From 1e2cff19eec234e1d1f7f501230cba01b220a09b Mon Sep 17 00:00:00 2001 From: paulhcsun <47882901+paulhcsun@users.noreply.github.com> Date: Fri, 4 Oct 2024 11:51:40 -0700 Subject: [PATCH 1/4] chore(kinesisfirehose-alpha): replace`destinations` property with `destination` and change type from array to single IDestination (#31630) ### Reason for this change Setting a destination for your Delivery Stream was previously done by passing in an array of Destinations but with a restriction that there there could only be one Destination in that array. This property type does not make sense for the current user experience (have an array but can only specify one destination) and also does not align with the behaviour in the AWS Console which only allows you to select a single destination. If Kinesis Firehose ever supports multiple destinations in the future then we can add a new property to support that which will not be a breaking change. ### Description of changes BREAKING CHANGE: replaced `destinations` property with `destination` (singular) and changed the type from array of Destinations to a single Destination. Old behaviour would only allow an array with a single Destination to be passed in anyway. ### Description of how you validated changes unit tests + no integ snapshot changes. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../@aws-cdk/aws-iot-actions-alpha/README.md | 2 +- .../integ.firehose-put-record-action.ts | 2 +- .../aws-kinesisfirehose-alpha/README.md | 37 ++++++------ .../lib/delivery-stream.ts | 12 +--- .../test/delivery-stream.test.ts | 57 ++++++++---------- .../integ.delivery-stream.source-stream.ts | 4 +- .../test/integ.delivery-stream.ts | 4 +- .../integ.kinesis-stream-events-target.ts | 2 +- .../test/integ.s3-bucket.lit.ts | 8 +-- .../test/s3-bucket.test.ts | 60 +++++++++---------- packages/aws-cdk-lib/aws-logs/README.md | 2 +- 11 files changed, 86 insertions(+), 104 deletions(-) diff --git a/packages/@aws-cdk/aws-iot-actions-alpha/README.md b/packages/@aws-cdk/aws-iot-actions-alpha/README.md index c1a01bc1b10c2..3cd0a687f723d 100644 --- a/packages/@aws-cdk/aws-iot-actions-alpha/README.md +++ b/packages/@aws-cdk/aws-iot-actions-alpha/README.md @@ -243,7 +243,7 @@ import * as destinations from '@aws-cdk/aws-kinesisfirehose-destinations-alpha'; const bucket = new s3.Bucket(this, 'MyBucket'); const stream = new firehose.DeliveryStream(this, 'MyStream', { - destinations: [new destinations.S3Bucket(bucket)], + destination: new destinations.S3Bucket(bucket), }); const topicRule = new iot.TopicRule(this, 'TopicRule', { diff --git a/packages/@aws-cdk/aws-iot-actions-alpha/test/kinesis-firehose/integ.firehose-put-record-action.ts b/packages/@aws-cdk/aws-iot-actions-alpha/test/kinesis-firehose/integ.firehose-put-record-action.ts index d506a2d78e8f0..8dfb68be0d7ea 100644 --- a/packages/@aws-cdk/aws-iot-actions-alpha/test/kinesis-firehose/integ.firehose-put-record-action.ts +++ b/packages/@aws-cdk/aws-iot-actions-alpha/test/kinesis-firehose/integ.firehose-put-record-action.ts @@ -21,7 +21,7 @@ class TestStack extends cdk.Stack { removalPolicy: cdk.RemovalPolicy.DESTROY, }); const stream = new firehose.DeliveryStream(this, 'MyStream', { - destinations: [new destinations.S3Bucket(bucket)], + destination: new destinations.S3Bucket(bucket), }); topicRule.addAction( new actions.FirehosePutRecordAction(stream, { diff --git a/packages/@aws-cdk/aws-kinesisfirehose-alpha/README.md b/packages/@aws-cdk/aws-kinesisfirehose-alpha/README.md index 31f8195003d7f..c299eb018e3fb 100644 --- a/packages/@aws-cdk/aws-kinesisfirehose-alpha/README.md +++ b/packages/@aws-cdk/aws-kinesisfirehose-alpha/README.md @@ -41,7 +41,7 @@ used as a destination. More supported destinations are covered [below](#destinat ```ts const bucket = new s3.Bucket(this, 'Bucket'); new firehose.DeliveryStream(this, 'Delivery Stream', { - destinations: [new destinations.S3Bucket(bucket)], + destination: new destinations.S3Bucket(bucket), }); ``` @@ -71,7 +71,7 @@ declare const destination: firehose.IDestination; const sourceStream = new kinesis.Stream(this, 'Source Stream'); new firehose.DeliveryStream(this, 'Delivery Stream', { sourceStream: sourceStream, - destinations: [destination], + destination: destination, }); ``` @@ -108,7 +108,7 @@ declare const bucket: s3.Bucket; const s3Destination = new destinations.S3Bucket(bucket); new firehose.DeliveryStream(this, 'Delivery Stream', { - destinations: [s3Destination], + destination: s3Destination, }); ``` @@ -154,18 +154,18 @@ declare const destination: firehose.IDestination; // SSE with an AWS-owned key new firehose.DeliveryStream(this, 'Delivery Stream AWS Owned', { encryption: firehose.StreamEncryption.awsOwnedKey(), - destinations: [destination], + destination: destination, }); // SSE with an customer-managed key that is created automatically by the CDK new firehose.DeliveryStream(this, 'Delivery Stream Implicit Customer Managed', { encryption: firehose.StreamEncryption.customerManagedKey(), - destinations: [destination], + destination: destination, }); // SSE with an customer-managed key that is explicitly specified declare const key: kms.Key; new firehose.DeliveryStream(this, 'Delivery Stream Explicit Customer Managed', { encryption: firehose.StreamEncryption.customerManagedKey(key), - destinations: [destination], + destination: destination, }); ``` @@ -196,7 +196,7 @@ const destination = new destinations.S3Bucket(bucket, { }); new firehose.DeliveryStream(this, 'Delivery Stream', { - destinations: [destination], + destination: destination, }); ``` @@ -208,7 +208,7 @@ const destination = new destinations.S3Bucket(bucket, { loggingConfig: new destinations.DisableLogging(), }); new firehose.DeliveryStream(this, 'Delivery Stream', { - destinations: [destination], + destination: destination, }); ``` @@ -271,7 +271,7 @@ const s3Destination = new destinations.S3Bucket(bucket, { compression: destinations.Compression.SNAPPY, }); new firehose.DeliveryStream(this, 'Delivery Stream', { - destinations: [s3Destination], + destination: s3Destination, }); ``` @@ -292,7 +292,7 @@ const destination = new destinations.S3Bucket(bucket, { bufferingSize: Size.mebibytes(8), }); new firehose.DeliveryStream(this, 'Delivery Stream', { - destinations: [destination], + destination: destination, }); ``` @@ -309,7 +309,7 @@ const destination = new destinations.S3Bucket(bucket, { bufferingInterval: Duration.seconds(0), }); new firehose.DeliveryStream(this, 'ZeroBufferDeliveryStream', { - destinations: [destination], + destination: destination, }); ``` @@ -332,7 +332,7 @@ const destination = new destinations.S3Bucket(bucket, { encryptionKey: key, }); new firehose.DeliveryStream(this, 'Delivery Stream', { - destinations: [destination], + destination: destination, }); ``` @@ -350,35 +350,32 @@ backed up to S3. // Enable backup of all source records (to an S3 bucket created by CDK). declare const bucket: s3.Bucket; new firehose.DeliveryStream(this, 'Delivery Stream Backup All', { - destinations: [ + destination: new destinations.S3Bucket(bucket, { s3Backup: { mode: destinations.BackupMode.ALL, }, }), - ], }); // Explicitly provide an S3 bucket to which all source records will be backed up. declare const backupBucket: s3.Bucket; new firehose.DeliveryStream(this, 'Delivery Stream Backup All Explicit Bucket', { - destinations: [ + destination: new destinations.S3Bucket(bucket, { s3Backup: { bucket: backupBucket, }, }), - ], }); // Explicitly provide an S3 prefix under which all source records will be backed up. new firehose.DeliveryStream(this, 'Delivery Stream Backup All Explicit Prefix', { - destinations: [ + destination: new destinations.S3Bucket(bucket, { s3Backup: { mode: destinations.BackupMode.ALL, dataOutputPrefix: 'mybackup', }, }), - ], }); ``` @@ -431,7 +428,7 @@ const s3Destination = new destinations.S3Bucket(bucket, { processor: lambdaProcessor, }); new firehose.DeliveryStream(this, 'Delivery Stream', { - destinations: [s3Destination], + destination: s3Destination, }); ``` @@ -473,7 +470,7 @@ const destinationRole = new iam.Role(this, 'Destination Role', { declare const bucket: s3.Bucket; const destination = new destinations.S3Bucket(bucket, { role: destinationRole }); new firehose.DeliveryStream(this, 'Delivery Stream', { - destinations: [destination], + destination: destination, role: deliveryStreamRole, }); ``` diff --git a/packages/@aws-cdk/aws-kinesisfirehose-alpha/lib/delivery-stream.ts b/packages/@aws-cdk/aws-kinesisfirehose-alpha/lib/delivery-stream.ts index 4c97fa0aa6e96..737ba07d80574 100644 --- a/packages/@aws-cdk/aws-kinesisfirehose-alpha/lib/delivery-stream.ts +++ b/packages/@aws-cdk/aws-kinesisfirehose-alpha/lib/delivery-stream.ts @@ -185,11 +185,9 @@ export enum StreamEncryptionType { */ export interface DeliveryStreamProps { /** - * The destinations that this delivery stream will deliver data to. - * - * Only a singleton array is supported at this time. + * The destination that this delivery stream will deliver data to. */ - readonly destinations: IDestination[]; + readonly destination: IDestination; /** * A name for the delivery stream. @@ -324,10 +322,6 @@ export class DeliveryStream extends DeliveryStreamBase { this._role = props.role; - if (props.destinations.length !== 1) { - throw new Error(`Only one destination is allowed per delivery stream, given ${props.destinations.length}`); - } - if (props.encryption?.encryptionKey || props.sourceStream) { this._role = this._role ?? new iam.Role(this, 'Service Role', { assumedBy: new iam.ServicePrincipal('firehose.amazonaws.com'), @@ -369,7 +363,7 @@ export class DeliveryStream extends DeliveryStreamBase { readStreamGrant = props.sourceStream.grantRead(this._role); } - const destinationConfig = props.destinations[0].bind(this, {}); + const destinationConfig = props.destination.bind(this, {}); const resource = new CfnDeliveryStream(this, 'Resource', { deliveryStreamEncryptionConfigurationInput: encryptionConfig, diff --git a/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/delivery-stream.test.ts b/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/delivery-stream.test.ts index 6d4a7163be537..c9365eb2ee35e 100644 --- a/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/delivery-stream.test.ts +++ b/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/delivery-stream.test.ts @@ -46,7 +46,7 @@ describe('delivery stream', () => { test('creates stream with default values', () => { new firehose.DeliveryStream(stack, 'Delivery Stream', { - destinations: [mockS3Destination], + destination: mockS3Destination, }); Template.fromStack(stack).hasResourceProperties('AWS::KinesisFirehose::DeliveryStream', { @@ -63,7 +63,7 @@ describe('delivery stream', () => { test('creates stream with events target V2 class', () => { const stream = new firehose.DeliveryStream(stack, 'DeliveryStream', { - destinations: [mockS3Destination], + destination: mockS3Destination, }); new events.Rule(stack, 'rule', { @@ -102,7 +102,7 @@ describe('delivery stream', () => { }); const deliveryStream = new firehose.DeliveryStream(stack, 'Delivery Stream', { - destinations: [mockS3Destination], + destination: mockS3Destination, role: role, }); @@ -111,7 +111,7 @@ describe('delivery stream', () => { test('not providing sourceStream or encryptionKey creates only one role (used for S3 destination)', () => { new firehose.DeliveryStream(stack, 'Delivery Stream', { - destinations: [mockS3Destination], + destination: mockS3Destination, }); Template.fromStack(stack).hasResourceProperties('AWS::IAM::Role', { @@ -133,7 +133,7 @@ describe('delivery stream', () => { const sourceStream = new kinesis.Stream(stack, 'Source Stream'); new firehose.DeliveryStream(stack, 'Delivery Stream', { - destinations: [mockS3Destination], + destination: mockS3Destination, sourceStream: sourceStream, }); @@ -156,7 +156,7 @@ describe('delivery stream', () => { const key = new kms.Key(stack, 'Key'); new firehose.DeliveryStream(stack, 'Delivery Stream', { - destinations: [mockS3Destination], + destination: mockS3Destination, encryption: StreamEncryption.customerManagedKey(key), }); @@ -179,7 +179,7 @@ describe('delivery stream', () => { const sourceStream = new kinesis.Stream(stack, 'Source Stream'); new firehose.DeliveryStream(stack, 'Delivery Stream', { - destinations: [mockS3Destination], + destination: mockS3Destination, sourceStream: sourceStream, role: deliveryStreamRole, }); @@ -215,7 +215,7 @@ describe('delivery stream', () => { test('requesting customer-owned encryption creates key and configuration', () => { new firehose.DeliveryStream(stack, 'Delivery Stream', { - destinations: [mockS3Destination], + destination: mockS3Destination, encryption: firehose.StreamEncryption.customerManagedKey(), role: deliveryStreamRole, }); @@ -251,7 +251,7 @@ describe('delivery stream', () => { const key = new kms.Key(stack, 'Key'); new firehose.DeliveryStream(stack, 'Delivery Stream', { - destinations: [mockS3Destination], + destination: mockS3Destination, encryption: StreamEncryption.customerManagedKey(key), role: deliveryStreamRole, }); @@ -281,7 +281,7 @@ describe('delivery stream', () => { test('requesting AWS-owned key does not create key and creates configuration', () => { new firehose.DeliveryStream(stack, 'Delivery Stream', { - destinations: [mockS3Destination], + destination: mockS3Destination, encryption: firehose.StreamEncryption.awsOwnedKey(), role: deliveryStreamRole, }); @@ -299,7 +299,7 @@ describe('delivery stream', () => { test('requesting no encryption creates no configuration', () => { new firehose.DeliveryStream(stack, 'Delivery Stream', { - destinations: [mockS3Destination], + destination: mockS3Destination, encryption: firehose.StreamEncryption.unencrypted(), role: deliveryStreamRole, }); @@ -316,17 +316,17 @@ describe('delivery stream', () => { const sourceStream = new kinesis.Stream(stack, 'Source Stream'); expect(() => new firehose.DeliveryStream(stack, 'Delivery Stream 1', { - destinations: [mockS3Destination], + destination: mockS3Destination, encryption: firehose.StreamEncryption.awsOwnedKey(), sourceStream, })).toThrowError('Requested server-side encryption but delivery stream source is a Kinesis data stream. Specify server-side encryption on the data stream instead.'); expect(() => new firehose.DeliveryStream(stack, 'Delivery Stream 2', { - destinations: [mockS3Destination], + destination: mockS3Destination, encryption: firehose.StreamEncryption.customerManagedKey(), sourceStream, })).toThrowError('Requested server-side encryption but delivery stream source is a Kinesis data stream. Specify server-side encryption on the data stream instead.'); expect(() => new firehose.DeliveryStream(stack, 'Delivery Stream 3', { - destinations: [mockS3Destination], + destination: mockS3Destination, encryption: StreamEncryption.customerManagedKey(new kms.Key(stack, 'Key')), sourceStream, })).toThrowError('Requested server-side encryption but delivery stream source is a Kinesis data stream. Specify server-side encryption on the data stream instead.'); @@ -337,7 +337,7 @@ describe('delivery stream', () => { assumedBy: new iam.ServicePrincipal('lambda.amazonaws.com'), }); const deliveryStream = new firehose.DeliveryStream(stack, 'Delivery Stream', { - destinations: [mockS3Destination], + destination: mockS3Destination, }); deliveryStream.grant(role, 'firehose:PutRecord'); @@ -360,7 +360,7 @@ describe('delivery stream', () => { assumedBy: new iam.ServicePrincipal('lambda.amazonaws.com'), }); const deliveryStream = new firehose.DeliveryStream(stack, 'Delivery Stream', { - destinations: [mockS3Destination], + destination: mockS3Destination, }); deliveryStream.grantPutRecords(role); @@ -385,7 +385,7 @@ describe('delivery stream', () => { const dependableId = stack.resolve((Node.of(dependable).defaultChild as cdk.CfnResource).logicalId); new firehose.DeliveryStream(stack, 'Delivery Stream', { - destinations: [mockS3Destination], + destination: mockS3Destination, }); Template.fromStack(stack).hasResource('AWS::KinesisFirehose::DeliveryStream', { @@ -396,18 +396,9 @@ describe('delivery stream', () => { }); }); - test('supplying 0 or multiple destinations throws', () => { - expect(() => new firehose.DeliveryStream(stack, 'No Destinations', { - destinations: [], - })).toThrowError(/Only one destination is allowed per delivery stream/); - expect(() => new firehose.DeliveryStream(stack, 'Too Many Destinations', { - destinations: [mockS3Destination, mockS3Destination], - })).toThrowError(/Only one destination is allowed per delivery stream/); - }); - test('creating new stream should return IAM role when calling getter for grantPrincipal (backwards compatibility)', () => { const deliveryStream = new firehose.DeliveryStream(stack, 'Delivery Stream', { - destinations: [mockS3Destination], + destination: mockS3Destination, }); expect(deliveryStream.grantPrincipal).toBeInstanceOf(iam.Role); }); @@ -418,7 +409,7 @@ describe('delivery stream', () => { beforeEach(() => { stack = new cdk.Stack(undefined, undefined, { env: { account: '000000000000', region: 'us-west-1' } }); deliveryStream = new firehose.DeliveryStream(stack, 'Delivery Stream', { - destinations: [mockS3Destination], + destination: mockS3Destination, }); }); @@ -516,7 +507,7 @@ describe('delivery stream', () => { const vpc = new ec2.Vpc(stack, 'VPC'); const securityGroup = new ec2.SecurityGroup(stack, 'Security Group', { vpc }); const deliveryStream = new firehose.DeliveryStream(stack, 'Delivery Stream', { - destinations: [mockS3Destination], + destination: mockS3Destination, }); securityGroup.connections.allowFrom(deliveryStream, ec2.Port.allTcp()); @@ -542,7 +533,7 @@ describe('delivery stream', () => { const vpc = new ec2.Vpc(stack, 'VPC'); const securityGroup = new ec2.SecurityGroup(stack, 'Security Group', { vpc }); const deliveryStream = new firehose.DeliveryStream(stack, 'Delivery Stream', { - destinations: [mockS3Destination], + destination: mockS3Destination, }); securityGroup.connections.allowFrom(deliveryStream, ec2.Port.allTcp()); @@ -558,10 +549,10 @@ describe('delivery stream', () => { test('only adds one Firehose IP address mapping to stack even if multiple delivery streams defined', () => { new firehose.DeliveryStream(stack, 'Delivery Stream 1', { - destinations: [mockS3Destination], + destination: mockS3Destination, }); new firehose.DeliveryStream(stack, 'Delivery Stream 2', { - destinations: [mockS3Destination], + destination: mockS3Destination, }); Template.fromStack(stack).hasMapping('*', { @@ -573,7 +564,7 @@ describe('delivery stream', () => { test('can add tags', () => { const deliveryStream = new firehose.DeliveryStream(stack, 'Delivery Stream', { - destinations: [mockS3Destination], + destination: mockS3Destination, }); cdk.Tags.of(deliveryStream).add('tagKey', 'tagValue'); diff --git a/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.source-stream.ts b/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.source-stream.ts index a9455bedabf6e..facfd13a184d1 100644 --- a/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.source-stream.ts +++ b/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.source-stream.ts @@ -34,12 +34,12 @@ const mockS3Destination: firehose.IDestination = { const sourceStream = new kinesis.Stream(stack, 'Source Stream'); new firehose.DeliveryStream(stack, 'Delivery Stream', { - destinations: [mockS3Destination], + destination: mockS3Destination, sourceStream, }); new firehose.DeliveryStream(stack, 'Delivery Stream No Source Or Encryption Key', { - destinations: [mockS3Destination], + destination: mockS3Destination, }); app.synth(); diff --git a/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.ts b/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.ts index 52bacf832a664..633e1fc0b5b2d 100644 --- a/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.ts +++ b/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.delivery-stream.ts @@ -36,12 +36,12 @@ const key = new kms.Key(stack, 'Key', { }); new firehose.DeliveryStream(stack, 'Delivery Stream', { - destinations: [mockS3Destination], + destination: mockS3Destination, encryption: firehose.StreamEncryption.customerManagedKey(key), }); new firehose.DeliveryStream(stack, 'Delivery Stream No Source Or Encryption Key', { - destinations: [mockS3Destination], + destination: mockS3Destination, }); app.synth(); diff --git a/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.kinesis-stream-events-target.ts b/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.kinesis-stream-events-target.ts index c3f39133b0b28..a3d65c30c589d 100644 --- a/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.kinesis-stream-events-target.ts +++ b/packages/@aws-cdk/aws-kinesisfirehose-alpha/test/integ.kinesis-stream-events-target.ts @@ -34,7 +34,7 @@ const mockS3Destination: firehose.IDestination = { }; const stream = new firehose.DeliveryStream(stack, 'Delivery Stream No Source Or Encryption Key', { - destinations: [mockS3Destination], + destination: mockS3Destination, }); new events.Rule(stack, 'rule', { diff --git a/packages/@aws-cdk/aws-kinesisfirehose-destinations-alpha/test/integ.s3-bucket.lit.ts b/packages/@aws-cdk/aws-kinesisfirehose-destinations-alpha/test/integ.s3-bucket.lit.ts index d86ce2aac648b..ce115b9af328e 100644 --- a/packages/@aws-cdk/aws-kinesisfirehose-destinations-alpha/test/integ.s3-bucket.lit.ts +++ b/packages/@aws-cdk/aws-kinesisfirehose-destinations-alpha/test/integ.s3-bucket.lit.ts @@ -45,7 +45,7 @@ const backupKey = new kms.Key(stack, 'BackupKey', { }); new firehose.DeliveryStream(stack, 'Delivery Stream', { - destinations: [new destinations.S3Bucket(bucket, { + destination: new destinations.S3Bucket(bucket, { loggingConfig: new destinations.EnableLogging(logGroup), processor: processor, compression: destinations.Compression.GZIP, @@ -64,16 +64,16 @@ new firehose.DeliveryStream(stack, 'Delivery Stream', { bufferingSize: cdk.Size.mebibytes(1), encryptionKey: backupKey, }, - })], + }), }); new firehose.DeliveryStream(stack, 'ZeroBufferingDeliveryStream', { - destinations: [new destinations.S3Bucket(bucket, { + destination: