From aa45edeafbf37c5638378cd92d0aa7cc954d426c Mon Sep 17 00:00:00 2001 From: Rico Huijbers Date: Fri, 19 Mar 2021 17:52:01 +0100 Subject: [PATCH 001/260] docs(pipelines): document multiple NPM versions issue (#13687) NPM6 can apparently not correctly process a package-lock generated using NPM7. This will crop up more and more as NPM 7 starts becoming more popular; add a documentation section about this. Fixes #13666. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/pipelines/README.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/packages/@aws-cdk/pipelines/README.md b/packages/@aws-cdk/pipelines/README.md index 5413b38fa0d16..6097c87c16426 100644 --- a/packages/@aws-cdk/pipelines/README.md +++ b/packages/@aws-cdk/pipelines/README.md @@ -749,6 +749,18 @@ ID: ...) The stack failed its previous deployment, and is in a non-retryable state. Go into the CloudFormation console, delete the stack, and retry the deployment. +### Cannot find module 'xxxx' or its corresponding type declarations + +You may see this if you are using TypeScript or other NPM-based languages, +when using NPM 7 on your workstation (where you generate `package-lock.json`) +and NPM 6 on the CodeBuild image used for synthesizing. + +It looks like NPM 7 has started writing less information to `package-lock.json`, +leading NPM 6 reading that same file to not install all required packages anymore. + +Make sure you are using the same NPM version everywhere, either downgrade your +workstation's version or upgrade the CodeBuild version. + ## Current Limitations Limitations that we are aware of and will address: From 62a91b7a30f8b6419a983d7ea7bdb3c39f2fdfd0 Mon Sep 17 00:00:00 2001 From: Masaharu Komuro Date: Sat, 20 Mar 2021 08:37:50 +0900 Subject: [PATCH 002/260] feat(rds): make rds secret name configurable (#13626) close #8984 As suggested by @njlynch in the first issue, I added the ability to set the secret name that RDS generates. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-rds/README.md | 1 + .../@aws-cdk/aws-rds/lib/database-secret.ts | 8 ++++ packages/@aws-cdk/aws-rds/lib/private/util.ts | 3 +- packages/@aws-cdk/aws-rds/lib/props.ts | 15 ++++++ .../@aws-cdk/aws-rds/test/cluster.test.ts | 48 ++++++++++++++++++- .../@aws-cdk/aws-rds/test/instance.test.ts | 38 ++++++++++++++- 6 files changed, 110 insertions(+), 3 deletions(-) diff --git a/packages/@aws-cdk/aws-rds/README.md b/packages/@aws-cdk/aws-rds/README.md index cb431cecbcd10..c336f5c7c240e 100644 --- a/packages/@aws-cdk/aws-rds/README.md +++ b/packages/@aws-cdk/aws-rds/README.md @@ -247,6 +247,7 @@ It's also possible to create user credentials together with the instance/cluster ```ts const myUserSecret = new rds.DatabaseSecret(this, 'MyUserSecret', { username: 'myuser', + secretName: 'my-user-secret', // optional, defaults to a CloudFormation-generated name masterSecret: instance.secret, excludeCharacters: '{}[]()\'"/\\', // defaults to the set " %+~`#$&*()|[]{}:;<>?!'/@\"\\" }); diff --git a/packages/@aws-cdk/aws-rds/lib/database-secret.ts b/packages/@aws-cdk/aws-rds/lib/database-secret.ts index 0df046424a420..0a0537b23a63e 100644 --- a/packages/@aws-cdk/aws-rds/lib/database-secret.ts +++ b/packages/@aws-cdk/aws-rds/lib/database-secret.ts @@ -14,6 +14,13 @@ export interface DatabaseSecretProps { */ readonly username: string; + /** + * A name for the secret. + * + * @default - A name is generated by CloudFormation. + */ + readonly secretName?: string; + /** * The KMS key to use to encrypt the secret. * @@ -60,6 +67,7 @@ export class DatabaseSecret extends secretsmanager.Secret { super(scope, id, { encryptionKey: props.encryptionKey, description: `Generated by the CDK for stack: ${Aws.STACK_NAME}`, + secretName: props.secretName, generateSecretString: { passwordLength: 30, // Oracle password cannot have more than 30 characters secretStringTemplate: JSON.stringify({ diff --git a/packages/@aws-cdk/aws-rds/lib/private/util.ts b/packages/@aws-cdk/aws-rds/lib/private/util.ts index 0b6e2b72ff0be..df9ace2dbd3bc 100644 --- a/packages/@aws-cdk/aws-rds/lib/private/util.ts +++ b/packages/@aws-cdk/aws-rds/lib/private/util.ts @@ -94,6 +94,7 @@ export function renderCredentials(scope: Construct, engine: IEngine, credentials renderedCredentials = Credentials.fromSecret( new DatabaseSecret(scope, 'Secret', { username: renderedCredentials.username, + secretName: renderedCredentials.secretName, encryptionKey: renderedCredentials.encryptionKey, excludeCharacters: renderedCredentials.excludeCharacters, // if username must be referenced as a string we can safely replace the @@ -131,4 +132,4 @@ export function helperRemovalPolicy(basePolicy?: RemovalPolicy): RemovalPolicy { */ export function renderUnless(value: A, suppressValue: A): A | undefined { return value === suppressValue ? undefined : value; -} \ No newline at end of file +} diff --git a/packages/@aws-cdk/aws-rds/lib/props.ts b/packages/@aws-cdk/aws-rds/lib/props.ts index 9d7cbd40b8042..c57e8ccee8fd6 100644 --- a/packages/@aws-cdk/aws-rds/lib/props.ts +++ b/packages/@aws-cdk/aws-rds/lib/props.ts @@ -126,6 +126,13 @@ export interface BackupProps { * Base options for creating Credentials. */ export interface CredentialsBaseOptions { + /** + * The name of the secret. + * + * @default - A name is generated by CloudFormation. + */ + readonly secretName?: string; + /** * KMS encryption key to encrypt the generated secret. * @@ -232,6 +239,14 @@ export abstract class Credentials { */ public abstract readonly username: string; + /** + * The name to use for the Secret if a new Secret is to be generated in + * SecretsManager for these Credentials. + * + * @default - A name is generated by CloudFormation. + */ + public abstract readonly secretName?: string; + /** * Whether the username should be referenced as a string and not as a dynamic * reference to the username in the secret. diff --git a/packages/@aws-cdk/aws-rds/test/cluster.test.ts b/packages/@aws-cdk/aws-rds/test/cluster.test.ts index 11e60d8068341..74f538be5d998 100644 --- a/packages/@aws-cdk/aws-rds/test/cluster.test.ts +++ b/packages/@aws-cdk/aws-rds/test/cluster.test.ts @@ -10,7 +10,7 @@ import * as cxapi from '@aws-cdk/cx-api'; import { testFutureBehavior } from 'cdk-build-tools/lib/feature-flag'; import { AuroraEngineVersion, AuroraMysqlEngineVersion, AuroraPostgresEngineVersion, CfnDBCluster, Credentials, DatabaseCluster, - DatabaseClusterEngine, DatabaseClusterFromSnapshot, ParameterGroup, PerformanceInsightRetention, SubnetGroup, + DatabaseClusterEngine, DatabaseClusterFromSnapshot, ParameterGroup, PerformanceInsightRetention, SubnetGroup, DatabaseSecret, } from '../lib'; describe('cluster', () => { @@ -1763,6 +1763,52 @@ describe('cluster', () => { }); + test('can set custom name to database secret by fromSecret', () => { + // GIVEN + const stack = testStack(); + const vpc = new ec2.Vpc(stack, 'VPC'); + const secretName = 'custom-secret-name'; + const secret = new DatabaseSecret(stack, 'Secret', { + username: 'admin', + secretName, + } ); + + // WHEN + new DatabaseCluster(stack, 'Database', { + engine: DatabaseClusterEngine.aurora({ version: AuroraEngineVersion.VER_1_22_2 }), + credentials: Credentials.fromSecret(secret), + instanceProps: { + vpc, + }, + }); + + // THEN + expect(stack).toHaveResourceLike('AWS::SecretsManager::Secret', { + Name: secretName, + }); + }); + + test('can set custom name to database secret by fromGeneratedSecret', () => { + // GIVEN + const stack = testStack(); + const vpc = new ec2.Vpc(stack, 'VPC'); + const secretName = 'custom-secret-name'; + + // WHEN + new DatabaseCluster(stack, 'Database', { + engine: DatabaseClusterEngine.aurora({ version: AuroraEngineVersion.VER_1_22_2 }), + credentials: Credentials.fromGeneratedSecret('admin', { secretName }), + instanceProps: { + vpc, + }, + }); + + // THEN + expect(stack).toHaveResourceLike('AWS::SecretsManager::Secret', { + Name: secretName, + }); + }); + test('can set public accessibility for database cluster with instances in private subnet', () => { // GIVEN const stack = testStack(); diff --git a/packages/@aws-cdk/aws-rds/test/instance.test.ts b/packages/@aws-cdk/aws-rds/test/instance.test.ts index 497bfbea36c32..49e57e630f55c 100644 --- a/packages/@aws-cdk/aws-rds/test/instance.test.ts +++ b/packages/@aws-cdk/aws-rds/test/instance.test.ts @@ -1204,8 +1204,44 @@ describe('instance', () => { MasterUsername: 'postgres', // username is a string MasterUserPassword: '{{resolve:ssm-secure:/dbPassword:1}}', // reference to SSM }); + }); + test('can set custom name to database secret by fromSecret', () => { + // WHEN + const secretName = 'custom-secret-name'; + const secret = new rds.DatabaseSecret(stack, 'Secret', { + username: 'admin', + secretName, + } ); + new rds.DatabaseInstance(stack, 'Instance', { + engine: rds.DatabaseInstanceEngine.mysql({ + version: rds.MysqlEngineVersion.VER_8_0_19, + }), + credentials: rds.Credentials.fromSecret(secret), + vpc, + }); + // THEN + expect(stack).toHaveResourceLike('AWS::SecretsManager::Secret', { + Name: secretName, + }); + }); + + test('can set custom name to database secret by fromGeneratedSecret', () => { + // WHEN + const secretName = 'custom-secret-name'; + new rds.DatabaseInstance(stack, 'Instance', { + engine: rds.DatabaseInstanceEngine.mysql({ + version: rds.MysqlEngineVersion.VER_8_0_19, + }), + credentials: rds.Credentials.fromGeneratedSecret('admin', { secretName }), + vpc, + }); + + // THEN + expect(stack).toHaveResourceLike('AWS::SecretsManager::Secret', { + Name: secretName, + }); }); test('can set publiclyAccessible to false with public subnets', () => { @@ -1274,4 +1310,4 @@ test.each([ DeletionPolicy: subnetValue, UpdateReplacePolicy: subnetValue, }, ResourcePart.CompleteDefinition); -}); \ No newline at end of file +}); From 3e1148e74dce0e15379e2cfa372bd367183f9c6f Mon Sep 17 00:00:00 2001 From: Felix Kastner Date: Fri, 19 Mar 2021 17:15:13 -0700 Subject: [PATCH 003/260] fix(aws-ecs): drain hook lambda allows tasks to stop gracefully (#13559) fixes #13506 ### Description After the container instance is set to draining, the tasks running on it transition from RUNNING > DEACTIVATING > STOPPING > DEPROVISIONING > STOPPED. The current way of counting running tasks via `instance['runningTasksCount'] + instance['pendingTasksCount']` does not include tasks in those transitional states, leading to the EC2 instance being terminated prematurely. ### Verification I have verified the change by manually updating the automatically created drain hook lambda and then running a ASG refresh. I ran the test with additional debug output to compare the old logic of `runningTasksCount + pendingTasksCount` and the new logic that fetches the status of the tasks. I interleaved the logs from the ECS events, application running in the task and the drain hook lambda: ``` 2021-03-11T15:56:52.608-08:00 Instance i-1234567890abcdefg has container instance ARN arn:aws:ecs:us-west-2:123456789012:container-instance/fooservice/1234567890abcdefghijklmnopqrstuv 2021-03-11T15:56:52.649-08:00 Instance ARN arn:aws:ecs:us-west-2:123456789012:container-instance/fooservice/1234567890abcdefghijklmnopqrstuv has task ARNs arn:aws:ecs:us-west-2:123456789012:task/fooservice/1234567890abcdefghijklmnopqrstuv 2021-03-11T15:57:03.018-08:00 OLD: Instance arn:aws:ecs:us-west-2:123456789012:container-instance/fooservice/1234567890abcdefghijklmnopqrstuv has 1 tasks 2021-03-11T15:57:03.051-08:00 NEW: Instance arn:aws:ecs:us-west-2:123456789012:container-instance/fooservice/1234567890abcdefghijklmnopqrstuv has 1 tasks 2021-03-11T15:57:13.215-08:00 OLD: Instance arn:aws:ecs:us-west-2:123456789012:container-instance/fooservice/1234567890abcdefghijklmnopqrstuv has 1 tasks 2021-03-11T15:57:13.280-08:00 NEW: Instance arn:aws:ecs:us-west-2:123456789012:container-instance/fooservice/1234567890abcdefghijklmnopqrstuv has 1 tasks 2021-03-11T15:57:15.280-08:00 service fooservice has stopped 1 running tasks: task 1234567890abcdefghijklmnopqrstuv. 2021-03-11T15:57:23.438-08:00 OLD: Instance arn:aws:ecs:us-west-2:123456789012:container-instance/fooservice/1234567890abcdefghijklmnopqrstuv has 0 tasks 2021-03-11T15:57:23.490-08:00 NEW: Instance arn:aws:ecs:us-west-2:123456789012:container-instance/fooservice/1234567890abcdefghijklmnopqrstuv has 1 tasks 2021-03-11T15:57:33.632-08:00 OLD: Instance arn:aws:ecs:us-west-2:123456789012:container-instance/fooservice/1234567890abcdefghijklmnopqrstuv has 0 tasks 2021-03-11T15:57:33.690-08:00 NEW: Instance arn:aws:ecs:us-west-2:123456789012:container-instance/fooservice/1234567890abcdefghijklmnopqrstuv has 1 tasks 2021-03-11T15:57:43.853-08:00 OLD: Instance arn:aws:ecs:us-west-2:123456789012:container-instance/fooservice/1234567890abcdefghijklmnopqrstuv has 0 tasks 2021-03-11T15:57:43.890-08:00 NEW: Instance arn:aws:ecs:us-west-2:123456789012:container-instance/fooservice/1234567890abcdefghijklmnopqrstuv has 1 tasks 2021-03-11T15:57:46.000-08:00 service fooservice has started 1 tasks: task 1234567890abcdefghijklmnopqrstuv. 2021-03-11T15:57:46.000-08:00 (service fooservice, taskSet ecs-svc/1234567890abcdefghi) has begun draining connections on 2 tasks. 2021-03-11T15:57:46.000-08:00 service fooservice deregistered 1 targets in target-group fooservice-vpce-target 2021-03-11T15:57:46.000-08:00 service fooservice deregistered 1 targets in target-group fooservice-target 2021-03-11T15:57:54.032-08:00 OLD: Instance arn:aws:ecs:us-west-2:123456789012:container-instance/fooservice/1234567890abcdefghijklmnopqrstuv has 0 tasks 2021-03-11T15:57:54.090-08:00 NEW: Instance arn:aws:ecs:us-west-2:123456789012:container-instance/fooservice/1234567890abcdefghijklmnopqrstuv has 1 tasks 2021-03-11T15:57:58.000-08:00 service fooservice registered 1 targets in target-group fooservice-vpce-target 2021-03-11T15:57:58.000-08:00 service fooservice registered 1 targets in target-group fooservice-target 2021-03-11T15:58:04.242-08:00 OLD: Instance arn:aws:ecs:us-west-2:123456789012:container-instance/fooservice/1234567890abcdefghijklmnopqrstuv has 0 tasks 2021-03-11T15:58:04.270-08:00 NEW: Instance arn:aws:ecs:us-west-2:123456789012:container-instance/fooservice/1234567890abcdefghijklmnopqrstuv has 1 tasks 2021-03-11T15:58:14.430-08:00 OLD: Instance arn:aws:ecs:us-west-2:123456789012:container-instance/fooservice/1234567890abcdefghijklmnopqrstuv has 0 tasks 2021-03-11T15:58:14.470-08:00 NEW: Instance arn:aws:ecs:us-west-2:123456789012:container-instance/fooservice/1234567890abcdefghijklmnopqrstuv has 1 tasks 2021-03-11T15:58:24.611-08:00 OLD: Instance arn:aws:ecs:us-west-2:123456789012:container-instance/fooservice/1234567890abcdefghijklmnopqrstuv has 0 tasks 2021-03-11T15:58:24.650-08:00 NEW: Instance arn:aws:ecs:us-west-2:123456789012:container-instance/fooservice/1234567890abcdefghijklmnopqrstuv has 1 tasks 2021-03-11T15:58:34.796-08:00 OLD: Instance arn:aws:ecs:us-west-2:123456789012:container-instance/fooservice/1234567890abcdefghijklmnopqrstuv has 0 tasks 2021-03-11T15:58:34.850-08:00 NEW: Instance arn:aws:ecs:us-west-2:123456789012:container-instance/fooservice/1234567890abcdefghijklmnopqrstuv has 1 tasks 2021-03-11T15:58:44.999-08:00 OLD: Instance arn:aws:ecs:us-west-2:123456789012:container-instance/fooservice/1234567890abcdefghijklmnopqrstuv has 0 tasks 2021-03-11T15:58:45.030-08:00 NEW: Instance arn:aws:ecs:us-west-2:123456789012:container-instance/fooservice/1234567890abcdefghijklmnopqrstuv has 1 tasks 2021-03-11T15:58:49.000-08:00 app received SIGTERM 2021-03-11T15:58:54.000-08:00 service fooservice has reached a steady state. 2021-03-11T15:58:55.170-08:00 OLD: Instance arn:aws:ecs:us-west-2:123456789012:container-instance/fooservice/1234567890abcdefghijklmnopqrstuv has 0 tasks 2021-03-11T15:58:55.210-08:00 NEW: Instance arn:aws:ecs:us-west-2:123456789012:container-instance/fooservice/1234567890abcdefghijklmnopqrstuv has 0 tasks 2021-03-11T15:58:55.210-08:00 Terminating instance i-1234567890abcdefg ``` The logs show that the new approach allows ecs to drain connections, deregister the target and respect the `deregistrationDelay` ( set to 1 minute in this case ). The old approach would have terminated the EC2 instance 23 seconds prior to ECS even deregistering the target, leading to 502 errors. ### Pull Request Checklist - [x] Testing I was not able to find any tests validating the functionality of the lambda. However, I have updated `expected.json` files to expect the new lambda function code. - [ ] Docs - *Not Applicable* No previously documented behavior has changed - [x] Title and Description - [ ] Sensitive Modules (requires 2 PR approvers) - *Not Applicable* ### Impact End users utilizing ECS on EC2 with capacity provided by an ASG will see an increase in instance termination time, however the process is now much safer, respects the ALBs `deregistrationDelay` and will reduce connection errors. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- ...on-load-balanced-ecs-service.expected.json | 2 +- ...integ.scheduled-ecs-task.lit.expected.json | 2 +- .../lib/drain-hook/lambda-source/index.py | 34 +++++++++++++++---- .../integ.app-mesh-proxy-config.expected.json | 2 +- .../test/ec2/integ.bottlerocket.expected.json | 2 +- .../test/ec2/integ.clb-host-nw.expected.json | 2 +- ...nteg.cloudmap-container-port.expected.json | 2 +- .../ec2/integ.environment-file.expected.json | 2 +- .../integ.firelens-s3-config.expected.json | 2 +- .../test/ec2/integ.lb-awsvpc-nw.expected.json | 2 +- .../test/ec2/integ.lb-bridge-nw.expected.json | 2 +- .../test/ec2/integ.sd-awsvpc-nw.expected.json | 2 +- .../test/ec2/integ.sd-bridge-nw.expected.json | 2 +- .../test/ec2/integ.spot-drain.expected.json | 4 +-- .../integ.event-ec2-task.lit.expected.json | 2 +- .../test/ecs/integ.ec2-run-task.expected.json | 2 +- .../test/ecs/integ.ec2-task.expected.json | 2 +- 17 files changed, 44 insertions(+), 24 deletions(-) diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/integ.multiple-application-load-balanced-ecs-service.expected.json b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/integ.multiple-application-load-balanced-ecs-service.expected.json index ec9686e054019..0412778adb2e8 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/integ.multiple-application-load-balanced-ecs-service.expected.json +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/integ.multiple-application-load-balanced-ecs-service.expected.json @@ -717,7 +717,7 @@ "Type": "AWS::Lambda::Function", "Properties": { "Code": { - "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n while has_tasks(cluster, instance_arn):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\n\ndef has_tasks(cluster, instance_arn):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n tasks = instance['runningTasksCount'] + instance['pendingTasksCount']\n print('Instance %s has %s tasks' % (instance_arn, tasks))\n\n return tasks > 0\n\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" + "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n task_arns = container_instance_task_arns(cluster, instance_arn)\n \n if task_arns:\n print('Instance ARN %s has task ARNs %s' % (instance_arn, ', '.join(task_arns)))\n\n while has_tasks(cluster, instance_arn, task_arns):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\ndef container_instance_task_arns(cluster, instance_arn):\n \"\"\"Fetch tasks for a container instance ARN.\"\"\"\n arns = ecs.list_tasks(cluster=cluster, containerInstance=instance_arn)['taskArns']\n return arns\n\ndef has_tasks(cluster, instance_arn, task_arns):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n task_count = None\n\n if task_arns:\n # Fetch details for tasks running on the container instance\n tasks = ecs.describe_tasks(cluster=cluster, tasks=task_arns)['tasks']\n if tasks:\n # Consider any non-stopped tasks as running\n task_count = sum(task['lastStatus'] != 'STOPPED' for task in tasks) + instance['pendingTasksCount']\n \n if not task_count:\n # Fallback to instance task counts if detailed task information is unavailable\n task_count = instance['runningTasksCount'] + instance['pendingTasksCount']\n \n print('Instance %s has %s tasks' % (instance_arn, task_count))\n\n return task_count > 0\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" }, "Role": { "Fn::GetAtt": [ diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/integ.scheduled-ecs-task.lit.expected.json b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/integ.scheduled-ecs-task.lit.expected.json index 53c05f9aeba8e..e3afaddbeb7c6 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/integ.scheduled-ecs-task.lit.expected.json +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/integ.scheduled-ecs-task.lit.expected.json @@ -534,7 +534,7 @@ "Type": "AWS::Lambda::Function", "Properties": { "Code": { - "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n while has_tasks(cluster, instance_arn):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\n\ndef has_tasks(cluster, instance_arn):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n tasks = instance['runningTasksCount'] + instance['pendingTasksCount']\n print('Instance %s has %s tasks' % (instance_arn, tasks))\n\n return tasks > 0\n\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" + "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n task_arns = container_instance_task_arns(cluster, instance_arn)\n \n if task_arns:\n print('Instance ARN %s has task ARNs %s' % (instance_arn, ', '.join(task_arns)))\n\n while has_tasks(cluster, instance_arn, task_arns):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\ndef container_instance_task_arns(cluster, instance_arn):\n \"\"\"Fetch tasks for a container instance ARN.\"\"\"\n arns = ecs.list_tasks(cluster=cluster, containerInstance=instance_arn)['taskArns']\n return arns\n\ndef has_tasks(cluster, instance_arn, task_arns):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n task_count = None\n\n if task_arns:\n # Fetch details for tasks running on the container instance\n tasks = ecs.describe_tasks(cluster=cluster, tasks=task_arns)['tasks']\n if tasks:\n # Consider any non-stopped tasks as running\n task_count = sum(task['lastStatus'] != 'STOPPED' for task in tasks) + instance['pendingTasksCount']\n \n if not task_count:\n # Fallback to instance task counts if detailed task information is unavailable\n task_count = instance['runningTasksCount'] + instance['pendingTasksCount']\n \n print('Instance %s has %s tasks' % (instance_arn, task_count))\n\n return task_count > 0\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" }, "Role": { "Fn::GetAtt": [ diff --git a/packages/@aws-cdk/aws-ecs/lib/drain-hook/lambda-source/index.py b/packages/@aws-cdk/aws-ecs/lib/drain-hook/lambda-source/index.py index e17ac68681300..0b4590f9e4768 100644 --- a/packages/@aws-cdk/aws-ecs/lib/drain-hook/lambda-source/index.py +++ b/packages/@aws-cdk/aws-ecs/lib/drain-hook/lambda-source/index.py @@ -20,7 +20,12 @@ def lambda_handler(event, context): if not instance_arn: return - while has_tasks(cluster, instance_arn): + task_arns = container_instance_task_arns(cluster, instance_arn) + + if task_arns: + print('Instance ARN %s has task ARNs %s' % (instance_arn, ', '.join(task_arns))) + + while has_tasks(cluster, instance_arn, task_arns): time.sleep(10) try: @@ -40,8 +45,12 @@ def container_instance_arn(cluster, instance_id): return None return arns[0] +def container_instance_task_arns(cluster, instance_arn): + """Fetch tasks for a container instance ARN.""" + arns = ecs.list_tasks(cluster=cluster, containerInstance=instance_arn)['taskArns'] + return arns -def has_tasks(cluster, instance_arn): +def has_tasks(cluster, instance_arn, task_arns): """Return True if the instance is running tasks for the given cluster.""" instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances'] if not instances: @@ -53,11 +62,22 @@ def has_tasks(cluster, instance_arn): set_container_instance_to_draining(cluster, instance_arn) return True - tasks = instance['runningTasksCount'] + instance['pendingTasksCount'] - print('Instance %s has %s tasks' % (instance_arn, tasks)) - - return tasks > 0 - + task_count = None + + if task_arns: + # Fetch details for tasks running on the container instance + tasks = ecs.describe_tasks(cluster=cluster, tasks=task_arns)['tasks'] + if tasks: + # Consider any non-stopped tasks as running + task_count = sum(task['lastStatus'] != 'STOPPED' for task in tasks) + instance['pendingTasksCount'] + + if not task_count: + # Fallback to instance task counts if detailed task information is unavailable + task_count = instance['runningTasksCount'] + instance['pendingTasksCount'] + + print('Instance %s has %s tasks' % (instance_arn, task_count)) + + return task_count > 0 def set_container_instance_to_draining(cluster, instance_arn): ecs.update_container_instances_state( diff --git a/packages/@aws-cdk/aws-ecs/test/ec2/integ.app-mesh-proxy-config.expected.json b/packages/@aws-cdk/aws-ecs/test/ec2/integ.app-mesh-proxy-config.expected.json index 7a40a11d952ca..2e5eed7f911c6 100644 --- a/packages/@aws-cdk/aws-ecs/test/ec2/integ.app-mesh-proxy-config.expected.json +++ b/packages/@aws-cdk/aws-ecs/test/ec2/integ.app-mesh-proxy-config.expected.json @@ -696,7 +696,7 @@ "Type": "AWS::Lambda::Function", "Properties": { "Code": { - "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n while has_tasks(cluster, instance_arn):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\n\ndef has_tasks(cluster, instance_arn):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n tasks = instance['runningTasksCount'] + instance['pendingTasksCount']\n print('Instance %s has %s tasks' % (instance_arn, tasks))\n\n return tasks > 0\n\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" + "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n task_arns = container_instance_task_arns(cluster, instance_arn)\n \n if task_arns:\n print('Instance ARN %s has task ARNs %s' % (instance_arn, ', '.join(task_arns)))\n\n while has_tasks(cluster, instance_arn, task_arns):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\ndef container_instance_task_arns(cluster, instance_arn):\n \"\"\"Fetch tasks for a container instance ARN.\"\"\"\n arns = ecs.list_tasks(cluster=cluster, containerInstance=instance_arn)['taskArns']\n return arns\n\ndef has_tasks(cluster, instance_arn, task_arns):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n task_count = None\n\n if task_arns:\n # Fetch details for tasks running on the container instance\n tasks = ecs.describe_tasks(cluster=cluster, tasks=task_arns)['tasks']\n if tasks:\n # Consider any non-stopped tasks as running\n task_count = sum(task['lastStatus'] != 'STOPPED' for task in tasks) + instance['pendingTasksCount']\n \n if not task_count:\n # Fallback to instance task counts if detailed task information is unavailable\n task_count = instance['runningTasksCount'] + instance['pendingTasksCount']\n \n print('Instance %s has %s tasks' % (instance_arn, task_count))\n\n return task_count > 0\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" }, "Role": { "Fn::GetAtt": [ diff --git a/packages/@aws-cdk/aws-ecs/test/ec2/integ.bottlerocket.expected.json b/packages/@aws-cdk/aws-ecs/test/ec2/integ.bottlerocket.expected.json index 23ba70a23584d..616a80172092e 100644 --- a/packages/@aws-cdk/aws-ecs/test/ec2/integ.bottlerocket.expected.json +++ b/packages/@aws-cdk/aws-ecs/test/ec2/integ.bottlerocket.expected.json @@ -690,7 +690,7 @@ "Type": "AWS::Lambda::Function", "Properties": { "Code": { - "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n while has_tasks(cluster, instance_arn):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\n\ndef has_tasks(cluster, instance_arn):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n tasks = instance['runningTasksCount'] + instance['pendingTasksCount']\n print('Instance %s has %s tasks' % (instance_arn, tasks))\n\n return tasks > 0\n\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" + "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n task_arns = container_instance_task_arns(cluster, instance_arn)\n \n if task_arns:\n print('Instance ARN %s has task ARNs %s' % (instance_arn, ', '.join(task_arns)))\n\n while has_tasks(cluster, instance_arn, task_arns):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\ndef container_instance_task_arns(cluster, instance_arn):\n \"\"\"Fetch tasks for a container instance ARN.\"\"\"\n arns = ecs.list_tasks(cluster=cluster, containerInstance=instance_arn)['taskArns']\n return arns\n\ndef has_tasks(cluster, instance_arn, task_arns):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n task_count = None\n\n if task_arns:\n # Fetch details for tasks running on the container instance\n tasks = ecs.describe_tasks(cluster=cluster, tasks=task_arns)['tasks']\n if tasks:\n # Consider any non-stopped tasks as running\n task_count = sum(task['lastStatus'] != 'STOPPED' for task in tasks) + instance['pendingTasksCount']\n \n if not task_count:\n # Fallback to instance task counts if detailed task information is unavailable\n task_count = instance['runningTasksCount'] + instance['pendingTasksCount']\n \n print('Instance %s has %s tasks' % (instance_arn, task_count))\n\n return task_count > 0\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" }, "Role": { "Fn::GetAtt": [ diff --git a/packages/@aws-cdk/aws-ecs/test/ec2/integ.clb-host-nw.expected.json b/packages/@aws-cdk/aws-ecs/test/ec2/integ.clb-host-nw.expected.json index 3a323b0d36eff..77ccc9c6c36c6 100644 --- a/packages/@aws-cdk/aws-ecs/test/ec2/integ.clb-host-nw.expected.json +++ b/packages/@aws-cdk/aws-ecs/test/ec2/integ.clb-host-nw.expected.json @@ -717,7 +717,7 @@ "Type": "AWS::Lambda::Function", "Properties": { "Code": { - "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n while has_tasks(cluster, instance_arn):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\n\ndef has_tasks(cluster, instance_arn):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n tasks = instance['runningTasksCount'] + instance['pendingTasksCount']\n print('Instance %s has %s tasks' % (instance_arn, tasks))\n\n return tasks > 0\n\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" + "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n task_arns = container_instance_task_arns(cluster, instance_arn)\n \n if task_arns:\n print('Instance ARN %s has task ARNs %s' % (instance_arn, ', '.join(task_arns)))\n\n while has_tasks(cluster, instance_arn, task_arns):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\ndef container_instance_task_arns(cluster, instance_arn):\n \"\"\"Fetch tasks for a container instance ARN.\"\"\"\n arns = ecs.list_tasks(cluster=cluster, containerInstance=instance_arn)['taskArns']\n return arns\n\ndef has_tasks(cluster, instance_arn, task_arns):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n task_count = None\n\n if task_arns:\n # Fetch details for tasks running on the container instance\n tasks = ecs.describe_tasks(cluster=cluster, tasks=task_arns)['tasks']\n if tasks:\n # Consider any non-stopped tasks as running\n task_count = sum(task['lastStatus'] != 'STOPPED' for task in tasks) + instance['pendingTasksCount']\n \n if not task_count:\n # Fallback to instance task counts if detailed task information is unavailable\n task_count = instance['runningTasksCount'] + instance['pendingTasksCount']\n \n print('Instance %s has %s tasks' % (instance_arn, task_count))\n\n return task_count > 0\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" }, "Role": { "Fn::GetAtt": [ diff --git a/packages/@aws-cdk/aws-ecs/test/ec2/integ.cloudmap-container-port.expected.json b/packages/@aws-cdk/aws-ecs/test/ec2/integ.cloudmap-container-port.expected.json index e067e7d75a67d..da866432d8539 100644 --- a/packages/@aws-cdk/aws-ecs/test/ec2/integ.cloudmap-container-port.expected.json +++ b/packages/@aws-cdk/aws-ecs/test/ec2/integ.cloudmap-container-port.expected.json @@ -518,7 +518,7 @@ "Type": "AWS::Lambda::Function", "Properties": { "Code": { - "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n while has_tasks(cluster, instance_arn):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\n\ndef has_tasks(cluster, instance_arn):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n tasks = instance['runningTasksCount'] + instance['pendingTasksCount']\n print('Instance %s has %s tasks' % (instance_arn, tasks))\n\n return tasks > 0\n\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" + "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n task_arns = container_instance_task_arns(cluster, instance_arn)\n \n if task_arns:\n print('Instance ARN %s has task ARNs %s' % (instance_arn, ', '.join(task_arns)))\n\n while has_tasks(cluster, instance_arn, task_arns):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\ndef container_instance_task_arns(cluster, instance_arn):\n \"\"\"Fetch tasks for a container instance ARN.