cli: --no-rollback and a changeset that includes replacement type updates causes a failed deployment
#30546
Closed
1 of 2 tasks
Assignees
Labels
@aws-cdk/core
Related to core CDK functionality
cli
Issues related to the CDK CLI
effort/medium
Medium work item – several days of effort
feature-request
A feature should be added or improved.
p1
package/tools
Related to AWS CDK Tools or CLI
Comments
tmokmss
added
feature-request
|
Thanks for reaching out with this request @tmokmss . Marking it appropriate for team's input. |
khushail
added
p3
effort/medium
comcalvi
changed the title
--no-rollback is specified a changeset includes replacement type updates
comcalvi
changed the title
--no-rollback is specified a changeset includes replacement type updates--no-rollback and a changeset that includes replacement type updates causes a failed deployment
|
To confirm: you're requesting that as a user, you pass in |
|
Hi @rix0rrr, thank you for taking care of the FR. I think there are several options to improve the current behavior when there is a replacement type change and --no-rollback flag is set:
the 3rd option does not directly resolves the issue, but it reduces the manual work to recover from the following state:
|
|
I think I would prefer doing something with handling the
None of this replacement detection will work with |
|
@rix0rrr That makes sense, thanks! I think the last one is the highest priority, because we should not get into |
mergify bot
pushed a commit
that referenced
this issue
Oct 2, 2024
Add a CLI feature to roll a stuck change back.
This is mostly useful for deployments performed using `--no-rollback`: if a failure occurs, the stack gets stuck in an `UPDATE_FAILED` state from which there are 2 options:
- Try again using a new template
- Roll back to the last stable state
There used to be no way to perform the second operation using the CDK CLI, but there now is.
`cdk rollback` works in 2 situations:
- A paused fail state; it will initiating a fresh rollback (on `CREATE_FAILED`, `UPDATE_FAILED`).
- A paused rollback state; it will retry the rollback, optionally skipping some resources (on `UPDATE_ROLLBACK_FAILED` -- it seems there is no way to continue a rollback in `ROLLBACK_FAILED` state).
`cdk rollback --orphan <logicalid>` can be used to skip resource rollbacks that are causing problems.
`cdk rollback --force` will look up all failed resources and continue skipping them until the rollback has finished.
This change requires new bootstrap permissions, so the bootstrap stack is updated to add the following IAM permissions to the `deploy-action` role:
```
- cloudformation:RollbackStack
- cloudformation:ContinueUpdateRollback
```
These are necessary to call the 2 CloudFormation APIs that start and continue a rollback.
Relates to (but does not close yet) #30546.
----
*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
rix0rrr
added a commit
that referenced
this issue
Oct 7, 2024
Add a CLI feature to roll a stuck change back.
This is mostly useful for deployments performed using `--no-rollback`: if a failure occurs, the stack gets stuck in an `UPDATE_FAILED` state from which there are 2 options:
- Try again using a new template
- Roll back to the last stable state
There used to be no way to perform the second operation using the CDK CLI, but there now is.
`cdk rollback` works in 2 situations:
- A paused fail state; it will initiating a fresh rollback (on `CREATE_FAILED`, `UPDATE_FAILED`).
- A paused rollback state; it will retry the rollback, optionally skipping some resources (on `UPDATE_ROLLBACK_FAILED` -- it seems there is no way to continue a rollback in `ROLLBACK_FAILED` state).
`cdk rollback --orphan <logicalid>` can be used to skip resource rollbacks that are causing problems.
`cdk rollback --force` will look up all failed resources and continue skipping them until the rollback has finished.
This change requires new bootstrap permissions, so the bootstrap stack is updated to add the following IAM permissions to the `deploy-action` role:
```
- cloudformation:RollbackStack
- cloudformation:ContinueUpdateRollback
```
These are necessary to call the 2 CloudFormation APIs that start and continue a rollback.
Relates to (but does not close yet) #30546.
----
*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
rix0rrr
added a commit
that referenced
this issue
Oct 28, 2024
If a user is deploying with `--no-rollback`, and the stack contains replacements (or the `--no-rollback` flag is dropped), then a rollback needs to be performed before a regular deployment can happen again. In this PR, we add a prompt where we ask the user to confirm that they are okay with performing a rollback and then a normal deployment. Closes #30546.
|
Comments on closed issues and PRs are hard for our team to see. |
1 similar comment
|
Comments on closed issues and PRs are hard for our team to see. |
Leo10Gama
pushed a commit
to Leo10Gama/aws-cdk
that referenced
this issue
Nov 13, 2024
If a user is deploying with `--no-rollback`, and the stack contains replacements (or the `--no-rollback` flag is dropped), then a rollback needs to be performed before a regular deployment can happen again. In this PR, we add a prompt where we ask the user to confirm that they are okay with performing a rollback and then a normal deployment. The way this works is that `deployStack` detects a disallowed combination (replacement and no-rollback, or being in a stuck state and not being called with no-rollback), and returns a special status code. The driver of the calls, `CdkToolkit`, will see those special return codes, prompt the user, and retry. Also get rid of a stray `Stack undefined` that gets printed to the console. Closes aws#30546, Closes aws#31685 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Describe the feature
CDK should automatically disable no-rollback flag when a change set to deploy contains a replacement type updates. Otherwise the deployment fails and it leaves the stack in a non-terminal state, which does not allow updating stack any more without resetting the state.
Use Case
I'm always frustrated when I accidentally deploy a change with
no-rollbackflag enabled, and the deployment fails after a while because it contains replacement type updates.Proposed Solution
CDK CLI uses CFn changeset feature to deploy a change, so it knows whether the change contains any replacement. If there is, it should automatically disable no-rollback flag.
Or we should at least validate the flag before actually executing a CFn deployment.
Other Information
The error we get when deploying a change with
no-rollbackflag and replacement change:The error we get when deploying a change after a deployment failed due to the above error.
Acknowledgements
CDK version used
2.145.0
Environment details (OS name and version, etc.)
macOS
The text was updated successfully, but these errors were encountered: