aws-toolkit-azure-devops
aws-toolkit-azure-devops copied to clipboard
Published
20 hours ago •
aws
aws
AWS CloudFormation Execute Change Set
This task fails if the change set that is being executed has no changes. There should be an option to not fail in this case just as there is in the Create Update Changeset Task.
I have this same error nearly three years later. I have a pipeline with two stages: one to build a change set for a stack, and one to deploy the change set. The build stage will succeed, even though it produces a change set with no changes. The deploy stage fails, however, since it cannot execute a change set in a failed state (which is what it would be if there are no changes to perform).
Here's the relevant parts of my pipeline:
trigger:
- master
pool:
vmImage: ubuntu-latest
stages:
- stage: build
displayName: 'Build Changesets'
jobs:
- job: CI_Build
displayName: 'Build Changesets'
steps:
- task: CloudFormationCreateOrUpdateStack@1
displayName: 'Build Network stack changeset'
inputs:
awsCredentials: 'AWS CI/CD Admin'
regionName: 'us-east-1'
stackName: 'network'
templateSource: 'file'
templateFile: 'templates/network.yml'
useChangeSet: true
changeSetName: 'network-changeset'
autoExecuteChangeSet: false
capabilityNamedIAM: true
warnWhenNoWorkNeeded: true
- stage: deploy
displayName: 'Deploy Changesets'
jobs:
- deployment: deployChangesets
displayName: 'Deploy Changesets'
environment: production
strategy:
runOnce:
deploy:
steps:
- task: CloudFormationExecuteChangeSet@1
displayName: 'Deploy Network stack changes'
inputs:
awsCredentials: 'AWS CI/CD Admin'
regionName: 'us-east-1'
changeSetName: 'network-changeset'
stackName: 'network'
The build step produced this change set (retrieved using aws cloudformation describe-change-set):
{
"Changes": [],
"ChangeSetName": "network-changeset",
"ChangeSetId": "arn:aws:cloudformation:us-east-1:XXXXXXXXXXX:changeSet/network-changeset/40681ac8-e867-4639-9e12-13ff536dc6f1",
"StackId": "arn:aws:cloudformation:us-east-1:XXXXXXXXXXX:stack/network/XXXXXXXXXXX",
"StackName": "network",
"Description": null,
"Parameters": [
{
"ParameterKey": "PublicSubnetAvailabilityZoneParameter",
"ParameterValue": "us-east-1a"
},
{
"ParameterKey": "AppSubnetAvailabilityZoneParameter2",
"ParameterValue": "us-east-1b"
},
{
"ParameterKey": "AppSubnetAvailabilityZoneParameter1",
"ParameterValue": "us-east-1a"
}
],
"CreationTime": "2021-11-12T04:22:39.025000+00:00",
"ExecutionStatus": "UNAVAILABLE",
"Status": "FAILED",
"StatusReason": "The submitted information didn't contain changes. Submit different information to create a change set.",
"NotificationARNs": [],
"RollbackConfiguration": {},
"Capabilities": [
"CAPABILITY_NAMED_IAM"
],
"Tags": null,
"ParentChangeSetId": null,
"IncludeNestedStacks": false,
"RootChangeSetId": null
}
And finally, here's the pipeline output for the Deploy Network stack changes step:
2021-11-12T04:24:14.1526464Z ##[section]Starting: Deploy Network stack changes
2021-11-12T04:24:14.1818348Z ==============================================================================
2021-11-12T04:24:14.1819239Z Task : AWS CloudFormation Execute Change Set
2021-11-12T04:24:14.1819881Z Description : Executes a change set to create or update a stack.
2021-11-12T04:24:14.1820252Z Version : 1.11.0
2021-11-12T04:24:14.1820778Z Author : Amazon Web Services
2021-11-12T04:24:14.1823693Z Help : Please refer to [AWS CloudFormation User Guide](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/) for more information on working with AWS CloudFormation.
More information on this task can be found in the [task reference](https://docs.aws.amazon.com/vsts/latest/userguide/cloudformation-execute-changeset.html).
####Task Permissions
This task requires permissions to call the following AWS service APIs (depending on selected task options, not all APIs may be used):
* cloudformation:DescribeStacks
* cloudformation:DescribeChangeSet
* cloudformation:DescribeStackResources
* cloudformation:ExecuteChangeSet
2021-11-12T04:24:14.1825381Z ==============================================================================
2021-11-12T04:24:15.0657444Z Configuring credentials for task
2021-11-12T04:24:15.0659121Z ...configuring AWS credentials from service endpoint '1ceb425b-70d2-43df-b248-da2eb6957310'
2021-11-12T04:24:15.0659595Z ...endpoint defines standard access/secret key credentials
2021-11-12T04:24:15.0659958Z Configuring region for task
2021-11-12T04:24:15.0660949Z ...configured to use region us-east-1, defined in task.