\"\"\"\n arns = ecs.list_tasks(cluster=cluster, containerInstance=instance_arn)['taskArns']\n return arns\n\ndef has_tasks(cluster, instance_arn, task_arns):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n task_count = None\n\n if task_arns:\n # Fetch details for tasks running on the container instance\n tasks = ecs.describe_tasks(cluster=cluster, tasks=task_arns)['tasks']\n if tasks:\n # Consider any non-stopped tasks as running\n task_count = sum(task['lastStatus'] != 'STOPPED' for task in tasks) + instance['pendingTasksCount']\n \n if not task_count:\n # Fallback to instance task counts if detailed task information is unavailable\n task_count = instance['runningTasksCount'] + instance['pendingTasksCount']\n \n print('Instance %s has %s tasks' % (instance_arn, task_count))\n\n return task_count > 0\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" }, "Role": { "Fn::GetAtt": [ diff --git a/packages/@aws-cdk/aws-ecs/test/ec2/integ.environment-file.expected.json b/packages/@aws-cdk/aws-ecs/test/ec2/integ.environment-file.expected.json index b287e6ffc33fa..c309c8a70f249 100644 --- a/packages/@aws-cdk/aws-ecs/test/ec2/integ.environment-file.expected.json +++ b/packages/@aws-cdk/aws-ecs/test/ec2/integ.environment-file.expected.json @@ -709,7 +709,7 @@ "Type": "AWS::Lambda::Function", "Properties": { "Code": { - "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n while has_tasks(cluster, instance_arn):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\n\ndef has_tasks(cluster, instance_arn):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n tasks = instance['runningTasksCount'] + instance['pendingTasksCount']\n print('Instance %s has %s tasks' % (instance_arn, tasks))\n\n return tasks > 0\n\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" + "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n task_arns = container_instance_task_arns(cluster, instance_arn)\n \n if task_arns:\n print('Instance ARN %s has task ARNs %s' % (instance_arn, ', '.join(task_arns)))\n\n while has_tasks(cluster, instance_arn, task_arns):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\ndef container_instance_task_arns(cluster, instance_arn):\n \"\"\"Fetch tasks for a container instance ARN.\"\"\"\n arns = ecs.list_tasks(cluster=cluster, containerInstance=instance_arn)['taskArns']\n return arns\n\ndef has_tasks(cluster, instance_arn, task_arns):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n task_count = None\n\n if task_arns:\n # Fetch details for tasks running on the container instance\n tasks = ecs.describe_tasks(cluster=cluster, tasks=task_arns)['tasks']\n if tasks:\n # Consider any non-stopped tasks as running\n task_count = sum(task['lastStatus'] != 'STOPPED' for task in tasks) + instance['pendingTasksCount']\n \n if not task_count:\n # Fallback to instance task counts if detailed task information is unavailable\n task_count = instance['runningTasksCount'] + instance['pendingTasksCount']\n \n print('Instance %s has %s tasks' % (instance_arn, task_count))\n\n return task_count > 0\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" }, "Role": { "Fn::GetAtt": [ diff --git a/packages/@aws-cdk/aws-ecs/test/ec2/integ.firelens-s3-config.expected.json b/packages/@aws-cdk/aws-ecs/test/ec2/integ.firelens-s3-config.expected.json index 967d38891c487..e863d75fa16fb 100644 --- a/packages/@aws-cdk/aws-ecs/test/ec2/integ.firelens-s3-config.expected.json +++ b/packages/@aws-cdk/aws-ecs/test/ec2/integ.firelens-s3-config.expected.json @@ -696,7 +696,7 @@ "Type": "AWS::Lambda::Function", "Properties": { "Code": { - "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n while has_tasks(cluster, instance_arn):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\n\ndef has_tasks(cluster, instance_arn):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n tasks = instance['runningTasksCount'] + instance['pendingTasksCount']\n print('Instance %s has %s tasks' % (instance_arn, tasks))\n\n return tasks > 0\n\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" + "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n task_arns = container_instance_task_arns(cluster, instance_arn)\n \n if task_arns:\n print('Instance ARN %s has task ARNs %s' % (instance_arn, ', '.join(task_arns)))\n\n while has_tasks(cluster, instance_arn, task_arns):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\ndef container_instance_task_arns(cluster, instance_arn):\n \"\"\"Fetch tasks for a container instance ARN.\"\"\"\n arns = ecs.list_tasks(cluster=cluster, containerInstance=instance_arn)['taskArns']\n return arns\n\ndef has_tasks(cluster, instance_arn, task_arns):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n task_count = None\n\n if task_arns:\n # Fetch details for tasks running on the container instance\n tasks = ecs.describe_tasks(cluster=cluster, tasks=task_arns)['tasks']\n if tasks:\n # Consider any non-stopped tasks as running\n task_count = sum(task['lastStatus'] != 'STOPPED' for task in tasks) + instance['pendingTasksCount']\n \n if not task_count:\n # Fallback to instance task counts if detailed task information is unavailable\n task_count = instance['runningTasksCount'] + instance['pendingTasksCount']\n \n print('Instance %s has %s tasks' % (instance_arn, task_count))\n\n return task_count > 0\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" }, "Role": { "Fn::GetAtt": [ diff --git a/packages/@aws-cdk/aws-ecs/test/ec2/integ.lb-awsvpc-nw.expected.json b/packages/@aws-cdk/aws-ecs/test/ec2/integ.lb-awsvpc-nw.expected.json index 90fd28f84cef2..1fef2d83e2784 100644 --- a/packages/@aws-cdk/aws-ecs/test/ec2/integ.lb-awsvpc-nw.expected.json +++ b/packages/@aws-cdk/aws-ecs/test/ec2/integ.lb-awsvpc-nw.expected.json @@ -696,7 +696,7 @@ "Type": "AWS::Lambda::Function", "Properties": { "Code": { - "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n while has_tasks(cluster, instance_arn):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\n\ndef has_tasks(cluster, instance_arn):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n tasks = instance['runningTasksCount'] + instance['pendingTasksCount']\n print('Instance %s has %s tasks' % (instance_arn, tasks))\n\n return tasks > 0\n\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" + "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n task_arns = container_instance_task_arns(cluster, instance_arn)\n \n if task_arns:\n print('Instance ARN %s has task ARNs %s' % (instance_arn, ', '.join(task_arns)))\n\n while has_tasks(cluster, instance_arn, task_arns):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\ndef container_instance_task_arns(cluster, instance_arn):\n \"\"\"Fetch tasks for a container instance ARN.\"\"\"\n arns = ecs.list_tasks(cluster=cluster, containerInstance=instance_arn)['taskArns']\n return arns\n\ndef has_tasks(cluster, instance_arn, task_arns):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n task_count = None\n\n if task_arns:\n # Fetch details for tasks running on the container instance\n tasks = ecs.describe_tasks(cluster=cluster, tasks=task_arns)['tasks']\n if tasks:\n # Consider any non-stopped tasks as running\n task_count = sum(task['lastStatus'] != 'STOPPED' for task in tasks) + instance['pendingTasksCount']\n \n if not task_count:\n # Fallback to instance task counts if detailed task information is unavailable\n task_count = instance['runningTasksCount'] + instance['pendingTasksCount']\n \n print('Instance %s has %s tasks' % (instance_arn, task_count))\n\n return task_count > 0\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" }, "Role": { "Fn::GetAtt": [ diff --git a/packages/@aws-cdk/aws-ecs/test/ec2/integ.lb-bridge-nw.expected.json b/packages/@aws-cdk/aws-ecs/test/ec2/integ.lb-bridge-nw.expected.json index 0737785f5fea4..1bcb9d34f8dbd 100644 --- a/packages/@aws-cdk/aws-ecs/test/ec2/integ.lb-bridge-nw.expected.json +++ b/packages/@aws-cdk/aws-ecs/test/ec2/integ.lb-bridge-nw.expected.json @@ -717,7 +717,7 @@ "Type": "AWS::Lambda::Function", "Properties": { "Code": { - "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n while has_tasks(cluster, instance_arn):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\n\ndef has_tasks(cluster, instance_arn):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n tasks = instance['runningTasksCount'] + instance['pendingTasksCount']\n print('Instance %s has %s tasks' % (instance_arn, tasks))\n\n return tasks > 0\n\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" + "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n task_arns = container_instance_task_arns(cluster, instance_arn)\n \n if task_arns:\n print('Instance ARN %s has task ARNs %s' % (instance_arn, ', '.join(task_arns)))\n\n while has_tasks(cluster, instance_arn, task_arns):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\ndef container_instance_task_arns(cluster, instance_arn):\n \"\"\"Fetch tasks for a container instance ARN.\"\"\"\n arns = ecs.list_tasks(cluster=cluster, containerInstance=instance_arn)['taskArns']\n return arns\n\ndef has_tasks(cluster, instance_arn, task_arns):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n task_count = None\n\n if task_arns:\n # Fetch details for tasks running on the container instance\n tasks = ecs.describe_tasks(cluster=cluster, tasks=task_arns)['tasks']\n if tasks:\n # Consider any non-stopped tasks as running\n task_count = sum(task['lastStatus'] != 'STOPPED' for task in tasks) + instance['pendingTasksCount']\n \n if not task_count:\n # Fallback to instance task counts if detailed task information is unavailable\n task_count = instance['runningTasksCount'] + instance['pendingTasksCount']\n \n print('Instance %s has %s tasks' % (instance_arn, task_count))\n\n return task_count > 0\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" }, "Role": { "Fn::GetAtt": [ diff --git a/packages/@aws-cdk/aws-ecs/test/ec2/integ.sd-awsvpc-nw.expected.json b/packages/@aws-cdk/aws-ecs/test/ec2/integ.sd-awsvpc-nw.expected.json index b4e2c72807b0e..353debc6de544 100644 --- a/packages/@aws-cdk/aws-ecs/test/ec2/integ.sd-awsvpc-nw.expected.json +++ b/packages/@aws-cdk/aws-ecs/test/ec2/integ.sd-awsvpc-nw.expected.json @@ -696,7 +696,7 @@ "Type": "AWS::Lambda::Function", "Properties": { "Code": { - "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n while has_tasks(cluster, instance_arn):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\n\ndef has_tasks(cluster, instance_arn):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n tasks = instance['runningTasksCount'] + instance['pendingTasksCount']\n print('Instance %s has %s tasks' % (instance_arn, tasks))\n\n return tasks > 0\n\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" + "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n task_arns = container_instance_task_arns(cluster, instance_arn)\n \n if task_arns:\n print('Instance ARN %s has task ARNs %s' % (instance_arn, ', '.join(task_arns)))\n\n while has_tasks(cluster, instance_arn, task_arns):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\ndef container_instance_task_arns(cluster, instance_arn):\n \"\"\"Fetch tasks for a container instance ARN.\"\"\"\n arns = ecs.list_tasks(cluster=cluster, containerInstance=instance_arn)['taskArns']\n return arns\n\ndef has_tasks(cluster, instance_arn, task_arns):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n task_count = None\n\n if task_arns:\n # Fetch details for tasks running on the container instance\n tasks = ecs.describe_tasks(cluster=cluster, tasks=task_arns)['tasks']\n if tasks:\n # Consider any non-stopped tasks as running\n task_count = sum(task['lastStatus'] != 'STOPPED' for task in tasks) + instance['pendingTasksCount']\n \n if not task_count:\n # Fallback to instance task counts if detailed task information is unavailable\n task_count = instance['runningTasksCount'] + instance['pendingTasksCount']\n \n print('Instance %s has %s tasks' % (instance_arn, task_count))\n\n return task_count > 0\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" }, "Role": { "Fn::GetAtt": [ diff --git a/packages/@aws-cdk/aws-ecs/test/ec2/integ.sd-bridge-nw.expected.json b/packages/@aws-cdk/aws-ecs/test/ec2/integ.sd-bridge-nw.expected.json index ef42895037361..4722ee003bef2 100644 --- a/packages/@aws-cdk/aws-ecs/test/ec2/integ.sd-bridge-nw.expected.json +++ b/packages/@aws-cdk/aws-ecs/test/ec2/integ.sd-bridge-nw.expected.json @@ -696,7 +696,7 @@ "Type": "AWS::Lambda::Function", "Properties": { "Code": { - "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n while has_tasks(cluster, instance_arn):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\n\ndef has_tasks(cluster, instance_arn):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n tasks = instance['runningTasksCount'] + instance['pendingTasksCount']\n print('Instance %s has %s tasks' % (instance_arn, tasks))\n\n return tasks > 0\n\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" + "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n task_arns = container_instance_task_arns(cluster, instance_arn)\n \n if task_arns:\n print('Instance ARN %s has task ARNs %s' % (instance_arn, ', '.join(task_arns)))\n\n while has_tasks(cluster, instance_arn, task_arns):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\ndef container_instance_task_arns(cluster, instance_arn):\n \"\"\"Fetch tasks for a container instance ARN.\"\"\"\n arns = ecs.list_tasks(cluster=cluster, containerInstance=instance_arn)['taskArns']\n return arns\n\ndef has_tasks(cluster, instance_arn, task_arns):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n task_count = None\n\n if task_arns:\n # Fetch details for tasks running on the container instance\n tasks = ecs.describe_tasks(cluster=cluster, tasks=task_arns)['tasks']\n if tasks:\n # Consider any non-stopped tasks as running\n task_count = sum(task['lastStatus'] != 'STOPPED' for task in tasks) + instance['pendingTasksCount']\n \n if not task_count:\n # Fallback to instance task counts if detailed task information is unavailable\n task_count = instance['runningTasksCount'] + instance['pendingTasksCount']\n \n print('Instance %s has %s tasks' % (instance_arn, task_count))\n\n return task_count > 0\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" }, "Role": { "Fn::GetAtt": [ diff --git a/packages/@aws-cdk/aws-ecs/test/ec2/integ.spot-drain.expected.json b/packages/@aws-cdk/aws-ecs/test/ec2/integ.spot-drain.expected.json index 77acf122d0168..20ba3cf89516e 100644 --- a/packages/@aws-cdk/aws-ecs/test/ec2/integ.spot-drain.expected.json +++ b/packages/@aws-cdk/aws-ecs/test/ec2/integ.spot-drain.expected.json @@ -698,7 +698,7 @@ "Type": "AWS::Lambda::Function", "Properties": { "Code": { - "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n while has_tasks(cluster, instance_arn):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\n\ndef has_tasks(cluster, instance_arn):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n tasks = instance['runningTasksCount'] + instance['pendingTasksCount']\n print('Instance %s has %s tasks' % (instance_arn, tasks))\n\n return tasks > 0\n\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" + "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n task_arns = container_instance_task_arns(cluster, instance_arn)\n \n if task_arns:\n print('Instance ARN %s has task ARNs %s' % (instance_arn, ', '.join(task_arns)))\n\n while has_tasks(cluster, instance_arn, task_arns):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\ndef container_instance_task_arns(cluster, instance_arn):\n \"\"\"Fetch tasks for a container instance ARN.\"\"\"\n arns = ecs.list_tasks(cluster=cluster, containerInstance=instance_arn)['taskArns']\n return arns\n\ndef has_tasks(cluster, instance_arn, task_arns):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n task_count = None\n\n if task_arns:\n # Fetch details for tasks running on the container instance\n tasks = ecs.describe_tasks(cluster=cluster, tasks=task_arns)['tasks']\n if tasks:\n # Consider any non-stopped tasks as running\n task_count = sum(task['lastStatus'] != 'STOPPED' for task in tasks) + instance['pendingTasksCount']\n \n if not task_count:\n # Fallback to instance task counts if detailed task information is unavailable\n task_count = instance['runningTasksCount'] + instance['pendingTasksCount']\n \n print('Instance %s has %s tasks' % (instance_arn, task_count))\n\n return task_count > 0\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" }, "Role": { "Fn::GetAtt": [ @@ -1179,7 +1179,7 @@ "Type": "AWS::Lambda::Function", "Properties": { "Code": { - "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n while has_tasks(cluster, instance_arn):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\n\ndef has_tasks(cluster, instance_arn):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n tasks = instance['runningTasksCount'] + instance['pendingTasksCount']\n print('Instance %s has %s tasks' % (instance_arn, tasks))\n\n return tasks > 0\n\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" + "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n task_arns = container_instance_task_arns(cluster, instance_arn)\n \n if task_arns:\n print('Instance ARN %s has task ARNs %s' % (instance_arn, ', '.join(task_arns)))\n\n while has_tasks(cluster, instance_arn, task_arns):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\ndef container_instance_task_arns(cluster, instance_arn):\n \"\"\"Fetch tasks for a container instance ARN.\"\"\"\n arns = ecs.list_tasks(cluster=cluster, containerInstance=instance_arn)['taskArns']\n return arns\n\ndef has_tasks(cluster, instance_arn, task_arns):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n task_count = None\n\n if task_arns:\n # Fetch details for tasks running on the container instance\n tasks = ecs.describe_tasks(cluster=cluster, tasks=task_arns)['tasks']\n if tasks:\n # Consider any non-stopped tasks as running\n task_count = sum(task['lastStatus'] != 'STOPPED' for task in tasks) + instance['pendingTasksCount']\n \n if not task_count:\n # Fallback to instance task counts if detailed task information is unavailable\n task_count = instance['runningTasksCount'] + instance['pendingTasksCount']\n \n print('Instance %s has %s tasks' % (instance_arn, task_count))\n\n return task_count > 0\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" }, "Role": { "Fn::GetAtt": [ diff --git a/packages/@aws-cdk/aws-events-targets/test/ecs/integ.event-ec2-task.lit.expected.json b/packages/@aws-cdk/aws-events-targets/test/ecs/integ.event-ec2-task.lit.expected.json index 6dc9c62e63102..dbdb415e57e63 100644 --- a/packages/@aws-cdk/aws-events-targets/test/ecs/integ.event-ec2-task.lit.expected.json +++ b/packages/@aws-cdk/aws-events-targets/test/ecs/integ.event-ec2-task.lit.expected.json @@ -534,7 +534,7 @@ "Type": "AWS::Lambda::Function", "Properties": { "Code": { - "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n while has_tasks(cluster, instance_arn):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\n\ndef has_tasks(cluster, instance_arn):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n tasks = instance['runningTasksCount'] + instance['pendingTasksCount']\n print('Instance %s has %s tasks' % (instance_arn, tasks))\n\n return tasks > 0\n\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" + "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n task_arns = container_instance_task_arns(cluster, instance_arn)\n \n if task_arns:\n print('Instance ARN %s has task ARNs %s' % (instance_arn, ', '.join(task_arns)))\n\n while has_tasks(cluster, instance_arn, task_arns):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\ndef container_instance_task_arns(cluster, instance_arn):\n \"\"\"Fetch tasks for a container instance ARN.\"\"\"\n arns = ecs.list_tasks(cluster=cluster, containerInstance=instance_arn)['taskArns']\n return arns\n\ndef has_tasks(cluster, instance_arn, task_arns):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n task_count = None\n\n if task_arns:\n # Fetch details for tasks running on the container instance\n tasks = ecs.describe_tasks(cluster=cluster, tasks=task_arns)['tasks']\n if tasks:\n # Consider any non-stopped tasks as running\n task_count = sum(task['lastStatus'] != 'STOPPED' for task in tasks) + instance['pendingTasksCount']\n \n if not task_count:\n # Fallback to instance task counts if detailed task information is unavailable\n task_count = instance['runningTasksCount'] + instance['pendingTasksCount']\n \n print('Instance %s has %s tasks' % (instance_arn, task_count))\n\n return task_count > 0\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" }, "Role": { "Fn::GetAtt": [ diff --git a/packages/@aws-cdk/aws-stepfunctions-tasks/test/ecs/integ.ec2-run-task.expected.json b/packages/@aws-cdk/aws-stepfunctions-tasks/test/ecs/integ.ec2-run-task.expected.json index 97a2e05741145..c67a1adcd7dd7 100644 --- a/packages/@aws-cdk/aws-stepfunctions-tasks/test/ecs/integ.ec2-run-task.expected.json +++ b/packages/@aws-cdk/aws-stepfunctions-tasks/test/ecs/integ.ec2-run-task.expected.json @@ -328,7 +328,7 @@ "Type": "AWS::Lambda::Function", "Properties": { "Code": { - "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n while has_tasks(cluster, instance_arn):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\n\ndef has_tasks(cluster, instance_arn):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n tasks = instance['runningTasksCount'] + instance['pendingTasksCount']\n print('Instance %s has %s tasks' % (instance_arn, tasks))\n\n return tasks > 0\n\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" + "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n task_arns = container_instance_task_arns(cluster, instance_arn)\n \n if task_arns:\n print('Instance ARN %s has task ARNs %s' % (instance_arn, ', '.join(task_arns)))\n\n while has_tasks(cluster, instance_arn, task_arns):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\ndef container_instance_task_arns(cluster, instance_arn):\n \"\"\"Fetch tasks for a container instance ARN.\"\"\"\n arns = ecs.list_tasks(cluster=cluster, containerInstance=instance_arn)['taskArns']\n return arns\n\ndef has_tasks(cluster, instance_arn, task_arns):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n task_count = None\n\n if task_arns:\n # Fetch details for tasks running on the container instance\n tasks = ecs.describe_tasks(cluster=cluster, tasks=task_arns)['tasks']\n if tasks:\n # Consider any non-stopped tasks as running\n task_count = sum(task['lastStatus'] != 'STOPPED' for task in tasks) + instance['pendingTasksCount']\n \n if not task_count:\n # Fallback to instance task counts if detailed task information is unavailable\n task_count = instance['runningTasksCount'] + instance['pendingTasksCount']\n \n print('Instance %s has %s tasks' % (instance_arn, task_count))\n\n return task_count > 0\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" }, "Role": { "Fn::GetAtt": [ diff --git a/packages/@aws-cdk/aws-stepfunctions-tasks/test/ecs/integ.ec2-task.expected.json b/packages/@aws-cdk/aws-stepfunctions-tasks/test/ecs/integ.ec2-task.expected.json index 2b574e0b9baa4..891777171b73c 100644 --- a/packages/@aws-cdk/aws-stepfunctions-tasks/test/ecs/integ.ec2-task.expected.json +++ b/packages/@aws-cdk/aws-stepfunctions-tasks/test/ecs/integ.ec2-task.expected.json @@ -328,7 +328,7 @@ "Type": "AWS::Lambda::Function", "Properties": { "Code": { - "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n while has_tasks(cluster, instance_arn):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\n\ndef has_tasks(cluster, instance_arn):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n tasks = instance['runningTasksCount'] + instance['pendingTasksCount']\n print('Instance %s has %s tasks' % (instance_arn, tasks))\n\n return tasks > 0\n\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" + "ZipFile": "import boto3, json, os, time\n\necs = boto3.client('ecs')\nautoscaling = boto3.client('autoscaling')\n\n\ndef lambda_handler(event, context):\n print(json.dumps(event))\n cluster = os.environ['CLUSTER']\n snsTopicArn = event['Records'][0]['Sns']['TopicArn']\n lifecycle_event = json.loads(event['Records'][0]['Sns']['Message'])\n instance_id = lifecycle_event.get('EC2InstanceId')\n if not instance_id:\n print('Got event without EC2InstanceId: %s', json.dumps(event))\n return\n\n instance_arn = container_instance_arn(cluster, instance_id)\n print('Instance %s has container instance ARN %s' % (lifecycle_event['EC2InstanceId'], instance_arn))\n\n if not instance_arn:\n return\n\n task_arns = container_instance_task_arns(cluster, instance_arn)\n \n if task_arns:\n print('Instance ARN %s has task ARNs %s' % (instance_arn, ', '.join(task_arns)))\n\n while has_tasks(cluster, instance_arn, task_arns):\n time.sleep(10)\n\n try:\n print('Terminating instance %s' % instance_id)\n autoscaling.complete_lifecycle_action(\n LifecycleActionResult='CONTINUE',\n **pick(lifecycle_event, 'LifecycleHookName', 'LifecycleActionToken', 'AutoScalingGroupName'))\n except Exception as e:\n # Lifecycle action may have already completed.\n print(str(e))\n\n\ndef container_instance_arn(cluster, instance_id):\n \"\"\"Turn an instance ID into a container instance ARN.\"\"\"\n arns = ecs.list_container_instances(cluster=cluster, filter='ec2InstanceId==' + instance_id)['containerInstanceArns']\n if not arns:\n return None\n return arns[0]\n\ndef container_instance_task_arns(cluster, instance_arn):\n \"\"\"Fetch tasks for a container instance ARN.\"\"\"\n arns = ecs.list_tasks(cluster=cluster, containerInstance=instance_arn)['taskArns']\n return arns\n\ndef has_tasks(cluster, instance_arn, task_arns):\n \"\"\"Return True if the instance is running tasks for the given cluster.\"\"\"\n instances = ecs.describe_container_instances(cluster=cluster, containerInstances=[instance_arn])['containerInstances']\n if not instances:\n return False\n instance = instances[0]\n\n if instance['status'] == 'ACTIVE':\n # Start draining, then try again later\n set_container_instance_to_draining(cluster, instance_arn)\n return True\n\n task_count = None\n\n if task_arns:\n # Fetch details for tasks running on the container instance\n tasks = ecs.describe_tasks(cluster=cluster, tasks=task_arns)['tasks']\n if tasks:\n # Consider any non-stopped tasks as running\n task_count = sum(task['lastStatus'] != 'STOPPED' for task in tasks) + instance['pendingTasksCount']\n \n if not task_count:\n # Fallback to instance task counts if detailed task information is unavailable\n task_count = instance['runningTasksCount'] + instance['pendingTasksCount']\n \n print('Instance %s has %s tasks' % (instance_arn, task_count))\n\n return task_count > 0\n\ndef set_container_instance_to_draining(cluster, instance_arn):\n ecs.update_container_instances_state(\n cluster=cluster,\n containerInstances=[instance_arn], status='DRAINING')\n\n\ndef pick(dct, *keys):\n \"\"\"Pick a subset of a dict.\"\"\"\n return {k: v for k, v in dct.items() if k in keys}\n" }, "Role": { "Fn::GetAtt": [ From d3e9f3e0e4a167e43812b2ba0a169d4df66bcc20 Mon Sep 17 00:00:00 2001 From: Eli Polonsky Date: Sun, 21 Mar 2021 15:10:30 +0200 Subject: [PATCH 004/260] chore(elasticsearch): Explain SLR requirement in README (#13546) Explain when an SLR is needed, and how to create one. This can be a source of confusion because the ES console experience hides the SLR from users by automatically creating it if needed. Related to https://github.com/aws/aws-cdk/issues/13367 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-elasticsearch/README.md | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/packages/@aws-cdk/aws-elasticsearch/README.md b/packages/@aws-cdk/aws-elasticsearch/README.md index 37d117c393616..359b28dda1b66 100644 --- a/packages/@aws-cdk/aws-elasticsearch/README.md +++ b/packages/@aws-cdk/aws-elasticsearch/README.md @@ -74,6 +74,30 @@ const prodDomain = new es.Domain(this, 'Domain', { This creates an Elasticsearch cluster and automatically sets up log groups for logging the domain logs and slow search logs. +## A note about SLR + +Some cluster configurations (e.g VPC access) require the existence of the [`AWSServiceRoleForAmazonElasticsearchService`](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/slr-es.html) Service-Linked Role. + +When performing such operations via the AWS Console, this SLR is created automatically when needed. However, this is not the behavior when using CloudFormation. If an SLR is needed, but doesn't exist, you will encounter a failure message simlar to: + +```console +Before you can proceed, you must enable a service-linked role to give Amazon ES... +``` + +To resolve this, you need to [create](https://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html#create-service-linked-role) the SLR. We recommend using the AWS CLI: + +```console +aws iam create-service-linked-role --aws-service-name es.amazonaws.com +``` + +You can also create it using the CDK, **but note that only the first application deploying this will succeed**: + +```ts +const slr = new iam.CfnServiceLinkedRole(this, 'ElasticSLR', { + awsServiceName: 'es.amazonaws.com' +}); +``` + ## Importing existing domains To import an existing domain into your CDK application, use the `Domain.fromDomainEndpoint` factory method. From 0ec7a1bb651434f10cc4a6220b87b15484d456f8 Mon Sep 17 00:00:00 2001 From: Eli Polonsky Date: Mon, 22 Mar 2021 11:52:19 +0200 Subject: [PATCH 005/260] chore(deps): Upgrade major version of lerna (#13723) This resolves https://github.com/aws/aws-cdk/security/dependabot/yarn.lock/ssri/open Lerna is the root of the dependency chain causing this security alert. ```console => Found "ssri@6.0.1" info Reasons this module exists - "_project_#lerna#@lerna#publish#@evocateur#pacote" depends on it - Hoisted from "_project_#lerna#@lerna#publish#@evocateur#pacote#ssri" - Hoisted from "_project_#lerna#@lerna#publish#@evocateur#npm-registry-fetch#make-fetch-happen#ssri" - Hoisted from "_project_#lerna#@lerna#publish#@evocateur#pacote#cacache#ssri" - Hoisted from "_project_#lerna#@lerna#publish#@lerna#pack-directory#@lerna#get-packed#ssri" - Hoisted from "_project_#lerna#@lerna#publish#@lerna#npm-publish#@evocateur#libnpmpublish#ssri" ``` Unfortunately upgrading all transitive deps of the latest lerna version for `3.x` doesn't pull the necessary upgrade to resolve the alert. So it's either: 1. Wait for lerna to release a `3.x` patch to resolve this, which doesn't seem likely since the alert refers to a deep transitive dependency. 2. Manually and selectively upgrade the `ssri` package to a new major version - feels fragile. 3. Upgrade to lerna `4.x`. Opted for option 3 since it sounds the most reasonable. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- package.json | 2 +- yarn.lock | 2986 +++++++++++++++++++++----------------------------- 2 files changed, 1235 insertions(+), 1753 deletions(-) diff --git a/package.json b/package.json index f82766ba1d48f..2a8cc616236bd 100644 --- a/package.json +++ b/package.json @@ -21,7 +21,7 @@ "jsii-diff": "^1.25.0", "jsii-pacmak": "^1.25.0", "jsii-rosetta": "^1.25.0", - "lerna": "^3.22.1", + "lerna": "^4.0.0", "standard-version": "^9.1.1", "typescript": "~3.9.9" }, diff --git a/yarn.lock b/yarn.lock index 474f8606db1fa..6807fedf2c7d3 100644 --- a/yarn.lock +++ b/yarn.lock @@ -326,80 +326,6 @@ minimatch "^3.0.4" strip-json-comments "^3.1.1" -"@evocateur/libnpmaccess@^3.1.2": - version "3.1.2" - resolved "https://registry.yarnpkg.com/@evocateur/libnpmaccess/-/libnpmaccess-3.1.2.tgz#ecf7f6ce6b004e9f942b098d92200be4a4b1c845" - integrity sha512-KSCAHwNWro0CF2ukxufCitT9K5LjL/KuMmNzSu8wuwN2rjyKHD8+cmOsiybK+W5hdnwc5M1SmRlVCaMHQo+3rg== - dependencies: - "@evocateur/npm-registry-fetch" "^4.0.0" - aproba "^2.0.0" - figgy-pudding "^3.5.1" - get-stream "^4.0.0" - npm-package-arg "^6.1.0" - -"@evocateur/libnpmpublish@^1.2.2": - version "1.2.2" - resolved "https://registry.yarnpkg.com/@evocateur/libnpmpublish/-/libnpmpublish-1.2.2.tgz#55df09d2dca136afba9c88c759ca272198db9f1a" - integrity sha512-MJrrk9ct1FeY9zRlyeoyMieBjGDG9ihyyD9/Ft6MMrTxql9NyoEx2hw9casTIP4CdqEVu+3nQ2nXxoJ8RCXyFg== - dependencies: - "@evocateur/npm-registry-fetch" "^4.0.0" - aproba "^2.0.0" - figgy-pudding "^3.5.1" - get-stream "^4.0.0" - lodash.clonedeep "^4.5.0" - normalize-package-data "^2.4.0" - npm-package-arg "^6.1.0" - semver "^5.5.1" - ssri "^6.0.1" - -"@evocateur/npm-registry-fetch@^4.0.0": - version "4.0.0" - resolved "https://registry.yarnpkg.com/@evocateur/npm-registry-fetch/-/npm-registry-fetch-4.0.0.tgz#8c4c38766d8d32d3200fcb0a83f064b57365ed66" - integrity sha512-k1WGfKRQyhJpIr+P17O5vLIo2ko1PFLKwoetatdduUSt/aQ4J2sJrJwwatdI5Z3SiYk/mRH9S3JpdmMFd/IK4g== - dependencies: - JSONStream "^1.3.4" - bluebird "^3.5.1" - figgy-pudding "^3.4.1" - lru-cache "^5.1.1" - make-fetch-happen "^5.0.0" - npm-package-arg "^6.1.0" - safe-buffer "^5.1.2" - -"@evocateur/pacote@^9.6.3": - version "9.6.5" - resolved "https://registry.yarnpkg.com/@evocateur/pacote/-/pacote-9.6.5.tgz#33de32ba210b6f17c20ebab4d497efc6755f4ae5" - integrity sha512-EI552lf0aG2nOV8NnZpTxNo2PcXKPmDbF9K8eCBFQdIZwHNGN/mi815fxtmUMa2wTa1yndotICIDt/V0vpEx2w== - dependencies: - "@evocateur/npm-registry-fetch" "^4.0.0" - bluebird "^3.5.3" - cacache "^12.0.3" - chownr "^1.1.2" - figgy-pudding "^3.5.1" - get-stream "^4.1.0" - glob "^7.1.4" - infer-owner "^1.0.4" - lru-cache "^5.1.1" - make-fetch-happen "^5.0.0" - minimatch "^3.0.4" - minipass "^2.3.5" - mississippi "^3.0.0" - mkdirp "^0.5.1" - normalize-package-data "^2.5.0" - npm-package-arg "^6.1.0" - npm-packlist "^1.4.4" - npm-pick-manifest "^3.0.0" - osenv "^0.1.5" - promise-inflight "^1.0.1" - promise-retry "^1.1.1" - protoduck "^5.0.1" - rimraf "^2.6.3" - safe-buffer "^5.2.0" - semver "^5.7.0" - ssri "^6.0.1" - tar "^4.4.10" - unique-filename "^1.1.1" - which "^1.3.1" - "@istanbuljs/load-nyc-config@^1.0.0": version "1.1.0" resolved "https://registry.yarnpkg.com/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz#fd3db1d59ecf7cf121e80650bb86712f9b55eced" @@ -594,698 +520,676 @@ dependencies: jsonschema "^1.4.0" -"@lerna/add@3.21.0": - version "3.21.0" - resolved "https://registry.yarnpkg.com/@lerna/add/-/add-3.21.0.tgz#27007bde71cc7b0a2969ab3c2f0ae41578b4577b" - integrity sha512-vhUXXF6SpufBE1EkNEXwz1VLW03f177G9uMOFMQkp6OJ30/PWg4Ekifuz9/3YfgB2/GH8Tu4Lk3O51P2Hskg/A== - dependencies: - "@evocateur/pacote" "^9.6.3" - "@lerna/bootstrap" "3.21.0" - "@lerna/command" "3.21.0" - "@lerna/filter-options" "3.20.0" - "@lerna/npm-conf" "3.16.0" - "@lerna/validation-error" "3.13.0" +"@lerna/add@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/add/-/add-4.0.0.tgz#c36f57d132502a57b9e7058d1548b7a565ef183f" + integrity sha512-cpmAH1iS3k8JBxNvnMqrGTTjbY/ZAiKa1ChJzFevMYY3eeqbvhsBKnBcxjRXtdrJ6bd3dCQM+ZtK+0i682Fhng== + dependencies: + "@lerna/bootstrap" "4.0.0" + "@lerna/command" "4.0.0" + "@lerna/filter-options" "4.0.0" + "@lerna/npm-conf" "4.0.0" + "@lerna/validation-error" "4.0.0" dedent "^0.7.0" - npm-package-arg "^6.1.0" - p-map "^2.1.0" - semver "^6.2.0" + npm-package-arg "^8.1.0" + p-map "^4.0.0" + pacote "^11.2.6" + semver "^7.3.4" -"@lerna/bootstrap@3.21.0": - version "3.21.0" - resolved "https://registry.yarnpkg.com/@lerna/bootstrap/-/bootstrap-3.21.0.tgz#bcd1b651be5b0970b20d8fae04c864548123aed6" - integrity sha512-mtNHlXpmvJn6JTu0KcuTTPl2jLsDNud0QacV/h++qsaKbhAaJr/FElNZ5s7MwZFUM3XaDmvWzHKaszeBMHIbBw== - dependencies: - "@lerna/command" "3.21.0" - "@lerna/filter-options" "3.20.0" - "@lerna/has-npm-version" "3.16.5" - "@lerna/npm-install" "3.16.5" - "@lerna/package-graph" "3.18.5" - "@lerna/pulse-till-done" "3.13.0" - "@lerna/rimraf-dir" "3.16.5" - "@lerna/run-lifecycle" "3.16.2" - "@lerna/run-topologically" "3.18.5" - "@lerna/symlink-binary" "3.17.0" - "@lerna/symlink-dependencies" "3.17.0" - "@lerna/validation-error" "3.13.0" +"@lerna/bootstrap@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/bootstrap/-/bootstrap-4.0.0.tgz#5f5c5e2c6cfc8fcec50cb2fbe569a8c607101891" + integrity sha512-RkS7UbeM2vu+kJnHzxNRCLvoOP9yGNgkzRdy4UV2hNalD7EP41bLvRVOwRYQ7fhc2QcbhnKNdOBihYRL0LcKtw== + dependencies: + "@lerna/command" "4.0.0" + "@lerna/filter-options" "4.0.0" + "@lerna/has-npm-version" "4.0.0" + "@lerna/npm-install" "4.0.0" + "@lerna/package-graph" "4.0.0" + "@lerna/pulse-till-done" "4.0.0" + "@lerna/rimraf-dir" "4.0.0" + "@lerna/run-lifecycle" "4.0.0" + "@lerna/run-topologically" "4.0.0" + "@lerna/symlink-binary" "4.0.0" + "@lerna/symlink-dependencies" "4.0.0" + "@lerna/validation-error" "4.0.0" dedent "^0.7.0" - get-port "^4.2.0" - multimatch "^3.0.0" - npm-package-arg "^6.1.0" + get-port "^5.1.1" + multimatch "^5.0.0" + npm-package-arg "^8.1.0" npmlog "^4.1.2" - p-finally "^1.0.0" - p-map "^2.1.0" - p-map-series "^1.0.0" - p-waterfall "^1.0.0" - read-package-tree "^5.1.6" - semver "^6.2.0" + p-map "^4.0.0" + p-map-series "^2.1.0" + p-waterfall "^2.1.1" + read-package-tree "^5.3.1" + semver "^7.3.4" -"@lerna/changed@3.21.0": - version "3.21.0" - resolved "https://registry.yarnpkg.com/@lerna/changed/-/changed-3.21.0.tgz#108e15f679bfe077af500f58248c634f1044ea0b" - integrity sha512-hzqoyf8MSHVjZp0gfJ7G8jaz+++mgXYiNs9iViQGA8JlN/dnWLI5sWDptEH3/B30Izo+fdVz0S0s7ydVE3pWIw== +"@lerna/changed@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/changed/-/changed-4.0.0.tgz#b9fc76cea39b9292a6cd263f03eb57af85c9270b" + integrity sha512-cD+KuPRp6qiPOD+BO6S6SN5cARspIaWSOqGBpGnYzLb4uWT8Vk4JzKyYtc8ym1DIwyoFXHosXt8+GDAgR8QrgQ== dependencies: - "@lerna/collect-updates" "3.20.0" - "@lerna/command" "3.21.0" - "@lerna/listable" "3.18.5" - "@lerna/output" "3.13.0" + "@lerna/collect-updates" "4.0.0" + "@lerna/command" "4.0.0" + "@lerna/listable" "4.0.0" + "@lerna/output" "4.0.0" -"@lerna/check-working-tree@3.16.5": - version "3.16.5" - resolved "https://registry.yarnpkg.com/@lerna/check-working-tree/-/check-working-tree-3.16.5.tgz#b4f8ae61bb4523561dfb9f8f8d874dd46bb44baa" - integrity sha512-xWjVBcuhvB8+UmCSb5tKVLB5OuzSpw96WEhS2uz6hkWVa/Euh1A0/HJwn2cemyK47wUrCQXtczBUiqnq9yX5VQ== +"@lerna/check-working-tree@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/check-working-tree/-/check-working-tree-4.0.0.tgz#257e36a602c00142e76082a19358e3e1ae8dbd58" + integrity sha512-/++bxM43jYJCshBiKP5cRlCTwSJdRSxVmcDAXM+1oUewlZJVSVlnks5eO0uLxokVFvLhHlC5kHMc7gbVFPHv6Q== dependencies: - "@lerna/collect-uncommitted" "3.16.5" - "@lerna/describe-ref" "3.16.5" - "@lerna/validation-error" "3.13.0" + "@lerna/collect-uncommitted" "4.0.0" + "@lerna/describe-ref" "4.0.0" + "@lerna/validation-error" "4.0.0" -"@lerna/child-process@3.16.5": - version "3.16.5" - resolved "https://registry.yarnpkg.com/@lerna/child-process/-/child-process-3.16.5.tgz#38fa3c18064aa4ac0754ad80114776a7b36a69b2" - integrity sha512-vdcI7mzei9ERRV4oO8Y1LHBZ3A5+ampRKg1wq5nutLsUA4mEBN6H7JqjWOMY9xZemv6+kATm2ofjJ3lW5TszQg== +"@lerna/child-process@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/child-process/-/child-process-4.0.0.tgz#341b96a57dffbd9705646d316e231df6fa4df6e1" + integrity sha512-XtCnmCT9eyVsUUHx6y/CTBYdV9g2Cr/VxyseTWBgfIur92/YKClfEtJTbOh94jRT62hlKLqSvux/UhxXVh613Q== dependencies: - chalk "^2.3.1" - execa "^1.0.0" - strong-log-transformer "^2.0.0" + chalk "^4.1.0" + execa "^5.0.0" + strong-log-transformer "^2.1.0" -"@lerna/clean@3.21.0": - version "3.21.0" - resolved "https://registry.yarnpkg.com/@lerna/clean/-/clean-3.21.0.tgz#c0b46b5300cc3dae2cda3bec14b803082da3856d" - integrity sha512-b/L9l+MDgE/7oGbrav6rG8RTQvRiZLO1zTcG17zgJAAuhlsPxJExMlh2DFwJEVi2les70vMhHfST3Ue1IMMjpg== - dependencies: - "@lerna/command" "3.21.0" - "@lerna/filter-options" "3.20.0" - "@lerna/prompt" "3.18.5" - "@lerna/pulse-till-done" "3.13.0" - "@lerna/rimraf-dir" "3.16.5" - p-map "^2.1.0" - p-map-series "^1.0.0" - p-waterfall "^1.0.0" - -"@lerna/cli@3.18.5": - version "3.18.5" - resolved "https://registry.yarnpkg.com/@lerna/cli/-/cli-3.18.5.tgz#c90c461542fcd35b6d5b015a290fb0dbfb41d242" - integrity sha512-erkbxkj9jfc89vVs/jBLY/fM0I80oLmJkFUV3Q3wk9J3miYhP14zgVEBsPZY68IZlEjT6T3Xlq2xO1AVaatHsA== - dependencies: - "@lerna/global-options" "3.13.0" +"@lerna/clean@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/clean/-/clean-4.0.0.tgz#8f778b6f2617aa2a936a6b5e085ae62498e57dc5" + integrity sha512-uugG2iN9k45ITx2jtd8nEOoAtca8hNlDCUM0N3lFgU/b1mEQYAPRkqr1qs4FLRl/Y50ZJ41wUz1eazS+d/0osA== + dependencies: + "@lerna/command" "4.0.0" + "@lerna/filter-options" "4.0.0" + "@lerna/prompt" "4.0.0" + "@lerna/pulse-till-done" "4.0.0" + "@lerna/rimraf-dir" "4.0.0" + p-map "^4.0.0" + p-map-series "^2.1.0" + p-waterfall "^2.1.1" + +"@lerna/cli@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/cli/-/cli-4.0.0.tgz#8eabd334558836c1664df23f19acb95e98b5bbf3" + integrity sha512-Neaw3GzFrwZiRZv2g7g6NwFjs3er1vhraIniEs0jjVLPMNC4eata0na3GfE5yibkM/9d3gZdmihhZdZ3EBdvYA== + dependencies: + "@lerna/global-options" "4.0.0" dedent "^0.7.0" npmlog "^4.1.2" - yargs "^14.2.2" + yargs "^16.2.0" -"@lerna/collect-uncommitted@3.16.5": - version "3.16.5" - resolved "https://registry.yarnpkg.com/@lerna/collect-uncommitted/-/collect-uncommitted-3.16.5.tgz#a494d61aac31cdc7aec4bbe52c96550274132e63" - integrity sha512-ZgqnGwpDZiWyzIQVZtQaj9tRizsL4dUOhuOStWgTAw1EMe47cvAY2kL709DzxFhjr6JpJSjXV5rZEAeU3VE0Hg== +"@lerna/collect-uncommitted@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/collect-uncommitted/-/collect-uncommitted-4.0.0.tgz#855cd64612969371cfc2453b90593053ff1ba779" + integrity sha512-ufSTfHZzbx69YNj7KXQ3o66V4RC76ffOjwLX0q/ab//61bObJ41n03SiQEhSlmpP+gmFbTJ3/7pTe04AHX9m/g== dependencies: - "@lerna/child-process" "3.16.5" - chalk "^2.3.1" - figgy-pudding "^3.5.1" + "@lerna/child-process" "4.0.0" + chalk "^4.1.0" npmlog "^4.1.2" -"@lerna/collect-updates@3.20.0": - version "3.20.0" - resolved "https://registry.yarnpkg.com/@lerna/collect-updates/-/collect-updates-3.20.0.tgz#62f9d76ba21a25b7d9fbf31c02de88744a564bd1" - integrity sha512-qBTVT5g4fupVhBFuY4nI/3FSJtQVcDh7/gEPOpRxoXB/yCSnT38MFHXWl+y4einLciCjt/+0x6/4AG80fjay2Q== +"@lerna/collect-updates@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/collect-updates/-/collect-updates-4.0.0.tgz#8e208b1bafd98a372ff1177f7a5e288f6bea8041" + integrity sha512-bnNGpaj4zuxsEkyaCZLka9s7nMs58uZoxrRIPJ+nrmrZYp1V5rrd+7/NYTuunOhY2ug1sTBvTAxj3NZQ+JKnOw== dependencies: - "@lerna/child-process" "3.16.5" - "@lerna/describe-ref" "3.16.5" + "@lerna/child-process" "4.0.0" + "@lerna/describe-ref" "4.0.0" minimatch "^3.0.4" npmlog "^4.1.2" - slash "^2.0.0" + slash "^3.0.0" -"@lerna/command@3.21.0": - version "3.21.0" - resolved "https://registry.yarnpkg.com/@lerna/command/-/command-3.21.0.tgz#9a2383759dc7b700dacfa8a22b2f3a6e190121f7" - integrity sha512-T2bu6R8R3KkH5YoCKdutKv123iUgUbW8efVjdGCDnCMthAQzoentOJfDeodBwn0P2OqCl3ohsiNVtSn9h78fyQ== - dependencies: - "@lerna/child-process" "3.16.5" - "@lerna/package-graph" "3.18.5" - "@lerna/project" "3.21.0" - "@lerna/validation-error" "3.13.0" - "@lerna/write-log-file" "3.13.0" +"@lerna/command@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/command/-/command-4.0.0.tgz#991c7971df8f5bf6ae6e42c808869a55361c1b98" + integrity sha512-LM9g3rt5FsPNFqIHUeRwWXLNHJ5NKzOwmVKZ8anSp4e1SPrv2HNc1V02/9QyDDZK/w+5POXH5lxZUI1CHaOK/A== + dependencies: + "@lerna/child-process" "4.0.0" + "@lerna/package-graph" "4.0.0" + "@lerna/project" "4.0.0" + "@lerna/validation-error" "4.0.0" + "@lerna/write-log-file" "4.0.0" clone-deep "^4.0.1" dedent "^0.7.0" - execa "^1.0.0" + execa "^5.0.0" is-ci "^2.0.0" npmlog "^4.1.2" -"@lerna/conventional-commits@3.22.0": - version "3.22.0" - resolved "https://registry.yarnpkg.com/@lerna/conventional-commits/-/conventional-commits-3.22.0.tgz#2798f4881ee2ef457bdae027ab7d0bf0af6f1e09" - integrity sha512-z4ZZk1e8Mhz7+IS8NxHr64wyklHctCJyWpJKEZZPJiLFJ8yKto/x38O80R10pIzC0rr8Sy/OsjSH4bl0TbbgqA== +"@lerna/conventional-commits@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/conventional-commits/-/conventional-commits-4.0.0.tgz#660fb2c7b718cb942ead70110df61f18c6f99750" + integrity sha512-CSUQRjJHFrH8eBn7+wegZLV3OrNc0Y1FehYfYGhjLE2SIfpCL4bmfu/ViYuHh9YjwHaA+4SX6d3hR+xkeseKmw== dependencies: - "@lerna/validation-error" "3.13.0" - conventional-changelog-angular "^5.0.3" - conventional-changelog-core "^3.1.6" - conventional-recommended-bump "^5.0.0" - fs-extra "^8.1.0" - get-stream "^4.0.0" + "@lerna/validation-error" "4.0.0" + conventional-changelog-angular "^5.0.12" + conventional-changelog-core "^4.2.2" + conventional-recommended-bump "^6.1.0" + fs-extra "^9.1.0" + get-stream "^6.0.0" lodash.template "^4.5.0" - npm-package-arg "^6.1.0" + npm-package-arg "^8.1.0" npmlog "^4.1.2" - pify "^4.0.1" - semver "^6.2.0" + pify "^5.0.0" + semver "^7.3.4" -"@lerna/create-symlink@3.16.2": - version "3.16.2" - resolved "https://registry.yarnpkg.com/@lerna/create-symlink/-/create-symlink-3.16.2.tgz#412cb8e59a72f5a7d9463e4e4721ad2070149967" - integrity sha512-pzXIJp6av15P325sgiIRpsPXLFmkisLhMBCy4764d+7yjf2bzrJ4gkWVMhsv4AdF0NN3OyZ5jjzzTtLNqfR+Jw== +"@lerna/create-symlink@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/create-symlink/-/create-symlink-4.0.0.tgz#8c5317ce5ae89f67825443bd7651bf4121786228" + integrity sha512-I0phtKJJdafUiDwm7BBlEUOtogmu8+taxq6PtIrxZbllV9hWg59qkpuIsiFp+no7nfRVuaasNYHwNUhDAVQBig== dependencies: - "@zkochan/cmd-shim" "^3.1.0" - fs-extra "^8.1.0" + cmd-shim "^4.1.0" + fs-extra "^9.1.0" npmlog "^4.1.2" -"@lerna/create@3.22.0": - version "3.22.0" - resolved "https://registry.yarnpkg.com/@lerna/create/-/create-3.22.0.tgz#d6bbd037c3dc5b425fe5f6d1b817057c278f7619" - integrity sha512-MdiQQzCcB4E9fBF1TyMOaAEz9lUjIHp1Ju9H7f3lXze5JK6Fl5NYkouAvsLgY6YSIhXMY8AHW2zzXeBDY4yWkw== +"@lerna/create@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/create/-/create-4.0.0.tgz#b6947e9b5dfb6530321952998948c3e63d64d730" + integrity sha512-mVOB1niKByEUfxlbKTM1UNECWAjwUdiioIbRQZEeEabtjCL69r9rscIsjlGyhGWCfsdAG5wfq4t47nlDXdLLag== dependencies: - "@evocateur/pacote" "^9.6.3" - "@lerna/child-process" "3.16.5" - "@lerna/command" "3.21.0" - "@lerna/npm-conf" "3.16.0" - "@lerna/validation-error" "3.13.0" - camelcase "^5.0.0" + "@lerna/child-process" "4.0.0" + "@lerna/command" "4.0.0" + "@lerna/npm-conf" "4.0.0" + "@lerna/validation-error" "4.0.0" dedent "^0.7.0" - fs-extra "^8.1.0" - globby "^9.2.0" - init-package-json "^1.10.3" - npm-package-arg "^6.1.0" - p-reduce "^1.0.0" - pify "^4.0.1" - semver "^6.2.0" - slash "^2.0.0" - validate-npm-package-license "^3.0.3" + fs-extra "^9.1.0" + globby "^11.0.2" + init-package-json "^2.0.2" + npm-package-arg "^8.1.0" + p-reduce "^2.1.0" + pacote "^11.2.6" + pify "^5.0.0" + semver "^7.3.4" + slash "^3.0.0" + validate-npm-package-license "^3.0.4" validate-npm-package-name "^3.0.0" - whatwg-url "^7.0.0" + whatwg-url "^8.4.0" + yargs-parser "20.2.4" -"@lerna/describe-ref@3.16.5": - version "3.16.5" - resolved "https://registry.yarnpkg.com/@lerna/describe-ref/-/describe-ref-3.16.5.tgz#a338c25aaed837d3dc70b8a72c447c5c66346ac0" - integrity sha512-c01+4gUF0saOOtDBzbLMFOTJDHTKbDFNErEY6q6i9QaXuzy9LNN62z+Hw4acAAZuJQhrVWncVathcmkkjvSVGw== +"@lerna/describe-ref@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/describe-ref/-/describe-ref-4.0.0.tgz#53c53b4ea65fdceffa072a62bfebe6772c45d9ec" + integrity sha512-eTU5+xC4C5Gcgz+Ey4Qiw9nV2B4JJbMulsYJMW8QjGcGh8zudib7Sduj6urgZXUYNyhYpRs+teci9M2J8u+UvQ== dependencies: - "@lerna/child-process" "3.16.5" + "@lerna/child-process" "4.0.0" npmlog "^4.1.2" -"@lerna/diff@3.21.0": - version "3.21.0" - resolved "https://registry.yarnpkg.com/@lerna/diff/-/diff-3.21.0.tgz#e6df0d8b9916167ff5a49fcb02ac06424280a68d" - integrity sha512-5viTR33QV3S7O+bjruo1SaR40m7F2aUHJaDAC7fL9Ca6xji+aw1KFkpCtVlISS0G8vikUREGMJh+c/VMSc8Usw== +"@lerna/diff@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/diff/-/diff-4.0.0.tgz#6d3071817aaa4205a07bf77cfc6e932796d48b92" + integrity sha512-jYPKprQVg41+MUMxx6cwtqsNm0Yxx9GDEwdiPLwcUTFx+/qKCEwifKNJ1oGIPBxyEHX2PFCOjkK39lHoj2qiag== dependencies: - "@lerna/child-process" "3.16.5" - "@lerna/command" "3.21.0" - "@lerna/validation-error" "3.13.0" + "@lerna/child-process" "4.0.0" + "@lerna/command" "4.0.0" + "@lerna/validation-error" "4.0.0" npmlog "^4.1.2" -"@lerna/exec@3.21.0": - version "3.21.0" - resolved "https://registry.yarnpkg.com/@lerna/exec/-/exec-3.21.0.tgz#17f07533893cb918a17b41bcc566dc437016db26" - integrity sha512-iLvDBrIE6rpdd4GIKTY9mkXyhwsJ2RvQdB9ZU+/NhR3okXfqKc6py/24tV111jqpXTtZUW6HNydT4dMao2hi1Q== - dependencies: - "@lerna/child-process" "3.16.5" - "@lerna/command" "3.21.0" - "@lerna/filter-options" "3.20.0" - "@lerna/profiler" "3.20.0" - "@lerna/run-topologically" "3.18.5" - "@lerna/validation-error" "3.13.0" - p-map "^2.1.0" - -"@lerna/filter-options@3.20.0": - version "3.20.0" - resolved "https://registry.yarnpkg.com/@lerna/filter-options/-/filter-options-3.20.0.tgz#0f0f5d5a4783856eece4204708cc902cbc8af59b" - integrity sha512-bmcHtvxn7SIl/R9gpiNMVG7yjx7WyT0HSGw34YVZ9B+3xF/83N3r5Rgtjh4hheLZ+Q91Or0Jyu5O3Nr+AwZe2g== - dependencies: - "@lerna/collect-updates" "3.20.0" - "@lerna/filter-packages" "3.18.0" +"@lerna/exec@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/exec/-/exec-4.0.0.tgz#eb6cb95cb92d42590e9e2d628fcaf4719d4a8be6" + integrity sha512-VGXtL/b/JfY84NB98VWZpIExfhLOzy0ozm/0XaS4a2SmkAJc5CeUfrhvHxxkxiTBLkU+iVQUyYEoAT0ulQ8PCw== + dependencies: + "@lerna/child-process" "4.0.0" + "@lerna/command" "4.0.0" + "@lerna/filter-options" "4.0.0" + "@lerna/profiler" "4.0.0" + "@lerna/run-topologically" "4.0.0" + "@lerna/validation-error" "4.0.0" + p-map "^4.0.0" + +"@lerna/filter-options@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/filter-options/-/filter-options-4.0.0.tgz#ac94cc515d7fa3b47e2f7d74deddeabb1de5e9e6" + integrity sha512-vV2ANOeZhOqM0rzXnYcFFCJ/kBWy/3OA58irXih9AMTAlQLymWAK0akWybl++sUJ4HB9Hx12TOqaXbYS2NM5uw== + dependencies: + "@lerna/collect-updates" "4.0.0" + "@lerna/filter-packages" "4.0.0" dedent "^0.7.0" - figgy-pudding "^3.5.1" npmlog "^4.1.2" -"@lerna/filter-packages@3.18.0": - version "3.18.0" - resolved "https://registry.yarnpkg.com/@lerna/filter-packages/-/filter-packages-3.18.0.tgz#6a7a376d285208db03a82958cfb8172e179b4e70" - integrity sha512-6/0pMM04bCHNATIOkouuYmPg6KH3VkPCIgTfQmdkPJTullERyEQfNUKikrefjxo1vHOoCACDpy65JYyKiAbdwQ== +"@lerna/filter-packages@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/filter-packages/-/filter-packages-4.0.0.tgz#b1f70d70e1de9cdd36a4e50caa0ac501f8d012f2" + integrity sha512-+4AJIkK7iIiOaqCiVTYJxh/I9qikk4XjNQLhE3kixaqgMuHl1NQ99qXRR0OZqAWB9mh8Z1HA9bM5K1HZLBTOqA== dependencies: - "@lerna/validation-error" "3.13.0" - multimatch "^3.0.0" + "@lerna/validation-error" "4.0.0" + multimatch "^5.0.0" npmlog "^4.1.2" -"@lerna/get-npm-exec-opts@3.13.0": - version "3.13.0" - resolved "https://registry.yarnpkg.com/@lerna/get-npm-exec-opts/-/get-npm-exec-opts-3.13.0.tgz#d1b552cb0088199fc3e7e126f914e39a08df9ea5" - integrity sha512-Y0xWL0rg3boVyJk6An/vurKzubyJKtrxYv2sj4bB8Mc5zZ3tqtv0ccbOkmkXKqbzvNNF7VeUt1OJ3DRgtC/QZw== +"@lerna/get-npm-exec-opts@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/get-npm-exec-opts/-/get-npm-exec-opts-4.0.0.tgz#dc955be94a4ae75c374ef9bce91320887d34608f" + integrity sha512-yvmkerU31CTWS2c7DvmAWmZVeclPBqI7gPVr5VATUKNWJ/zmVcU4PqbYoLu92I9Qc4gY1TuUplMNdNuZTSL7IQ== dependencies: npmlog "^4.1.2" -"@lerna/get-packed@3.16.0": - version "3.16.0" - resolved "https://registry.yarnpkg.com/@lerna/get-packed/-/get-packed-3.16.0.tgz#1b316b706dcee86c7baa55e50b087959447852ff" - integrity sha512-AjsFiaJzo1GCPnJUJZiTW6J1EihrPkc2y3nMu6m3uWFxoleklsSCyImumzVZJssxMi3CPpztj8LmADLedl9kXw== +"@lerna/get-packed@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/get-packed/-/get-packed-4.0.0.tgz#0989d61624ac1f97e393bdad2137c49cd7a37823" + integrity sha512-rfWONRsEIGyPJTxFzC8ECb3ZbsDXJbfqWYyeeQQDrJRPnEJErlltRLPLgC2QWbxFgFPsoDLeQmFHJnf0iDfd8w== dependencies: - fs-extra "^8.1.0" - ssri "^6.0.1" - tar "^4.4.8" + fs-extra "^9.1.0" + ssri "^8.0.1" + tar "^6.1.0" -"@lerna/github-client@3.22.0": - version "3.22.0" - resolved "https://registry.yarnpkg.com/@lerna/github-client/-/github-client-3.22.0.tgz#5d816aa4f76747ed736ae64ff962b8f15c354d95" - integrity sha512-O/GwPW+Gzr3Eb5bk+nTzTJ3uv+jh5jGho9BOqKlajXaOkMYGBELEAqV5+uARNGWZFvYAiF4PgqHb6aCUu7XdXg== +"@lerna/github-client@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/github-client/-/github-client-4.0.0.tgz#2ced67721363ef70f8e12ffafce4410918f4a8a4" + integrity sha512-2jhsldZtTKXYUBnOm23Lb0Fx8G4qfSXF9y7UpyUgWUj+YZYd+cFxSuorwQIgk5P4XXrtVhsUesIsli+BYSThiw== dependencies: - "@lerna/child-process" "3.16.5" + "@lerna/child-process" "4.0.0" "@octokit/plugin-enterprise-rest" "^6.0.1" - "@octokit/rest" "^16.28.4" - git-url-parse "^11.1.2" + "@octokit/rest" "^18.1.0" + git-url-parse "^11.4.4" npmlog "^4.1.2" -"@lerna/gitlab-client@3.15.0": - version "3.15.0" - resolved "https://registry.yarnpkg.com/@lerna/gitlab-client/-/gitlab-client-3.15.0.tgz#91f4ec8c697b5ac57f7f25bd50fe659d24aa96a6" - integrity sha512-OsBvRSejHXUBMgwWQqNoioB8sgzL/Pf1pOUhHKtkiMl6aAWjklaaq5HPMvTIsZPfS6DJ9L5OK2GGZuooP/5c8Q== +"@lerna/gitlab-client@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/gitlab-client/-/gitlab-client-4.0.0.tgz#00dad73379c7b38951d4b4ded043504c14e2b67d" + integrity sha512-OMUpGSkeDWFf7BxGHlkbb35T7YHqVFCwBPSIR6wRsszY8PAzCYahtH3IaJzEJyUg6vmZsNl0FSr3pdA2skhxqA== dependencies: - node-fetch "^2.5.0" + node-fetch "^2.6.1" npmlog "^4.1.2" - whatwg-url "^7.0.0" - -"@lerna/global-options@3.13.0": - version "3.13.0" - resolved "https://registry.yarnpkg.com/@lerna/global-options/-/global-options-3.13.0.tgz#217662290db06ad9cf2c49d8e3100ee28eaebae1" - integrity sha512-SlZvh1gVRRzYLVluz9fryY1nJpZ0FHDGB66U9tFfvnnxmueckRQxLopn3tXj3NU1kc3QANT2I5BsQkOqZ4TEFQ== - -"@lerna/has-npm-version@3.16.5": - version "3.16.5" - resolved "https://registry.yarnpkg.com/@lerna/has-npm-version/-/has-npm-version-3.16.5.tgz#ab83956f211d8923ea6afe9b979b38cc73b15326" - integrity sha512-WL7LycR9bkftyqbYop5rEGJ9sRFIV55tSGmbN1HLrF9idwOCD7CLrT64t235t3t4O5gehDnwKI5h2U3oxTrF8Q== - dependencies: - "@lerna/child-process" "3.16.5" - semver "^6.2.0" - -"@lerna/import@3.22.0": - version "3.22.0" - resolved "https://registry.yarnpkg.com/@lerna/import/-/import-3.22.0.tgz#1a5f0394f38e23c4f642a123e5e1517e70d068d2" - integrity sha512-uWOlexasM5XR6tXi4YehODtH9Y3OZrFht3mGUFFT3OIl2s+V85xIGFfqFGMTipMPAGb2oF1UBLL48kR43hRsOg== - dependencies: - "@lerna/child-process" "3.16.5" - "@lerna/command" "3.21.0" - "@lerna/prompt" "3.18.5" - "@lerna/pulse-till-done" "3.13.0" - "@lerna/validation-error" "3.13.0" + whatwg-url "^8.4.0" + +"@lerna/global-options@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/global-options/-/global-options-4.0.0.tgz#c7d8b0de6a01d8a845e2621ea89e7f60f18c6a5f" + integrity sha512-TRMR8afAHxuYBHK7F++Ogop2a82xQjoGna1dvPOY6ltj/pEx59pdgcJfYcynYqMkFIk8bhLJJN9/ndIfX29FTQ== + +"@lerna/has-npm-version@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/has-npm-version/-/has-npm-version-4.0.0.tgz#d3fc3292c545eb28bd493b36e6237cf0279f631c" + integrity sha512-LQ3U6XFH8ZmLCsvsgq1zNDqka0Xzjq5ibVN+igAI5ccRWNaUsE/OcmsyMr50xAtNQMYMzmpw5GVLAivT2/YzCg== + dependencies: + "@lerna/child-process" "4.0.0" + semver "^7.3.4" + +"@lerna/import@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/import/-/import-4.0.0.tgz#bde656c4a451fa87ae41733ff8a8da60547c5465" + integrity sha512-FaIhd+4aiBousKNqC7TX1Uhe97eNKf5/SC7c5WZANVWtC7aBWdmswwDt3usrzCNpj6/Wwr9EtEbYROzxKH8ffg== + dependencies: + "@lerna/child-process" "4.0.0" + "@lerna/command" "4.0.0" + "@lerna/prompt" "4.0.0" + "@lerna/pulse-till-done" "4.0.0" + "@lerna/validation-error" "4.0.0" dedent "^0.7.0" - fs-extra "^8.1.0" - p-map-series "^1.0.0" + fs-extra "^9.1.0" + p-map-series "^2.1.0" -"@lerna/info@3.21.0": - version "3.21.0" - resolved "https://registry.yarnpkg.com/@lerna/info/-/info-3.21.0.tgz#76696b676fdb0f35d48c83c63c1e32bb5e37814f" - integrity sha512-0XDqGYVBgWxUquFaIptW2bYSIu6jOs1BtkvRTWDDhw4zyEdp6q4eaMvqdSap1CG+7wM5jeLCi6z94wS0AuiuwA== +"@lerna/info@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/info/-/info-4.0.0.tgz#b9fb0e479d60efe1623603958a831a88b1d7f1fc" + integrity sha512-8Uboa12kaCSZEn4XRfPz5KU9XXoexSPS4oeYGj76s2UQb1O1GdnEyfjyNWoUl1KlJ2i/8nxUskpXIftoFYH0/Q== dependencies: - "@lerna/command" "3.21.0" - "@lerna/output" "3.13.0" - envinfo "^7.3.1" + "@lerna/command" "4.0.0" + "@lerna/output" "4.0.0" + envinfo "^7.7.4" -"@lerna/init@3.21.0": - version "3.21.0" - resolved "https://registry.yarnpkg.com/@lerna/init/-/init-3.21.0.tgz#1e810934dc8bf4e5386c031041881d3b4096aa5c" - integrity sha512-6CM0z+EFUkFfurwdJCR+LQQF6MqHbYDCBPyhu/d086LRf58GtYZYj49J8mKG9ktayp/TOIxL/pKKjgLD8QBPOg== +"@lerna/init@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/init/-/init-4.0.0.tgz#dadff67e6dfb981e8ccbe0e6a310e837962f6c7a" + integrity sha512-wY6kygop0BCXupzWj5eLvTUqdR7vIAm0OgyV9WHpMYQGfs1V22jhztt8mtjCloD/O0nEe4tJhdG62XU5aYmPNQ== dependencies: - "@lerna/child-process" "3.16.5" - "@lerna/command" "3.21.0" - fs-extra "^8.1.0" - p-map "^2.1.0" - write-json-file "^3.2.0" + "@lerna/child-process" "4.0.0" + "@lerna/command" "4.0.0" + fs-extra "^9.1.0" + p-map "^4.0.0" + write-json-file "^4.3.0" -"@lerna/link@3.21.0": - version "3.21.0" - resolved "https://registry.yarnpkg.com/@lerna/link/-/link-3.21.0.tgz#8be68ff0ccee104b174b5bbd606302c2f06e9d9b" - integrity sha512-tGu9GxrX7Ivs+Wl3w1+jrLi1nQ36kNI32dcOssij6bg0oZ2M2MDEFI9UF2gmoypTaN9uO5TSsjCFS7aR79HbdQ== +"@lerna/link@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/link/-/link-4.0.0.tgz#c3a38aabd44279d714e90f2451e31b63f0fb65ba" + integrity sha512-KlvPi7XTAcVOByfaLlOeYOfkkDcd+bejpHMCd1KcArcFTwijOwXOVi24DYomIeHvy6HsX/IUquJ4PPUJIeB4+w== dependencies: - "@lerna/command" "3.21.0" - "@lerna/package-graph" "3.18.5" - "@lerna/symlink-dependencies" "3.17.0" - p-map "^2.1.0" - slash "^2.0.0" + "@lerna/command" "4.0.0" + "@lerna/package-graph" "4.0.0" + "@lerna/symlink-dependencies" "4.0.0" + p-map "^4.0.0" + slash "^3.0.0" -"@lerna/list@3.21.0": - version "3.21.0" - resolved "https://registry.yarnpkg.com/@lerna/list/-/list-3.21.0.tgz#42f76fafa56dea13b691ec8cab13832691d61da2" - integrity sha512-KehRjE83B1VaAbRRkRy6jLX1Cin8ltsrQ7FHf2bhwhRHK0S54YuA6LOoBnY/NtA8bHDX/Z+G5sMY78X30NS9tg== +"@lerna/list@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/list/-/list-4.0.0.tgz#24b4e6995bd73f81c556793fe502b847efd9d1d7" + integrity sha512-L2B5m3P+U4Bif5PultR4TI+KtW+SArwq1i75QZ78mRYxPc0U/piau1DbLOmwrdqr99wzM49t0Dlvl6twd7GHFg== dependencies: - "@lerna/command" "3.21.0" - "@lerna/filter-options" "3.20.0" - "@lerna/listable" "3.18.5" - "@lerna/output" "3.13.0" + "@lerna/command" "4.0.0" + "@lerna/filter-options" "4.0.0" + "@lerna/listable" "4.0.0" + "@lerna/output" "4.0.0" -"@lerna/listable@3.18.5": - version "3.18.5" - resolved "https://registry.yarnpkg.com/@lerna/listable/-/listable-3.18.5.tgz#e82798405b5ed8fc51843c8ef1e7a0e497388a1a" - integrity sha512-Sdr3pVyaEv5A7ZkGGYR7zN+tTl2iDcinryBPvtuv20VJrXBE8wYcOks1edBTcOWsPjCE/rMP4bo1pseyk3UTsg== +"@lerna/listable@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/listable/-/listable-4.0.0.tgz#d00d6cb4809b403f2b0374fc521a78e318b01214" + integrity sha512-/rPOSDKsOHs5/PBLINZOkRIX1joOXUXEtyUs5DHLM8q6/RP668x/1lFhw6Dx7/U+L0+tbkpGtZ1Yt0LewCLgeQ== dependencies: - "@lerna/query-graph" "3.18.5" - chalk "^2.3.1" + "@lerna/query-graph" "4.0.0" + chalk "^4.1.0" columnify "^1.5.4" -"@lerna/log-packed@3.16.0": - version "3.16.0" - resolved "https://registry.yarnpkg.com/@lerna/log-packed/-/log-packed-3.16.0.tgz#f83991041ee77b2495634e14470b42259fd2bc16" - integrity sha512-Fp+McSNBV/P2mnLUYTaSlG8GSmpXM7krKWcllqElGxvAqv6chk2K3c2k80MeVB4WvJ9tRjUUf+i7HUTiQ9/ckQ== +"@lerna/log-packed@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/log-packed/-/log-packed-4.0.0.tgz#95168fe2e26ac6a71e42f4be857519b77e57a09f" + integrity sha512-+dpCiWbdzgMAtpajLToy9PO713IHoE6GV/aizXycAyA07QlqnkpaBNZ8DW84gHdM1j79TWockGJo9PybVhrrZQ== dependencies: - byte-size "^5.0.1" + byte-size "^7.0.0" columnify "^1.5.4" has-unicode "^2.0.1" npmlog "^4.1.2" -"@lerna/npm-conf@3.16.0": - version "3.16.0" - resolved "https://registry.yarnpkg.com/@lerna/npm-conf/-/npm-conf-3.16.0.tgz#1c10a89ae2f6c2ee96962557738685300d376827" - integrity sha512-HbO3DUrTkCAn2iQ9+FF/eisDpWY5POQAOF1m7q//CZjdC2HSW3UYbKEGsSisFxSfaF9Z4jtrV+F/wX6qWs3CuA== +"@lerna/npm-conf@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/npm-conf/-/npm-conf-4.0.0.tgz#b259fd1e1cee2bf5402b236e770140ff9ade7fd2" + integrity sha512-uS7H02yQNq3oejgjxAxqq/jhwGEE0W0ntr8vM3EfpCW1F/wZruwQw+7bleJQ9vUBjmdXST//tk8mXzr5+JXCfw== dependencies: - config-chain "^1.1.11" - pify "^4.0.1" + config-chain "^1.1.12" + pify "^5.0.0" -"@lerna/npm-dist-tag@3.18.5": - version "3.18.5" - resolved "https://registry.yarnpkg.com/@lerna/npm-dist-tag/-/npm-dist-tag-3.18.5.tgz#9ef9abb7c104077b31f6fab22cc73b314d54ac55" - integrity sha512-xw0HDoIG6HreVsJND9/dGls1c+lf6vhu7yJoo56Sz5bvncTloYGLUppIfDHQr4ZvmPCK8rsh0euCVh2giPxzKQ== +"@lerna/npm-dist-tag@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/npm-dist-tag/-/npm-dist-tag-4.0.0.tgz#d1e99b4eccd3414142f0548ad331bf2d53f3257a" + integrity sha512-F20sg28FMYTgXqEQihgoqSfwmq+Id3zT23CnOwD+XQMPSy9IzyLf1fFVH319vXIw6NF6Pgs4JZN2Qty6/CQXGw== dependencies: - "@evocateur/npm-registry-fetch" "^4.0.0" - "@lerna/otplease" "3.18.5" - figgy-pudding "^3.5.1" - npm-package-arg "^6.1.0" + "@lerna/otplease" "4.0.0" + npm-package-arg "^8.1.0" + npm-registry-fetch "^9.0.0" npmlog "^4.1.2" -"@lerna/npm-install@3.16.5": - version "3.16.5" - resolved "https://registry.yarnpkg.com/@lerna/npm-install/-/npm-install-3.16.5.tgz#d6bfdc16f81285da66515ae47924d6e278d637d3" - integrity sha512-hfiKk8Eku6rB9uApqsalHHTHY+mOrrHeWEs+gtg7+meQZMTS3kzv4oVp5cBZigndQr3knTLjwthT/FX4KvseFg== +"@lerna/npm-install@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/npm-install/-/npm-install-4.0.0.tgz#31180be3ab3b7d1818a1a0c206aec156b7094c78" + integrity sha512-aKNxq2j3bCH3eXl3Fmu4D54s/YLL9WSwV8W7X2O25r98wzrO38AUN6AB9EtmAx+LV/SP15et7Yueg9vSaanRWg== dependencies: - "@lerna/child-process" "3.16.5" - "@lerna/get-npm-exec-opts" "3.13.0" - fs-extra "^8.1.0" - npm-package-arg "^6.1.0" + "@lerna/child-process" "4.0.0" + "@lerna/get-npm-exec-opts" "4.0.0" + fs-extra "^9.1.0" + npm-package-arg "^8.1.0" npmlog "^4.1.2" - signal-exit "^3.0.2" - write-pkg "^3.1.0" + signal-exit "^3.0.3" + write-pkg "^4.0.0" -"@lerna/npm-publish@3.18.5": - version "3.18.5" - resolved "https://registry.yarnpkg.com/@lerna/npm-publish/-/npm-publish-3.18.5.tgz#240e4039959fd9816b49c5b07421e11b5cb000af" - integrity sha512-3etLT9+2L8JAx5F8uf7qp6iAtOLSMj+ZYWY6oUgozPi/uLqU0/gsMsEXh3F0+YVW33q0M61RpduBoAlOOZnaTg== +"@lerna/npm-publish@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/npm-publish/-/npm-publish-4.0.0.tgz#84eb62e876fe949ae1fd62c60804423dbc2c4472" + integrity sha512-vQb7yAPRo5G5r77DRjHITc9piR9gvEKWrmfCH7wkfBnGWEqu7n8/4bFQ7lhnkujvc8RXOsYpvbMQkNfkYibD/w== dependencies: - "@evocateur/libnpmpublish" "^1.2.2" - "@lerna/otplease" "3.18.5" - "@lerna/run-lifecycle" "3.16.2" - figgy-pudding "^3.5.1" - fs-extra "^8.1.0" - npm-package-arg "^6.1.0" + "@lerna/otplease" "4.0.0" + "@lerna/run-lifecycle" "4.0.0" + fs-extra "^9.1.0" + libnpmpublish "^4.0.0" + npm-package-arg "^8.1.0" npmlog "^4.1.2" - pify "^4.0.1" - read-package-json "^2.0.13" + pify "^5.0.0" + read-package-json "^3.0.0" -"@lerna/npm-run-script@3.16.5": - version "3.16.5" - resolved "https://registry.yarnpkg.com/@lerna/npm-run-script/-/npm-run-script-3.16.5.tgz#9c2ec82453a26c0b46edc0bb7c15816c821f5c15" - integrity sha512-1asRi+LjmVn3pMjEdpqKJZFT/3ZNpb+VVeJMwrJaV/3DivdNg7XlPK9LTrORuKU4PSvhdEZvJmSlxCKyDpiXsQ== +"@lerna/npm-run-script@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/npm-run-script/-/npm-run-script-4.0.0.tgz#dfebf4f4601442e7c0b5214f9fb0d96c9350743b" + integrity sha512-Jmyh9/IwXJjOXqKfIgtxi0bxi1pUeKe5bD3S81tkcy+kyng/GNj9WSqD5ZggoNP2NP//s4CLDAtUYLdP7CU9rA== dependencies: - "@lerna/child-process" "3.16.5" - "@lerna/get-npm-exec-opts" "3.13.0" + "@lerna/child-process" "4.0.0" + "@lerna/get-npm-exec-opts" "4.0.0" npmlog "^4.1.2" -"@lerna/otplease@3.18.5": - version "3.18.5" - resolved "https://registry.yarnpkg.com/@lerna/otplease/-/otplease-3.18.5.tgz#b77b8e760b40abad9f7658d988f3ea77d4fd0231" - integrity sha512-S+SldXAbcXTEDhzdxYLU0ZBKuYyURP/ND2/dK6IpKgLxQYh/z4ScljPDMyKymmEvgiEJmBsPZAAPfmNPEzxjog== +"@lerna/otplease@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/otplease/-/otplease-4.0.0.tgz#84972eb43448f8a1077435ba1c5e59233b725850" + integrity sha512-Sgzbqdk1GH4psNiT6hk+BhjOfIr/5KhGBk86CEfHNJTk9BK4aZYyJD4lpDbDdMjIV4g03G7pYoqHzH765T4fxw== dependencies: - "@lerna/prompt" "3.18.5" - figgy-pudding "^3.5.1" + "@lerna/prompt" "4.0.0" -"@lerna/output@3.13.0": - version "3.13.0" - resolved "https://registry.yarnpkg.com/@lerna/output/-/output-3.13.0.tgz#3ded7cc908b27a9872228a630d950aedae7a4989" - integrity sha512-7ZnQ9nvUDu/WD+bNsypmPG5MwZBwu86iRoiW6C1WBuXXDxM5cnIAC1m2WxHeFnjyMrYlRXM9PzOQ9VDD+C15Rg== +"@lerna/output@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/output/-/output-4.0.0.tgz#b1d72215c0e35483e4f3e9994debc82c621851f2" + integrity sha512-Un1sHtO1AD7buDQrpnaYTi2EG6sLF+KOPEAMxeUYG5qG3khTs2Zgzq5WE3dt2N/bKh7naESt20JjIW6tBELP0w== dependencies: npmlog "^4.1.2" -"@lerna/pack-directory@3.16.4": - version "3.16.4" - resolved "https://registry.yarnpkg.com/@lerna/pack-directory/-/pack-directory-3.16.4.tgz#3eae5f91bdf5acfe0384510ed53faddc4c074693" - integrity sha512-uxSF0HZeGyKaaVHz5FroDY9A5NDDiCibrbYR6+khmrhZtY0Bgn6hWq8Gswl9iIlymA+VzCbshWIMX4o2O8C8ng== +"@lerna/pack-directory@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/pack-directory/-/pack-directory-4.0.0.tgz#8b617db95d20792f043aaaa13a9ccc0e04cb4c74" + integrity sha512-NJrmZNmBHS+5aM+T8N6FVbaKFScVqKlQFJNY2k7nsJ/uklNKsLLl6VhTQBPwMTbf6Tf7l6bcKzpy7aePuq9UiQ== dependencies: - "@lerna/get-packed" "3.16.0" - "@lerna/package" "3.16.0" - "@lerna/run-lifecycle" "3.16.2" - figgy-pudding "^3.5.1" - npm-packlist "^1.4.4" + "@lerna/get-packed" "4.0.0" + "@lerna/package" "4.0.0" + "@lerna/run-lifecycle" "4.0.0" + npm-packlist "^2.1.4" npmlog "^4.1.2" - tar "^4.4.10" - temp-write "^3.4.0" + tar "^6.1.0" + temp-write "^4.0.0" -"@lerna/package-graph@3.18.5": - version "3.18.5" - resolved "https://registry.yarnpkg.com/@lerna/package-graph/-/package-graph-3.18.5.tgz#c740e2ea3578d059e551633e950690831b941f6b" - integrity sha512-8QDrR9T+dBegjeLr+n9WZTVxUYUhIUjUgZ0gvNxUBN8S1WB9r6H5Yk56/MVaB64tA3oGAN9IIxX6w0WvTfFudA== +"@lerna/package-graph@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/package-graph/-/package-graph-4.0.0.tgz#16a00253a8ac810f72041481cb46bcee8d8123dd" + integrity