new destinations.S3Bucket(bucket, { compression: destinations.Compression.GZIP, dataOutputPrefix: 'regularPrefix', errorOutputPrefix: 'errorPrefix', bufferingInterval: cdk.Duration.seconds(0), - })], + }), }); app.synth(); diff --git a/packages/@aws-cdk/aws-kinesisfirehose-destinations-alpha/test/s3-bucket.test.ts b/packages/@aws-cdk/aws-kinesisfirehose-destinations-alpha/test/s3-bucket.test.ts index 43d385e72036e..9de3d5281fcf9 100644 --- a/packages/@aws-cdk/aws-kinesisfirehose-destinations-alpha/test/s3-bucket.test.ts +++ b/packages/@aws-cdk/aws-kinesisfirehose-destinations-alpha/test/s3-bucket.test.ts @@ -23,7 +23,7 @@ describe('S3 destination', () => { it('provides defaults when no configuration is provided', () => { new firehose.DeliveryStream(stack, 'DeliveryStream', { - destinations: [new firehosedestinations.S3Bucket(bucket, { role: destinationRole })], + destination: new firehosedestinations.S3Bucket(bucket, { role: destinationRole }), }); Template.fromStack(stack).hasResourceProperties('AWS::KinesisFirehose::DeliveryStream', { @@ -42,7 +42,7 @@ describe('S3 destination', () => { it('creates a role when none is provided', () => { new firehose.DeliveryStream(stack, 'DeliveryStream', { - destinations: [new firehosedestinations.S3Bucket(bucket)], + destination: new firehosedestinations.S3Bucket(bucket), }); Template.fromStack(stack).hasResourceProperties('AWS::KinesisFirehose::DeliveryStream', { @@ -74,7 +74,7 @@ describe('S3 destination', () => { const destination = new firehosedestinations.S3Bucket(bucket, { role: destinationRole }); new firehose.DeliveryStream(stack, 'DeliveryStream', { - destinations: [destination], + destination: destination, }); Template.fromStack(stack).hasResourceProperties('AWS::IAM::Policy', { @@ -111,7 +111,7 @@ describe('S3 destination', () => { role: destinationRole, loggingConfig: new firehosedestinations.EnableLogging(logGroup), }); new firehose.DeliveryStream(stack, 'DeliveryStream', { - destinations: [destination], + destination: destination, }); Template.fromStack(stack).hasResourceProperties('AWS::IAM::Policy', { @@ -157,7 +157,7 @@ describe('S3 destination', () => { describe('logging', () => { it('creates resources and configuration by default', () => { new firehose.DeliveryStream(stack, 'DeliveryStream', { - destinations: [new firehosedestinations.S3Bucket(bucket)], + destination: new firehosedestinations.S3Bucket(bucket), }); Template.fromStack(stack).resourceCountIs('AWS::Logs::LogGroup', 1); @@ -173,7 +173,7 @@ describe('S3 destination', () => { it('does not create resources or configuration if disabled', () => { new firehose.DeliveryStream(stack, 'DeliveryStream', { - destinations: [new firehosedestinations.S3Bucket(bucket, { loggingConfig: new firehosedestinations.DisableLogging() })], + destination: new firehosedestinations.S3Bucket(bucket, { loggingConfig: new firehosedestinations.DisableLogging() }), }); Template.fromStack(stack).resourceCountIs('AWS::Logs::LogGroup', 0); @@ -188,7 +188,7 @@ describe('S3 destination', () => { const logGroup = new logs.LogGroup(stack, 'Log Group'); new firehose.DeliveryStream(stack, 'DeliveryStream', { - destinations: [new firehosedestinations.S3Bucket(bucket, { loggingConfig: new firehosedestinations.EnableLogging(logGroup) })], + destination: new firehosedestinations.S3Bucket(bucket, { loggingConfig: new firehosedestinations.EnableLogging(logGroup) }), }); Template.fromStack(stack).resourceCountIs('AWS::Logs::LogGroup', 1); @@ -206,9 +206,9 @@ describe('S3 destination', () => { const logGroup = new logs.LogGroup(stack, 'Log Group'); new firehose.DeliveryStream(stack, 'DeliveryStream', { - destinations: [new firehosedestinations.S3Bucket(bucket, { + destination: new firehosedestinations.S3Bucket(bucket, { loggingConfig: new firehosedestinations.EnableLogging(logGroup), role: destinationRole, - })], + }), }); Template.fromStack(stack).hasResourceProperties('AWS::IAM::Policy', { @@ -249,7 +249,7 @@ describe('S3 destination', () => { it('creates configuration for LambdaFunctionProcessor', () => { new firehose.DeliveryStream(stack, 'DeliveryStream', { - destinations: [destinationWithBasicLambdaProcessor], + destination: destinationWithBasicLambdaProcessor, }); Template.fromStack(stack).resourceCountIs('AWS::Lambda::Function', 1); @@ -286,7 +286,7 @@ describe('S3 destination', () => { processor: processor, }); new firehose.DeliveryStream(stack, 'DeliveryStream', { - destinations: [destination], + destination: destination, }); Template.fromStack(stack).resourceCountIs('AWS::Lambda::Function', 1); @@ -326,7 +326,7 @@ describe('S3 destination', () => { it('grants invoke access to the lambda function and delivery stream depends on grant', () => { new firehose.DeliveryStream(stack, 'DeliveryStream', { - destinations: [destinationWithBasicLambdaProcessor], + destination: destinationWithBasicLambdaProcessor, }); Template.fromStack(stack).hasResourceProperties('AWS::IAM::Policy', { @@ -357,7 +357,7 @@ describe('S3 destination', () => { compression: firehosedestinations.Compression.GZIP, }); new firehose.DeliveryStream(stack, 'DeliveryStream', { - destinations: [destination], + destination: destination, }); Template.fromStack(stack).hasResourceProperties('AWS::KinesisFirehose::DeliveryStream', { @@ -372,7 +372,7 @@ describe('S3 destination', () => { compression: firehosedestinations.Compression.of('SNAZZY'), }); new firehose.DeliveryStream(stack, 'DeliveryStream', { - destinations: [destination], + destination: destination, }); Template.fromStack(stack).hasResourceProperties('AWS::KinesisFirehose::DeliveryStream', { @@ -386,10 +386,10 @@ describe('S3 destination', () => { describe('buffering', () => { it('creates configuration when interval and size provided', () => { new firehose.DeliveryStream(stack, 'DeliveryStream', { - destinations: [new firehosedestinations.S3Bucket(bucket, { + destination: new firehosedestinations.S3Bucket(bucket, { bufferingInterval: cdk.Duration.minutes(1), bufferingSize: cdk.Size.mebibytes(1), - })], + }), }); Template.fromStack(stack).hasResourceProperties('AWS::KinesisFirehose::DeliveryStream', { @@ -404,27 +404,27 @@ describe('S3 destination', () => { it('validates bufferingInterval', () => { expect(() => new firehose.DeliveryStream(stack, 'DeliveryStream2', { - destinations: [new firehosedestinations.S3Bucket(bucket, { + destination: new firehosedestinations.S3Bucket(bucket, { bufferingInterval: cdk.Duration.minutes(16), bufferingSize: cdk.Size.mebibytes(1), - })], + }), })).toThrowError('Buffering interval must be less than 900 seconds. Buffering interval provided was 960 seconds.'); }); it('validates bufferingSize', () => { expect(() => new firehose.DeliveryStream(stack, 'DeliveryStream', { - destinations: [new firehosedestinations.S3Bucket(bucket, { + destination: new firehosedestinations.S3Bucket(bucket, { bufferingInterval: cdk.Duration.minutes(1), bufferingSize: cdk.Size.mebibytes(0), - })], + }), })).toThrowError('Buffering size must be between 1 and 128 MiBs. Buffering size provided was 0 MiBs'); expect(() => new firehose.DeliveryStream(stack, 'DeliveryStream2', { - destinations: [new firehosedestinations.S3Bucket(bucket, { + destination: new firehosedestinations.S3Bucket(bucket, { bufferingInterval: cdk.Duration.minutes(1), bufferingSize: cdk.Size.mebibytes(256), - })], + }), })).toThrowError('Buffering size must be between 1 and 128 MiBs. Buffering size provided was 256 MiBs'); }); }); @@ -434,10 +434,10 @@ describe('S3 destination', () => { const key = new kms.Key(stack, 'Key'); new firehose.DeliveryStream(stack, 'DeliveryStream', { - destinations: [new firehosedestinations.S3Bucket(bucket, { + destination: new firehosedestinations.S3Bucket(bucket, { encryptionKey: key, role: destinationRole, - })], + }), }); Template.fromStack(stack).hasResourceProperties('AWS::KinesisFirehose::DeliveryStream', { @@ -455,10 +455,10 @@ describe('S3 destination', () => { const key = new kms.Key(stack, 'Key'); new firehose.DeliveryStream(stack, 'DeliveryStream', { - destinations: [new firehosedestinations.S3Bucket(bucket, { + destination: new firehosedestinations.S3Bucket(bucket, { encryptionKey: key, role: destinationRole, - })], + }), }); Template.fromStack(stack).hasResourceProperties('AWS::IAM::Policy', { @@ -488,7 +488,7 @@ describe('S3 destination', () => { }, }); new firehose.DeliveryStream(stack, 'DeliveryStream', { - destinations: [destination], + destination: destination, }); Template.fromStack(stack).hasResourceProperties('AWS::KinesisFirehose::DeliveryStream', { @@ -513,7 +513,7 @@ describe('S3 destination', () => { }, }); new firehose.DeliveryStream(stack, 'DeliveryStream', { - destinations: [destination], + destination: destination, }); Template.fromStack(stack).hasResourceProperties('AWS::KinesisFirehose::DeliveryStream', { @@ -542,7 +542,7 @@ describe('S3 destination', () => { it('by default does not create resources', () => { const destination = new firehosedestinations.S3Bucket(bucket); new firehose.DeliveryStream(stack, 'DeliveryStream', { - destinations: [destination], + destination: destination, }); Template.fromStack(stack).resourceCountIs('AWS::S3::Bucket', 1); @@ -572,7 +572,7 @@ describe('S3 destination', () => { }, }); new firehose.DeliveryStream(stack, 'DeliveryStream', { - destinations: [destination], + destination: destination, }); Template.fromStack(stack).hasResourceProperties('AWS::KinesisFirehose::DeliveryStream', { diff --git a/packages/aws-cdk-lib/aws-logs/README.md b/packages/aws-cdk-lib/aws-logs/README.md index 52dd9aaf84b1f..ef32158b051e5 100644 --- a/packages/aws-cdk-lib/aws-logs/README.md +++ b/packages/aws-cdk-lib/aws-logs/README.md @@ -417,7 +417,7 @@ const bucket = new s3.Bucket(this, 'audit-bucket'); const s3Destination = new destinations.S3Bucket(bucket); const deliveryStream = new kinesisfirehose.DeliveryStream(this, 'Delivery Stream', { - destinations: [s3Destination], + destination: s3Destination, }); const dataProtectionPolicy = new logs.DataProtectionPolicy({ From 6e9623493585ed05b2b4358d8df2f175191b6c4d Mon Sep 17 00:00:00 2001 From: Shikha Aggarwal Date: Fri, 4 Oct 2024 18:54:15 -0700 Subject: [PATCH 2/4] revert: feat(cli): cdk rollback (#31407) (#31657) ### Issue # (if applicable) Closes #[31654](https://github.com/aws/aws-cdk/issues/31654). ### Reason for this change This reverts commit 0755561b79d6be0744b0b21504fe54ffcf2b618a. ### Description of changes Changes introduced regression in amplify app for nested stacks, reverting it. ### Description of how you validated changes Validated with local build ### Checklist - [ ] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk-testing/cli-integ/README.md | 2 +- .../cli-integ/lib/with-cdk-app.ts | 19 +- .../cdk-apps/rollback-test-app/app.js | 100 ------ .../cdk-apps/rollback-test-app/cdk.json | 7 - .../cli-regression-patches/v2.161.0/NOTES.md | 1 + .../v2.161.0/skip-tests.txt | 5 + .../tests/cli-integ-tests/cli.integtest.ts | 81 +---- packages/aws-cdk/README.md | 63 ++-- .../lib/api/bootstrap/bootstrap-template.yaml | 4 +- packages/aws-cdk/lib/api/cxapp/exec.ts | 3 - packages/aws-cdk/lib/api/deployments.ts | 205 +---------- .../cloudformation/stack-activity-monitor.ts | 90 +++-- .../util/cloudformation/stack-event-poller.ts | 172 --------- .../api/util/cloudformation/stack-status.ts | 36 -- packages/aws-cdk/lib/cdk-toolkit.ts | 86 ----- packages/aws-cdk/lib/cli.ts | 31 -- .../api/cloudformation-deployments.test.ts | 334 ++++++------------ .../test/api/fake-cloudformation-stack.ts | 22 +- .../test/api/stack-activity-monitor.test.ts | 12 - packages/aws-cdk/test/cdk-toolkit.test.ts | 33 +- packages/aws-cdk/test/util/mock-sdk.ts | 14 +- .../aws-cdk/test/util/stack-monitor.test.ts | 27 +- 22 files changed, 225 insertions(+), 1122 deletions(-) delete mode 100644 packages/@aws-cdk-testing/cli-integ/resources/cdk-apps/rollback-test-app/app.js delete mode 100644 packages/@aws-cdk-testing/cli-integ/resources/cdk-apps/rollback-test-app/cdk.json create mode 100644 packages/@aws-cdk-testing/cli-integ/resources/cli-regression-patches/v2.161.0/NOTES.md create mode 100644 packages/@aws-cdk-testing/cli-integ/resources/cli-regression-patches/v2.161.0/skip-tests.txt delete mode 100644 packages/aws-cdk/lib/api/util/cloudformation/stack-event-poller.ts diff --git a/packages/@aws-cdk-testing/cli-integ/README.md b/packages/@aws-cdk-testing/cli-integ/README.md index d1dd485660151..2dc2e9c70d8cc 100644 --- a/packages/@aws-cdk-testing/cli-integ/README.md +++ b/packages/@aws-cdk-testing/cli-integ/README.md @@ -37,7 +37,7 @@ Test suites are written as a collection of Jest tests, and they are run using Je ### Setup -Building the @aws-cdk-testing package is not very different from building the rest of the CDK. However, If you are having issues with the tests, you can ensure your environment is built properly by following the steps below: +Building the @aws-cdk-testing package is not very different from building the rest of the CDK. However, If you are having issues with the tests, you can ensure your enviornment is built properly by following the steps below: ```shell yarn install # Install dependencies diff --git a/packages/@aws-cdk-testing/cli-integ/lib/with-cdk-app.ts b/packages/@aws-cdk-testing/cli-integ/lib/with-cdk-app.ts index 5e55ca9be74b9..13710b6c53b09 100644 --- a/packages/@aws-cdk-testing/cli-integ/lib/with-cdk-app.ts +++ b/packages/@aws-cdk-testing/cli-integ/lib/with-cdk-app.ts @@ -24,8 +24,7 @@ export const EXTENDED_TEST_TIMEOUT_S = 30 * 60; * For backwards compatibility with existing tests (so we don't have to change * too much) the inner block is expected to take a `TestFixture` object. */ -export function withSpecificCdkApp( - appName: string, +export function withCdkApp( block: (context: TestFixture) => Promise, ): (context: TestContext & AwsContext & DisableBootstrapContext) => Promise { return async (context: TestContext & AwsContext & DisableBootstrapContext) => { @@ -37,7 +36,7 @@ export function withSpecificCdkApp( context.output.write(` Test directory: ${integTestDir}\n`); context.output.write(` Region: ${context.aws.region}\n`); - await cloneDirectory(path.join(RESOURCES_DIR, 'cdk-apps', appName), integTestDir, context.output); + await cloneDirectory(path.join(RESOURCES_DIR, 'cdk-apps', 'app'), integTestDir, context.output); const fixture = new TestFixture( integTestDir, stackNamePrefix, @@ -88,16 +87,6 @@ export function withSpecificCdkApp( }; } -/** - * Like `withSpecificCdkApp`, but uses the default integration testing app with a million stacks in it - */ -export function withCdkApp( - block: (context: TestFixture) => Promise, -): (context: TestContext & AwsContext & DisableBootstrapContext) => Promise { - // 'app' is the name of the default integration app in the `cdk-apps` directory - return withSpecificCdkApp('app', block); -} - export function withCdkMigrateApp(language: string, block: (context: TestFixture) => Promise) { return async (context: A) => { const stackName = `cdk-migrate-${language}-integ-${context.randomString}`; @@ -199,10 +188,6 @@ export function withDefaultFixture(block: (context: TestFixture) => Promise Promise) { - return withAws(withTimeout(DEFAULT_TEST_TIMEOUT_S, withSpecificCdkApp(appName, block))); -} - export function withExtendedTimeoutFixture(block: (context: TestFixture) => Promise) { return withAws(withTimeout(EXTENDED_TEST_TIMEOUT_S, withCdkApp(block))); } diff --git a/packages/@aws-cdk-testing/cli-integ/resources/cdk-apps/rollback-test-app/app.js b/packages/@aws-cdk-testing/cli-integ/resources/cdk-apps/rollback-test-app/app.js deleted file mode 100644 index 419e30898c9bf..0000000000000 --- a/packages/@aws-cdk-testing/cli-integ/resources/cdk-apps/rollback-test-app/app.js +++ /dev/null @@ -1,100 +0,0 @@ -const cdk = require('aws-cdk-lib'); -const lambda = require('aws-cdk-lib/aws-lambda'); -const cr = require('aws-cdk-lib/custom-resources'); - -/** - * This stack will be deployed in multiple phases, to achieve a very specific effect - * - * It contains resources r1 and r2, where r1 gets deployed first. - * - * - PHASE = 1: both resources deploy regularly. - * - PHASE = 2a: r1 gets updated, r2 will fail to update - * - PHASE = 2b: r1 gets updated, r2 will fail to update, and r1 will fail its rollback. - * - * To exercise this app: - * - * ``` - * env PHASE=1 npx cdk deploy - * env PHASE=2b npx cdk deploy --no-rollback - * # This will leave the stack in UPDATE_FAILED - * - * env PHASE=2b npx cdk rollback - * # This will start a rollback that will fail because r1 fails its rollabck - * - * env PHASE=2b npx cdk rollback --force - * # This will retry the rollabck and skip r1 - * ``` - */ -class RollbacktestStack extends cdk.Stack { - constructor(scope, id, props) { - super(scope, id, props); - - let r1props = {}; - let r2props = {}; - - const phase = process.env.PHASE; - switch (phase) { - case '1': - // Normal deployment - break; - case '2a': - // r1 updates normally, r2 fails updating - r2props.FailUpdate = true; - break; - case '2b': - // r1 updates normally, r2 fails updating, r1 fails rollback - r1props.FailRollback = true; - r2props.FailUpdate = true; - break; - } - - const fn = new lambda.Function(this, 'Fun', { - runtime: lambda.Runtime.NODEJS_LATEST, - code: lambda.Code.fromInline(`exports.handler = async function(event, ctx) { - const key = \`Fail\${event.RequestType}\`; - if (event.ResourceProperties[key]) { - throw new Error(\`\${event.RequestType} fails!\`); - } - if (event.OldResourceProperties?.FailRollback) { - throw new Error('Failing rollback!'); - } - return {}; - }`), - handler: 'index.handler', - timeout: cdk.Duration.minutes(1), - }); - const provider = new cr.Provider(this, "MyProvider", { - onEventHandler: fn, - }); - - const r1 = new cdk.CustomResource(this, 'r1', { - serviceToken: provider.serviceToken, - properties: r1props, - }); - const r2 = new cdk.CustomResource(this, 'r2', { - serviceToken: provider.serviceToken, - properties: r2props, - }); - r2.node.addDependency(r1); - } -} - -const app = new cdk.App({ - context: { - '@aws-cdk/core:assetHashSalt': process.env.CODEBUILD_BUILD_ID, // Force all assets to be unique, but consistent in one build - }, -}); - -const defaultEnv = { - account: process.env.CDK_DEFAULT_ACCOUNT, - region: process.env.CDK_DEFAULT_REGION -}; - -const stackPrefix = process.env.STACK_NAME_PREFIX; -if (!stackPrefix) { - throw new Error(`the STACK_NAME_PREFIX environment variable is required`); -} - -// Sometimes we don't want to synthesize all stacks because it will impact the results -new RollbacktestStack(app, `${stackPrefix}-test-rollback`, { env: defaultEnv }); -app.synth(); \ No newline at end of file diff --git a/packages/@aws-cdk-testing/cli-integ/resources/cdk-apps/rollback-test-app/cdk.json b/packages/@aws-cdk-testing/cli-integ/resources/cdk-apps/rollback-test-app/cdk.json deleted file mode 100644 index 44809158dbdac..0000000000000 --- a/packages/@aws-cdk-testing/cli-integ/resources/cdk-apps/rollback-test-app/cdk.