From 40235b6a3830dba2664d967e93ff519cba286c90 Mon Sep 17 00:00:00 2001 From: Elad Ben-Israel Date: Mon, 17 Dec 2018 18:33:54 +0200 Subject: [PATCH] fix(toolkit): scrutiny dialog should with no tty If STDIN is not connected to a TTY (terminal), and scrutiny is enabled, we expect the program to fail (exit with non-zero exit code). This is especially important for CI/CD scenarios where you wouldn't want to accidentally deploy changes that didn't pass a scrutiny check. Fixes #1380 Tested manually. --- packages/aws-cdk/bin/cdk.ts | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/packages/aws-cdk/bin/cdk.ts b/packages/aws-cdk/bin/cdk.ts index bd9d21893fdec..ab50ae6070b86 100644 --- a/packages/aws-cdk/bin/cdk.ts +++ b/packages/aws-cdk/bin/cdk.ts @@ -306,7 +306,13 @@ async function initCommandLine() { if (requireApproval !== RequireApproval.Never) { const currentTemplate = await readCurrentTemplate(stack); if (printSecurityDiff(currentTemplate, stack, requireApproval)) { - const confirmed = await confirm(`Do you wish to deploy these changes (y/n)?`); + + // only talk to user if we STDIN is a terminal (otherwise, fail) + let confirmed = false; + if (process.stdin.isTTY) { + confirmed = await confirm(`Do you wish to deploy these changes (y/n)?`); + } + if (!confirmed) { throw new Error('Aborted by user'); } } }