https://serverless-stack.com/ logo
Join Slack
Powered by
Somehow, when a new environment gets deployed from...
# seed
d
Somehow, when a new environment gets deployed from a PR or branch the last step fails with the message:
Copy code
Not making progress trying to resolve environmental context. Giving up.
[Error at /staging-company-stack/Stack] Found zones: [] for dns:<http://dev.example.com|dev.example.com>, privateZone:undefined, vpcId:undefined, but wanted exactly 1 zone
  Annotations.addMessage (/tmp/seed/source/node_modules/aws-cdk-lib/core/lib/annotations.ts:64:25)
  Annotations.addError (/tmp/seed/source/node_modules/aws-cdk-lib/core/lib/annotations.ts:36:10)
  Function.getValue (/tmp/seed/source/node_modules/aws-cdk-lib/core/lib/context-provider.ts:83:31)
  Function.fromLookup (/tmp/seed/source/node_modules/aws-cdk-lib/aws-route53/lib/hosted-zone.ts:76:65)
  ReactStaticSite.lookupHostedZone (/tmp/seed/source/node_modules/@serverless-stack/resources/src/StaticSite.ts:511:39)
  new StaticSite (/tmp/seed/source/node_modules/@serverless-stack/resources/src/StaticSite.ts:101:28)
  new ReactStaticSite (/tmp/seed/source/node_modules/@serverless-stack/resources/src/ReactStaticSite.ts:43:5)
  new PlatformStack (/tmp/seed/source/stacks/PlatformStack.ts:11:18)
  Object.main (/tmp/seed/source/stacks/index.ts:18:3)
  Object.<anonymous> (/tmp/seed/source/.build/run.js:94:16)
  Module._compile (internal/modules/cjs/loader.js:1063:30)
  Object.Module._extensions..js (internal/modules/cjs/loader.js:1092:10)
  Module.load (internal/modules/cjs/loader.js:928:32)
  Function.Module._load (internal/modules/cjs/loader.js:769:14)
  Function.executeUserEntryPoint [as runMain] (internal/modules/run_main.js:72:12)
  internal/main/run_main_module.js:17:47
Found errors
Error: Found errors
    at StackCollection.processMetadataMessages (/tmp/seed/source/node_modules/aws-cdk/lib/api/cxapp/cloud-assembly.ts:270:13)
    at CdkToolkit.validateStacks (/tmp/seed/source/node_modules/aws-cdk/lib/cdk-toolkit.ts:549:12)
    at CdkToolkit.selectStacksForDiff (/tmp/seed/source/node_modules/aws-cdk/lib/cdk-toolkit.ts:528:10)
    at processTicksAndRejections (internal/process/task_queues.js:93:5)
    at CdkToolkit.synth (/tmp/seed/source/node_modules/aws-cdk/lib/cdk-toolkit.ts:412:20)
    at initCommandLine (/tmp/seed/source/node_modules/aws-cdk/bin/cdk.ts:268:9)
It seems you are configuring custom domains for you URL. And SST is not able to find the hosted zone "<http://dev.example.com|dev.example.com>" in your AWS Route 53 account. Please double check and make sure the zone exists, or pass in a different zone.
ERROR: Error: Found errors
ERROR: Failed to generate artifact for downstream stage staging.
This is our seed configuration. Development pipeline • Github 
dev
branch -> 
dev
environment • on PR activity -> new environment • on branch activity -> new environment Staging pipeline • Github 
main
branch -> 
staging
environment Production pipeline • Manually promote 
prod
environment It seems that seed picks up the wrong AWS credentials during the last step. 📦 Build:
Copy code
$ npx sst build --stage pr9 --verbose
...
Resolving default credentials
Retrieved account ID 24********** from disk cache
Setting "CDK_DEFAULT_ACCOUNT" environment variable to 24**********
context: {
  'hosted-zone:account=24**********:domainName=<http://dev.example.com:region=us-east-1|dev.example.com:region=us-east-1>': { Id: '/hostedzone/Z02179983PO**********', Name: 'dev.example.com.' },
...
🗑️ Cleanup:
Copy code
$ npx sst build --stage staging --verbose
...
Resolving default credentials
Looking up default account ID from STS
Default account ID: 01**********
Setting "CDK_DEFAULT_ACCOUNT" environment variable to 01**********
context: {
  'hosted-zone:account=24**********:domainName=<http://dev.example.com:region=us-east-1|dev.example.com:region=us-east-1>': { Id: '/hostedzone/Z02179983PO**********', Name: 'dev.example.com.' },
...
On the settings page I can see that: • Dev AWS IAM = custom (24**********) • Prod AWS IAM = custom (its own) • Staging AWS IAM = use default • The PR AWS IAM = custom (24**********) • The Branch AWS IAM = custom (24**********) • Default settings = 01********** I would assume that the last step is somehow using the default settings for PR and Branches.
f
Hey @Daniel Gato, the last step should use Staging AWS IAM. What it’s trying to do is running 
sst build
for the downstream stage.
In this case, the downstream stage for a PR/Branch stage is Staging, so it’s running 
sst build --stage staging
with the Staging AWS IAM.
The CloudFormation template from the build output will be used to generate the changeset when you promote.
Can you verify it’s using the Staging stage’s IAM?
d
It’s using the default IAM. Staging uses the default as well. So indirectly, it is using staging’s IAM.
the downstream stage for a PR/Branch stage is Staging
I’m not sure to understand what you mean with that. If you mean the next logical branch - in our case it is dev because we merge all our PRs to dev first.
I guess I got what is wrong. Because we one hostedZone per account, you are trying to build for staging while SEED_PULL_REQUEST_NUMBER is set. If you want to build for staging, I think that it should have the same environment than staging and not set the BR or BRANCH
In our case, it detects it is a PR and tries to use the hostedZone dev.example.com and this hostedZone only exists in the dev account.
f
Yeah I see what you mean. Just curious, would it work if you relied on the stage name (ie. 
app.stage
) instead of 
SEED_PULL_REQUEST_NUMBER
to determine whether you are building for staging or prod?
d
the quickfix we did right now is:
Copy code
const isPullRequestOrBranch =
    (isPullRequestDeploy || isBranchDeploy) && !isStaging;
But my point is that: • building for staging • building for staging with SEED_PULL_REQUEST_NUMBER set those could be 2 different build outputs.
2 Views
Open in Slack
PreviousNext
Powered by