(pipelines): missing capabilities to deploy stack with secret rotation application #15711
Description
The modern pipelines.CodePipeline fails to create/update stacks that contain a secret rotation application, e.g. SecretsManagerRDSMySQLRotationSingleUser created by myCluster.addRotationSingleUser(), due to missing capabilities:
Requires capabilities : [CAPABILITY_AUTO_EXPAND]
This could be a regression from the he original pipelines.CdkPipeline which successfully deploys the same stack.
Reproduction Steps
class MyDatabaseStack extends Stack {
constructor(scope: Construct, id: string, props?: StackProps) {
// ...
const myCluster = new rds.DatabaseCluster(this, 'Database', {
// ...
});
myCluster.addRotationSingleUser(); // <-- This line created the rotation application
}
}
class MyPipelineStack extends Stack {
constructor(scope: Construct, id: string, props?: StackProps) {
// ...
const pipeline = new CodePipeline(this, 'Pipeline', {
// ...
});
pipeline.addStage(new MyApplication(this, 'Prod', {
// ...
}));
}
}
class MyApplication extends Stage {
constructor(scope: Construct, id: string, props?: StageProps) {
// ...
const dbStack = new MyDatabaseStack(this, 'Database');
}
}
new MyPipelineStack(app, 'PipelineStack');What did you expect to happen?
The modern pipelines.CodePipeline successfully deploys stacks with secret rotation applications (as the original pipelines.CdkPipeline does).
What actually happened?
The modern pipelines.CodePipeline fails to deploy stacks with secret rotation applications.
Environment
- CDK CLI Version : 1.115.0 (build f0ca40f)
- Framework Version: 1.115.0
This is 🐛 Bug Report