get webhook that triggered the AWS CodePipeline run - amazon-web-services

Background:
I'm planning on creating a Codepipeline that has multiple source actions within the initial source stage. Each source action is a GitHub repo that will have its own AWS CodePipeline webhook. Within the pipeline's next stage, I want to have an invoke action that will get the pipeline execution's webhook that triggered the pipeline run and set the input artifact for the downstream build stage to be the source action that is associated with the triggered webhook. For example, if repo A's webhook caused pipeline execution #1, then the invoke action will somehow identify that the repo A's webhook was the trigger and then pass repo A's output artifact to the downstream build stage.
Problem:
I haven't found a solution to get the Codepipeline webhook that triggered the pipeline run. Looking at the boto3 Codepipeline docs, the closest I've got was list_webhooks that identifies what pipeline the webhook is associated with but nothing in regards to if that webhook triggered Codepipeline execution ID 123.

The list_pipeline_executions command should help you in this case. It provides you with CodePipeline execution summaries, where the first result is the latest execution ID. Each summary has a trigger attribute with information about how the execution was triggered. For a webhook it looks like this:
"trigger": {
"triggerType": "Webhook",
"triggerDetail": "arn:aws:codepipeline:<region>:<account-id>:webhook:<webhook-id>"
}
If your pipeline is likely to be running concurrently, make sure you get the current execution ID first so things do not get mixed up. You can do this with a one-liner in CodeBuild as suggested here.

Related

How to access AWS CodeBuild reports in a Lambda?

At the moment I have an EventBridge sending CodeBuild build phase updates that have status "FAILED" to a Lambda. Specifically - unit tests are run and then a report is created that contains information about all the tests that were run. The event that is received by my Lambda from CodeBuild contains ARN for the reports and I would like the Lambda to read that ARN, access the report and output what's gone wrong.
I can't seem to find a way to access the CodeBuild report within a Lambda - AWS CDK API reference doesn't seem to have anything for that within the CodeBuild sections. I have the ARN for the generated report, I just don't know how to make my Lambda read it.
https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/codebuild.html#CodeBuild.Client.batch_get_reports was exactly what I was looking for. Searched around and couldn't see it, and here it is! describe_test_cases() is exactly what I needed for this.
Thanks for the link #jingx

AWS CodePipeline: Running multiple pipelines concurrently

I m trying to setup my CI/CD process with Bitbucket, CodeBuild and CodePipeline. So far, I have Webhook on Bitbucket that will run CodeBuild on custom docker image from ECR and upload the artifacts to Amazon S3 bucket which has versions enabled in it. The new upload triggers the CodePipeline based on the Cloudwatch event and runs another CodeBuild after Manual approve which makes the deployment on new S3 bucket which is fine till now. The CodePipeline has 3 stages: Source (s3),-> Manual Approve -> CodeBuild.
The problem is: When I tried to push multiple branches/new commits, the first CodeBuild runs and upload artifacts on S3 with different versions as expected. However, each upload should trigger each CodePipline. If I had made 3 different code push to the Bitbucket Repository, there should be three Pipelines waiting for Manual approval to be deployed.
But this isn't the case.
I have three artifacts uploaded in S3 with different VersionID based on the commits:
1st commit's artifacts VersionID: OKIBabVQQX80aAuARAne8jnClsTpJGXu
2nd commit's artifacts VersionID: YNsgp9rodnAx7du1Te1OQD2UO0t5IZc
3rd commit's artifacts VersionID: VN7pwVS5zpYNTmzJrLbFGKBupogpgtHN
In CodePipeline:
Stage: Manual Approve is waiting for approval which has S3 Source Version: OKIBabVQQX80aAuARAne8jnClsTpJGXu
Stage: Source is triggered from S3 with VersionID: VN7pwVS5zpYNTmzJrLbFGKBupogpgtHN
Here I am completely missing the 2nd artifacts: (s3 VersionID: YNsgp9rodnAx7du1Te1OQD2UO0t5IZc )
I would expect all three artifacts to trigger the CodePiple one after another so that I can deploy all my 3 push.
Many many thanks!!!
When a pipeline execution starts, it runs a revision through every stage and action in the pipeline. Start a Pipeline Execution in CodePipeline
Code pipeline stage shows the last trigger for particular the stage.
In your case you have:
Artifact1 triggered Source and Manual Approve.
Artifact2 triggered Source and waiting to trigger Manual Approval.
Artifact3 triggered Source and waiting to trigger Manual Approval.
Since your Artifact3 comes after Artifact2 - the Source stage shows it (the last trigger).
Artifact2 is not shown but still waiting for its turn. Once you finish with Artifact1 on Manual Approval stage, the Artifact2 would appear at Manual Approval.
After it, Artifact3 would go to Manual Approval stage and so on.

Is there any API in codepipeline that returns the message why pipeline got failed?

Usecase
I want to extract the reason of why my codepipeline has been failed and send that information as an email. In the codepipeline console, i can see the below message under 'Latest action execution message` heading.
Is there any way i can able to extract this message using any Codepipeline API methods. Because i tested most the AWS cli codepipeline commands but didn't find this information.
Thanks
Any help is appreciated
CodePipeline's CloudWatch events include a pipeline execution id, which you can use to call ListActionExecutions. ListActionExecutions will give you the status for failed actions and will be stable over time.
GetPipelineState has the status for the latest pipeline execution in a given stage. It's possible for a pipeline execution to enter a stage after a failure and before you receive a CloudWatch event (so you observe the wrong pipeline execution).
You can setup an email notification using SNS, and then configure your pipeline to send alerts to the corresponding SNS topic.
You can read detailed steps in Tutorial: Set Up a CloudWatch Events Rule to Receive Email Notifications for Pipeline State Changes.
Since the default notification doesn't include the job failure message, you'll need to write a Lambda Function that receives the state change event object and calls the getPipelineState function to return the last failure message.

Trigger AWS CodePipeline by GitHub release Webhook

AWS CodePipeline now supports GitHub WebHook, but by default
every time code is pushed(changed) on the master branch, CodePipeline is triggered.
However, I only want it to run when I actually publish a release.
So, I manually configured the auto-generated GitHub WebHook as follows:
(Uncheck Pushes, check Releases)
but after the configuration, CodePipeline is not kicked any more.
(When I check Pushes again, it starts watching every pushes again)
Does it only watch Pushes action?
If it does, is there any other way to kick CodePipeline by GitHub release actions?
CodePipeline's webhooks were designed to handle push events, but I think there's no reason why you shouldn't be able to configure the CodePipeline webhook to trigger on release events. No information from the webhook invocation is actually used as part of the source action, so you could trigger it from anything.
The reason it's not working is probably because of how your webhook filters are configured.
Take a look at the ListWebhooks API to see how your webhook is configured.
This page describes how the filters and authentication configuration is used to match github events to decide whether to trigger a pipeline execution or not.

AWS CodePipeline - Run at a specific time only if there are changes

AWS: Is it possible to setup a CloudWatch event to run a pipeline at a specific time but only if there are changes on my codecommit repository?
I don't think is possible out of the box.
An approach could be having a lambda function executing on a regular schedule (3am).
Then get your lambda to compare the latest codepipeline release against your latest revision committed, and trigger the pipeline accordingly.