sha512-QED2ZCTkfXMKFoTGoccwUzjHtZMSf3UKX14A4/kYyBms9xfFsesCZ6SLI5YeySEgcul8iuIWfQFZqRw+Qrjraw== dependencies: - "@lerna/prerelease-id-from-version" "3.16.0" - "@lerna/validation-error" "3.13.0" - npm-package-arg "^6.1.0" + "@lerna/prerelease-id-from-version" "4.0.0" + "@lerna/validation-error" "4.0.0" + npm-package-arg "^8.1.0" npmlog "^4.1.2" - semver "^6.2.0" + semver "^7.3.4" -"@lerna/package@3.16.0": - version "3.16.0" - resolved "https://registry.yarnpkg.com/@lerna/package/-/package-3.16.0.tgz#7e0a46e4697ed8b8a9c14d59c7f890e0d38ba13c" - integrity sha512-2lHBWpaxcBoiNVbtyLtPUuTYEaB/Z+eEqRS9duxpZs6D+mTTZMNy6/5vpEVSCBmzvdYpyqhqaYjjSLvjjr5Riw== +"@lerna/package@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/package/-/package-4.0.0.tgz#1b4c259c4bcff45c876ee1d591a043aacbc0d6b7" + integrity sha512-l0M/izok6FlyyitxiQKr+gZLVFnvxRQdNhzmQ6nRnN9dvBJWn+IxxpM+cLqGACatTnyo9LDzNTOj2Db3+s0s8Q== dependencies: - load-json-file "^5.3.0" - npm-package-arg "^6.1.0" - write-pkg "^3.1.0" + load-json-file "^6.2.0" + npm-package-arg "^8.1.0" + write-pkg "^4.0.0" -"@lerna/prerelease-id-from-version@3.16.0": - version "3.16.0" - resolved "https://registry.yarnpkg.com/@lerna/prerelease-id-from-version/-/prerelease-id-from-version-3.16.0.tgz#b24bfa789f5e1baab914d7b08baae9b7bd7d83a1" - integrity sha512-qZyeUyrE59uOK8rKdGn7jQz+9uOpAaF/3hbslJVFL1NqF9ELDTqjCPXivuejMX/lN4OgD6BugTO4cR7UTq/sZA== +"@lerna/prerelease-id-from-version@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/prerelease-id-from-version/-/prerelease-id-from-version-4.0.0.tgz#c7e0676fcee1950d85630e108eddecdd5b48c916" + integrity sha512-GQqguzETdsYRxOSmdFZ6zDBXDErIETWOqomLERRY54f4p+tk4aJjoVdd9xKwehC9TBfIFvlRbL1V9uQGHh1opg== dependencies: - semver "^6.2.0" + semver "^7.3.4" -"@lerna/profiler@3.20.0": - version "3.20.0" - resolved "https://registry.yarnpkg.com/@lerna/profiler/-/profiler-3.20.0.tgz#0f6dc236f4ea8f9ea5f358c6703305a4f32ad051" - integrity sha512-bh8hKxAlm6yu8WEOvbLENm42i2v9SsR4WbrCWSbsmOElx3foRnMlYk7NkGECa+U5c3K4C6GeBbwgqs54PP7Ljg== +"@lerna/profiler@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/profiler/-/profiler-4.0.0.tgz#8a53ab874522eae15d178402bff90a14071908e9" + integrity sha512-/BaEbqnVh1LgW/+qz8wCuI+obzi5/vRE8nlhjPzdEzdmWmZXuCKyWSEzAyHOJWw1ntwMiww5dZHhFQABuoFz9Q== dependencies: - figgy-pudding "^3.5.1" - fs-extra "^8.1.0" + fs-extra "^9.1.0" npmlog "^4.1.2" - upath "^1.2.0" + upath "^2.0.1" -"@lerna/project@3.21.0": - version "3.21.0" - resolved "https://registry.yarnpkg.com/@lerna/project/-/project-3.21.0.tgz#5d784d2d10c561a00f20320bcdb040997c10502d" - integrity sha512-xT1mrpET2BF11CY32uypV2GPtPVm6Hgtha7D81GQP9iAitk9EccrdNjYGt5UBYASl4CIDXBRxwmTTVGfrCx82A== +"@lerna/project@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/project/-/project-4.0.0.tgz#ff84893935833533a74deff30c0e64ddb7f0ba6b" + integrity sha512-o0MlVbDkD5qRPkFKlBZsXZjoNTWPyuL58564nSfZJ6JYNmgAptnWPB2dQlAc7HWRZkmnC2fCkEdoU+jioPavbg== dependencies: - "@lerna/package" "3.16.0" - "@lerna/validation-error" "3.13.0" - cosmiconfig "^5.1.0" + "@lerna/package" "4.0.0" + "@lerna/validation-error" "4.0.0" + cosmiconfig "^7.0.0" dedent "^0.7.0" - dot-prop "^4.2.0" - glob-parent "^5.0.0" - globby "^9.2.0" - load-json-file "^5.3.0" + dot-prop "^6.0.1" + glob-parent "^5.1.1" + globby "^11.0.2" + load-json-file "^6.2.0" npmlog "^4.1.2" - p-map "^2.1.0" - resolve-from "^4.0.0" - write-json-file "^3.2.0" + p-map "^4.0.0" + resolve-from "^5.0.0" + write-json-file "^4.3.0" -"@lerna/prompt@3.18.5": - version "3.18.5" - resolved "https://registry.yarnpkg.com/@lerna/prompt/-/prompt-3.18.5.tgz#628cd545f225887d060491ab95df899cfc5218a1" - integrity sha512-rkKj4nm1twSbBEb69+Em/2jAERK8htUuV8/xSjN0NPC+6UjzAwY52/x9n5cfmpa9lyKf/uItp7chCI7eDmNTKQ== +"@lerna/prompt@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/prompt/-/prompt-4.0.0.tgz#5ec69a803f3f0db0ad9f221dad64664d3daca41b" + integrity sha512-4Ig46oCH1TH5M7YyTt53fT6TuaKMgqUUaqdgxvp6HP6jtdak6+amcsqB8YGz2eQnw/sdxunx84DfI9XpoLj4bQ== dependencies: - inquirer "^6.2.0" + inquirer "^7.3.3" npmlog "^4.1.2" -"@lerna/publish@3.22.1": - version "3.22.1" - resolved "https://registry.yarnpkg.com/@lerna/publish/-/publish-3.22.1.tgz#b4f7ce3fba1e9afb28be4a1f3d88222269ba9519" - integrity sha512-PG9CM9HUYDreb1FbJwFg90TCBQooGjj+n/pb3gw/eH5mEDq0p8wKdLFe0qkiqUkm/Ub5C8DbVFertIo0Vd0zcw== - dependencies: - "@evocateur/libnpmaccess" "^3.1.2" - "@evocateur/npm-registry-fetch" "^4.0.0" - "@evocateur/pacote" "^9.6.3" - "@lerna/check-working-tree" "3.16.5" - "@lerna/child-process" "3.16.5" - "@lerna/collect-updates" "3.20.0" - "@lerna/command" "3.21.0" - "@lerna/describe-ref" "3.16.5" - "@lerna/log-packed" "3.16.0" - "@lerna/npm-conf" "3.16.0" - "@lerna/npm-dist-tag" "3.18.5" - "@lerna/npm-publish" "3.18.5" - "@lerna/otplease" "3.18.5" - "@lerna/output" "3.13.0" - "@lerna/pack-directory" "3.16.4" - "@lerna/prerelease-id-from-version" "3.16.0" - "@lerna/prompt" "3.18.5" - "@lerna/pulse-till-done" "3.13.0" - "@lerna/run-lifecycle" "3.16.2" - "@lerna/run-topologically" "3.18.5" - "@lerna/validation-error" "3.13.0" - "@lerna/version" "3.22.1" - figgy-pudding "^3.5.1" - fs-extra "^8.1.0" - npm-package-arg "^6.1.0" +"@lerna/publish@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/publish/-/publish-4.0.0.tgz#f67011305adeba120066a3b6d984a5bb5fceef65" + integrity sha512-K8jpqjHrChH22qtkytA5GRKIVFEtqBF6JWj1I8dWZtHs4Jywn8yB1jQ3BAMLhqmDJjWJtRck0KXhQQKzDK2UPg== + dependencies: + "@lerna/check-working-tree" "4.0.0" + "@lerna/child-process" "4.0.0" + "@lerna/collect-updates" "4.0.0" + "@lerna/command" "4.0.0" + "@lerna/describe-ref" "4.0.0" + "@lerna/log-packed" "4.0.0" + "@lerna/npm-conf" "4.0.0" + "@lerna/npm-dist-tag" "4.0.0" + "@lerna/npm-publish" "4.0.0" + "@lerna/otplease" "4.0.0" + "@lerna/output" "4.0.0" + "@lerna/pack-directory" "4.0.0" + "@lerna/prerelease-id-from-version" "4.0.0" + "@lerna/prompt" "4.0.0" + "@lerna/pulse-till-done" "4.0.0" + "@lerna/run-lifecycle" "4.0.0" + "@lerna/run-topologically" "4.0.0" + "@lerna/validation-error" "4.0.0" + "@lerna/version" "4.0.0" + fs-extra "^9.1.0" + libnpmaccess "^4.0.1" + npm-package-arg "^8.1.0" + npm-registry-fetch "^9.0.0" npmlog "^4.1.2" - p-finally "^1.0.0" - p-map "^2.1.0" - p-pipe "^1.2.0" - semver "^6.2.0" + p-map "^4.0.0" + p-pipe "^3.1.0" + pacote "^11.2.6" + semver "^7.3.4" -"@lerna/pulse-till-done@3.13.0": - version "3.13.0" - resolved "https://registry.yarnpkg.com/@lerna/pulse-till-done/-/pulse-till-done-3.13.0.tgz#c8e9ce5bafaf10d930a67d7ed0ccb5d958fe0110" - integrity sha512-1SOHpy7ZNTPulzIbargrgaJX387csN7cF1cLOGZiJQA6VqnS5eWs2CIrG8i8wmaUavj2QlQ5oEbRMVVXSsGrzA== +"@lerna/pulse-till-done@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/pulse-till-done/-/pulse-till-done-4.0.0.tgz#04bace7d483a8205c187b806bcd8be23d7bb80a3" + integrity sha512-Frb4F7QGckaybRhbF7aosLsJ5e9WuH7h0KUkjlzSByVycxY91UZgaEIVjS2oN9wQLrheLMHl6SiFY0/Pvo0Cxg== dependencies: npmlog "^4.1.2" -"@lerna/query-graph@3.18.5": - version "3.18.5" - resolved "https://registry.yarnpkg.com/@lerna/query-graph/-/query-graph-3.18.5.tgz#df4830bb5155273003bf35e8dda1c32d0927bd86" - integrity sha512-50Lf4uuMpMWvJ306be3oQDHrWV42nai9gbIVByPBYJuVW8dT8O8pA3EzitNYBUdLL9/qEVbrR0ry1HD7EXwtRA== +"@lerna/query-graph@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/query-graph/-/query-graph-4.0.0.tgz#09dd1c819ac5ee3f38db23931143701f8a6eef63" + integrity sha512-YlP6yI3tM4WbBmL9GCmNDoeQyzcyg1e4W96y/PKMZa5GbyUvkS2+Jc2kwPD+5KcXou3wQZxSPzR3Te5OenaDdg== dependencies: - "@lerna/package-graph" "3.18.5" - figgy-pudding "^3.5.1" + "@lerna/package-graph" "4.0.0" -"@lerna/resolve-symlink@3.16.0": - version "3.16.0" - resolved "https://registry.yarnpkg.com/@lerna/resolve-symlink/-/resolve-symlink-3.16.0.tgz#37fc7095fabdbcf317c26eb74e0d0bde8efd2386" - integrity sha512-Ibj5e7njVHNJ/NOqT4HlEgPFPtPLWsO7iu59AM5bJDcAJcR96mLZ7KGVIsS2tvaO7akMEJvt2P+ErwCdloG3jQ== +"@lerna/resolve-symlink@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/resolve-symlink/-/resolve-symlink-4.0.0.tgz#6d006628a210c9b821964657a9e20a8c9a115e14" + integrity sha512-RtX8VEUzqT+uLSCohx8zgmjc6zjyRlh6i/helxtZTMmc4+6O4FS9q5LJas2uGO2wKvBlhcD6siibGt7dIC3xZA== dependencies: - fs-extra "^8.1.0" + fs-extra "^9.1.0" npmlog "^4.1.2" - read-cmd-shim "^1.0.1" + read-cmd-shim "^2.0.0" -"@lerna/rimraf-dir@3.16.5": - version "3.16.5" - resolved "https://registry.yarnpkg.com/@lerna/rimraf-dir/-/rimraf-dir-3.16.5.tgz#04316ab5ffd2909657aaf388ea502cb8c2f20a09" - integrity sha512-bQlKmO0pXUsXoF8lOLknhyQjOZsCc0bosQDoX4lujBXSWxHVTg1VxURtWf2lUjz/ACsJVDfvHZbDm8kyBk5okA== +"@lerna/rimraf-dir@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/rimraf-dir/-/rimraf-dir-4.0.0.tgz#2edf3b62d4eb0ef4e44e430f5844667d551ec25a" + integrity sha512-QNH9ABWk9mcMJh2/muD9iYWBk1oQd40y6oH+f3wwmVGKYU5YJD//+zMiBI13jxZRtwBx0vmBZzkBkK1dR11cBg== dependencies: - "@lerna/child-process" "3.16.5" + "@lerna/child-process" "4.0.0" npmlog "^4.1.2" - path-exists "^3.0.0" - rimraf "^2.6.2" + path-exists "^4.0.0" + rimraf "^3.0.2" -"@lerna/run-lifecycle@3.16.2": - version "3.16.2" - resolved "https://registry.yarnpkg.com/@lerna/run-lifecycle/-/run-lifecycle-3.16.2.tgz#67b288f8ea964db9ea4fb1fbc7715d5bbb0bce00" - integrity sha512-RqFoznE8rDpyyF0rOJy3+KjZCeTkO8y/OB9orPauR7G2xQ7PTdCpgo7EO6ZNdz3Al+k1BydClZz/j78gNCmL2A== +"@lerna/run-lifecycle@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/run-lifecycle/-/run-lifecycle-4.0.0.tgz#e648a46f9210a9bcd7c391df6844498cb5079334" + integrity sha512-IwxxsajjCQQEJAeAaxF8QdEixfI7eLKNm4GHhXHrgBu185JcwScFZrj9Bs+PFKxwb+gNLR4iI5rpUdY8Y0UdGQ== dependencies: - "@lerna/npm-conf" "3.16.0" - figgy-pudding "^3.5.1" - npm-lifecycle "^3.1.2" + "@lerna/npm-conf" "4.0.0" + npm-lifecycle "^3.1.5" npmlog "^4.1.2" -"@lerna/run-topologically@3.18.5": - version "3.18.5" - resolved "https://registry.yarnpkg.com/@lerna/run-topologically/-/run-topologically-3.18.5.tgz#3cd639da20e967d7672cb88db0f756b92f2fdfc3" - integrity sha512-6N1I+6wf4hLOnPW+XDZqwufyIQ6gqoPfHZFkfWlvTQ+Ue7CuF8qIVQ1Eddw5HKQMkxqN10thKOFfq/9NQZ4NUg== +"@lerna/run-topologically@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/run-topologically/-/run-topologically-4.0.0.tgz#af846eeee1a09b0c2be0d1bfb5ef0f7b04bb1827" + integrity sha512-EVZw9hGwo+5yp+VL94+NXRYisqgAlj0jWKWtAIynDCpghRxCE5GMO3xrQLmQgqkpUl9ZxQFpICgYv5DW4DksQA== dependencies: - "@lerna/query-graph" "3.18.5" - figgy-pudding "^3.5.1" - p-queue "^4.0.0" + "@lerna/query-graph" "4.0.0" + p-queue "^6.6.2" -"@lerna/run@3.21.0": - version "3.21.0" - resolved "https://registry.yarnpkg.com/@lerna/run/-/run-3.21.0.tgz#2a35ec84979e4d6e42474fe148d32e5de1cac891" - integrity sha512-fJF68rT3veh+hkToFsBmUJ9MHc9yGXA7LSDvhziAojzOb0AI/jBDp6cEcDQyJ7dbnplba2Lj02IH61QUf9oW0Q== - dependencies: - "@lerna/command" "3.21.0" - "@lerna/filter-options" "3.20.0" - "@lerna/npm-run-script" "3.16.5" - "@lerna/output" "3.13.0" - "@lerna/profiler" "3.20.0" - "@lerna/run-topologically" "3.18.5" - "@lerna/timer" "3.13.0" - "@lerna/validation-error" "3.13.0" - p-map "^2.1.0" - -"@lerna/symlink-binary@3.17.0": - version "3.17.0" - resolved "https://registry.yarnpkg.com/@lerna/symlink-binary/-/symlink-binary-3.17.0.tgz#8f8031b309863814883d3f009877f82e38aef45a" - integrity sha512-RLpy9UY6+3nT5J+5jkM5MZyMmjNHxZIZvXLV+Q3MXrf7Eaa1hNqyynyj4RO95fxbS+EZc4XVSk25DGFQbcRNSQ== - dependencies: - "@lerna/create-symlink" "3.16.2" - "@lerna/package" "3.16.0" - fs-extra "^8.1.0" - p-map "^2.1.0" +"@lerna/run@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/run/-/run-4.0.0.tgz#4bc7fda055a729487897c23579694f6183c91262" + integrity sha512-9giulCOzlMPzcZS/6Eov6pxE9gNTyaXk0Man+iCIdGJNMrCnW7Dme0Z229WWP/UoxDKg71F2tMsVVGDiRd8fFQ== + dependencies: + "@lerna/command" "4.0.0" + "@lerna/filter-options" "4.0.0" + "@lerna/npm-run-script" "4.0.0" + "@lerna/output" "4.0.0" + "@lerna/profiler" "4.0.0" + "@lerna/run-topologically" "4.0.0" + "@lerna/timer" "4.0.0" + "@lerna/validation-error" "4.0.0" + p-map "^4.0.0" + +"@lerna/symlink-binary@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/symlink-binary/-/symlink-binary-4.0.0.tgz#21009f62d53a425f136cb4c1a32c6b2a0cc02d47" + integrity sha512-zualodWC4q1QQc1pkz969hcFeWXOsVYZC5AWVtAPTDfLl+TwM7eG/O6oP+Rr3fFowspxo6b1TQ6sYfDV6HXNWA== + dependencies: + "@lerna/create-symlink" "4.0.0" + "@lerna/package" "4.0.0" + fs-extra "^9.1.0" + p-map "^4.0.0" -"@lerna/symlink-dependencies@3.17.0": - version "3.17.0" - resolved "https://registry.yarnpkg.com/@lerna/symlink-dependencies/-/symlink-dependencies-3.17.0.tgz#48d6360e985865a0e56cd8b51b308a526308784a" - integrity sha512-KmjU5YT1bpt6coOmdFueTJ7DFJL4H1w5eF8yAQ2zsGNTtZ+i5SGFBWpb9AQaw168dydc3s4eu0W0Sirda+F59Q== +"@lerna/symlink-dependencies@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/symlink-dependencies/-/symlink-dependencies-4.0.0.tgz#8910eca084ae062642d0490d8972cf2d98e9ebbd" + integrity sha512-BABo0MjeUHNAe2FNGty1eantWp8u83BHSeIMPDxNq0MuW2K3CiQRaeWT3EGPAzXpGt0+hVzBrA6+OT0GPn7Yuw== dependencies: - "@lerna/create-symlink" "3.16.2" - "@lerna/resolve-symlink" "3.16.0" - "@lerna/symlink-binary" "3.17.0" - fs-extra "^8.1.0" - p-finally "^1.0.0" - p-map "^2.1.0" - p-map-series "^1.0.0" + "@lerna/create-symlink" "4.0.0" + "@lerna/resolve-symlink" "4.0.0" + "@lerna/symlink-binary" "4.0.0" + fs-extra "^9.1.0" + p-map "^4.0.0" + p-map-series "^2.1.0" -"@lerna/timer@3.13.0": - version "3.13.0" - resolved "https://registry.yarnpkg.com/@lerna/timer/-/timer-3.13.0.tgz#bcd0904551db16e08364d6c18e5e2160fc870781" - integrity sha512-RHWrDl8U4XNPqY5MQHkToWS9jHPnkLZEt5VD+uunCKTfzlxGnRCr3/zVr8VGy/uENMYpVP3wJa4RKGY6M0vkRw== +"@lerna/timer@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/timer/-/timer-4.0.0.tgz#a52e51bfcd39bfd768988049ace7b15c1fd7a6da" + integrity sha512-WFsnlaE7SdOvjuyd05oKt8Leg3ENHICnvX3uYKKdByA+S3g+TCz38JsNs7OUZVt+ba63nC2nbXDlUnuT2Xbsfg== -"@lerna/validation-error@3.13.0": - version "3.13.0" - resolved "https://registry.yarnpkg.com/@lerna/validation-error/-/validation-error-3.13.0.tgz#c86b8f07c5ab9539f775bd8a54976e926f3759c3" - integrity sha512-SiJP75nwB8GhgwLKQfdkSnDufAaCbkZWJqEDlKOUPUvVOplRGnfL+BPQZH5nvq2BYSRXsksXWZ4UHVnQZI/HYA== +"@lerna/validation-error@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/validation-error/-/validation-error-4.0.0.tgz#af9d62fe8304eaa2eb9a6ba1394f9aa807026d35" + integrity sha512-1rBOM5/koiVWlRi3V6dB863E1YzJS8v41UtsHgMr6gB2ncJ2LsQtMKlJpi3voqcgh41H8UsPXR58RrrpPpufyw== dependencies: npmlog "^4.1.2" -"@lerna/version@3.22.1": - version "3.22.1" - resolved "https://registry.yarnpkg.com/@lerna/version/-/version-3.22.1.tgz#9805a9247a47ee62d6b81bd9fa5fb728b24b59e2" - integrity sha512-PSGt/K1hVqreAFoi3zjD0VEDupQ2WZVlVIwesrE5GbrL2BjXowjCsTDPqblahDUPy0hp6h7E2kG855yLTp62+g== - dependencies: - "@lerna/check-working-tree" "3.16.5" - "@lerna/child-process" "3.16.5" - "@lerna/collect-updates" "3.20.0" - "@lerna/command" "3.21.0" - "@lerna/conventional-commits" "3.22.0" - "@lerna/github-client" "3.22.0" - "@lerna/gitlab-client" "3.15.0" - "@lerna/output" "3.13.0" - "@lerna/prerelease-id-from-version" "3.16.0" - "@lerna/prompt" "3.18.5" - "@lerna/run-lifecycle" "3.16.2" - "@lerna/run-topologically" "3.18.5" - "@lerna/validation-error" "3.13.0" - chalk "^2.3.1" +"@lerna/version@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/version/-/version-4.0.0.tgz#532659ec6154d8a8789c5ab53878663e244e3228" + integrity sha512-otUgiqs5W9zGWJZSCCMRV/2Zm2A9q9JwSDS7s/tlKq4mWCYriWo7+wsHEA/nPTMDyYyBO5oyZDj+3X50KDUzeA== + dependencies: + "@lerna/check-working-tree" "4.0.0" + "@lerna/child-process" "4.0.0" + "@lerna/collect-updates" "4.0.0" + "@lerna/command" "4.0.0" + "@lerna/conventional-commits" "4.0.0" + "@lerna/github-client" "4.0.0" + "@lerna/gitlab-client" "4.0.0" + "@lerna/output" "4.0.0" + "@lerna/prerelease-id-from-version" "4.0.0" + "@lerna/prompt" "4.0.0" + "@lerna/run-lifecycle" "4.0.0" + "@lerna/run-topologically" "4.0.0" + "@lerna/validation-error" "4.0.0" + chalk "^4.1.0" dedent "^0.7.0" - load-json-file "^5.3.0" + load-json-file "^6.2.0" minimatch "^3.0.4" npmlog "^4.1.2" - p-map "^2.1.0" - p-pipe "^1.2.0" - p-reduce "^1.0.0" - p-waterfall "^1.0.0" - semver "^6.2.0" - slash "^2.0.0" - temp-write "^3.4.0" - write-json-file "^3.2.0" + p-map "^4.0.0" + p-pipe "^3.1.0" + p-reduce "^2.1.0" + p-waterfall "^2.1.1" + semver "^7.3.4" + slash "^3.0.0" + temp-write "^4.0.0" + write-json-file "^4.3.0" -"@lerna/write-log-file@3.13.0": - version "3.13.0" - resolved "https://registry.yarnpkg.com/@lerna/write-log-file/-/write-log-file-3.13.0.tgz#b78d9e4cfc1349a8be64d91324c4c8199e822a26" - integrity sha512-RibeMnDPvlL8bFYW5C8cs4mbI3AHfQef73tnJCQ/SgrXZHehmHnsyWUiE7qDQCAo+B1RfTapvSyFF69iPj326A== +"@lerna/write-log-file@4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@lerna/write-log-file/-/write-log-file-4.0.0.tgz#18221a38a6a307d6b0a5844dd592ad53fa27091e" + integrity sha512-XRG5BloiArpXRakcnPHmEHJp+4AtnhRtpDIHSghmXD5EichI1uD73J7FgPp30mm2pDRq3FdqB0NbwSEsJ9xFQg== dependencies: npmlog "^4.1.2" - write-file-atomic "^2.3.0" - -"@mrmlnc/readdir-enhanced@^2.2.1": - version "2.2.1" - resolved "https://registry.yarnpkg.com/@mrmlnc/readdir-enhanced/-/readdir-enhanced-2.2.1.tgz#524af240d1a360527b730475ecfa1344aa540dde" - integrity sha512-bPHp6Ji8b41szTOcaP63VlnbbO5Ny6dwAATtY6JTjh5N2OLrb5Qk/Th5cRkRQhkWCt+EJsYrNB0MiL+Gpn6e3g== - dependencies: - call-me-maybe "^1.0.1" - glob-to-regexp "^0.3.0" + write-file-atomic "^3.0.3" "@nodelib/fs.scandir@2.1.4": version "2.1.4" @@ -1300,11 +1204,6 @@ resolved "https://registry.yarnpkg.com/@nodelib/fs.stat/-/fs.stat-2.0.4.tgz#a3f2dd61bab43b8db8fa108a121cfffe4c676655" integrity sha512-IYlHJA0clt2+Vg7bccq+TzRdJvv19c2INqBSsoOLp1je7xjtr7J26+WXR72MCdvU9q1qTzIWDfhMf+DRvQJK4Q== -"@nodelib/fs.stat@^1.1.2": - version "1.1.3" - resolved "https://registry.yarnpkg.com/@nodelib/fs.stat/-/fs.stat-1.1.3.tgz#2b5a3ab3f918cca48a8c754c08168e3f03eba61b" - integrity sha512-shAmDyaQC4H92APFoIaVDHCx5bStIocgvbwQyxPRrbUY20V1EYTbSDchWbuwlMG3V17cprZhA6+78JfB+3DTPw== - "@nodelib/fs.walk@^1.2.3": version "1.2.6" resolved "https://registry.yarnpkg.com/@nodelib/fs.walk/-/fs.walk-1.2.6.tgz#cce9396b30aa5afe9e3756608f5831adcb53d063" @@ -1313,7 +1212,66 @@ "@nodelib/fs.scandir" "2.1.4" fastq "^1.6.0" -"@octokit/auth-token@^2.4.0", "@octokit/auth-token@^2.4.4": +"@npmcli/ci-detect@^1.0.0": + version "1.3.0" + resolved "https://registry.yarnpkg.com/@npmcli/ci-detect/-/ci-detect-1.3.0.tgz#6c1d2c625fb6ef1b9dea85ad0a5afcbef85ef22a" + integrity sha512-oN3y7FAROHhrAt7Rr7PnTSwrHrZVRTS2ZbyxeQwSSYD0ifwM3YNgQqbaRmjcWoPyq77MjchusjJDspbzMmip1Q== + +"@npmcli/git@^2.0.1": + version "2.0.6" + resolved "https://registry.yarnpkg.com/@npmcli/git/-/git-2.0.6.tgz#47b97e96b2eede3f38379262fa3bdfa6eae57bf2" + integrity sha512-a1MnTfeRPBaKbFY07fd+6HugY1WAkKJzdiJvlRub/9o5xz2F/JtPacZZapx5zRJUQFIzSL677vmTSxEcDMrDbg== + dependencies: + "@npmcli/promise-spawn" "^1.1.0" + lru-cache "^6.0.0" + mkdirp "^1.0.3" + npm-pick-manifest "^6.0.0" + promise-inflight "^1.0.1" + promise-retry "^2.0.1" + semver "^7.3.2" + unique-filename "^1.1.1" + which "^2.0.2" + +"@npmcli/installed-package-contents@^1.0.6": + version "1.0.7" + resolved "https://registry.yarnpkg.com/@npmcli/installed-package-contents/-/installed-package-contents-1.0.7.tgz#ab7408c6147911b970a8abe261ce512232a3f4fa" + integrity sha512-9rufe0wnJusCQoLpV9ZPKIVP55itrM5BxOXs10DmdbRfgWtHy1LDyskbwRnBghuB0PrF7pNPOqREVtpz4HqzKw== + dependencies: + npm-bundled "^1.1.1" + npm-normalize-package-bin "^1.0.1" + +"@npmcli/move-file@^1.0.1": + version "1.1.2" + resolved "https://registry.yarnpkg.com/@npmcli/move-file/-/move-file-1.1.2.tgz#1a82c3e372f7cae9253eb66d72543d6b8685c674" + integrity sha512-1SUf/Cg2GzGDyaf15aR9St9TWlb+XvbZXWpDx8YKs7MLzMH/BCeopv+y9vzrzgkfykCGuWOlSu3mZhj2+FQcrg== + dependencies: + mkdirp "^1.0.4" + rimraf "^3.0.2" + +"@npmcli/node-gyp@^1.0.2": + version "1.0.2" + resolved "https://registry.yarnpkg.com/@npmcli/node-gyp/-/node-gyp-1.0.2.tgz#3cdc1f30e9736dbc417373ed803b42b1a0a29ede" + integrity sha512-yrJUe6reVMpktcvagumoqD9r08fH1iRo01gn1u0zoCApa9lnZGEigVKUd2hzsCId4gdtkZZIVscLhNxMECKgRg== + +"@npmcli/promise-spawn@^1.1.0", "@npmcli/promise-spawn@^1.2.0", "@npmcli/promise-spawn@^1.3.2": + version "1.3.2" + resolved "https://registry.yarnpkg.com/@npmcli/promise-spawn/-/promise-spawn-1.3.2.tgz#42d4e56a8e9274fba180dabc0aea6e38f29274f5" + integrity sha512-QyAGYo/Fbj4MXeGdJcFzZ+FkDkomfRBrPM+9QYJSg+PxgAUL+LU3FneQk37rKR2/zjqkCV1BLHccX98wRXG3Sg== + dependencies: + infer-owner "^1.0.4" + +"@npmcli/run-script@^1.8.2": + version "1.8.4" + resolved "https://registry.yarnpkg.com/@npmcli/run-script/-/run-script-1.8.4.tgz#03ced92503a6fe948cbc0975ce39210bc5e824d6" + integrity sha512-Yd9HXTtF1JGDXZw0+SOn+mWLYS0e7bHBHVC/2C8yqs4wUrs/k8rwBSinD7rfk+3WG/MFGRZKxjyoD34Pch2E/A== + dependencies: + "@npmcli/node-gyp" "^1.0.2" + "@npmcli/promise-spawn" "^1.3.2" + infer-owner "^1.0.4" + node-gyp "^7.1.0" + read-package-json-fast "^2.0.1" + +"@octokit/auth-token@^2.4.4": version "2.4.5" resolved "https://registry.yarnpkg.com/@octokit/auth-token/-/auth-token-2.4.5.tgz#568ccfb8cb46f36441fac094ce34f7a875b197f3" integrity sha512-BpGYsPgJt05M7/L/5FoE1PiAbdxXFZkX/3kDYcsvd1v6UhlnE5e96dTDr0ezX/EFwciQxf3cNV0loipsURU+WA== @@ -1361,13 +1319,6 @@ resolved "https://registry.yarnpkg.com/@octokit/plugin-enterprise-rest/-/plugin-enterprise-rest-6.0.1.tgz#e07896739618dab8da7d4077c658003775f95437" integrity sha512-93uGjlhUD+iNg1iWhUENAtJata6w5nE+V4urXOAlIXdco6xNZtUSfYY8dzp3Udy74aqO/B5UZL80x/YMa5PKRw== -"@octokit/plugin-paginate-rest@^1.1.1": - version "1.1.2" - resolved "https://registry.yarnpkg.com/@octokit/plugin-paginate-rest/-/plugin-paginate-rest-1.1.2.tgz#004170acf8c2be535aba26727867d692f7b488fc" - integrity sha512-jbsSoi5Q1pj63sC16XIUboklNw+8tL9VOnJsWycWYR78TKss5PVpIPb1TUUcMQ+bBh7cY579cVAWmf5qG+dw+Q== - dependencies: - "@octokit/types" "^2.0.1" - "@octokit/plugin-paginate-rest@^2.6.2": version "2.13.2" resolved "https://registry.yarnpkg.com/@octokit/plugin-paginate-rest/-/plugin-paginate-rest-2.13.2.tgz#7b8244a0dd7a31135ba2adc58a533213837bfe87" @@ -1375,19 +1326,11 @@ dependencies: "@octokit/types" "^6.11.0" -"@octokit/plugin-request-log@^1.0.0", "@octokit/plugin-request-log@^1.0.2": +"@octokit/plugin-request-log@^1.0.2": version "1.0.3" resolved "https://registry.yarnpkg.com/@octokit/plugin-request-log/-/plugin-request-log-1.0.3.tgz#70a62be213e1edc04bb8897ee48c311482f9700d" integrity sha512-4RFU4li238jMJAzLgAwkBAw+4Loile5haQMQr+uhFq27BmyJXcXSKvoQKqh0agsZEiUlW6iSv3FAgvmGkur7OQ== -"@octokit/plugin-rest-endpoint-methods@2.4.0": - version "2.4.0" - resolved "https://registry.yarnpkg.com/@octokit/plugin-rest-endpoint-methods/-/plugin-rest-endpoint-methods-2.4.0.tgz#3288ecf5481f68c494dd0602fc15407a59faf61e" - integrity sha512-EZi/AWhtkdfAYi01obpX0DF7U6b1VRr30QNQ5xSFPITMdLSfhcBqjamE3F+sKcxPbD7eZuMHu3Qkk2V+JGxBDQ== - dependencies: - "@octokit/types" "^2.0.1" - deprecation "^2.3.1" - "@octokit/plugin-rest-endpoint-methods@4.13.5": version "4.13.5" resolved "https://registry.yarnpkg.com/@octokit/plugin-rest-endpoint-methods/-/plugin-rest-endpoint-methods-4.13.5.tgz#ad76285b82fe05fbb4adf2774a9c887f3534a880" @@ -1396,15 +1339,6 @@ "@octokit/types" "^6.12.2" deprecation "^2.3.1" -"@octokit/request-error@^1.0.2": - version "1.2.1" - resolved "https://registry.yarnpkg.com/@octokit/request-error/-/request-error-1.2.1.tgz#ede0714c773f32347576c25649dc013ae6b31801" - integrity sha512-+6yDyk1EES6WK+l3viRDElw96MvwfJxCt45GvmjDUKWjYIb3PJZQkq3i46TwGwoPD4h8NmTrENmtyA1FwbmhRA== - dependencies: - "@octokit/types" "^2.0.0" - deprecation "^2.0.0" - once "^1.4.0" - "@octokit/request-error@^2.0.0", "@octokit/request-error@^2.0.5": version "2.0.5" resolved "https://registry.yarnpkg.com/@octokit/request-error/-/request-error-2.0.5.tgz#72cc91edc870281ad583a42619256b380c600143" @@ -1414,7 +1348,7 @@ deprecation "^2.0.0" once "^1.4.0" -"@octokit/request@^5.2.0", "@octokit/request@^5.3.0", "@octokit/request@^5.4.12": +"@octokit/request@^5.3.0", "@octokit/request@^5.4.12": version "5.4.14" resolved "https://registry.yarnpkg.com/@octokit/request/-/request-5.4.14.tgz#ec5f96f78333bb2af390afa5ff66f114b063bc96" integrity sha512-VkmtacOIQp9daSnBmDI92xNIeLuSRDOIuplp/CJomkvzt7M18NXgG044Cx/LFKLgjKt9T2tZR6AtJayba9GTSA== @@ -1428,29 +1362,7 @@ once "^1.4.0" universal-user-agent "^6.0.0" -"@octokit/rest@^16.28.4": - version "16.43.2" - resolved "https://registry.yarnpkg.com/@octokit/rest/-/rest-16.43.2.tgz#c53426f1e1d1044dee967023e3279c50993dd91b" - integrity sha512-ngDBevLbBTFfrHZeiS7SAMAZ6ssuVmXuya+F/7RaVvlysgGa1JKJkKWY+jV6TCJYcW0OALfJ7nTIGXcBXzycfQ== - dependencies: - "@octokit/auth-token" "^2.4.0" - "@octokit/plugin-paginate-rest" "^1.1.1" - "@octokit/plugin-request-log" "^1.0.0" - "@octokit/plugin-rest-endpoint-methods" "2.4.0" - "@octokit/request" "^5.2.0" - "@octokit/request-error" "^1.0.2" - atob-lite "^2.0.0" - before-after-hook "^2.0.0" - btoa-lite "^1.0.0" - deprecation "^2.0.0" - lodash.get "^4.4.2" - lodash.set "^4.3.2" - lodash.uniq "^4.5.0" - octokit-pagination-methods "^1.1.0" - once "^1.4.0" - universal-user-agent "^4.0.0" - -"@octokit/rest@^18.3.5": +"@octokit/rest@^18.1.0", "@octokit/rest@^18.3.5": version "18.3.5" resolved "https://registry.yarnpkg.com/@octokit/rest/-/rest-18.3.5.tgz#a89903d46e0b4273bd3234674ec2777a651d68ab" integrity sha512-ZPeRms3WhWxQBEvoIh0zzf8xdU2FX0Capa7+lTca8YHmRsO3QNJzf1H3PcuKKsfgp91/xVDRtX91sTe1kexlbw== @@ -1460,13 +1372,6 @@ "@octokit/plugin-request-log" "^1.0.2" "@octokit/plugin-rest-endpoint-methods" "4.13.5" -"@octokit/types@^2.0.0", "@octokit/types@^2.0.1": - version "2.16.2" - resolved "https://registry.yarnpkg.com/@octokit/types/-/types-2.16.2.tgz#4c5f8da3c6fecf3da1811aef678fda03edac35d2" - integrity sha512-O75k56TYvJ8WpAakWwYRN8Bgu60KrmX0z1KqFp1kNiFNkgW+JW+9EBKZ+S33PU6SLvbihqd+3drvPxKK68Ee8Q== - dependencies: - "@types/node" ">= 8" - "@octokit/types@^6.0.3", "@octokit/types@^6.11.0", "@octokit/types@^6.12.2", "@octokit/types@^6.7.1": version "6.12.2" resolved "https://registry.yarnpkg.com/@octokit/types/-/types-6.12.2.tgz#5b44add079a478b8eb27d78cf384cc47e4411362" @@ -1572,7 +1477,7 @@ dependencies: "@types/node" "*" -"@types/glob@*", "@types/glob@^7.1.1", "@types/glob@^7.1.3": +"@types/glob@*", "@types/glob@^7.1.3": version "7.1.3" resolved "https://registry.yarnpkg.com/@types/glob/-/glob-7.1.3.tgz#e6ba80f36b7daad2c685acd9266382e68985c183" integrity sha512-SEYeGAIQIQX8NN6LDKprLjbrd5dARM5EXsd8GI/A5l0apYI1fGMWgPHSe4ZKL4eozlAyI+doUE9XbYS4xCkQ1w== @@ -1665,7 +1570,7 @@ resolved "https://registry.yarnpkg.com/@types/mockery/-/mockery-1.4.29.tgz#9ba22df37f07e3780fff8531d1a38e633f9457a5" integrity sha1-m6It838H43gP/4Ux0aOOYz+UV6U= -"@types/node@*", "@types/node@>= 8", "@types/node@^14.14.33": +"@types/node@*", "@types/node@^14.14.33": version "14.14.35" resolved "https://registry.yarnpkg.com/@types/node/-/node-14.14.35.tgz#42c953a4e2b18ab931f72477e7012172f4ffa313" integrity sha512-Lt+wj8NVPx0zUmUwumiVXapmaLUcAk3yPuHCFVXras9k5VT9TdhJqKqGVUQCD60OTMCl0qxJ57OiTL0Mic3Iag== @@ -1685,6 +1590,11 @@ resolved "https://registry.yarnpkg.com/@types/normalize-package-data/-/normalize-package-data-2.4.0.tgz#e486d0d97396d79beedd0a6e33f4534ff6b4973e" integrity sha512-f5j5b/Gf71L+dbqxIpQ4Z2WlmI/mPJ0fOkGGmFgtb6sAu97EPczzbS3/tJKxmcYDj55OX6ssqwDAWOHIYDRDGA== +"@types/parse-json@^4.0.0": + version "4.0.0" + resolved "https://registry.yarnpkg.com/@types/parse-json/-/parse-json-4.0.0.tgz#2f8bb441434d163b35fb8ffdccd7138927ffb8c0" + integrity sha512-//oorEZjL6sbPcKUaCdIGlIUeH26mgzimjBB77G6XRgnDl/L5wOnpyBGRe/Mmf5CVW3PwEBE1NjiMZ/ssFh4wA== + "@types/prettier@^2.0.0": version "2.2.3" resolved "https://registry.yarnpkg.com/@types/prettier/-/prettier-2.2.3.tgz#ef65165aea2924c9359205bf748865b8881753c0" @@ -1857,16 +1767,7 @@ resolved "https://registry.yarnpkg.com/@yarnpkg/lockfile/-/lockfile-1.1.0.tgz#e77a97fbd345b76d83245edcd17d393b1b41fb31" integrity sha512-GpSwvyXOcOOlV70vbnzjj4fW5xW/FdUF6nQEt1ENy7m4ZCczi1+/buVUPAqmGfqznsORNFzUMjctTIp8a9tuCQ== -"@zkochan/cmd-shim@^3.1.0": - version "3.1.0" - resolved "https://registry.yarnpkg.com/@zkochan/cmd-shim/-/cmd-shim-3.1.0.tgz#2ab8ed81f5bb5452a85f25758eb9b8681982fd2e" - integrity sha512-o8l0+x7C7sMZU3v9GuJIAU10qQLtwR1dtRQIOmlNMtyaqhmpXOzx1HWiYoWfmmf9HHZoAkXpc9TM9PQYF9d4Jg== - dependencies: - is-windows "^1.0.0" - mkdirp-promise "^5.0.1" - mz "^2.5.0" - -JSONStream@^1.0.4, JSONStream@^1.3.4: +JSONStream@^1.0.4: version "1.3.5" resolved "https://registry.yarnpkg.com/JSONStream/-/JSONStream-1.3.5.tgz#3208c1f08d3a4d99261ab64f92302bc15e111ca0" integrity sha512-E+iruNOY8VV9s4JEbe1aNEm6MiszPRr/UfcHMz0TQh1BXSxHK+ASV1R6W4HpjBhSeS+54PIsAMCBmwD06LLsqQ== @@ -1874,7 +1775,7 @@ JSONStream@^1.0.4, JSONStream@^1.3.4: jsonparse "^1.2.0" through ">=2.2.7 <3" -abab@^2.0.3, abab@^2.0.5: +abab@^2.0.3: version "2.0.5" resolved "https://registry.yarnpkg.com/abab/-/abab-2.0.5.tgz#c0b678fb32d60fc1219c784d6a826fe385aeb79a" integrity sha512-9IK9EadsbHo6jLWIpxpR6pL0sazTXV6+SQv25ZB+F7Bj9mJNaOc4nCRabwd5M/JwmUa8idz6Eci6eKfJryPs6Q== @@ -1907,23 +1808,11 @@ acorn@^7.1.1, acorn@^7.4.0: resolved "https://registry.yarnpkg.com/acorn/-/acorn-7.4.1.tgz#feaed255973d2e77555b83dbc08851a6c63520fa" integrity sha512-nQyp0o1/mNdbTO1PO6kHkwSrmgZ0MT/jCCpNiwbUjGoRN4dlBhqJtoQuCnEOKzgTVwg0ZWiCoQy6SxMebQVh8A== -acorn@^8.0.5: - version "8.1.0" - resolved "https://registry.yarnpkg.com/acorn/-/acorn-8.1.0.tgz#52311fd7037ae119cbb134309e901aa46295b3fe" - integrity sha512-LWCF/Wn0nfHOmJ9rzQApGnxnvgfROzGilS8936rqN/lfcYkY9MYZzdMqN+2NJ4SlTc+m5HiSa+kNfDtI64dwUA== - add-stream@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/add-stream/-/add-stream-1.0.0.tgz#6a7990437ca736d5e1288db92bd3266d5f5cb2aa" integrity sha1-anmQQ3ynNtXhKI25K9MmbV9csqo= -agent-base@4, agent-base@^4.3.0: - version "4.3.0" - resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-4.3.0.tgz#8165f01c436009bccad0b1d122f05ed770efc6ee" - integrity sha512-salcGninV0nPrwpGNn4VTXBb1SOuXQBiqbrNXoeizJsHrsL6ERFM2Ne3JUSBWRE6aeNJI2ROP/WEEIDUiDe3cg== - dependencies: - es6-promisify "^5.0.0" - agent-base@6, agent-base@^6.0.0: version "6.0.2" resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-6.0.2.tgz#49fff58577cfee3f37176feab4c22e00f86d7f77" @@ -1931,18 +1820,13 @@ agent-base@6, agent-base@^6.0.0: dependencies: debug "4" -agent-base@~4.2.1: - version "4.2.1" - resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-4.2.1.tgz#d89e5999f797875674c07d87f260fc41e83e8ca9" - integrity sha512-JVwXMr9nHYTUXsBFKUqhJwvlcYU/blreOEUkhNR2eXZIvwd+c+o5V4MgDPKWnMS/56awN3TRzIP+KoPn+roQtg== - dependencies: - es6-promisify "^5.0.0" - -agentkeepalive@^3.4.1: - version "3.5.2" - resolved "https://registry.yarnpkg.com/agentkeepalive/-/agentkeepalive-3.5.2.tgz#a113924dd3fa24a0bc3b78108c450c2abee00f67" - integrity sha512-e0L/HNe6qkQ7H19kTlRRqUibEAwDK5AFk6y3PtMsuut2VAH6+Q4xZml1tNDJD7kSAyqmbG/K08K5WEJYtUrSlQ== +agentkeepalive@^4.1.3: + version "4.1.4" + resolved "https://registry.yarnpkg.com/agentkeepalive/-/agentkeepalive-4.1.4.tgz#d928028a4862cb11718e55227872e842a44c945b" + integrity sha512-+V/rGa3EuU74H6wR04plBb7Ks10FbtUQgRj/FQOG7uUIEuaINI+AiqJR1k6t3SVNs7o7ZjIdus6706qqzVq8jQ== dependencies: + debug "^4.1.0" + depd "^1.1.2" humanize-ms "^1.2.1" aggregate-error@^3.0.0: @@ -1978,11 +1862,6 @@ ansi-colors@^4.1.1: resolved "https://registry.yarnpkg.com/ansi-colors/-/ansi-colors-4.1.1.tgz#cbb9ae256bf750af1eab344f229aa27fe94ba348" integrity sha512-JoX0apGbHaUJBNl6yF+p6JAFYZ666/hhCGKN5t9QFjbJQKUU/g8MNbFDbvfrgKXvI1QpZplPOnwIo99lX/AAmA== -ansi-escapes@^3.2.0: - version "3.2.0" - resolved "https://registry.yarnpkg.com/ansi-escapes/-/ansi-escapes-3.2.0.tgz#8780b98ff9dbf5638152d1f1fe5c1d7b4442976b" - integrity sha512-cBhpre4ma+U0T1oM5fXg7Dy1Jw7zzwv7lt/GoCpr+hDQJoYnKVPLL4dCvSEFMmQurOQvSrwT7SL/DAlhBI97RQ== - ansi-escapes@^4.2.1: version "4.3.1" resolved "https://registry.yarnpkg.com/ansi-escapes/-/ansi-escapes-4.3.1.tgz#a5c47cc43181f1f38ffd7076837700d395522a61" @@ -2024,11 +1903,6 @@ ansi-styles@^4.0.0, ansi-styles@^4.1.0: dependencies: color-convert "^2.0.1" -any-promise@^1.0.0: - version "1.3.0" - resolved "https://registry.yarnpkg.com/any-promise/-/any-promise-1.3.0.tgz#abc6afeedcea52e809cdc0376aed3ce39635d17f" - integrity sha1-q8av7tzqUugJzcA3au0845Y10X8= - anymatch@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/anymatch/-/anymatch-2.0.0.tgz#bcb24b4f37934d9aa7ac17b4adaf89e7c76ef2eb" @@ -2064,7 +1938,7 @@ append-transform@^2.0.0: dependencies: default-require-extensions "^3.0.0" -aproba@^1.0.3, aproba@^1.1.1: +aproba@^1.0.3: version "1.2.0" resolved "https://registry.yarnpkg.com/aproba/-/aproba-1.2.0.tgz#6802e6264efd18c790a1b0d517f0f2627bf2c94a" integrity sha512-Y9J6ZjXtoYh8RnXVCMOU/ttDmk1aBjunq9vO0ta5x85WDQiQfUF9sIPBITdbiiIVcBo03Hi3jMxigBtsddlXRw== @@ -2148,10 +2022,10 @@ arr-union@^3.1.0: resolved "https://registry.yarnpkg.com/arr-union/-/arr-union-3.1.0.tgz#e39b09aea9def866a8f206e288af63919bae39c4" integrity sha1-45sJrqne+Gao8gbiiK9jkZuuOcQ= -array-differ@^2.0.3: - version "2.1.0" - resolved "https://registry.yarnpkg.com/array-differ/-/array-differ-2.1.0.tgz#4b9c1c3f14b906757082925769e8ab904f4801b1" - integrity sha512-KbUpJgx909ZscOc/7CLATBFam7P1Z1QRQInvgT0UztM9Q72aGKCunKASAl7WNW0tnPmPyEMeMhdsfWhfmW037w== +array-differ@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/array-differ/-/array-differ-3.0.0.tgz#3cbb3d0f316810eafcc47624734237d6aee4ae6b" + integrity