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "app": "node app.js", - "versionReporting": false, - "context": { - "aws-cdk:enableDiffNoFail": "true" - } -} diff --git a/packages/@aws-cdk-testing/cli-integ/resources/cli-regression-patches/v2.161.0/NOTES.md b/packages/@aws-cdk-testing/cli-integ/resources/cli-regression-patches/v2.161.0/NOTES.md new file mode 100644 index 0000000000000..8e21b44daec85 --- /dev/null +++ b/packages/@aws-cdk-testing/cli-integ/resources/cli-regression-patches/v2.161.0/NOTES.md @@ -0,0 +1 @@ +This patch brings the [fix](https://github.com/aws/aws-cdk/issues/31654) into the regression suite. \ No newline at end of file diff --git a/packages/@aws-cdk-testing/cli-integ/resources/cli-regression-patches/v2.161.0/skip-tests.txt b/packages/@aws-cdk-testing/cli-integ/resources/cli-regression-patches/v2.161.0/skip-tests.txt new file mode 100644 index 0000000000000..f681a64076c25 --- /dev/null +++ b/packages/@aws-cdk-testing/cli-integ/resources/cli-regression-patches/v2.161.0/skip-tests.txt @@ -0,0 +1,5 @@ +# Skipping the test to fix issue https://github.com/aws/aws-cdk/issues/31654. +# cli-integ tests failing for the old tests with the new cli changes for nested stacks. + +test cdk rollback +test cdk rollback --force \ No newline at end of file diff --git a/packages/@aws-cdk-testing/cli-integ/tests/cli-integ-tests/cli.integtest.ts b/packages/@aws-cdk-testing/cli-integ/tests/cli-integ-tests/cli.integtest.ts index 8efebdec07875..a38580d10714a 100644 --- a/packages/@aws-cdk-testing/cli-integ/tests/cli-integ-tests/cli.integtest.ts +++ b/packages/@aws-cdk-testing/cli-integ/tests/cli-integ-tests/cli.integtest.ts @@ -32,7 +32,6 @@ import { withCDKMigrateFixture, withExtendedTimeoutFixture, randomString, - withSpecificFixture, withoutBootstrap, } from '../../lib'; @@ -2285,85 +2284,7 @@ integTest( }), ); -integTest( - 'test cdk rollback', - withSpecificFixture('rollback-test-app', async (fixture) => { - let phase = '1'; - - // Should succeed - await fixture.cdkDeploy('test-rollback', { - options: ['--no-rollback'], - modEnv: { PHASE: phase }, - verbose: false, - }); - try { - phase = '2a'; - - // Should fail - const deployOutput = await fixture.cdkDeploy('test-rollback', { - options: ['--no-rollback'], - modEnv: { PHASE: phase }, - verbose: false, - allowErrExit: true, - }); - expect(deployOutput).toContain('UPDATE_FAILED'); - - // Rollback - await fixture.cdk(['rollback'], { - modEnv: { PHASE: phase }, - verbose: false, - }); - } finally { - await fixture.cdkDestroy('test-rollback'); - } - }), -); - -integTest( - 'test cdk rollback --force', - withSpecificFixture('rollback-test-app', async (fixture) => { - let phase = '1'; - - // Should succeed - await fixture.cdkDeploy('test-rollback', { - options: ['--no-rollback'], - modEnv: { PHASE: phase }, - verbose: false, - }); - try { - phase = '2b'; // Fail update and also fail rollback - - // Should fail - const deployOutput = await fixture.cdkDeploy('test-rollback', { - options: ['--no-rollback'], - modEnv: { PHASE: phase }, - verbose: false, - allowErrExit: true, - }); - - expect(deployOutput).toContain('UPDATE_FAILED'); - - // Should still fail - const rollbackOutput = await fixture.cdk(['rollback'], { - modEnv: { PHASE: phase }, - verbose: false, - allowErrExit: true, - }); - - expect(rollbackOutput).toContain('Failing rollback'); - - // Rollback and force cleanup - await fixture.cdk(['rollback', '--force'], { - modEnv: { PHASE: phase }, - verbose: false, - }); - } finally { - await fixture.cdkDestroy('test-rollback'); - } - }), -); - -integTest('cdk bootstrap notice is displayed correctly', withDefaultFixture(async (fixture) => { +integTest('cdk notices are displayed correctly', withDefaultFixture(async (fixture) => { const cache = { expiration: 4125963264000, // year 2100 so we never overwrite the cache diff --git a/packages/aws-cdk/README.md b/packages/aws-cdk/README.md index a5359727e06ad..57081731a7c4c 100644 --- a/packages/aws-cdk/README.md +++ b/packages/aws-cdk/README.md @@ -19,7 +19,6 @@ The AWS CDK Toolkit provides the `cdk` command-line interface that can be used t | [`cdk synth`](#cdk-synthesize) | Synthesize a CDK app to CloudFormation template(s) | | [`cdk diff`](#cdk-diff) | Diff stacks against current state | | [`cdk deploy`](#cdk-deploy) | Deploy a stack into an AWS account | -| [`cdk rollback`](#cdk-rollback) | Roll back a failed deployment | | [`cdk import`](#cdk-import) | Import existing AWS resources into a CDK stack | | [`cdk migrate`](#cdk-migrate) | Migrate AWS resources, CloudFormation stacks, and CloudFormation templates to CDK | | [`cdk watch`](#cdk-watch) | Watches a CDK app for deployable and hotswappable changes | @@ -203,10 +202,6 @@ $ cdk deploy --no-rollback $ cdk deploy -R ``` -If a deployment fails you can update your code and immediately retry the -deployment from the point of failure. If you would like to explicitly roll back a failed, paused deployment, -use `cdk rollback`. - NOTE: you cannot use `--no-rollback` for any updates that would cause a resource replacement, only for updates and creations of new resources. @@ -400,7 +395,7 @@ development, your prod app may not have any resources or the resources are comme out. In this scenario, you will receive an error message stating that the app has no stacks. -To bypass this error messages, you can pass the `--ignore-no-stacks` flag to the +To bypass this error messages, you can pass the `--ignore-no-stacks` flag to the `deploy` command: ```console @@ -471,24 +466,6 @@ and might have breaking changes in the future. > *: `Fn::GetAtt` is only partially supported. Refer to [this implementation](https://github.com/aws/aws-cdk/blob/main/packages/aws-cdk/lib/api/evaluate-cloudformation-template.ts#L477-L492) for supported resources and attributes. -### `cdk rollback` - -If a deployment performed using `cdk deploy --no-rollback` fails, your -deployment will be left in a failed, paused state. From this state you can -update your code and try the deployment again, or roll the deployment back to -the last stable state. - -To roll the deployment back, use `cdk rollback`. This will initiate a rollback -to the last stable state of your stack. - -Some resources may fail to roll back. If they do, you can try again by calling -`cdk rollback --orphan ` (can be specified multiple times). Or, run -`cdk rollback --force` to have the CDK CLI automatically orphan all failing -resources. - -(`cdk rollback` requires version 23 of the bootstrap stack, since it depends on -new permissions necessary to call the appropriate CloudFormation APIs) - ### `cdk watch` The `watch` command is similar to `deploy`, @@ -619,9 +596,9 @@ This feature currently has the following limitations: ### `cdk migrate` -⚠️**CAUTION**⚠️: CDK Migrate is currently experimental and may have breaking changes in the future. +⚠️**CAUTION**⚠️: CDK Migrate is currently experimental and may have breaking changes in the future. -CDK Migrate generates a CDK app from deployed AWS resources using `--from-scan`, deployed AWS CloudFormation stacks using `--from-stack`, and local AWS CloudFormation templates using `--from-path`. +CDK Migrate generates a CDK app from deployed AWS resources using `--from-scan`, deployed AWS CloudFormation stacks using `--from-stack`, and local AWS CloudFormation templates using `--from-path`. To learn more about the CDK Migrate feature, see [Migrate to AWS CDK](https://docs.aws.amazon.com/cdk/v2/guide/migrate.html). For more information on `cdk migrate` command options, see [cdk migrate command reference](https://docs.aws.amazon.com/cdk/v2/guide/ref-cli-cdk-migrate.html). @@ -653,7 +630,7 @@ Account and Region information are retrieved from default CDK CLI sources. Use ` $ cdk migrate --language typescript --from-scan --stack-name "myCloudFormationStack" ``` -Since CDK Migrate relies on the IaC generator service, any limitations of IaC generator will apply to CDK Migrate. For general limitations, see [Considerations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/generate-IaC.html#generate-template-considerations). +Since CDK Migrate relies on the IaC generator service, any limitations of IaC generator will apply to CDK Migrate. For general limitations, see [Considerations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/generate-IaC.html#generate-template-considerations). IaC generator limitations with discovering resource and property values will also apply here. As a result, CDK Migrate will only migrate resources supported by IaC generator. Some of your resources may not be supported and some property values may not be accessible. For more information, see [Iac generator and write-only properties](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/generate-IaC-write-only-properties.html) and [Supported resource types](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/generate-IaC-supported-resources.html). @@ -670,8 +647,8 @@ $ # template.json is a valid cloudformation template in the local directory $ cdk migrate --stack-name MyAwesomeApplication --language typescript --from-path MyTemplate.json ``` -This command generates a new directory named `MyAwesomeApplication` within your current working directory, and -then initializes a new CDK application within that directory. The CDK app contains a `MyAwesomeApplication` stack with resources configured to match those in your local CloudFormation template. +This command generates a new directory named `MyAwesomeApplication` within your current working directory, and +then initializes a new CDK application within that directory. The CDK app contains a `MyAwesomeApplication` stack with resources configured to match those in your local CloudFormation template. This results in a CDK application with the following structure, where the lib directory contains a stack definition with the same resource configuration as the provided template.json. @@ -701,13 +678,13 @@ This will generate a Python CDK app which will synthesize the same configuration ##### Generate a TypeScript CDK app from deployed AWS resources that are not associated with a stack -If you have resources in your account that were provisioned outside AWS IaC tools and would like to manage them with the CDK, you can use the `--from-scan` option to generate the application. +If you have resources in your account that were provisioned outside AWS IaC tools and would like to manage them with the CDK, you can use the `--from-scan` option to generate the application. In this example, we use the `--filter` option to specify which resources to migrate. You can filter resources to limit the number of resources migrated to only those specified by the `--filter` option, including any resources they depend on, or resources that depend on them (for example A filter which specifies a single Lambda Function, will find that specific table and any alarms that may monitor it). The `--filter` argument offers both AND as well as OR filtering. OR filtering can be specified by passing multiple `--filter` options, and AND filtering can be specified by passing a single `--filter` option with multiple comma separated key/value pairs as seen below (see below for examples). It is recommended to use the `--filter` option to limit the number of resources returned as some resource types provide sample resources by default in all accounts which can add to the resource limits. -`--from-scan` takes 3 potential arguments: `--new`, `most-recent`, and undefined. If `--new` is passed, CDK Migrate will initiate a new scan of the account and use that new scan to discover resources. If `--most-recent` is passed, CDK Migrate will use the most recent scan of the account to discover resources. If neither `--new` nor `--most-recent` are passed, CDK Migrate will take the most recent scan of the account to discover resources, unless there is no recent scan, in which case it will initiate a new scan. +`--from-scan` takes 3 potential arguments: `--new`, `most-recent`, and undefined. If `--new` is passed, CDK Migrate will initiate a new scan of the account and use that new scan to discover resources. If `--most-recent` is passed, CDK Migrate will use the most recent scan of the account to discover resources. If neither `--new` nor `--most-recent` are passed, CDK Migrate will take the most recent scan of the account to discover resources, unless there is no recent scan, in which case it will initiate a new scan. ```console # Filtering options @@ -740,14 +717,14 @@ $ cdk migrate --stack-name MyAwesomeApplication --language typescript --from-sca - CDK Migrate will only generate L1 constructs and does not currently support any higher level abstractions. - CDK Migrate successfully generating an application does *not* guarantee the application is immediately deployable. -It simply generates a CDK application which will synthesize a template that has identical resource configurations -to the provided template. +It simply generates a CDK application which will synthesize a template that has identical resource configurations +to the provided template. - - CDK Migrate does not interact with the CloudFormation service to verify the template -provided can deploy on its own. Although by default any CDK app generated using the `--from-scan` option exclude -CloudFormation managed resources, CDK Migrate will not verify prior to deployment that any resources scanned, or in the provided + - CDK Migrate does not interact with the CloudFormation service to verify the template +provided can deploy on its own. Although by default any CDK app generated using the `--from-scan` option exclude +CloudFormation managed resources, CDK Migrate will not verify prior to deployment that any resources scanned, or in the provided template are already managed in other CloudFormation templates, nor will it verify that the resources in the provided -template are available in the desired regions, which may impact ADC or Opt-In regions. +template are available in the desired regions, which may impact ADC or Opt-In regions. - If the provided template has parameters without default values, those will need to be provided before deploying the generated application. @@ -764,13 +741,13 @@ In practice this is how CDK Migrate generated applications will operate in the f ##### **The provided template is already deployed to CloudFormation in the account/region** -If the provided template came directly from a deployed CloudFormation stack, and that stack has not experienced any drift, +If the provided template came directly from a deployed CloudFormation stack, and that stack has not experienced any drift, then the generated application will be immediately deployable, and will not cause any changes to the deployed resources. Drift might occur if a resource in your template was modified outside of CloudFormation, namely via the AWS Console or AWS CLI. ##### **The provided template is not deployed to CloudFormation in the account/region, and there *is not* overlap with existing resources in the account/region** -If the provided template represents a set of resources that have no overlap with resources already deployed in the account/region, +If the provided template represents a set of resources that have no overlap with resources already deployed in the account/region, then the generated application will be immediately deployable. This could be because the stack has never been deployed, or the application was generated from a stack deployed in another account/region. @@ -787,16 +764,16 @@ In practice this means for any resource in the provided template, for example, } ``` -There must not exist a resource of that type with the same identifier in the desired region. In this example that identfier +There must not exist a resource of that type with the same identifier in the desired region. In this example that identfier would be "MyBucket" ##### **The provided template is not deployed to CloudFormation in the account/region, and there *is* overlap with existing resources in the account/region** -If the provided template represents a set of resources that overlap with resources already deployed in the account/region, -then the generated application will not be immediately deployable. If those overlapped resources are already managed by +If the provided template represents a set of resources that overlap with resources already deployed in the account/region, +then the generated application will not be immediately deployable. If those overlapped resources are already managed by another CloudFormation stack in that account/region, then those resources will need to be manually removed from the provided template. Otherwise, if the overlapped resources are not managed by another CloudFormation stack, then first remove those -resources from your CDK Application Stack, deploy the cdk application successfully, then re-add them and run `cdk import` +resources from your CDK Application Stack, deploy the cdk application successfully, then re-add them and run `cdk import` to import them into your deployed stack. ### `cdk destroy` diff --git a/packages/aws-cdk/lib/api/bootstrap/bootstrap-template.yaml b/packages/aws-cdk/lib/api/bootstrap/bootstrap-template.yaml index ad71c39535426..8ed4bb8595446 100644 --- a/packages/aws-cdk/lib/api/bootstrap/bootstrap-template.yaml +++ b/packages/aws-cdk/lib/api/bootstrap/bootstrap-template.yaml @@ -485,8 +485,6 @@ Resources: - cloudformation:ExecuteChangeSet - cloudformation:CreateStack - cloudformation:UpdateStack - - cloudformation:RollbackStack - - cloudformation:ContinueUpdateRollback Resource: "*" - Sid: PipelineCrossAccountArtifactsBucket # Read/write buckets in different accounts. Permissions to buckets in @@ -653,7 +651,7 @@ Resources: Type: String Name: Fn::Sub: '/cdk-bootstrap/${Qualifier}/version' - Value: '23' + Value: '22' Outputs: BucketName: Description: The name of the S3 bucket owned by the CDK toolkit stack diff --git a/packages/aws-cdk/lib/api/cxapp/exec.ts b/packages/aws-cdk/lib/api/cxapp/exec.ts index 6b62d7ae2527f..31f2fca029dd9 100644 --- a/packages/aws-cdk/lib/api/cxapp/exec.ts +++ b/packages/aws-cdk/lib/api/cxapp/exec.ts @@ -49,9 +49,6 @@ export async function execProgram(aws: SdkProvider, config: Configuration): Prom if (!outdir) { throw new Error('unexpected: --output is required'); } - if (typeof outdir !== 'string') { - throw new Error(`--output takes a string, got ${JSON.stringify(outdir)}`); - } try { await fs.mkdirp(outdir); } catch (error: any) { diff --git a/packages/aws-cdk/lib/api/deployments.ts b/packages/aws-cdk/lib/api/deployments.ts index d5b6f8a63e987..285dba5d29114 100644 --- a/packages/aws-cdk/lib/api/deployments.ts +++ b/packages/aws-cdk/lib/api/deployments.ts @@ -1,4 +1,3 @@ -import { randomUUID } from 'crypto'; import * as cxapi from '@aws-cdk/cx-api'; import * as cdk_assets from 'cdk-assets'; import { AssetManifest, IManifestEntry } from 'cdk-assets'; @@ -12,17 +11,13 @@ import { deployStack, DeployStackResult, destroyStack, DeploymentMethod } from ' import { EnvironmentResources, EnvironmentResourcesRegistry } from './environment-resources'; import { HotswapMode } from './hotswap/common'; import { loadCurrentTemplateWithNestedStacks, loadCurrentTemplate, RootTemplateWithNestedStacks } from './nested-stack-helpers'; -import { CloudFormationStack, Template, ResourcesToImport, ResourceIdentifierSummaries, stabilizeStack } from './util/cloudformation'; -import { StackActivityMonitor, StackActivityProgress } from './util/cloudformation/stack-activity-monitor'; -import { StackEventPoller } from './util/cloudformation/stack-event-poller'; -import { RollbackChoice } from './util/cloudformation/stack-status'; +import { CloudFormationStack, Template, ResourcesToImport, ResourceIdentifierSummaries } from './util/cloudformation'; +import { StackActivityProgress } from './util/cloudformation/stack-activity-monitor'; import { replaceEnvPlaceholders } from './util/placeholders'; import { makeBodyParameter } from './util/template-body-parameter'; import { AssetManifestBuilder } from '../util/asset-manifest-builder'; import { buildAssets, publishAssets, BuildAssetsOptions, PublishAssetsOptions, PublishingAws, EVENT_TO_LOGGER } from '../util/asset-publishing'; -const BOOTSTRAP_STACK_VERSION_FOR_ROLLBACK = 23; - /** * SDK obtained by assuming the lookup role * for a given environment @@ -215,77 +210,6 @@ export interface DeployStackOptions { ignoreNoStacks?: boolean; } -export interface RollbackStackOptions { - /** - * Stack to roll back - */ - readonly stack: cxapi.CloudFormationStackArtifact; - - /** - * Execution role for the deployment (pass through to CloudFormation) - * - * @default - Current role - */ - readonly roleArn?: string; - - /** - * Don't show stack deployment events, just wait - * - * @default false - */ - readonly quiet?: boolean; - - /** - * Whether we are on a CI system - * - * @default false - */ - readonly ci?: boolean; - - /** - * Name of the toolkit stack, if not the default name - * - * @default 'CDKToolkit' - */ - readonly toolkitStackName?: string; - - /** - * Whether to force a rollback or not - * - * Forcing a rollback will orphan all undeletable resources. - * - * @default false - */ - readonly force?: boolean; - - /** - * Orphan the resources with the given logical IDs - * - * @default - No orphaning - */ - readonly orphanLogicalIds?: string[]; - - /** - * Display mode for stack deployment progress. - * - * @default - StackActivityProgress.Bar - stack events will be displayed for - * the resource currently being deployed. - */ - readonly progress?: StackActivityProgress; - - /** - * Whether to validate the version of the bootstrap stack permissions - * - * @default true - */ - readonly validateBootstrapStackVersion?: boolean; -} - -export interface RollbackStackResult { - readonly notInRollbackableState?: boolean; - readonly success?: boolean; -} - interface AssetOptions { /** * Stack with assets to build. @@ -495,125 +419,6 @@ export class Deployments { }); } - public async rollbackStack(options: RollbackStackOptions): Promise { - let resourcesToSkip: string[] = options.orphanLogicalIds ?? []; - if (options.force && resourcesToSkip.length > 0) { - throw new Error('Cannot combine --force with --orphan'); - } - - const { - stackSdk, - resolvedEnvironment: _, - cloudFormationRoleArn, - envResources, - } = await this.prepareSdkFor(options.stack, options.roleArn, Mode.ForWriting); - - if (options.validateBootstrapStackVersion ?? true) { - // Do a verification of the bootstrap stack version - await this.validateBootstrapStackVersion( - options.stack.stackName, - BOOTSTRAP_STACK_VERSION_FOR_ROLLBACK, - options.stack.bootstrapStackVersionSsmParameter, - envResources); - } - - const cfn = stackSdk.cloudFormation(); - const deployName = options.stack.stackName; - - // We loop in case of `--force` and the stack ends up in `CONTINUE_UPDATE_ROLLBACK`. - let maxLoops = 10; - while (maxLoops--) { - let cloudFormationStack = await CloudFormationStack.lookup(cfn, deployName); - - switch (cloudFormationStack.stackStatus.rollbackChoice) { - case RollbackChoice.NONE: - warning(`Stack ${deployName} does not need a rollback: ${cloudFormationStack.stackStatus}`); - return { notInRollbackableState: true }; - - case RollbackChoice.START_ROLLBACK: - debug(`Initiating rollback of stack ${deployName}`); - await cfn.rollbackStack({ - StackName: deployName, - RoleARN: cloudFormationRoleArn, - ClientRequestToken: randomUUID(), - // Enabling this is just the better overall default, the only reason it isn't the upstream default is backwards compatibility - RetainExceptOnCreate: true, - }).promise(); - break; - - case RollbackChoice.CONTINUE_UPDATE_ROLLBACK: - if (options.force) { - // Find the failed resources from the deployment and automatically skip them - // (Using deployment log because we definitely have `DescribeStackEvents` permissions, and we might not have - // `DescribeStackResources` permissions). - const poller = new StackEventPoller(cfn, { - stackName: deployName, - stackStatuses: ['ROLLBACK_IN_PROGRESS', 'UPDATE_ROLLBACK_IN_PROGRESS'], - }); - await poller.poll(); - resourcesToSkip = poller.resourceErrors - .filter(r => !r.isStackEvent && r.parentStackLogicalIds.length === 0) - .map(r => r.event.LogicalResourceId ?? ''); - } - - const skipDescription = resourcesToSkip.length > 0 - ? ` (orphaning: ${resourcesToSkip.join(', ')})` - : ''; - warning(`Continuing rollback of stack ${deployName}${skipDescription}`); - await cfn.continueUpdateRollback({ - StackName: deployName, - ClientRequestToken: randomUUID(), - RoleARN: cloudFormationRoleArn, - ResourcesToSkip: resourcesToSkip, - }).promise(); - break; - - case RollbackChoice.ROLLBACK_FAILED: - warning(`Stack ${deployName} failed creation and rollback. This state cannot be rolled back. You can recreate this stack by running 'cdk deploy'.