为什么CloudFormation堆栈更改包包括删除操作以删除SAM管道?
我已经创建了一个AWS SAM Hello World应用程序,并且已经使用了SAM Pipeline Init -bootstrap命令来创建用于部署的管道。我对应用程序进行了少量修改,包括添加DynamoDB并更改Lambda功能和名称,但这不应该引起此问题。
我在“ Codebuild构建日志”中看到以下内容,
CloudFormation stack changeset
-------------------------------------------------------------------------------------------------
Operation LogicalResourceId ResourceType Replacement
-------------------------------------------------------------------------------------------------
+ Add GatesDynamoDBTable AWS::DynamoDB::Table N/A
+ Add ServerlessRestApiDeplo AWS::ApiGateway::Deplo N/A
ymentd56c46fb52 yment
+ Add ServerlessRestApiProdS AWS::ApiGateway::Stage N/A
tage
+ Add ServerlessRestApi AWS::ApiGateway::RestA N/A
pi
+ Add getGatesLambdaFunction AWS::Lambda::Permissio N/A
HelloWorldPermissionPr n
od
+ Add getGatesLambdaFunction AWS::IAM::Role N/A
Role
+ Add getGatesLambdaFunction AWS::Lambda::Function N/A
- Delete CodeBuildProjectBuildA AWS::CodeBuild::Projec N/A
ndPackage t
- Delete CodeBuildProjectDeploy AWS::CodeBuild::Projec N/A
t
- Delete CodeBuildServiceRole AWS::IAM::Role N/A
- Delete CodePipelineExecutionR AWS::IAM::Role N/A
ole
- Delete CodeStarConnection AWS::CodeStarConnectio N/A
ns::Connection
- Delete PipelineArtifactsBucke AWS::S3::BucketPolicy N/A
tPolicy
- Delete PipelineArtifactsBucke AWS::S3::Bucket N/A
t
- Delete PipelineArtifactsLoggi AWS::S3::BucketPolicy N/A
ngBucketPolicy
- Delete PipelineArtifactsLoggi AWS::S3::Bucket N/A
ngBucket
- Delete PipelineStackCloudForm AWS::IAM::Role N/A
ationExecutionRole
- Delete Pipeline AWS::CodePipeline::Pip N/A
eline
-------------------------------------------------------------------------------------------------
我的项目文件夹中有2个YAML文件。
template.yaml:
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: Hello-World app
# More info about Globals: https://github.com/awslabs/serverless-application-model/blob/master/docs/globals.rst
Globals:
Function:
Timeout: 3
Resources:
getGatesLambdaFunction:
Type: AWS::Serverless::Function # More info about Function Resource: https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#awsserverlessfunction
Properties:
FunctionName: !Sub ${AWS::StackName}-getGatesLambdaFunction
CodeUri: lambda_code/
Handler: app.lambda_handler
Runtime: python3.9
Architectures:
- x86_64
Events:
HelloWorld:
Type: Api # More info about API Event Source: https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#api
Properties:
Path: /hello
Method: get
Policies:
# Give the Lambda service access to poll your DynamoDB Stream
- AmazonDynamoDBFullAccess
GatesDynamoDBTable:
Type: AWS::DynamoDB::Table
Properties:
TableName: !Sub ${AWS::StackName}-Gates
AttributeDefinitions:
- AttributeName: gateId
AttributeType: S
KeySchema:
- AttributeName: gateId
KeyType: HASH
ProvisionedThroughput:
ReadCapacityUnits: 5
WriteCapacityUnits: 5
Outputs:
# ServerlessRestApi is an implicit API created out of Events key under Serverless::Function
# Find out more about other implicit resources you can reference within SAM
# https://github.com/awslabs/serverless-application-model/blob/master/docs/internals/generated_resources.rst#api
HelloWorldApi:
Description: "API Gateway endpoint URL for Prod stage for Hello World function"
Value: !Sub "https://${ServerlessRestApi}.execute-api.${AWS::Region}.amazonaws.com/Prod/hello/"
getGatesLambdaFunction:
Description: "Hello World Lambda Function ARN"
Value: !GetAtt getGatesLambdaFunction.Arn
getGatesLambdaFunctionIamRole:
Description: "Implicit IAM Role created for Hello World function"
Value: !GetAtt getGatesLambdaFunctionRole.Arn
和codepipeline.yaml,该是由sam Pipeline Init -bootstrap命令生成的。
我的问题是 - 为什么这些删除操作删除管道部署阶段中包含的管道?
template.yaml也不是codepipeline.yaml包含这些类型的操作,我不明白为什么管道在执行实际应用程序的部署时会尝试删除自身。这可能是一个问题,因为有一个堆栈包含管道和应用程序?因此,在部署应用程序时,它会注意到它部署的模板中未包含的所有其他这些内容(管道),因此认为应该删除它们?但是,如果是这样,SAM管道默认值严重错误配置...
I've created an AWS SAM Hello World application, and have used the sam pipeline init --bootstrap command to create a pipeline for deployment. I've made minor modifications to the application including adding dynamoDB and changing the lambda function and name, but that shouldn't be causing this issue.
