【发布时间】:2019-06-24 19:46:49
【问题描述】:
我正在使用 AWS CodePipeline 构建 CD 管道。我使用 S3 存储桶作为管道的源来获取我的 YAML 模板,然后将其作为输出工件推送到部署阶段作为输入工件的输入。
我面临的问题是 CodePipeline 加密 YAML 模板并将其放在 S3 工件存储中,因此当 CloudFormation 在输入工件中查找时,它确实找到了文件,因为它的名称已更改,所以如何阻止管道加密工件?
这是我的 CodePipeline CloudFormation 模板:
Resources:
ArtifactStoreBucket:
Type: AWS::S3::Bucket
Properties:
VersioningConfiguration:
Status: Enabled
Pipeline:
Type: AWS::CodePipeline::Pipeline
Properties:
ArtifactStore:
Location: !Ref 'ArtifactStoreBucket'
Type: S3
DisableInboundStageTransitions: []
Name: !Ref 'PipelineName'
RoleArn: !GetAtt [PipelineRole, Arn]
Stages:
- Name: S3Source
Actions:
- Name: TemplateSource
ActionTypeId:
Category: Source
Owner: AWS
Provider: S3
Version: '1'
Configuration:
S3Bucket: !Ref 'S3Bucket'
S3ObjectKey: !Ref 'CFNTemplateName'
OutputArtifacts:
- Name: TemplateSource
EncryptionDisabled: true
RunOrder: '1'
- Name: DeployToTest
Actions:
- Name: CreateChangeSetTest
ActionTypeId:
Category: Deploy
Owner: AWS
Version: 1
Provider: CloudFormation
Configuration:
ChangeSetName: sample-lambda-dev
ActionMode: CHANGE_SET_REPLACE
StackName: sample-lambda-dev
Capabilities: CAPABILITY_NAMED_IAM
TemplatePath: !Sub "TemplateSource2::${CFNTemplateName}"
RoleArn: !GetAtt [CFNRole, Arn]
RunOrder: 1
- Name: DeployChangeSetTest
ActionTypeId:
Category: Deploy
Owner: AWS
Version: 1
Provider: CloudFormation
Configuration:
ChangeSetName: sample-lambda-dev
ActionMode: CHANGE_SET_EXECUTE
StackName: sample-lambda-dev
RoleArn: !GetAtt [CFNRole, Arn]
RunOrder: 2
我确保我提供了正确的工件和正确的模板名称。
【问题讨论】:
标签: amazon-web-services amazon-s3 amazon-cloudformation aws-codepipeline aws-kms