`); - return { notInRollbackableState: true }; - - default: - throw new Error(`Unexpected rollback choice: ${cloudFormationStack.stackStatus.rollbackChoice}`); - } - - const monitor = options.quiet ? undefined : StackActivityMonitor.withDefaultPrinter(cfn, deployName, options.stack, { - ci: options.ci, - }).start(); - - let stackErrorMessage: string | undefined = undefined; - let finalStackState = cloudFormationStack; - try { - const successStack = await stabilizeStack(cfn, deployName); - - // This shouldn't really happen, but catch it anyway. You never know. - if (!successStack) { throw new Error('Stack deploy failed (the stack disappeared while we were rolling it back)'); } - finalStackState = successStack; - - const errors = monitor?.errors?.join(', '); - if (errors) { - stackErrorMessage = errors; - } - } catch (e: any) { - stackErrorMessage = suffixWithErrors(e.message, monitor?.errors); - } finally { - await monitor?.stop(); - } - - if (finalStackState.stackStatus.isRollbackSuccess || !stackErrorMessage) { - return { success: true }; - } - - // Either we need to ignore some resources to continue the rollback, or something went wrong - if (finalStackState.stackStatus.rollbackChoice === RollbackChoice.CONTINUE_UPDATE_ROLLBACK && options.force) { - // Do another loop-de-loop - continue; - } - - throw new Error(`${stackErrorMessage} (fix problem and retry, or orphan these resources using --orphan or --force)`);; - } - throw new Error('Rollback did not finish after a large number of iterations; stopping because it looks like we\'re not making progress anymore. You can retry if rollback was progressing as expected.'); - } - public async destroyStack(options: DestroyStackOptions): Promise { const { stackSdk, cloudFormationRoleArn: roleArn } = await this.prepareSdkFor(options.stack, options.roleArn, Mode.ForWriting); @@ -925,9 +730,3 @@ class ParallelSafeAssetProgress implements cdk_assets.IPublishProgressListener { */ export class CloudFormationDeployments extends Deployments { } - -function suffixWithErrors(msg: string, errors?: string[]) { - return errors && errors.length > 0 - ? `${msg}: ${errors.join(', ')}` - : msg; -} \ No newline at end of file diff --git a/packages/aws-cdk/lib/api/util/cloudformation/stack-activity-monitor.ts b/packages/aws-cdk/lib/api/util/cloudformation/stack-activity-monitor.ts index 6db3b7f67941c..1b2422a219168 100644 --- a/packages/aws-cdk/lib/api/util/cloudformation/stack-activity-monitor.ts +++ b/packages/aws-cdk/lib/api/util/cloudformation/stack-activity-monitor.ts @@ -3,11 +3,11 @@ import * as cxschema from '@aws-cdk/cloud-assembly-schema'; import * as cxapi from '@aws-cdk/cx-api'; import * as aws from 'aws-sdk'; import * as chalk from 'chalk'; -import { ResourceEvent, StackEventPoller } from './stack-event-poller'; import { error, logLevel, LogLevel, setLogLevel } from '../../../logging'; import { RewritableBlock } from '../display'; -export interface StackActivity extends ResourceEvent { +export interface StackActivity { + readonly event: aws.CloudFormation.StackEvent; readonly metadata?: ResourceMetadata; } @@ -116,13 +116,17 @@ export class StackActivityMonitor { } /** - * The poller used to read stack events + * Resource errors found while monitoring the deployment */ - public readonly poller: StackEventPoller; - - public readonly errors: string[] = []; + public readonly errors = new Array(); private active = false; + private activity: { [eventId: string]: StackActivity } = { }; + + /** + * Determines which events not to display + */ + private readonly startTime: number; /** * Current tick timer @@ -135,16 +139,13 @@ export class StackActivityMonitor { private readPromise?: Promise; constructor( - cfn: aws.CloudFormation, + private readonly cfn: aws.CloudFormation, private readonly stackName: string, private readonly printer: IActivityPrinter, private readonly stack?: cxapi.CloudFormationStackArtifact, changeSetCreationTime?: Date, ) { - this.poller = new StackEventPoller(cfn, { - stackName, - startTime: changeSetCreationTime?.getTime() ?? Date.now(), - }); + this.startTime = changeSetCreationTime?.getTime() ?? Date.now(); } public start() { @@ -220,17 +221,61 @@ export class StackActivityMonitor { * see a next page and the last event in the page is new to us (and within the time window). * haven't seen the final event */ - private async readNewEvents(): Promise { - const pollEvents = await this.poller.poll(); + private async readNewEvents(stackName?: string): Promise { + const stackToPollForEvents = stackName ?? this.stackName; + const events: StackActivity[] = []; + const CFN_SUCCESS_STATUS = ['UPDATE_COMPLETE', 'CREATE_COMPLETE', 'DELETE_COMPLETE', 'DELETE_SKIPPED']; + try { + let nextToken: string | undefined; + let finished = false; + while (!finished) { + const response = await this.cfn.describeStackEvents({ StackName: stackToPollForEvents, NextToken: nextToken }).promise(); + const eventPage = response?.StackEvents ?? []; + + for (const event of eventPage) { + // Event from before we were interested in 'em + if (event.Timestamp.valueOf() < this.startTime) { + finished = true; + break; + } + + // Already seen this one + if (event.EventId in this.activity) { + finished = true; + break; + } + + // Fresh event + events.push(this.activity[event.EventId] = { + event: event, + metadata: this.findMetadataFor(event.LogicalResourceId), + }); + + if (event.ResourceType === 'AWS::CloudFormation::Stack' && !CFN_SUCCESS_STATUS.includes(event.ResourceStatus ?? '')) { + // If the event is not for `this` stack and has a physical resource Id, recursively call for events in the nested stack + if (event.PhysicalResourceId && event.PhysicalResourceId !== stackToPollForEvents) { + await this.readNewEvents(event.PhysicalResourceId); + } + } + } - const activities: StackActivity[] = pollEvents.map(event => ({ - ...event, - metadata: this.findMetadataFor(event.event.LogicalResourceId), - })); + // We're also done if there's nothing left to read + nextToken = response?.NextToken; + if (nextToken === undefined) { + finished = true; + } + } + } catch (e: any) { + if (e.code === 'ValidationError' && e.message === `Stack [${stackToPollForEvents}] does not exist`) { + return; + } + throw e; + } - for (const activity of activities) { - this.checkForErrors(activity); - this.printer.addActivity(activity ); + events.reverse(); + for (const event of events) { + this.checkForErrors(event); + this.printer.addActivity(event); } } @@ -253,7 +298,6 @@ export class StackActivityMonitor { } private checkForErrors(activity: StackActivity) { - if (hasErrorMessage(activity.event.ResourceStatus ?? '')) { const isCancelled = (activity.event.ResourceStatusReason ?? '').indexOf('cancelled') > -1; @@ -506,7 +550,7 @@ export class HistoryActivityPrinter extends ActivityPrinterBase { this.stream.write('\nFailed resources:\n'); for (const failure of this.failures) { // Root stack failures are not interesting - if (failure.isStackEvent) { + if (failure.event.StackName === failure.event.LogicalResourceId) { continue; } @@ -663,7 +707,7 @@ export class CurrentActivityPrinter extends ActivityPrinterBase { const lines = new Array(); for (const failure of this.failures) { // Root stack failures are not interesting - if (failure.isStackEvent) { + if (failure.event.StackName === failure.event.LogicalResourceId) { continue; } diff --git a/packages/aws-cdk/lib/api/util/cloudformation/stack-event-poller.ts b/packages/aws-cdk/lib/api/util/cloudformation/stack-event-poller.ts deleted file mode 100644 index 8bc218a568ac3..0000000000000 --- a/packages/aws-cdk/lib/api/util/cloudformation/stack-event-poller.ts +++ /dev/null @@ -1,172 +0,0 @@ -import * as aws from 'aws-sdk'; - -export interface StackEventPollerProps { - /** - * The stack to poll - */ - readonly stackName: string; - - /** - * IDs of parent stacks of this resource, in case of resources in nested stacks - */ - readonly parentStackLogicalIds?: string[]; - - /** - * Timestamp for the oldest event we're interested in - * - * @default - Read all events - */ - readonly startTime?: number; - - /** - * Stop reading when we see the stack entering this status - * - * Should be something like `CREATE_IN_PROGRESS`, `UPDATE_IN_PROGRESS`, - * `DELETE_IN_PROGRESS, `ROLLBACK_IN_PROGRESS`. - * - * @default - Read all events - */ - readonly stackStatuses?: string[]; -} - -export interface ResourceEvent { - readonly event: aws.CloudFormation.StackEvent; - readonly parentStackLogicalIds: string[]; - - /** - * Whether this event regards the root stack - * - * @default false - */ - readonly isStackEvent?: boolean; -} - -export class StackEventPoller { - public readonly events: ResourceEvent[] = []; - public complete: boolean = false; - - private readonly eventIds = new Set(); - private readonly nestedStackPollers: Record = {}; - - constructor(private readonly cfn: aws.CloudFormation, private readonly props: StackEventPollerProps) { - } - - /** - * From all accumulated events, return only the errors - */ - public get resourceErrors(): ResourceEvent[] { - return this.events.filter(e => e.event.ResourceStatus?.endsWith('_FAILED') && !e.isStackEvent); - } - - /** - * Poll for new stack events - * - * Will not return events older than events indicated by the constructor filters. - * - * Recurses into nested stacks, and returns events old-to-new. - */ - public async poll(): Promise { - const events: ResourceEvent[] = []; - try { - let nextToken: string | undefined; - let finished = false; - while (!finished) { - const response = await this.cfn.describeStackEvents({ StackName: this.props.stackName, NextToken: nextToken }).promise(); - const eventPage = response?.StackEvents ?? []; - - for (const event of eventPage) { - // Event from before we were interested in 'em - if (this.props.startTime !== undefined && event.Timestamp.valueOf() < this.props.startTime) { - finished = true; - break; - } - - // Already seen this one - if (this.eventIds.has(event.EventId)) { - finished = true; - break; - } - this.eventIds.add(event.EventId); - - // The events for the stack itself are also included next to events about resources; we can test for them in this way. - const isParentStackEvent = event.PhysicalResourceId === event.StackId; - - if (isParentStackEvent && this.props.stackStatuses?.includes(event.ResourceStatus ?? '')) { - finished = true; - break; - } - - // Fresh event - const resEvent: ResourceEvent = { - event: event, - parentStackLogicalIds: this.props.parentStackLogicalIds ?? [], - isStackEvent: isParentStackEvent, - }; - events.push(resEvent); - - if (!isParentStackEvent && event.ResourceType === 'AWS::CloudFormation::Stack' && isStackBeginOperationState(event.ResourceStatus)) { - // If the event is not for `this` stack and has a physical resource Id, recursively call for events in the nested stack - this.trackNestedStack(event, [...this.props.parentStackLogicalIds ?? [], event.LogicalResourceId ?? '']); - } - - if (isParentStackEvent && isStackTerminalState(event.ResourceStatus)) { - this.complete = true; - } - } - - // We're also done if there's nothing left to read - nextToken = response?.NextToken; - if (nextToken === undefined) { - finished = true; - } - } - } catch (e: any) { - if (e.code === 'ValidationError' && e.message === `Stack [${this.props.stackName}] does not exist`) { - // Ignore - } else { - throw e; - } - } - - // Also poll all nested stacks we're currently tracking - for (const [logicalId, poller] of Object.entries(this.nestedStackPollers)) { - events.push(...await poller.poll()); - if (poller.complete) { - delete this.nestedStackPollers[logicalId]; - } - } - - // Return what we have so far - events.sort((a, b) => a.event.Timestamp.valueOf() - b.event.Timestamp.valueOf()); - this.events.push(...events); - return events; - } - - /** - * On the CREATE_IN_PROGRESS, UPDATE_IN_PROGRESS, DELETE_IN_PROGRESS event of a nested stack, poll the nested stack updates - */ - private trackNestedStack(event: aws.CloudFormation.StackEvent, parentStackLogicalIds: string[]) { - const logicalId = event.LogicalResourceId ?? ''; - if (!this.nestedStackPollers[logicalId]) { - this.nestedStackPollers[logicalId] = new StackEventPoller(this.cfn, { - stackName: event.PhysicalResourceId ?? '', - parentStackLogicalIds: parentStackLogicalIds, - startTime: event.Timestamp.valueOf(), - }); - } - } -} - -function isStackBeginOperationState(state: string | undefined) { - return [ - 'CREATE_IN_PROGRESS', - 'UPDATE_IN_PROGRESS', - 'DELETE_IN_PROGRESS', - 'UPDATE_ROLLBACK_IN_PROGRESS', - 'ROLLBACK_IN_PROGRESS', - ].includes(state ?? ''); -} - -function isStackTerminalState(state: string | undefined) { - return !(state ?? '').endsWith('_IN_PROGRESS'); -} \ No newline at end of file diff --git a/packages/aws-cdk/lib/api/util/cloudformation/stack-status.ts b/packages/aws-cdk/lib/api/util/cloudformation/stack-status.ts index 4dd113aaa30db..473858b4bac18 100644 --- a/packages/aws-cdk/lib/api/util/cloudformation/stack-status.ts +++ b/packages/aws-cdk/lib/api/util/cloudformation/stack-status.ts @@ -46,43 +46,7 @@ export class StackStatus { || this.name === 'UPDATE_ROLLBACK_COMPLETE'; } - /** - * Whether the stack is in a paused state due to `--no-rollback`. - * - * The possible actions here are retrying a new `--no-rollback` deployment, or initiating a rollback. - */ - get rollbackChoice(): RollbackChoice { - switch (this.name) { - case 'CREATE_FAILED': - case 'UPDATE_FAILED': - return RollbackChoice.START_ROLLBACK; - case 'UPDATE_ROLLBACK_FAILED': - return RollbackChoice.CONTINUE_UPDATE_ROLLBACK; - case 'ROLLBACK_FAILED': - // Unfortunately there is no option to continue a failed rollback without - // a stable target state. - return RollbackChoice.ROLLBACK_FAILED; - default: - return RollbackChoice.NONE; - } - } - public toString(): string { return this.name + (this.reason ? ` (${this.reason})` : ''); } } - -/** - * Describe the current rollback options for this state - */ -export enum RollbackChoice { - START_ROLLBACK, - CONTINUE_UPDATE_ROLLBACK, - /** - * A sign that stack creation AND its rollback have failed. - * - * There is no way to recover from this, other than recreating the stack. - */ - ROLLBACK_FAILED, - NONE, -} \ No newline at end of file diff --git a/packages/aws-cdk/lib/cdk-toolkit.ts b/packages/aws-cdk/lib/cdk-toolkit.ts index 068f16dc1e12c..b0af703770d3f 100644 --- a/packages/aws-cdk/lib/cdk-toolkit.ts +++ b/packages/aws-cdk/lib/cdk-toolkit.ts @@ -434,50 +434,6 @@ export class CdkToolkit { }); } - /** - * Roll back the given stack or stacks. - */ - public async rollback(options: RollbackOptions) { - const startSynthTime = new Date().getTime(); - const stackCollection = await this.selectStacksForDeploy(options.selector, true); - const elapsedSynthTime = new Date().getTime() - startSynthTime; - print('\n✨ Synthesis time: %ss\n', formatTime(elapsedSynthTime)); - - if (stackCollection.stackCount === 0) { - // eslint-disable-next-line no-console - console.error('No stacks selected'); - return; - } - - let anyRollbackable = false; - - for (const stack of stackCollection.stackArtifacts) { - print('Rolling back %s', chalk.bold(stack.displayName)); - const startRollbackTime = new Date().getTime(); - try { - const result = await this.props.deployments.rollbackStack({ - stack, - roleArn: options.roleArn, - toolkitStackName: options.toolkitStackName, - force: options.force, - validateBootstrapStackVersion: options.validateBootstrapStackVersion, - orphanLogicalIds: options.orphanLogicalIds, - }); - if (!result.notInRollbackableState) { - anyRollbackable = true; - } - const elapsedRollbackTime = new Date().getTime() - startRollbackTime; - print('\n✨ Rollback time: %ss\n', formatTime(elapsedRollbackTime)); - } catch (e: any) { - error('\n ❌ %s failed: %s', chalk.bold(stack.displayName), e.message); - throw new Error('Rollback failed (use --force to orphan failing resources)'); - } - } - if (!anyRollbackable) { - throw new Error('No stacks were in a state that could be rolled back'); - } - } - public async watch(options: WatchOptions) { const rootDir = path.dirname(path.resolve(PROJECT_CONFIG)); debug("root directory used for 'watch' is: %s", rootDir); @@ -1396,48 +1352,6 @@ export interface DeployOptions extends CfnDeployOptions, WatchOptions { readonly ignoreNoStacks?: boolean; } -export interface RollbackOptions { - /** - * Criteria for selecting stacks to deploy - */ - readonly selector: StackSelector; - - /** - * Name of the toolkit stack to use/deploy - * - * @default CDKToolkit - */ - readonly toolkitStackName?: string; - - /** - * Role to pass to CloudFormation for deployment - * - * @default - Default stack role - */ - readonly roleArn?: string; - - /** - * Whether to force the rollback or not - * - * @default false - */ - readonly force?: boolean; - - /** - * Logical IDs of resources to orphan - * - * @default - No orphaning - */ - readonly orphanLogicalIds?: string[]; - - /** - * Whether to validate the version of the bootstrap stack permissions - * - * @default true - */ - readonly validateBootstrapStackVersion?: boolean; -} - export interface ImportOptions extends CfnDeployOptions { /** * Build a physical resource mapping and write it to the given file, without performing the actual import operation diff --git a/packages/aws-cdk/lib/cli.ts b/packages/aws-cdk/lib/cli.ts index 9a91e6257db76..9d61a448c9a91 100644 --- a/packages/aws-cdk/lib/cli.ts +++ b/packages/aws-cdk/lib/cli.ts @@ -176,27 +176,6 @@ async function parseCommandLineArguments(args: string[]) { .option('asset-prebuild', { type: 'boolean', desc: 'Whether to build all assets before deploying the first stack (useful for failing Docker builds)', default: true }) .option('ignore-no-stacks', { type: 'boolean', desc: 'Whether to deploy if the app contains no stacks', default: false }), ) - .command('rollback [STACKS..]', 'Rolls back the stack(s) named STACKS to their last stable state', (yargs: Argv) => yargs - .option('all', { type: 'boolean', default: false, desc: 'Roll back all available stacks' }) - .option('toolkit-stack-name', { type: 'string', desc: 'The name of the CDK toolkit stack the environment is bootstrapped with', requiresArg: true }) - .option('force', { - alias: 'f', - type: 'boolean', - desc: 'Orphan all resources for which the rollback operation fails.', - }) - .option('validate-bootstrap-version', { - type: 'boolean', - desc: 'Whether to validate the bootstrap stack version. Defaults to \'true\', disable with --no-validate-bootstrap-version.', - }) - .option('orphan', { - // alias: 'o' conflicts with --output - type: 'array', - nargs: 1, - requiresArg: true, - desc: 'Orphan the given resources, identified by their logical ID (can be specified multiple times)', - default: [], - }), - ) .command('import [STACK]', 'Import existing resource(s) into the given STACK', (yargs: Argv) => yargs .option('execute', { type: 'boolean', desc: 'Whether to execute ChangeSet (--no-execute will NOT execute the ChangeSet)', default: true }) .option('change-set-name', { type: 'string', desc: 'Name of the CloudFormation change set to create' }) @@ -617,16 +596,6 @@ export async function exec(args: string[], synthesizer?: Synthesizer): Promise = jest.fn(); -let mockContinueUpdateRollback: MockedHandlerType = jest.fn(); -let mockDescribeStackEvents: MockedHandlerType = jest.fn(); beforeEach(() => { jest.resetAllMocks(); sdkProvider = new MockSdkProvider(); @@ -38,9 +35,6 @@ beforeEach(() => { StackResourceSummaries: stackResources, }; }, - rollbackStack: mockRollbackStack, - continueUpdateRollback: mockContinueUpdateRollback, - describeStackEvents: mockDescribeStackEvents, }); ToolkitInfo.lookup = mockToolkitInfoLookup = jest.fn().mockResolvedValue(ToolkitInfo.bootstrapStackNotFoundInfo('TestBootstrapStack')); @@ -337,76 +331,90 @@ test('readCurrentTemplateWithNestedStacks() can handle non-Resources in the temp }); test('readCurrentTemplateWithNestedStacks() with a 3-level nested + sibling structure works', async () => { - givenStacks({ - MultiLevelRoot: { - template: { - Resources: { - NestedStack: { - Type: 'AWS::CloudFormation::Stack', - Properties: { - TemplateURL: 'https://www.magic-url.com', - }, - Metadata: { - 'aws:asset:path': 'one-resource-two-stacks-stack.nested.template.json', - }, - }, - }, - }, - }, - NestedStack: { - template: { - Resources: { - SomeResource: { - Type: 'AWS::Something', - Properties: { - Property: 'old-value', + const cfnStack = new FakeCloudformationStack({ + stackName: 'MultiLevelRoot', + stackId: 'StackId', + }); + CloudFormationStack.lookup = (async (_, stackName: string) => { + switch (stackName) { + case 'MultiLevelRoot': + cfnStack.template = async () => ({ + Resources: { + NestedStack: { + Type: 'AWS::CloudFormation::Stack', + Properties: { + TemplateURL: 'https://www.magic-url.com', + }, + Metadata: { + 'aws:asset:path': 'one-resource-two-stacks-stack.nested.template.json', + }, }, }, - GrandChildStackA: { - Type: 'AWS::CloudFormation::Stack', - Properties: { - TemplateURL: 'https://www.magic-url.com', - }, - Metadata: { - 'aws:asset:path': 'one-resource-stack.nested.template.json', + }); + break; + + case 'NestedStack': + cfnStack.template = async () => ({ + Resources: { + SomeResource: { + Type: 'AWS::Something', + Properties: { + Property: 'old-value', + }, }, - }, - GrandChildStackB: { - Type: 'AWS::CloudFormation::Stack', - Properties: { - TemplateURL: 'https://www.magic-url.com', + GrandChildStackA: { + Type: 'AWS::CloudFormation::Stack', + Properties: { + TemplateURL: 'https://www.magic-url.com', + }, + Metadata: { + 'aws:asset:path': 'one-resource-stack.nested.template.json', + }, }, - Metadata: { - 'aws:asset:path': 'one-resource-stack.nested.template.json', + GrandChildStackB: { + Type: 'AWS::CloudFormation::Stack', + Properties: { + TemplateURL: 'https://www.magic-url.com', + }, + Metadata: { + 'aws:asset:path': 'one-resource-stack.nested.template.json', + }, }, }, - }, - }, - }, - GrandChildStackA: { - template: { - Resources: { - SomeResource: { - Type: 'AWS::Something', - Properties: { - Property: 'old-value', + }); + break; + + case 'GrandChildStackA': + cfnStack.template = async () => ({ + Resources: { + SomeResource: { + Type: 'AWS::Something', + Properties: { + Property: 'old-value', + }, }, }, - }, - }, - }, - GrandChildStackB: { - template: { - Resources: { - SomeResource: { - Type: 'AWS::Something', - Properties: { - Property: 'old-value', + }); + break; + + case 'GrandChildStackB': + cfnStack.template = async () => ({ + Resources: { + SomeResource: { + Type: 'AWS::Something', + Properties: { + Property: 'old-value', + }, }, }, - }, - }, - }, + }); + break; + + default: + throw new Error('unknown stack name ' + stackName + ' found in deployments.test.ts'); + } + + return cfnStack; }); const rootStack = testStack({ @@ -674,31 +682,36 @@ test('readCurrentTemplateWithNestedStacks() on an undeployed parent stack with a test('readCurrentTemplateWithNestedStacks() caches calls to listStackResources()', async () => { // GIVEN - givenStacks({ - '*': { - template: { - Resources: { - NestedStackA: { - Type: 'AWS::CloudFormation::Stack', - Properties: { - TemplateURL: 'https://www.magic-url.com', - }, - Metadata: { - 'aws:asset:path': 'one-resource-stack.nested.template.json', - }, + const cfnStack = new FakeCloudformationStack({ + stackName: 'CachingRoot', + stackId: 'StackId', + }); + CloudFormationStack.lookup = (async (_cfn, _stackName: string) => { + cfnStack.template = async () => ({ + Resources: + { + NestedStackA: { + Type: 'AWS::CloudFormation::Stack', + Properties: { + TemplateURL: 'https://www.magic-url.com', }, - NestedStackB: { - Type: 'AWS::CloudFormation::Stack', - Properties: { - TemplateURL: 'https://www.magic-url.com', - }, - Metadata: { - 'aws:asset:path': 'one-resource-stack.nested.template.json', - }, + Metadata: { + 'aws:asset:path': 'one-resource-stack.nested.template.json', + }, + }, + NestedStackB: { + Type: 'AWS::CloudFormation::Stack', + Properties: { + TemplateURL: 'https://www.magic-url.com', + }, + Metadata: { + 'aws:asset:path': 'one-resource-stack.nested.template.json', }, }, }, - }, + }); + + return cfnStack; }); const rootStack = testStack({ @@ -743,112 +756,15 @@ test('readCurrentTemplateWithNestedStacks() caches calls to listStackResources() expect(numberOfTimesListStackResourcesWasCalled).toEqual(1); }); -test('rollback stack assumes role if necessary', async() => { - const mockForEnvironment = jest.fn().mockImplementation(() => { return { sdk: sdkProvider.sdk }; }); - sdkProvider.forEnvironment = mockForEnvironment; - givenStacks({ - '*': { template: {} }, - }); - - await deployments.rollbackStack({ - stack: testStack({ - stackName: 'boop', - properties: { - assumeRoleArn: 'bloop:${AWS::Region}:${AWS::AccountId}', - }, - }), - validateBootstrapStackVersion: false, - }); - - expect(mockForEnvironment).toHaveBeenCalledWith(expect.anything(), expect.anything(), expect.objectContaining({ - assumeRoleArn: 'bloop:here:123456789012', - })); -}); - -test('rollback stack allows rolling back from UPDATE_FAILED', async() => { - // GIVEN - givenStacks({ - '*': { template: {}, stackStatus: 'UPDATE_FAILED' }, - }); - - // WHEN - await deployments.rollbackStack({ - stack: testStack({ stackName: 'boop' }), - validateBootstrapStackVersion: false, - }); - - // THEN - expect(mockRollbackStack).toHaveBeenCalled(); -}); - -test('rollback stack allows continue rollback from UPDATE_ROLLBACK_FAILED', async() => { - // GIVEN - givenStacks({ - '*': { template: {}, stackStatus: 'UPDATE_ROLLBACK_FAILED' }, - }); - - // WHEN - await deployments.rollbackStack({ - stack: testStack({ stackName: 'boop' }), - validateBootstrapStackVersion: false, - }); - - // THEN - expect(mockContinueUpdateRollback).toHaveBeenCalled(); -}); - -test('rollback stack fails in UPDATE_COMPLETE state', async() => { - // GIVEN - givenStacks({ - '*': { template: {}, stackStatus: 'UPDATE_COMPLETE' }, - }); - - // WHEN - const response = await deployments.rollbackStack({ - stack: testStack({ stackName: 'boop' }), - validateBootstrapStackVersion: false, - }); - - // THEN - expect(response.notInRollbackableState).toBe(true); -}); - -test('continue rollback stack with force ignores any failed resources', async() => { - // GIVEN - givenStacks({ - '*': { template: {}, stackStatus: 'UPDATE_ROLLBACK_FAILED' }, - }); - mockDescribeStackEvents.mockReturnValue({ - StackEvents: [ - { - EventId: 'asdf', - StackId: 'stack/MyStack', - StackName: 'MyStack', - Timestamp: new Date(), - LogicalResourceId: 'Xyz', - ResourceStatus: 'UPDATE_FAILED', - }, - ], - }); - - // WHEN - await deployments.rollbackStack({ - stack: testStack({ stackName: 'boop' }), - validateBootstrapStackVersion: false, - force: true, - }); - - // THEN - expect(mockContinueUpdateRollback).toHaveBeenCalledWith(expect.objectContaining({ - ResourcesToSkip: ['Xyz'], - })); -}); - test('readCurrentTemplateWithNestedStacks() succesfully ignores stacks without metadata', async () => { // GIVEN - givenStacks({ - 'MetadataRoot': { - template: { + const cfnStack = new FakeCloudformationStack({ + stackName: 'MetadataRoot', + stackId: 'StackId', + }); + CloudFormationStack.lookup = (async (_, stackName: string) => { + if (stackName === 'MetadataRoot') { + cfnStack.template = async () => ({ Resources: { WithMetadata: { Type: 'AWS::CloudFormation::Stack', @@ -860,10 +776,10 @@ test('readCurrentTemplateWithNestedStacks() succesfully ignores stacks without m }, }, }, - }, - }, - '*': { - template: { + }); + + } else { + cfnStack.template = async () => ({ Resources: { SomeResource: { Type: 'AWS::Something', @@ -872,8 +788,10 @@ test('readCurrentTemplateWithNestedStacks() succesfully ignores stacks without m }, }, }, - }, - }, + }); + } + + return cfnStack; }); const rootStack = testStack({ @@ -1000,23 +918,3 @@ function stackSummaryOf(logicalId: string, resourceType: string, physicalResourc LastUpdatedTimestamp: new Date(), }; } - -function givenStacks(stacks: Record) { - jest.spyOn(CloudFormationStack, 'lookup').mockImplementation(async (_, stackName) => { - let stack = stacks[stackName]; - if (!stack) { - stack = stacks['*']; - } - if (stack) { - const cfnStack = new FakeCloudformationStack({ - stackName, - stackId: `stack/${stackName}`, - stackStatus: stack.stackStatus, - }); - cfnStack.setTemplate(stack.template); - return cfnStack; - } else { - return new FakeCloudformationStack({ stackName }); - } - }); -} \ No newline at end of file diff --git a/packages/aws-cdk/test/api/fake-cloudformation-stack.ts b/packages/aws-cdk/test/api/fake-cloudformation-stack.ts index 918d6c4d5bb37..1668ea0b55d33 100644 --- a/packages/aws-cdk/test/api/fake-cloudformation-stack.ts +++ b/packages/aws-cdk/test/api/fake-cloudformation-stack.ts @@ -2,12 +2,10 @@ import { CloudFormation } from 'aws-sdk'; import { CloudFormationStack, Template } from '../../lib/api/util/cloudformation'; import { instanceMockFrom } from '../util'; -import { StackStatus } from '../../lib/api/util/cloudformation/stack-status'; export interface FakeCloudFormationStackProps { readonly stackName: string; - readonly stackId?: string; - readonly stackStatus?: string; + readonly stackId: string; } export class FakeCloudformationStack extends CloudFormationStack { @@ -31,23 +29,7 @@ export class FakeCloudformationStack extends CloudFormationStack { return Promise.resolve(this.__template); } - public get exists() { - return this.props.stackId !== undefined; - } - - public get stackStatus() { - const status = this.props.stackStatus ?? 'UPDATE_COMPLETE'; - return new StackStatus(status, 'The test said so'); - } - - public get stackId() { - if (!this.props.stackId) { - throw new Error('Cannot retrieve stackId from a non-existent stack'); - } + public get stackId(): string { return this.props.stackId; } - - public get outputs(): Record { - return {}; - } } diff --git a/packages/aws-cdk/test/api/stack-activity-monitor.test.ts b/packages/aws-cdk/test/api/stack-activity-monitor.test.ts index a07ec99e40b38..6c5eddc7dd75e 100644 --- a/packages/aws-cdk/test/api/stack-activity-monitor.test.ts +++ b/packages/aws-cdk/test/api/stack-activity-monitor.test.ts @@ -29,7 +29,6 @@ test('prints 0/4 progress report, when addActivity is called with an "IN_PROGRES EventId: '', StackName: 'stack-name', }, - parentStackLogicalIds: [], }); }); @@ -54,7 +53,6 @@ test('prints 1/4 progress report, when addActivity is called with an "UPDATE_COM EventId: '', StackName: 'stack-name', }, - parentStackLogicalIds: [], }); }); @@ -79,7 +77,6 @@ test('prints 1/4 progress report, when addActivity is called with an "UPDATE_COM EventId: '', StackName: 'stack-name', }, - parentStackLogicalIds: [], }); }); @@ -104,7 +101,6 @@ test('prints 1/4 progress report, when addActivity is called with an "ROLLBACK_C EventId: '', StackName: 'stack-name', }, - parentStackLogicalIds: [], }); }); @@ -129,7 +125,6 @@ test('prints 0/4 progress report, when addActivity is called with an "UPDATE_FAI EventId: '', StackName: 'stack-name', }, - parentStackLogicalIds: [], }); }); @@ -154,7 +149,6 @@ test('does not print "Failed Resources:" list, when all deployments are successf EventId: '', StackName: 'stack-name', }, - parentStackLogicalIds: [], }); historyActivityPrinter.addActivity({ event: { @@ -166,7 +160,6 @@ test('does not print "Failed Resources:" list, when all deployments are successf EventId: '', StackName: 'stack-name', }, - parentStackLogicalIds: [], }); historyActivityPrinter.addActivity({ event: { @@ -178,7 +171,6 @@ test('does not print "Failed Resources:" list, when all deployments are successf EventId: '', StackName: 'stack-name', }, - parentStackLogicalIds: [], }); historyActivityPrinter.stop(); }); @@ -207,7 +199,6 @@ test('prints "Failed Resources:" list, when at least one deployment fails', () = EventId: '', StackName: 'stack-name', }, - parentStackLogicalIds: [], }); historyActivityPrinter.addActivity({ event: { @@ -219,7 +210,6 @@ test('prints "Failed Resources:" list, when at least one deployment fails', () = EventId: '', StackName: 'stack-name', }, - parentStackLogicalIds: [], }); historyActivityPrinter.stop(); }); @@ -252,7 +242,6 @@ test('print failed resources because of hook failures', () => { HookType: 'hook1', HookStatusReason: 'stack1 must obey certain rules', }, - parentStackLogicalIds: [], }); historyActivityPrinter.addActivity({ event: { @@ -265,7 +254,6 @@ test('print failed resources because of hook failures', () => { StackName: 'stack-name', ResourceStatusReason: 'The following hook(s) failed: hook1', }, - parentStackLogicalIds: [], }); historyActivityPrinter.stop(); }); diff --git a/packages/aws-cdk/test/cdk-toolkit.test.ts b/packages/aws-cdk/test/cdk-toolkit.test.ts index 248f6d615dfe7..4d1fee89b2362 100644 --- a/packages/aws-cdk/test/cdk-toolkit.test.ts +++ b/packages/aws-cdk/test/cdk-toolkit.test.ts @@ -64,7 +64,7 @@ import { instanceMockFrom, MockCloudExecutable, TestStackArtifact } from './util import { MockSdkProvider } from './util/mock-sdk'; import { Bootstrapper } from '../lib/api/bootstrap'; import { DeployStackResult } from '../lib/api/deploy-stack'; -import { Deployments, DeployStackOptions, DestroyStackOptions, RollbackStackOptions, RollbackStackResult } from '../lib/api/deployments'; +import { Deployments, DeployStackOptions, DestroyStackOptions } from '../lib/api/deployments'; import { HotswapMode } from '../lib/api/hotswap/common'; import { Template } from '../lib/api/util/cloudformation'; import { CdkToolkit, Tag } from '../lib/cdk-toolkit'; @@ -1226,31 +1226,6 @@ describe('synth', () => { expect(mockData.mock.calls.length).toEqual(1); expect(mockData.mock.calls[0][0]).toBeDefined(); }); - - test('rollback uses deployment role', async () => { - cloudExecutable = new MockCloudExecutable({ - stacks: [ - MockStack.MOCK_STACK_C, - ], - }); - - const mockedRollback = jest.spyOn(Deployments.prototype, 'rollbackStack').mockResolvedValue({ - success: true, - }); - - const toolkit = new CdkToolkit({ - cloudExecutable, - configuration: cloudExecutable.configuration, - sdkProvider: cloudExecutable.sdkProvider, - deployments: new Deployments({ sdkProvider: new MockSdkProvider() }), - }); - - await toolkit.rollback({ - selector: { patterns: [] }, - }); - - expect(mockedRollback).toHaveBeenCalled(); - }); }); class MockStack { @@ -1427,12 +1402,6 @@ class FakeCloudFormation extends Deployments { }); } - public rollbackStack(_options: RollbackStackOptions): Promise { - return Promise.resolve({ - success: true, - }); - } - public destroyStack(options: DestroyStackOptions): Promise { expect(options.stack).toBeDefined(); return Promise.resolve(); diff --git a/packages/aws-cdk/test/util/mock-sdk.ts b/packages/aws-cdk/test/util/mock-sdk.ts index d280ef9f02942..0d943fadb3dea 100644 --- a/packages/aws-cdk/test/util/mock-sdk.ts +++ b/packages/aws-cdk/test/util/mock-sdk.ts @@ -269,21 +269,11 @@ type AwsCallInputOutput = // Determine the type of the mock handler from the type of the Input/Output type pair. // Don't need to worry about the 'never', TypeScript will propagate it upwards making it // impossible to specify the field that has 'never' anywhere in its type. -type HandlerType = +type MockHandlerType = AI extends [any, any] ? (input: AI[0]) => AI[1] : AI; // Any subset of the full type that synchronously returns the output structure is okay -export type SyncHandlerSubsetOf = {[K in keyof S]?: HandlerType>}; - -/** - * A jest Mock function we can pass into SdkProvider.stubXXX - * - * Use as follows: - * - * ```ts - * const mockDescribeStackEvents: MockedHandlerType = jest.fn(); - */ -export type MockedHandlerType = AwsCallInputOutput extends [infer IN, infer OUT] ? jest.Mock : never; +export type SyncHandlerSubsetOf = {[K in keyof S]?: MockHandlerType>}; /** * Fake AWS response. diff --git a/packages/aws-cdk/test/util/stack-monitor.test.ts b/packages/aws-cdk/test/util/stack-monitor.test.ts index e0d9bb673fbd7..e32098a03a9ee 100644 --- a/packages/aws-cdk/test/util/stack-monitor.test.ts +++ b/packages/aws-cdk/test/util/stack-monitor.test.ts @@ -123,21 +123,12 @@ describe('stack monitor, collecting errors from events', () => { expect(request.StackName).toStrictEqual('StackName'); return { StackEvents: [ - addErrorToStackEvent( - event(102), { - logicalResourceId: 'nestedStackLogicalResourceId', - physicalResourceId: 'nestedStackPhysicalResourceId', - resourceType: 'AWS::CloudFormation::Stack', - resourceStatusReason: 'nested stack failed', - resourceStatus: 'UPDATE_FAILED', - }, - ), addErrorToStackEvent( event(100), { logicalResourceId: 'nestedStackLogicalResourceId', physicalResourceId: 'nestedStackPhysicalResourceId', resourceType: 'AWS::CloudFormation::Stack', - resourceStatus: 'UPDATE_IN_PROGRESS', + resourceStatusReason: 'nested stack failed', }, ), ], @@ -262,28 +253,18 @@ async function testMonitorWithEventCalls( let describeStackEvents = (jest.fn() as jest.Mock); let finished = false; - let error: Error | undefined = undefined; for (const invocation of beforeStopInvocations) { const invocation_ = invocation; // Capture loop variable in local because of closure semantics const isLast = invocation === beforeStopInvocations[beforeStopInvocations.length - 1]; describeStackEvents = describeStackEvents.mockImplementationOnce(request => { - try { - const ret = invocation_(request); - if (isLast) { - finished = true; - } - return ret; - } catch (e: any) { + const ret = invocation_(request); + if (isLast) { finished = true; - error = e; - throw e; } + return ret; }); } - if (error) { - throw error; - } for (const invocation of afterStopInvocations) { describeStackEvents = describeStackEvents.mockImplementationOnce(invocation); } From 29bf2233a33d3ded20639279fa712a5b036fe041 Mon Sep 17 00:00:00 2001 From: Shikha Aggarwal Date: Fri, 4 Oct 2024 18:54:15 -0700 Subject: [PATCH 3/4] revert: feat(cli): cdk rollback (#31407) (#31657) ### Issue # (if applicable) Closes #[31654](https://github.com/aws/aws-cdk/issues/31654). ### Reason for this change This reverts commit 0755561b79d6be0744b0b21504fe54ffcf2b618a. ### Description of changes Changes introduced regression in amplify app for nested stacks, reverting it. ### Description of how you validated changes Validated with local build ### Checklist - [ ] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk-testing/cli-integ/README.md | 2 +- .../cli-integ/lib/with-cdk-app.ts | 19 +- .../cdk-apps/rollback-test-app/app.js | 100 ------ .../cdk-apps/rollback-test-app/cdk.json | 7 - .../cli-regression-patches/v2.161.0/NOTES.md | 1 + .../v2.161.0/skip-tests.txt | 5 + .../tests/cli-integ-tests/cli.integtest.ts | 81 +---- packages/aws-cdk/README.md | 63 ++-- .../lib/api/bootstrap/bootstrap-template.yaml | 4 +- packages/aws-cdk/lib/api/cxapp/exec.ts | 3 - packages/aws-cdk/lib/api/deployments.ts | 205 +---------- .../cloudformation/stack-activity-monitor.ts | 90 +++-- .../util/cloudformation/stack-event-poller.ts | 172 --------- .../api/util/cloudformation/stack-status.ts | 36 -- packages/aws-cdk/lib/cdk-toolkit.ts | 86 ----- packages/aws-cdk/lib/cli.ts | 31 -- .../api/cloudformation-deployments.test.ts | 334 ++++++------------ .../test/api/fake-cloudformation-stack.ts | 22 +- .../test/api/stack-activity-monitor.test.ts | 12 - packages/aws-cdk/test/cdk-toolkit.test.ts | 33 +- packages/aws-cdk/test/util/mock-sdk.ts | 14 +- .../aws-cdk/test/util/stack-monitor.test.ts | 27 +- 22 files changed, 225 insertions(+), 1122 deletions(-) delete mode 100644 packages/@aws-cdk-testing/cli-integ/resources/cdk-apps/rollback-test-app/app.js delete mode 100644 packages/@aws-cdk-testing/cli-integ/resources/cdk-apps/rollback-test-app/cdk.json create mode 100644 packages/@aws-cdk-testing/cli-integ/resources/cli-regression-patches/v2.161.0/NOTES.md create mode 100644 packages/@aws-cdk-testing/cli-integ/resources/cli-regression-patches/v2.161.0/skip-tests.txt delete mode 100644 packages/aws-cdk/lib/api/util/cloudformation/stack-event-poller.ts diff --git a/packages/@aws-cdk-testing/cli-integ/README.md b/packages/@aws-cdk-testing/cli-integ/README.md index d1dd485660151..2dc2e9c70d8cc 100644 --- a/packages/@aws-cdk-testing/cli-integ/README.md +++ b/packages/@aws-cdk-testing/cli-integ/README.md @@ -37,7 +37,7 @@ Test suites are written as a collection of Jest tests, and they are run using Je ### Setup -Building the @aws-cdk-testing package is not very different from building the rest of the CDK. However, If you are having issues with the tests, you can ensure your environment is built properly by following the steps below: +Building the @aws-cdk-testing package is not very different from building the rest of the CDK. However, If you are having issues with the tests, you can ensure your enviornment is built properly by following the steps below: ```shell yarn install # Install dependencies diff --git a/packages/@aws-cdk-testing/cli-integ/lib/with-cdk-app.ts b/packages/@aws-cdk-testing/cli-integ/lib/with-cdk-app.ts index c28f5eccb4d4b..b5778a0d1af0d 100644 --- a/packages/@aws-cdk-testing/cli-integ/lib/with-cdk-app.ts +++ b/packages/@aws-cdk-testing/cli-integ/lib/with-cdk-app.ts @@ -24,8 +24,7 @@ export const EXTENDED_TEST_TIMEOUT_S = 30 * 60; * For backwards compatibility with existing tests (so we don't have to change * too much) the inner block is expected to take a `TestFixture` object. */ -export function withSpecificCdkApp( - appName: string, +export function withCdkApp( block: (context: TestFixture) => Promise, ): (context: TestContext & AwsContext & DisableBootstrapContext) => Promise { return async (context: TestContext & AwsContext & DisableBootstrapContext) => { @@ -37,7 +36,7 @@ export function withSpecificCdkApp( context.output.write(` Test directory: ${integTestDir}\n`); context.output.write(` Region: ${context.aws.region}\n`); - await cloneDirectory(path.join(RESOURCES_DIR, 'cdk-apps', appName), integTestDir, context.output); + await cloneDirectory(path.join(RESOURCES_DIR, 'cdk-apps', 'app'), integTestDir, context.output); const fixture = new TestFixture( integTestDir, stackNamePrefix, @@ -88,16 +87,6 @@ export function withSpecificCdkApp( }; } -/** - * Like `withSpecificCdkApp`, but uses the default integration testing app with a million stacks in it - */ -export function withCdkApp( - block: (context: TestFixture) => Promise, -): (context: TestContext & AwsContext & DisableBootstrapContext) => Promise { - // 'app' is the name of the default integration app in the `cdk-apps` directory - return withSpecificCdkApp('app', block); -} - export function withCdkMigrateApp(language: string, block: (context: TestFixture) => Promise) { return async (context: A) => { const stackName = `cdk-migrate-${language}-integ-${context.randomString}`; @@ -199,10 +188,6 @@ export function withDefaultFixture(block: (context: TestFixture) => Promise Promise) { - return withAws(withTimeout(DEFAULT_TEST_TIMEOUT_S, withSpecificCdkApp(appName, block))); -} - export function withExtendedTimeoutFixture(block: (context: TestFixture) => Promise) { return withAws(withTimeout(EXTENDED_TEST_TIMEOUT_S, withCdkApp(block))); } diff --git a/packages/@aws-cdk-testing/cli-integ/resources/cdk-apps/rollback-test-app/app.js b/packages/@aws-cdk-testing/cli-integ/resources/cdk-apps/rollback-test-app/app.js deleted file mode 100644 index 419e30898c9bf..0000000000000 --- a/packages/@aws-cdk-testing/cli-integ/resources/cdk-apps/rollback-test-app/app.js +++ /dev/null @@ -1,100 +0,0 @@ -const cdk = require('aws-cdk-lib'); -const lambda = require('aws-cdk-lib/aws-lambda'); -const cr = require('aws-cdk-lib/custom-resources'); - -/** - * This stack will be deployed in multiple phases, to achieve a very specific effect - * - * It contains resources r1 and r2, where r1 gets deployed first. - * - * - PHASE = 1: both resources deploy regularly. - * - PHASE = 2a: r1 gets updated, r2 will fail to update - * - PHASE = 2b: r1 gets updated, r2 will fail to update, and r1 will fail its rollback. - * - * To exercise this app: - * - * ``` - * env PHASE=1 npx cdk deploy - * env PHASE=2b npx cdk deploy --no-rollback - * # This will leave the stack in UPDATE_FAILED - * - * env PHASE=2b npx cdk rollback - * # This will start a rollback that will fail because r1 fails its rollabck - * - * env PHASE=2b npx cdk rollback --force - * # This will retry the rollabck and skip r1 - * ``` - */ -class RollbacktestStack extends cdk.Stack { - constructor(scope, id, props) { - super(scope, id, props); - - let r1props = {}; - let r2props = {}; - - const phase = process.env.PHASE; - switch (phase) { - case '1': - // Normal deployment - break; - case '2a': - // r1 updates normally, r2 fails updating - r2props.FailUpdate = true; - break; - case '2b': - // r1 updates normally, r2 fails updating, r1 fails rollback - r1props.FailRollback = true; - r2props.FailUpdate = true; - break; - } - - const fn = new lambda.Function(this, 'Fun', { - runtime: lambda.Runtime.NODEJS_LATEST, - code: lambda.Code.fromInline(`exports.handler = async function(event, ctx) { - const key = \`Fail\${event.RequestType}\`; - if (event.ResourceProperties[key]) { - throw new Error(\`\${event.RequestType} fails!