Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Propagate AWS CodePipeline action roles #14263

Merged
merged 3 commits into from
May 16, 2017
Merged

Propagate AWS CodePipeline action roles #14263

merged 3 commits into from
May 16, 2017

Conversation

celkins
Copy link
Contributor

@celkins celkins commented May 6, 2017

CodePipeline stage actions can optionally specify an IAM execution role. The provider nominally supports them, but they don't seem to be getting passed to/from AWS.

(Please forgive any non-idiomatic Go syntax. It is not in my wheelhouse.)

@AKoetsier
Copy link
Contributor

Lgtm

@stack72
Copy link
Contributor

stack72 commented May 15, 2017

Hi @celkins

Thanks for the work here - unfortunately, the tests are not passing here

% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSCodePipeline_'                ✭
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/05/15 20:26:44 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSCodePipeline_ -timeout 120m
=== RUN   TestAccAWSCodePipeline_Import_basic
--- PASS: TestAccAWSCodePipeline_Import_basic (61.53s)
=== RUN   TestAccAWSCodePipeline_basic
--- FAIL: TestAccAWSCodePipeline_basic (132.41s)
	testing.go:280: Step 2 error: Error applying: 1 error(s) occurred:

		* aws_codepipeline.bar: 1 error(s) occurred:

		* aws_codepipeline.bar: [ERROR] Error updating CodePipeline (test-pipeline-7d1uqbctvv): InvalidStructureException: Pipeline role arn:aws:iam::187416307283:role/codepipeline-role-7d1uqbctvv is not authorized to perform AssumeRole on action role arn:aws:iam::187416307283:role/codepipeline-action-role-7d1uqbctvv
			status code: 400, request id: 26ed7a2a-3994-11e7-a815-b94990c823c6
FAIL
exit status 1
FAIL	github.com/hashicorp/terraform/builtin/providers/aws	193.964s
make: *** [testacc] Error 1

Any chance you could take a look?

Thanks

Paul

@AKoetsier
Copy link
Contributor

@celkins maybe the policy aws_iam_role_policy.codepipeline_policy did not get applied before creating the pipeline itself? You could try to make the pipeline also depend on the policy.

@celkins
Copy link
Contributor Author

celkins commented May 15, 2017

@stack72 That was an unintended side-effect of commenting out some code to make the acceptance test run faster. I'll update the branch to fix it.

@stack72
Copy link
Contributor

stack72 commented May 16, 2017

Excellent! Thanks for fixing this up @celkins :) LGTM!

% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSCodePipeline_'                ✭
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/05/16 11:50:15 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSCodePipeline_ -timeout 120m
=== RUN   TestAccAWSCodePipeline_Import_basic
--- PASS: TestAccAWSCodePipeline_Import_basic (60.21s)
=== RUN   TestAccAWSCodePipeline_basic
--- PASS: TestAccAWSCodePipeline_basic (100.31s)
=== RUN   TestAccAWSCodePipeline_deployWithServiceRole
--- PASS: TestAccAWSCodePipeline_deployWithServiceRole (78.56s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	239.110s

@stack72 stack72 merged commit e1c4194 into hashicorp:master May 16, 2017
@celkins celkins deleted the codepipeline-action-roles branch June 16, 2017 07:40
@ghost
Copy link

ghost commented Apr 8, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@ghost ghost locked and limited conversation to collaborators Apr 8, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants