I like to implement an integration test stage as part of a CodePipeline CI/CD pipeline. Within this stage I expect to have two actions: 1) deploy the code to an integration environment using CloudFormation and 2) run a suite of integration tests against this deployment. After that the pipeline would move on to other stages like deploying to production for example.
Now assume that the integration test suite fails. How can I ensure that the deployed resources are cleaned up? All documentation and examples I've seen so far don't address this scenario.
Sub-question: Would you recommend having a long-lived integration environment that changes alongside production or would you rather create a fresh integration stack from scratch for each pipeline execution? Arguments for the former would be that you would test the actual stack update that would also be applied to the production stack and it would also be faster if your stack contains resources that take a while to create (DynamoDB tables for example). The drawback would be that in case the integration test suite fails the cleanup would need to revert the applied change set instead of just tearing down the entire stack.