\`); - } - if (event.OldResourceProperties?.FailRollback) { - throw new Error('Failing rollback!'); - } - return {}; - }`), - handler: 'index.handler', - timeout: cdk.Duration.minutes(1), - }); - const provider = new cr.Provider(this, "MyProvider", { - onEventHandler: fn, - }); - - const r1 = new cdk.CustomResource(this, 'r1', { - serviceToken: provider.serviceToken, - properties: r1props, - }); - const r2 = new cdk.CustomResource(this, 'r2', { - serviceToken: provider.serviceToken, - properties: r2props, - }); - r2.node.addDependency(r1); - } -} - -const app = new cdk.App({ - context: { - '@aws-cdk/core:assetHashSalt': process.env.CODEBUILD_BUILD_ID, // Force all assets to be unique, but consistent in one build - }, -}); - -const defaultEnv = { - account: process.env.CDK_DEFAULT_ACCOUNT, - region: process.env.CDK_DEFAULT_REGION -}; - -const stackPrefix = process.env.STACK_NAME_PREFIX; -if (!stackPrefix) { - throw new Error(`the STACK_NAME_PREFIX environment variable is required`); -} - -// Sometimes we don't want to synthesize all stacks because it will impact the results -new RollbacktestStack(app, `${stackPrefix}-test-rollback`, { env: defaultEnv }); -app.synth(); \ No newline at end of file diff --git a/packages/@aws-cdk-testing/cli-integ/resources/cdk-apps/rollback-test-app/cdk.json b/packages/@aws-cdk-testing/cli-integ/resources/cdk-apps/rollback-test-app/cdk.json deleted file mode 100644 index 44809158dbdac..0000000000000 --- a/packages/@aws-cdk-testing/cli-integ/resources/cdk-apps/rollback-test-app/cdk.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "app": "node app.js", - "versionReporting": false, - "context": { - "aws-cdk:enableDiffNoFail": "true" - } -} diff --git a/packages/@aws-cdk-testing/cli-integ/resources/cli-regression-patches/v2.161.0/NOTES.md b/packages/@aws-cdk-testing/cli-integ/resources/cli-regression-patches/v2.161.0/NOTES.md new file mode 100644 index 0000000000000..8e21b44daec85 --- /dev/null +++ b/packages/@aws-cdk-testing/cli-integ/resources/cli-regression-patches/v2.161.0/NOTES.md @@ -0,0 +1 @@ +This patch brings the [fix](https://github.com/aws/aws-cdk/issues/31654) into the regression suite. \ No newline at end of file diff --git a/packages/@aws-cdk-testing/cli-integ/resources/cli-regression-patches/v2.161.0/skip-tests.txt b/packages/@aws-cdk-testing/cli-integ/resources/cli-regression-patches/v2.161.0/skip-tests.txt new file mode 100644 index 0000000000000..f681a64076c25 --- /dev/null +++ b/packages/@aws-cdk-testing/cli-integ/resources/cli-regression-patches/v2.161.0/skip-tests.txt @@ -0,0 +1,5 @@ +# Skipping the test to fix issue https://github.com/aws/aws-cdk/issues/31654. +# cli-integ tests failing for the old tests with the new cli changes for nested stacks. + +test cdk rollback +test cdk rollback --force \ No newline at end of file diff --git a/packages/@aws-cdk-testing/cli-integ/tests/cli-integ-tests/cli.integtest.ts b/packages/@aws-cdk-testing/cli-integ/tests/cli-integ-tests/cli.integtest.ts index 8efebdec07875..a38580d10714a 100644 --- a/packages/@aws-cdk-testing/cli-integ/tests/cli-integ-tests/cli.integtest.ts +++ b/packages/@aws-cdk-testing/cli-integ/tests/cli-integ-tests/cli.integtest.ts @@ -32,7 +32,6 @@ import { withCDKMigrateFixture, withExtendedTimeoutFixture, randomString, - withSpecificFixture, withoutBootstrap, } from '../../lib'; @@ -2285,85 +2284,7 @@ integTest( }), ); -integTest( - 'test cdk rollback', - withSpecificFixture('rollback-test-app', async (fixture) => { - let phase = '1'; - - // Should succeed - await fixture.cdkDeploy('test-rollback', { - options: ['--no-rollback'], - modEnv: { PHASE: phase }, - verbose: false, - }); - try { - phase = '2a'; - - // Should fail - const deployOutput = await fixture.cdkDeploy('test-rollback', { - options: ['--no-rollback'], - modEnv: { PHASE: phase }, - verbose: false, - allowErrExit: true, - }); - expect(deployOutput).toContain('UPDATE_FAILED'); - - // Rollback - await fixture.cdk(['rollback'], { - modEnv: { PHASE: phase }, - verbose: false, - }); - } finally { - await fixture.cdkDestroy('test-rollback'); - } - }), -); - -integTest( - 'test cdk rollback --force', - withSpecificFixture('rollback-test-app', async (fixture) => { - let phase = '1'; - - // Should succeed - await fixture.cdkDeploy('test-rollback', { - options: ['--no-rollback'], - modEnv: { PHASE: phase }, - verbose: false, - }); - try { - phase = '2b'; // Fail update and also fail rollback - - // Should fail - const deployOutput = await fixture.cdkDeploy('test-rollback', { - options: ['--no-rollback'], - modEnv: { PHASE: phase }, - verbose: false, - allowErrExit: true, - }); - - expect(deployOutput).toContain('UPDATE_FAILED'); - - // Should still fail - const rollbackOutput = await fixture.cdk(['rollback'], { - modEnv: { PHASE: phase }, - verbose: false, - allowErrExit: true, - }); - - expect(rollbackOutput).toContain('Failing rollback'); - - // Rollback and force cleanup - await fixture.cdk(['rollback', '--force'], { - modEnv: { PHASE: phase }, - verbose: false, - }); - } finally { - await fixture.cdkDestroy('test-rollback'); - } - }), -); - -integTest('cdk bootstrap notice is displayed correctly', withDefaultFixture(async (fixture) => { +integTest('cdk notices are displayed correctly', withDefaultFixture(async (fixture) => { const cache = { expiration: 4125963264000, // year 2100 so we never overwrite the cache diff --git a/packages/aws-cdk/README.md b/packages/aws-cdk/README.md index 227a040cd5fb2..ca79343503706 100644 --- a/packages/aws-cdk/README.md +++ b/packages/aws-cdk/README.md @@ -19,7 +19,6 @@ The AWS CDK Toolkit provides the `cdk` command-line interface that can be used t | [`cdk synth`](#cdk-synthesize) | Synthesize a CDK app to CloudFormation template(s) | | [`cdk diff`](#cdk-diff) | Diff stacks against current state | | [`cdk deploy`](#cdk-deploy) | Deploy a stack into an AWS account | -| [`cdk rollback`](#cdk-rollback) | Roll back a failed deployment | | [`cdk import`](#cdk-import) | Import existing AWS resources into a CDK stack | | [`cdk migrate`](#cdk-migrate) | Migrate AWS resources, CloudFormation stacks, and CloudFormation templates to CDK | | [`cdk watch`](#cdk-watch) | Watches a CDK app for deployable and hotswappable changes | @@ -205,10 +204,6 @@ $ cdk deploy --no-rollback $ cdk deploy -R ``` -If a deployment fails you can update your code and immediately retry the -deployment from the point of failure. If you would like to explicitly roll back a failed, paused deployment, -use `cdk rollback`. - NOTE: you cannot use `--no-rollback` for any updates that would cause a resource replacement, only for updates and creations of new resources. @@ -402,7 +397,7 @@ development, your prod app may not have any resources or the resources are comme out. In this scenario, you will receive an error message stating that the app has no stacks. -To bypass this error messages, you can pass the `--ignore-no-stacks` flag to the +To bypass this error messages, you can pass the `--ignore-no-stacks` flag to the `deploy` command: ```console @@ -473,24 +468,6 @@ and might have breaking changes in the future. > *: `Fn::GetAtt` is only partially supported. Refer to [this implementation](https://github.com/aws/aws-cdk/blob/main/packages/aws-cdk/lib/api/evaluate-cloudformation-template.ts#L477-L492) for supported resources and attributes. -### `cdk rollback` - -If a deployment performed using `cdk deploy --no-rollback` fails, your -deployment will be left in a failed, paused state. From this state you can -update your code and try the deployment again, or roll the deployment back to -the last stable state. - -To roll the deployment back, use `cdk rollback`. This will initiate a rollback -to the last stable state of your stack. - -Some resources may fail to roll back. If they do, you can try again by calling -`cdk rollback --orphan ` (can be specified multiple times). Or, run -`cdk rollback --force` to have the CDK CLI automatically orphan all failing -resources. - -(`cdk rollback` requires version 23 of the bootstrap stack, since it depends on -new permissions necessary to call the appropriate CloudFormation APIs) - ### `cdk watch` The `watch` command is similar to `deploy`, @@ -621,9 +598,9 @@ This feature currently has the following limitations: ### `cdk migrate` -⚠️**CAUTION**⚠️: CDK Migrate is currently experimental and may have breaking changes in the future. +⚠️**CAUTION**⚠️: CDK Migrate is currently experimental and may have breaking changes in the future. -CDK Migrate generates a CDK app from deployed AWS resources using `--from-scan`, deployed AWS CloudFormation stacks using `--from-stack`, and local AWS CloudFormation templates using `--from-path`. +CDK Migrate generates a CDK app from deployed AWS resources using `--from-scan`, deployed AWS CloudFormation stacks using `--from-stack`, and local AWS CloudFormation templates using `--from-path`. To learn more about the CDK Migrate feature, see [Migrate to AWS CDK](https://docs.aws.amazon.com/cdk/v2/guide/migrate.html). For more information on `cdk migrate` command options, see [cdk migrate command reference](https://docs.aws.amazon.com/cdk/v2/guide/ref-cli-cdk-migrate.html). @@ -655,7 +632,7 @@ Account and Region information are retrieved from default CDK CLI sources. Use ` $ cdk migrate --language typescript --from-scan --stack-name "myCloudFormationStack" ``` -Since CDK Migrate relies on the IaC generator service, any limitations of IaC generator will apply to CDK Migrate. For general limitations, see [Considerations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/generate-IaC.html#generate-template-considerations). +Since CDK Migrate relies on the IaC generator service, any limitations of IaC generator will apply to CDK Migrate. For general limitations, see [Considerations](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/generate-IaC.html#generate-template-considerations). IaC generator limitations with discovering resource and property values will also apply here. As a result, CDK Migrate will only migrate resources supported by IaC generator. Some of your resources may not be supported and some property values may not be accessible. For more information, see [Iac generator and write-only properties](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/generate-IaC-write-only-properties.html) and [Supported resource types](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/generate-IaC-supported-resources.html). @@ -672,8 +649,8 @@ $ # template.json is a valid cloudformation template in the local directory $ cdk migrate --stack-name MyAwesomeApplication --language typescript --from-path MyTemplate.json ``` -This command generates a new directory named `MyAwesomeApplication` within your current working directory, and -then initializes a new CDK application within that directory. The CDK app contains a `MyAwesomeApplication` stack with resources configured to match those in your local CloudFormation template. +This command generates a new directory named `MyAwesomeApplication` within your current working directory, and +then initializes a new CDK application within that directory. The CDK app contains a `MyAwesomeApplication` stack with resources configured to match those in your local CloudFormation template. This results in a CDK application with the following structure, where the lib directory contains a stack definition with the same resource configuration as the provided template.json. @@ -703,13 +680,13 @@ This will generate a Python CDK app which will synthesize the same configuration ##### Generate a TypeScript CDK app from deployed AWS resources that are not associated with a stack -If you have resources in your account that were provisioned outside AWS IaC tools and would like to manage them with the CDK, you can use the `--from-scan` option to generate the application. +If you have resources in your account that were provisioned outside AWS IaC tools and would like to manage them with the CDK, you can use the `--from-scan` option to generate the application. In this example, we use the `--filter` option to specify which resources to migrate. You can filter resources to limit the number of resources migrated to only those specified by the `--filter` option, including any resources they depend on, or resources that depend on them (for example A filter which specifies a single Lambda Function, will find that specific table and any alarms that may monitor it). The `--filter` argument offers both AND as well as OR filtering. OR filtering can be specified by passing multiple `--filter` options, and AND filtering can be specified by passing a single `--filter` option with multiple comma separated key/value pairs as seen below (see below for examples). It is recommended to use the `--filter` option to limit the number of resources returned as some resource types provide sample resources by default in all accounts which can add to the resource limits. -`--from-scan` takes 3 potential arguments: `--new`, `most-recent`, and undefined. If `--new` is passed, CDK Migrate will initiate a new scan of the account and use that new scan to discover resources. If `--most-recent` is passed, CDK Migrate will use the most recent scan of the account to discover resources. If neither `--new` nor `--most-recent` are passed, CDK Migrate will take the most recent scan of the account to discover resources, unless there is no recent scan, in which case it will initiate a new scan. +`--from-scan` takes 3 potential arguments: `--new`, `most-recent`, and undefined. If `--new` is passed, CDK Migrate will initiate a new scan of the account and use that new scan to discover resources. If `--most-recent` is passed, CDK Migrate will use the most recent scan of the account to discover resources. If neither `--new` nor `--most-recent` are passed, CDK Migrate will take the most recent scan of the account to discover resources, unless there is no recent scan, in which case it will initiate a new scan. ```console # Filtering options @@ -742,14 +719,14 @@ $ cdk migrate --stack-name MyAwesomeApplication --language typescript --from-sca - CDK Migrate will only generate L1 constructs and does not currently support any higher level abstractions. - CDK Migrate successfully generating an application does *not* guarantee the application is immediately deployable. -It simply generates a CDK application which will synthesize a template that has identical resource configurations -to the provided template. +It simply generates a CDK application which will synthesize a template that has identical resource configurations +to the provided template. - - CDK Migrate does not interact with the CloudFormation service to verify the template -provided can deploy on its own. Although by default any CDK app generated using the `--from-scan` option exclude -CloudFormation managed resources, CDK Migrate will not verify prior to deployment that any resources scanned, or in the provided + - CDK Migrate does not interact with the CloudFormation service to verify the template +provided can deploy on its own. Although by default any CDK app generated using the `--from-scan` option exclude +CloudFormation managed resources, CDK Migrate will not verify prior to deployment that any resources scanned, or in the provided template are already managed in other CloudFormation templates, nor will it verify that the resources in the provided -template are available in the desired regions, which may impact ADC or Opt-In regions. +template are available in the desired regions, which may impact ADC or Opt-In regions. - If the provided template has parameters without default values, those will need to be provided before deploying the generated application. @@ -766,13 +743,13 @@ In practice this is how CDK Migrate generated applications will operate in the f ##### **The provided template is already deployed to CloudFormation in the account/region** -If the provided template came directly from a deployed CloudFormation stack, and that stack has not experienced any drift, +If the provided template came directly from a deployed CloudFormation stack, and that stack has not experienced any drift, then the generated application will be immediately deployable, and will not cause any changes to the deployed resources. Drift might occur if a resource in your template was modified outside of CloudFormation, namely via the AWS Console or AWS CLI. ##### **The provided template is not deployed to CloudFormation in the account/region, and there *is not* overlap with existing resources in the account/region** -If the provided template represents a set of resources that have no overlap with resources already deployed in the account/region, +If the provided template represents a set of resources that have no overlap with resources already deployed in the account/region, then the generated application will be immediately deployable. This could be because the stack has never been deployed, or the application was generated from a stack deployed in another account/region. @@ -789,16 +766,16 @@ In practice this means for any resource in the provided template, for example, } ``` -There must not exist a resource of that type with the same identifier in the desired region. In this example that identfier +There must not exist a resource of that type with the same identifier in the desired region. In this example that identfier would be "MyBucket" ##### **The provided template is not deployed to CloudFormation in the account/region, and there *is* overlap with existing resources in the account/region** -If the provided template represents a set of resources that overlap with resources already deployed in the account/region, -then the generated application will not be immediately deployable. If those overlapped resources are already managed by +If the provided template represents a set of resources that overlap with resources already deployed in the account/region, +then the generated application will not be immediately deployable. If those overlapped resources are already managed by another CloudFormation stack in that account/region, then those resources will need to be manually removed from the provided template. Otherwise, if the overlapped resources are not managed by another CloudFormation stack, then first remove those -resources from your CDK Application Stack, deploy the cdk application successfully, then re-add them and run `cdk import` +resources from your CDK Application Stack, deploy the cdk application successfully, then re-add them and run `cdk import` to import them into your deployed stack. ### `cdk destroy` diff --git a/packages/aws-cdk/lib/api/bootstrap/bootstrap-template.yaml b/packages/aws-cdk/lib/api/bootstrap/bootstrap-template.yaml index ad71c39535426..8ed4bb8595446 100644 --- a/packages/aws-cdk/lib/api/bootstrap/bootstrap-template.yaml +++ b/packages/aws-cdk/lib/api/bootstrap/bootstrap-template.yaml @@ -485,8 +485,6 @@ Resources: - cloudformation:ExecuteChangeSet - cloudformation:CreateStack - cloudformation:UpdateStack - - cloudformation:RollbackStack - - cloudformation:ContinueUpdateRollback Resource: "*" - Sid: PipelineCrossAccountArtifactsBucket # Read/write buckets in different accounts. Permissions to buckets in @@ -653,7 +651,7 @@ Resources: Type: String Name: Fn::Sub: '/cdk-bootstrap/${Qualifier}/version' - Value: '23' + Value: '22' Outputs: BucketName: Description: The name of the S3 bucket owned by the CDK toolkit stack diff --git a/packages/aws-cdk/lib/api/cxapp/exec.ts b/packages/aws-cdk/lib/api/cxapp/exec.ts index 6b62d7ae2527f..31f2fca029dd9 100644 --- a/packages/aws-cdk/lib/api/cxapp/exec.ts +++ b/packages/aws-cdk/lib/api/cxapp/exec.ts @@ -49,9 +49,6 @@ export async function execProgram(aws: SdkProvider, config: Configuration): Prom if (!outdir) { throw new Error('unexpected: --output is required'); } - if (typeof outdir !