sha512-THtfYS6KtME/yIAhKjZ2ul7XI96lQGHRputJQHO80LAWQnuGP4iCIN8vdMRboGbIEYBwU33q8Tch1os2+X0kMg== array-filter@^1.0.0: version "1.0.0" @@ -2179,23 +2053,11 @@ array-includes@^3.1.1: get-intrinsic "^1.1.1" is-string "^1.0.5" -array-union@^1.0.2: - version "1.0.2" - resolved "https://registry.yarnpkg.com/array-union/-/array-union-1.0.2.tgz#9a34410e4f4e3da23dea375be5be70f24778ec39" - integrity sha1-mjRBDk9OPaI96jdb5b5w8kd47Dk= - dependencies: - array-uniq "^1.0.1" - array-union@^2.1.0: version "2.1.0" resolved "https://registry.yarnpkg.com/array-union/-/array-union-2.1.0.tgz#b798420adbeb1de828d84acd8a2e23d3efe85e8d" integrity sha512-HGyxoOTYUyCM6stUe6EJgnd4EoewAI7zMdfqO+kGjnlZmBDz/cR5pf8r/cR4Wq60sL/p0IkcjUEEPwS3GFrIyw== -array-uniq@^1.0.1: - version "1.0.3" - resolved "https://registry.yarnpkg.com/array-uniq/-/array-uniq-1.0.3.tgz#af6ac877a25cc7f74e058894753858dfdb24fdb6" - integrity sha1-r2rId6Jcx/dOBYiUdThY39sk/bY= - array-unique@^0.3.2: version "0.3.2" resolved "https://registry.yarnpkg.com/array-unique/-/array-unique-0.3.2.tgz#a894b75d4bc4f6cd679ef3244a9fd8f46ae2d428" @@ -2215,6 +2077,11 @@ arrify@^1.0.1: resolved "https://registry.yarnpkg.com/arrify/-/arrify-1.0.1.tgz#898508da2226f380df904728456849c1501a4b0d" integrity sha1-iYUI2iIm84DfkEcoRWhJwVAaSw0= +arrify@^2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/arrify/-/arrify-2.0.1.tgz#c9655e9331e0abcd588d2a7cad7e9956f66701fa" + integrity sha512-3duEwti880xqi4eAMN8AyR4a0ByT90zoYdLlevfrvU43vb0YZwZVfxOgxWrLXXXpyugL0hNZc9G6BiB5B3nUug== + asap@^2.0.0: version "2.0.6" resolved "https://registry.yarnpkg.com/asap/-/asap-2.0.6.tgz#e50347611d7e690943208bbdafebcbc2fb866d46" @@ -2264,11 +2131,6 @@ at-least-node@^1.0.0: resolved "https://registry.yarnpkg.com/at-least-node/-/at-least-node-1.0.0.tgz#602cd4b46e844ad4effc92a8011a3c46e0238dc2" integrity sha512-+q/t7Ekv1EDY2l6Gda6LLiX14rU9TV20Wa3ofeQmwPFZbOMo9DXrLbOjFaaclkXKWidIaopwAObQDqwWtGUjqg== -atob-lite@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/atob-lite/-/atob-lite-2.0.0.tgz#0fef5ad46f1bd7a8502c65727f0367d5ee43d696" - integrity sha1-D+9a1G8b16hQLGVyfwNn1e5D1pY= - atob@^2.1.2: version "2.1.2" resolved "https://registry.yarnpkg.com/atob/-/atob-2.1.2.tgz#6d9517eb9e030d2436666651e86bd9f6f13533c9" @@ -2413,7 +2275,7 @@ bcrypt-pbkdf@^1.0.0: dependencies: tweetnacl "^0.14.3" -before-after-hook@^2.0.0, before-after-hook@^2.2.0: +before-after-hook@^2.2.0: version "2.2.0" resolved "https://registry.yarnpkg.com/before-after-hook/-/before-after-hook-2.2.0.tgz#09c40d92e936c64777aa385c4e9b904f8147eaf0" integrity sha512-jH6rKQIfroBbhEXVmI7XmXe3ix5S/PgJqpzdDPnR8JGLHWNYLsYZ6tK5iWOF/Ra3oqEX0NobXGlzbiylIzVphQ== @@ -2432,7 +2294,7 @@ bl@^4.0.3: inherits "^2.0.4" readable-stream "^3.4.0" -bluebird@^3.5.0, bluebird@^3.5.1, bluebird@^3.5.3, bluebird@^3.5.5: +bluebird@^3.5.0: version "3.7.2" resolved "https://registry.yarnpkg.com/bluebird/-/bluebird-3.7.2.tgz#9f229c15be272454ffa973ace0dbee79a1b0c36f" integrity sha512-XpNj6GDQzdfW+r2Wnn7xiSAd7TM3jzkxGXBGTtWKuSXv1xUV+azxAm8jdWZN06QTQk+2N2XB9jRDkvbmQmcRtg== @@ -2498,11 +2360,6 @@ bser@2.1.1: dependencies: node-int64 "^0.4.0" -btoa-lite@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/btoa-lite/-/btoa-lite-1.0.0.tgz#337766da15801210fdd956c22e9c6891ab9d0337" - integrity sha1-M3dm2hWAEhD92VbCLpxokaudAzc= - buffer-crc32@^0.2.1, buffer-crc32@^0.2.13: version "0.2.13" resolved "https://registry.yarnpkg.com/buffer-crc32/-/buffer-crc32-0.2.13.tgz#0d333e3f00eac50aa1454abd30ef8c2a5d9a7242" @@ -2540,36 +2397,38 @@ byline@^5.0.0: resolved "https://registry.yarnpkg.com/byline/-/byline-5.0.0.tgz#741c5216468eadc457b03410118ad77de8c1ddb1" integrity sha1-dBxSFkaOrcRXsDQQEYrXfejB3bE= -byte-size@^5.0.1: - version "5.0.1" - resolved "https://registry.yarnpkg.com/byte-size/-/byte-size-5.0.1.tgz#4b651039a5ecd96767e71a3d7ed380e48bed4191" - integrity sha512-/XuKeqWocKsYa/cBY1YbSJSWWqTi4cFgr9S6OyM7PBaPbr9zvNGwWP33vt0uqGhwDdN+y3yhbXVILEUpnwEWGw== +byte-size@^7.0.0: + version "7.0.1" + resolved "https://registry.yarnpkg.com/byte-size/-/byte-size-7.0.1.tgz#b1daf3386de7ab9d706b941a748dbfc71130dee3" + integrity sha512-crQdqyCwhokxwV1UyDzLZanhkugAgft7vt0qbbdt60C6Zf3CAiGmtUCylbtYwrU6loOUw3euGrNtW1J651ot1A== bytes@3.1.0: version "3.1.0" resolved "https://registry.yarnpkg.com/bytes/-/bytes-3.1.0.tgz#f6cf7933a360e0588fa9fde85651cdc7f805d1f6" integrity sha512-zauLjrfCG+xvoyaqLoV8bLVXXNGC4JqlxFCutSDWA6fJrTo2ZuvLYTqZ7aHBLZSMOopbzwv8f+wZcVzfVTI2Dg== -cacache@^12.0.0, cacache@^12.0.3: - version "12.0.4" - resolved "https://registry.yarnpkg.com/cacache/-/cacache-12.0.4.tgz#668bcbd105aeb5f1d92fe25570ec9525c8faa40c" - integrity sha512-a0tMB40oefvuInr4Cwb3GerbL9xTj1D5yg0T5xrjGCGyfvbxseIXX7BAO/u/hIXdafzOI5JC3wDwHyf24buOAQ== +cacache@^15.0.5: + version "15.0.5" + resolved "https://registry.yarnpkg.com/cacache/-/cacache-15.0.5.tgz#69162833da29170d6732334643c60e005f5f17d0" + integrity sha512-lloiL22n7sOjEEXdL8NAjTgv9a1u43xICE9/203qonkZUCj5X1UEWIdf2/Y0d6QcCtMzbKQyhrcDbdvlZTs/+A== dependencies: - bluebird "^3.5.5" - chownr "^1.1.1" - figgy-pudding "^3.5.1" + "@npmcli/move-file" "^1.0.1" + chownr "^2.0.0" + fs-minipass "^2.0.0" glob "^7.1.4" - graceful-fs "^4.1.15" - infer-owner "^1.0.3" - lru-cache "^5.1.1" - mississippi "^3.0.0" - mkdirp "^0.5.1" - move-concurrently "^1.0.1" + infer-owner "^1.0.4" + lru-cache "^6.0.0" + minipass "^3.1.1" + minipass-collect "^1.0.2" + minipass-flush "^1.0.5" + minipass-pipeline "^1.2.2" + mkdirp "^1.0.3" + p-map "^4.0.0" promise-inflight "^1.0.1" - rimraf "^2.6.3" - ssri "^6.0.1" + rimraf "^3.0.2" + ssri "^8.0.0" + tar "^6.0.2" unique-filename "^1.1.1" - y18n "^4.0.0" cache-base@^1.0.1: version "1.0.1" @@ -2614,30 +2473,6 @@ call-bind@^1.0.0, call-bind@^1.0.2: function-bind "^1.1.1" get-intrinsic "^1.0.2" -call-me-maybe@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/call-me-maybe/-/call-me-maybe-1.0.1.tgz#26d208ea89e37b5cbde60250a15f031c16a4d66b" - integrity sha1-JtII6onje1y95gJQoV8DHBak1ms= - -caller-callsite@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/caller-callsite/-/caller-callsite-2.0.0.tgz#847e0fce0a223750a9a027c54b33731ad3154134" - integrity sha1-hH4PzgoiN1CpoCfFSzNzGtMVQTQ= - dependencies: - callsites "^2.0.0" - -caller-path@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/caller-path/-/caller-path-2.0.0.tgz#468f83044e369ab2010fac5f06ceee15bb2cb1f4" - integrity sha1-Ro+DBE42mrIBD6xfBs7uFbsssfQ= - dependencies: - caller-callsite "^2.0.0" - -callsites@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/callsites/-/callsites-2.0.0.tgz#06eb84f00eea413da86affefacbffb36093b3c50" - integrity sha1-BuuE8A7qQT2oav/vrL/7Ngk7PFA= - callsites@^3.0.0: version "3.1.0" resolved "https://registry.yarnpkg.com/callsites/-/callsites-3.1.0.tgz#b3630abd8943432f54b3f0519238e33cd7df2f73" @@ -2651,15 +2486,6 @@ camelcase-keys@^2.0.0: camelcase "^2.0.0" map-obj "^1.0.0" -camelcase-keys@^4.0.0: - version "4.2.0" - resolved "https://registry.yarnpkg.com/camelcase-keys/-/camelcase-keys-4.2.0.tgz#a2aa5fb1af688758259c32c141426d78923b9b77" - integrity sha1-oqpfsa9oh1glnDLBQUJteJI7m3c= - dependencies: - camelcase "^4.1.0" - map-obj "^2.0.0" - quick-lru "^1.0.0" - camelcase-keys@^6.2.2: version "6.2.2" resolved "https://registry.yarnpkg.com/camelcase-keys/-/camelcase-keys-6.2.2.tgz#5e755d6ba51aa223ec7d3d52f25778210f9dc3c0" @@ -2674,11 +2500,6 @@ camelcase@^2.0.0: resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-2.1.1.tgz#7c1d16d679a1bbe59ca02cacecfb011e201f5a1f" integrity sha1-fB0W1nmhu+WcoCys7PsBHiAfWh8= -camelcase@^4.1.0: - version "4.1.0" - resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-4.1.0.tgz#d545635be1e33c542649c69173e5de6acfae34dd" - integrity sha1-1UVjW+HjPFQmScaRc+Xeas+uNN0= - camelcase@^5.0.0, camelcase@^5.3.1: version "5.3.1" resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-5.3.1.tgz#e3c9b31569e106811df242f715725a1f4c494320" @@ -2732,7 +2553,7 @@ cdk8s@^0.33.0: json-stable-stringify "^1.0.1" yaml "2.0.0-1" -chalk@^2.0.0, chalk@^2.3.1, chalk@^2.4.2: +chalk@^2.0.0, chalk@^2.4.2: version "2.4.2" resolved "https://registry.yarnpkg.com/chalk/-/chalk-2.4.2.tgz#cd42541677a54333cf541a49108c1432b44c9424" integrity sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ== @@ -2741,7 +2562,7 @@ chalk@^2.0.0, chalk@^2.3.1, chalk@^2.4.2: escape-string-regexp "^1.0.5" supports-color "^5.3.0" -chalk@^4.0.0: +chalk@^4.0.0, chalk@^4.1.0: version "4.1.0" resolved "https://registry.yarnpkg.com/chalk/-/chalk-4.1.0.tgz#4e14870a618d9e2edd97dd8345fd9d9dc315646a" integrity sha512-qwx12AxXe2Q5xQ43Ac//I6v5aXTipYrSESdOgzrN+9XjgEpyjpKuvSGaN4qE93f7TQTlerQQ8S+EQ0EyDoVL1A== @@ -2764,11 +2585,16 @@ charenc@0.0.2: resolved "https://registry.yarnpkg.com/charenc/-/charenc-0.0.2.tgz#c0a1d2f3a7092e03774bfa83f14c0fc5790a8667" integrity sha1-wKHS86cJLgN3S/qD8UwPxXkKhmc= -chownr@^1.1.1, chownr@^1.1.2: +chownr@^1.1.1: version "1.1.4" resolved "https://registry.yarnpkg.com/chownr/-/chownr-1.1.4.tgz#6fc9d7b42d32a583596337666e7d08084da2cc6b" integrity sha512-jJ0bqzaylmJtVnNgzTeSOs8DPavpbYgEr/b0YL8/2GO3xJEhInFmhKMUnEJQjZumK7KXGFhUy89PrsJWlakBVg== +chownr@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/chownr/-/chownr-2.0.0.tgz#15bfbe53d2eab4cf70f18a8cd68ebe5b3cb1dece" + integrity sha512-bIomtDF5KGpdogkLd9VspvFzk9KfpyyGlS8YFVZl7TGPBHL5snIOnxeshwVgPteQ9b4Eydl+pVbIyE1DcvCWgQ== + ci-info@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/ci-info/-/ci-info-2.0.0.tgz#67a9e964be31a51e15e5010d58e6f12834002f46" @@ -2806,17 +2632,17 @@ cli-color@~0.1.6: dependencies: es5-ext "0.8.x" -cli-cursor@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/cli-cursor/-/cli-cursor-2.1.0.tgz#b35dac376479facc3e94747d41d0d0f5238ffcb5" - integrity sha1-s12sN2R5+sw+lHR9QdDQ9SOP/LU= +cli-cursor@^3.1.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/cli-cursor/-/cli-cursor-3.1.0.tgz#264305a7ae490d1d03bf0c9ba7c925d1753af307" + integrity sha512-I/zHAwsKf9FqGoXM4WWRACob9+SNukZTd94DWF57E4toouRulbCxcUh6RKUEOQlYTHJnzkPMySvPNaaSLNfLZw== dependencies: - restore-cursor "^2.0.0" + restore-cursor "^3.1.0" -cli-width@^2.0.0: - version "2.2.1" - resolved "https://registry.yarnpkg.com/cli-width/-/cli-width-2.2.1.tgz#b0433d0b4e9c847ef18868a4ef16fd5fc8271c48" - integrity sha512-GRMWDxpOB6Dgk2E5Uo+3eEBvtOOlimMmpbFiKuLFnQzYDavtLFY3K5ona41jgN/WdRZtG7utuVSVTL4HbZHGkw== +cli-width@^3.0.0: + version "3.0.0" + resolved "https://registry.yarnpkg.com/cli-width/-/cli-width-3.0.0.tgz#a2f48437a2caa9a22436e794bf071ec9e61cedf6" + integrity sha512-FxqpkPPwu1HjuN93Omfm4h8uIanXofW0RxVEW3k5RKx+mJJYSthzNhp32Kzxxy3YAEZ/Dc/EWN1vZRY0+kOhbw== cliui@^5.0.0: version "5.0.0" @@ -2864,6 +2690,13 @@ clone@^2.1.2: resolved "https://registry.yarnpkg.com/clone/-/clone-2.1.2.tgz#1b7f4b9f591f1e8f83670401600345a02887435f" integrity sha1-G39Ln1kfHo+DZwQBYANFoCiHQ18= +cmd-shim@^4.1.0: + version "4.1.0" + resolved "https://registry.yarnpkg.com/cmd-shim/-/cmd-shim-4.1.0.tgz#b3a904a6743e9fede4148c6f3800bf2a08135bdd" + integrity sha512-lb9L7EM4I/ZRVuljLPEtUJOP+xiQVknZ4ZMpMgEp4JzNldPb27HU03hi6K1/6CoIuit/Zm/LQXySErFeXxDprw== + dependencies: + mkdirp-infer-owner "^2.0.0" + co@^4.6.0: version "4.6.0" resolved "https://registry.yarnpkg.com/co/-/co-4.6.0.tgz#6ea6bdf3d853ae54ccb8e47bfa0bf3f9031fb184" @@ -2993,20 +2826,10 @@ compress-commons@^4.1.0: normalize-path "^3.0.0" readable-stream "^3.6.0" -concat-map@0.0.1: - version "0.0.1" - resolved "https://registry.yarnpkg.com/concat-map/-/concat-map-0.0.1.tgz#d8a96bd77fd68df7793a73036a3ba0d5405d477b" - integrity sha1-2Klr13/Wjfd5OnMDajug1UBdR3s= - -concat-stream@^1.5.0: - version "1.6.2" - resolved "https://registry.yarnpkg.com/concat-stream/-/concat-stream-1.6.2.tgz#904bdf194cd3122fc675c77fc4ac3d4ff0fd1a34" - integrity sha512-27HBghJxjiZtIk3Ycvn/4kbJk/1uZuJFfuPEns6LaEvpvG1f0hTea8lilrouyo9mVc2GWdcEZ8OLoGmSADlrCw== - dependencies: - buffer-from "^1.0.0" - inherits "^2.0.3" - readable-stream "^2.2.2" - typedarray "^0.0.6" +concat-map@0.0.1: + version "0.0.1" + resolved "https://registry.yarnpkg.com/concat-map/-/concat-map-0.0.1.tgz#d8a96bd77fd68df7793a73036a3ba0d5405d477b" + integrity sha1-2Klr13/Wjfd5OnMDajug1UBdR3s= concat-stream@^2.0.0: version "2.0.0" @@ -3018,7 +2841,7 @@ concat-stream@^2.0.0: readable-stream "^3.0.2" typedarray "^0.0.6" -config-chain@^1.1.11: +config-chain@^1.1.12: version "1.1.12" resolved "https://registry.yarnpkg.com/config-chain/-/config-chain-1.1.12.tgz#0fde8d091200eb5e808caf25fe618c02f48e4efa" integrity sha512-a1eOIcu8+7lUInge4Rpf/n4Krkf3Dd9lqhljRzII1/Zno/kRtUWnznPO3jOKBmTEktkt3fkxisUcivoj0ebzoA== @@ -3041,7 +2864,7 @@ contains-path@^0.1.0: resolved "https://registry.yarnpkg.com/contains-path/-/contains-path-0.1.0.tgz#fe8cf184ff6670b6baef01a9d4861a5cbec4120a" integrity sha1-/ozxhP9mcLa67wGp1IYaXL7EEgo= -conventional-changelog-angular@^5.0.12, conventional-changelog-angular@^5.0.3: +conventional-changelog-angular@^5.0.12: version "5.0.12" resolved "https://registry.yarnpkg.com/conventional-changelog-angular/-/conventional-changelog-angular-5.0.12.tgz#c979b8b921cbfe26402eb3da5bbfda02d865a2b9" integrity sha512-5GLsbnkR/7A89RyHLvvoExbiGbd9xKdKqDTrArnPbOqBqG/2wIosu0fHwpeIRI8Tl94MhVNBXcLJZl92ZQ5USw== @@ -3088,26 +2911,7 @@ conventional-changelog-conventionalcommits@4.5.0, conventional-changelog-convent lodash "^4.17.15" q "^1.5.1" -conventional-changelog-core@^3.1.6: - version "3.2.3" - resolved "https://registry.yarnpkg.com/conventional-changelog-core/-/conventional-changelog-core-3.2.3.tgz#b31410856f431c847086a7dcb4d2ca184a7d88fb" - integrity sha512-LMMX1JlxPIq/Ez5aYAYS5CpuwbOk6QFp8O4HLAcZxe3vxoCtABkhfjetk8IYdRB9CDQGwJFLR3Dr55Za6XKgUQ== - dependencies: - conventional-changelog-writer "^4.0.6" - conventional-commits-parser "^3.0.3" - dateformat "^3.0.0" - get-pkg-repo "^1.0.0" - git-raw-commits "2.0.0" - git-remote-origin-url "^2.0.0" - git-semver-tags "^2.0.3" - lodash "^4.2.1" - normalize-package-data "^2.3.5" - q "^1.5.1" - read-pkg "^3.0.0" - read-pkg-up "^3.0.0" - through2 "^3.0.0" - -conventional-changelog-core@^4.2.1: +conventional-changelog-core@^4.2.1, conventional-changelog-core@^4.2.2: version "4.2.2" resolved "https://registry.yarnpkg.com/conventional-changelog-core/-/conventional-changelog-core-4.2.2.tgz#f0897df6d53b5d63dec36b9442bd45354f8b3ce5" integrity sha512-7pDpRUiobQDNkwHyJG7k9f6maPo9tfPzkSWbRq97GGiZqisElhnvUZSvyQH20ogfOjntB5aadvv6NNcKL1sReg== @@ -3164,12 +2968,12 @@ conventional-changelog-jshint@^2.0.9: compare-func "^2.0.0" q "^1.5.1" -conventional-changelog-preset-loader@^2.1.1, conventional-changelog-preset-loader@^2.3.4: +conventional-changelog-preset-loader@^2.3.4: version "2.3.4" resolved "https://registry.yarnpkg.com/conventional-changelog-preset-loader/-/conventional-changelog-preset-loader-2.3.4.tgz#14a855abbffd59027fd602581f1f34d9862ea44c" integrity sha512-GEKRWkrSAZeTq5+YjUZOYxdHq+ci4dNwHvpaBC3+ENalzFWuCWa9EZXSuZBpkr72sMdKB+1fyDV4takK1Lf58g== -conventional-changelog-writer@^4.0.18, conventional-changelog-writer@^4.0.6: +conventional-changelog-writer@^4.0.18: version "4.1.0" resolved "https://registry.yarnpkg.com/conventional-changelog-writer/-/conventional-changelog-writer-4.1.0.tgz#1ca7880b75aa28695ad33312a1f2366f4b12659f" integrity sha512-WwKcUp7WyXYGQmkLsX4QmU42AZ1lqlvRW9mqoyiQzdD+rJWbTepdWoKJuwXTS+yq79XKnQNa93/roViPQrAQgw== @@ -3202,7 +3006,7 @@ conventional-changelog@3.1.24, conventional-changelog@^3.1.24: conventional-changelog-jshint "^2.0.9" conventional-changelog-preset-loader "^2.3.4" -conventional-commits-filter@^2.0.2, conventional-commits-filter@^2.0.7: +conventional-commits-filter@^2.0.7: version "2.0.7" resolved "https://registry.yarnpkg.com/conventional-commits-filter/-/conventional-commits-filter-2.0.7.tgz#f8d9b4f182fce00c9af7139da49365b136c8a0b3" integrity sha512-ASS9SamOP4TbCClsRHxIHXRfcGCnIoQqkvAzCSbZzTFLfcTqJVugB0agRgsEELsqaeWgsXv513eS116wnlSSPA== @@ -3210,7 +3014,7 @@ conventional-commits-filter@^2.0.2, conventional-commits-filter@^2.0.7: lodash.ismatch "^4.4.0" modify-values "^1.0.0" -conventional-commits-parser@^3.0.3, conventional-commits-parser@^3.2.0: +conventional-commits-parser@^3.2.0: version "3.2.1" resolved "https://registry.yarnpkg.com/conventional-commits-parser/-/conventional-commits-parser-3.2.1.tgz#ba44f0b3b6588da2ee9fd8da508ebff50d116ce2" integrity sha512-OG9kQtmMZBJD/32NEw5IhN5+HnBqVjy03eC+I71I0oQRFA5rOgA4OtPOYG7mz1GkCfCNxn3gKIX8EiHJYuf1cA== @@ -3223,7 +3027,7 @@ conventional-commits-parser@^3.0.3, conventional-commits-parser@^3.2.0: through2 "^4.0.0" trim-off-newlines "^1.0.0" -conventional-recommended-bump@6.1.0: +conventional-recommended-bump@6.1.0, conventional-recommended-bump@^6.1.0: version "6.1.0" resolved "https://registry.yarnpkg.com/conventional-recommended-bump/-/conventional-recommended-bump-6.1.0.tgz#cfa623285d1de554012f2ffde70d9c8a22231f55" integrity sha512-uiApbSiNGM/kkdL9GTOLAqC4hbptObFo4wW2QRyHsKciGAfQuLU1ShZ1BIVI/+K2BE/W1AWYQMCXAsv4dyKPaw== @@ -3237,20 +3041,6 @@ conventional-recommended-bump@6.1.0: meow "^8.0.0" q "^1.5.1" -conventional-recommended-bump@^5.0.0: - version "5.0.1" - resolved "https://registry.yarnpkg.com/conventional-recommended-bump/-/conventional-recommended-bump-5.0.1.tgz#5af63903947b6e089e77767601cb592cabb106ba" - integrity sha512-RVdt0elRcCxL90IrNP0fYCpq1uGt2MALko0eyeQ+zQuDVWtMGAy9ng6yYn3kax42lCj9+XBxQ8ZN6S9bdKxDhQ== - dependencies: - concat-stream "^2.0.0" - conventional-changelog-preset-loader "^2.1.1" - conventional-commits-filter "^2.0.2" - conventional-commits-parser "^3.0.3" - git-raw-commits "2.0.0" - git-semver-tags "^2.0.3" - meow "^4.0.0" - q "^1.5.1" - convert-source-map@^1.4.0, convert-source-map@^1.6.0, convert-source-map@^1.7.0: version "1.7.0" resolved "https://registry.yarnpkg.com/convert-source-map/-/convert-source-map-1.7.0.tgz#17a2cb882d7f77d3490585e2ce6c524424a3a442" @@ -3258,18 +3048,6 @@ convert-source-map@^1.4.0, convert-source-map@^1.6.0, convert-source-map@^1.7.0: dependencies: safe-buffer "~5.1.1" -copy-concurrently@^1.0.0: - version "1.0.5" - resolved "https://registry.yarnpkg.com/copy-concurrently/-/copy-concurrently-1.0.5.tgz#92297398cae34937fcafd6ec8139c18051f0b5e0" - integrity sha512-f2domd9fsVDFtaFcbaRZuYXwtdmnzqbADSwhSWYxYB/Q8zsdUUFMXVRwXGDMWmbEzAn1kdRrtI1T/KTFOL4X2A== - dependencies: - aproba "^1.1.1" - fs-write-stream-atomic "^1.0.8" - iferr "^0.1.5" - mkdirp "^0.5.1" - rimraf "^2.5.4" - run-queue "^1.0.0" - copy-descriptor@^0.1.0: version "0.1.1" resolved "https://registry.yarnpkg.com/copy-descriptor/-/copy-descriptor-0.1.1.tgz#676f6eb3c39997c2ee1ac3a924fd6124748f578d" @@ -3280,15 +3058,16 @@ core-util-is@1.0.2, core-util-is@~1.0.0: resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7" integrity sha1-tf1UIgqivFq1eqtxQMlAdUUDwac= -cosmiconfig@^5.1.0: - version "5.2.1" - resolved "https://registry.yarnpkg.com/cosmiconfig/-/cosmiconfig-5.2.1.tgz#040f726809c591e77a17c0a3626ca45b4f168b1a" - integrity sha512-H65gsXo1SKjf8zmrJ67eJk8aIRKV5ff2D4uKZIBZShbhGSpEmsQOPW/SKMKYhSTrqR7ufy6RP69rPogdaPh/kA== +cosmiconfig@^7.0.0: + version "7.0.0" + resolved "https://registry.yarnpkg.com/cosmiconfig/-/cosmiconfig-7.0.0.tgz#ef9b44d773959cae63ddecd122de23853b60f8d3" + integrity sha512-pondGvTuVYDk++upghXJabWzL6Kxu6f26ljFw64Swq9v6sQPUL3EUlVDV56diOjpCayKihL6hVe8exIACU4XcA== dependencies: - import-fresh "^2.0.0" - is-directory "^0.3.1" - js-yaml "^3.13.1" - parse-json "^4.0.0" + "@types/parse-json" "^4.0.0" + import-fresh "^3.2.1" + parse-json "^5.0.0" + path-type "^4.0.0" + yaml "^1.10.0" coveralls@^3.0.2: version "3.1.0" @@ -3352,7 +3131,7 @@ cross-spawn@^6.0.0: shebang-command "^1.2.0" which "^1.2.9" -cross-spawn@^7.0.0, cross-spawn@^7.0.2: +cross-spawn@^7.0.0, cross-spawn@^7.0.2, cross-spawn@^7.0.3: version "7.0.3" resolved "https://registry.yarnpkg.com/cross-spawn/-/cross-spawn-7.0.3.tgz#f73a85b9d5d41d045551c177e2882d4ac85728a6" integrity sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w== @@ -3376,7 +3155,7 @@ cssom@~0.3.6: resolved "https://registry.yarnpkg.com/cssom/-/cssom-0.3.8.tgz#9f1276f5b2b463f2114d3f2c75250af8c1a36f4a" integrity sha512-b0tGHbfegbhPJpxpiBPU2sCkigAqtM9O121le6bbOlgyV+NyGyCmVfJ6QW9eRjz8CpNfWEOYBIMIGRYkLwsIYg== -cssstyle@^2.3.0: +cssstyle@^2.2.0: version "2.3.0" resolved "https://registry.yarnpkg.com/cssstyle/-/cssstyle-2.3.0.tgz#ff665a0ddbdc31864b09647f34163443d90b0852" integrity sha512-AZL67abkUzIuvcHqk7c09cezpGNcxUxU4Ioi/05xHk4DQeTkWmGYftIE6ctU6AEt+Gn4n1lDStOtj7FKycP71A== @@ -3390,18 +3169,6 @@ currently-unhandled@^0.4.1: dependencies: array-find-index "^1.0.1" -cyclist@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/cyclist/-/cyclist-1.0.1.tgz#596e9698fd0c80e12038c2b82d6eb1b35b6224d9" - integrity sha1-WW6WmP0MgOEgOMK4LW6xs1tiJNk= - -dargs@^4.0.1: - version "4.1.0" - resolved "https://registry.yarnpkg.com/dargs/-/dargs-4.1.0.tgz#03a9dbb4b5c2f139bf14ae53f0b8a2a6a86f4e17" - integrity sha1-A6nbtLXC8Tm/FK5T8LiipqhvThc= - dependencies: - number-is-nan "^1.0.0" - dargs@^7.0.0: version "7.0.0" resolved "https://registry.yarnpkg.com/dargs/-/dargs-7.0.0.tgz#04015c41de0bcb69ec84050f3d9be0caf8d6d5cc" @@ -3443,13 +3210,6 @@ dateformat@^3.0.0: resolved "https://registry.yarnpkg.com/dateformat/-/dateformat-3.0.3.tgz#a6e37499a4d9a9cf85ef5872044d62901c9889ae" integrity sha512-jyCETtSl3VMZMWeRo7iY1FL19ges1t55hMo5yaam4Jrsm5EPL89UQkoQRyiI+Yf4k8r2ZpdngkV8hr1lIdjb3Q== -debug@3.1.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/debug/-/debug-3.1.0.tgz#5bb5a0672628b64149566ba16819e61518c67261" - integrity sha512-OX8XqP7/1a9cqkxYw2yXss15f26NKWBpDXQd0/uK/KPqdQhxbPa994hnzjcE2VqQpDslf55723cKPUOGSmMY3g== - dependencies: - ms "2.0.0" - debug@4, debug@^4.0.1, debug@^4.1.0, debug@^4.1.1: version "4.3.1" resolved "https://registry.yarnpkg.com/debug/-/debug-4.3.1.tgz#f0d229c505e0c6d8c49ac553d1b13dc183f6b2ee" @@ -3464,19 +3224,12 @@ debug@^2.2.0, debug@^2.3.3, debug@^2.6.9: dependencies: ms "2.0.0" -debug@^3.1.0: - version "3.2.7" - resolved "https://registry.yarnpkg.com/debug/-/debug-3.2.7.tgz#72580b7e9145fb39b6676f9c5e5fb100b934179a" - integrity sha512-CFjzYYAi4ThfiQvizrFQevTTXHtnCqWfe7x1AhgEscTz6ZbLbfoLRLPugTQyBth6f8ZERVUSyWHFD/7Wu4t1XQ== - dependencies: - ms "^2.1.1" - debuglog@^1.0.1: version "1.0.1" resolved "https://registry.yarnpkg.com/debuglog/-/debuglog-1.0.1.tgz#aa24ffb9ac3df9a2351837cfb2d279360cd78492" integrity sha1-qiT/uaw9+aI1GDfPstJ5NgzXhJI= -decamelize-keys@^1.0.0, decamelize-keys@^1.1.0: +decamelize-keys@^1.1.0: version "1.1.0" resolved "https://registry.yarnpkg.com/decamelize-keys/-/decamelize-keys-1.1.0.tgz#d171a87933252807eb3cb61dc1c1445d078df2d9" integrity sha1-0XGoeTMlKAfrPLYdwcFEXQeN8tk= @@ -3494,7 +3247,7 @@ decamelize@^5.0.0: resolved "https://registry.yarnpkg.com/decamelize/-/decamelize-5.0.0.tgz#88358157b010ef133febfd27c18994bd80c6215b" integrity sha512-U75DcT5hrio3KNtvdULAWnLiAPbFUC4191ldxMmj4FA/mRuBnmDwU0boNfPyFRhnan+Jm+haLeSn3P0afcBn4w== -decimal.js@^10.2.1: +decimal.js@^10.2.0: version "10.2.1" resolved "https://registry.yarnpkg.com/decimal.js/-/decimal.js-10.2.1.tgz#238ae7b0f0c793d3e3cea410108b35a2c01426a3" integrity sha512-KaL7+6Fw6i5A2XSnsbhm/6B+NuEA7TZ4vqxnd5tXz9sbKtrN9Srj8ab4vKVdK8YAqZO9P1kg45Y6YLoduPf+kw== @@ -3619,7 +3372,7 @@ delegates@^1.0.0: resolved "https://registry.yarnpkg.com/delegates/-/delegates-1.0.0.tgz#84c6e159b81904fdca59a0ef44cd870d31250f9a" integrity sha1-hMbhWbgZBP3KWaDvRM2HDTElD5o= -depd@~1.1.2: +depd@^1.1.2, depd@~1.1.2: version "1.1.2" resolved "https://registry.yarnpkg.com/depd/-/depd-1.1.2.tgz#9bcd52e14c097763e749b274c4346ed2e560b5a9" integrity sha1-m81S4UwJd2PnSbJ0xDRu0uVgtak= @@ -3679,13 +3432,6 @@ difflib@~0.2.1: dependencies: heap ">= 0.2.0" -dir-glob@^2.2.2: - version "2.2.2" - resolved "https://registry.yarnpkg.com/dir-glob/-/dir-glob-2.2.2.tgz#fa09f0694153c8918b18ba0deafae94769fc50c4" - integrity sha512-f9LBi5QWzIW3I6e//uxZoLBlUt9kcp66qo0sSCxL6YZKc75R1c4MFCoe/LaZiBGmgujvQdxc5Bn3QhfyvK5Hsw== - dependencies: - path-type "^3.0.0" - dir-glob@^3.0.1: version "3.0.1" resolved "https://registry.yarnpkg.com/dir-glob/-/dir-glob-3.0.1.tgz#56dbf73d992a4a93ba1584f4534063fd2e41717f" @@ -3720,13 +3466,6 @@ domexception@^2.0.1: dependencies: webidl-conversions "^5.0.0" -dot-prop@^4.2.0: - version "4.2.1" - resolved "https://registry.yarnpkg.com/dot-prop/-/dot-prop-4.2.1.tgz#45884194a71fc2cda71cbb4bceb3a4dd2f433ba4" - integrity sha512-l0p4+mIuJIua0mhxGoh4a+iNL9bmeK5DvnSVQa6T0OhrVmaEa1XScX5Etc673FePCJOArq/4Pa2cLGODUWTPOQ== - dependencies: - is-obj "^1.0.0" - dot-prop@^5.1.0: version "5.3.0" resolved "https://registry.yarnpkg.com/dot-prop/-/dot-prop-5.3.0.tgz#90ccce708cd9cd82cc4dc8c3ddd9abdd55b20e88" @@ -3734,6 +3473,13 @@ dot-prop@^5.1.0: dependencies: is-obj "^2.0.0" +dot-prop@^6.0.1: + version "6.0.1" + resolved "https://registry.yarnpkg.com/dot-prop/-/dot-prop-6.0.1.tgz#fc26b3cf142b9e59b74dbd39ed66ce620c681083" + integrity sha512-tE7ztYzXHIeyvc7N+hR3oi7FIbf/NIjVP9hmAt3yMXzrQ072/fpjGLx2GxNxGxUl5V73MEqYzioOMoVhGMJ5cA== + dependencies: + is-obj "^2.0.0" + dotenv-json@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/dotenv-json/-/dotenv-json-1.0.0.tgz#fc7f672aafea04bed33818733b9f94662332815c" @@ -3764,16 +3510,6 @@ duplexer@^0.1.1: resolved "https://registry.yarnpkg.com/duplexer/-/duplexer-0.1.2.tgz#3abe43aef3835f8ae077d136ddce0f276b0400e6" integrity sha512-jtD6YG370ZCIi/9GTaJKQxWTZD045+4R4hTk/x1UyoqadyJ9x9CgSi1RlVDQF8U2sxLLSnFkCaMihqljHIWgMg== -duplexify@^3.4.2, duplexify@^3.6.0: - version "3.7.1" - resolved "https://registry.yarnpkg.com/duplexify/-/duplexify-3.7.1.tgz#2a4df5317f6ccfd91f86d6fd25d8d8a103b88309" - integrity sha512-07z8uv2wMyS51kKhD1KsdXJg5WQ6t93RneqRxUHnskXVtlYYkLqM0gqStQZ3pj073g687jPCHrqNfCzawLYh5g== - dependencies: - end-of-stream "^1.0.0" - inherits "^2.0.1" - readable-stream "^2.0.0" - stream-shift "^1.0.0" - ecc-jsbn@~0.1.1: version "0.1.2" resolved "https://registry.yarnpkg.com/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz#3a83a904e54353287874c564b7549386849a98c9" @@ -3807,14 +3543,14 @@ emoji-regex@^8.0.0: resolved "https://registry.yarnpkg.com/emoji-regex/-/emoji-regex-8.0.0.tgz#e818fd69ce5ccfcb404594f842963bf53164cc37" integrity sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A== -encoding@^0.1.11: +encoding@^0.1.12: version "0.1.13" resolved "https://registry.yarnpkg.com/encoding/-/encoding-0.1.13.tgz#56574afdd791f54a8e9b2785c0582a2d26210fa9" integrity sha512-ETBauow1T35Y/WZMkio9jiM0Z5xjHHmJ4XmjZOq1l/dXz3lr2sRn87nJy20RupqSh1F2m3HHPSp8ShIPQJrJ3A== dependencies: iconv-lite "^0.6.2" -end-of-stream@^1.0.0, end-of-stream@^1.1.0, end-of-stream@^1.4.1: +end-of-stream@^1.1.0, end-of-stream@^1.4.1: version "1.4.4" resolved "https://registry.yarnpkg.com/end-of-stream/-/end-of-stream-1.4.4.tgz#5ae64a5f45057baf3626ec14da0ca5e4b2431eb0" integrity sha512-+uw1inIHVPQoaVuHzRyXd21icM+cnt4CzD5rW+NC1wjOUSTOs+Te7FOv7AhN7vS9x/oIyhLP5PR1H+phQAHu5Q== @@ -3843,15 +3579,15 @@ env-paths@^2.2.0: resolved "https://registry.yarnpkg.com/env-paths/-/env-paths-2.2.1.tgz#420399d416ce1fbe9bc0a07c62fa68d67fd0f8f2" integrity sha512-+h1lkLKhZMTYjog1VEpJNG7NZJWcuc2DDk/qsqSTRRCOXiLjeQ1d1/udrUGhqMxUgAlwKNZ0cf2uqan5GLuS2A== -envinfo@^7.3.1: +envinfo@^7.7.4: version "7.7.4" resolved "https://registry.yarnpkg.com/envinfo/-/envinfo-7.7.4.tgz#c6311cdd38a0e86808c1c9343f667e4267c4a320" integrity sha512-TQXTYFVVwwluWSFis6K2XKxgrD22jEv0FTuLCQI+OjH7rn93+iY0fSSFM5lrSxFY+H1+B0/cvvlamr3UsBivdQ== -err-code@^1.0.0: - version "1.1.2" - resolved "https://registry.yarnpkg.com/err-code/-/err-code-1.1.2.tgz#06e0116d3028f6aef4806849eb0ea6a748ae6960" - integrity sha1-BuARbTAo9q70gGhJ6w6mp0iuaWA= +err-code@^2.0.2: + version "2.0.3" + resolved "https://registry.yarnpkg.com/err-code/-/err-code-2.0.3.tgz#23c2f3b756ffdfc608d30e27c9a941024807e7f9" + integrity sha512-2bmlRpNKBxT/CRmPOlyISQpNj+qSeYvcym/uT0Jx2bMOlKLtSy1ZmLuVxSEKKyor/N5yhvp/ZiG1oE3DEYMSFA== error-ex@^1.2.0, error-ex@^1.3.1: version "1.3.2" @@ -3915,18 +3651,6 @@ es6-error@^4.0.1: resolved "https://registry.yarnpkg.com/es6-error/-/es6-error-4.1.1.tgz#9e3af407459deed47e9a91f9b885a84eb05c561d" integrity sha512-Um/+FxMr9CISWh0bi5Zv0iOD+4cFh5qLeks1qhAopKVAJw3drgKbKySikp7wGhDL0HPeaja0P5ULZrxLkniUVg== -es6-promise@^4.0.3: - version "4.2.8" - resolved "https://registry.yarnpkg.com/es6-promise/-/es6-promise-4.2.8.tgz#4eb21594c972bc40553d276e510539143db53e0a" - integrity sha512-HJDGx5daxeIvxdBxvG2cb9g4tEvwIk3i8+nhX0yGrYmZUzbkdg8QbDevheDB8gd0//uPj4c1EQua8Q+MViT0/w== - -es6-promisify@^5.0.0: - version "5.0.0" - resolved "https://registry.yarnpkg.com/es6-promisify/-/es6-promisify-5.0.0.tgz#5109d62f3e56ea967c4b63505aef08291c8a5203" - integrity sha1-UQnWLz5W6pZ8S2NQWu8IKRyKUgM= - dependencies: - es6-promise "^4.0.3" - esbuild@^0.9.3: version "0.9.3" resolved "https://registry.yarnpkg.com/esbuild/-/esbuild-0.9.3.tgz#09293a0b824159c6aa2488d1c6c22f57d8448f74" @@ -3952,7 +3676,7 @@ escape-string-regexp@^4.0.0: resolved "https://registry.yarnpkg.com/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz#14ba83a5d373e3d311e5afca29cf5bfad965bf34" integrity sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA== -escodegen@^1.8.1: +escodegen@^1.14.1, escodegen@^1.8.1: version "1.14.3" resolved "https://registry.yarnpkg.com/escodegen/-/escodegen-1.14.3.tgz#4e7b81fba61581dc97582ed78cab7f0e8d63f503" integrity sha512-qFcX0XJkdg+PB3xjZZG/wKSuT1PnQWx57+TVSjIMmILd2yC/6ByYElPwJnslDsuWuSAp4AwJGumarAAmJch5Kw== @@ -3964,18 +3688,6 @@ escodegen@^1.8.1: optionalDependencies: source-map "~0.6.1" -escodegen@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/escodegen/-/escodegen-2.0.0.tgz#5e32b12833e8aa8fa35e1bf0befa89380484c7dd" - integrity sha512-mmHKys/C8BFUGI+MAWNcSYoORYLMdPzjrknd2Vc+bUsjN5bXcr8EhrNB+UTqfL1y3I9c4fw2ihgtMPQLBRiQxw== - dependencies: - esprima "^4.0.1" - estraverse "^5.2.0" - esutils "^2.0.2" - optionator "^0.8.1" - optionalDependencies: - source-map "~0.6.1" - eslint-config-standard@^14.1.1: version "14.1.1" resolved "https://registry.yarnpkg.com/eslint-config-standard/-/eslint-config-standard-14.1.1.tgz#830a8e44e7aef7de67464979ad06b406026c56ea" @@ -4185,10 +3897,10 @@ esutils@^2.0.2: resolved "https://registry.yarnpkg.com/esutils/-/esutils-2.0.3.tgz#74d2eb4de0b8da1293711910d50775b9b710ef64" integrity sha512-kVscqXk4OCp68SZ0dkgEKVi6/8ij300KBWTJq32P/dYeWTSwK41WyTxalN1eRmA5Z9UU/LX9D7FWSmV9SAYx6g== -eventemitter3@^3.1.0: - version "3.1.2" - resolved "https://registry.yarnpkg.com/eventemitter3/-/eventemitter3-3.1.2.tgz#2d3d48f9c346698fce83a85d7d664e98535df6e7" - integrity sha512-tvtQIeLVHjDkJYnzf2dgVMxfuSGJeM/7UCG17TT4EumTfNtF+0nebF/4zWOIkCreAbtNqhGEboB6BWrwqNaw4Q== +eventemitter3@^4.0.4: + version "4.0.7" + resolved "https://registry.yarnpkg.com/eventemitter3/-/eventemitter3-4.0.7.tgz#2de9b68f6528d5644ef5c59526a1b4a07306169f" + integrity sha512-8guHBZCwKnFhYdHr2ysuRWErTwhoN2X8XELRlrRwpmfeY2jjuUN4taQMsULKUVo1K4DvZl+0pgfyoysHxvmvEw== events-to-array@^1.0.1: version "1.1.2" @@ -4233,6 +3945,21 @@ execa@^4.0.0: signal-exit "^3.0.2" strip-final-newline "^2.0.0" +execa@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/execa/-/execa-5.0.0.tgz#4029b0007998a841fbd1032e5f4de86a3c1e3376" + integrity sha512-ov6w/2LCiuyO4RLYGdpFGjkcs0wMTgGE8PrkTHikeUy5iJekXyPIKUjifk5CsE0pt7sMCrMZ3YNqoCj6idQOnQ== + dependencies: + cross-spawn "^7.0.3" + get-stream "^6.0.0" + human-signals "^2.1.0" + is-stream "^2.0.0" + merge-stream "^2.0.0" + npm-run-path "^4.0.1" + onetime "^5.1.2" + signal-exit "^3.0.3" + strip-final-newline "^2.0.0" + exit-on-epipe@~1.0.1: version "1.0.1" resolved "https://registry.yarnpkg.com/exit-on-epipe/-/exit-on-epipe-1.0.1.tgz#0bdd92e87d5285d267daa8171d0eb06159689692" @@ -4338,18 +4065,6 @@ fast-deep-equal@^3.1.1, fast-deep-equal@^3.1.3: resolved "https://registry.yarnpkg.com/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz#3a7d56b559d6cbc3eb512325244e619a65c6c525" integrity sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q== -fast-glob@^2.2.6: - version "2.2.7" - resolved "https://registry.yarnpkg.com/fast-glob/-/fast-glob-2.2.7.tgz#6953857c3afa475fff92ee6015d52da70a4cd39d" - integrity sha512-g1KuQwHOZAmOZMuBtHdxDtju+T2RT8jgCC9aANsbpdiDDTSnjgfuVsIBNKbUeJI3oKMRExcfNDtJl4OhbffMsw== - dependencies: - "@mrmlnc/readdir-enhanced" "^2.2.1" - "@nodelib/fs.stat" "^1.1.2" - glob-parent "^3.1.0" - is-glob "^4.0.0" - merge2 "^1.2.3" - micromatch "^3.1.10" - fast-glob@^3.1.1: version "3.2.5" resolved "https://registry.yarnpkg.com/fast-glob/-/fast-glob-3.2.5.tgz#7939af2a656de79a4f1901903ee8adcaa7cb9661" @@ -4398,19 +4113,7 @@ fb-watchman@^2.0.0: dependencies: bser "2.1.1" -figgy-pudding@^3.4.1, figgy-pudding@^3.5.1: - version "3.5.2" - resolved "https://registry.yarnpkg.com/figgy-pudding/-/figgy-pudding-3.5.2.tgz#b4eee8148abb01dcf1d1ac34367d59e12fa61d6e" - integrity sha512-0btnI/H8f2pavGMN8w40mlSKOfTK2SVJmBfBeVIj3kNw0swwgzyRq0d5TJVOwodFmtvpPeWPN/MCcfuWF0Ezbw== - -figures@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/figures/-/figures-2.0.0.tgz#3ab1a2d2a62c8bfb431a0c94cb797a2fce27c962" - integrity sha1-OrGi0qYsi/tDGgyUy3l6L84nyWI= - dependencies: - escape-string-regexp "^1.0.5" - -figures@^3.1.0: +figures@^3.0.0, figures@^3.1.0: version "3.2.0" resolved "https://registry.yarnpkg.com/figures/-/figures-3.2.0.tgz#625c18bd293c604dc4a8ddb2febf0c88341746af" integrity sha512-yaduQFRKLXYOGgEn6AZau90j3ggSOyiqXU0F9JZfeXYhNa+Jk4X+s45A2zg5jns87GAFa34BBm2kXw4XpNcbdg== @@ -4533,14 +4236,6 @@ flatted@^3.1.0: resolved "https://registry.yarnpkg.com/flatted/-/flatted-3.1.1.tgz#c4b489e80096d9df1dfc97c79871aea7c617c469" integrity sha512-zAoAQiudy+r5SvnSw3KJy5os/oRJYHzrzja/tBDqrZtNhUw8bt6y8OBzMWcjWr+8liV8Eb6yOhw8WZ7VFZ5ZzA== -flush-write-stream@^1.0.0: - version "1.1.1" - resolved "https://registry.yarnpkg.com/flush-write-stream/-/flush-write-stream-1.1.1.tgz#8dd7d873a1babc207d94ead0c2e0e44276ebf2e8" - integrity sha512-3Z4XhFZ3992uIq0XOqb9AreonueSYphE6oYbpt5+3u06JWklbsPkNv3ZKkP9Bz/r+1MWCaMoSQ28P85+1Yc77w== - dependencies: - inherits "^2.0.3" - readable-stream "^2.3.6" - follow-redirects@^1.10.0, follow-redirects@^1.11.0: version "1.13.3" resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.13.3.tgz#e5598ad50174c1bc4e872301e82ac2cd97f90267" @@ -4593,14 +4288,6 @@ fragment-cache@^0.2.1: dependencies: map-cache "^0.2.2" -from2@^2.1.0: - version "2.3.0" - resolved "https://registry.yarnpkg.com/from2/-/from2-2.3.0.tgz#8bfb5502bde4a4d36cfdeea007fcca21d7e382af" - integrity sha1-i/tVAr3kpNNs/e6gB/zKIdfjgq8= - dependencies: - inherits "^2.0.1" - readable-stream "^2.0.0" - fromentries@^1.2.0: version "1.3.2" resolved "https://registry.yarnpkg.com/fromentries/-/fromentries-1.3.2.tgz#e4bca6808816bf8f93b52750f1127f5a6fd86e3a" @@ -4649,15 +4336,12 @@ fs-minipass@^1.2.5: dependencies: minipass "^2.6.0" -fs-write-stream-atomic@^1.0.8: - version "1.0.10" - resolved "https://registry.yarnpkg.com/fs-write-stream-atomic/-/fs-write-stream-atomic-1.0.10.tgz#b47df53493ef911df75731e70a9ded0189db40c9" - integrity sha1-tH31NJPvkR33VzHnCp3tAYnbQMk= +fs-minipass@^2.0.0, fs-minipass@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/fs-minipass/-/fs-minipass-2.1.0.tgz#7f5036fdbf12c63c169190cbe4199c852271f9fb" + integrity sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg== dependencies: - graceful-fs "^4.1.2" - iferr "^0.1.5" - imurmurhash "^0.1.4" - readable-stream "1 || 2" + minipass "^3.0.0" fs.realpath@^1.0.0: version "1.0.0" @@ -4706,11 +4390,6 @@ gauge@~2.7.3: strip-ansi "^3.0.1" wide-align "^1.1.0" -genfun@^5.0.0: - version "5.0.0" - resolved "https://registry.yarnpkg.com/genfun/-/genfun-5.0.0.tgz#9dd9710a06900a5c4a5bf57aca5da4e52fe76537" - integrity sha512-KGDOARWVga7+rnB3z9Sd2Letx515owfk0hSxHGuqjANb1M+x2bGZGqHLiozPsYMdM2OubeMni/Hpwmjq6qIUhA== - gensync@^1.0.0-beta.2: version "1.0.0-beta.2" resolved "https://registry.yarnpkg.com/gensync/-/gensync-1.0.0-beta.2.tgz#32a6ee76c3d7f52d46b2b1ae5d93fea8580a25e0" @@ -4746,10 +4425,10 @@ get-pkg-repo@^1.0.0: parse-github-repo-url "^1.3.0" through2 "^2.0.0" -get-port@^4.2.0: - version "4.2.0" - resolved "https://registry.yarnpkg.com/get-port/-/get-port-4.2.0.tgz#e37368b1e863b7629c43c5a323625f95cf24b119" - integrity sha512-/b3jarXkH8KJoOMQc3uVGHASwGLPq3gSFJ7tgJm2diza+bydJPTGOibin2steecKeOylE8oY2JERlVWkAJO6yw== +get-port@^5.1.1: + version "5.1.1" + resolved "https://registry.yarnpkg.com/get-port/-/get-port-5.1.1.tgz#0469ed07563479de6efb986baf053dcd7d4e3193" + integrity sha512-g/Q1aTSDOxFpchXC4i8ZWvxA1lnPqx/JHqcpIw0/LX9T8x/GBbi6YnlN5nhaKIFkT8oFsscUKgDJYxfwfS6QsQ== get-stdin@^4.0.1: version "4.0.1" @@ -4761,7 +4440,7 @@ get-stdin@~8.0.0: resolved "https://registry.yarnpkg.com/get-stdin/-/get-stdin-8.0.0.tgz#cbad6a73feb75f6eeb22ba9e01f89aa28aa97a53" integrity sha512-sY22aA6xchAzprjyqmSEQv4UbAAzRN0L2dQB0NlN5acTTK9Don6nhoc3eAbUnpZiCANAMfd/+40kVdKfFygohg== -get-stream@^4.0.0, get-stream@^4.1.0: +get-stream@^4.0.0: version "4.1.0" resolved "https://registry.yarnpkg.com/get-stream/-/get-stream-4.1.0.tgz#c1b255575f3dc21d59bfc79cd3d2b46b1c3a54b5" integrity sha512-GMat4EJ5161kIy2HevLlr4luNjBgvmj413KaQA7jt4V8B4RDsfpHk7WQ9GVqfYyyx8OS/L66Kox+rJRNklLK7w== @@ -4775,6 +4454,11 @@ get-stream@^5.0.0: dependencies: pump "^3.0.0" +get-stream@^6.0.0: + version "6.0.0" + resolved "https://registry.yarnpkg.com/get-stream/-/get-stream-6.0.0.tgz#3e0012cb6827319da2706e601a1583e8629a6718" + integrity sha512-A1B3Bh1UmL0bidM/YX2NsCOTnGJePL9rO/M+Mw3m9f2gUpfokS0hi5Eah0WSUEWZdZhIZtMjkIYS7mDfOqNHbg== + get-uri@3: version "3.0.2" resolved "https://registry.yarnpkg.com/get-uri/-/get-uri-3.0.2.tgz#f0ef1356faabc70e1f9404fa3b66b2ba9bfc725c" @@ -4799,17 +4483,6 @@ getpass@^0.1.1: dependencies: assert-plus "^1.0.0" -git-raw-commits@2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/git-raw-commits/-/git-raw-commits-2.0.0.tgz#d92addf74440c14bcc5c83ecce3fb7f8a79118b5" - integrity sha512-w4jFEJFgKXMQJ0H0ikBk2S+4KP2VEjhCvLCNqbNRQC8BgGWgLKNCO7a9K9LI+TVT7Gfoloje502sEnctibffgg== - dependencies: - dargs "^4.0.1" - lodash.template "^4.0.2" - meow "^4.0.0" - split2 "^2.0.0" - through2 "^2.0.0" - git-raw-commits@^2.0.8: version "2.0.10" resolved "https://registry.yarnpkg.com/git-raw-commits/-/git-raw-commits-2.0.10.tgz#e2255ed9563b1c9c3ea6bd05806410290297bbc1" @@ -4829,14 +4502,6 @@ git-remote-origin-url@^2.0.0: gitconfiglocal "^1.0.0" pify "^2.3.0" -git-semver-tags@^2.0.3: - version "2.0.3" - resolved "https://registry.yarnpkg.com/git-semver-tags/-/git-semver-tags-2.0.3.tgz#48988a718acf593800f99622a952a77c405bfa34" - integrity sha512-tj4FD4ww2RX2ae//jSrXZzrocla9db5h0V7ikPl1P/WwoZar9epdUhwR7XHXSgc+ZkNq72BEEerqQuicoEQfzA== - dependencies: - meow "^4.0.0" - semver "^6.0.0" - git-semver-tags@^4.0.0, git-semver-tags@^4.1.1: version "4.1.1" resolved "https://registry.yarnpkg.com/git-semver-tags/-/git-semver-tags-4.1.1.tgz#63191bcd809b0ec3e151ba4751c16c444e5b5780" @@ -4853,7 +4518,7 @@ git-up@^4.0.0: is-ssh "^1.3.0" parse-url "^5.0.0" -git-url-parse@^11.1.2: +git-url-parse@^11.4.4: version "11.4.4" resolved "https://registry.yarnpkg.com/git-url-parse/-/git-url-parse-11.4.4.tgz#5d747debc2469c17bc385719f7d0427802d83d77" integrity sha512-Y4o9o7vQngQDIU9IjyCmRJBin5iYjI5u9ZITnddRZpD7dcCFQj2sL2XuMNbLRE4b4B/4ENPsp2Q8P44fjAZ0Pw== @@ -4877,26 +4542,13 @@ github-api@^3.4.0: js-base64 "^2.1.9" utf8 "^2.1.1" -glob-parent@^3.1.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-3.1.0.tgz#9e6af6299d8d3bd2bd40430832bd113df906c5ae" - integrity sha1-nmr2KZ2NO9K9QEMIMr0RPfkGxa4= - dependencies: - is-glob "^3.1.0" - path-dirname "^1.0.0" - -glob-parent@^5.0.0, glob-parent@^5.1.0: +glob-parent@^5.0.0, glob-parent@^5.1.0, glob-parent@^5.1.1: version "5.1.2" resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-5.1.2.tgz#869832c58034fe68a4093c17dc15e8340d8401c4" integrity sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow== dependencies: is-glob "^4.0.1" -glob-to-regexp@^0.3.0: - version "0.3.0" - resolved "https://registry.yarnpkg.com/glob-to-regexp/-/glob-to-regexp-0.3.0.tgz#8c5a1494d2066c570cc3bfe4496175acc4d502ab" - integrity sha1-jFoUlNIGbFcMw7/kSWF1rMTVAqs= - glob@^7.0.0, glob@^7.0.5, glob@^7.1.1, glob@^7.1.2, glob@^7.1.3, glob@^7.1.4, glob@^7.1.6, glob@~7.1.6: version "7.1.6" resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.6.tgz#141f33b81a7c2492e125594307480c46679278a6" @@ -4928,7 +4580,7 @@ globals@^13.6.0: dependencies: type-fest "^0.20.2" -globby@^11.0.1: +globby@^11.0.1, globby@^11.0.2: version "11.0.2" resolved "https://registry.yarnpkg.com/globby/-/globby-11.0.2.tgz#1af538b766a3b540ebfb58a32b2e2d5897321d83" integrity sha512-2ZThXDvvV8fYFRVIxnrMQBipZQDr7MxKAmQK1vujaj9/7eF0efG7BPUKJ7jP7G5SLF37xKDXvO4S/KKLj/Z0og== @@ -4940,21 +4592,7 @@ globby@^11.0.1: merge2 "^1.3.0" slash "^3.0.0" -globby@^9.2.0: - version "9.2.0" - resolved "https://registry.yarnpkg.com/globby/-/globby-9.2.0.tgz#fd029a706c703d29bdd170f4b6db3a3f7a7cb63d" - integrity sha512-ollPHROa5mcxDEkwg6bPt3QbEf4pDQSNtd6JPL1YvOvAo/7/0VAm9TccUeoTmarjPw4pfUthSCqcyfNB1I3ZSg== - dependencies: - "@types/glob" "^7.1.1" - array-union "^1.0.2" - dir-glob "^2.2.2" - fast-glob "^2.2.6" - glob "^7.1.3" - ignore "^4.0.3" - pify "^4.0.1" - slash "^2.0.0" - -graceful-fs@^4.1.11, graceful-fs@^4.1.15, graceful-fs@^4.1.2, graceful-fs@^4.1.6, graceful-fs@^4.2.0, graceful-fs@^4.2.2, graceful-fs@^4.2.4, graceful-fs@^4.2.6: +graceful-fs@^4.1.11, graceful-fs@^4.1.15, graceful-fs@^4.1.2, graceful-fs@^4.1.6, graceful-fs@^4.2.0, graceful-fs@^4.2.2, graceful-fs@^4.2.3, graceful-fs@^4.2.4, graceful-fs@^4.2.6: version "4.2.6" resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.2.6.tgz#ff040b2b0853b23c3d31027523706f1885d76bee" integrity sha512-nTnJ528pbqxYanhpDYsi4Rd8MAeaBA67+RZ10CM1m3bTAVFEDcd5AuA4a6W5YkGZ1iNXHzZz8T6TBKLeBuNriQ== @@ -5077,7 +4715,7 @@ hasha@^5.0.0: resolved "https://registry.yarnpkg.com/heap/-/heap-0.2.6.tgz#087e1f10b046932fc8594dd9e6d378afc9d1e5ac" integrity sha1-CH4fELBGky/IWU3Z5tN4r8nR5aw= -hosted-git-info@^2.1.4, hosted-git-info@^2.7.1: +hosted-git-info@^2.1.4: version "2.8.8" resolved "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-2.8.8.tgz#7539bd4bc1e0e0a895815a2e0262420b12858488" integrity sha512-f/wzC2QaWBs7t9IYqB4T3sR1xviIViXJRJTWBlx2Gf3g0Xi5vI7Yy4koXQ1c9OYDGHN9sBy1DQ2AB8fqZBWhUg== @@ -5089,6 +4727,13 @@ hosted-git-info@^4.0.0: dependencies: lru-cache "^6.0.0" +hosted-git-info@^4.0.1: + version "4.0.1" + resolved "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-4.0.1.tgz#710ef5452ea429a844abc33c981056e7371edab7" + integrity sha512-eT7NrxAsppPRQEBSwKSosReE+v8OzABwEScQYk5d4uxaEPlzxTIku7LINXtBGalthkLhJnq5lBI89PfK43zAKg== + dependencies: + lru-cache "^6.0.0" + html-encoding-sniffer@^2.0.1: version "2.0.1" resolved "https://registry.yarnpkg.com/html-encoding-sniffer/-/html-encoding-sniffer-2.0.1.tgz#42a6dc4fd33f00281176e8b23759ca4e4fa185f3" @@ -5101,10 +4746,10 @@ html-escaper@^2.0.0: resolved "https://registry.yarnpkg.com/html-escaper/-/html-escaper-2.0.2.tgz#dfd60027da36a36dfcbe236262c00a5822681453" integrity sha512-H2iMtd0I4Mt5eYiapRdIDjp+XzelXQ0tFE4JS7YFwFevXXMmOp9myNrUvCg0D6ws8iqkRPBfKHgbwig1SmlLfg== -http-cache-semantics@^3.8.1: - version "3.8.1" - resolved "https://registry.yarnpkg.com/http-cache-semantics/-/http-cache-semantics-3.8.1.tgz#39b0e16add9b605bf0a9ef3d9daaf4843b4cacd2" - integrity sha512-5ai2iksyV8ZXmnZhHH4rWPoxxistEexSi5936zIQ1bnNTW5VnA85B6P/VpXiRM017IgRvb2kKo1a//y+0wSp3w== +http-cache-semantics@^4.1.0: + version "4.1.0" + resolved "https://registry.yarnpkg.com/http-cache-semantics/-/http-cache-semantics-4.1.0.tgz#49e91c5cbf36c9b94bcfcd71c23d5249ec74e390" + integrity sha512-carPklcUh7ROWRK7Cv27RPtdhYhUsela/ue5/jKzjegVvXDqM2ILE9Q2BGn9JZJh1g87cp56su/FgQSzcWS8cQ== http-errors@1.7.3: version "1.7.3" @@ -5117,14 +4762,6 @@ http-errors@1.7.3: statuses ">= 1.5.0 < 2" toidentifier "1.0.0" -http-proxy-agent@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/http-proxy-agent/-/http-proxy-agent-2.1.0.tgz#e4821beef5b2142a2026bd73926fe537631c5405" - integrity sha512-qwHbBLV7WviBl0rQsOzH6o5lwyOIvwp/BdFnvVxXORldu5TmjFfjzBcWUWS5kWAZhmv+JtiDhSuQCp4sBfbIgg== - dependencies: - agent-base "4" - debug "3.1.0" - http-proxy-agent@^4.0.0, http-proxy-agent@^4.0.1: version "4.0.1" resolved "https://registry.yarnpkg.com/http-proxy-agent/-/http-proxy-agent-4.0.1.tgz#8a8c8ef7f5932ccf953c296ca8291b95aa74aa3a" @@ -5151,19 +4788,16 @@ https-proxy-agent@5, https-proxy-agent@^5.0.0: agent-base "6" debug "4" -https-proxy-agent@^2.2.3: - version "2.2.4" - resolved "https://registry.yarnpkg.com/https-proxy-agent/-/https-proxy-agent-2.2.4.tgz#4ee7a737abd92678a293d9b34a1af4d0d08c787b" - integrity sha512-OmvfoQ53WLjtA9HeYP9RNrWMJzzAz1JGaSFr1nijg0PVR1JaD/xbJq1mdEIIlxGpXp9eSe/O2LgU9DJmTPd0Eg== - dependencies: - agent-base "^4.3.0" - debug "^3.1.0" - human-signals@^1.1.1: version "1.1.1" resolved "https://registry.yarnpkg.com/human-signals/-/human-signals-1.1.1.tgz#c5b1cd14f50aeae09ab6c59fe63ba3395fe4dfa3" integrity sha512-SEQu7vl8KjNL2eoGBLF3+wAjpsNfA9XMlXAYj/3EdaNfAlxKthD1xjEQfGOUhllCGGJVNY34bRr6lPINhNjyZw== +human-signals@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/human-signals/-/human-signals-2.1.0.tgz#dc91fcba42e4d06e4abaed33b3e7a3c02f514ea0" + integrity sha512-B4FFZ6q/T2jhhksgkbEW3HBvWIfDW85snkQgawt07S7J5QXTk6BkNV+0yAeZrM5QpMAdYlocGoljn0sJ/WQkFw== + humanize-ms@^1.2.1: version "1.2.1" resolved "https://registry.yarnpkg.com/humanize-ms/-/humanize-ms-1.2.1.tgz#c46e3159a293f6b896da29316d8b6fe8bb79bbed" @@ -5195,19 +4829,14 @@ ieee754@^1.1.13, ieee754@^1.1.4: resolved "https://registry.yarnpkg.com/ieee754/-/ieee754-1.2.1.tgz#8eb7a10a63fff25d15a57b001586d177d1b0d352" integrity sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA== -iferr@^0.1.5: - version "0.1.5" - resolved "https://registry.yarnpkg.com/iferr/-/iferr-0.1.5.tgz#c60eed69e6d8fdb6b3104a1fcbca1c192dc5b501" - integrity sha1-xg7taebY/bazEEofy8ocGS3FtQE= - -ignore-walk@^3.0.1: +ignore-walk@^3.0.3: version "3.0.3" resolved "https://registry.yarnpkg.com/ignore-walk/-/ignore-walk-3.0.3.tgz#017e2447184bfeade7c238e4aefdd1e8f95b1e37" integrity sha512-m7o6xuOaT1aqheYHKf8W6J5pYH85ZI9w077erOzLje3JsB1gkafkAhHHY19dqjulgIZHFm32Cp5uNZgcQqdJKw== dependencies: minimatch "^3.0.4" -ignore@^4.0.3, ignore@^4.0.6: +ignore@^4.0.6: version "4.0.6" resolved "https://registry.yarnpkg.com/ignore/-/ignore-4.0.6.tgz#750e3db5862087b4737ebac8207ffd1ef27b25fc" integrity sha512-cyFDKrqc/YdcWFniJhzI42+AzS+gNwmUzOSFcRCQYwySuBBBy/KjuxWLZ/FHEH6Moq1NizMOBWyTcv8O4OZIMg== @@ -5222,14 +4851,6 @@ immediate@~3.0.5: resolved "https://registry.yarnpkg.com/immediate/-/immediate-3.0.6.tgz#9db1dbd0faf8de6fbe0f5dd5e56bb606280de69b" integrity sha1-nbHb0Pr43m++D13V5Wu2BigN5ps= -import-fresh@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/import-fresh/-/import-fresh-2.0.0.tgz#d81355c15612d386c61f9ddd3922d4304822a546" - integrity sha1-2BNVwVYS04bGH53dOSLUMEgipUY= - dependencies: - caller-path "^2.0.0" - resolve-from "^3.0.0" - import-fresh@^3.0.0, import-fresh@^3.2.1: version "3.3.0" resolved "https://registry.yarnpkg.com/import-fresh/-/import-fresh-3.3.0.tgz#37162c25fcb9ebaa2e6e53d5b4d88ce17d9e0c2b" @@ -5238,14 +4859,6 @@ import-fresh@^3.0.0, import-fresh@^3.2.1: parent-module "^1.0.0" resolve-from "^4.0.0" -import-local@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/import-local/-/import-local-2.0.0.tgz#55070be38a5993cf18ef6db7e961f5bee5c5a09d" - integrity sha512-b6s04m3O+s3CGSbqDIyP4R6aAwAeYlVq9+WUWep6iHa8ETRf9yei1U48C5MmfJmV9AiLYYBKPMq/W+/WRpQmCQ== - dependencies: - pkg-dir "^3.0.0" - resolve-cwd "^2.0.0" - import-local@^3.0.2: version "3.0.2" resolved "https://registry.yarnpkg.com/import-local/-/import-local-3.0.2.tgz#a8cfd0431d1de4a2199703d003e3e62364fa6db6" @@ -5266,17 +4879,12 @@ indent-string@^2.1.0: dependencies: repeating "^2.0.0" -indent-string@^3.0.0: - version "3.2.0" - resolved "https://registry.yarnpkg.com/indent-string/-/indent-string-3.2.0.tgz#4a5fd6d27cc332f37e5419a504dbb837105c9289" - integrity sha1-Sl/W0nzDMvN+VBmlBNu4NxBckok= - indent-string@^4.0.0: version "4.0.0" resolved "https://registry.yarnpkg.com/indent-string/-/indent-string-4.0.0.tgz#624f8f4497d619b2d9768531d58f4122854d7251" integrity sha512-EdDDZu4A2OyIK7Lr/2zG+w5jmbuk1DVBnEwREQvBzspBJkCEbRa8GxU1lghYcaGJCnRWibjDXlq779X1/y5xwg== -infer-owner@^1.0.3, infer-owner@^1.0.4: +infer-owner@^1.0.4: version "1.0.4" resolved "https://registry.yarnpkg.com/infer-owner/-/infer-owner-1.0.4.tgz#c4cefcaa8e51051c2a40ba2ce8a3d27295af9467" integrity sha512-IClj+Xz94+d7irH5qRyfJonOdfTzuDaifE6ZPWfx0N0+/ATZCbuTPq2prFl526urkQd90WyUKIh1DfBQ2hMz9A== @@ -5289,7 +4897,7 @@ inflight@^1.0.4: once "^1.3.0" wrappy "1" -inherits@2, inherits@2.0.4, inherits@^2.0.1, inherits@^2.0.3, inherits@^2.0.4, inherits@~2.0.1, inherits@~2.0.3: +inherits@2, inherits@2.0.4, inherits@^2.0.3, inherits@^2.0.4, inherits@~2.0.1, inherits@~2.0.3: version "2.0.4" resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.4.tgz#0fa2c64f932917c3433a0ded55363aae37416b7c" integrity sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ== @@ -5299,37 +4907,37 @@ ini@^1.3.2, ini@^1.3.4, ini@~1.3.0: resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.8.tgz#a29da425b48806f34767a4efce397269af28432c" integrity sha512-JV/yugV2uzW5iMRSiZAyDtQd+nxtUnjeLt0acNdw98kKLrvuRVyB80tsREOE7yvGVgalhZ6RNXCmEHkUKBKxew== -init-package-json@^1.10.3: - version "1.10.3" - resolved "https://registry.yarnpkg.com/init-package-json/-/init-package-json-1.10.3.tgz#45ffe2f610a8ca134f2bd1db5637b235070f6cbe" - integrity sha512-zKSiXKhQveNteyhcj1CoOP8tqp1QuxPIPBl8Bid99DGLFqA1p87M6lNgfjJHSBoWJJlidGOv5rWjyYKEB3g2Jw== +init-package-json@^2.0.2: + version "2.0.2" + resolved "https://registry.yarnpkg.com/init-package-json/-/init-package-json-2.0.2.tgz#d81a7e6775af9b618f20bba288e440b8d1ce05f3" + integrity sha512-PO64kVeArePvhX7Ff0jVWkpnE1DfGRvaWcStYrPugcJz9twQGYibagKJuIMHCX7ENcp0M6LJlcjLBuLD5KeJMg== dependencies: glob "^7.1.1" - npm-package-arg "^4.0.0 || ^5.0.0 || ^6.0.0" + npm-package-arg "^8.1.0" promzard "^0.3.0" read "~1.0.1" - read-package-json "1 || 2" - semver "2.x || 3.x || 4 || 5" - validate-npm-package-license "^3.0.1" + read-package-json "^3.0.0" + semver "^7.3.2" + validate-npm-package-license "^3.0.4" validate-npm-package-name "^3.0.0" -inquirer@^6.2.0: - version "6.5.2" - resolved "https://registry.yarnpkg.com/inquirer/-/inquirer-6.5.2.tgz#ad50942375d036d327ff528c08bd5fab089928ca" - integrity sha512-cntlB5ghuB0iuO65Ovoi8ogLHiWGs/5yNrtUcKjFhSSiVeAIVpD7koaSU9RM8mpXw5YDi9RdYXGQMaOURB7ycQ== +inquirer@^7.3.3: + version "7.3.3" + resolved "https://registry.yarnpkg.com/inquirer/-/inquirer-7.3.3.tgz#04d176b2af04afc157a83fd7c100e98ee0aad003" + integrity sha512-JG3eIAj5V9CwcGvuOmoo6LB9kbAYT8HXffUl6memuszlwDC/qvFAJw49XJ5NROSFNPxp3iQg1GqkFhaY/CR0IA== dependencies: - ansi-escapes "^3.2.0" - chalk "^2.4.2" - cli-cursor "^2.1.0" - cli-width "^2.0.0" + ansi-escapes "^4.2.1" + chalk "^4.1.0" + cli-cursor "^3.1.0" + cli-width "^3.0.0" external-editor "^3.0.3" - figures "^2.0.0" - lodash "^4.17.12" - mute-stream "0.0.7" - run-async "^2.2.0" - rxjs "^6.4.0" - string-width "^2.1.0" - strip-ansi "^5.1.0" + figures "^3.0.0" + lodash "^4.17.19" + mute-stream "0.0.8" + run-async "^2.4.0" + rxjs "^6.6.0" + string-width "^4.1.0" + strip-ansi "^6.0.0" through "^2.3.6" interpret@^1.0.0: @@ -5337,7 +4945,12 @@ interpret@^1.0.0: resolved "https://registry.yarnpkg.com/interpret/-/interpret-1.4.0.tgz#665ab8bc4da27a774a40584e812e3e0fa45b1a1e" integrity sha512-agE4QfB2Lkp9uICn7BAqoscw4SZP9kTE2hxiFI3jBPmXJfdqiahTbUuKGsMoN2GtqL9AxhYioAcVvgsb1HvRbA== -ip@1.1.5, ip@^1.1.5: +ip-regex@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/ip-regex/-/ip-regex-2.1.0.tgz#fa78bf5d2e6913c911ce9f819ee5146bb6d844e9" + integrity sha1-+ni/XS5pE8kRzp+BnuUUa7bYROk= + +ip@^1.1.5: version "1.1.5" resolved "https://registry.yarnpkg.com/ip/-/ip-1.1.5.tgz#bdded70114290828c0a039e72ef25f5aaec4354a" integrity sha1-vd7XARQpCCjAoDnnLvJfWq7ENUo= @@ -5441,11 +5054,6 @@ is-descriptor@^1.0.0, is-descriptor@^1.0.2: is-data-descriptor "^1.0.0" kind-of "^6.0.2" -is-directory@^0.3.1: - version "0.3.1" - resolved "https://registry.yarnpkg.com/is-directory/-/is-directory-0.3.1.tgz#61339b6f2475fc772fd9c9d83f5c8575dc154ae1" - integrity sha1-YTObbyR1/Hcv2cnYP1yFddwVSuE= - is-docker@^2.0.0: version "2.1.1" resolved "https://registry.yarnpkg.com/is-docker/-/is-docker-2.1.1.tgz#4125a88e44e450d384e09047ede71adc2d144156" @@ -5463,7 +5071,7 @@ is-extendable@^1.0.1: dependencies: is-plain-object "^2.0.4" -is-extglob@^2.1.0, is-extglob@^2.1.1: +is-extglob@^2.1.1: version "2.1.1" resolved "https://registry.yarnpkg.com/is-extglob/-/is-extglob-2.1.1.tgz#a88c02535791f02ed37c76a1b9ea9773c833f8c2" integrity sha1-qIwCU1eR8C7TfHahueqXc8gz+MI= @@ -5495,13 +5103,6 @@ is-generator-fn@^2.0.0: resolved "https://registry.yarnpkg.com/is-generator-fn/-/is-generator-fn-2.1.0.tgz#7d140adc389aaf3011a8f2a2a4cfa6faadffb118" integrity sha512-cTIB4yPYL/Grw0EaSzASzg6bBy9gqCofvWN8okThAYIxKJZC+udlRAmGbM0XLeniEJSs8uEgHPGuHSe1XsOLSQ== -is-glob@^3.1.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/is-glob/-/is-glob-3.1.0.tgz#7ba5ae24217804ac70707b96922567486cc3e84a" - integrity sha1-e6WuJCF4BKxwcHuWkiVnSGzD6Eo= - dependencies: - is-extglob "^2.1.0" - is-glob@^4.0.0, is-glob@^4.0.1: version "4.0.1" resolved "https://registry.yarnpkg.com/is-glob/-/is-glob-4.0.1.tgz#7567dbe9f2f5e2467bc77ab83c4a29482407a5dc" @@ -5509,6 +5110,11 @@ is-glob@^4.0.0, is-glob@^4.0.1: dependencies: is-extglob "^2.1.1" +is-lambda@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/is-lambda/-/is-lambda-1.0.1.tgz#3d9877899e6a53efc0160504cde15f82e6f061d5" + integrity sha1-PZh3iZ5qU+/AFgUEzeFfgubwYdU= + is-map@^2.0.1, is-map@^2.0.2: version "2.0.2" resolved "https://registry.yarnpkg.com/is-map/-/is-map-2.0.2.tgz#00922db8c9bf73e81b7a335827bc2a43f2b91127" @@ -5536,11 +5142,6 @@ is-number@^7.0.0: resolved "https://registry.yarnpkg.com/is-number/-/is-number-7.0.0.tgz#7535345b896734d5f80c4d06c50955527a14f12b" integrity sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng== -is-obj@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/is-obj/-/is-obj-1.0.1.tgz#3e4729ac1f5fde025cd7d83a896dab9f4f67db0f" - integrity sha1-PkcprB9f3gJc19g6iW2rn09n2w8= - is-obj@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/is-obj/-/is-obj-2.0.0.tgz#473fb05d973705e3fd9620545018ca8e22ef4982" @@ -5556,6 +5157,11 @@ is-plain-obj@^1.0.0, is-plain-obj@^1.1.0: resolved "https://registry.yarnpkg.com/is-plain-obj/-/is-plain-obj-1.1.0.tgz#71a50c8429dfca773c92a390a4a03b39fcd51d3e" integrity sha1-caUMhCnfync8kqOQpKA7OfzVHT4= +is-plain-obj@^2.0.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/is-plain-obj/-/is-plain-obj-2.1.0.tgz#45e42e37fccf1f40da8e5f76ee21515840c09287" + integrity sha512-YWnfyRwxL/+SsrWYfOpUtz5b3YD+nyfkHvjbcanzk8zgyO4ASD67uVMRt8k5bM4lLMDnXfriRhOpemw+NfT1eA== + is-plain-object@^2.0.3, is-plain-object@^2.0.4: version "2.0.4" resolved "https://registry.yarnpkg.com/is-plain-object/-/is-plain-object-2.0.4.tgz#2c163b3fafb1b606d9d17928f05c2a1c38e07677" @@ -5653,7 +5259,7 @@ is-weakset@^2.0.1: resolved "https://registry.yarnpkg.com/is-weakset/-/is-weakset-2.0.1.tgz#e9a0af88dbd751589f5e50d80f4c98b780884f83" integrity sha512-pi4vhbhVHGLxohUw7PhGsueT4vRGFoXhP7+RGN0jKIv9+8PWYCQTqtADngrxOm2g46hoH0+g8uZZBzMrvVGDmw== -is-windows@^1.0.0, is-windows@^1.0.2: +is-windows@^1.0.2: version "1.0.2" resolved "https://registry.yarnpkg.com/is-windows/-/is-windows-1.0.2.tgz#d1850eb9791ecd18e6182ce12a30f396634bb19d" integrity sha512-eXK1UInq2bPmjyX6e3VHIzMLobc4J94i4AWn+Hpq3OU5KkrRC96OAcR3PRJ/pGu6m8TRnBHP9dkXQVsT/COVIA== @@ -6350,7 +5956,7 @@ json-diff@^0.5.4: difflib "~0.2.1" dreamopt "~0.6.0" -json-parse-better-errors@^1.0.0, json-parse-better-errors@^1.0.1: +json-parse-better-errors@^1.0.1: version "1.0.2" resolved "https://registry.yarnpkg.com/json-parse-better-errors/-/json-parse-better-errors-1.0.2.tgz#bb867cfb3450e69107c131d1c514bab3dc8bcaa9" integrity sha512-mrqyZKfX5EhL7hvqcV6WG1yYjnjeuYDzDhhcAAUrq8Po85NBQBJP+ZDUT75qZQ98IkUoBqdkExkukOU7Ts2wrw== @@ -6432,7 +6038,7 @@ jsonify@~0.0.0: resolved "https://registry.yarnpkg.com/jsonify/-/jsonify-0.0.0.tgz#2c74b6ee41d93ca51b7b5aaee8f503631d252a73" integrity sha1-LHS27kHZPKUbe1qu6PUDYx0lKnM= -jsonparse@^1.2.0: +jsonparse@^1.2.0, jsonparse@^1.3.1: version "1.3.1" resolved "https://registry.yarnpkg.com/jsonparse/-/jsonparse-1.3.1.tgz#3f4dae4a91fac315f71062f8521cc239f1366280" integrity sha1-P02uSpH6wxX3EGL4UhzCOfE2YoA= @@ -6526,28 +6132,28 @@ lcov-parse@^1.0.0: resolved "https://registry.yarnpkg.com/lcov-parse/-/lcov-parse-1.0.0.tgz#eb0d46b54111ebc561acb4c408ef9363bdc8f7e0" integrity sha1-6w1GtUER68VhrLTECO+TY73I9+A= -lerna@^3.22.1: - version "3.22.1" - resolved "https://registry.yarnpkg.com/lerna/-/lerna-3.22.1.tgz#82027ac3da9c627fd8bf02ccfeff806a98e65b62" - integrity sha512-vk1lfVRFm+UuEFA7wkLKeSF7Iz13W+N/vFd48aW2yuS7Kv0RbNm2/qcDPV863056LMfkRlsEe+QYOw3palj5Lg== - dependencies: - "@lerna/add" "3.21.0" - "@lerna/bootstrap" "3.21.0" - "@lerna/changed" "3.21.0" - "@lerna/clean" "3.21.0" - "@lerna/cli" "3.18.5" - "@lerna/create" "3.22.0" - "@lerna/diff" "3.21.0" - "@lerna/exec" "3.21.0" - "@lerna/import" "3.22.0" - "@lerna/info" "3.21.0" - "@lerna/init" "3.21.0" - "@lerna/link" "3.21.0" - "@lerna/list" "3.21.0" - "@lerna/publish" "3.22.1" - "@lerna/run" "3.21.0" - "@lerna/version" "3.22.1" - import-local "^2.0.0" +lerna@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/lerna/-/lerna-4.0.0.tgz#b139d685d50ea0ca1be87713a7c2f44a5b678e9e" + integrity sha512-DD/i1znurfOmNJb0OBw66NmNqiM8kF6uIrzrJ0wGE3VNdzeOhz9ziWLYiRaZDGGwgbcjOo6eIfcx9O5Qynz+kg== + dependencies: + "@lerna/add" "4.0.0" + "@lerna/bootstrap" "4.0.0" + "@lerna/changed" "4.0.0" + "@lerna/clean" "4.0.0" + "@lerna/cli" "4.0.0" + "@lerna/create" "4.0.0" + "@lerna/diff" "4.0.0" + "@lerna/exec" "4.0.0" + "@lerna/import" "4.0.0" + "@lerna/info" "4.0.0" + "@lerna/init" "4.0.0" + "@lerna/link" "4.0.0" + "@lerna/list" "4.0.0" + "@lerna/publish" "4.0.0" + "@lerna/run" "4.0.0" + "@lerna/version" "4.0.0" + import-local "^3.0.2" npmlog "^4.1.2" leven@^3.1.0: @@ -6571,6 +6177,27 @@ levn@~0.3.0: prelude-ls "~1.1.2" type-check "~0.3.2" +libnpmaccess@^4.0.1: + version "4.0.1" + resolved "https://registry.yarnpkg.com/libnpmaccess/-/libnpmaccess-4.0.1.tgz#17e842e03bef759854adf6eb6c2ede32e782639f" + integrity sha512-ZiAgvfUbvmkHoMTzdwmNWCrQRsDkOC+aM5BDfO0C9aOSwF3R1LdFDBD+Rer1KWtsoQYO35nXgmMR7OUHpDRxyA== + dependencies: + aproba "^2.0.0" + minipass "^3.1.1" + npm-package-arg "^8.0.0" + npm-registry-fetch "^9.0.0" + +libnpmpublish@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/libnpmpublish/-/libnpmpublish-4.0.0.tgz#ad6413914e0dfd78df868ce14ba3d3a4cc8b385b" + integrity sha512-2RwYXRfZAB1x/9udKpZmqEzSqNd7ouBRU52jyG14/xG8EF+O9A62d7/XVR3iABEQHf1iYhkm0Oq9iXjrL3tsXA== + dependencies: + normalize-package-data "^3.0.0" + npm-package-arg "^8.1.0" + npm-registry-fetch "^9.0.0" + semver "^7.1.3" + ssri "^8.0.0" + lie@~3.3.0: version "3.3.0" resolved "https://registry.yarnpkg.com/lie/-/lie-3.3.0.tgz#dcf82dee545f46074daf200c7c1c5a08e0f40f6a" @@ -6621,16 +6248,15 @@ load-json-file@^4.0.0: pify "^3.0.0" strip-bom "^3.0.0" -load-json-file@^5.3.0: - version "5.3.0" - resolved "https://registry.yarnpkg.com/load-json-file/-/load-json-file-5.3.0.tgz#4d3c1e01fa1c03ea78a60ac7af932c9ce53403f3" - integrity sha512-cJGP40Jc/VXUsp8/OrnyKyTZ1y6v/dphm3bioS+RrKXjK2BB6wHUd6JptZEFDGgGahMT+InnZO5i1Ei9mpC8Bw== +load-json-file@^6.2.0: + version "6.2.0" + resolved "https://registry.yarnpkg.com/load-json-file/-/load-json-file-6.2.0.tgz#5c7770b42cafa97074ca2848707c61662f4251a1" + integrity sha512-gUD/epcRms75Cw8RT1pUdHugZYM5ce64ucs2GEISABwkRsOQr0q2wm/MV2TKThycIe5e0ytRweW2RZxclogCdQ== dependencies: graceful-fs "^4.1.15" - parse-json "^4.0.0" - pify "^4.0.1" - strip-bom "^3.0.0" - type-fest "^0.3.0" + parse-json "^5.0.0" + strip-bom "^4.0.0" + type-fest "^0.6.0" locate-path@^2.0.0: version "2.0.0" @@ -6667,11 +6293,6 @@ lodash._reinterpolate@^3.0.0: resolved "https://registry.yarnpkg.com/lodash._reinterpolate/-/lodash._reinterpolate-3.0.0.tgz#0ccf2d89166af03b3663c796538b75ac6e114d9d" integrity sha1-DM8tiRZq8Ds2Y8eWU4t1rG4RTZ0= -lodash.clonedeep@^4.5.0: - version "4.5.0" - resolved "https://registry.yarnpkg.com/lodash.clonedeep/-/lodash.clonedeep-4.5.0.tgz#e23f3f9c4f8fbdde872529c1071857a086e5ccef" - integrity sha1-4j8/nE+Pvd6HJSnBBxhXoIblzO8= - lodash.defaults@^4.2.0: version "4.2.0" resolved "https://registry.yarnpkg.com/lodash.defaults/-/lodash.defaults-4.2.0.tgz#d09178716ffea4dde9e5fb7b37f6f0802274580c" @@ -6722,7 +6343,7 @@ lodash.sortby@^4.7.0: resolved "https://registry.yarnpkg.com/lodash.sortby/-/lodash.sortby-4.7.0.tgz#edd14c824e2cc9c1e0b0a1b42bb5210516a42438" integrity sha1-7dFMgk4sycHgsKG0K7UhBRakJDg= -lodash.template@^4.0.2, lodash.template@^4.5.0: +lodash.template@^4.5.0: version "4.5.0" resolved "https://registry.yarnpkg.com/lodash.template/-/lodash.template-4.5.0.tgz#f976195cf3f347d0d5f52483569fe8031ccce8ab" integrity sha512-84vYFxIkmidUiFxidA/KjjH9pAycqW+h980j7Fuz5qxRtO9pgB7MDFTdys1N7A5mcucRiDyEq4fusljItR1T/A== @@ -6742,12 +6363,7 @@ lodash.union@^4.6.0: resolved "https://registry.yarnpkg.com/lodash.union/-/lodash.union-4.6.0.tgz#48bb5088409f16f1821666641c44dd1aaae3cd88" integrity sha1-SLtQiECfFvGCFmZkHETdGqrjzYg= -lodash.uniq@^4.5.0: - version "4.5.0" - resolved "https://registry.yarnpkg.com/lodash.uniq/-/lodash.uniq-4.5.0.tgz#d0225373aeb652adc1bc82e4945339a842754773" - integrity sha1-0CJTc662Uq3BvILklFM5qEJ1R3M= - -lodash@4.x, lodash@^4.17.12, lodash@^4.17.15, lodash@^4.17.19, lodash@^4.17.20, lodash@^4.17.21, lodash@^4.2.1: +lodash@4.x, lodash@^4.17.15, lodash@^4.17.19, lodash@^4.17.20, lodash@^4.17.21: version "4.17.21" resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.21.tgz#679591c564c3bffaae8454cf0b3df370c3d6911c" integrity sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg== @@ -6798,18 +6414,6 @@ lru-cache@^6.0.0: dependencies: yallist "^4.0.0" -macos-release@^2.2.0: - version "2.4.1" - resolved "https://registry.yarnpkg.com/macos-release/-/macos-release-2.4.1.tgz#64033d0ec6a5e6375155a74b1a1eba8e509820ac" - integrity sha512-H/QHeBIN1fIGJX517pvK8IEK53yQOW7YcEI55oYtgjDdoCQQz7eJS94qt5kNrscReEyuD/JcdFCm2XBEcGOITg== - -make-dir@^1.0.0: - version "1.3.0" - resolved "https://registry.yarnpkg.com/make-dir/-/make-dir-1.3.0.tgz#79c1033b80515bd6d24ec9933e860ca75ee27f0c" - integrity sha512-2w31R7SJtieJJnQtGc7RVL2StM2vGYVfqUOvUDxH6bC6aJTxPxTF0GnIgCyu7tjockiUWAYQRbxa7vKn34s5sQ== - dependencies: - pify "^3.0.0" - make-dir@^2.0.0, make-dir@^2.1.0: version "2.1.0" resolved "https://registry.yarnpkg.com/make-dir/-/make-dir-2.1.0.tgz#5f0310e18b8be898cc07009295a30ae41e91e6f5" @@ -6830,22 +6434,26 @@ make-error@1.x, make-error@^1.1.1: resolved "https://registry.yarnpkg.com/make-error/-/make-error-1.3.6.tgz#2eb2e37ea9b67c4891f684a1394799af484cf7a2" integrity sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw== -make-fetch-happen@^5.0.0: - version "5.0.2" - resolved "https://registry.yarnpkg.com/make-fetch-happen/-/make-fetch-happen-5.0.2.tgz#aa8387104f2687edca01c8687ee45013d02d19bd" - integrity sha512-07JHC0r1ykIoruKO8ifMXu+xEU8qOXDFETylktdug6vJDACnP+HKevOu3PXyNPzFyTSlz8vrBYlBO1JZRe8Cag== - dependencies: - agentkeepalive "^3.4.1" - cacache "^12.0.0" - http-cache-semantics "^3.8.1" - http-proxy-agent "^2.1.0" - https-proxy-agent "^2.2.3" - lru-cache "^5.1.1" - mississippi "^3.0.0" - node-fetch-npm "^2.0.2" - promise-retry "^1.1.1" - socks-proxy-agent "^4.0.0" - ssri "^6.0.0" +make-fetch-happen@^8.0.9: + version "8.0.14" + resolved "https://registry.yarnpkg.com/make-fetch-happen/-/make-fetch-happen-8.0.14.tgz#aaba73ae0ab5586ad8eaa68bd83332669393e222" + integrity sha512-EsS89h6l4vbfJEtBZnENTOFk8mCRpY5ru36Xe5bcX1KYIli2mkSHqoFsp5O1wMDvTJJzxe/4THpCTtygjeeGWQ== + dependencies: + agentkeepalive "^4.1.3" + cacache "^15.0.5" + http-cache-semantics "^4.1.0" + http-proxy-agent "^4.0.1" + https-proxy-agent "^5.0.0" + is-lambda "^1.0.1" + lru-cache "^6.0.0" + minipass "^3.1.3" + minipass-collect "^1.0.2" + minipass-fetch "^1.3.2" + minipass-flush "^1.0.5" + minipass-pipeline "^1.2.4" + promise-retry "^2.0.1" + socks-proxy-agent "^5.0.0" + ssri "^8.0.0" make-runnable@^1.3.8: version "1.3.8" @@ -6872,11 +6480,6 @@ map-obj@^1.0.0, map-obj@^1.0.1: resolved "https://registry.yarnpkg.com/map-obj/-/map-obj-1.0.1.tgz#d933ceb9205d82bdcf4886f6742bdc2b4dea146d" integrity sha1-2TPOuSBdgr3PSIb2dCvcK03qFG0= -map-obj@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/map-obj/-/map-obj-2.0.0.tgz#a65cd29087a92598b8791257a523e021222ac1f9" - integrity sha1-plzSkIepJZi4eRJXpSPgISIqwfk= - map-obj@^4.0.0: version "4.2.0" resolved "https://registry.yarnpkg.com/map-obj/-/map-obj-4.2.0.tgz#0e8bc823e2aaca8a0942567d12ed14f389eec153" @@ -6962,21 +6565,6 @@ meow@^3.3.0: redent "^1.0.0" trim-newlines "^1.0.0" -meow@^4.0.0: - version "4.0.1" - resolved "https://registry.yarnpkg.com/meow/-/meow-4.0.1.tgz#d48598f6f4b1472f35bf6317a95945ace347f975" - integrity sha512-xcSBHD5Z86zaOc+781KrupuHAzeGXSLtiAOmBsiLDiPSaYSB6hdew2ng9EBAnZ62jagG9MHAOdxpDi/lWBFJ/A== - dependencies: - camelcase-keys "^4.0.0" - decamelize-keys "^1.0.0" - loud-rejection "^1.0.0" - minimist "^1.1.3" - minimist-options "^3.0.1" - normalize-package-data "^2.3.4" - read-pkg-up "^3.0.0" - redent "^2.0.0" - trim-newlines "^2.0.0" - meow@^8.0.0: version "8.1.2" resolved "https://registry.yarnpkg.com/meow/-/meow-8.1.2.tgz#bcbe45bda0ee1729d350c03cffc8395a36c4e897" @@ -7011,12 +6599,12 @@ merge-stream@^2.0.0: resolved "https://registry.yarnpkg.com/merge-stream/-/merge-stream-2.0.0.tgz#52823629a14dd00c9770fb6ad47dc6310f2c1f60" integrity sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w== -merge2@^1.2.3, merge2@^1.3.0: +merge2@^1.3.0: version "1.4.1" resolved "https://registry.yarnpkg.com/merge2/-/merge2-1.4.1.tgz#4368892f885e907455a6fd7dc55c0c9d404990ae" integrity sha512-8q7VEgMJW4J8tcfVPy8g09NcQwZdbwFEqhe/WZkoIzjn/3TGDwtOCYtXGxA3O8tPzpczCCDgv+P2P5y00ZJOOg== -micromatch@^3.1.10, micromatch@^3.1.4: +micromatch@^3.1.4: version "3.1.10" resolved "https://registry.yarnpkg.com/micromatch/-/micromatch-3.1.10.tgz#70859bc95c9840952f359a068a3fc49f9ecfac23" integrity sha512-MWikgl9n9M3w+bpsY3He8L+w9eF9338xRl8IAO5viDizwSzziFEyUzo2xrrloB64ADbTf8uA8vRqqttDTOmccg== @@ -7055,11 +6643,6 @@ mime-types@^2.1.12, mime-types@~2.1.19: dependencies: mime-db "1.46.0" -mimic-fn@^1.0.