When i create my cloudformation stack for codepipeline, it fails and the error message is "Encountered unsupported property ActionTypeId".
My template is this way:
Resources:
CodePipeline:
Type: AWS::CodePipeline::Pipeline
Properties:
ArtifactStore:
Location: !Ref BucketLocation
Type: S3
Name: !Ref Name
RestartExecutionOnUpdate: true
RoleArn: !Ref RoleAnr
DisableInboundStageTransitions:
- Reason: Approve Step
StageName: Build
Stages:
-
Name: !Ref StagesName
Actions:
-
InputArtifacts:
-
Name: CodeCommit
ActionTypeId:
Category: Source
Owner: AWS
Version: 1
Provider: CodeCommit
OutputArtifacts:
-
Name: sourceartifact
Configuration:
BranchName:
!Ref RepositoryBranch
RepositoryName:
!Ref RepositoryName
RunOrder: 1
-
Name: Build
Actions:
-
Name: BuildAction
InputArtifacts:
-
Name: CodeBuild
ActionTypeId:
Category: Build
Owner: AWS
Version: 1
Provider: CodeBuild
OutputArtifacts:
-
Name: sourceartifact
Configuration:
ProjectName:
!Ref ProjectName
RunOrder: 1
-
I've no idea what the problem might be. I've commented the action type and the stack is still faling.
Fix the YAML indentation so that action properties like ActionTypeId are at the same level.
Related
They're many documents and know hows about making a connection to GitHub using v1 from a Cloudformation Pipeline, but since the GitHub change to v2 I can't find anything.
In the past, the definition was:
Pipeline:
Type: AWS::CodePipeline::Pipeline
Properties:
Name: !Ref AWS::StackName
ArtifactStore:
Location: !Ref CodePipelineBucket
Type: S3
RoleArn: !GetAtt DeploymentRole.Arn
Stages:
- Name: Source
Actions:
- Name: Source
ActionTypeId:
Category: Source
Owner: ThirdParty
Version: 1
Provider: GitHub
OutputArtifacts:
- Name: Source
Configuration:
Owner: !Ref GitHubOwner
Repo: !Ref GitHubRepo
Branch: !Ref GitHubBranch
OAuthToken: !Ref GitHubPersonalAccessToken
PollForSourceChanges: false
RunOrder: 1
and you did need to generate an Access Token on GitHub, save it and use it as a variable. It worked fine in the distant past, but now I don't find anything to make it work with v2 and the code above fails with CREATE_FAILED "Encountered unsupported property Configuration" - ""ResourceStatusReason": "The following resource(s) failed to create: [Pipeline]."
You have to fix your indentation. Configuration should be under Actions:
Pipeline:
Type: AWS::CodePipeline::Pipeline
Properties:
Name: !Ref AWS::StackName
ArtifactStore:
Location: !Ref CodePipelineBucket
Type: S3
RoleArn: !GetAtt DeploymentRole.Arn
Stages:
- Name: Source
Actions:
- Name: Source
ActionTypeId:
Category: Source
Owner: ThirdParty
Version: 1
Provider: GitHub
OutputArtifacts:
- Name: Source
Configuration:
Owner: !Ref GitHubOwner
Repo: !Ref GitHubRepo
Branch: !Ref GitHubBranch
OAuthToken: !Ref GitHubPersonalAccessToken
PollForSourceChanges: false
RunOrder: 1
In Documentation, we are given the following example:
AppPipeline:
Type: AWS::CodePipeline::Pipeline
Properties:
RoleArn:
Ref: CodePipelineServiceRole
Stages:
-
Name: Source
Actions:
-
Name: SourceAction
ActionTypeId:
Category: Source
Owner: AWS
Version: 1
Provider: S3
OutputArtifacts:
-
Name: SourceOutput
Configuration:
S3Bucket:
Ref: SourceS3Bucket
S3ObjectKey:
Ref: SourceS3ObjectKey
RunOrder: 1
I have tried to update it to use GitHub enterprise but unfortunately it doesn't work.
Can someone show how to correctly configure it.