== 'string') { - throw new Error(`--output takes a string, got ${JSON.stringify(outdir)}`); - } try { await fs.mkdirp(outdir); } catch (error: any) { diff --git a/packages/aws-cdk/lib/api/deployments.ts b/packages/aws-cdk/lib/api/deployments.ts index d5b6f8a63e987..285dba5d29114 100644 --- a/packages/aws-cdk/lib/api/deployments.ts +++ b/packages/aws-cdk/lib/api/deployments.ts @@ -1,4 +1,3 @@ -import { randomUUID } from 'crypto'; import * as cxapi from '@aws-cdk/cx-api'; import * as cdk_assets from 'cdk-assets'; import { AssetManifest, IManifestEntry } from 'cdk-assets'; @@ -12,17 +11,13 @@ import { deployStack, DeployStackResult, destroyStack, DeploymentMethod } from ' import { EnvironmentResources, EnvironmentResourcesRegistry } from './environment-resources'; import { HotswapMode } from './hotswap/common'; import { loadCurrentTemplateWithNestedStacks, loadCurrentTemplate, RootTemplateWithNestedStacks } from './nested-stack-helpers'; -import { CloudFormationStack, Template, ResourcesToImport, ResourceIdentifierSummaries, stabilizeStack } from './util/cloudformation'; -import { StackActivityMonitor, StackActivityProgress } from './util/cloudformation/stack-activity-monitor'; -import { StackEventPoller } from './util/cloudformation/stack-event-poller'; -import { RollbackChoice } from './util/cloudformation/stack-status'; +import { CloudFormationStack, Template, ResourcesToImport, ResourceIdentifierSummaries } from './util/cloudformation'; +import { StackActivityProgress } from './util/cloudformation/stack-activity-monitor'; import { replaceEnvPlaceholders } from './util/placeholders'; import { makeBodyParameter } from './util/template-body-parameter'; import { AssetManifestBuilder } from '../util/asset-manifest-builder'; import { buildAssets, publishAssets, BuildAssetsOptions, PublishAssetsOptions, PublishingAws, EVENT_TO_LOGGER } from '../util/asset-publishing'; -const BOOTSTRAP_STACK_VERSION_FOR_ROLLBACK = 23; - /** * SDK obtained by assuming the lookup role * for a given environment @@ -215,77 +210,6 @@ export interface DeployStackOptions { ignoreNoStacks?: boolean; } -export interface RollbackStackOptions { - /** - * Stack to roll back - */ - readonly stack: cxapi.CloudFormationStackArtifact; - - /** - * Execution role for the deployment (pass through to CloudFormation) - * - * @default - Current role - */ - readonly roleArn?: string; - - /** - * Don't show stack deployment events, just wait - * - * @default false - */ - readonly quiet?: boolean; - - /** - * Whether we are on a CI system - * - * @default false - */ - readonly ci?: boolean; - - /** - * Name of the toolkit stack, if not the default name - * - * @default 'CDKToolkit' - */ - readonly toolkitStackName?: string; - - /** - * Whether to force a rollback or not - * - * Forcing a rollback will orphan all undeletable resources. - * - * @default false - */ - readonly force?: boolean; - - /** - * Orphan the resources with the given logical IDs - * - * @default - No orphaning - */ - readonly orphanLogicalIds?: string[]; - - /** - * Display mode for stack deployment progress. - * - * @default - StackActivityProgress.Bar - stack events will be displayed for - * the resource currently being deployed. - */ - readonly progress?: StackActivityProgress; - - /** - * Whether to validate the version of the bootstrap stack permissions - * - * @default true - */ - readonly validateBootstrapStackVersion?: boolean; -} - -export interface RollbackStackResult { - readonly notInRollbackableState?: boolean; - readonly success?: boolean; -} - interface AssetOptions { /** * Stack with assets to build. @@ -495,125 +419,6 @@ export class Deployments { }); } - public async rollbackStack(options: RollbackStackOptions): Promise { - let resourcesToSkip: string[] = options.orphanLogicalIds ?? []; - if (options.force && resourcesToSkip.length > 0) { - throw new Error('Cannot combine --force with --orphan'); - } - - const { - stackSdk, - resolvedEnvironment: _, - cloudFormationRoleArn, - envResources, - } = await this.prepareSdkFor(options.stack, options.roleArn, Mode.ForWriting); - - if (options.validateBootstrapStackVersion ?? true) { - // Do a verification of the bootstrap stack version - await this.validateBootstrapStackVersion( - options.stack.stackName, - BOOTSTRAP_STACK_VERSION_FOR_ROLLBACK, - options.stack.bootstrapStackVersionSsmParameter, - envResources); - } - - const cfn = stackSdk.cloudFormation(); - const deployName = options.stack.stackName; - - // We loop in case of `--force` and the stack ends up in `CONTINUE_UPDATE_ROLLBACK`. - let maxLoops = 10; - while (maxLoops--) { - let cloudFormationStack = await CloudFormationStack.lookup(cfn, deployName); - - switch (cloudFormationStack.stackStatus.rollbackChoice) { - case RollbackChoice.NONE: - warning(`Stack ${deployName} does not need a rollback: ${cloudFormationStack.stackStatus}`); - return { notInRollbackableState: true }; - - case RollbackChoice.START_ROLLBACK: - debug(`Initiating rollback of stack ${deployName}`); - await cfn.rollbackStack({ - StackName: deployName, - RoleARN: cloudFormationRoleArn, - ClientRequestToken: randomUUID(), - // Enabling this is just the better overall default, the only reason it isn't the upstream default is backwards compatibility - RetainExceptOnCreate: true, - }).promise(); - break; - - case RollbackChoice.CONTINUE_UPDATE_ROLLBACK: - if (options.force) { - // Find the failed resources from the deployment and automatically skip them - // (Using deployment log because we definitely have `DescribeStackEvents` permissions, and we might not have - // `DescribeStackResources` permissions). - const poller = new StackEventPoller(cfn, { - stackName: deployName, - stackStatuses: ['ROLLBACK_IN_PROGRESS', 'UPDATE_ROLLBACK_IN_PROGRESS'], - }); - await poller.poll(); - resourcesToSkip = poller.resourceErrors - .filter(r => !r.isStackEvent && r.parentStackLogicalIds.length === 0) - .map(r => r.event.LogicalResourceId ?? ''); - } - - const skipDescription = resourcesToSkip.length > 0 - ? ` (orphaning: ${resourcesToSkip.join(', ')})` - : ''; - warning(`Continuing rollback of stack ${deployName}${skipDescription}`); - await cfn.continueUpdateRollback({ - StackName: deployName, - ClientRequestToken: randomUUID(), - RoleARN: cloudFormationRoleArn, - ResourcesToSkip: resourcesToSkip, - }).promise(); - break; - - case RollbackChoice.ROLLBACK_FAILED: - warning(`Stack ${deployName} failed creation and rollback. This state cannot be rolled back. You can recreate this stack by running 'cdk deploy'.`); - return { notInRollbackableState: true }; - - default: - throw new Error(`Unexpected rollback choice: ${cloudFormationStack.stackStatus.rollbackChoice}`); - } - - const monitor = options.quiet ? undefined : StackActivityMonitor.withDefaultPrinter(cfn, deployName, options.stack, { - ci: options.ci, - }).start(); - - let stackErrorMessage: string | undefined = undefined; - let finalStackState = cloudFormationStack; - try { - const successStack = await stabilizeStack(cfn, deployName); - - // This shouldn't really happen, but catch it anyway. You never know. - if (!successStack) { throw new Error('Stack deploy failed (the stack disappeared while we were rolling it back)'); } - finalStackState = successStack; - - const errors = monitor?.errors?.join(', '); - if (errors) { - stackErrorMessage = errors; - } - } catch (e: any) { - stackErrorMessage = suffixWithErrors(e.message, monitor?.errors); - } finally { - await monitor?.stop(); - } - - if (finalStackState.stackStatus.isRollbackSuccess || !stackErrorMessage) { - return { success: true }; - } - - // Either we need to ignore some resources to continue the rollback, or something went wrong - if (finalStackState.stackStatus.rollbackChoice === RollbackChoice.CONTINUE_UPDATE_ROLLBACK && options.force) { - // Do another loop-de-loop - continue; - } - - throw new Error(`${stackErrorMessage} (fix problem and retry, or orphan these resources using --orphan or --force)`);; - } - throw new Error('Rollback did not finish after a large number of iterations; stopping because it looks like we\'re not making progress anymore. You can retry if rollback was progressing as expected.'); - } - public async destroyStack(options: DestroyStackOptions): Promise { const { stackSdk, cloudFormationRoleArn: roleArn } = await this.prepareSdkFor(options.stack, options.roleArn, Mode.ForWriting); @@ -925,9 +730,3 @@ class ParallelSafeAssetProgress implements cdk_assets.IPublishProgressListener { */ export class CloudFormationDeployments extends Deployments { } - -function suffixWithErrors(msg: string, errors?: string[]) { - return errors && errors.length > 0 - ? `${msg}: ${errors.join(', ')}` - : msg; -} \ No newline at end of file diff --git a/packages/aws-cdk/lib/api/util/cloudformation/stack-activity-monitor.ts b/packages/aws-cdk/lib/api/util/cloudformation/stack-activity-monitor.ts index 6db3b7f67941c..1b2422a219168 100644 --- a/packages/aws-cdk/lib/api/util/cloudformation/stack-activity-monitor.ts +++ b/packages/aws-cdk/lib/api/util/cloudformation/stack-activity-monitor.ts @@ -3,11 +3,11 @@ import * as cxschema from '@aws-cdk/cloud-assembly-schema'; import * as cxapi from '@aws-cdk/cx-api'; import * as aws from 'aws-sdk'; import * as chalk from 'chalk'; -import { ResourceEvent, StackEventPoller } from './stack-event-poller'; import { error, logLevel, LogLevel, setLogLevel } from '../../../logging'; import { RewritableBlock } from '../display'; -export interface StackActivity extends ResourceEvent { +export interface StackActivity { + readonly event: aws.CloudFormation.StackEvent; readonly metadata?: ResourceMetadata; } @@ -116,13 +116,17 @@ export class StackActivityMonitor { } /** - * The poller used to read stack events + * Resource errors found while monitoring the deployment */ - public readonly poller: StackEventPoller; - - public readonly errors: string[] = []; + public readonly errors = new Array(); private active = false; + private activity: { [eventId: string]: StackActivity } = { }; + + /** + * Determines which events not to display + */ + private readonly startTime: number; /** * Current tick timer @@ -135,16 +139,13 @@ export class StackActivityMonitor { private readPromise?: Promise; constructor( - cfn: aws.CloudFormation, + private readonly cfn: aws.CloudFormation, private readonly stackName: string, private readonly printer: IActivityPrinter, private readonly stack?: cxapi.CloudFormationStackArtifact, changeSetCreationTime?: Date, ) { - this.poller = new StackEventPoller(cfn, { - stackName, - startTime: changeSetCreationTime?.getTime() ?? Date.now(), - }); + this.startTime = changeSetCreationTime?.getTime() ?? Date.now(); } public start() { @@ -220,17 +221,61 @@ export class StackActivityMonitor { * see a next page and the last event in the page is new to us (and within the time window). * haven't seen the final event */ - private async readNewEvents(): Promise { - const pollEvents = await this.poller.poll(); + private async readNewEvents(stackName?: string): Promise { + const stackToPollForEvents = stackName ?? this.stackName; + const events: StackActivity[] = []; + const CFN_SUCCESS_STATUS = ['UPDATE_COMPLETE', 'CREATE_COMPLETE', 'DELETE_COMPLETE', 'DELETE_SKIPPED']; + try { + let nextToken: string | undefined; + let finished = false; + while (!finished) { + const response = await this.cfn.describeStackEvents({ StackName: stackToPollForEvents, NextToken: nextToken }).promise(); + const eventPage = response?.StackEvents ?? []; + + for (const event of eventPage) { + // Event from before we were interested in 'em + if (event.Timestamp.valueOf() < this.startTime) { + finished = true; + break; + } + + // Already seen this one + if (event.EventId in this.activity) { + finished = true; + break; + } + + // Fresh event + events.push(this.activity[event.EventId] = { + event: event, + metadata: this.findMetadataFor(event.LogicalResourceId), + }); + + if (event.ResourceType === 'AWS::CloudFormation::Stack' && !CFN_SUCCESS_STATUS.includes(event.ResourceStatus ?? '')) { + // If the event is not for `this` stack and has a physical resource Id, recursively call for events in the nested stack + if (event.PhysicalResourceId && event.PhysicalResourceId !== stackToPollForEvents) { + await this.readNewEvents(event.PhysicalResourceId); + } + } + } - const activities: StackActivity[] = pollEvents.map(event => ({ - ...event, - metadata: this.findMetadataFor(event.event.LogicalResourceId), - })); + // We're also done if there's nothing left to read + nextToken = response?.NextToken; + if (nextToken === undefined) { + finished = true; + } + } + } catch (e: any) { + if (e.code === 'ValidationError' && e.message === `Stack [${stackToPollForEvents}] does not exist`) { + return; + } + throw e; + } - for (const activity of activities) { - this.checkForErrors(activity); - this.printer.addActivity(activity ); + events.reverse(); + for (const event of events) { + this.checkForErrors(event); + this.printer.addActivity(event); } } @@ -253,7 +298,6 @@ export class StackActivityMonitor { } private checkForErrors(activity: StackActivity) { - if (hasErrorMessage(activity.event.ResourceStatus ?? '')) { const isCancelled = (activity.event.ResourceStatusReason ?? '').indexOf('cancelled') > -1; @@ -506,7 +550,7 @@ export class HistoryActivityPrinter extends ActivityPrinterBase { this.stream.write('\nFailed resources:\n'); for (const failure of this.failures) { // Root stack failures are not interesting - if (failure.isStackEvent) { + if (failure.event.StackName === failure.event.LogicalResourceId) { continue; } @@ -663,7 +707,7 @@ export class CurrentActivityPrinter extends ActivityPrinterBase { const lines = new Array(); for (const failure of this.failures) { // Root stack failures are not interesting - if (failure.isStackEvent) { + if (failure.event.StackName === failure.event.LogicalResourceId) { continue; } diff --git a/packages/aws-cdk/lib/api/util/cloudformation/stack-event-poller.ts b/packages/aws-cdk/lib/api/util/cloudformation/stack-event-poller.ts deleted file mode 100644 index 8bc218a568ac3..0000000000000 --- a/packages/aws-cdk/lib/api/util/cloudformation/stack-event-poller.ts +++ /dev/null @@ -1,172 +0,0 @@ -import * as aws from 'aws-sdk'; - -export interface StackEventPollerProps { - /** - * The stack to poll - */ - readonly stackName: string; - - /** - * IDs of parent stacks of this resource, in case of resources in nested stacks - */ - readonly parentStackLogicalIds?: string[]; - - /** - * Timestamp for the oldest event we're interested in - * - * @default - Read all events - */ - readonly startTime?: number; - - /** - * Stop reading when we see the stack entering this status - * - * Should be something like `CREATE_IN_PROGRESS`, `UPDATE_IN_PROGRESS`, - * `DELETE_IN_PROGRESS, `ROLLBACK_IN_PROGRESS`. - * - * @default - Read all events - */ - readonly stackStatuses?: string[]; -} - -export interface ResourceEvent { - readonly event: aws.CloudFormation.StackEvent; - readonly parentStackLogicalIds: string[]; - - /** - * Whether this event regards the root stack - * - * @default false - */ - readonly isStackEvent?: boolean; -} - -export class StackEventPoller { - public readonly events: ResourceEvent[] = []; - public complete: boolean = false; - - private readonly eventIds = new Set(); - private readonly nestedStackPollers: Record = {}; - - constructor(private readonly cfn: aws.CloudFormation, private readonly props: StackEventPollerProps) { - } - - /** - * From all accumulated events, return only the errors - */ - public get resourceErrors(): ResourceEvent[] { - return this.events.filter(e => e.event.ResourceStatus?.endsWith('_FAILED') && !e.isStackEvent); - } - - /** - * Poll for new stack events - * - * Will not return events older than events indicated by the constructor filters. - * - * Recurses into nested stacks, and returns events old-to-new. - */ - public async poll(): Promise { - const events: ResourceEvent[] = []; - try { - let nextToken: string | undefined; - let finished = false; - while (!finished) { - const response = await this.cfn.describeStackEvents({ StackName: this.props.stackName, NextToken: nextToken }).promise(); - const eventPage = response?.StackEvents ?? []; - - for (const event of eventPage) { - // Event from before we were interested in 'em - if (this.props.startTime !== undefined && event.Timestamp.valueOf() < this.props.startTime) { - finished = true; - break; - } - - // Already seen this one - if (this.eventIds.has(event.EventId)) { - finished = true; - break; - } - this.eventIds.add(event.EventId); - - // The events for the stack itself are also included next to events about resources; we can test for them in this way. - const isParentStackEvent = event.PhysicalResourceId === event.StackId; - - if (isParentStackEvent && this.props.stackStatuses?.includes(event.ResourceStatus ?? '')) { - finished = true; - break; - } - - // Fresh event - const resEvent: ResourceEvent = { - event: event, - parentStackLogicalIds: this.props.parentStackLogicalIds ?? [], - isStackEvent: isParentStackEvent, - }; - events.push(resEvent); - - if (!isParentStackEvent && event.ResourceType === 'AWS::CloudFormation::Stack' && isStackBeginOperationState(event.ResourceStatus)) { - // If the event is not for `this` stack and has a physical resource Id, recursively call for events in the nested stack - this.trackNestedStack(event, [...this.props.parentStackLogicalIds ?? [], event.LogicalResourceId ?? '']); - } - - if (isParentStackEvent && isStackTerminalState(event.ResourceStatus)) { - this.complete = true; - } - } - - // We're also done if there's nothing left to read - nextToken = response?.NextToken; - if (nextToken === undefined) { - finished = true; - } - } - } catch (e: any) { - if (e.code === 'ValidationError' && e.message === `Stack [${this.props.stackName}] does not exist`) { - // Ignore - } else { - throw e; - } - } - - // Also poll all nested stacks we're currently tracking - for (const [logicalId, poller] of Object.entries(this.nestedStackPollers)) { - events.push(...await poller.poll()); - if (poller.complete) { - delete this.nestedStackPollers[logicalId]; - } - } - - // Return what we have so far - events.sort((a, b) => a.event.Timestamp.valueOf() - b.event.Timestamp.valueOf()); - this.events.push(...events); - return events; - } - - /** - * On the CREATE_IN_PROGRESS, UPDATE_IN_PROGRESS, DELETE_IN_PROGRESS event of a nested stack, poll the nested stack updates - */ - private trackNestedStack(event: aws.CloudFormation.StackEvent, parentStackLogicalIds: string[]) { - const logicalId = event.LogicalResourceId ?? ''; - if (!this.nestedStackPollers[logicalId]) { - this.nestedStackPollers[logicalId] = new StackEventPoller(this.cfn, { - stackName: event.PhysicalResourceId ?? '', - parentStackLogicalIds: parentStackLogicalIds, - startTime: event.Timestamp.valueOf(), - }); - } - } -} - -function isStackBeginOperationState(state: string | undefined) { - return [ - 'CREATE_IN_PROGRESS', - 'UPDATE_IN_PROGRESS', - 'DELETE_IN_PROGRESS', - 'UPDATE_ROLLBACK_IN_PROGRESS', - 'ROLLBACK_IN_PROGRESS', - ].includes(state ?? ''); -} - -function isStackTerminalState(state: string | undefined) { - return !(state ?? '').endsWith('_IN_PROGRESS'); -} \ No newline at end of file diff --git a/packages/aws-cdk/lib/api/util/cloudformation/stack-status.ts b/packages/aws-cdk/lib/api/util/cloudformation/stack-status.ts index 4dd113aaa30db..473858b4bac18 100644 --- a/packages/aws-cdk/lib/api/util/cloudformation/stack-status.ts +++ b/packages/aws-cdk/lib/api/util/cloudformation/stack-status.ts @@ -46,43 +46,7 @@ export class StackStatus { || this.name === 'UPDATE_ROLLBACK_COMPLETE'; } - /** - * Whether the stack is in a paused state due to `--no-rollback`. - * - * The possible actions here are retrying a new `--no-rollback` deployment, or initiating a rollback. - */ - get rollbackChoice(): RollbackChoice { - switch (this.name) { - case 'CREATE_FAILED': - case 'UPDATE_FAILED': - return RollbackChoice.START_ROLLBACK; - case 'UPDATE_ROLLBACK_FAILED': - return RollbackChoice.CONTINUE_UPDATE_ROLLBACK; - case 'ROLLBACK_FAILED': - // Unfortunately there is no option to continue a failed rollback without - // a stable target state. - return RollbackChoice.ROLLBACK_FAILED; - default: - return RollbackChoice.NONE; - } - } - public toString(): string { return this.name + (this.reason ? ` (${this.reason})` : ''); } } - -/** - * Describe the current rollback options for this state - */ -export enum RollbackChoice { - START_ROLLBACK, - CONTINUE_UPDATE_ROLLBACK, - /** - * A sign that stack creation AND its rollback have failed. - * - * There is no way to recover from this, other than recreating the stack. - */ - ROLLBACK_FAILED, - NONE, -} \ No newline at end of file diff --git a/packages/aws-cdk/lib/cdk-toolkit.ts b/packages/aws-cdk/lib/cdk-toolkit.ts index e8f59b2fbda5b..51c0b47a35b0f 100644 --- a/packages/aws-cdk/lib/cdk-toolkit.ts +++ b/packages/aws-cdk/lib/cdk-toolkit.ts @@ -430,50 +430,6 @@ export class CdkToolkit { }); } - /** - * Roll back the given stack or stacks. - */ - public async rollback(options: RollbackOptions) { - const startSynthTime = new Date().getTime(); - const stackCollection = await this.selectStacksForDeploy(options.selector, true); - const elapsedSynthTime = new Date().getTime() - startSynthTime; - print('\n✨ Synthesis time: %ss\n', formatTime(elapsedSynthTime)); - - if (stackCollection.stackCount === 0) { - // eslint-disable-next-line no-console - console.error('No stacks selected'); - return; - } - - let anyRollbackable = false; - - for (const stack of stackCollection.stackArtifacts) { - print('Rolling back %s', chalk.bold(stack.displayName)); - const startRollbackTime = new Date().getTime(); - try { - const result = await this.props.deployments.rollbackStack({ - stack, - roleArn: options.roleArn, - toolkitStackName: options.toolkitStackName, - force: options.force, - validateBootstrapStackVersion: options.validateBootstrapStackVersion, - orphanLogicalIds: options.orphanLogicalIds, - }); - if (!result.notInRollbackableState) { - anyRollbackable = true; - } - const elapsedRollbackTime = new Date().getTime() - startRollbackTime; - print('\n✨ Rollback time: %ss\n', formatTime(elapsedRollbackTime)); - } catch (e: any) { - error('\n ❌ %s failed: %s', chalk.bold(stack.displayName), e.message); - throw new Error('Rollback failed (use --force to orphan failing resources)'); - } - } - if (!anyRollbackable) { - throw new Error('No stacks were in a state that could be rolled back'); - } - } - public async watch(options: WatchOptions) { const rootDir = path.dirname(path.resolve(PROJECT_CONFIG)); debug("root directory used for 'watch' is: %s", rootDir); @@ -1389,48 +1345,6 @@ export interface DeployOptions extends CfnDeployOptions, WatchOptions { readonly ignoreNoStacks?: boolean; } -export interface RollbackOptions { - /** - * Criteria for selecting stacks to deploy - */ - readonly selector: StackSelector; - - /** - * Name of the toolkit stack to use/deploy - * - * @default CDKToolkit - */ - readonly toolkitStackName?: string; - - /** - * Role to pass to CloudFormation for deployment - * - * @default - Default stack role - */ - readonly roleArn?: string; - - /** - * Whether to force the rollback or not - * - * @default false - */ - readonly force?: boolean; - - /** - * Logical IDs of resources to orphan - * - * @default - No orphaning - */ - readonly orphanLogicalIds?: string[]; - - /** - * Whether to validate the version of the bootstrap stack permissions - * - * @default true - */ - readonly validateBootstrapStackVersion?: boolean; -} - export interface ImportOptions extends CfnDeployOptions { /** * Build a physical resource mapping and write it to the