fancy-ice-8211
04/26/2020, 5:16 AMTypeError: startswith first arg must be bytes or a tuple of bytes, not str
So I guess I'm doing something wrong with the config, but I can't see it (fixed, see thread).import pulumi
from pulumi_aws import s3, iam, kms, codepipeline
config = pulumi.Config()
kms_key = kms.Key('code-pipeline')
code_pipeline_artifact_store_bucket = s3.Bucket(
'code-pipeline-artifact-store-bucket',
acl='private'
)
code_pipeline_service_role = iam.Role(
'code-pipeline-service-role',
assume_role_policy={
'Version': '2012-10-17',
'Statement': [
{
'Effect': 'Allow',
'Principal': {
'Service': '<http://codepipeline.amazonaws.com|codepipeline.amazonaws.com>'
},
'Action': 'sts:AssumeRole'
}
]
}
)
code_pipeline_policy = iam.RolePolicy(
'code-pipeline-policy',
policy={
'Version': '2012-10-17',
'Statement': [
{
'Effect': 'Allow',
'Action': [
's3:GetObject',
's3:GetObjectVersion',
's3:GetBucketVersioning',
's3:PutObject'
],
'Resource': [
code_pipeline_artifact_store_bucket.arn,
code_pipeline_artifact_store_bucket.arn.apply(lambda arn: f'{arn}/*')
]
},
{
'Effect': 'Allow',
'Action': [
'codebuild:BatchGetBuilds',
'codebuild:StartBuild'
],
'Resource': '*'
}
]
},
role=code_pipeline_service_role.id
)
code_pipeline = codepipeline.Pipeline(
'code-pipeline',
artifact_store={
'encryption_key': {
'id': kms_key.id,
'type': 'KMS'
},
'location': code_pipeline_artifact_store_bucket.bucket,
'type': 'S3'
},
role_arn=code_pipeline_service_role.arn,
stages=[
{
'Actions': [{
'Category': 'Source',
'Configuration': {
'Branch': config.require('branch'),
'Owner': config.require('owner'),
'Repo': config.require('repo'),
'OAuthToken': config.require('githubtoken')
},
'Name': 'Source',
'OutputArtifacts': ['source_output'],
'Owner': 'ThirdParty',
'Provider': 'GitHub',
'Version': '1'
}],
'Name': 'Source'
},
{
'Actions': [{
'Category': 'Build',
'Configuration': {
'ProjectName': 'test',
},
'InputArtifacts': ['source_output'],
'Name': 'Build',
'OutputArtifacts': ['build_output'],
'Owner': 'AWS',
'Provider': 'CodeBuild',
'Version': '1'
}],
'Name': 'Build'
},
{
'Actions': [{
'Category': 'Deploy',
'Configuration': {
'ActionMode': 'REPLACE_ON_FAILURE',
'Capabilities': 'CAPABILITY_AUTO_EXPAND,CAPABILITY_IAM',
'OutputFileName': 'CreateStackOutput.json',
'StackName': 'MyStack',
'TemplatePath': 'build_output::sam-templated.yaml'
},
'InputArtifacts': ['build_output'],
'Name': 'Deploy',
'Owner': 'AWS',
'Provider': 'CloudFormation',
'Version': '1'
}],
'Name': 'Deploy'
}
]
)
if anyone is curiousmammoth-caravan-51104
08/24/2020, 2:34 PMup
is your pipeline showing with as a to update
resource? For me every time i run up
it update the pipeline as well. That's probably because of AWS config setup, where token is being returned as "true" instead of a token itself. it's a quite annoying behavior and i'm not sure how to solve it yet