aws-cdk: [CDK Pipelines] Asset bundling (running Docker during 'synth') doesn't work

We worked it out. We ended up doing an npm install of esbuild locally in package.json. Apparently if you don’t have it locally, it tries to use docker.

We worked it out. We ended up doing an npm install of esbuild locally in package.json. Apparently if you don’t have it locally, it tries to use docker.

Installing esbuild fixed the issue.

Since bundling is a framework feature, We should automatically identify if docker is required for asset bundling and configure your synth environment accordingly.

Ah, I have to add it and deploy before depending on it 😉 – working now.

For those using Python and the CodePipeline object, you can pass docker_enabled_for_synth=True to accomplish this. For example:

    def __init__(self, scope: cdk.Construct, construct_id: str, **kwargs) -> None:
        super().__init__(scope, construct_id, **kwargs)
        pipeline = pipelines.CodePipeline(self, "Pipeline",
                                          pipeline_name="MySupercoolPipeline",
                                          docker_enabled_for_synth=True,
                 ............. 

I get this error during the self-mutate stage, because my CdkPipeline stack depends on another stack which needs docker. Is there a way to either use privileged mode for the self-mutate build or use the --exclusively option with the cdk deploy command in the self-mutate stage?

I resolved this by temporarily removing my lambda that required bundling, allowed the pipeline to update itself, and then added it back in afterwards. I believe this issue is introduced when you create a pipeline without a privileged build server, and then you add something like a Lambda function that requires docker to bundle dependencies. This causes you to end up with a pipeline that gets halted and never updates itself properly.

Hope that helps!

Thank you. I had same issue w/NodeJsFunction but adding esbuild to my dev dependencies fixed the issue.

For those using Python and the CodePipeline object, you can pass docker_enabled_for_synth=True to accomplish this. For example:

    def __init__(self, scope: cdk.Construct, construct_id: str, **kwargs) -> None:
        super().__init__(scope, construct_id, **kwargs)
        pipeline = pipelines.CodePipeline(self, "Pipeline",
                                          pipeline_name="MySupercoolPipeline",
                                          docker_enabled_for_synth=True,
                 ............. 

while this wasn’t specifically relevant to this issue, this is the issue I was taken to when googling for my problem related to the synth action of normal CodePipeline and this comment helped me solve it. Thanks!

I too was having the same issue when deploying a Ruby Lambda function that required extra Gems and the CDK code was written in Python. It uses what @justin8 its just an example if people need it.

synth_action=pipelines.SimpleSynthAction(
    source_artifact=source_artifact,
    cloud_assembly_artifact=cloud_assembly_artifact,
    install_command='npm install -g aws-cdk && pip install -r requirements.txt',
    synth_command='cdk synth',
    environment={
        'privileged': True
     }
)

The Lambda deployment code is as follows:

aws_lambda.Function(self, 'EmailHandler',
    code=_lambda.Code.from_asset(path.join(os.getcwd(), 'lambda_resources'),
    bundling={
         'image': _lambda.Runtime.RUBY_2_7.bundling_docker_image,
         'command': ['bash', '-c', 'bundle install  && cp -au . /asset-output']
         }),
    runtime=_lambda.Runtime.RUBY_2_7,
    handler='app.lambda_handler'
)

You do have to do 1 deployment synth run with only the privileged code included first otherwise it always fails

I’m seeing it during the synth when using the aws-lambda-python package. It appears the nodejs one works in a very similar fashion.