aws-deployment-framework icon indicating copy to clipboard operation
aws-deployment-framework copied to clipboard

Published 20 hours ago verified publisher icon awslabs

[Bug]: Creating/moving an account does not regenerate the pipelines

Open sbkok opened this issue 3 years ago • 0 comments

Is there an existing issue for this?

  • [X] I have searched the existing issues

Describe the bug

Important note: This bug only happens in the Release Candidate for v3.2.0. Prior releases like v3.1.2 don't face this issue.

With the recent pipeline generation fixes and tweaks to regenerate modified pipelines only, one scenario was not taken into account. If you move an account from the root of the organization to an organization unit (OU) that is configured as a target for a pipeline, it will not regenerate the pipeline. Thereby, ignoring the new account for any new executions of the pipeline.

Expected Behavior

It should have detected that an account was moved or got created; triggering the regeneration of all pipelines so that it would be included where it needs to be.

Current Behavior

Pipelines are not updated. Thereby ignoring the new account. Vice-versa, it also keeps deploying to an account that was moved out of the specific OU.

Steps To Reproduce

  1. Configure a pipeline in the deployment map to target OU A.
  2. Create a new account to be placed in OU A. Or, alternatively, move an account from the root of the organization into OU A.
  3. Wait for the Account bootstrap process to complete.
  4. Check the aws-deployment-framework-pipelines pipeline, that should have triggered.
  5. This should have uploaded the pipelines that got changed, thereby triggering the State Machines to generate the pipelines. However, uploading is skipped as the content of the pipeline definition did not change.

Possible Solution

Monitor how the aws-deployment-framework-pipelines pipeline got triggered. If that is triggered via a change in the repository, it should continue to work as is.

If that is triggered externally via a state machine for example, it should regenerate all pipelines as this likely implies that the organization structure / account data changed.

Additional Information/Context

I am working on a fix to solve this problem.

ADF Version

RC 2022-10-14 v3.2.0

sbkok avatar Oct 14 '22 12:10 sbkok