Deploying to AWS through GitHub Actions and Python CDK

Question

I'm working on a repository with the following structure:

.
├── .github
│   └── workflows/
├── .gitignore
├── README.md
├── backend/
├── cdk
│   ├── .env
│   ├── .gitignore
│   ├── README.md
│   ├── __pycache__
│   ├── app.py
│   ├── cdk.context.json
│   ├── cdk.json
│   ├── cdk.out
│   ├── poetry.lock
│   ├── pyproject.toml
│   ├── schema.json
│   ├── settings.py
│   ├── stacks
│   └── tests
└── frontend/

The cdk folder contains AWS CDK code written in Python. I want to deploy my app using GitHub Actions. My workflow files are in the .github/workflows folder. Currently, I only have 1, as I'm just getting started, and it's configured to run when I push to dev. The jobs are as follows:

jobs:
  aws_cdk:

    permissions:
      contents: 'read'
      id-token: 'write'

    runs-on: ubuntu-latest

    steps:
      - name: Checkout repository
        uses: actions/checkout@v3

      - name: Configure AWS credentials
        if: github.ref == 'refs/heads/dev'
        uses: aws-actions/configure-aws-credentials@v1
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws-region: ${{ env.AWS_REGION }}

      - name: Run `cdk deploy`
        if: github.ref == 'refs/heads/dev'
        uses: youyo/aws-cdk-github-actions@v2
        env:
          AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID}}
        with:
          cdk_subcommand: 'deploy'
          cdk_stack: 'StreamingStack'
          cdk_version: 'latest'
          cdk_args: '--require-approval never'
          actions_comment: false
          working_dir: './cdk'

The CDK deploy action fails with a ModuleNotFoundError:

added 1 package in 856ms
Install aws-cdk latest
Successful install aws-cdk latest
Run cdk deploy --require-approval never "StreamingStack"
Traceback (most recent call last):
  File "/github/workspace/cdk/app.py", line 2, in <module>
    import aws_cdk as cdk
ModuleNotFoundError: No module named 'aws_cdk'

I'm using poetry as my dependency manager, so I then decided to add the following steps to my workflow file, before the CDK deploy step:

      - name: Install desired Python version
        uses: actions/setup-python@v5
        with:
          python-version: ${{ env.PYTHON_VERSION }}

      - name: Install Poetry
        uses: snok/install-poetry@v1
        with:
          version: ${{ env.POETRY_VERSION }}
          virtualenvs-create: false
          virtualenvs-in-project: false

      - name: Install CDK dependencies
        run: |
          poetry config virtualenvs.create false
          poetry install --no-interaction --no-ansi --directory='./cdk'

EDIT - Here is my pyproject.toml:

[tool.poetry]
name = "cdk"
version = "0.1.0"
description = ""
readme = "README.md"

[tool.poetry.dependencies]
python = "^3.11"
aws-cdk-lib = "^2.115.0"
pydantic_settings = "^2.1.0"
"aws-amplify.cdk.exported-backend" = "^0.0.6"
constructs = ">=10.0.0,<11.0.0"


[tool.poetry.group.dev.dependencies]
pytest = "^7.4.3"

[build-system]
requires = ["poetry-core"]
build-backend = "poetry.core.masonry.api"

Alas, still the same error. Anyone any ideas?

Answer 1

After a lot of debugging I found the issue. The youyo/aws-cdk-github-actions@v2 GitHub Action expects a requirements.txt file to install dependencies:

function installPipRequirements(){
    if [ -e "requirements.txt" ]; then
        echo "Install requirements.txt"
        if [ "${INPUT_DEBUG_LOG}" == "true" ]; then
            pip install -r requirements.txt
        else
            pip install -r requirements.txt >/dev/null 2>&1
        fi

        if [ "${?}" -ne 0 ]; then
            echo "Failed to install requirements.txt"
        else
            echo "Successful install requirements.txt"
        fi
    fi
}

Creating this file from the pyproject.toml and letting the Github Action install all dependencies instead of poetry solved it.