Skip to content
Test CloudFormation Action v2.0.0-beta

Fixes #20

Sign in to view logs

Fixes

Fixes #20

Workflow file for this run

.github/workflows/develop.yaml at 052d850
name: Test CloudFormation Action v2.0.0-beta
on:
workflow_dispatch:
push:
branches: [main]
permissions:
id-token: write # This is required for requesting the JWT
contents: read # This is required for actions/checkout
jobs:
test-create-and-execute:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
aws-region: us-east-1
- name: Test with local template and JSON file
id: deploy-file
uses: aws-actions/aws-cloudformation-github-deploy@develop
with:
name: test-file-${{ github.run_number }}
template: stack.yaml
parameter-overrides: "file:///${{ github.workspace }}/overrides.json"
- name: Test with inline parameters
id: deploy-inline
uses: aws-actions/aws-cloudformation-github-deploy@develop
with:
name: test-inline-${{ github.run_number }}
template: stack.yaml
parameter-overrides: "Environment=gamma,AList=value1,AList=value2"
test-large-template:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
aws-region: us-east-1
- name: Test with large template (should fail with clean error message)
id: deploy-large
uses: aws-actions/aws-cloudformation-github-deploy@develop
with:
name: test-large-${{ github.run_number }}
template: large-template.yaml
parameter-overrides: "Environment=test"
continue-on-error: true
- name: Verify large template error message
run: |
echo "Large template test completed (expected to fail)"
echo "This test verifies that oversized templates produce clean error messages"
test-validation-error:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
aws-region: us-east-1
- name: Test template with validation error (should fail during change set creation)
id: deploy-validation-error
uses: aws-actions/aws-cloudformation-github-deploy@develop
with:
name: test-validation-error-${{ github.run_number }}
template: validation-error-template.yaml
parameter-overrides: "Environment=test"
continue-on-error: true
- name: Verify validation error handling
run: |
echo "Validation error test completed (expected to fail during change set creation)"
echo "This test verifies that template validation errors produce clean error messages"
test-execution-error:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
aws-region: us-east-1
- name: Test template with execution error (should fail during change set execution)
id: deploy-execution-error
uses: aws-actions/aws-cloudformation-github-deploy@develop
with:
name: test-execution-error-${{ github.run_number }}
template: execution-error-template.yaml
parameter-overrides: "Environment=test"
continue-on-error: true
- name: Verify execution error handling
run: |
echo "Execution error test completed (expected to fail during change set execution)"
echo "This test verifies that execution errors produce detailed failure information"
test-empty-changeset:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
aws-region: us-east-1
- name: Deploy stack first time
id: deploy-first
uses: aws-actions/aws-cloudformation-github-deploy@develop
with:
name: test-empty-changeset-${{ github.run_number }}
template: stack.yaml
parameter-overrides: "Environment=beta,AList=value1,AList=value2"
- name: Deploy same stack again with default behavior (should succeed on empty changeset)
id: deploy-second-default
uses: aws-actions/aws-cloudformation-github-deploy@develop
with:
name: test-empty-changeset-${{ github.run_number }}
template: stack.yaml
parameter-overrides: "Environment=beta,AList=value1,AList=value2"
- name: Deploy same stack again with fail-on-empty-changeset=1 (should fail on empty changeset)
id: deploy-second-fail
uses: aws-actions/aws-cloudformation-github-deploy@develop
with:
name: test-empty-changeset-${{ github.run_number }}
template: stack.yaml
parameter-overrides: "Environment=beta,AList=value1,AList=value2"
fail-on-empty-changeset: "1"
continue-on-error: true
- name: Verify empty changeset behavior
run: |
echo "Empty changeset test completed"
echo "First deployment: ${{ steps.deploy-first.outputs.stack-id }}"
echo "Second deployment (default): ${{ steps.deploy-second-default.outputs.stack-id }}"
echo "Third deployment (fail flag): Expected to fail"
echo "This verifies v2 behavior: empty changesets succeed by default, fail when flag is set"
test-create-only-then-execute:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