2021-11-12T04:24:15.9992510Z Executing change set network-changeset, associated with stack network
2021-11-12T04:24:16.3698910Z Request to execute change set failed with message: ChangeSet [arn:aws:cloudformation:us-east-1:XXXXXXXXXXX:stack/network/XXXXXXXXXXX] cannot be executed in its current status of [FAILED] { InvalidChangeSetStatus: ChangeSet [arn:aws:cloudformation:us-east-1:XXXXXXXXXXX:stack/network/XXXXXXXXXXX] cannot be executed in its current status of [FAILED]
2021-11-12T04:24:16.3703577Z at constructor.fae (/home/vsts/work/_tasks/CloudFormationExecuteChangeSet_019b0650-1f0e-4376-ad37-1498abef311e/1.11.0/CloudFormationExecuteChangeSet.js:16:57012)
2021-11-12T04:24:16.3705951Z at constructor.callListeners (/home/vsts/work/_tasks/CloudFormationExecuteChangeSet_019b0650-1f0e-4376-ad37-1498abef311e/1.11.0/CloudFormationExecuteChangeSet.js:16:85841)
2021-11-12T04:24:16.3707858Z at constructor.emit (/home/vsts/work/_tasks/CloudFormationExecuteChangeSet_019b0650-1f0e-4376-ad37-1498abef311e/1.11.0/CloudFormationExecuteChangeSet.js:16:85549)
2021-11-12T04:24:16.3732252Z at constructor.emitEvent (/home/vsts/work/_tasks/CloudFormationExecuteChangeSet_019b0650-1f0e-4376-ad37-1498abef311e/1.11.0/CloudFormationExecuteChangeSet.js:17:28228)
2021-11-12T04:24:16.3736142Z at constructor.t (/home/vsts/work/_tasks/CloudFormationExecuteChangeSet_019b0650-1f0e-4376-ad37-1498abef311e/1.11.0/CloudFormationExecuteChangeSet.js:17:23784)
2021-11-12T04:24:16.3738638Z at _d.runTo (/home/vsts/work/_tasks/CloudFormationExecuteChangeSet_019b0650-1f0e-4376-ad37-1498abef311e/1.11.0/CloudFormationExecuteChangeSet.js:17:1153)
2021-11-12T04:24:16.3740604Z at /home/vsts/work/_tasks/CloudFormationExecuteChangeSet_019b0650-1f0e-4376-ad37-1498abef311e/1.11.0/CloudFormationExecuteChangeSet.js:17:1365
2021-11-12T04:24:16.3742748Z at constructor.<anonymous> (/home/vsts/work/_tasks/CloudFormationExecuteChangeSet_019b0650-1f0e-4376-ad37-1498abef311e/1.11.0/CloudFormationExecuteChangeSet.js:17:23999)
2021-11-12T04:24:16.3744677Z at constructor.<anonymous> (/home/vsts/work/_tasks/CloudFormationExecuteChangeSet_019b0650-1f0e-4376-ad37-1498abef311e/1.11.0/CloudFormationExecuteChangeSet.js:17:28283)
2021-11-12T04:24:16.3746475Z at constructor.callListeners (/home/vsts/work/_tasks/CloudFormationExecuteChangeSet_019b0650-1f0e-4376-ad37-1498abef311e/1.11.0/CloudFormationExecuteChangeSet.js:16:85946)
2021-11-12T04:24:16.3751832Z message: 'ChangeSet [arn:aws:cloudformation:us-east-1:XXXXXXXXXXX:stack/network/XXXXXXXXXXX] cannot be executed in its current status of [FAILED]',
2021-11-12T04:24:16.3771855Z code: 'InvalidChangeSetStatus',
2021-11-12T04:24:16.3773292Z time: 2021-11-12T04:24:16.364Z,
2021-11-12T04:24:16.3774450Z requestId: '44a70198-b584-4396-a568-385519a92600',
2021-11-12T04:24:16.3775164Z statusCode: 400,
2021-11-12T04:24:16.3775756Z retryable: false,
2021-11-12T04:24:16.3776406Z retryDelay: 29.950047831303618 }
2021-11-12T04:24:16.3864514Z ##[error]InvalidChangeSetStatus: ChangeSet [arn:aws:cloudformation:us-east-1:XXXXXXXXXXX:stack/network/XXXXXXXXXXX] cannot be executed in its current status of [FAILED]
2021-11-12T04:24:16.3928900Z ##[section]Finishing: Deploy Network stack changes
In my opinion, the AWS CloudFormation Execute Change Set task should execute a describe-change-set CLI command on the given change set to see if any changes are required. If the Status = FAILED and StatusReason = The submitted information didn't contain changes. Submit different information to create a change set., then the task should NOT attempt to execute the change set.
