Test CloudFormation Action v2.0.0-beta #2

Workflow file for this run

.github/workflows/develop.yaml at e7a75d5

	name: Test CloudFormation Action v2.0.0-beta

	on:
	workflow_dispatch:
	push:
	branches: [main]

	permissions:
	id-token: write # This is required for requesting the JWT
	contents: read # This is required for actions/checkout

	jobs:
	test-create-and-execute:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4

	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
	aws-region: us-east-1

	- name: Test with local template and JSON file
	id: deploy-file
	uses: aws-actions/aws-cloudformation-github-deploy@v2.0.0-beta
	with:
	name: test-file-${{ github.run_number }}
	template: stack.yaml
	parameter-overrides: "file:///${{ github.workspace }}/overrides.json"

	- name: Test with inline parameters
	id: deploy-inline
	uses: aws-actions/aws-cloudformation-github-deploy@v2.0.0-beta
	with:
	name: test-inline-${{ github.run_number }}
	template: stack.yaml
	parameter-overrides: "Environment=gamma,AList=value1,AList=value2"

	test-large-template:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4

	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
	aws-region: us-east-1

	- name: Test with large template (should fail with clean error message)
	id: deploy-large
	uses: aws-actions/aws-cloudformation-github-deploy@v2.0.0-beta
	with:
	name: test-large-${{ github.run_number }}
	template: large-template.yaml
	parameter-overrides: "Environment=test"
	continue-on-error: true

	- name: Verify large template error message
	run: \|
	echo "Large template test completed (expected to fail)"
	echo "This test verifies that oversized templates produce clean error messages"

	test-validation-error:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4

	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
	aws-region: us-east-1

	- name: Test template with validation error (should fail during change set creation)
	id: deploy-validation-error
	uses: aws-actions/aws-cloudformation-github-deploy@v2.0.0-beta
	with:
	name: test-validation-error-${{ github.run_number }}
	template: validation-error-template.yaml
	parameter-overrides: "Environment=test"
	continue-on-error: true

	- name: Verify validation error handling
	run: \|
	echo "Validation error test completed (expected to fail during change set creation)"
	echo "This test verifies that template validation errors produce clean error messages"

	test-execution-error:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4

	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
	aws-region: us-east-1

	- name: Test template with execution error (should fail during change set execution)
	id: deploy-execution-error
	uses: aws-actions/aws-cloudformation-github-deploy@v2.0.0-beta
	with:
	name: test-execution-error-${{ github.run_number }}
	template: execution-error-template.yaml
	parameter-overrides: "Environment=test"
	continue-on-error: true

	- name: Verify execution error handling
	run: \|
	echo "Execution error test completed (expected to fail during change set execution)"
	echo "This test verifies that execution errors produce detailed failure information"

	test-empty-changeset:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4

	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
	aws-region: us-east-1

	- name: Deploy stack first time
	id: deploy-first
	uses: aws-actions/aws-cloudformation-github-deploy@v2.0.0-beta
	with:
	name: test-empty-changeset-${{ github.run_number }}
	template: stack.yaml
	parameter-overrides: "Environment=beta,AList=value1,AList=value2"

	- name: Deploy same stack again with default behavior (should succeed on empty changeset)
	id: deploy-second-default
	uses: aws-actions/aws-cloudformation-github-deploy@v2.0.0-beta
	with:
	name: test-empty-changeset-${{ github.run_number }}
	template: stack.yaml
	parameter-overrides: "Environment=beta,AList=value1,AList=value2"

	- name: Deploy same stack again with fail-on-empty-changeset=1 (should fail on empty changeset)
	id: deploy-second-fail
	uses: aws-actions/aws-cloudformation-github-deploy@v2.0.0-beta
	with:
	name: test-empty-changeset-${{ github.run_number }}
	template: stack.yaml
	parameter-overrides: "Environment=beta,AList=value1,AList=value2"
	fail-on-empty-changeset: "1"
	continue-on-error: true

	- name: Verify empty changeset behavior
	run: \|
	echo "Empty changeset test completed"
	echo "First deployment: ${{ steps.deploy-first.outputs.stack-id }}"
	echo "Second deployment (default): ${{ steps.deploy-second-default.outputs.stack-id }}"
	echo "Third deployment (fail flag): Expected to fail"
	echo "This verifies v2 behavior: empty changesets succeed by default, fail when flag is set"

	test-create-only-then-execute:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4

	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
	aws-region: us-east-1

	- name: Create change set for review
	id: create-cs
	uses: aws-actions/aws-cloudformation-github-deploy@v2.0.0-beta
	with:
	mode: "create-only"
	name: test-two-step-${{ github.run_number }}
	template: stack.yaml
	parameter-overrides: "Environment=prod,AList=prod1,AList=prod2"

	- name: Review change set outputs
	run: \|
	echo "Change Set ID: ${{ steps.create-cs.outputs.change-set-id }}"
	echo "Has Changes: ${{ steps.create-cs.outputs.has-changes }}"
	echo "Changes Count: ${{ steps.create-cs.outputs.changes-count }}"
	echo "Changes Summary: ${{ steps.create-cs.outputs.changes-summary }}"

