0

I use CDK to generate a CloudFormation stack.

When I run cdk synth and cdk deploy, the ECR image and the Task definition don't get updated. In order to force the update, I have to:

  • delete the built images from my local computer;
  • delete the latest ECR image.

Deleting cdk.out/ does not seem to have positive effects.

I can't be sure, but it appears that it started happening after a while on this project.

[An LLM suggested to use const gitHash = execSync('git rev-parse HEAD').toString().trim(); as an extra hash; it doesn't always solve the problem though.]

The folder structure is a bit convoluted. This is because I want api/ to be a plug-in to the core code in my_module.py.

- src/
  - my_module.py
- api/  # the cdk folder
  - lib/
    - api-stack.ts
  - src
    - main.py
  - Dockerfile

This is the relevant snippet from api-stack.ts:

    const asset = new ecrAssets.DockerImageAsset(
      this,
      `MyDockerImage`,
      {
        file: api/Dockerfile,
        directory: path.join(__dirname, "..", ".."),
        platform: ecrAssets.Platform.LINUX_AMD64
        ignoreMode: cdk.IgnoreMode.DOCKER,
        buildSecrets: buildSecrets,
        buildSsh: buildSsh,
      },
    );

Structure of Dockerfile:


FROM ghcr.io/astral-sh/uv:0.9.8-debian

RUN apt update && apt install -y openssh-client git

COPY ...
COPY api/src/main.py /app/

WORKDIR /app

RUN --mount=type=ssh,required=true \
    mkdir -p /root/.ssh && \
    ssh-keyscan -t ed25519,rsa github.com >> /root/.ssh/known_hosts 2>/dev/null && \
    uv sync

ENTRYPOINT ["uv", "run", "main.py"]
Improve this question
2
  • What are you changing? Are you able to provide a reproducible example of a dockerfile and folder/file structure? Commented Nov 14 at 7:03
  • @gshpychka I added those information, actually you are right the problem could be in the non-canonical structure. Commented Nov 17 at 14:16

1 Answer 1

Reset to default
-1

Yeah, basically the CDK only rebuilds DockerImageAsset when its source hash changes. If your Docker build context doesn’t reflect your code changes (often because of .dockerignore or IgnoreMode.DOCKER), CDK will skip building/pushing the image.

A simple and reliable solution is to have a build-version.txt file in your Docker context and COPY it in your Dockerfile. Bump the version whenever you need CDK to publish a new image. As this version file becomes part of the asset hash, CDK will always rebuild and push the updated image. Thats what we have used in our apps.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

But why would you need to rebuild if the source doesn't change?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.