docs(pipelines): describe context lookups #15663
Conversation
Describe recommended way to do context lookups, and an alternative approach we don't recommend but that everyone is asking for.
|
|
| synthesized infrastructure is consistent and repeatable. If you do not commit | ||
| `cdk.context.json`, the results of the lookups may suddenly be different in | ||
| unexpected ways, and even produce results that cannot be deployed or will cause | ||
| data loss. To give an account permissions to perform lookups against an | ||
| environment, without being able to deploy to it and make changes, run | ||
| `cdk bootstrap --trust-for-lookup=<account>`. |
There was a problem hiding this comment.
I mean this is good, but this is buried in the docs. What would be even better would be to warn/error users during build when they don't do this? Especially, checking in cdk.context.json because that will behave in unexpected ways which is worse than erroring.
But of course, I don't know what it would take to automate this in cdk pipelines, so I'll leave it to you.
There was a problem hiding this comment.
I feel right now you need to consciously choose one or the other, if you do nothing the synth will fail. So at least we're not unsafe.
We might be unusable. I will consider your idea to add a warning (though chances that people will read it are slim).
For now, unblocking this merge because I think having this content in is the most important right now.
|
Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
|
Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
Describe recommended way to do context lookups, and an alternative approach we don't recommend but that everyone is asking for. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Describe recommended way to do context lookups, and an alternative approach we don't recommend but that everyone is asking for. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Describe recommended way to do context lookups, and an alternative
approach we don't recommend but that everyone is asking for.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license