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/mimic-fn/-/mimic-fn-1.2.0.tgz#820c86a39334640e99516928bd03fca88057d022" - integrity sha512-jf84uxzwiuiIVKiOLpfYk7N46TSy8ubTonmneY9vrpHNAnp0QBt2BxWV9dO3/j+BoVAb+a5G6YDPW3M5HOdMWQ== - mimic-fn@^2.1.0: version "2.1.0" resolved "https://registry.yarnpkg.com/mimic-fn/-/mimic-fn-2.1.0.tgz#7ed2c2ccccaf84d3ffcb7a69b57711fc2083401b" @@ -7086,19 +6669,58 @@ minimist-options@4.1.0: is-plain-obj "^1.1.0" kind-of "^6.0.3" -minimist-options@^3.0.1: - version "3.0.2" - resolved "https://registry.yarnpkg.com/minimist-options/-/minimist-options-3.0.2.tgz#fba4c8191339e13ecf4d61beb03f070103f3d954" - integrity sha512-FyBrT/d0d4+uiZRbqznPXqw3IpZZG3gl3wKWiX784FycUKVwBt0uLBFkQrtE4tZOrgo78nZp2jnKz3L65T5LdQ== - dependencies: - arrify "^1.0.1" - is-plain-obj "^1.1.0" - minimist@>=1.2.2, minimist@^1.1.1, minimist@^1.1.3, minimist@^1.2.0, minimist@^1.2.5, minimist@~1.2.5: version "1.2.5" resolved "https://registry.yarnpkg.com/minimist/-/minimist-1.2.5.tgz#67d66014b66a6a8aaa0c083c5fd58df4e4e97602" integrity sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw== +minipass-collect@^1.0.2: + version "1.0.2" + resolved "https://registry.yarnpkg.com/minipass-collect/-/minipass-collect-1.0.2.tgz#22b813bf745dc6edba2576b940022ad6edc8c617" + integrity sha512-6T6lH0H8OG9kITm/Jm6tdooIbogG9e0tLgpY6mphXSm/A9u8Nq1ryBG+Qspiub9LjWlBPsPS3tWQ/Botq4FdxA== + dependencies: + minipass "^3.0.0" + +minipass-fetch@^1.3.0, minipass-fetch@^1.3.2: + version "1.3.3" + resolved "https://registry.yarnpkg.com/minipass-fetch/-/minipass-fetch-1.3.3.tgz#34c7cea038c817a8658461bf35174551dce17a0a" + integrity sha512-akCrLDWfbdAWkMLBxJEeWTdNsjML+dt5YgOI4gJ53vuO0vrmYQkUPxa6j6V65s9CcePIr2SSWqjT2EcrNseryQ== + dependencies: + minipass "^3.1.0" + minipass-sized "^1.0.3" + minizlib "^2.0.0" + optionalDependencies: + encoding "^0.1.12" + +minipass-flush@^1.0.5: + version "1.0.5" + resolved "https://registry.yarnpkg.com/minipass-flush/-/minipass-flush-1.0.5.tgz#82e7135d7e89a50ffe64610a787953c4c4cbb373" + integrity sha512-JmQSYYpPUqX5Jyn1mXaRwOda1uQ8HP5KAT/oDSLCzt1BYRhQU0/hDtsB1ufZfEEzMZ9aAVmsBw8+FWsIXlClWw== + dependencies: + minipass "^3.0.0" + +minipass-json-stream@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/minipass-json-stream/-/minipass-json-stream-1.0.1.tgz#7edbb92588fbfc2ff1db2fc10397acb7b6b44aa7" + integrity sha512-ODqY18UZt/I8k+b7rl2AENgbWE8IDYam+undIJONvigAz8KR5GWblsFTEfQs0WODsjbSXWlm+JHEv8Gr6Tfdbg== + dependencies: + jsonparse "^1.3.1" + minipass "^3.0.0" + +minipass-pipeline@^1.2.2, minipass-pipeline@^1.2.4: + version "1.2.4" + resolved "https://registry.yarnpkg.com/minipass-pipeline/-/minipass-pipeline-1.2.4.tgz#68472f79711c084657c067c5c6ad93cddea8214c" + integrity sha512-xuIq7cIOt09RPRJ19gdi4b+RiNvDFYe5JH+ggNvBqGqpQXcru3PcRmOZuHBKWK1Txf9+cQ+HMVN4d6z46LZP7A== + dependencies: + minipass "^3.0.0" + +minipass-sized@^1.0.3: + version "1.0.3" + resolved "https://registry.yarnpkg.com/minipass-sized/-/minipass-sized-1.0.3.tgz#70ee5a7c5052070afacfbc22977ea79def353b70" + integrity sha512-MbkQQ2CTiBMlA2Dm/5cY+9SWFEN8pzzOXi6rlM5Xxq0Yqbda5ZQy9sU75a673FE9ZK0Zsbr6Y5iP6u9nktfg2g== + dependencies: + minipass "^3.0.0" + minipass@^2.2.0, minipass@^2.3.5, minipass@^2.6.0, minipass@^2.8.6, minipass@^2.9.0: version "2.9.0" resolved "https://registry.yarnpkg.com/minipass/-/minipass-2.9.0.tgz#e713762e7d3e32fed803115cf93e04bca9fcc9a6" @@ -7107,7 +6729,7 @@ minipass@^2.2.0, minipass@^2.3.5, minipass@^2.6.0, minipass@^2.8.6, minipass@^2. safe-buffer "^5.1.2" yallist "^3.0.0" -minipass@^3.0.0: +minipass@^3.0.0, minipass@^3.1.0, minipass@^3.1.1, minipass@^3.1.3: version "3.1.3" resolved "https://registry.yarnpkg.com/minipass/-/minipass-3.1.3.tgz#7d42ff1f39635482e15f9cdb53184deebd5815fd" integrity sha512-Mgd2GdMVzY+x3IJ+oHnVM+KG3lA5c8tnabyJKmHSaG2kAGpudxuOf8ToDkhumF7UzME7DecbQE9uOZhNm7PuJg== @@ -7121,21 +6743,13 @@ minizlib@^1.2.1: dependencies: minipass "^2.9.0" -mississippi@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/mississippi/-/mississippi-3.0.0.tgz#ea0a3291f97e0b5e8776b363d5f0a12d94c67022" - integrity sha512-x471SsVjUtBRtcvd4BzKE9kFC+/2TeWgKCgw0bZcw1b9l2X3QX5vCWgF+KaZaYm87Ss//rHnWryupDrgLvmSkA== +minizlib@^2.0.0, minizlib@^2.1.1: + version "2.1.2" + resolved "https://registry.yarnpkg.com/minizlib/-/minizlib-2.1.2.tgz#e90d3466ba209b932451508a11ce3d3632145931" + integrity sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg== dependencies: - concat-stream "^1.5.0" - duplexify "^3.4.2" - end-of-stream "^1.1.0" - flush-write-stream "^1.0.0" - from2 "^2.1.0" - parallel-transform "^1.1.0" - pump "^3.0.0" - pumpify "^1.3.3" - stream-each "^1.1.0" - through2 "^2.0.0" + minipass "^3.0.0" + yallist "^4.0.0" mixin-deep@^1.2.0: version "1.3.2" @@ -7145,14 +6759,16 @@ mixin-deep@^1.2.0: for-in "^1.0.2" is-extendable "^1.0.1" -mkdirp-promise@^5.0.1: - version "5.0.1" - resolved "https://registry.yarnpkg.com/mkdirp-promise/-/mkdirp-promise-5.0.1.tgz#e9b8f68e552c68a9c1713b84883f7a1dd039b8a1" - integrity sha1-6bj2jlUsaKnBcTuEiD96HdA5uKE= +mkdirp-infer-owner@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/mkdirp-infer-owner/-/mkdirp-infer-owner-2.0.0.tgz#55d3b368e7d89065c38f32fd38e638f0ab61d316" + integrity sha512-sdqtiFt3lkOaYvTXSRIUjkIdPTcxgv5+fgqYE/5qgwdw12cOrAuzzgzvVExIkH/ul1oeHN3bCLOWSG3XOqbKKw== dependencies: - mkdirp "*" + chownr "^2.0.0" + infer-owner "^1.0.4" + mkdirp "^1.0.3" -mkdirp@*, mkdirp@1.x, mkdirp@^1.0.4: +mkdirp@1.x, mkdirp@^1.0.3, mkdirp@^1.0.4: version "1.0.4" resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-1.0.4.tgz#3eb5ed62622756d79a5f0e2a221dfebad75c2f7e" integrity sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw== @@ -7184,18 +6800,6 @@ module-not-found-error@^1.0.1: resolved "https://registry.yarnpkg.com/module-not-found-error/-/module-not-found-error-1.0.1.tgz#cf8b4ff4f29640674d6cdd02b0e3bc523c2bbdc0" integrity sha1-z4tP9PKWQGdNbN0CsOO8UjwrvcA= -move-concurrently@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/move-concurrently/-/move-concurrently-1.0.1.tgz#be2c005fda32e0b29af1f05d7c4b33214c701f92" - integrity sha1-viwAX9oy4LKa8fBdfEszIUxwH5I= - dependencies: - aproba "^1.1.1" - copy-concurrently "^1.0.0" - fs-write-stream-atomic "^1.0.8" - mkdirp "^0.5.1" - rimraf "^2.5.4" - run-queue "^1.0.3" - ms@2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/ms/-/ms-2.0.0.tgz#5608aeadfc00be6c2901df5f9861788de0d597c8" @@ -7206,40 +6810,27 @@ ms@2.1.2: resolved "https://registry.yarnpkg.com/ms/-/ms-2.1.2.tgz#d09d1f357b443f493382a8eb3ccd183872ae6009" integrity sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w== -ms@^2.0.0, ms@^2.1.1: +ms@^2.0.0: version "2.1.3" resolved "https://registry.yarnpkg.com/ms/-/ms-2.1.3.tgz#574c8138ce1d2b5861f0b44579dbadd60c6615b2" integrity sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA== -multimatch@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/multimatch/-/multimatch-3.0.0.tgz#0e2534cc6bc238d9ab67e1b9cd5fcd85a6dbf70b" - integrity sha512-22foS/gqQfANZ3o+W7ST2x25ueHDVNWl/b9OlGcLpy/iKxjCpvcNCM51YCenUi7Mt/jAjjqv8JwZRs8YP5sRjA== +multimatch@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/multimatch/-/multimatch-5.0.0.tgz#932b800963cea7a31a033328fa1e0c3a1874dbe6" + integrity sha512-ypMKuglUrZUD99Tk2bUQ+xNQj43lPEfAeX2o9cTteAmShXy2VHDJpuwu1o0xqoKCt9jLVAvwyFKdLTPXKAfJyA== dependencies: - array-differ "^2.0.3" - array-union "^1.0.2" - arrify "^1.0.1" + "@types/minimatch" "^3.0.3" + array-differ "^3.0.0" + array-union "^2.1.0" + arrify "^2.0.1" minimatch "^3.0.4" -mute-stream@0.0.7: - version "0.0.7" - resolved "https://registry.yarnpkg.com/mute-stream/-/mute-stream-0.0.7.tgz#3075ce93bc21b8fab43e1bc4da7e8115ed1e7bab" - integrity sha1-MHXOk7whuPq0PhvE2n6BFe0ee6s= - -mute-stream@~0.0.4: +mute-stream@0.0.8, mute-stream@~0.0.4: version "0.0.8" resolved "https://registry.yarnpkg.com/mute-stream/-/mute-stream-0.0.8.tgz#1630c42b2251ff81e2a283de96a5497ea92e5e0d" integrity sha512-nnbWWOkoWyUsTjKrhgD0dcz22mdkSnpYqbEjIm2nhwhuxlSkpywJmBo8h0ZqJdkp73mb90SssHkN4rsRaBAfAA== -mz@^2.5.0: - version "2.7.0" - resolved "https://registry.yarnpkg.com/mz/-/mz-2.7.0.tgz#95008057a56cafadc2bc63dde7f9ff6955948e32" - integrity sha512-z81GNO7nnYMEhrGh9LeymoE4+Yr0Wn5McHIZMK5cfQCl+NDX08sCZgUc9/6MHni9IWuFLm1Z3HTCXu2z9fN62Q== - dependencies: - any-promise "^1.0.0" - object-assign "^4.0.1" - thenify-all "^1.0.0" - nanomatch@^1.2.9: version "1.2.13" resolved "https://registry.yarnpkg.com/nanomatch/-/nanomatch-1.2.13.tgz#b87a8aa4fc0de8fe6be88895b38983ff265bd119" @@ -7303,16 +6894,7 @@ nock@^13.0.11: lodash.set "^4.3.2" propagate "^2.0.0" -node-fetch-npm@^2.0.2: - version "2.0.4" - resolved "https://registry.yarnpkg.com/node-fetch-npm/-/node-fetch-npm-2.0.4.tgz#6507d0e17a9ec0be3bec516958a497cec54bf5a4" - integrity sha512-iOuIQDWDyjhv9qSDrj9aq/klt6F9z1p2otB3AV7v3zBDcL/x+OfGsvGQZZCcMZbUf4Ujw1xGNQkjvGnVT22cKg== - dependencies: - encoding "^0.1.11" - json-parse-better-errors "^1.0.0" - safe-buffer "^5.1.1" - -node-fetch@^2.5.0, node-fetch@^2.6.1: +node-fetch@^2.6.1: version "2.6.1" resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-2.6.1.tgz#045bd323631f76ed2e2b55573394416b639a0052" integrity sha512-V4aYg89jEoVRxRb2fJdAg8FHvI7cEyYdVAh94HH0UIK8oJxUfkjlDQN9RbMx+bEjP7+ggMiFRprSti032Oipxw== @@ -7334,6 +6916,22 @@ node-gyp@^5.0.2: tar "^4.4.12" which "^1.3.1" +node-gyp@^7.1.0: + version "7.1.2" + resolved "https://registry.yarnpkg.com/node-gyp/-/node-gyp-7.1.2.tgz#21a810aebb187120251c3bcec979af1587b188ae" + integrity sha512-CbpcIo7C3eMu3dL1c3d0xw449fHIGALIJsRP4DDPHpyiW8vcriNY7ubh9TE4zEKfSxscY7PjeFnshE7h75ynjQ== + dependencies: + env-paths "^2.2.0" + glob "^7.1.4" + graceful-fs "^4.2.3" + nopt "^5.0.0" + npmlog "^4.1.2" + request "^2.88.2" + rimraf "^3.0.2" + semver "^7.3.2" + tar "^6.0.2" + which "^2.0.2" + node-int64@^0.4.0: version "0.4.0" resolved "https://registry.yarnpkg.com/node-int64/-/node-int64-0.4.0.tgz#87a9065cdb355d3182d8f94ce11188b825c68a3b" @@ -7384,7 +6982,14 @@ nopt@^4.0.1: abbrev "1" osenv "^0.1.4" -normalize-package-data@^2.0.0, normalize-package-data@^2.3.0, normalize-package-data@^2.3.2, normalize-package-data@^2.3.4, normalize-package-data@^2.3.5, normalize-package-data@^2.4.0, normalize-package-data@^2.5.0: +nopt@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/nopt/-/nopt-5.0.0.tgz#530942bb58a512fccafe53fe210f13a25355dc88" + integrity sha512-Tbj67rffqceeLpcRXrT7vKAN8CwfPeIBgM7E6iBkmKLV7bEMwpGgYLGv0jACUsECaa/vuxP0IjEont6umdMgtQ== + dependencies: + abbrev "1" + +normalize-package-data@^2.0.0, normalize-package-data@^2.3.0, normalize-package-data@^2.3.2, normalize-package-data@^2.3.4, normalize-package-data@^2.5.0: version "2.5.0" resolved "https://registry.yarnpkg.com/normalize-package-data/-/normalize-package-data-2.5.0.tgz#e66db1838b200c1dfc233225d12cb36520e234a8" integrity sha512-/5CMN3T0R4XTj4DcGaexo+roZSdSFW/0AOOTROrjxzCG1wrWXEsGbRKevjlIL+ZDE4sZlJr5ED4YW0yqmkK+eA== @@ -7421,14 +7026,21 @@ normalize-url@^3.3.0: resolved "https://registry.yarnpkg.com/normalize-url/-/normalize-url-3.3.0.tgz#b2e1c4dc4f7c6d57743df733a4f5978d18650559" integrity sha512-U+JJi7duF1o+u2pynbp2zXDW2/PADgC30f0GsHZtRh+HOcXHnw137TrNlyxxRvWW5fjKd3bcLHPxofWuCjaeZg== -npm-bundled@^1.0.1, npm-bundled@^1.1.1: +npm-bundled@^1.1.1: version "1.1.1" resolved "https://registry.yarnpkg.com/npm-bundled/-/npm-bundled-1.1.1.tgz#1edd570865a94cdb1bc8220775e29466c9fb234b" integrity sha512-gqkfgGePhTpAEgUsGEgcq1rqPXA+tv/aVBlgEzfXwA1yiUJF7xtEt3CtVwOjNYQOVknDk0F20w58Fnm3EtG0fA== dependencies: npm-normalize-package-bin "^1.0.1" -npm-lifecycle@^3.1.2: +npm-install-checks@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/npm-install-checks/-/npm-install-checks-4.0.0.tgz#a37facc763a2fde0497ef2c6d0ac7c3fbe00d7b4" + integrity sha512-09OmyDkNLYwqKPOnbI8exiOZU2GVVmQp7tgez2BPi5OZC8M82elDAps7sxC4l//uSUtotWqoEIDwjRvWH4qz8w== + dependencies: + semver "^7.1.1" + +npm-lifecycle@^3.1.5: version "3.1.5" resolved "https://registry.yarnpkg.com/npm-lifecycle/-/npm-lifecycle-3.1.5.tgz#9882d3642b8c82c815782a12e6a1bfeed0026309" integrity sha512-lDLVkjfZmvmfvpvBzA4vzee9cn+Me4orq0QF8glbswJVEbIcSNWib7qGOffolysc3teCqbbPZZkzbr3GQZTL1g== @@ -7447,33 +7059,48 @@ npm-normalize-package-bin@^1.0.0, npm-normalize-package-bin@^1.0.1: resolved "https://registry.yarnpkg.com/npm-normalize-package-bin/-/npm-normalize-package-bin-1.0.1.tgz#6e79a41f23fd235c0623218228da7d9c23b8f6e2" integrity sha512-EPfafl6JL5/rU+ot6P3gRSCpPDW5VmIzX959Ob1+ySFUuuYHWHekXpwdUZcKP5C+DS4GEtdJluwBjnsNDl+fSA== -"npm-package-arg@^4.0.0 || ^5.0.0 || ^6.0.0", npm-package-arg@^6.0.0, npm-package-arg@^6.1.0: - version "6.1.1" - resolved "https://registry.yarnpkg.com/npm-package-arg/-/npm-package-arg-6.1.1.tgz#02168cb0a49a2b75bf988a28698de7b529df5cb7" - integrity sha512-qBpssaL3IOZWi5vEKUKW0cO7kzLeT+EQO9W8RsLOZf76KF9E/K9+wH0C7t06HXPpaH8WH5xF1MExLuCwbTqRUg== +npm-package-arg@^8.0.0, npm-package-arg@^8.0.1, npm-package-arg@^8.1.0, npm-package-arg@^8.1.2: + version "8.1.2" + resolved "https://registry.yarnpkg.com/npm-package-arg/-/npm-package-arg-8.1.2.tgz#b868016ae7de5619e729993fbd8d11dc3c52ab62" + integrity sha512-6Eem455JsSMJY6Kpd3EyWE+n5hC+g9bSyHr9K9U2zqZb7+02+hObQ2c0+8iDk/mNF+8r1MhY44WypKJAkySIYA== dependencies: - hosted-git-info "^2.7.1" - osenv "^0.1.5" - semver "^5.6.0" + hosted-git-info "^4.0.1" + semver "^7.3.4" validate-npm-package-name "^3.0.0" -npm-packlist@^1.4.4: - version "1.4.8" - resolved "https://registry.yarnpkg.com/npm-packlist/-/npm-packlist-1.4.8.tgz#56ee6cc135b9f98ad3d51c1c95da22bbb9b2ef3e" - integrity sha512-5+AZgwru5IevF5ZdnFglB5wNlHG1AOOuw28WhUq8/8emhBmLv6jX5by4WJCh7lW0uSYZYS6DXqIsyZVIXRZU9A== +npm-packlist@^2.1.4: + version "2.1.4" + resolved "https://registry.yarnpkg.com/npm-packlist/-/npm-packlist-2.1.4.tgz#40e96b2b43787d0546a574542d01e066640d09da" + integrity sha512-Qzg2pvXC9U4I4fLnUrBmcIT4x0woLtUgxUi9eC+Zrcv1Xx5eamytGAfbDWQ67j7xOcQ2VW1I3su9smVTIdu7Hw== dependencies: - ignore-walk "^3.0.1" - npm-bundled "^1.0.1" + glob "^7.1.6" + ignore-walk "^3.0.3" + npm-bundled "^1.1.1" npm-normalize-package-bin "^1.0.1" -npm-pick-manifest@^3.0.0: - version "3.0.2" - resolved "https://registry.yarnpkg.com/npm-pick-manifest/-/npm-pick-manifest-3.0.2.tgz#f4d9e5fd4be2153e5f4e5f9b7be8dc419a99abb7" - integrity sha512-wNprTNg+X5nf+tDi+hbjdHhM4bX+mKqv6XmPh7B5eG+QY9VARfQPfCEH013H5GqfNj6ee8Ij2fg8yk0mzps1Vw== +npm-pick-manifest@^6.0.0: + version "6.1.1" + resolved "https://registry.yarnpkg.com/npm-pick-manifest/-/npm-pick-manifest-6.1.1.tgz#7b5484ca2c908565f43b7f27644f36bb816f5148" + integrity sha512-dBsdBtORT84S8V8UTad1WlUyKIY9iMsAmqxHbLdeEeBNMLQDlDWWra3wYUx9EBEIiG/YwAy0XyNHDd2goAsfuA== + dependencies: + npm-install-checks "^4.0.0" + npm-normalize-package-bin "^1.0.1" + npm-package-arg "^8.1.2" + semver "^7.3.4" + +npm-registry-fetch@^9.0.0: + version "9.0.0" + resolved "https://registry.yarnpkg.com/npm-registry-fetch/-/npm-registry-fetch-9.0.0.tgz#86f3feb4ce00313bc0b8f1f8f69daae6face1661" + integrity sha512-PuFYYtnQ8IyVl6ib9d3PepeehcUeHN9IO5N/iCRhyg9tStQcqGQBRVHmfmMWPDERU3KwZoHFvbJ4FPXPspvzbA== dependencies: - figgy-pudding "^3.5.1" - npm-package-arg "^6.0.0" - semver "^5.4.1" + "@npmcli/ci-detect" "^1.0.0" + lru-cache "^6.0.0" + make-fetch-happen "^8.0.9" + minipass "^3.1.3" + minipass-fetch "^1.3.0" + minipass-json-stream "^1.0.1" + minizlib "^2.0.0" + npm-package-arg "^8.0.0" npm-run-path@^2.0.0: version "2.0.2" @@ -7482,7 +7109,7 @@ npm-run-path@^2.0.0: dependencies: path-key "^2.0.0" -npm-run-path@^4.0.0: +npm-run-path@^4.0.0, npm-run-path@^4.0.1: version "4.0.1" resolved "https://registry.yarnpkg.com/npm-run-path/-/npm-run-path-4.0.1.tgz#b7ecd1e5ed53da8e37a55e1c2269e0b97ed748ea" integrity sha512-S48WzZW777zhNIrn7gxOlISNAqi9ZC/uQFnRdbeIHhZhCA6UqpkOT8T1G7BvfdgP4Er8gF4sUbaS0i7QvIfCWw== @@ -7658,11 +7285,6 @@ object.values@^1.1.1: es-abstract "^1.18.0-next.2" has "^1.0.3" -octokit-pagination-methods@^1.1.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/octokit-pagination-methods/-/octokit-pagination-methods-1.1.0.tgz#cf472edc9d551055f9ef73f6e42b4dbb4c80bea4" - integrity sha512-fZ4qZdQ2nxJvtcasX7Ghl+WlWS/d9IgnBIwFZXVNNZUmzpno91SX5bc5vuxiuKoCtK78XxGGNuSCrDC7xYB3OQ== - once@^1.3.0, once@^1.3.1, once@^1.4.0: version "1.4.0" resolved "https://registry.yarnpkg.com/once/-/once-1.4.0.tgz#583b1aa775961d4b113ac17d9c50baef9dd76bd1" @@ -7670,14 +7292,7 @@ once@^1.3.0, once@^1.3.1, once@^1.4.0: dependencies: wrappy "1" -onetime@^2.0.0: - version "2.0.1" - resolved "https://registry.yarnpkg.com/onetime/-/onetime-2.0.1.tgz#067428230fd67443b2794b22bba528b6867962d4" - integrity sha1-BnQoIw/WdEOyeUsiu6UotoZ5YtQ= - dependencies: - mimic-fn "^1.0.0" - -onetime@^5.1.0: +onetime@^5.1.0, onetime@^5.1.2: version "5.1.2" resolved "https://registry.yarnpkg.com/onetime/-/onetime-5.1.2.tgz#d0e96ebb56b07476df1dd9c4806e5237985ca45e" integrity sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg== @@ -7723,20 +7338,12 @@ os-homedir@^1.0.0, os-homedir@^1.0.1, os-homedir@^1.0.2: resolved "https://registry.yarnpkg.com/os-homedir/-/os-homedir-1.0.2.tgz#ffbc4988336e0e833de0c168c7ef152121aa7fb3" integrity sha1-/7xJiDNuDoM94MFox+8VISGqf7M= -os-name@^3.1.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/os-name/-/os-name-3.1.0.tgz#dec19d966296e1cd62d701a5a66ee1ddeae70801" - integrity sha512-h8L+8aNjNcMpo/mAIBPn5PXCM16iyPGjHNWo6U1YO8sJTMHtEtyczI6QJnLoplswm6goopQkqc7OAnjhWcugVg== - dependencies: - macos-release "^2.2.0" - windows-release "^3.1.0" - os-tmpdir@^1.0.0, os-tmpdir@~1.0.2: version "1.0.2" resolved "https://registry.yarnpkg.com/os-tmpdir/-/os-tmpdir-1.0.2.tgz#bbe67406c79aa85c5cfec766fe5734555dfa1274" integrity sha1-u+Z0BseaqFxc/sdm/lc0VV36EnQ= -osenv@^0.1.4, osenv@^0.1.5: +osenv@^0.1.4: version "0.1.5" resolved "https://registry.yarnpkg.com/osenv/-/osenv-0.1.5.tgz#85cdfafaeb28e8677f416e287592b5f3f49ea410" integrity sha512-0CWcCECdMVc2Rw3U5w9ZjqX6ga6ubk1xDVKxtBQPK7wis/0F2r9T6k4ydGYhecl7YUBxBVxhL5oisPsNxAPe2g== @@ -7815,17 +7422,10 @@ p-locate@^5.0.0: dependencies: p-limit "^3.0.2" -p-map-series@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/p-map-series/-/p-map-series-1.0.0.tgz#bf98fe575705658a9e1351befb85ae4c1f07bdca" - integrity sha1-v5j+V1cFZYqeE1G++4WuTB8Hvco= - dependencies: - p-reduce "^1.0.0" - -p-map@^2.1.0: +p-map-series@^2.1.0: version "2.1.0" - resolved "https://registry.yarnpkg.com/p-map/-/p-map-2.1.0.tgz#310928feef9c9ecc65b68b17693018a665cea175" - integrity sha512-y3b8Kpd8OAN444hxfBbFfj1FY/RjtTd8tzYwhUqNYXx0fXx2iX4maP4Qr6qhIKbQXI02wTLAda4fYUbDagTUFw== + resolved "https://registry.yarnpkg.com/p-map-series/-/p-map-series-2.1.0.tgz#7560d4c452d9da0c07e692fdbfe6e2c81a2a91f2" + integrity sha512-RpYIIK1zXSNEOdwxcfe7FdvGcs7+y5n8rifMhMNWvaxRNMPINJHF5GDeuVxWqnfrcHPSCnp7Oo5yNXHId9Av2Q== p-map@^3.0.0: version "3.0.0" @@ -7834,22 +7434,37 @@ p-map@^3.0.0: dependencies: aggregate-error "^3.0.0" -p-pipe@^1.2.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/p-pipe/-/p-pipe-1.2.0.tgz#4b1a11399a11520a67790ee5a0c1d5881d6befe9" - integrity sha1-SxoROZoRUgpneQ7loMHViB1r7+k= - -p-queue@^4.0.0: +p-map@^4.0.0: version "4.0.0" - resolved "https://registry.yarnpkg.com/p-queue/-/p-queue-4.0.0.tgz#ed0eee8798927ed6f2c2f5f5b77fdb2061a5d346" - integrity sha512-3cRXXn3/O0o3+eVmUroJPSj/esxoEFIm0ZOno/T+NzG/VZgPOqQ8WKmlNqubSEpZmCIngEy34unkHGg83ZIBmg== + resolved "https://registry.yarnpkg.com/p-map/-/p-map-4.0.0.tgz#bb2f95a5eda2ec168ec9274e06a747c3e2904d2b" + integrity sha512-/bjOqmgETBYB5BoEeGVea8dmvHb2m9GLy1E9W43yeyfP6QQCZGFNa+XRceJEuDB6zqr+gKpIAmlLebMpykw/MQ== dependencies: - eventemitter3 "^3.1.0" + aggregate-error "^3.0.0" -p-reduce@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/p-reduce/-/p-reduce-1.0.0.tgz#18c2b0dd936a4690a529f8231f58a0fdb6a47dfa" - integrity sha1-GMKw3ZNqRpClKfgjH1ig/bakffo= +p-pipe@^3.1.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/p-pipe/-/p-pipe-3.1.0.tgz#48b57c922aa2e1af6a6404cb7c6bf0eb9cc8e60e" + integrity sha512-08pj8ATpzMR0Y80x50yJHn37NF6vjrqHutASaX5LiH5npS9XPvrUmscd9MF5R4fuYRHOxQR1FfMIlF7AzwoPqw== + +p-queue@^6.6.2: + version "6.6.2" + resolved "https://registry.yarnpkg.com/p-queue/-/p-queue-6.6.2.tgz#2068a9dcf8e67dd0ec3e7a2bcb76810faa85e426" + integrity sha512-RwFpb72c/BhQLEXIZ5K2e+AhgNVmIejGlTgiB9MzZ0e93GRvqZ7uSi0dvRF7/XIXDeNkra2fNHBxTyPDGySpjQ== + dependencies: + eventemitter3 "^4.0.4" + p-timeout "^3.2.0" + +p-reduce@^2.0.0, p-reduce@^2.1.0: + version "2.1.0" + resolved "https://registry.yarnpkg.com/p-reduce/-/p-reduce-2.1.0.tgz#09408da49507c6c274faa31f28df334bc712b64a" + integrity sha512-2USApvnsutq8uoxZBGbbWM0JIYLiEMJ9RlaN7fAzVNb9OZN0SHjjTTfIcb667XynS5Y1VhwDJVDa72TnPzAYWw== + +p-timeout@^3.2.0: + version "3.2.0" + resolved "https://registry.yarnpkg.com/p-timeout/-/p-timeout-3.2.0.tgz#c7e17abc971d2a7962ef83626b35d635acf23dfe" + integrity sha512-rhIwUycgwwKcP9yTOOFK/AKsAopjjCakVqLHePO3CC6Mir1Z99xT+R63jZxAT5lFZLa2inS5h+ZS2GvR99/FBg== + dependencies: + p-finally "^1.0.0" p-try@^1.0.0: version "1.0.0" @@ -7861,12 +7476,12 @@ p-try@^2.0.0: resolved "https://registry.yarnpkg.com/p-try/-/p-try-2.2.0.tgz#cb2868540e313d61de58fafbe35ce9004d5540e6" integrity sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ== -p-waterfall@^1.0.0: - version "1.0.0" - resolved "https://registry.yarnpkg.com/p-waterfall/-/p-waterfall-1.0.0.tgz#7ed94b3ceb3332782353af6aae11aa9fc235bb00" - integrity sha1-ftlLPOszMngjU69qrhGqn8I1uwA= +p-waterfall@^2.1.1: + version "2.1.1" + resolved "https://registry.yarnpkg.com/p-waterfall/-/p-waterfall-2.1.1.tgz#63153a774f472ccdc4eb281cdb2967fcf158b2ee" + integrity sha512-RRTnDb2TBG/epPRI2yYXsimO0v3BXC8Yd3ogr1545IaqKK17VGhbWVeGGN+XfCm/08OK8635nH31c8bATkHuSw== dependencies: - p-reduce "^1.0.0" + p-reduce "^2.0.0" pac-proxy-agent@^4.1.0: version "4.1.0" @@ -7912,20 +7527,36 @@ package-hash@^4.0.0: lodash.flattendeep "^4.4.0" release-zalgo "^1.0.0" +pacote@^11.2.6: + version "11.3.0" + resolved "https://registry.yarnpkg.com/pacote/-/pacote-11.3.0.tgz#b2e16791a39cd4d9fb9fc1ec240cefe7ea518e6f" + integrity sha512-cygprcGpEVqvDzpuPMkGVXW/ooc2ibpoosuJ4YHcUXozDs9VJP7Vha+41pYppG2MVNis4t1BB8IygIBh7vVr2Q== + dependencies: + "@npmcli/git" "^2.0.1" + "@npmcli/installed-package-contents" "^1.0.6" + "@npmcli/promise-spawn" "^1.2.0" + "@npmcli/run-script" "^1.8.2" + cacache "^15.0.5" + chownr "^2.0.0" + fs-minipass "^2.1.0" + infer-owner "^1.0.4" + minipass "^3.1.3" + mkdirp "^1.0.3" + npm-package-arg "^8.0.1" + npm-packlist "^2.1.4" + npm-pick-manifest "^6.0.0" + npm-registry-fetch "^9.0.0" + promise-retry "^2.0.1" + read-package-json-fast "^2.0.1" + rimraf "^3.0.2" + ssri "^8.0.1" + tar "^6.1.0" + pako@~1.0.2: version "1.0.11" resolved "https://registry.yarnpkg.com/pako/-/pako-1.0.11.tgz#6c9599d340d54dfd3946380252a35705a6b992bf" integrity sha512-4hLB8Py4zZce5s4yd9XzopqwVv/yGNhV1Bl8NTmCq1763HeK2+EwVTv+leGeL13Dnh2wfbqowVPXCIO0z4taYw== -parallel-transform@^1.1.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/parallel-transform/-/parallel-transform-1.2.0.tgz#9049ca37d6cb2182c3b1d2c720be94d14a5814fc" - integrity sha512-P2vSmIu38uIlvdcU7fDkyrxj33gTUy/ABO5ZUbGowxNCopBq/OoD42bP4UmMrJoPyk4Uqf0mu3mtWBhHCZD8yg== - dependencies: - cyclist "^1.0.1" - inherits "^2.0.3" - readable-stream "^2.1.5" - parent-module@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/parent-module/-/parent-module-1.0.1.tgz#691d2709e78c79fae3a156622452d00762caaaa2" @@ -7983,21 +7614,16 @@ parse-url@^5.0.0: parse-path "^4.0.0" protocols "^1.4.0" -parse5@6.0.1: - version "6.0.1" - resolved "https://registry.yarnpkg.com/parse5/-/parse5-6.0.1.tgz#e1a1c085c569b3dc08321184f19a39cc27f7c30b" - integrity sha512-Ofn/CTFzRGTTxwpNEs9PP93gXShHcTq255nzRYSKe8AkVpZY7e1fpmTfOyoIvjP5HG7Z2ZM7VS9PPhQGW2pOpw== +parse5@5.1.1: + version "5.1.1" + resolved "https://registry.yarnpkg.com/parse5/-/parse5-5.1.1.tgz#f68e4e5ba1852ac2cadc00f4555fff6c2abb6178" + integrity sha512-ugq4DFI0Ptb+WWjAdOK16+u/nHfiIrcE+sh8kZMaM0WllQKLI9rOUq6c2b7cwPkXdzfQESqvoqK6ug7U/Yyzug== pascalcase@^0.1.1: version "0.1.1" resolved "https://registry.yarnpkg.com/pascalcase/-/pascalcase-0.1.1.tgz#b363e55e8006ca6fe21784d2db22bd15d7917f14" integrity sha1-s2PlXoAGym/iF4TS2yK9FdeRfxQ= -path-dirname@^1.0.0: - version "1.0.2" - resolved "https://registry.yarnpkg.com/path-dirname/-/path-dirname-1.0.2.tgz#cc33d24d525e099a5388c0336c6e32b9160609e0" - integrity sha1-zDPSTVJeCZpTiMAzbG4yuRYGCeA= - path-exists@^2.0.0: version "2.1.0" resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-2.1.0.tgz#0feb6c64f0fc518d9a754dd5efb62c7022761f4b" @@ -8095,6 +7721,11 @@ pify@^4.0.1: resolved "https://registry.yarnpkg.com/pify/-/pify-4.0.1.tgz#4b2cd25c50d598735c50292224fd8c6df41e3231" integrity sha512-uB80kBFb/tfd68bVleG9T5GGsGPjJrLAUpR5PZIrhBnIaRTQRjqdJSsIKkOP6OAIFbj7GOrcudc5pNjZ+geV2g== +pify@^5.0.0: + version "5.0.0" + resolved "https://registry.yarnpkg.com/pify/-/pify-5.0.0.tgz#1f5eca3f5e87ebec28cc6d54a0e4aaf00acc127f" + integrity sha512-eW/gHNMlxdSP6dmG6uJip6FXN0EQBwm2clYYd8Wul42Cwu/DK8HEftzsapcNdYe2MfLiIwZqsDk2RDEsTE79hA== + pinkie-promise@^2.0.0: version "2.0.1" resolved "https://registry.yarnpkg.com/pinkie-promise/-/pinkie-promise-2.0.1.tgz#2135d6dfa7a358c069ac9b178776288228450ffa" @@ -8187,13 +7818,13 @@ promise-inflight@^1.0.1: resolved "https://registry.yarnpkg.com/promise-inflight/-/promise-inflight-1.0.1.tgz#98472870bf228132fcbdd868129bad12c3c029e3" integrity sha1-mEcocL8igTL8vdhoEputEsPAKeM= -promise-retry@^1.1.1: - version "1.1.1" - resolved "https://registry.yarnpkg.com/promise-retry/-/promise-retry-1.1.1.tgz#6739e968e3051da20ce6497fb2b50f6911df3d6d" - integrity sha1-ZznpaOMFHaIM5kl/srUPaRHfPW0= +promise-retry@^2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/promise-retry/-/promise-retry-2.0.1.tgz#ff747a13620ab57ba688f5fc67855410c370da22" + integrity sha512-y+WKFlBR8BGXnsNlIHFGPZmyDf3DFMoLhaflAnyZgV6rG6xu+JwesTo2Q9R6XwYmtmwAFCkAk3e35jEdoeh/3g== dependencies: - err-code "^1.0.0" - retry "^0.10.0" + err-code "^2.0.2" + retry "^0.12.0" promptly@^3.2.0: version "3.2.0" @@ -8232,13 +7863,6 @@ protocols@^1.1.0, protocols@^1.4.0: resolved "https://registry.yarnpkg.com/protocols/-/protocols-1.4.8.tgz#48eea2d8f58d9644a4a32caae5d5db290a075ce8" integrity sha512-IgjKyaUSjsROSO8/D49Ab7hP8mJgTYcqApOqdPhLoPxAplXmkp+zRvsrSQjFn5by0rhm4VH0GAUELIPpx7B1yg== -protoduck@^5.0.1: - version "5.0.1" - resolved "https://registry.yarnpkg.com/protoduck/-/protoduck-5.0.1.tgz#03c3659ca18007b69a50fd82a7ebcc516261151f" - integrity sha512-WxoCeDCoCBY55BMvj4cAEjdVUFGRWed9ZxPlqTKYyw1nDDTQ4pqmnIMAGfJlg7Dx35uB/M+PHJPTmGOvaCaPTg== - dependencies: - genfun "^5.0.0" - proxy-agent@^4.0.1: version "4.0.1" resolved "https://registry.yarnpkg.com/proxy-agent/-/proxy-agent-4.0.1.tgz#326c3250776c7044cd19655ccbfadf2e065a045c" @@ -8272,19 +7896,11 @@ pseudomap@^1.0.2: resolved "https://registry.yarnpkg.com/pseudomap/-/pseudomap-1.0.2.tgz#f052a28da70e618917ef0a8ac34c1ae5a68286b3" integrity sha1-8FKijacOYYkX7wqKw0wa5aaChrM= -psl@^1.1.28, psl@^1.1.33: +psl@^1.1.28: version "1.8.0" resolved "https://registry.yarnpkg.com/psl/-/psl-1.8.0.tgz#9326f8bcfb013adcc005fdff056acce020e51c24" integrity sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ== -pump@^2.0.0: - version "2.0.1" - resolved "https://registry.yarnpkg.com/pump/-/pump-2.0.1.tgz#12399add6e4cf7526d973cbc8b5ce2e2908b3909" - integrity sha512-ruPMNRkN3MHP1cWJc9OWr+T/xDP0jhXYCLfJcBuX54hhfIBnaQmAUMfDcG4DM5UMWByBbJY69QSphm3jtDKIkA== - dependencies: - end-of-stream "^1.1.0" - once "^1.3.1" - pump@^3.0.0: version "3.0.0" resolved "https://registry.yarnpkg.com/pump/-/pump-3.0.0.tgz#b4a2116815bde2f4e1ea602354e8c75565107a64" @@ -8293,15 +7909,6 @@ pump@^3.0.0: end-of-stream "^1.1.0" once "^1.3.1" -pumpify@^1.3.3: - version "1.5.1" - resolved "https://registry.yarnpkg.com/pumpify/-/pumpify-1.5.1.tgz#36513be246ab27570b1a374a5ce278bfd74370ce" - integrity sha512-oClZI37HvuUJJxSKKrC17bZ9Cu0ZYhEAGPsPUy9KlMUmv9dKX2o77RUmq7f3XjIxbwyGwYzbzQ1L2Ks8sIradQ== - dependencies: - duplexify "^3.6.0" - inherits "^2.0.3" - pump "^2.0.0" - punycode@1.3.2: version "1.3.2" resolved "https://registry.yarnpkg.com/punycode/-/punycode-1.3.2.tgz#9653a036fb7c1ee42342f2325cceefea3926c48d" @@ -8352,11 +7959,6 @@ queue-microtask@^1.2.2: resolved "https://registry.yarnpkg.com/queue-microtask/-/queue-microtask-1.2.2.tgz#abf64491e6ecf0f38a6502403d4cda04f372dfd3" integrity sha512-dB15eXv3p2jDlbOiNLyMabYg1/sXvppd8DP2J3EOCQ0AkuSXCW2tP7mnVouVLJKgUMY6yP0kcQDVpLCN13h4Xg== -quick-lru@^1.0.0: - version "1.1.0" - resolved "https://registry.yarnpkg.com/quick-lru/-/quick-lru-1.1.0.tgz#4360b17c61136ad38078397ff11416e186dcfbb8" - integrity sha1-Q2CxfGETatOAeDl/8RQW4Ybc+7g= - quick-lru@^4.0.1: version "4.0.1" resolved "https://registry.yarnpkg.com/quick-lru/-/quick-lru-4.0.1.tgz#5b8878f113a58217848c6482026c73e1ba57727f" @@ -8387,14 +7989,20 @@ react-is@^17.0.1: resolved "https://registry.yarnpkg.com/react-is/-/react-is-17.0.1.tgz#5b3531bd76a645a4c9fb6e693ed36419e3301339" integrity sha512-NAnt2iGDXohE5LI7uBnLnqvLQMtzhkiAOLXTmv+qnF9Ky7xAPcX8Up/xWIhxvLVGJvuLiNc4xQLtuqDRzb4fSA== -read-cmd-shim@^1.0.1: - version "1.0.5" - resolved "https://registry.yarnpkg.com/read-cmd-shim/-/read-cmd-shim-1.0.5.tgz#87e43eba50098ba5a32d0ceb583ab8e43b961c16" - integrity sha512-v5yCqQ/7okKoZZkBQUAfTsQ3sVJtXdNfbPnI5cceppoxEVLYA3k+VtV2omkeo8MS94JCy4fSiUwlRBAwCVRPUA== +read-cmd-shim@^2.0.0: + version "2.0.0" + resolved "https://registry.yarnpkg.com/read-cmd-shim/-/read-cmd-shim-2.0.0.tgz#4a50a71d6f0965364938e9038476f7eede3928d9" + integrity sha512-HJpV9bQpkl6KwjxlJcBoqu9Ba0PQg8TqSNIOrulGt54a0uup0HtevreFHzYzkm0lpnleRdNBzXznKrgxglEHQw== + +read-package-json-fast@^2.0.1: + version "2.0.2" + resolved "https://registry.yarnpkg.com/read-package-json-fast/-/read-package-json-fast-2.0.2.tgz#2dcb24d9e8dd50fb322042c8c35a954e6cc7ac9e" + integrity sha512-5fyFUyO9B799foVk4n6ylcoAktG/FbE3jwRKxvwaeSrIunaoMc0u81dzXxjeAFKOce7O5KncdfwpGvvs6r5PsQ== dependencies: - graceful-fs "^4.1.2" + json-parse-even-better-errors "^2.3.0" + npm-normalize-package-bin "^1.0.1" -"read-package-json@1 || 2", read-package-json@^2.0.0, read-package-json@^2.0.13: +read-package-json@^2.0.0: version "2.1.2" resolved "https://registry.yarnpkg.com/read-package-json/-/read-package-json-2.1.2.tgz#6992b2b66c7177259feb8eaac73c3acd28b9222a" integrity sha512-D1KmuLQr6ZSJS0tW8hf3WGpRlwszJOXZ3E8Yd/DNRaM5d+1wVRZdHlpGBLAuovjr28LbWvjpWkBHMxpRGGjzNA== @@ -8404,7 +8012,17 @@ read-cmd-shim@^1.0.1: normalize-package-data "^2.0.0" npm-normalize-package-bin "^1.0.0" -read-package-tree@^5.1.6: +read-package-json@^3.0.0: + version "3.0.1" + resolved "https://registry.yarnpkg.com/read-package-json/-/read-package-json-3.0.1.tgz#c7108f0b9390257b08c21e3004d2404c806744b9" + integrity sha512-aLcPqxovhJTVJcsnROuuzQvv6oziQx4zd3JvG0vGCL5MjTONUc4uJ90zCBC6R7W7oUKBNoR/F8pkyfVwlbxqng== + dependencies: + glob "^7.1.1" + json-parse-even-better-errors "^2.3.0" + normalize-package-data "^3.0.0" + npm-normalize-package-bin "^1.0.0" + +read-package-tree@^5.3.1: version "5.3.1" resolved "https://registry.yarnpkg.com/read-package-tree/-/read-package-tree-5.3.1.tgz#a32cb64c7f31eb8a6f31ef06f9cedf74068fe636" integrity sha512-mLUDsD5JVtlZxjSlPPx1RETkNjjvQYuweKwNVt1Sn8kP5Jh44pvYuUHCp6xSVDZWbNxVxG5lyZJ921aJH61sTw== @@ -8498,19 +8116,6 @@ read@1, read@^1.0.4, read@~1.0.1: dependencies: mute-stream "~0.0.4" -"readable-stream@1 || 2", readable-stream@^2.0.0, readable-stream@^2.0.5, readable-stream@^2.0.6, readable-stream@^2.1.5, readable-stream@^2.2.2, readable-stream@^2.3.6, readable-stream@~2.3.6: - version "2.3.7" - resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.7.tgz#1eca1cf711aef814c04f62252a36a62f6cb23b57" - integrity sha512-Ebho8K4jIbHAxnuxi7o42OrZgF/ZTNcsZj6nRKyUmkhLFq8CHItp/fy6hQZuZmP/n3yZ9VBUbp4zz/mX8hmYPw== - dependencies: - core-util-is "~1.0.0" - inherits "~2.0.3" - isarray "~1.0.0" - process-nextick-args "~2.0.0" - safe-buffer "~5.1.1" - string_decoder "~1.1.1" - util-deprecate "~1.0.1" - readable-stream@1.1.x: version "1.1.14" resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-1.1.14.tgz#7cf4c54ef648e3813084c636dd2079e166c081d9" @@ -8521,7 +8126,7 @@ readable-stream@1.1.x: isarray "0.0.1" string_decoder "~0.10.x" -"readable-stream@2 || 3", readable-stream@3, readable-stream@^3.0.0, readable-stream@^3.0.2, readable-stream@^3.1.1, readable-stream@^3.4.0, readable-stream@^3.6.0: +readable-stream@3, readable-stream@^3.0.0, readable-stream@^3.0.2, readable-stream@^3.1.1, readable-stream@^3.4.0, readable-stream@^3.6.0: version "3.6.0" resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-3.6.0.tgz#337bbda3adc0706bd3e024426a286d4b4b2c9198" integrity sha512-BViHy7LKeTz4oNnkcLJ+lVSL6vpiFeX6/d3oSH8zCW7UxP2onchk+vTGB143xuFjHS3deTgkKoXXymXqymiIdA== @@ -8530,6 +8135,19 @@ readable-stream@1.1.x: string_decoder "^1.1.1" util-deprecate "^1.0.1" +readable-stream@^2.0.0, readable-stream@^2.0.5, readable-stream@^2.0.6, readable-stream@~2.3.6: + version "2.3.7" + resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.7.tgz#1eca1cf711aef814c04f62252a36a62f6cb23b57" + integrity sha512-Ebho8K4jIbHAxnuxi7o42OrZgF/ZTNcsZj6nRKyUmkhLFq8CHItp/fy6hQZuZmP/n3yZ9VBUbp4zz/mX8hmYPw== + dependencies: + core-util-is "~1.0.0" + inherits "~2.0.3" + isarray "~1.0.0" + process-nextick-args "~2.0.0" + safe-buffer "~5.1.1" + string_decoder "~1.1.1" + util-deprecate "~1.0.1" + readdir-glob@^1.0.0: version "1.1.1" resolved "https://registry.yarnpkg.com/readdir-glob/-/readdir-glob-1.1.1.tgz#f0e10bb7bf7bfa7e0add8baffdc54c3f7dbee6c4" @@ -8562,14 +8180,6 @@ redent@^1.0.0: indent-string "^2.1.0" strip-indent "^1.0.1" -redent@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/redent/-/redent-2.0.0.tgz#c1b2007b42d57eb1389079b3c8333639d5e1ccaa" - integrity