Skip to content

CFNv2: support dynamic parameter resolution #12797

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 8 commits into from
Closed

CFNv2: support dynamic parameter resolution #12797

wants to merge 8 commits into from

Conversation

simonrw
Copy link
Contributor

@simonrw simonrw commented Jun 24, 2025
edited
Loading

Motivation

The V2 engine does not currently support resolving dynamic parameter values, e.g.

{{resolve:secretsmanager:secret-id:secret-string:json-key:version-stage:version-id}}

Changes

  • Extract relevant functions out of the template deployer into their own module
  • Replace/resolve dynamic references when visiting node properties in the preprocessor
  • Unskip ssm resolving test in template engine tests

@simonrw simonrw added the semver: minor Non-breaking changes which can be included in minor releases, but not in patch releases label Jun 24, 2025
@github-actions GitHub Actions
Copy link

github-actions bot commented Jun 24, 2025
edited
Loading

Test Results - Preflight, Unit

21 727 tests  ±0   20 070 ✅ ±0   6m 23s ⏱️ -50s
     1 suites ±0    1 657 💤 ±0 
     1 files   ±0        0 ❌ ±0 

Results for commit 6574897. ± Comparison against base commit 6c4cd17.

♻️ This comment has been updated with latest results.

@github-actions GitHub Actions
Copy link

github-actions bot commented Jun 24, 2025
edited
Loading

Test Results (amd64) - Acceptance

7 tests  ±0   5 ✅ ±0   3m 7s ⏱️ -1s
1 suites ±0   2 💤 ±0 
1 files   ±0   0 ❌ ±0 

Results for commit 6574897. ± Comparison against base commit 6c4cd17.

♻️ This comment has been updated with latest results.

@github-actions GitHub Actions
Copy link

github-actions bot commented Jun 24, 2025
edited
Loading

LocalStack Community integration with Pro

  2 files  ±0    2 suites  ±0   21m 27s ⏱️ -2s
887 tests ±0  323 ✅ ±0  564 💤 ±0  0 ❌ ±0 
889 runs  ±0  323 ✅ ±0  566 💤 ±0  0 ❌ ±0 

Results for commit 6574897. ± Comparison against base commit 6c4cd17.

♻️ This comment has been updated with latest results.

@github-actions GitHub Actions
Copy link

github-actions bot commented Jun 24, 2025
edited
Loading

Test Results (amd64) - Integration, Bootstrap

  5 files  ±0    5 suites  ±0   34m 14s ⏱️ -20s
911 tests ±0  348 ✅ ±0  563 💤 ±0  0 ❌ ±0 
917 runs  ±0  348 ✅ ±0  569 💤 ±0  0 ❌ ±0 

Results for commit 6574897. ± Comparison against base commit 6c4cd17.

♻️ This comment has been updated with latest results.

@simonrw simonrw force-pushed the cfn/v2/dynamic-ssm-lookup branch from acc5133 to 6574897 Compare June 24, 2025 22:06
@simonrw simonrw marked this pull request as ready for review June 24, 2025 22:58
@simonrw simonrw requested a review from MEPalma June 24, 2025 22:58
MEPalma
MEPalma reviewed Jun 26, 2025
View reviewed changes
localstack-core/localstack/services/cloudformation/engine/v2/change_set_model_preproc.py
@@ -1040,7 +1045,23 @@ def visit_node_array(self, node_array: NodeArray) -> PreprocEntityDelta:
return PreprocEntityDelta(before=before, after=after)

def visit_node_property(self, node_property: NodeProperty) -> PreprocEntityDelta:
return self.visit(node_property.value)
# TODO: is this the right place?
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are dynamic parameters only resolved at a property level? For example, these are never resolved as input for another intrinsic function?

@simonrw simonrw added this to the Playground milestone Jun 30, 2025
@simonrw simonrw force-pushed the cfn/v2/describe-parameters branch from 6c4cd17 to 2ac855d Compare July 3, 2025 15:31
pinzon
pinzon approved these changes Jul 22, 2025
View reviewed changes
Copy link
Member

@pinzon pinzon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. I like the moving of the resolution of paramters from the executor, to the preproc.

suggestion: Maybe add or modify a test to confirm if the resolved parameters can be used in an intrinsic function.

tests/aws/services/cloudformation/v2/ported_from_v1/api/test_changesets.py
@@ -394,7 +394,7 @@ def test_create_change_set_missing_stackname(aws_client):
)


@pytest.mark.skip("CFNV2:Other")
# @pytest.mark.skip("CFNV2:Other")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: we should delete the comment if it doesn't apply anymore.

localstack-core/localstack/services/cloudformation/engine/transformers.py
Comment on lines +220 to +224
parameter_value = value.get("ParameterValue", "")
# V2: we model parameters as classes so try to access the method that returns the resolved value
if resolve := getattr(parameter_value, "resolve", None):
parameter_value = resolve()
formatted_stack_parameters[key] = parameter_value.split(",")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

comment: Thanks for adapting the execute_macro function but I believe that we should have a new one with proper typing and bindings for the v2 engine. Of course that should be handled in another PR not this one.

localstack-core/localstack/services/cloudformation/engine/template_deployer.py
Comment on lines +238 to +243
if dynamic_ref := extract_dynamic_reference(result):
return perform_dynamic_reference_lookup(
reference=dynamic_ref,
account_id=account_id,
region_name=region_name,
)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

comment: Nice refactoring

@simonrw simonrw modified the milestones: Playground, 4.8 Jul 24, 2025
@simonrw
Copy link
Contributor Author

simonrw commented Aug 6, 2025

Closing in favour of #12965

@simonrw simonrw closed this Aug 6, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MEPalma MEPalma MEPalma left review comments

@pinzon pinzon pinzon approved these changes

@dominikschubert dominikschubert Awaiting requested review from dominikschubert dominikschubert is a code owner

Assignees
No one assigned
Labels
semver: minor Non-breaking changes which can be included in minor releases, but not in patch releases
Projects
None yet
Milestone
4.8
Development

Successfully merging this pull request may close these issues.
3 participants
@simonrw @pinzon @MEPalma