feat(AWS Deploy): Ensure existence of S3 bucket if possible

[pgrzesik]

Follow up to: #10306

Closes: #3964

On a best-effort basis tries to ensure that S3 bucket for deployment artifact exists. Handles the following scenarios:

• If Deployment Bucket is missing in CF template, then it injects the config for it and issues additional update
• If Deployment Bucket is defined in CF template but has been removed manually, throws a descriptive error
• If custom Deployment Bucket is used, it is validated for location and existence, if it doesn't exist then descriptive error is thrown

[pgrzesik]

This logic is now fully handled in ensureValidBucketExists

[pgrzesik]

I double checked if we can force CloudFormation deploy with the original template, but as expected, the update is rejected because "nothing changed"

[codecov]

Codecov Report

Merging #10317 (8fe8f66) into master (1a85a4a) will decrease coverage by 0.05%.
The diff coverage is 76.56%.

❗ Current head 8fe8f66 differs from pull request most recent head 0b4e5ad. Consider uploading reports for the commit 0b4e5ad to get more accurate results

@@            Coverage Diff             @@
##           master   #10317      +/-   ##
==========================================
- Coverage   85.43%   85.38%   -0.06%     
==========================================
  Files         340      340              
  Lines       13936    13984      +48     
==========================================
+ Hits        11906    11940      +34     
- Misses       2030     2044      +14     

Impacted Files	Coverage Δ
...ugins/aws/deploy/lib/ensure-valid-bucket-exists.js	75.40% <75.40%> (ø)
lib/plugins/aws/deploy/index.js	100.00% <100.00%> (+1.21%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 1a85a4a...0b4e5ad. Read the comment docs.

[medikoo]

@pgrzesik that looks really great! I have just a few minor suggestions

[medikoo]

Do you think we need a new lifecycle event? Why not just do it at L130, before setBucketName ?

[pgrzesik]

I started with it in checkForChanges, but it didn't feel right to have logic that "modifies" something in step called check, which suggests that we're only doing checking here. But I see a point of not adding extra lifecycle events - what do you think is better here - having a little bit "inconsistent" (mutating) operation as a part of "check" logic or having a separate lifecycle event?

[medikoo]

Currently logic that resolves bucketName and crashes if there's no bucket is in context of checkForChanges, so I think it's ok to add there recovery logic, which instead of crashing ensures the bucket

I'm also not sure about changing our current lifecycle events set, I'd rather treat it more as part of legacy design that's best if left untouched (and not further explored). To avoid unexpected issues I'd rather introduce new lifecycle events only if there's really hard to go without it. WDYT?

[pgrzesik]

That's a good point - let's treat lifecycle engine as "legacy" and not introduce new hooks unless there's a really good reason for it. I've changed the implementation.

[medikoo]

I'm not sure we need a new progress event here.

It feels to me as part of Retrieving CloudFormation stack part, and it's pretty fast, so unlikely to be noticeable

[pgrzesik]

I wasn't sure how to capture that properly, but I like your suggestions around progress 👍

[medikoo]

_.merge doesn't feel safe and we overuse it. I'd do:

Object.assign(getTemplateResult.TemplateBody.Resources, 
this.serverless.service.provider.coreCloudFormationTemplate.Resources);
// Same for Outputs
Object.assign(..Outputs, ...Outputs);

[pgrzesik]

Sounds good 👍

[medikoo]

Here I would register another main progress with title as: Ensure deployment bucket

[pgrzesik]

Sounds good 👍

[medikoo]

This line I believe now can be removed

[pgrzesik]

This line is still needed, but potentially could be moved inside ensureValidBucketExists - after the logic of ensureValidBucketExists, in scenario where we create a new bucket via CF update, we don't know the bucket name and we have to retrieve it via SDK and that call handles that. What do you think, would it be better to just call it at the end of processing in ensureValidBucketExists?

[medikoo]

I propose to simplify it as:

• Remove setBucketName() entirely (I've checked and it's safe against plugins)
• In ensureValidBucketExists,ensure following logic is run:

if (!this.bucketName) {
  this.bucketName = await this.provider.getServerlessDeploymentBucketName();
}

[pgrzesik]

I think we cannot remove setBucketName entirely, because it's also used in rollback and deployList logic. as for the proposed syntax, we can definitely do that but adjust the logic in ensureValidBucketExists a bit more

[pgrzesik]

I've removed the additional setBucketName in checkForChanges hook and adjusted the implementation of ensureValidBucketExists - at the end of the function we should unconditionally call that method because we know the bucketName is not set (because we just ran the update for missing bucket in CF template)

[medikoo]

Looks great 👍