given file, without performing the actual import operation diff --git a/packages/aws-cdk/lib/cli.ts b/packages/aws-cdk/lib/cli.ts index 9a91e6257db76..9d61a448c9a91 100644 --- a/packages/aws-cdk/lib/cli.ts +++ b/packages/aws-cdk/lib/cli.ts @@ -176,27 +176,6 @@ async function parseCommandLineArguments(args: string[]) { .option('asset-prebuild', { type: 'boolean', desc: 'Whether to build all assets before deploying the first stack (useful for failing Docker builds)', default: true }) .option('ignore-no-stacks', { type: 'boolean', desc: 'Whether to deploy if the app contains no stacks', default: false }), ) - .command('rollback [STACKS..]', 'Rolls back the stack(s) named STACKS to their last stable state', (yargs: Argv) => yargs - .option('all', { type: 'boolean', default: false, desc: 'Roll back all available stacks' }) - .option('toolkit-stack-name', { type: 'string', desc: 'The name of the CDK toolkit stack the environment is bootstrapped with', requiresArg: true }) - .option('force', { - alias: 'f', - type: 'boolean', - desc: 'Orphan all resources for which the rollback operation fails.', - }) - .option('validate-bootstrap-version', { - type: 'boolean', - desc: 'Whether to validate the bootstrap stack version. Defaults to \'true\', disable with --no-validate-bootstrap-version.', - }) - .option('orphan', { - // alias: 'o' conflicts with --output - type: 'array', - nargs: 1, - requiresArg: true, - desc: 'Orphan the given resources, identified by their logical ID (can be specified multiple times)', - default: [], - }), - ) .command('import [STACK]', 'Import existing resource(s) into the given STACK', (yargs: Argv) => yargs .option('execute', { type: 'boolean', desc: 'Whether to execute ChangeSet (--no-execute will NOT execute the ChangeSet)', default: true }) .option('change-set-name', { type: 'string', desc: 'Name of the CloudFormation change set to create' }) @@ -617,16 +596,6 @@ export async function exec(args: string[], synthesizer?: Synthesizer): Promise = jest.fn(); -let mockContinueUpdateRollback: MockedHandlerType = jest.fn(); -let mockDescribeStackEvents: MockedHandlerType = jest.fn(); beforeEach(() => { jest.resetAllMocks(); sdkProvider = new MockSdkProvider(); @@ -38,9 +35,6 @@ beforeEach(() => { StackResourceSummaries: stackResources, }; }, - rollbackStack: mockRollbackStack, - continueUpdateRollback: mockContinueUpdateRollback, - describeStackEvents: mockDescribeStackEvents, }); ToolkitInfo.lookup = mockToolkitInfoLookup = jest.fn().mockResolvedValue(ToolkitInfo.bootstrapStackNotFoundInfo('TestBootstrapStack')); @@ -337,76 +331,90 @@ test('readCurrentTemplateWithNestedStacks() can handle non-Resources in the temp }); test('readCurrentTemplateWithNestedStacks() with a 3-level nested + sibling structure works', async () => { - givenStacks({ - MultiLevelRoot: { - template: { - Resources: { - NestedStack: { - Type: 'AWS::CloudFormation::Stack', - Properties: { - TemplateURL: 'https://www.magic-url.com', - }, - Metadata: { - 'aws:asset:path': 'one-resource-two-stacks-stack.nested.template.json', - }, - }, - }, - }, - }, - NestedStack: { - template: { - Resources: { - SomeResource: { - Type: 'AWS::Something', - Properties: { - Property: 'old-value', + const cfnStack = new FakeCloudformationStack({ + stackName: 'MultiLevelRoot', + stackId: 'StackId', + }); + CloudFormationStack.lookup = (async (_, stackName: string) => { + switch (stackName) { + case 'MultiLevelRoot': + cfnStack.template = async () => ({ + Resources: { + NestedStack: { + Type: 'AWS::CloudFormation::Stack', + Properties: { + TemplateURL: 'https://www.magic-url.com', + }, + Metadata: { + 'aws:asset:path': 'one-resource-two-stacks-stack.nested.template.json', + }, }, }, - GrandChildStackA: { - Type: 'AWS::CloudFormation::Stack', - Properties: { - TemplateURL: 'https://www.magic-url.com', - }, - Metadata: { - 'aws:asset:path': 'one-resource-stack.nested.template.json', + }); + break; + + case 'NestedStack': + cfnStack.template = async () => ({ + Resources: { + SomeResource: { + Type: 'AWS::Something', + Properties: { + Property: 'old-value', + }, }, - }, - GrandChildStackB: { - Type: 'AWS::CloudFormation::Stack', - Properties: { - TemplateURL: 'https://www.magic-url.com', + GrandChildStackA: { + Type: 'AWS::CloudFormation::Stack', + Properties: { + TemplateURL: 'https://www.magic-url.com', + }, + Metadata: { + 'aws:asset:path': 'one-resource-stack.nested.template.json', + }, }, - Metadata: { - 'aws:asset:path': 'one-resource-stack.nested.template.json', + GrandChildStackB: { + Type: 'AWS::CloudFormation::Stack', + Properties: { + TemplateURL: 'https://www.magic-url.com', + }, + Metadata: { + 'aws:asset:path': 'one-resource-stack.nested.template.json', + }, }, }, - }, - }, - }, - GrandChildStackA: { - template: { - Resources: { - SomeResource: { - Type: 'AWS::Something', - Properties: { - Property: 'old-value', + }); + break; + + case 'GrandChildStackA': + cfnStack.template = async () => ({ + Resources: { + SomeResource: { + Type: 'AWS::Something', + Properties: { + Property: 'old-value', + }, }, }, - }, - }, - }, - GrandChildStackB: { - template: { - Resources: { - SomeResource: { - Type: 'AWS::Something', - Properties: { - Property: 'old-value', + }); + break; + + case 'GrandChildStackB': + cfnStack.template = async () => ({ + Resources: { + SomeResource: { + Type: 'AWS::Something', + Properties: { + Property: 'old-value', + }, }, }, - }, - }, - }, + }); + break; + + default: + throw new Error('unknown stack name ' + stackName + ' found in deployments.test.ts'); + } + + return cfnStack; }); const rootStack = testStack({ @@ -674,31 +682,36 @@ test('readCurrentTemplateWithNestedStacks() on an undeployed parent stack with a test('readCurrentTemplateWithNestedStacks() caches calls to listStackResources()', async () => { // GIVEN - givenStacks({ - '*': { - template: { - Resources: { - NestedStackA: { - Type: 'AWS::CloudFormation::Stack', - Properties: { - TemplateURL: 'https://www.magic-url.com', - }, - Metadata: { - 'aws:asset:path': 'one-resource-stack.nested.template.json', - }, + const cfnStack = new FakeCloudformationStack({ + stackName: 'CachingRoot', + stackId: 'StackId', + }); + CloudFormationStack.lookup = (async (_cfn, _stackName: string) => { + cfnStack.template = async () => ({ + Resources: + { + NestedStackA: { + Type: 'AWS::CloudFormation::Stack', + Properties: { + TemplateURL: 'https://www.magic-url.com', }, - NestedStackB: { - Type: 'AWS::CloudFormation::Stack', - Properties: { - TemplateURL: 'https://www.magic-url.com', - }, - Metadata: { - 'aws:asset:path': 'one-resource-stack.nested.template.json', - }, + Metadata: { + 'aws:asset:path': 'one-resource-stack.nested.template.json', + }, + }, + NestedStackB: { + Type: 'AWS::CloudFormation::Stack', + Properties: { + TemplateURL: 'https://www.magic-url.com', + }, + Metadata: { + 'aws:asset:path': 'one-resource-stack.nested.template.json', }, }, }, - }, + }); + + return cfnStack; }); const rootStack = testStack({ @@ -743,112 +756,15 @@ test('readCurrentTemplateWithNestedStacks() caches calls to listStackResources() expect(numberOfTimesListStackResourcesWasCalled).toEqual(1); }); -test('rollback stack assumes role if necessary', async() => { - const mockForEnvironment = jest.fn().mockImplementation(() => { return { sdk: sdkProvider.sdk }; }); - sdkProvider.forEnvironment = mockForEnvironment; - givenStacks({ - '*': { template: {} }, - }); - - await deployments.rollbackStack({ - stack: testStack({ - stackName: 'boop', - properties: { - assumeRoleArn: 'bloop:${AWS::Region}:${AWS::AccountId}', - }, - }), - validateBootstrapStackVersion: false, - }); - - expect(mockForEnvironment).toHaveBeenCalledWith(expect.anything(), expect.anything(), expect.objectContaining({ - assumeRoleArn: 'bloop:here:123456789012', - })); -}); - -test('rollback stack allows rolling back from UPDATE_FAILED', async() => { - // GIVEN - givenStacks({ - '*': { template: {}, stackStatus: 'UPDATE_FAILED' }, - }); - - // WHEN - await deployments.rollbackStack({ - stack: testStack({ stackName: 'boop' }), - validateBootstrapStackVersion: false, - }); - - // THEN - expect(mockRollbackStack).toHaveBeenCalled(); -}); - -test('rollback stack allows continue rollback from UPDATE_ROLLBACK_FAILED', async() => { - // GIVEN - givenStacks({ - '*': { template: {}, stackStatus: 'UPDATE_ROLLBACK_FAILED' }, - }); - - // WHEN - await deployments.rollbackStack({ - stack: testStack({ stackName: 'boop' }), - validateBootstrapStackVersion: false, - }); - - // THEN - expect(mockContinueUpdateRollback).toHaveBeenCalled(); -}); - -test('rollback stack fails in UPDATE_COMPLETE state', async() => { - // GIVEN - givenStacks({ - '*': { template: {}, stackStatus: 'UPDATE_COMPLETE' }, - }); - - // WHEN - const response = await deployments.rollbackStack({ - stack: testStack({ stackName: 'boop' }), - validateBootstrapStackVersion: false, - }); - - // THEN - expect(response.notInRollbackableState).toBe(true); -}); - -test('continue rollback stack with force ignores any failed resources', async() => { - // GIVEN - givenStacks({ - '*': { template: {}, stackStatus: 'UPDATE_ROLLBACK_FAILED' }, - }); - mockDescribeStackEvents.mockReturnValue({ - StackEvents: [ - { - EventId: 'asdf', - StackId: 'stack/MyStack', - StackName: 'MyStack', - Timestamp: new Date(), - LogicalResourceId: 'Xyz', - ResourceStatus: 'UPDATE_FAILED', - }, - ], - }); - - // WHEN - await deployments.rollbackStack({ - stack: testStack({ stackName: 'boop' }), - validateBootstrapStackVersion: false, - force: true, - }); - - // THEN - expect(mockContinueUpdateRollback).toHaveBeenCalledWith(expect.objectContaining({ - ResourcesToSkip: ['Xyz'], - })); -}); - test('readCurrentTemplateWithNestedStacks() succesfully ignores stacks without metadata', async () => { // GIVEN - givenStacks({ - 'MetadataRoot': { - template: { + const cfnStack = new FakeCloudformationStack({ + stackName: 'MetadataRoot', + stackId: 'StackId', + }); + CloudFormationStack.lookup = (async (_, stackName: string) => { + if (stackName === 'MetadataRoot') { + cfnStack.template = async () => ({ Resources: { WithMetadata: { Type: 'AWS::CloudFormation::Stack', @@ -860,10 +776,10 @@ test('readCurrentTemplateWithNestedStacks() succesfully ignores stacks without m }, }, }, - }, - }, - '*': { - template: { + }); + + } else { + cfnStack.template = async () => ({ Resources: { SomeResource: { Type: 'AWS::Something', @@ -872,8 +788,10 @@ test('readCurrentTemplateWithNestedStacks() succesfully ignores stacks without m }, }, }, - }, - }, + }); + } + + return cfnStack; }); const rootStack = testStack({ @@ -1000,23 +918,3 @@ function stackSummaryOf(logicalId: string, resourceType: string, physicalResourc LastUpdatedTimestamp: new Date(), }; } - -function givenStacks(stacks: Record) { - jest.spyOn(CloudFormationStack, 'lookup').mockImplementation(async (_, stackName) => { - let stack = stacks[stackName]; - if (!stack) { - stack = stacks['*']; - } - if (stack) { - const cfnStack = new FakeCloudformationStack({ - stackName, - stackId: `stack/${stackName}`, - stackStatus: stack.stackStatus, - }); - cfnStack.setTemplate(stack.template); - return cfnStack; - } else { - return new FakeCloudformationStack({ stackName }); - } - }); -} \ No newline at end of file diff --git a/packages/aws-cdk/test/api/fake-cloudformation-stack.ts b/packages/aws-cdk/test/api/fake-cloudformation-stack.ts index 918d6c4d5bb37..1668ea0b55d33 100644 --- a/packages/aws-cdk/test/api/fake-cloudformation-stack.ts +++ b/packages/aws-cdk/test/api/fake-cloudformation-stack.ts @@ -2,12 +2,10 @@ import { CloudFormation } from 'aws-sdk'; import { CloudFormationStack, Template } from '../../lib/api/util/cloudformation'; import { instanceMockFrom } from '../util'; -import { StackStatus } from '../../lib/api/util/cloudformation/stack-status'; export interface FakeCloudFormationStackProps { readonly stackName: string; - readonly stackId?: string; - readonly stackStatus?: string; + readonly stackId: string; } export class FakeCloudformationStack extends CloudFormationStack { @@ -31,23 +29,7 @@ export class FakeCloudformationStack extends CloudFormationStack { return Promise.resolve(this.__template); } - public get exists() { - return this.props.stackId !== undefined; - } - - public get stackStatus() { - const status = this.props.stackStatus ?? 'UPDATE_COMPLETE'; - return new StackStatus(status, 'The test said so'); - } - - public get stackId() { - if (!this.props.stackId) { - throw new Error('Cannot retrieve stackId from a non-existent stack'); - } + public get stackId(): string { return this.props.stackId; } - - public get outputs(): Record { - return {}; - } } diff --git a/packages/aws-cdk/test/api/stack-activity-monitor.test.ts b/packages/aws-cdk/test/api/stack-activity-monitor.test.ts index a07ec99e40b38..6c5eddc7dd75e 100644 --- a/packages/aws-cdk/test/api/stack-activity-monitor.test.ts +++ b/packages/aws-cdk/test/api/stack-activity-monitor.test.ts @@ -29,7 +29,6 @@ test('prints 0/4 progress report, when addActivity is called with an "IN_PROGRES EventId: '', StackName: 'stack-name', }, - parentStackLogicalIds: [], }); }); @@ -54,7 +53,6 @@ test('prints 1/4 progress report, when addActivity is called with an "UPDATE_COM EventId: '', StackName: 'stack-name', }, - parentStackLogicalIds: [], }); }); @@ -79,7 +77,6 @@ test('prints 1/4 progress report, when addActivity is called with an "UPDATE_COM EventId: '', StackName: 'stack-name', }, - parentStackLogicalIds: [], }); }); @@ -104,7 +101,6 @@ test('prints 1/4 progress report, when addActivity is called with an "ROLLBACK_C EventId: '', StackName: 'stack-name', }, - parentStackLogicalIds: [], }); }); @@ -129,7 +125,6 @@ test('prints 0/4 progress report, when addActivity is called with an "UPDATE_FAI EventId: '', StackName: 'stack-name', }, - parentStackLogicalIds: [], }); }); @@ -154,7 +149,6 @@ test('does not print "Failed Resources:" list, when all deployments are successf EventId: '', StackName: 'stack-name', }, - parentStackLogicalIds: [], }); historyActivityPrinter.addActivity({ event: { @@ -166,7 +160,6 @@ test('does not print "Failed Resources:" list, when all deployments are successf EventId: '', StackName: 'stack-name', }, - parentStackLogicalIds: [], }); historyActivityPrinter.addActivity({ event: { @@ -178,7 +171,6 @@ test('does not print "Failed Resources:" list, when all deployments are successf EventId: '', StackName: 'stack-name', }, - parentStackLogicalIds: [], }); historyActivityPrinter.stop(); }); @@ -207,7 +199,6 @@ test('prints "Failed Resources:" list, when at least one deployment fails', () = EventId: '', StackName: 'stack-name', }, - parentStackLogicalIds: [], }); historyActivityPrinter.addActivity({ event: { @@ -219,7 +210,6 @@ test('prints "Failed Resources:" list, when at least one deployment fails', () = EventId: '', StackName: 'stack-name', }, - parentStackLogicalIds: [], }); historyActivityPrinter.stop(); }); @@ -252,7 +242,6 @@ test('print failed resources because of hook failures', () => { HookType: 'hook1', HookStatusReason: 'stack1 must obey certain rules', }, - parentStackLogicalIds: [], }); historyActivityPrinter.addActivity({ event: { @@ -265,7 +254,6 @@ test('print failed resources because of hook failures', () => { StackName: 'stack-name', ResourceStatusReason: 'The following hook(s) failed: hook1', }, - parentStackLogicalIds: [], }); historyActivityPrinter.stop(); }); diff --git a/packages/aws-cdk/test/cdk-toolkit.test.ts b/packages/aws-cdk/test/cdk-toolkit.test.ts index d2c46cc15698d..f67c35ad8dae7 100644 --- a/packages/aws-cdk/test/cdk-toolkit.test.ts +++ b/packages/aws-cdk/test/cdk-toolkit.test.ts @@ -64,7 +64,7 @@ import { instanceMockFrom, MockCloudExecutable, TestStackArtifact } from './util import { MockSdkProvider } from './util/mock-sdk'; import { Bootstrapper } from '../lib/api/bootstrap'; import { DeployStackResult } from '../lib/api/deploy-stack'; -import { Deployments, DeployStackOptions, DestroyStackOptions, RollbackStackOptions, RollbackStackResult } from '../lib/api/deployments'; +import { Deployments, DeployStackOptions, DestroyStackOptions } from '../lib/api/deployments'; import { HotswapMode } from '../lib/api/hotswap/common'; import { Template } from '../lib/api/util/cloudformation'; import { CdkToolkit, Tag } from '../lib/cdk-toolkit'; @@ -1224,31 +1224,6 @@ describe('synth', () => { expect(mockData.mock.calls.length).toEqual(1); expect(mockData.mock.calls[0][0]).toBeDefined(); }); - - test('rollback uses deployment role', async () => { - cloudExecutable = new MockCloudExecutable({ - stacks: [ - MockStack.MOCK_STACK_C, - ], - }); - - const mockedRollback = jest.spyOn(Deployments.prototype, 'rollbackStack').mockResolvedValue({ - success: true, - }); - - const toolkit = new CdkToolkit({ - cloudExecutable, - configuration: cloudExecutable.configuration, - sdkProvider: cloudExecutable.sdkProvider, - deployments: new Deployments({ sdkProvider: new MockSdkProvider() }), - }); - - await toolkit.rollback({ - selector: { patterns: [] }, - }); - - expect(mockedRollback).toHaveBeenCalled(); - }); }); class MockStack { @@ -1425,12 +1400,6 @@ class FakeCloudFormation extends Deployments { }); } - public rollbackStack(_options: RollbackStackOptions): Promise { - return Promise.resolve({ - success: true, - }); - } - public destroyStack(options: DestroyStackOptions): Promise { expect(options.stack).toBeDefined(); return Promise.resolve(); diff --git a/packages/aws-cdk/test/util/mock-sdk.ts b/packages/aws-cdk/test/util/mock-sdk.ts index d280ef9f02942..0d943fadb3dea 100644 --- a/packages/aws-cdk/test/util/mock-sdk.ts +++ b/packages/aws-cdk/test/util/mock-sdk.ts @@ -269,21 +269,11 @@ type AwsCallInputOutput = // Determine the type of the mock handler from the type of the Input/Output type pair. // Don't need to worry about the 'never', TypeScript will propagate it upwards making it // impossible to specify the field that has 'never' anywhere in its type. -type HandlerType = +type MockHandlerType = AI extends [any, any] ? (input: AI[0]) => AI[1] : AI; // Any subset of the full type that synchronously returns the output structure is okay -export type SyncHandlerSubsetOf = {[K in keyof S]?: HandlerType>}; - -/** - * A jest Mock function we can pass into SdkProvider.stubXXX - * - * Use as follows: - * - * ```ts - * const mockDescribeStackEvents: MockedHandlerType = jest.fn(); - */ -export type MockedHandlerType = AwsCallInputOutput extends [infer IN, infer OUT] ? jest.Mock : never; +export type SyncHandlerSubsetOf = {[K in keyof S]?: MockHandlerType>}; /** * Fake AWS response. diff --git a/packages/aws-cdk/test/util/stack-monitor.test.ts b/packages/aws-cdk/test/util/stack-monitor.test.ts index e0d9bb673fbd7..e32098a03a9ee 100644 --- a/packages/aws-cdk/test/util/stack-monitor.test.ts +++ b/packages/aws-cdk/test/util/stack-monitor.test.ts @@ -123,21 +123,12 @@ describe('stack monitor, collecting errors from events', () => { expect(request.StackName).toStrictEqual('StackName'); return { StackEvents: [ - addErrorToStackEvent( - event(102), { - logicalResourceId: 'nestedStackLogicalResourceId', - physicalResourceId: 'nestedStackPhysicalResourceId', - resourceType: 'AWS::CloudFormation::Stack', - resourceStatusReason: 'nested stack failed', - resourceStatus: 'UPDATE_FAILED', - }, - ), addErrorToStackEvent( event(100), { logicalResourceId: 'nestedStackLogicalResourceId', physicalResourceId: 'nestedStackPhysicalResourceId', resourceType: 'AWS::CloudFormation::Stack', - resourceStatus: 'UPDATE_IN_PROGRESS', + resourceStatusReason: 'nested stack failed', }, ), ], @@ -262,28 +253,18 @@ async function testMonitorWithEventCalls( let describeStackEvents = (jest.fn() as jest.Mock); let finished = false; - let error: Error | undefined = undefined; for (const invocation of beforeStopInvocations) { const invocation_ = invocation; // Capture loop variable in local because of closure semantics const isLast = invocation === beforeStopInvocations[beforeStopInvocations.length - 1]; describeStackEvents = describeStackEvents.mockImplementationOnce(request => { - try { - const ret = invocation_(request); - if (isLast) { - finished = true; - } - return ret; - } catch (e: any) { + const ret = invocation_(request); + if (isLast) { finished = true; - error = e; - throw e; } + return ret; }); } - if (error) { - throw error; - } for (const invocation of afterStopInvocations) { describeStackEvents = describeStackEvents.mockImplementationOnce(invocation); } From 681664efe3c97f2099bec05d54e8fcff1bb7f17b Mon Sep 17 00:00:00 2001 From: shikha372 Date: Fri, 4 Oct 2024 19:05:46 -0700 Subject: [PATCH 4/4] chore(release): 2.161.1 --- CHANGELOG.v2.alpha.md | 2 ++ CHANGELOG.v2.md | 7 +++++++ version.v2.json | 4 ++-- 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.v2.alpha.md b/CHANGELOG.v2.alpha.md index 71887f060141a..53e9ede390270 100644 --- a/CHANGELOG.v2.alpha.md +++ b/CHANGELOG.v2.alpha.md @@ -2,6 +2,8 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [2.161.1-alpha.0](https://github.com/aws/aws-cdk/compare/v2.161.0-alpha.0...v2.161.1-alpha.0) (2024-10-05) + ## [2.161.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.160.0-alpha.0...v2.161.0-alpha.0) (2024-10-03) diff --git a/CHANGELOG.v2.md b/CHANGELOG.v2.md index 8d997f77a4eeb..8a8330236f6b6 100644 --- a/CHANGELOG.v2.md +++ b/CHANGELOG.v2.md @@ -2,6 +2,13 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [2.161.1](https://github.com/aws/aws-cdk/compare/v2.161.0...v2.161.1) (2024-10-05) + + +### Reverts + +* feat(cli): cdk rollback ([#31407](https://github.com/aws/aws-cdk/issues/31407)) ([#31657](https://github.com/aws/aws-cdk/issues/31657)) ([29bf223](https://github.com/aws/aws-cdk/commit/29bf2233a33d3ded20639279fa712a5b036fe041)) + ## [2.161.0](https://github.com/aws/aws-cdk/compare/v2.160.0...v2.161.0) (2024-10-03) diff --git a/version.v2.json b/version.v2.json index fa129890d6ad2..226f0caf5d561 100644 --- a/version.v2.json +++ b/version.v2.json @@ -1,4 +1,4 @@ { - "version": "2.161.0", - "alphaVersion": "2.161.0-alpha.0" + "version": "2.161.1", + "alphaVersion": "2.161.1-alpha.0" } \ No newline at end of file