aws-region: us-east-1
- name: Create change set for review
id: create-cs
uses: aws-actions/aws-cloudformation-github-deploy@develop
with:
mode: "create-only"
name: test-two-step-${{ github.run_number }}
template: stack.yaml
parameter-overrides: "Environment=prod,AList=prod1,AList=prod2"
- name: Review change set outputs
run: |
echo "Change Set ID: ${{ steps.create-cs.outputs.change-set-id }}"
echo "Has Changes: ${{ steps.create-cs.outputs.has-changes }}"
echo "Changes Count: ${{ steps.create-cs.outputs.changes-count }}"
echo "Changes Summary: ${{ steps.create-cs.outputs.changes-summary }}"
- name: Execute change set
if: steps.create-cs.outputs.has-changes == 'true'
uses: aws-actions/aws-cloudformation-github-deploy@develop
with:
mode: "execute-only"
name: test-two-step-${{ github.run_number }}
execute-change-set-id: ${{ steps.create-cs.outputs.change-set-id }}
test-drift-detection:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
aws-region: us-east-1
- name: Deploy initial stack for drift testing
uses: aws-actions/aws-cloudformation-github-deploy@develop
with:
name: test-drift-${{ github.run_number }}
template: drift-test.yaml
parameter-overrides: "RunNumber=${{ github.run_number }}"
- name: Introduce drift by manually changing parameter
run: |
# Debug: Check if parameter exists
echo "Checking if parameter exists..."
aws ssm describe-parameters --parameter-filters "Key=Name,Values=/test/drift-${{ github.run_number }}" || echo "Parameter not found"
# Debug: List all parameters with our prefix
echo "Listing parameters with /test/drift prefix..."
aws ssm describe-parameters --parameter-filters "Key=Name,Option=BeginsWith,Values=/test/drift" || echo "No parameters found"
# Add a tag outside of CloudFormation to create drift
echo "Adding tags to parameter..."
aws ssm add-tags-to-resource \
--resource-type Parameter \
--resource-id /test/drift-${{ github.run_number }} \
--tags Key=ManualTag,Value=added-outside-cfn
# Change the parameter value to create more drift
echo "Updating parameter value..."
aws ssm put-parameter \
--name /test/drift-${{ github.run_number }} \
--value "manually-changed-value" \
--overwrite
- name: Create drift-reverting change set
id: drift-cs
uses: aws-actions/aws-cloudformation-github-deploy@develop
with:
mode: "create-only"
name: test-drift-${{ github.run_number }}
template: drift-test.yaml
parameter-overrides: "RunNumber=${{ github.run_number }}"
deployment-mode: "REVERT_DRIFT"
- name: Review drift change set
run: |
echo "Drift Change Set ID: ${{ steps.drift-cs.outputs.change-set-id }}"
echo "Has Changes: ${{ steps.drift-cs.outputs.has-changes }}"
echo "Changes Count: ${{ steps.drift-cs.outputs.changes-count }}"
echo "Changes Summary: ${{ steps.drift-cs.outputs.changes-summary }}"
- name: Execute drift-reverting change set
uses: aws-actions/aws-cloudformation-github-deploy@develop
with:
mode: "execute-only"
name: test-drift-${{ github.run_number }}
execute-change-set-id: ${{ steps.drift-cs.outputs.change-set-id }}
test-long-running:
runs-on: ubuntu-latest
timeout-minutes: 120
steps:
- uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
aws-region: us-east-1
role-duration-seconds: 7200
- name: Test long-running stack (70 minutes)
uses: aws-actions/aws-cloudformation-github-deploy@develop
with:
name: test-long-running-${{ github.run_number }}
template: long-running-stack.yaml
capabilities: "CAPABILITY_IAM"
timeout-in-minutes: 90
test-changeset-formatting:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
aws-region: us-east-1
- name: Create stack with multiple resource types for formatting test
uses: aws-actions/aws-cloudformation-github-deploy@develop
with:
name: test-formatting-${{ github.run_number }}
template: formatting-test-template.yaml
parameter-overrides: "Environment=test,BucketPrefix=format-test"
capabilities: "CAPABILITY_NAMED_IAM"
- name: Update stack to generate diverse change set
id: update-stack
uses: aws-actions/aws-cloudformation-github-deploy@develop
with:
name: test-formatting-${{ github.run_number }}
template: formatting-test-template-updated.yaml
parameter-overrides: "Environment=prod,BucketPrefix=format-updated"
capabilities: "CAPABILITY_NAMED_IAM"
- name: Verify change set outputs
run: |
echo "Changes Count: ${{ steps.update-stack.outputs.changes-count }}"
echo "Has Changes: ${{ steps.update-stack.outputs.has-changes }}"
echo '${{ steps.update-stack.outputs.changes-summary }}' | jq .