This is how i tried to do that:
- Name: Source
Actions:
- Name: Source
RunOrder: 1
InputArtifacts: []
ActionTypeId:
Category: Source
Owner: ThirdParty
Provider: GitHubEnterpriseServer
Configuration:
Owner: !Sub ${GitHubRepositoryOwner}
Repo: !Sub ${GitHubRepositoryName}
Branch: !Sub ${GitHubIntegrationBranch}
OAuthToken: !Sub ${GitHubPersonalAccessToken}
PollForSourceChanges: false # Must be set to false when using webhooks
OutputArtifacts:
- Name: SourceArtifact
Update:
I found the Github Enterprise uses codestar-connections.
I have edit my code to look like this:
Stages:
- Name: Source
Actions:
- InputArtifacts: []
ActionTypeId:
Version: '1'
Owner: AWS
Category: Source
Provider: CodeStarSourceConnection
OutputArtifacts:
- Name: SourceArtifact
RunOrder: 1
Configuration:
ConnectionArn: "arn:aws:codestar-connections:exxxxxxxxf382816da8"
FullRepositoryId: "https://github.xxxxxx/cloudformation"
BranchName: "main"
OutputArtifactFormat: "CODE_ZIP"
Name: ApplicationSource
The problem that I am dealing now is a connection permission:
User: arn:aws:iam::xxxxxx is not authorized to perform: codestar-connections:PassConnection on resource:
I have 2 CloudFormation and CodeBuild CodePipeline stages:
- Actions:
- ActionTypeId:
Category: "Deploy"
Owner: "AWS"
Provider: "CloudFormation"
Version: "1"
Configuration:
ActionMode: "CREATE_UPDATE"
Capabilities: "CAPABILITY_AUTO_EXPAND,CAPABILITY_NAMED_IAM,CAPABILITY_IAM"
RoleArn: !GetAtt CodePipelineServiceRole.Arn
StackName: !Ref CFNStackName
TemplatePath: !Sub "BuildArtifact::${ArtifactName}"
TemplateConfiguration: BuildArtifact::CFTemplateConfig.json
ParameterOverrides: !Sub '{"Env": "${Env}"}'
Name: "CloudFormation-step"
Region: !Sub ${AWS::Region}
InputArtifacts:
- Name: BuildArtifact
RunOrder: 1
Name: "Deploy"
- Actions:
- ActionTypeId:
Category: "Test"
Owner: "AWS"
Provider: "CodeBuild"
Version: "1"
Configuration:
ProjectName: !Ref CodeBuildTest
InputArtifacts:
- Name: SourceArtifact
Name: "Test"
Region: !Sub ${AWS::Region}
RunOrder:
The CloudFormation stage is creating an ALB. I would like to pass that ALB's ARN to the CodeBuild stage. How do I pass the ALB ARN to the CodeBuild buildspec.yml file?
Assuming that your CFN template returns the ALB ARN in its outputs, e.g. called AlbArn, then you can provide a namespace for it and use the namespace later to get the value.
For example (may need some further adjustments):
- Actions:
- ActionTypeId:
Category: "Deploy"
Owner: "AWS"
Provider: "CloudFormation"
Version: "1"
Configuration:
ActionMode: "CREATE_UPDATE"
Capabilities: "CAPABILITY_AUTO_EXPAND,CAPABILITY_NAMED_IAM,CAPABILITY_IAM"
RoleArn: !GetAtt CodePipelineServiceRole.Arn
StackName: !Ref CFNStackName
TemplatePath: !Sub "BuildArtifact::${ArtifactName}"
TemplateConfiguration: BuildArtifact::CFTemplateConfig.json
ParameterOverrides: !Sub '{"Env": "${Env}"}'
Name: "CloudFormation-step"
Region: !Sub ${AWS::Region}
InputArtifacts:
- Name: BuildArtifact
Namespace: CloudFromationDeployNamespace # <--- namespace
RunOrder: 1
Name: "Deploy"
- Actions:
- ActionTypeId:
Category: "Test"
Owner: "AWS"
Provider: "CodeBuild"
Version: "1"
Configuration:
ProjectName: !Ref CodeBuildTest
EnvironmentVariables: | # <- pass the AlbArn as ENV variable
{
"ALB_NAME": "#{CloudFromationDeployNamespace.AlbArn}"
}
InputArtifacts:
- Name: SourceArtifact
Name: "Test"
Region: !Sub ${AWS::Region}
RunOrder:
I currently have a "master.yaml" template that runs "service-a.yaml" and "service-b.yaml" then "service-c.yaml" which relies on outputs from service-a and service-b.