I'm seeing the following in the CodeBuild build logs
CloudFormation stack changeset
-------------------------------------------------------------------------------------------------
Operation LogicalResourceId ResourceType Replacement
-------------------------------------------------------------------------------------------------
+ Add GatesDynamoDBTable AWS::DynamoDB::Table N/A
+ Add ServerlessRestApiDeplo AWS::ApiGateway::Deplo N/A
ymentd56c46fb52 yment
+ Add ServerlessRestApiProdS AWS::ApiGateway::Stage N/A
tage
+ Add ServerlessRestApi AWS::ApiGateway::RestA N/A
pi
+ Add getGatesLambdaFunction AWS::Lambda::Permissio N/A
HelloWorldPermissionPr n
od
+ Add getGatesLambdaFunction AWS::IAM::Role N/A
Role
+ Add getGatesLambdaFunction AWS::Lambda::Function N/A
- Delete CodeBuildProjectBuildA AWS::CodeBuild::Projec N/A
ndPackage t
- Delete CodeBuildProjectDeploy AWS::CodeBuild::Projec N/A
t
- Delete CodeBuildServiceRole AWS::IAM::Role N/A
- Delete CodePipelineExecutionR AWS::IAM::Role N/A
ole
- Delete CodeStarConnection AWS::CodeStarConnectio N/A
ns::Connection
- Delete PipelineArtifactsBucke AWS::S3::BucketPolicy N/A
tPolicy
- Delete PipelineArtifactsBucke AWS::S3::Bucket N/A
t
- Delete PipelineArtifactsLoggi AWS::S3::BucketPolicy N/A
ngBucketPolicy
- Delete PipelineArtifactsLoggi AWS::S3::Bucket N/A
ngBucket
- Delete PipelineStackCloudForm AWS::IAM::Role N/A
ationExecutionRole
- Delete Pipeline AWS::CodePipeline::Pip N/A
eline
-------------------------------------------------------------------------------------------------
I have 2 yaml files in my project folder.
template.yaml:
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: Hello-World app
# More info about Globals: https://github.com/awslabs/serverless-application-model/blob/master/docs/globals.rst
Globals:
Function:
Timeout: 3
Resources:
getGatesLambdaFunction:
Type: AWS::Serverless::Function # More info about Function Resource: https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#awsserverlessfunction
Properties:
FunctionName: !Sub ${AWS::StackName}-getGatesLambdaFunction
CodeUri: lambda_code/
Handler: app.lambda_handler
Runtime: python3.9
Architectures:
- x86_64
Events:
HelloWorld:
Type: Api # More info about API Event Source: https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#api
Properties:
Path: /hello
Method: get
Policies:
# Give the Lambda service access to poll your DynamoDB Stream
- AmazonDynamoDBFullAccess
GatesDynamoDBTable:
Type: AWS::DynamoDB::Table
Properties:
TableName: !Sub ${AWS::StackName}-Gates
AttributeDefinitions:
- AttributeName: gateId
AttributeType: S
KeySchema:
- AttributeName: gateId
KeyType: HASH
ProvisionedThroughput:
ReadCapacityUnits: 5
WriteCapacityUnits: 5
Outputs:
# ServerlessRestApi is an implicit API created out of Events key under Serverless::Function
# Find out more about other implicit resources you can reference within SAM
# https://github.com/awslabs/serverless-application-model/blob/master/docs/internals/generated_resources.rst#api
HelloWorldApi:
Description: "API Gateway endpoint URL for Prod stage for Hello World function"
Value: !Sub "https://${ServerlessRestApi}.execute-api.${AWS::Region}.amazonaws.com/Prod/hello/"
getGatesLambdaFunction:
Description: "Hello World Lambda Function ARN"
Value: !GetAtt getGatesLambdaFunction.Arn
getGatesLambdaFunctionIamRole:
Description: "Implicit IAM Role created for Hello World function"
Value: !GetAtt getGatesLambdaFunctionRole.Arn
and codepipeline.yaml, which was generated by the sam pipeline init --bootstrap command.
My question is- why are these delete operations to delete the pipeline included in the deployment stage of the pipeline?
Neither template.yaml nor codepipeline.yaml contain these types of operations and I don't understand why the pipeline would try to delete itself while executing the deployment of the actual application. Could this be an issue because there is one stack that contains both the pipeline and the application? So that when the application is being deployed, it notices all these other things (the pipeline) that aren't included in the template it's deploying, so thinks they should be deleted? But if that's the case, the sam pipeline defaults are badly misconfigured...
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我也花了很多时间来弄清楚如何解决这个问题。
您在管道引导期间通知的堆栈名称必须与“sam deploy”命令使用的堆栈名称不同。
例如:
在管道引导期间
管道引导完成之后
sam deploy 命令
请记住,您可以在“samconfig.toml”中指定堆栈名称
希望这会有所帮助
I also spent a lot of time to figure out how to solve this issue.
The name of the stack, that you inform during pipeline bootstrap, must be different than the stack name used by "sam deploy" command.
For example:
During pipeline bootstrap
After the pipeline bootstrap finishes
The sam deploy command
Remember that you can specify the stack name in the "samconfig.toml"
Hope this helps