[Bug] - RunOrder is not respected

0

Hi AWS,

I believe I have found a bug in regards to the runOrder parameter for CodePipeline actions not being respected if they are defined out of order in the template.

Example of it not respecting runOrder definitions;

        - Name: StageName
          Actions:
            - Name: "Task2"
              InputArtifacts:
                - Name: GitBundle
              ActionTypeId:
                Category: Build
                Owner: AWS
                Version: 1
                Provider: CodeBuild
              Configuration:
                ProjectName: !Ref Task2Project
              RunOrder: 2
            - Name: "Task1"
              InputArtifacts:
                - Name: GitBundle
              ActionTypeId:
                Category: Build
                Owner: AWS
                Version: 1
                Provider: CodeBuild
              Configuration:
                ProjectName: !Ref Task1Project
              RunOrder: 1

In the above actions example, both actions will execute in parallel as it appears while the runOrder parameter is respected visually in the CodePipeline Console, if the higher runOrder action is defined BEFORE the lower runOrder action CodePipeline will still execute both in parallel.

To rectify this, if your initial template is out of order, you simply need to migrate your action code block to be below any HIGHER runOrder items.

i.e. Your runOrder: 1 Action block must be defined in the CFN before your runOrder: 2 Action block.

CodePipeline will then respect the runOrder and wait for the lower runOrder item to complete before progressing.

This to me appears to be a bug, regardless of what order the action has been defined, the runOrder parameter value should be respected and executed as intended.

Cheers,
Jeremy

Edited by: jbeffektd on Jan 30, 2019 5:09 PM

Edited by: jbeffektd on Jan 30, 2019 5:11 PM

asked 5 years ago174 views
3 Answers
0

Hello, so far I've been unable to reproduce this behavior. The RunOrder was respected regardless of ordering within the template in the pipelines I created using stage definitions similar to yours. Will you provide us with the full resource definition with all sensitive information removed?

Thanks,
Luke

answered 5 years ago
0

Hi Luke,

Thanks for replying.

That is strange, I definitely observed this at the time of the post. I've moved onto other project work however I will see if I can reproduce it again when I get an opportunity.

A few other things to mention;

  • The runOrder was amended and pushed via CFN to an existing stack, not a new stack

  • The stack was run in ap-southeast-2

  • CodePipeline was currently setup in the below way

  • GitHub Pull

  • CB 1

  • CB 1

  • CB 2

  • CB 2

Whether any of the above makes a difference, I'm not sure, I'll try replicate with a fresh deployment and then test with a CFN update and see if it replicates.

Cheers,
Jeremy

Edited by: jbeffektd on Feb 20, 2019 3:10 PM

Here is an extract specific to CP and CB

  AmiPipeline: 
    Type: AWS::CodePipeline::Pipeline
    Properties: 
      RoleArn: !GetAtt CodePipelineRole.Arn
      Stages: 
        - 
          Name: Source
          Actions: 
            - 
              Name: "Retrieve"
              ActionTypeId:
                Category: Source
                Owner: ThirdParty
                Version: 1
                Provider: GitHub
              Configuration:
                Owner: !Ref GitHubOrg
                Repo: !Ref GitHubRepo
                Branch: !Ref GitHubBranch
                OAuthToken: !Ref GitHubToken
              OutputArtifacts:
                - Name: GitBundle
        - Name: BuildAMI
          Actions:
            - Name: "XXXXXXXXXXXXXX"
              InputArtifacts:
                - Name: GitBundle
              ActionTypeId:
                Category: Build
                Owner: AWS
                Version: 1
                Provider: CodeBuild
              Configuration:
                ProjectName: !Ref AmiProject1
              RunOrder: 1
            - Name: "XXXXXXXXXXXXX"
              InputArtifacts:
                - Name: GitBundle
              ActionTypeId:
                Category: Build
                Owner: AWS
                Version: 1
                Provider: CodeBuild
              Configuration:
                ProjectName: !Ref AmiProject2
              RunOrder: 1
            - Name: "XXXXXXXXXXXXX"
              InputArtifacts:
                - Name: GitBundle
              ActionTypeId:
                Category: Build
                Owner: AWS
                Version: 1
                Provider: CodeBuild
              Configuration:
                ProjectName: !Ref AmiProject3
              RunOrder: 2
            - Name: "XXXXXXXXXXXXX"
              InputArtifacts:
                - Name: GitBundle
              ActionTypeId:
                Category: Build
                Owner: AWS
                Version: 1
                Provider: CodeBuild
              Configuration:
                ProjectName: !Ref AmiProject4
              RunOrder: 2
      ArtifactStore:
        Type: S3
        Location: !Ref ArtifactBucket
        EncryptionKey:
          Id: !Ref CodePipelineKey
          Type: KMS