	- name: Execute change set
	if: steps.create-cs.outputs.has-changes == 'true'
	uses: aws-actions/aws-cloudformation-github-deploy@v2.0.0-beta
	with:
	mode: "execute-only"
	name: test-two-step-${{ github.run_number }}
	execute-change-set-id: ${{ steps.create-cs.outputs.change-set-id }}

	test-drift-detection:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4

	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
	aws-region: us-east-1

	- name: Deploy initial stack for drift testing
	uses: aws-actions/aws-cloudformation-github-deploy@v2.0.0-beta
	with:
	name: test-drift-${{ github.run_number }}
	template: drift-test.yaml
	parameter-overrides: "RunNumber=${{ github.run_number }}"

	- name: Introduce drift by manually changing parameter
	run: \|
	# Debug: Check if parameter exists
	echo "Checking if parameter exists..."
	aws ssm describe-parameters --parameter-filters "Key=Name,Values=/test/drift-${{ github.run_number }}" \|\| echo "Parameter not found"

	# Debug: List all parameters with our prefix
	echo "Listing parameters with /test/drift prefix..."
	aws ssm describe-parameters --parameter-filters "Key=Name,Option=BeginsWith,Values=/test/drift" \|\| echo "No parameters found"

	# Add a tag outside of CloudFormation to create drift
	echo "Adding tags to parameter..."
	aws ssm add-tags-to-resource \
	--resource-type Parameter \
	--resource-id /test/drift-${{ github.run_number }} \
	--tags Key=ManualTag,Value=added-outside-cfn

	# Change the parameter value to create more drift
	echo "Updating parameter value..."
	aws ssm put-parameter \
	--name /test/drift-${{ github.run_number }} \
	--value "manually-changed-value" \
	--overwrite

	- name: Create drift-reverting change set
	id: drift-cs
	uses: aws-actions/aws-cloudformation-github-deploy@v2.0.0-beta
	with:
	mode: "create-only"
	name: test-drift-${{ github.run_number }}
	template: drift-test.yaml
	parameter-overrides: "RunNumber=${{ github.run_number }}"
	deployment-mode: "REVERT_DRIFT"

	- name: Review drift change set
	run: \|
	echo "Drift Change Set ID: ${{ steps.drift-cs.outputs.change-set-id }}"
	echo "Has Changes: ${{ steps.drift-cs.outputs.has-changes }}"
	echo "Changes Count: ${{ steps.drift-cs.outputs.changes-count }}"
	echo "Changes Summary: ${{ steps.drift-cs.outputs.changes-summary }}"

	- name: Execute drift-reverting change set
	uses: aws-actions/aws-cloudformation-github-deploy@v2.0.0-beta
	with:
	mode: "execute-only"
	name: test-drift-${{ github.run_number }}
	execute-change-set-id: ${{ steps.drift-cs.outputs.change-set-id }}

	test-long-running:
	runs-on: ubuntu-latest
	timeout-minutes: 120
	steps:
	- uses: actions/checkout@v4

	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
	aws-region: us-east-1
	role-duration-seconds: 7200

	- name: Test long-running stack (70 minutes)
	uses: aws-actions/aws-cloudformation-github-deploy@v2.0.0-beta
	with:
	name: test-long-running-${{ github.run_number }}
	template: long-running-stack.yaml
	capabilities: "CAPABILITY_IAM"
	timeout-in-minutes: 90

	cleanup:
	runs-on: ubuntu-latest
	needs: [test-create-and-execute, test-large-template, test-validation-error, test-execution-error, test-create-only-then-execute, test-drift-detection, test-long-running]
	if: always()
	steps:
	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
	aws-region: us-east-1

	- name: Cleanup test stacks
	run: \|
	# Find all test stacks for this run
	stacks=$(aws cloudformation list-stacks \
	--query "StackSummaries[?contains(StackName, 'test-') && contains(StackName, '${{ github.run_number }}') && StackStatus != 'DELETE_COMPLETE'].StackName" \
	--output text)

	if [ ! -z "$stacks" ]; then
	echo "Found stacks to delete: $stacks"
	echo "$stacks" \| tr '\t' '\n' \| while read stack; do
	if [ ! -z "$stack" ]; then
	echo "Deleting stack: $stack"
	aws cloudformation delete-stack --stack-name "$stack"
	fi
	done

	# Wait for all deletions to complete
	echo "Waiting for stack deletions to complete..."
	echo "$stacks" \| tr '\t' '\n' \| while read stack; do
	if [ ! -z "$stack" ]; then
	echo "Waiting for $stack to delete..."
	aws cloudformation wait stack-delete-complete --stack-name "$stack" \|\| echo "Stack $stack deletion failed or timed out"
	fi
	done
	else
	echo "No stacks found to delete"
	fi

	- name: Cleanup SSM parameters
	run: \|
	# Clean up all test parameters for this run
	echo "Cleaning up SSM parameters..."
	aws ssm describe-parameters \
	--parameter-filters "Key=Name,Option=BeginsWith,Values=/test/" \
	--query "Parameters[?contains(Name, '${{ github.run_number }}')].Name" \
	--output text \| tr '\t' '\n' \| while read param; do
	if [ ! -z "$param" ]; then
	echo "Deleting parameter: $param"
	aws ssm delete-parameter --name "$param" \|\| echo "Parameter $param already deleted"
	fi
	done

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Test CloudFormation Action v2.0.0-beta #2

Workflow file

Test CloudFormation Action v2.0.0-beta #2

Uh oh!

Workflow file for this run