How to ignore AWS CodePipeline Approval automatically in less than 7 days

3
votes

I have been using AWS for more than a year now. Lately, I have been focusing on building a CI/CD Pipeline.

My pipeline has 4 stages:

  • Source (Github)
  • Testing (using CodeBuild)
  • Staging (deploys to Staging)
  • Manual Approval
  • Prod (deploys to Staging)

According to this AWS Doc, If no response is submitted within seven days, the action is marked as "Failed."

The Pipeline is relatively active (several deploys to staging per day) and what I found out is, that the Approvals "queue" and you have to Approve many times before the most recent changes get to Production.

Is there a way to set the expiration time of an Approval to less than 7 days?

1
amazon-web-servicesdevopsaws-codepipeline

1 Answers

1
votes

There actually isn't a queue, but while an approval action is in-progress it holds the stage "lock" for that stage so that the change in that stage does not change underneath you while you run manual testing.

While that stage lock is held, there is a "slot" for the change waiting to be promoted into that stage when the stage lock is released. As newer changes pass the previous stage they will replace the change in the slot. Therefore, when you approve or reject a manual approval action, only the most recent pending change is promoted.

Rather than a manual approval, you might want to just disable the transition between staging and prod. Disabling the transition won't hold the lock in either stage, so when you enable it again the most recent change will be promoted.

Transitions are better for when you want to simply control when you deploy to prod, and manual approvals are better when you want to run some manual testing against a consistent version.

See this documentation on transitions: https://docs.aws.amazon.com/codepipeline/latest/userguide/transitions.html