Is there a way to break this nested stack into multiple nested stacks? That way when something deep inside "service-c" fails it doesn't cause a rollback all the way up the chain? I want to kick off A+B in parallel and then C when they are finished in an automated fashion.
I could have a master.yaml which builds "service-a" and "service-b" then manually kick off "service-c" when they're done but I would like to automate this somehow?
You can create a stack with Codebuild project and Codepipeline (Basically performing CI/CD) to trigger one stack after the other and thus each stack would fail and roll back separately.
For example the cloudformation template would have a Codebuld project as follows
CodeBuildProject:
Type: AWS::CodeBuild::Project
Properties:
Artifacts:
Type: CODEPIPELINE
Environment:
ComputeType: BUILD_GENERAL1_LARGE
Image: aws/codebuild/python:3.6.5
Type: LINUX_CONTAINER
EnvironmentVariables:
- Name: bucket
Value: !Ref ArtifactStoreBucket
Type: PLAINTEXT
- Name: prefix
Value: build
Type: PLAINTEXT
Name: !Ref AWS::StackName
ServiceRole: !Ref CodeBuildRole
Source:
Type: CODEPIPELINE
BuildSpec: stack/buildspec.yaml
Tags:
- Key: owner
Value: !Ref StackOwner
- Key: task
Value: !Ref RepositoryName
In the buildspec.yaml file, you can package the cloudfromation templates as follows:
- aws cloudformation package --template-file master.yaml
--s3-bucket $bucket --s3-prefix $prefix
--output-template-file master-template.yaml
- aws cloudformation package --template-file service-a.yaml
--s3-bucket $bucket --s3-prefix $prefix
--output-template-file service-a-template.yaml
And finally, a codepipeline stage which links all together. For example in the below-provided snippet, you can have source code triggered by codecommit. So every push to the repository would build your pipeline automatically.
Pipeline:
Type: AWS::CodePipeline::Pipeline
Properties:
ArtifactStore:
Location: !Ref ArtifactStoreBucket
Type: S3
DisableInboundStageTransitions: []
Name: !Sub "${AWS::StackName}"
RoleArn: !GetAtt [PipelineRole, Arn]
Stages:
# Stage 1 - CodeUpdate Stage
- Name: CodeUpdate
Actions:
- Name: SourceCodeUpdate
ActionTypeId:
Category: Source
Owner: AWS
Version: '1'
Provider: CodeCommit
OutputArtifacts:
- Name: SourceCode
Configuration:
PollForSourceChanges: 'false'
RepositoryName: !Ref RepositoryName
BranchName: !Ref BranchName
RunOrder: '1'
# Stage 2 - Build Stage
- Name: Build
Actions:
- Name: UpdateLambda
ActionTypeId:
Category: Build
Owner: AWS
Version: '1'
Provider: CodeBuild
InputArtifacts:
- Name: SourceCode
OutputArtifacts:
- Name: BuildArtifact
Configuration:
ProjectName: !Ref 'CodeBuildProject'
RunOrder: '1'
# Stage 3 - Build master stack
- Name: MasterSetup
Actions:
- Name: CreateMasterChangeset
ActionTypeId:
Category: Deploy
Owner: AWS
Version: '1'
Provider: CloudFormation
InputArtifacts:
- Name: BuildArtifact
Configuration:
ActionMode: CHANGE_SET_REPLACE
StackName: !Sub "${AWS::StackName}-master"
ChangeSetName: !Sub "${AWS::StackName}-master-update"
RoleArn: !GetAtt [CFNRole, Arn]
TemplatePath: BuildArtifact::master-template.yaml
Capabilities: CAPABILITY_IAM
ParameterOverrides: !Sub
- |
{
"MasterStack": "${w}",
"StackOwner": "${x}",
"Task": "${y}"
}
- {
w: !Sub '${AWS::StackName}',
x: !Sub '${StackOwner}',
y: !Sub '${RepositoryName}'
}
RunOrder: '1'
- Name: ExecuteMasterChangeset
ActionTypeId:
Category: Deploy
Owner: AWS
Version: '1'
Provider: CloudFormation
Configuration:
ActionMode: CHANGE_SET_EXECUTE
StackName: !Sub "${AWS::StackName}-master"
ChangeSetName: !Sub "${AWS::StackName}-master-update"
RunOrder: '2'
# Stage 4 - Build service-a stack
- Name: ServiceASetup
Actions:
- Name: CreateServiceAChangeset
ActionTypeId:
Category: Deploy
Owner: AWS
Version: '1'
Provider: CloudFormation
InputArtifacts:
- Name: BuildArtifact
Configuration:
ActionMode: CHANGE_SET_REPLACE
StackName: !Sub "${AWS::StackName}-service-a"
ChangeSetName: !Sub "${AWS::StackName}-service-a-update"
RoleArn: !GetAtt [CFNRole, Arn]
TemplatePath: BuildArtifact::service-a-template.yaml
Capabilities: CAPABILITY_IAM
ParameterOverrides: !Sub
- |
{
"MasterStack": "${w}",
"StackOwner": "${x}",
"Task": "${y}"
}
- {
w: !Sub '${AWS::StackName}',
x: !Sub '${StackOwner}',
y: !Sub '${RepositoryName}'
}
RunOrder: '1'
- Name: ExecuteServiceAChangeset
ActionTypeId:
Category: Deploy
Owner: AWS
Version: '1'
Provider: CloudFormation
Configuration:
ActionMode: CHANGE_SET_EXECUTE
StackName: !Sub "${AWS::StackName}-service-a"
ChangeSetName: !Sub "${AWS::StackName}-service-a-update"
RunOrder: '2'
If you want to have stacks executing in parallel, you can add more than 1 stack in each stage.
Obviously you need to setup the roles and buckets yourself and this should give you basic idea how to get started.
For more information, you can read up more about codepipeline as follows:
https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-cd-pipeline.html
https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-pipeline-structure.html
I'm working off of the Cloudformation stack from this tutorial:
https://aws.amazon.com/blogs/compute/continuous-deployment-for-serverless-applications/
It creates a pipeline with a CodeCommit repository as a source. I'd like to switch this to a Github repository. Here's the code that is defining this resource:
Pipeline:
Type: AWS::CodePipeline::Pipeline
Properties:
ArtifactStore:
Location: !Ref BuildArtifactsBucket
Type: S3
Name: !Sub ${ServiceName}_pipeline
RoleArn: !GetAtt PipelineExecutionRole.Arn
Stages:
- Name: Source
Actions:
- Name: CodeCommitRepo
ActionTypeId:
Category: Source
Owner: AWS
Provider: CodeCommit
Version: 1
Configuration:
RepositoryName: !Sub '${ServiceName}_repo'
BranchName: master
OutputArtifacts:
- Name: SourceZip
RunOrder: 1
How is GitHub defined as a resource and how is the authentication handled for a private repository?
For github you need to replace provider with github for example
Pipeline:
Type: AWS::CodePipeline::Pipeline
Properties:
ArtifactStore:
Location: !Ref BuildArtifactsBucket
Type: S3
Name: !Sub ${ServiceName}_pipeline
RoleArn: !GetAtt PipelineExecutionRole.Arn
Stages:
- Name: Source
Actions:
- Name: GithubRepo
ActionTypeId:
Category: Source
Owner: ThirdParty
Provider: GitHub
Version: 1
Configuration:
"Owner": "MyGitHubAccountName",
"Repo": "MyGitHubRepositoryName",
"PollForSourceChanges": "false",
"Branch": "master",
"OAuthToken": "****"
OutputArtifacts:
- Name: SourceZip
RunOrder: 1
For more information click on
code pipeline thirdparty source provider
Here, is how to get github personal token and insert it to your code pipeline
github personal token intergration into code pipeline