test-markdown-output:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
aws-region: us-east-1
- name: Create initial stack for markdown testing
uses: aws-actions/aws-cloudformation-github-deploy@develop
with:
name: test-markdown-${{ github.run_number }}
template: markdown-test-template.yaml
parameter-overrides: "Environment=test"
- name: Update stack to generate markdown output
id: create-markdown-cs
uses: aws-actions/aws-cloudformation-github-deploy@develop
with:
mode: "create-only"
name: test-markdown-${{ github.run_number }}
template: markdown-test-template-updated.yaml
parameter-overrides: "Environment=test"
no-execute-changeset: true
- name: Verify markdown output format
run: |
echo "Markdown Output:"
echo '${{ steps.create-markdown-cs.outputs.changes-markdown }}'
if [[ '${{ steps.create-markdown-cs.outputs.changes-markdown }}' == *"## πŸ“‹ CloudFormation Change Set"* ]]; then
echo "βœ… Markdown header found"
else
echo "❌ Markdown header missing"
exit 1
fi
if [[ '${{ steps.create-markdown-cs.outputs.changes-markdown }}' == *"<details>"* ]]; then
echo "βœ… Collapsible sections found"
else
echo "❌ Collapsible sections missing"
exit 1
fi
test-event-streaming:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
aws-region: us-east-1
- name: Deploy stack with event streaming
id: deploy-with-events
uses: aws-actions/aws-cloudformation-github-deploy@develop
with:
name: test-events-${{ github.run_number }}
template: event-streaming-test.yaml
parameter-overrides: "Environment=test,DelaySeconds=30"
capabilities: "CAPABILITY_IAM"
- name: Verify deployment completed
run: |
echo "Stack ID: ${{ steps.deploy-with-events.outputs.stack-id }}"
aws cloudformation describe-stacks --stack-name test-events-${{ github.run_number }}
test-boolean-inputs:
runs-on: ubuntu-latest
strategy:
matrix:
test-case:
- name: "string-true"
fail-on-empty: "true"
no-execute: "false"
disable-rollback: "1"
- name: "boolean-true"
fail-on-empty: true
no-execute: false
disable-rollback: true
- name: "boolean-false"
fail-on-empty: false
no-execute: true
disable-rollback: false
steps:
- uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
aws-region: us-east-1
- name: Test boolean input parsing - ${{ matrix.test-case.name }}
id: test-boolean
uses: aws-actions/aws-cloudformation-github-deploy@develop
with:
name: test-bool-${{ matrix.test-case.name }}-${{ github.run_number }}
template: stack.yaml
parameter-overrides: "Environment=beta"
fail-on-empty-changeset: ${{ matrix.test-case.fail-on-empty }}
no-execute-changeset: ${{ matrix.test-case.no-execute }}
disable-rollback: ${{ matrix.test-case.disable-rollback }}
continue-on-error: true
- name: Verify boolean handling
run: |
echo "Test case: ${{ matrix.test-case.name }}"
echo "Boolean inputs processed successfully"
test-enhanced-validation-errors:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
aws-region: us-east-1
- name: Test multiple validation errors
id: validation-test
uses: aws-actions/aws-cloudformation-github-deploy@develop
with:
name: test-validation-enhanced-${{ github.run_number }}
template: multiple-validation-errors.yaml
parameter-overrides: "Environment=test"
continue-on-error: true
- name: Verify detailed error information
run: |
echo "Validation test completed (expected to fail)"
echo "Enhanced error reporting should provide detailed validation failure information"
test-stack-id-retrieval:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
aws-region: us-east-1
- name: Test stack creation with ID retrieval
id: create-stack
uses: aws-actions/aws-cloudformation-github-deploy@develop
