2.1.2.5. Invoking AWS Services for Pipeline Testing

2.1.2.5. Invoking AWS Services for Pipeline Testing

CodePipeline stages can invoke multiple AWS services to run different types of tests. The key is knowing which action type to use for each testing scenario.

CodeBuild actions (most common): Use for unit tests, integration tests, linting, security scanning, and any custom test logic. CodeBuild runs your test commands in a container and reports pass/fail based on the exit code.

Lambda invoke actions: Use for lightweight validation — schema checks, configuration validation, approval notifications. Lambda actions pass a JSON payload and expect a success/failure callback to CodePipeline via putJobSuccessResult or putJobFailureResult.

# Lambda function for CodePipeline validation
import boto3

def handler(event, context):
    cp = boto3.client('codepipeline')
    job_id = event['CodePipeline.job']['id']
    
    try:
        # Your validation logic here
        validate_deployment_config()
        cp.put_job_success_result(jobId=job_id)
    except Exception as e:
        cp.put_job_failure_result(
            jobId=job_id,
            failureDetails={'message': str(e), 'type': 'JobFailed'}
        )

Step Functions actions: Use for complex test orchestration that requires branching, parallel execution, or human approval. Example: run integration tests in parallel across 3 regions, wait for all to pass, then proceed.

Manual approval actions: Require human sign-off before proceeding. The approver receives an SNS notification with a link to approve/reject. Use for production deployments, compliance gates, or after staging validation.

Exam Trap: Lambda invoke actions have a 5-minute timeout within CodePipeline (configurable up to the Lambda max). If your validation takes longer, use CodeBuild instead — it supports up to 8-hour build timeouts. Also, the Lambda function must call back to CodePipeline — if it doesn't, the pipeline stage hangs until it times out.