Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fn::ToJsonString unrecognized in conditional array element of resource properties #143

Open
bobobox opened this issue Aug 31, 2023 · 0 comments
Open

Fn::ToJsonString unrecognized in conditional array element of resource properties #143

bobobox opened this issue Aug 31, 2023 · 0 comments

Comments

@bobobox
Copy link

bobobox commented Aug 31, 2023
edited
Loading

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Tell us about the bug

When attempting to use Fn::ToJsonString within a conditionally included array element within a resource's Properties (ie. using !If and AWS::NoValue), the function is unrecognized, and the CloudFormation change set creation fails.

Expected behavior

Fn::ToJsonString produces JSON text included in resource Properties.

Observed behavior

Change Set creation fails with the message, behaving as if we have not included the LanguageExtensions transform:

Failed to create the changeset: Waiter ChangeSetCreateComplete failed: Waiter encountered a
terminal failure state: For expression "Status" we matched expected path: "FAILED" Status:
FAILED. Reason: Template Error: Encountered unsupported function: Fn::ToJsonString Supported
functions are: [Fn::AccountIdFromAlias, Fn::Base64, Fn::GetAtt, Fn::GetAZs, Fn::ImportValue,
Fn::Join, Fn::Split, Fn::FindInMap, Fn::Select, Ref, Fn::Equals, Fn::If, Fn::Not, Condition,
Fn::And, Fn::Or, Fn::Contains, Fn::EachMemberEquals, Fn::EachMemberIn, Fn::ValueOf,
Fn::ValueOfAll, Fn::RefAll, Fn::Sub, Fn::Cidr]

Test cases

Example uses CodePipeline Webhooks, and nonsensical values, just because these are small resources that use the affected Properties types. The first two resources can be created successfully, while the third (ExampleResourceFail) causes the failure. Other than the problematic third resource, this template should be deployable without any other dependencies (ie. somepipeline does not have to exist).

---
AWSTemplateFormatVersion: 2010-09-09
Transform: AWS::LanguageExtensions

Conditions:
  AlwaysTrue: !Equals
    - yes
    - yes

Resources:

  ExampleResourceSuccessOne:
    Type: AWS::CodePipeline::Webhook
    Properties:
      Filters:
        - JsonPath: "$.ref"
          MatchEquals: "refs/heads/{Branch}"
        # The use of Fn::ToJsonString for the value of MatchEquals works fine
        - JsonPath: "$.repository.somejson"
          MatchEquals:
            Fn::ToJsonString:
              foo: bar
      Authentication: GITHUB_HMAC
      AuthenticationConfiguration:
        SecretToken: blah
      TargetPipeline: somepipeline
      TargetAction: GitHubCheckout
      TargetPipelineVersion: 1

  ExampleResourceSuccessTwo:
    Type: AWS::CodePipeline::Webhook
    Properties:
      Filters:
        - JsonPath: "$.ref"
          MatchEquals: "refs/heads/{Branch}"
        # This just demonstrates that using the If function here is valid
        - !If
          - AlwaysTrue
          - JsonPath: "$.repository.somejson"
            MatchEquals: '{"foo": "bar"}'
          - !Ref AWS::NoValue
      Authentication: GITHUB_HMAC
      AuthenticationConfiguration:
        SecretToken: blah
      TargetPipeline: somepipeline
      TargetAction: GitHubCheckout
      TargetPipelineVersion: 1

  ExampleResourceFail:
    Type: AWS::CodePipeline::Webhook
    Properties:
      Filters:
        - JsonPath: "$.ref"
          MatchEquals: "refs/heads/{Branch}"
        # This use of Fn::ToJsonString in a conditional array element,
        # otherwise doing the exact same thing as above, will fail, as the
        # function won't be recognized as valid
        - !If
          - AlwaysTrue
          - JsonPath: "$.repository.somejson"
            MatchEquals:
              Fn::ToJsonString:
                foo: bar
          - !Ref AWS::NoValue
      Authentication: GITHUB_HMAC
      AuthenticationConfiguration:
        SecretToken: blah
      TargetPipeline: somepipeline
      TargetAction: GitHubCheckout
      TargetPipelineVersion: 1

Additional context

Actual use case is within an AWS::CodePipeline::Pipeline definition, where certain Actions and Stages are conditionally included, and which require JSON inputs. We would love to be able to use this function there.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@bobobox