  AmiProject1:
    Type: AWS::CodeBuild::Project
    Properties:
      Artifacts:
        Type: "CODEPIPELINE"
      Source:
        Type: "CODEPIPELINE"
        BuildSpec: buildspec/buildspec.yml
      Environment:
        ComputeType: "BUILD_GENERAL1_MEDIUM"
        Image: !Ref DockerImageId
        Type: "LINUX_CONTAINER"
        EnvironmentVariables:
          - Name: GITHUB_BRANCH
            Value: !Ref GitHubBranch
          - Name: NETWORK_STACK
            Value: !Ref NetworkStack
          - Name: REPORTS_BUCKET
            Value: !Ref ArtifactBucket
          - Name: AWS_REGION
            Value: !Ref "AWS::Region"
      ServiceRole: !GetAtt CodeBuildServiceRole.Arn
      EncryptionKey: !Ref CodePipelineKey
      TimeoutInMinutes: 120
      VpcConfig:
        VpcId: 
          Fn::ImportValue: !Sub "${NetworkStack}-VPCID"
        Subnets:
          - Fn::ImportValue: !Sub "${NetworkStack}-SubnetPrivateA"
          - Fn::ImportValue: !Sub "${NetworkStack}-SubnetPrivateB"
        SecurityGroupIds:
          - !Ref PipelineSecurityGroup

  AmiProject2:
    Type: AWS::CodeBuild::Project
    Properties:
      Artifacts:
        Type: "CODEPIPELINE"
      Source:
        Type: "CODEPIPELINE"
        BuildSpec: buildspec/buildspec.yml
      Environment:
        ComputeType: "BUILD_GENERAL1_MEDIUM"
        Image: !Ref DockerImageId
        Type: "LINUX_CONTAINER"
        EnvironmentVariables:
          - Name: GITHUB_BRANCH
            Value: !Ref GitHubBranch
          - Name: NETWORK_STACK
            Value: !Ref NetworkStack
          - Name: REPORTS_BUCKET
            Value: !Ref ArtifactBucket
          - Name: AWS_REGION
            Value: !Ref "AWS::Region"
      ServiceRole: !GetAtt CodeBuildServiceRole.Arn
      EncryptionKey: !Ref CodePipelineKey
      TimeoutInMinutes: 120
      VpcConfig:
        VpcId: 
          Fn::ImportValue: !Sub "${NetworkStack}-VPCID"
        Subnets:
          - Fn::ImportValue: !Sub "${NetworkStack}-SubnetPrivateA"
          - Fn::ImportValue: !Sub "${NetworkStack}-SubnetPrivateB"
        SecurityGroupIds:
          - !Ref PipelineSecurityGroup

  AmiProject3:
    Type: AWS::CodeBuild::Project
    Properties:
      Artifacts:
        Type: "CODEPIPELINE"
      Source:
        Type: "CODEPIPELINE"
        BuildSpec: buildspec/buildspec.yml
      Environment:
        ComputeType: "BUILD_GENERAL1_MEDIUM"
        Image: !Ref DockerImageId
        Type: "LINUX_CONTAINER"
        EnvironmentVariables:
          - Name: GITHUB_BRANCH
            Value: !Ref GitHubBranch
          - Name: NETWORK_STACK
            Value: !Ref NetworkStack
          - Name: REPORTS_BUCKET
            Value: !Ref ArtifactBucket
          - Name: AWS_REGION
            Value: !Ref "AWS::Region"
      ServiceRole: !GetAtt CodeBuildServiceRole.Arn
      EncryptionKey: !Ref CodePipelineKey
      TimeoutInMinutes: 120
      VpcConfig:
        VpcId: 
          Fn::ImportValue: !Sub "${NetworkStack}-VPCID"
        Subnets:
          - Fn::ImportValue: !Sub "${NetworkStack}-SubnetPrivateA"
          - Fn::ImportValue: !Sub "${NetworkStack}-SubnetPrivateB"
        SecurityGroupIds:
          - !Ref PipelineSecurityGroup

  AmiProject4:
    Type: AWS::CodeBuild::Project
    Properties:
      Artifacts:
        Type: "CODEPIPELINE"
      Source:
        Type: "CODEPIPELINE"
        BuildSpec: buildspec/buildspec.yml
      Environment:
        ComputeType: "BUILD_GENERAL1_MEDIUM"
        Image: !Ref DockerImageId
        Type: "LINUX_CONTAINER"
        EnvironmentVariables:
          - Name: GITHUB_BRANCH
            Value: !Ref GitHubBranch
          - Name: NETWORK_STACK
            Value: !Ref NetworkStack
          - Name: REPORTS_BUCKET
            Value: !Ref ArtifactBucket
          - Name: AWS_REGION
            Value: !Ref "AWS::Region"
      ServiceRole: !GetAtt CodeBuildServiceRole.Arn
      EncryptionKey: !Ref CodePipelineKey
      TimeoutInMinutes: 120
      VpcConfig:
        VpcId: 
          Fn::ImportValue: !Sub "${NetworkStack}-VPCID"
        Subnets:
          - Fn::ImportValue: !Sub "${NetworkStack}-SubnetPrivateA"
          - Fn::ImportValue: !Sub "${NetworkStack}-SubnetPrivateB"
        SecurityGroupIds:
          - !Ref PipelineSecurityGroup

Edited by: jbeffektd on Feb 20, 2019 3:17 PM

answered 5 years ago
0

Have you tried inspecting pipeline history (specifically action executions) to get timing information?

jbeffektd wrote:

  • The runOrder was amended and pushed via CFN to an existing stack, not a new stack

What did the pipeline look like before and after the update? If you're changing the run order of some actions, you might be observing CodePipeline "drain" a pipeline execution (started with the old pipeline definition and using the before run order to complete the stage).

AWS
Aaron_C
answered 5 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions