f7c43c34accd47f8c0dcS3VersionKey105379FD: {"Type":"String","Description":"S3 key for asset version \"dfd1ded58f05dca42237fbda77d6adb4ea46f942b952f7c43c34accd47f8c0dc\""}
[+] Parameter AssetParameters/dfd1ded58f05dca42237fbda77d6adb4ea46f942b952f7c43c34accd47f8c0dc/ArtifactHash AssetParametersdfd1ded58f05dca42237fbda77d6adb4ea46f942b952f7c43c34accd47f8c0dcArtifactHash479677D5: {"Type":"String","Description":"Artifact hash for asset \"dfd1ded58f05dca42237fbda77d6adb4ea46f942b952f7c43c34accd47f8c0dc\""}

Resources
[~] AWS::Lambda::Function AppHandler AppHandlerD3A8AE7A 
 ├─ [~] Code
 │   ├─ [~] .S3Bucket:
 │   │   └─ [~] .Ref:
 │   │       ├─ [-] AssetParametersb2eae00f661931cf0f6d8580b222fab3185bdbe5ce2149d7c8331dbcef74aef3S3Bucket4F4B140B
 │   │       └─ [+] AssetParametersdfd1ded58f05dca42237fbda77d6adb4ea46f942b952f7c43c34accd47f8c0dcS3Bucket99962541
 │   └─ [~] .S3Key:
 │       └─ [~] .Fn::Join:
 │           └─ @@ -8,7 +8,7 @@
 │              [ ]   "Fn::Split": [
 │              [ ]     "||",
 │              [ ]     {
 │              [-]       "Ref": "AssetParametersb2eae00f661931cf0f6d8580b222fab3185bdbe5ce2149d7c8331dbcef74aef3S3VersionKey3C0CEDD8"
 │              [+]       "Ref": "AssetParametersdfd1ded58f05dca42237fbda77d6adb4ea46f942b952f7c43c34accd47f8c0dcS3VersionKey105379FD"
 │              [ ]     }
 │              [ ]   ]
 │              [ ] }
 │              @@ -21,7 +21,7 @@
 │              [ ]   "Fn::Split": [
 │              [ ]     "||",
 │              [ ]     {
 │              [-]       "Ref": "AssetParametersb2eae00f661931cf0f6d8580b222fab3185bdbe5ce2149d7c8331dbcef74aef3S3VersionKey3C0CEDD8"
 │              [+]       "Ref": "AssetParametersdfd1ded58f05dca42237fbda77d6adb4ea46f942b952f7c43c34accd47f8c0dcS3VersionKey105379FD"
 │              [ ]     }
 │              [ ]   ]
 │              [ ] }
 └─ [~] Metadata
     └─ [~] .aws:asset:path:
         ├─ [-] asset.b2eae00f661931cf0f6d8580b222fab3185bdbe5ce2149d7c8331dbcef74aef3
         └─ [+] asset.dfd1ded58f05dca42237fbda77d6adb4ea46f942b952f7c43c34accd47f8c0dc
exit code from cdk command: 0 

Example output from latest aws cdk when there isn't a stack diff (echoing out cdk command exit code at bottom):

Run cdk diff --context isProdDeployment=false "test-repo-config-checker"
Stack test-repo-config-checker
There were no differences
exit code from cdk command: 0

I am trying to make my CD process fail if any of the cdk commands fail, and I do have the small change to fail the action on a cdk subcommand exit code 1 all ready to go (though I do still need to fork and open a PR).

Commit where behavior changed: https://github.com/aws/aws-cdk/commit/4f765b2657ceae4a18c6cc62fe99393a03221a87

[carlosdls25]

@dumastaylorPFG, I might have a problem with this resolution, my cdk diff command shows all of the differences and then finishes with this:

CDK subcommand diff --app Deploy/CDK/GMI/bin/gmi.js for stack gmi-us-west-2-dev has failed. See above console output for more details.

even when cdk diff is successful, I know that it's successful because when I run it locally it finishes with the same last difference, because of this, the action is failing when I have differences and it doesn't proceed to comment on the PR.

For now I think I'll just use the previous action version

[enricopesce]

If you need to bypass this feature, you can change the CDK's behavior with the feature flag:

"aws-cdk:enableDiffNoFail": "false"

in cdk.json (or ~/.cdk.json) as shown here

{
  "app": "npx ts-node bin/cdk.ts",
  "context": {
    "@aws-cdk/core:newStyleStackSynthesis": true,
    "aws-cdk:enableDiffNoFail": "false"
  }
}

Alternatively, you can add

continue-on-error: true

in the job step:

      - name: CDK diff     
        uses: youyo/aws-cdk-github-actions@v2
        id: diff
        continue-on-error: true
        with:
          cdk_subcommand: "diff"
          actions_comment: true

[Prajna]

cdk diff * 2>$1 returns 1, but cdk diff itself was successfully executed. Why do you make such a weird change?