Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(ssm): update ssm-context to prevent raising an error on missing parameter #31415

Merged

Conversation

dsilbergleithcu-godaddy
Copy link
Contributor

@dsilbergleithcu-godaddy dsilbergleithcu-godaddy commented Sep 11, 2024

Updates StringParameter.valueFromLookup with an optional "defaultValue" When specified this value will be used:

  • in place of the standard dummyValue
  • to signal that an Error should not be raised during synthesis if the parameter is not found in the account.

Test are updated to prove that this works

Issue # (if applicable)

Resolves #7051

There are some closed issues which also benefit from this change:

Reason for this change

We have a library which has a fixed set of SSM parameters on which it depends. The values from those parameters are made available as attributes of a custom Stack. We have many users in many different AWS accounts, and not all of the parameters are guaranteed to exist. This is okay. In general, teams would simply not use those values and be happy with that outcome. Unfortunately, CDK crashes when you look up an SSM parameter that does not exist in the account. This is unacceptable.

Description of changes

To address the issue described above, I implemented an optional parameter on the valueFromLookup method: defaultValue. The idea is that if this value is specified, and we fail to look up a parameter in the account, we will return this value and suppress the Error that is currently raised when a parameter is not found.

To implement that functionality, I added a field to the GetContextValueOptions interface which is used to flag that we're not going to raise the error. Then, in valueFromLookup, I set that flag to true if the dummyValue is specified. valueFromLookup then calls ContextProvider.getValue passing along those values.

ContextProvider.getValue is modified so that when it calls stack.reportMissingContextKey it passes a modified set of props which include the defaultValue and the ignoreErrorOnMissingContext flag.

These finally land in the aws-cdk context provider for ssm-parameter. That code has been updated so that if the value is not found in SSM, and we're told to suppress the error, then we'll simply return the defaultValue that was passed in.

Description of how you validated changes

I added a unit tests which covers when the default value is set. I also updated the original unit test as the props now contain some additional field.

I added an integration test which calls valueFromLookup with a defaultValue set and then confirms that no exception is raised and that valueFromLookup returned the defaultValue

NOTE
I considered that the changes made might need to be a part of the cloud-assembly-schema but chose to work around that for now. I'm open to incorporating them there if that's a more correct path.

NOTE 2
I'm unsure about how to update API documentation for this change. This does alter the public API for valueFromLookup and the function doesn't appear to have a proper TSDoc header on it. Please let me know if there's a proper way for me to update the documentation.

Checklist


By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@github-actions github-actions bot added beginning-contributor [Pilot] contributed between 0-2 PRs to the CDK effort/large Large work item – several weeks of effort labels Sep 11, 2024
@aws-cdk-automation aws-cdk-automation requested a review from a team September 11, 2024 22:34
@github-actions github-actions bot added feature-request A feature should be added or improved. p2 labels Sep 11, 2024
Copy link
Collaborator

@aws-cdk-automation aws-cdk-automation left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.

A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed add Clarification Request to a comment.

@aws-cdk-automation aws-cdk-automation added the pr/needs-cli-test-run This PR needs CLI tests run against it. label Sep 11, 2024
@dsilbergleithcu-godaddy dsilbergleithcu-godaddy changed the title Update ssm-context to prevent raising an error on missing parameter fix(cli) update ssm-context to prevent raising an error on missing parameter Sep 11, 2024
@dsilbergleithcu-godaddy dsilbergleithcu-godaddy changed the title fix(cli) update ssm-context to prevent raising an error on missing parameter fix(cli): update ssm-context to prevent raising an error on missing parameter Sep 11, 2024
@dsilbergleithcu-godaddy dsilbergleithcu-godaddy changed the title fix(cli): update ssm-context to prevent raising an error on missing parameter fix(aws-ssm): update ssm-context to prevent raising an error on missing parameter Sep 11, 2024
@dsilbergleithcu-godaddy dsilbergleithcu-godaddy changed the title fix(aws-ssm): update ssm-context to prevent raising an error on missing parameter fix(ssm): update ssm-context to prevent raising an error on missing parameter Sep 11, 2024
@dsilbergleithcu-godaddy dsilbergleithcu-godaddy force-pushed the prevent-ssm-context-provider-errors branch 2 times, most recently from 4dd29a3 to 65f14fe Compare September 11, 2024 22:50
Updates StringParameter.valueFromLookup with an optional "defaultValue"
When specified this value will be used:
 - in place of the standard dummyValue
 - to signal that an Error should not be raised during synthesis
   if the parameter is not found in the account.

Test are updated to prove that this works
@dsilbergleithcu-godaddy dsilbergleithcu-godaddy force-pushed the prevent-ssm-context-provider-errors branch from 2c515cf to f2e76f3 Compare September 12, 2024 21:44
Copy link
Contributor

@rix0rrr rix0rrr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good! One small thing...

packages/aws-cdk-lib/aws-ssm/lib/parameter.ts Outdated Show resolved Hide resolved
Co-authored-by: Rico Hermans <rix0rrr@gmail.com>
@aws-cdk-automation
Copy link
Collaborator

➡️ PR build request submitted to test-main-pipeline ⬅️

A maintainer must now check the pipeline and add the pr-linter/cli-integ-tested label once the pipeline succeeds.

@kaizencc
Copy link
Contributor

sending thru our test pipeline will add the necessary labels + approve when its done

@kaizencc kaizencc added pr-linter/cli-integ-tested Assert that any CLI changes have been integ tested and removed pr/needs-cli-test-run This PR needs CLI tests run against it. labels Sep 13, 2024
@aws-cdk-automation aws-cdk-automation dismissed their stale review September 13, 2024 17:10

✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.

Copy link
Contributor

mergify bot commented Sep 13, 2024

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
  • Commit ID: c891663
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@mergify mergify bot merged commit ff02cca into aws:main Sep 13, 2024
8 of 9 checks passed
Copy link
Contributor

mergify bot commented Sep 13, 2024

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

Copy link

Comments on closed issues and PRs are hard for our team to see.
If you need help, please open a new issue that references this one.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 13, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
beginning-contributor [Pilot] contributed between 0-2 PRs to the CDK effort/large Large work item – several weeks of effort feature-request A feature should be added or improved. p2 pr-linter/cli-integ-tested Assert that any CLI changes have been integ tested
Projects
None yet
Development

Successfully merging this pull request may close these issues.

(aws-ssm): configure a default value instead of dummy-value-for-parameterName
4 participants