From 1ceefe5bd8edb02303c63e1841a85c1da9bf49a6 Mon Sep 17 00:00:00 2001 From: corymhall <43035978+corymhall@users.noreply.github.com> Date: Tue, 18 Jan 2022 13:56:15 +0000 Subject: [PATCH 1/2] fix(cli): warning to upgrade to bootstrap version >= undefined When we try to assume the lookup role and fail, we print out a warning telling the user to upgrade to the required bootstrap stack version. In cases where the user is not using the default stack synthesizer (legacy, custom, etc.) the cli might not have information on the lookup role. In those cases where we don't have the necessary information on the ARN of the lookup role or the required bootstrap version, we will not print any warnings. --- .../aws-cdk/lib/api/cloudformation-deployments.ts | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/packages/aws-cdk/lib/api/cloudformation-deployments.ts b/packages/aws-cdk/lib/api/cloudformation-deployments.ts index 72c48bb109ee7..a4438ff0ca8f7 100644 --- a/packages/aws-cdk/lib/api/cloudformation-deployments.ts +++ b/packages/aws-cdk/lib/api/cloudformation-deployments.ts @@ -96,14 +96,20 @@ export async function prepareSdkWithLookupRoleFor( if (version < stack.lookupRole.requiresBootstrapStackVersion) { throw new Error(`Bootstrap stack version '${stack.lookupRole.requiresBootstrapStackVersion}' is required, found version '${version}'.`); } - } else if (!stackSdk.didAssumeRole) { + // we may not have assumed the lookup role because one was not provided + // if that is the case then don't print the upgrade warning + } else if (!stackSdk.didAssumeRole && stack.lookupRole?.requiresBootstrapStackVersion) { warning(upgradeMessage); } return { ...stackSdk, resolvedEnvironment }; } catch (e) { debug(e); - warning(warningMessage); - warning(upgradeMessage); + // only print out the warnings if the lookupRole exists AND there is a required + // bootstrap version, otherwise the warnings will print `undefined` + if (stack.lookupRole && stack.lookupRole.requiresBootstrapStackVersion) { + warning(warningMessage); + warning(upgradeMessage); + } throw (e); } } From 104fe18615672797c308c5f89224025166f10a90 Mon Sep 17 00:00:00 2001 From: corymhall <43035978+corymhall@users.noreply.github.com> Date: Tue, 18 Jan 2022 14:21:33 +0000 Subject: [PATCH 2/2] add test --- packages/aws-cdk/test/cdk-toolkit.test.ts | 44 +++++++++++++++++++++++ 1 file changed, 44 insertions(+) diff --git a/packages/aws-cdk/test/cdk-toolkit.test.ts b/packages/aws-cdk/test/cdk-toolkit.test.ts index 7b8f96d5d948c..c7ee3b87130fc 100644 --- a/packages/aws-cdk/test/cdk-toolkit.test.ts +++ b/packages/aws-cdk/test/cdk-toolkit.test.ts @@ -127,6 +127,13 @@ describe('readCurrentTemplate', () => { }, }, }, + { + stackName: 'Test-Stack-A', + template, + properties: { + assumeRoleArn: 'bloop:${AWS::Region}:${AWS::AccountId}', + }, + }, ], }); mockForEnvironment = jest.fn().mockImplementation(() => { return { sdk: mockCloudExecutable.sdkProvider.sdk, didAssumeRole: true }; }); @@ -145,6 +152,11 @@ describe('readCurrentTemplate', () => { StackStatus: 'CREATE_COMPLETE', CreationTime: new Date(), }, + { + StackName: 'Test-Stack-A', + StackStatus: 'CREATE_COMPLETE', + CreationTime: new Date(), + }, ], }; }, @@ -329,6 +341,38 @@ describe('readCurrentTemplate', () => { assumeRoleArn: 'bloop:here:123456789012', }); }); + + test('do not print warnings if lookup role not provided in stack artifact', async () => { + // GIVEN + mockCloudExecutable.sdkProvider.stubSSM({ + getParameter() { + return {}; + }, + }); + const cdkToolkit = new CdkToolkit({ + cloudExecutable: mockCloudExecutable, + configuration: mockCloudExecutable.configuration, + sdkProvider: mockCloudExecutable.sdkProvider, + cloudFormation: new CloudFormationDeployments({ sdkProvider: mockCloudExecutable.sdkProvider }), + }); + + // WHEN + await cdkToolkit.deploy({ + selector: { patterns: ['Test-Stack-A'] }, + }); + + // THEN + expect(flatten(stderrMock.mock.calls)).not.toEqual(expect.arrayContaining([ + expect.stringMatching(/Could not assume/), + expect.stringMatching(/please upgrade to bootstrap version/), + ])); + expect(mockCloudExecutable.sdkProvider.sdk.ssm).not.toHaveBeenCalled(); + expect(mockForEnvironment.mock.calls.length).toEqual(2); + expect(mockForEnvironment.mock.calls[0][2]).toEqual({ + assumeRoleArn: undefined, + assumeRoleExternalId: undefined, + }); + }); }); describe('deploy', () => {