with:
name: test-stack-id-${{ github.run_number }}
template: stack.yaml
parameter-overrides: "Environment=beta"
- name: Verify stack ID retrieval
run: |
STACK_ID="${{ steps.create-stack.outputs.stack-id }}"
echo "Stack ID: $STACK_ID"
echo "Deployment outcome: ${{ steps.create-stack.outcome }}"
# Should get either ARN or stack name for successful deployment
if [[ $STACK_ID == arn:aws:cloudformation:* ]]; then
echo "βœ… Got stack ARN: $STACK_ID"
elif [[ "$STACK_ID" == "test-stack-id-${{ github.run_number }}" ]]; then
echo "βœ… Got stack name: $STACK_ID"
else
echo "❌ Unexpected stack ID: $STACK_ID (expected ARN or stack name)"
exit 1
fi
# Verify we can access the stack
aws cloudformation describe-stacks --stack-name "$STACK_ID"
echo "βœ… Stack is accessible"
test-execute-only-with-events:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
aws-region: us-east-1
- name: Create change set
id: create-cs
uses: aws-actions/aws-cloudformation-github-deploy@develop
with:
mode: "create-only"
name: test-execute-events-${{ github.run_number }}
template: event-streaming-test.yaml
parameter-overrides: "Environment=test,DelaySeconds=20"
capabilities: "CAPABILITY_IAM"
- name: Execute change set with event streaming
id: execute-cs
uses: aws-actions/aws-cloudformation-github-deploy@develop
with:
mode: "execute-only"
name: test-execute-events-${{ github.run_number }}
execute-change-set-id: ${{ steps.create-cs.outputs.change-set-id }}
- name: Verify execution with events
run: |
echo "Execution completed with stack ID: ${{ steps.execute-cs.outputs.stack-id }}"
aws cloudformation describe-stacks \
--stack-name test-execute-events-${{ github.run_number }} \
--query 'Stacks[0].StackStatus' \
--output text
cleanup:
runs-on: ubuntu-latest
needs: [test-create-and-execute, test-large-template, test-validation-error, test-execution-error, test-create-only-then-execute, test-drift-detection, test-long-running, test-changeset-formatting, test-markdown-output, test-event-streaming, test-boolean-inputs, test-enhanced-validation-errors, test-stack-id-retrieval, test-execute-only-with-events]
if: always()
steps:
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
aws-region: us-east-1
- name: Cleanup test stacks
run: |
# Find all test stacks for this run
stacks=$(aws cloudformation list-stacks \
--query "StackSummaries[?contains(StackName, 'test-') && contains(StackName, '${{ github.run_number }}') && StackStatus != 'DELETE_COMPLETE'].StackName" \
--output text)
if [ ! -z "$stacks" ]; then
echo "Found stacks to delete: $stacks"
echo "$stacks" | tr '\t' '\n' | while read stack; do
if [ ! -z "$stack" ]; then
echo "Deleting stack: $stack"
aws cloudformation delete-stack --stack-name "$stack"
fi
done
# Wait for all deletions to complete
echo "Waiting for stack deletions to complete..."
echo "$stacks" | tr '\t' '\n' | while read stack; do
if [ ! -z "$stack" ]; then
echo "Waiting for $stack to delete..."
aws cloudformation wait stack-delete-complete --stack-name "$stack" || echo "Stack $stack deletion failed or timed out"
fi
done
else
echo "No stacks found to delete"
fi
- name: Cleanup SSM parameters
run: |
# Clean up all test parameters for this run
echo "Cleaning up SSM parameters..."
aws ssm describe-parameters \
--parameter-filters "Key=Name,Option=BeginsWith,Values=/test/" \
--query "Parameters[?contains(Name, '${{ github.run_number }}')].Name" \
--output text | tr '\t' '\n' | while read param; do
if [ ! -z "$param" ]; then
echo "Deleting parameter: $param"
aws ssm delete-parameter --name "$param" || echo "Parameter $param already deleted"
fi
done