sha1-wbIAe0LVfrE4kHmzyDM2OdXhzKo= - dependencies: - indent-string "^3.0.0" - strip-indent "^2.0.0" - redent@^3.0.0: version "3.0.0" resolved "https://registry.yarnpkg.com/redent/-/redent-3.0.0.tgz#e557b7998316bb53c9f1f56fa626352c6963059f" @@ -8635,7 +8245,7 @@ request-promise-core@1.1.4: dependencies: lodash "^4.17.19" -request-promise-native@^1.0.9: +request-promise-native@^1.0.8: version "1.0.9" resolved "https://registry.yarnpkg.com/request-promise-native/-/request-promise-native-1.0.9.tgz#e407120526a5efdc9a39b28a5679bf47b9d9dc28" integrity sha512-wcW+sIUiWnKgNY0dqCpOZkUbF/I+YPi+f09JZIDa39Ec+q82CpSYniDp+ISgTTbKmnpJWASeJBPZmoxH84wt3g== @@ -8685,13 +8295,6 @@ require-main-filename@^2.0.0: resolved "https://registry.yarnpkg.com/require-main-filename/-/require-main-filename-2.0.0.tgz#d0b329ecc7cc0f61649f62215be69af54aa8989b" integrity sha512-NKN5kMDylKuldxYLSUfrbo5Tuzh4hd+2E8NPPX02mZtn1VuREQToYe/ZdlJy+J3uCpfaiGF05e7B8W0iXbQHmg== -resolve-cwd@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/resolve-cwd/-/resolve-cwd-2.0.0.tgz#00a9f7387556e27038eae232caa372a6a59b665a" - integrity sha1-AKn3OHVW4nA46uIyyqNypqWbZlo= - dependencies: - resolve-from "^3.0.0" - resolve-cwd@^3.0.0: version "3.0.0" resolved "https://registry.yarnpkg.com/resolve-cwd/-/resolve-cwd-3.0.0.tgz#0f0075f1bb2544766cf73ba6a6e2adfebcb13f2d" @@ -8699,11 +8302,6 @@ resolve-cwd@^3.0.0: dependencies: resolve-from "^5.0.0" -resolve-from@^3.0.0: - version "3.0.0" - resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-3.0.0.tgz#b22c7af7d9d6881bc8b6e653335eebcb0a188748" - integrity sha1-six699nWiBvItuZTM17rywoYh0g= - resolve-from@^4.0.0: version "4.0.0" resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-4.0.0.tgz#4abcd852ad32dd7baabfe9b40e00a36db5f392e6" @@ -8727,12 +8325,12 @@ resolve@^1.1.6, resolve@^1.10.0, resolve@^1.10.1, resolve@^1.11.1, resolve@^1.13 is-core-module "^2.2.0" path-parse "^1.0.6" -restore-cursor@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/restore-cursor/-/restore-cursor-2.0.0.tgz#9f7ee287f82fd326d4fd162923d62129eee0dfaf" - integrity sha1-n37ih/gv0ybU/RYpI9YhKe7g368= +restore-cursor@^3.1.0: + version "3.1.0" + resolved "https://registry.yarnpkg.com/restore-cursor/-/restore-cursor-3.1.0.tgz#39f67c54b3a7a58cea5236d95cf0034239631f7e" + integrity sha512-l+sSefzHpj5qimhFSE5a8nufZYAM3sBSVMAPtYkmC+4EH2anSGaEMXSD0izRQbu9nfyQ9y5JrVmp7E8oZrUjvA== dependencies: - onetime "^2.0.0" + onetime "^5.1.0" signal-exit "^3.0.2" ret@~0.1.10: @@ -8740,10 +8338,10 @@ ret@~0.1.10: resolved "https://registry.yarnpkg.com/ret/-/ret-0.1.15.tgz#b8a4825d5bdb1fc3f6f53c2bc33f81388681c7bc" integrity sha512-TTlYpa+OL+vMMNG24xSlQGEJ3B/RzEfUlLct7b5G/ytav+wPrplCpVMFuwzXbkecJrb6IYo1iFb0S9v37754mg== -retry@^0.10.0: - version "0.10.1" - resolved "https://registry.yarnpkg.com/retry/-/retry-0.10.1.tgz#e76388d217992c252750241d3d3956fed98d8ff4" - integrity sha1-52OI0heZLCUnUCQdPTlW/tmNj/Q= +retry@^0.12.0: + version "0.12.0" + resolved "https://registry.yarnpkg.com/retry/-/retry-0.12.0.tgz#1b42a6266a21f07421d1b0b54b7dc167b01c013b" + integrity sha1-G0KmJmoh8HQh0bC1S33BZ7AcATs= reusify@^1.0.4: version "1.0.4" @@ -8755,7 +8353,7 @@ rfdc@^1.1.4: resolved "https://registry.yarnpkg.com/rfdc/-/rfdc-1.3.0.tgz#d0b7c441ab2720d05dc4cf26e01c89631d9da08b" integrity sha512-V2hovdzFbOi77/WajaSMXk2OLm+xNIeQdMMuB7icj7bk6zi2F8GGAxigcnDFpJHbNyNcgyJDiP+8nOrY5cZGrA== -rimraf@^2.5.4, rimraf@^2.6.2, rimraf@^2.6.3: +rimraf@^2.6.2, rimraf@^2.6.3: version "2.7.1" resolved "https://registry.yarnpkg.com/rimraf/-/rimraf-2.7.1.tgz#35797f13a7fdadc566142c29d4f07ccad483e3ec" integrity sha512-uWjbaKIK3T1OSVptzX7Nl6PvQ3qAGtKEtVRjRuazjfL3Bx5eI409VZSqgND+4UNnmzLVdPj9FqFJNPqBZFve4w== @@ -8774,7 +8372,7 @@ rsvp@^4.8.4: resolved "https://registry.yarnpkg.com/rsvp/-/rsvp-4.8.5.tgz#c8f155311d167f68f21e168df71ec5b083113734" integrity sha512-nfMOlASu9OnRJo1mbEk2cz0D56a1MBNrJ7orjRZQG10XDyuvwksKbuXNp6qa+kbn839HwjwhBzhFmdsaEAfauA== -run-async@^2.2.0: +run-async@^2.4.0: version "2.4.1" resolved "https://registry.yarnpkg.com/run-async/-/run-async-2.4.1.tgz#8440eccf99ea3e70bd409d49aab88e10c189a455" integrity sha512-tvVnVv01b8c1RrA6Ep7JkStj85Guv/YrMcwqYQnwjsAS2cTmmPGBBjAjpCW7RrSodNSoE2/qg9O4bceNvUuDgQ== @@ -8786,21 +8384,14 @@ run-parallel@^1.1.9: dependencies: queue-microtask "^1.2.2" -run-queue@^1.0.0, run-queue@^1.0.3: - version "1.0.3" - resolved "https://registry.yarnpkg.com/run-queue/-/run-queue-1.0.3.tgz#e848396f057d223f24386924618e25694161ec47" - integrity sha1-6Eg5bwV9Ij8kOGkkYY4laUFh7Ec= - dependencies: - aproba "^1.1.1" - -rxjs@^6.4.0: +rxjs@^6.6.0: version "6.6.6" resolved "https://registry.yarnpkg.com/rxjs/-/rxjs-6.6.6.tgz#14d8417aa5a07c5e633995b525e1e3c0dec03b70" integrity sha512-/oTwee4N4iWzAMAL9xdGKjkEHmIwupR3oXbQjCKywF1BeFohswF3vZdogbmEF6pZkOsXTzWkrZszrWpQTByYVg== dependencies: tslib "^1.9.0" -safe-buffer@^5.0.1, safe-buffer@^5.1.1, safe-buffer@^5.1.2, safe-buffer@^5.2.0, safe-buffer@~5.2.0: +safe-buffer@^5.0.1, safe-buffer@^5.1.2, safe-buffer@~5.2.0: version "5.2.1" resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.2.1.tgz#1eaf9fa9bdb1fdd4ec75f58f9cdb4e6b7827eec6" integrity sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ== @@ -8847,7 +8438,7 @@ sax@>=0.6.0, sax@^1.2.4: resolved "https://registry.yarnpkg.com/sax/-/sax-1.2.4.tgz#2816234e2378bddc4e5354fab5caa895df7100d9" integrity sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw== -saxes@^5.0.1: +saxes@^5.0.0: version "5.0.1" resolved "https://registry.yarnpkg.com/saxes/-/saxes-5.0.1.tgz#eebab953fa3b7608dbe94e5dadb15c888fa6696d" integrity sha512-5LBh1Tls8c9xgGjw3QrMwETmTMVk0oFgvrFSvWx62llR2hcEInrKNZ2GZCCuuy2lvWrdl5jhbpeqc5hRYKFOcw== @@ -8861,19 +8452,19 @@ semver-intersect@^1.4.0: dependencies: semver "^5.0.0" -"semver@2 || 3 || 4 || 5", "semver@2.x || 3.x || 4 || 5", semver@^5.0.0, semver@^5.4.1, semver@^5.5.0, semver@^5.5.1, semver@^5.6.0, semver@^5.7.0, semver@^5.7.1: +"semver@2 || 3 || 4 || 5", semver@^5.0.0, semver@^5.5.0, semver@^5.6.0, semver@^5.7.1: version "5.7.1" resolved "https://registry.yarnpkg.com/semver/-/semver-5.7.1.tgz#a954f931aeba508d307bbf069eff0c01c96116f7" integrity sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ== -semver@7.x, semver@^7.1.1, semver@^7.2.1, semver@^7.3.2, semver@^7.3.4: +semver@7.x, semver@^7.1.1, semver@^7.1.3, semver@^7.2.1, semver@^7.3.2, semver@^7.3.4: version "7.3.4" resolved "https://registry.yarnpkg.com/semver/-/semver-7.3.4.tgz#27aaa7d2e4ca76452f98d3add093a72c943edc97" integrity sha512-tCfb2WLjqFAtXn4KEdxIhalnRtoKFN7nAwj0B3ZXCbQloV2tq5eDbcTmT68JJD3nRJq24/XgxtQKFIpQdtvmVw== dependencies: lru-cache "^6.0.0" -semver@^6.0.0, semver@^6.1.0, semver@^6.1.1, semver@^6.2.0, semver@^6.3.0: +semver@^6.0.0, semver@^6.1.0, semver@^6.1.1, semver@^6.3.0: version "6.3.0" resolved "https://registry.yarnpkg.com/semver/-/semver-6.3.0.tgz#ee0a64c8af5e8ceea67687b133761e1becbd1d3d" integrity sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw== @@ -8957,7 +8548,7 @@ side-channel@^1.0.3: get-intrinsic "^1.0.2" object-inspect "^1.9.0" -signal-exit@^3.0.0, signal-exit@^3.0.2: +signal-exit@^3.0.0, signal-exit@^3.0.2, signal-exit@^3.0.3: version "3.0.3" resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.3.tgz#a1410c2edd8f077b08b4e253c8eacfcaf057461c" integrity sha512-VUJ49FC8U1OxwZLxIbTTrDvLnf/6TDgxZcK8wxR8zs13xpx7xbG60ndBlhNrFi2EMuFRoeDoJO7wthSLq42EjA== @@ -8979,11 +8570,6 @@ sisteransi@^1.0.5: resolved "https://registry.yarnpkg.com/sisteransi/-/sisteransi-1.0.5.tgz#134d681297756437cc05ca01370d3a7a571075ed" integrity sha512-bLGGlR1QxBcynn2d5YmDX4MGjlZvy2MRBDRNHLJ8VI6l6+9FUiyTFNJ0IveOSP0bcXgVDPRcfGqA0pjaqUpfVg== -slash@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/slash/-/slash-2.0.0.tgz#de552851a1759df3a8f206535442f5ec4ddeab44" - integrity sha512-ZYKh3Wh2z1PpEXWr0MpSBZ0V6mZHAQfYevttO11c51CaWjGTaadiKZ+wVt1PbMlDV5qhMFslpZCemhwOK7C89A== - slash@^3.0.0: version "3.0.0" resolved "https://registry.yarnpkg.com/slash/-/slash-3.0.0.tgz#6539be870c165adbd5240220dbe361f1bc4d4634" @@ -9047,14 +8633,6 @@ socks-proxy-agent@5, socks-proxy-agent@^5.0.0: debug "4" socks "^2.3.3" -socks-proxy-agent@^4.0.0: - version "4.0.2" - resolved "https://registry.yarnpkg.com/socks-proxy-agent/-/socks-proxy-agent-4.0.2.tgz#3c8991f3145b2799e70e11bd5fbc8b1963116386" - integrity sha512-NT6syHhI9LmuEMSK6Kd2V7gNv5KFZoLE7V5udWmn0de+3Mkj3UMA/AJPLyeNUVmElCurSHtUdM3ETpR3z770Wg== - dependencies: - agent-base "~4.2.1" - socks "~2.3.2" - socks@^2.3.3: version "2.6.0" resolved "https://registry.yarnpkg.com/socks/-/socks-2.6.0.tgz#6b984928461d39871b3666754b9000ecf39dfac2" @@ -9063,14 +8641,6 @@ socks@^2.3.3: ip "^1.1.5" smart-buffer "^4.1.0" -socks@~2.3.2: - version "2.3.3" - resolved "https://registry.yarnpkg.com/socks/-/socks-2.3.3.tgz#01129f0a5d534d2b897712ed8aceab7ee65d78e3" - integrity sha512-o5t52PCNtVdiOvzMry7wU4aOqYWL0PeCXRWBEiJow4/i/wr+wpsJQ9awEu1EonLIqsfGd5qSgDdxEOvCdmBEpA== - dependencies: - ip "1.1.5" - smart-buffer "^4.1.0" - sort-json@^2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/sort-json/-/sort-json-2.0.0.tgz#a7030d8875adbd4a5ea39a000567ed94c1aa3c50" @@ -9087,6 +8657,13 @@ sort-keys@^2.0.0: dependencies: is-plain-obj "^1.0.0" +sort-keys@^4.0.0: + version "4.2.0" + resolved "https://registry.yarnpkg.com/sort-keys/-/sort-keys-4.2.0.tgz#6b7638cee42c506fff8c1cecde7376d21315be18" + integrity sha512-aUYIEU/UviqPgc8mHR6IW1EGxkAXpeRETYcrzg8cLAvUPZcpAlleSXHV2mY7G12GphSH6Gzv+4MMVSSkbdteHg== + dependencies: + is-plain-obj "^2.0.0" + source-map-resolve@^0.5.0: version "0.5.3" resolved "https://registry.yarnpkg.com/source-map-resolve/-/source-map-resolve-0.5.3.tgz#190866bece7553e1f8f267a2ee82c606b5509a1a" @@ -9193,13 +8770,6 @@ split-string@^3.0.1, split-string@^3.0.2: dependencies: extend-shallow "^3.0.0" -split2@^2.0.0: - version "2.2.0" - resolved "https://registry.yarnpkg.com/split2/-/split2-2.2.0.tgz#186b2575bcf83e85b7d18465756238ee4ee42493" - integrity sha512-RAb22TG39LhI31MbreBgIuKiIKhVsawfTgEGqKHTK87aG+ul/PB8Sqoi3I7kVdRWiCfrKxK3uo4/YUkpNvhPbw== - dependencies: - through2 "^2.0.2" - split2@^3.0.0: version "3.2.2" resolved "https://registry.yarnpkg.com/split2/-/split2-3.2.2.tgz#bf2cf2a37d838312c249c89206fd7a17dd12365f" @@ -9234,12 +8804,12 @@ sshpk@^1.7.0: safer-buffer "^2.0.2" tweetnacl "~0.14.0" -ssri@^6.0.0, ssri@^6.0.1: - version "6.0.1" - resolved "https://registry.yarnpkg.com/ssri/-/ssri-6.0.1.tgz#2a3c41b28dd45b62b63676ecb74001265ae9edd8" - integrity sha512-3Wge10hNcT1Kur4PDFwEieXSCMCJs/7WvSACcrMYrNp+b8kDL1/0wJch5Ni2WrtwEa2IO8OsVfeKIciKCDx/QA== +ssri@^8.0.0, ssri@^8.0.1: + version "8.0.1" + resolved "https://registry.yarnpkg.com/ssri/-/ssri-8.0.1.tgz#638e4e439e2ffbd2cd289776d5ca457c4f51a2af" + integrity sha512-97qShzy1AiyxvPNIkLWoGua7xoQzzPjQ0HAH4B0rWKo7SZ6USuPcrUiAFrws0UH8RrbWmgq3LMTObhPIHbbBeQ== dependencies: - figgy-pudding "^3.5.1" + minipass "^3.1.1" stack-utils@^1.0.2: version "1.0.4" @@ -9294,19 +8864,6 @@ stealthy-require@^1.1.1: resolved "https://registry.yarnpkg.com/stealthy-require/-/stealthy-require-1.1.1.tgz#35b09875b4ff49f26a777e509b3090a3226bf24b" integrity sha1-NbCYdbT/SfJqd35QmzCQoyJr8ks= -stream-each@^1.1.0: - version "1.2.3" - resolved "https://registry.yarnpkg.com/stream-each/-/stream-each-1.2.3.tgz#ebe27a0c389b04fbcc233642952e10731afa9bae" - integrity sha512-vlMC2f8I2u/bZGqkdfLQW/13Zihpej/7PmSiMQsbYddxuTsJp8vRe2x2FvVExZg7FaOds43ROAuFJwPR4MTZLw== - dependencies: - end-of-stream "^1.1.0" - stream-shift "^1.0.0" - -stream-shift@^1.0.0: - version "1.0.1" - resolved "https://registry.yarnpkg.com/stream-shift/-/stream-shift-1.0.1.tgz#d7088281559ab2778424279b0877da3c392d5a3d" - integrity sha512-AiisoFqQ0vbGcZgQPY1cdP2I76glaVA/RauYR4G4thNFgkTqr90yXTo4LYX60Jl+sIlPNHHdGSwo01AvbKUSVQ== - streamroller@^2.2.4: version "2.2.4" resolved "https://registry.yarnpkg.com/streamroller/-/streamroller-2.2.4.tgz#c198ced42db94086a6193608187ce80a5f2b0e53" @@ -9347,7 +8904,7 @@ string-width@^1.0.1: is-fullwidth-code-point "^1.0.0" strip-ansi "^3.0.0" -"string-width@^1.0.2 || 2", string-width@^2.1.0: +"string-width@^1.0.2 || 2": version "2.1.1" resolved "https://registry.yarnpkg.com/string-width/-/string-width-2.1.1.tgz#ab93f27a8dc13d28cac815c462143a6d9012ae9e" integrity sha512-nOqH59deCq9SRHlxq1Aw85Jnt4w6KvLKqWVik6oA9ZklXLNIOlqg4F2yrT1MVaTjAqvVwdfeZ7w7aCvJD7ugkw== @@ -9471,11 +9028,6 @@ strip-indent@^1.0.1: dependencies: get-stdin "^4.0.1" -strip-indent@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/strip-indent/-/strip-indent-2.0.0.tgz#5ef8db295d01e6ed6cbf7aab96998d7822527b68" - integrity sha1-XvjbKV0B5u1sv3qrlpmNeCJSe2g= - strip-indent@^3.0.0: version "3.0.0" resolved "https://registry.yarnpkg.com/strip-indent/-/strip-indent-3.0.0.tgz#c32e1cee940b6b3432c771bc2c54bcce73cd3001" @@ -9493,7 +9045,7 @@ strip-json-comments@~2.0.1: resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-2.0.1.tgz#3c531942e908c2697c0ec344858c286c7ca0a60a" integrity sha1-PFMZQukIwml8DsNEhYwobHygpgo= -strong-log-transformer@^2.0.0: +strong-log-transformer@^2.1.0: version "2.1.0" resolved "https://registry.yarnpkg.com/strong-log-transformer/-/strong-log-transformer-2.1.0.tgz#0f5ed78d325e0421ac6f90f7f10e691d6ae3ae10" integrity sha512-B3Hgul+z0L9a236FAUC9iZsL+nVHgoCJnqCbN588DjYxvGXaXaaFbfmQ/JhvKjZwsOukuR72XbHv71Qkug0HxA== @@ -9636,7 +9188,7 @@ tar-stream@^2.2.0: inherits "^2.0.3" readable-stream "^3.1.1" -tar@^4.4.10, tar@^4.4.12, tar@^4.4.8: +tar@^4.4.12: version "4.4.13" resolved "https://registry.yarnpkg.com/tar/-/tar-4.4.13.tgz#43b364bc52888d555298637b10d60790254ab525" integrity sha512-w2VwSrBoHa5BsSyH+KxEqeQBAllHhccyMFVHtGtdMpF4W7IRWfZjFiQceJPChOeTsSDVUpER2T8FA93pr0L+QA== @@ -9649,6 +9201,18 @@ tar@^4.4.10, tar@^4.4.12, tar@^4.4.8: safe-buffer "^5.1.2" yallist "^3.0.3" +tar@^6.0.2, tar@^6.1.0: + version "6.1.0" + resolved "https://registry.yarnpkg.com/tar/-/tar-6.1.0.tgz#d1724e9bcc04b977b18d5c573b333a2207229a83" + integrity sha512-DUCttfhsnLCjwoDoFcI+B2iJgYa93vBnDUATYEeRx6sntCTdN01VnqsIuTlALXla/LWooNg0yEGeB+Y8WdFxGA== + dependencies: + chownr "^2.0.0" + fs-minipass "^2.0.0" + minipass "^3.0.0" + minizlib "^2.1.1" + mkdirp "^1.0.3" + yallist "^4.0.0" + temp-dir@^1.0.0: version "1.0.0" resolved "https://registry.yarnpkg.com/temp-dir/-/temp-dir-1.0.0.tgz#0a7c0ea26d3a39afa7e0ebea9c1fc0bc4daa011d" @@ -9659,17 +9223,16 @@ temp-dir@^2.0.0: resolved "https://registry.yarnpkg.com/temp-dir/-/temp-dir-2.0.0.tgz#bde92b05bdfeb1516e804c9c00ad45177f31321e" integrity sha512-aoBAniQmmwtcKp/7BzsH8Cxzv8OL736p7v1ihGb5e9DJ9kTwGWHrQrVB5+lfVDzfGrdRzXch+ig7LHaY1JTOrg== -temp-write@^3.4.0: - version "3.4.0" - resolved "https://registry.yarnpkg.com/temp-write/-/temp-write-3.4.0.tgz#8cff630fb7e9da05f047c74ce4ce4d685457d492" - integrity sha1-jP9jD7fp2gXwR8dM5M5NaFRX1JI= +temp-write@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/temp-write/-/temp-write-4.0.0.tgz#cd2e0825fc826ae72d201dc26eef3bf7e6fc9320" + integrity sha512-HIeWmj77uOOHb0QX7siN3OtwV3CTntquin6TNVg6SHOqCP3hYKmox90eeFOGaY1MqJ9WYDDjkyZrW6qS5AWpbw== dependencies: - graceful-fs "^4.1.2" - is-stream "^1.1.0" - make-dir "^1.0.0" - pify "^3.0.0" + graceful-fs "^4.1.15" + is-stream "^2.0.0" + make-dir "^3.0.0" temp-dir "^1.0.0" - uuid "^3.0.1" + uuid "^3.3.2" tempfile@^3.0.0: version "3.0.0" @@ -9716,26 +9279,12 @@ text-table@^0.2.0: resolved "https://registry.yarnpkg.com/text-table/-/text-table-0.2.0.tgz#7f5ee823ae805207c00af2df4a84ec3fcfa570b4" integrity sha1-f17oI66AUgfACvLfSoTsP8+lcLQ= -thenify-all@^1.0.0: - version "1.6.0" - resolved "https://registry.yarnpkg.com/thenify-all/-/thenify-all-1.6.0.tgz#1a1918d402d8fc3f98fbf234db0bcc8cc10e9726" - integrity sha1-GhkY1ALY/D+Y+/I02wvMjMEOlyY= - dependencies: - thenify ">= 3.1.0 < 4" - -"thenify@>= 3.1.0 < 4": - version "3.3.1" - resolved "https://registry.yarnpkg.com/thenify/-/thenify-3.3.1.tgz#8932e686a4066038a016dd9e2ca46add9838a95f" - integrity sha512-RVZSIV5IG10Hk3enotrhvz0T9em6cyHBLkH/YAZuKqd8hRkKhSfCGIcP2KUY0EPxndzANBmNllzWPwak+bheSw== - dependencies: - any-promise "^1.0.0" - throat@^5.0.0: version "5.0.0" resolved "https://registry.yarnpkg.com/throat/-/throat-5.0.0.tgz#c5199235803aad18754a667d659b5e72ce16764b" integrity sha512-fcwX4mndzpLQKBS1DVYhGAcYaYt7vsHNIvQV+WXMvnow5cgjPphq5CaayLaGsjRdSCKZFNGt7/GYAuXaNOiYCA== -through2@^2.0.0, through2@^2.0.2: +through2@^2.0.0: version "2.0.5" resolved "https://registry.yarnpkg.com/through2/-/through2-2.0.5.tgz#01c1e39eb31d07cb7d03a96a70823260b23132cd" integrity sha512-/mrRod8xqpA+IHSLyGCQ2s8SPHiCDEeQJSep1jqLYeEUClOFG2Qsh+4FU6G9VeqpZnGW/Su8LQGc4YKni5rYSQ== @@ -9743,14 +9292,6 @@ through2@^2.0.0, through2@^2.0.2: readable-stream "~2.3.6" xtend "~4.0.1" -through2@^3.0.0: - version "3.0.2" - resolved "https://registry.yarnpkg.com/through2/-/through2-3.0.2.tgz#99f88931cfc761ec7678b41d5d7336b5b6a07bf4" - integrity sha512-enaDQ4MUyP2W6ZyT6EsMzqBPZaM/avg8iuo+l2d3QCs0J+6RaqkHV/2/lOwDTueBHeJ/2LG9lrLW3d5rWPucuQ== - dependencies: - inherits "^2.0.4" - readable-stream "2 || 3" - through2@^4.0.0: version "4.0.2" resolved "https://registry.yarnpkg.com/through2/-/through2-4.0.2.tgz#a7ce3ac2a7a8b0b966c80e7c49f0484c3b239764" @@ -9830,21 +9371,14 @@ tough-cookie@^2.3.3, tough-cookie@~2.5.0: psl "^1.1.28" punycode "^2.1.1" -tough-cookie@^4.0.0: - version "4.0.0" - resolved "https://registry.yarnpkg.com/tough-cookie/-/tough-cookie-4.0.0.tgz#d822234eeca882f991f0f908824ad2622ddbece4" - integrity sha512-tHdtEpQCMrc1YLrMaqXXcj6AxhYi/xgit6mZu1+EDWUn+qhUf8wMQoFIy9NXuq23zAwtcB0t/MjACGR18pcRbg== +tough-cookie@^3.0.1: + version "3.0.1" + resolved "https://registry.yarnpkg.com/tough-cookie/-/tough-cookie-3.0.1.tgz#9df4f57e739c26930a018184887f4adb7dca73b2" + integrity sha512-yQyJ0u4pZsv9D4clxO69OEjLWYw+jbgspjTue4lTQZLfV0c5l1VmK2y1JK8E9ahdpltPOaAThPcp5nKPUgSnsg== dependencies: - psl "^1.1.33" + ip-regex "^2.1.0" + psl "^1.1.28" punycode "^2.1.1" - universalify "^0.1.2" - -tr46@^1.0.1: - version "1.0.1" - resolved "https://registry.yarnpkg.com/tr46/-/tr46-1.0.1.tgz#a8b13fd6bfd2489519674ccde55ba3693b706d09" - integrity sha1-qLE/1r/SSJUZZ0zN5VujaTtwbQk= - dependencies: - punycode "^2.1.0" tr46@^2.0.2: version "2.0.2" @@ -9863,11 +9397,6 @@ trim-newlines@^1.0.0: resolved "https://registry.yarnpkg.com/trim-newlines/-/trim-newlines-1.0.0.tgz#5887966bb582a4503a41eb524f7d35011815a613" integrity sha1-WIeWa7WCpFA6QetST301ARgVphM= -trim-newlines@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/trim-newlines/-/trim-newlines-2.0.0.tgz#b403d0b91be50c331dfc4b82eeceb22c3de16d20" - integrity sha1-tAPQuRvlDDMd/EuC7s6yLD3hbSA= - trim-newlines@^3.0.0: version "3.0.0" resolved "https://registry.yarnpkg.com/trim-newlines/-/trim-newlines-3.0.0.tgz#79726304a6a898aa8373427298d54c2ee8b1cb30" @@ -10005,10 +9534,10 @@ type-fest@^0.20.2: resolved "https://registry.yarnpkg.com/type-fest/-/type-fest-0.20.2.tgz#1bf207f4b28f91583666cb5fbd327887301cd5f4" integrity sha512-Ne+eE4r0/iWnpAxD852z3A+N0Bt5RN//NjJwRd2VFHEmrywxf5vsZlh4R6lixl6B+wz/8d+maTSAkN1FIkI3LQ== -type-fest@^0.3.0: - version "0.3.1" - resolved "https://registry.yarnpkg.com/type-fest/-/type-fest-0.3.1.tgz#63d00d204e059474fe5e1b7c011112bbd1dc29e1" - integrity sha512-cUGJnCdr4STbePCgqNFbpVNCepa+kAVohJs1sLhxzdH+gnEoOd8VhbYa7pD3zZYGiURWM2xzEII3fQcRizDkYQ== +type-fest@^0.4.1: + version "0.4.1" + resolved "https://registry.yarnpkg.com/type-fest/-/type-fest-0.4.1.tgz#8bdf77743385d8a4f13ba95f610f5ccd68c728f8" + integrity sha512-IwzA/LSfD2vC1/YDYMv/zHP4rDF1usCwllsDpbolT3D4fUepIO7f9K70jjmUewU/LmGUKJcwcVtDCpnKk4BPMw== type-fest@^0.6.0: version "0.6.0" @@ -10122,19 +9651,12 @@ unique-slug@^2.0.0: dependencies: imurmurhash "^0.1.4" -universal-user-agent@^4.0.0: - version "4.0.1" - resolved "https://registry.yarnpkg.com/universal-user-agent/-/universal-user-agent-4.0.1.tgz#fd8d6cb773a679a709e967ef8288a31fcc03e557" - integrity sha512-LnST3ebHwVL2aNe4mejI9IQh2HfZ1RLo8Io2HugSif8ekzD1TlWpHpColOB/eh8JHMLkGH3Akqf040I+4ylNxg== - dependencies: - os-name "^3.1.0" - universal-user-agent@^6.0.0: version "6.0.0" resolved "https://registry.yarnpkg.com/universal-user-agent/-/universal-user-agent-6.0.0.tgz#3381f8503b251c0d9cd21bc1de939ec9df5480ee" integrity sha512-isyNax3wXoKaulPDZWHQqbmIx1k2tb9fb3GGDBRxCscfYV2Ch7WxPArBsFEG8s/safwXTT7H4QGhaIkTp9447w== -universalify@^0.1.0, universalify@^0.1.2: +universalify@^0.1.0: version "0.1.2" resolved "https://registry.yarnpkg.com/universalify/-/universalify-0.1.2.tgz#b646f69be3942dabcecc9d6639c80dc105efaa66" integrity sha512-rBJeI5CXAlmy1pV+617WB9J63U6XcazHHF2f2dbJix4XzpUF0RS3Zbj0FGIOCAva5P/d/GBOYaACQ1w+0azUkg== @@ -10157,10 +9679,10 @@ unset-value@^1.0.0: has-value "^0.3.1" isobject "^3.0.0" -upath@^1.2.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/upath/-/upath-1.2.0.tgz#8f66dbcd55a883acdae4408af8b035a5044c1894" - integrity sha512-aZwGpamFO61g3OlfT7OQCHqhGnW43ieH9WZeP7QxN/G/jS4jfqUkZxoryvJgVPEcrl5NL/ggHsSmLMHuH64Lhg== +upath@^2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/upath/-/upath-2.0.1.tgz#50c73dea68d6f6b990f51d279ce6081665d61a8b" + integrity sha512-1uEe95xksV1O0CYKXo8vQvN1JEbtJp7lb7C5U9HMsIp6IVwntkH/oNUzyVNQSd4S1sYk2FpSSW44FqMc8qee5w== uri-js@^4.2.2: version "4.4.1" @@ -10209,7 +9731,7 @@ uuid@3.3.2: resolved "https://registry.yarnpkg.com/uuid/-/uuid-3.3.2.tgz#1b4af4955eb3077c501c23872fc6513811587131" integrity sha512-yXJmeNaw3DnnKAOKJE51sL/ZaYfWJRl1pK9dr19YFCu0ObS231AB1/LbqTKRAQ5kw8A90rA6fr4riOUpTZvQZA== -uuid@^3.0.1, uuid@^3.3.2, uuid@^3.3.3: +uuid@^3.3.2, uuid@^3.3.3: version "3.4.0" resolved "https://registry.yarnpkg.com/uuid/-/uuid-3.4.0.tgz#b23e4358afa8a202fe7a100af1f5f883f02007ee" integrity sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A== @@ -10233,7 +9755,7 @@ v8-to-istanbul@^7.0.0: convert-source-map "^1.6.0" source-map "^0.7.3" -validate-npm-package-license@^3.0.1, validate-npm-package-license@^3.0.3: +validate-npm-package-license@^3.0.1, validate-npm-package-license@^3.0.4: version "3.0.4" resolved "https://registry.yarnpkg.com/validate-npm-package-license/-/validate-npm-package-license-3.0.4.tgz#fc91f6b9c7ba15c857f4cb2c5defeec39d4f410a" integrity sha512-DpKm2Ui/xN7/HQKCtpZxoRWBhZ9Z0kqtygG8XCgNQ8ZlDnxuQmWhj566j8fN4Cu3/JmbhsDo7fcAJq4s9h27Ew== @@ -10290,11 +9812,6 @@ wcwidth@^1.0.0: dependencies: defaults "^1.0.3" -webidl-conversions@^4.0.2: - version "4.0.2" - resolved "https://registry.yarnpkg.com/webidl-conversions/-/webidl-conversions-4.0.2.tgz#a855980b1f0b6b359ba1d5d9fb39ae941faa63ad" - integrity sha512-YQ+BmxuTgd6UXZW3+ICGfyqRyHXVlD5GtQr5+qjiNW7bF0cqrzX500HVXPBOvgXb5YnzDd+h0zqyv61KUD7+Sg== - webidl-conversions@^5.0.0: version "5.0.0" resolved "https://registry.yarnpkg.com/webidl-conversions/-/webidl-conversions-5.0.0.tgz#ae59c8a00b121543a2acc65c0434f57b0fc11aff" @@ -10317,16 +9834,7 @@ whatwg-mimetype@^2.3.0: resolved "https://registry.yarnpkg.com/whatwg-mimetype/-/whatwg-mimetype-2.3.0.tgz#3d4b1e0312d2079879f826aff18dbeeca5960fbf" integrity sha512-M4yMwr6mAnQz76TbJm914+gPpB/nCwvZbJU28cUD6dR004SAxDLOOSUaB1JDRqLtaOV/vi0IC5lEAGFgrjGv/g== -whatwg-url@^7.0.0: - version "7.1.0" - resolved "https://registry.yarnpkg.com/whatwg-url/-/whatwg-url-7.1.0.tgz#c2c492f1eca612988efd3d2266be1b9fc6170d06" - integrity sha512-WUu7Rg1DroM7oQvGWfOiAK21n74Gg+T4elXEQYkOhtyLeWiJFoOGLXPKI/9gzIie9CtwVLm8wtw6YJdKyxSjeg== - dependencies: - lodash.sortby "^4.7.0" - tr46 "^1.0.1" - webidl-conversions "^4.0.2" - -whatwg-url@^8.0.0: +whatwg-url@^8.0.0, whatwg-url@^8.4.0: version "8.4.0" resolved "https://registry.yarnpkg.com/whatwg-url/-/whatwg-url-8.4.0.tgz#50fb9615b05469591d2b2bd6dfaed2942ed72837" integrity sha512-vwTUFf6V4zhcPkWp/4CQPr1TW9Ml6SF4lVyaIMBdJw5i6qUUJ1QWM4Z6YYVkfka0OUIzVo/0aNtGVGk256IKWw== @@ -10395,13 +9903,6 @@ wide-align@^1.1.0: dependencies: string-width "^1.0.2 || 2" -windows-release@^3.1.0: - version "3.3.3" - resolved "https://registry.yarnpkg.com/windows-release/-/windows-release-3.3.3.tgz#1c10027c7225743eec6b89df160d64c2e0293999" - integrity sha512-OSOGH1QYiW5yVor9TtmXKQvt2vjQqbYS+DqmsZw+r7xDwLXEeT3JGW0ZppFmHx4diyXmxt238KFR3N9jzevBRg== - dependencies: - execa "^1.0.0" - word-wrap@^1.2.3, word-wrap@~1.2.3: version "1.2.3" resolved "https://registry.yarnpkg.com/word-wrap/-/word-wrap-1.2.3.tgz#610636f6b1f703891bd34771ccb17fb93b47079c" @@ -10444,7 +9945,7 @@ wrappy@1: resolved "https://registry.yarnpkg.com/wrappy/-/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f" integrity sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8= -write-file-atomic@^2.0.0, write-file-atomic@^2.3.0, write-file-atomic@^2.4.2: +write-file-atomic@^2.4.2: version "2.4.3" resolved "https://registry.yarnpkg.com/write-file-atomic/-/write-file-atomic-2.4.3.tgz#1fd2e9ae1df3e75b8d8c367443c692d4ca81f481" integrity sha512-GaETH5wwsX+GcnzhPgKcKjJ6M2Cq3/iZp1WyY/X1CSqrW+jVNM9Y7D8EC2sM4ZG/V8wZlSniJnCKWPmBYAucRQ== @@ -10453,7 +9954,7 @@ write-file-atomic@^2.0.0, write-file-atomic@^2.3.0, write-file-atomic@^2.4.2: imurmurhash "^0.1.4" signal-exit "^3.0.2" -write-file-atomic@^3.0.0: +write-file-atomic@^3.0.0, write-file-atomic@^3.0.3: version "3.0.3" resolved "https://registry.yarnpkg.com/write-file-atomic/-/write-file-atomic-3.0.3.tgz#56bd5c5a5c70481cd19c571bd39ab965a5de56e8" integrity sha512-AvHcyZ5JnSfq3ioSyjrBkH9yW4m7Ayk8/9My/DD9onKeu/94fwrMocemO2QAJFAlnnDN+ZDS+ZjAR5ua1/PV/Q== @@ -10463,18 +9964,6 @@ write-file-atomic@^3.0.0: signal-exit "^3.0.2" typedarray-to-buffer "^3.1.5" -write-json-file@^2.2.0: - version "2.3.0" - resolved "https://registry.yarnpkg.com/write-json-file/-/write-json-file-2.3.0.tgz#2b64c8a33004d54b8698c76d585a77ceb61da32f" - integrity sha1-K2TIozAE1UuGmMdtWFp3zrYdoy8= - dependencies: - detect-indent "^5.0.0" - graceful-fs "^4.1.2" - make-dir "^1.0.0" - pify "^3.0.0" - sort-keys "^2.0.0" - write-file-atomic "^2.0.0" - write-json-file@^3.2.0: version "3.2.0" resolved "https://registry.yarnpkg.com/write-json-file/-/write-json-file-3.2.0.tgz#65bbdc9ecd8a1458e15952770ccbadfcff5fe62a" @@ -10487,15 +9976,28 @@ write-json-file@^3.2.0: sort-keys "^2.0.0" write-file-atomic "^2.4.2" -write-pkg@^3.1.0: - version "3.2.0" - resolved "https://registry.yarnpkg.com/write-pkg/-/write-pkg-3.2.0.tgz#0e178fe97820d389a8928bc79535dbe68c2cff21" - integrity sha512-tX2ifZ0YqEFOF1wjRW2Pk93NLsj02+n1UP5RvO6rCs0K6R2g1padvf006cY74PQJKMGS2r42NK7FD0dG6Y6paw== +write-json-file@^4.3.0: + version "4.3.0" + resolved "https://registry.yarnpkg.com/write-json-file/-/write-json-file-4.3.0.tgz#908493d6fd23225344af324016e4ca8f702dd12d" + integrity sha512-PxiShnxf0IlnQuMYOPPhPkhExoCQuTUNPOa/2JWCYTmBquU9njyyDuwRKN26IZBlp4yn1nt+Agh2HOOBl+55HQ== + dependencies: + detect-indent "^6.0.0" + graceful-fs "^4.1.15" + is-plain-obj "^2.0.0" + make-dir "^3.0.0" + sort-keys "^4.0.0" + write-file-atomic "^3.0.0" + +write-pkg@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/write-pkg/-/write-pkg-4.0.0.tgz#675cc04ef6c11faacbbc7771b24c0abbf2a20039" + integrity sha512-v2UQ+50TNf2rNHJ8NyWttfm/EJUBWMJcx6ZTYZr6Qp52uuegWw/lBkCtCbnYZEmPRNL61m+u67dAmGxo+HTULA== dependencies: sort-keys "^2.0.0" - write-json-file "^2.2.0" + type-fest "^0.4.1" + write-json-file "^3.2.0" -ws@^7.4.4: +ws@^7.2.3: version "7.4.4" resolved "https://registry.yarnpkg.com/ws/-/ws-7.4.4.tgz#383bc9742cb202292c9077ceab6f6047b17f2d59" integrity sha512-Qm8k8ojNQIMx7S+Zp8u/uHOx7Qazv3Yv4q68MiWWWOJhiwG5W3x7iqmRtJo8xxrciZUY4vRxUTJCKuRnF28ZZw== @@ -10580,7 +10082,7 @@ yallist@^4.0.0: resolved "https://registry.yarnpkg.com/yallist/-/yallist-4.0.0.tgz#9bb92790d9c0effec63be73519e11a35019a3a72" integrity sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A== -yaml@*, yaml@1.10.2, yaml@^1.5.0: +yaml@*, yaml@1.10.2, yaml@^1.10.0, yaml@^1.5.0: version "1.10.2" resolved "https://registry.yarnpkg.com/yaml/-/yaml-1.10.2.tgz#2301c5ffbf12b467de8da2333a459e29e7920e4b" integrity sha512-r3vXyErRCYJ7wg28yvBY5VSoAF8ZvlcW9/BwUzEtUsjvX/DKs24dIkuwjtuprwJJHsbyUbLApepYTR1BN4uHrg== @@ -10595,6 +10097,11 @@ yapool@^1.0.0: resolved "https://registry.yarnpkg.com/yapool/-/yapool-1.0.0.tgz#f693f29a315b50d9a9da2646a7a6645c96985b6a" integrity sha1-9pPymjFbUNmp2iZGp6ZkXJaYW2o= +yargs-parser@20.2.4: + version "20.2.4" + resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-20.2.4.tgz#b42890f14566796f85ae8e3a25290d205f154a54" + integrity sha512-WOkpgNhPTlE73h4VFAFsOnomJVaovO8VqLDzy5saChRBFQFBoMYirowyW+Q9HB4HFF4Z7VZTiG3iSzJJA29yRA== + yargs-parser@20.x, yargs-parser@^20.2.2, yargs-parser@^20.2.3: version "20.2.7" resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-20.2.7.tgz#61df85c113edfb5a7a4e36eb8aa60ef423cbc90a" @@ -10608,14 +10115,6 @@ yargs-parser@^13.0.0, yargs-parser@^13.1.2: camelcase "^5.0.0" decamelize "^1.2.0" -yargs-parser@^15.0.1: - version "15.0.1" - resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-15.0.1.tgz#54786af40b820dcb2fb8025b11b4d659d76323b3" - integrity sha512-0OAMV2mAZQrs3FkNpDQcBk1x5HXb8X4twADss4S0Iuk+2dGnLOE/fRHrsYm542GduMveyA77OF4wrNJuanRCWw== - dependencies: - camelcase "^5.0.0" - decamelize "^1.2.0" - yargs-parser@^18.1.2: version "18.1.3" resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-18.1.3.tgz#be68c4975c6b2abf469236b0c870362fab09a7b0" @@ -10640,23 +10139,6 @@ yargs@^13.2.2: y18n "^4.0.0" yargs-parser "^13.1.2" -yargs@^14.2.2: - version "14.2.3" - resolved "https://registry.yarnpkg.com/yargs/-/yargs-14.2.3.tgz#1a1c3edced1afb2a2fea33604bc6d1d8d688a414" - integrity sha512-ZbotRWhF+lkjijC/VhmOT9wSgyBQ7+zr13+YLkhfsSiTriYsMzkTUFP18pFhWwBeMa5gUc1MzbhrO6/VB7c9Xg== - dependencies: - cliui "^5.0.0" - decamelize "^1.2.0" - find-up "^3.0.0" - get-caller-file "^2.0.1" - require-directory "^2.1.1" - require-main-filename "^2.0.0" - set-blocking "^2.0.0" - string-width "^3.0.0" - which-module "^2.0.0" - y18n "^4.0.0" - yargs-parser "^15.0.1" - yargs@^15.0.2, yargs@^15.4.1: version "15.4.1" resolved "https://registry.yarnpkg.com/yargs/-/yargs-15.4.1.tgz#0d87a16de01aee9d8bec2bfbf74f67851730f4f8" From 9d228e4ba10ebf0d5a5bb05d3fc172be19bb3fd5 Mon Sep 17 00:00:00 2001 From: Benura Abeywardena <43112139+BLasan@users.noreply.github.com> Date: Mon, 22 Mar 2021 16:02:26 +0530 Subject: [PATCH 006/260] fix(codedeploy): DeploymentGroup's physical name not propagated to Application (#13582) fixes #13337 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../lib/server/deployment-group.ts | 4 +++- .../test/server/test.deployment-group.ts | 21 ++++++++++++++++++- 2 files changed, 23 insertions(+), 2 deletions(-) diff --git a/packages/@aws-cdk/aws-codedeploy/lib/server/deployment-group.ts b/packages/@aws-cdk/aws-codedeploy/lib/server/deployment-group.ts index ce93f699537c7..2babdecf478be 100644 --- a/packages/@aws-cdk/aws-codedeploy/lib/server/deployment-group.ts +++ b/packages/@aws-cdk/aws-codedeploy/lib/server/deployment-group.ts @@ -269,7 +269,9 @@ export class ServerDeploymentGroup extends ServerDeploymentGroupBase { physicalName: props.deploymentGroupName, }); - this.application = props.application || new ServerApplication(this, 'Application'); + this.application = props.application || new ServerApplication(this, 'Application', { + applicationName: props.deploymentGroupName === cdk.PhysicalName.GENERATE_IF_NEEDED ? cdk.PhysicalName.GENERATE_IF_NEEDED : undefined, + }); this.role = props.role || new iam.Role(this, 'Role', { assumedBy: new iam.ServicePrincipal('codedeploy.amazonaws.com'), diff --git a/packages/@aws-cdk/aws-codedeploy/test/server/test.deployment-group.ts b/packages/@aws-cdk/aws-codedeploy/test/server/test.deployment-group.ts index 8d2dbe44cd604..6aa102e97da11 100644 --- a/packages/@aws-cdk/aws-codedeploy/test/server/test.deployment-group.ts +++ b/packages/@aws-cdk/aws-codedeploy/test/server/test.deployment-group.ts @@ -1,4 +1,4 @@ -import { expect, haveResource, SynthUtils } from '@aws-cdk/assert'; +import { expect, haveOutput, haveResource, SynthUtils } from '@aws-cdk/assert'; import * as autoscaling from '@aws-cdk/aws-autoscaling'; import * as cloudwatch from '@aws-cdk/aws-cloudwatch'; import * as ec2 from '@aws-cdk/aws-ec2'; @@ -28,6 +28,25 @@ export = { test.done(); }, + 'creating an application with physical name if needed'(test: Test) { + const stack = new cdk.Stack(undefined, undefined, { env: { account: '12345', region: 'us-test-1' } }); + const stack2 = new cdk.Stack(undefined, undefined, { env: { account: '12346', region: 'us-test-2' } }); + const serverDeploymentGroup = new codedeploy.ServerDeploymentGroup(stack, 'MyDG', { + deploymentGroupName: cdk.PhysicalName.GENERATE_IF_NEEDED, + }); + + new cdk.CfnOutput(stack2, 'Output', { + value: serverDeploymentGroup.application.applicationName, + }); + + expect(stack2).to(haveOutput({ + outputName: 'Output', + outputValue: 'defaultmydgapplication78dba0bb0c7580b32033', + })); + + test.done(); + }, + 'can be imported'(test: Test) { const stack = new cdk.Stack(); From b9407102304f043adcd9a4fc1cde4d23d3da9004 Mon Sep 17 00:00:00 2001 From: Rico Huijbers Date: Mon, 22 Mar 2021 12:24:18 +0100 Subject: [PATCH 007/260] feat(init-templates): app template comes with hint comments for 'env' (#13696) How the `env` parameter is supposed to be used is still confusing to a lot of users. Add uncommentable lines to the init templates showing and describing the 3 alternatives. Fixes #12321. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../%name.PascalCased%/Program.template.cs | 30 ++++++++++++++++++- .../myorg/%name.PascalCased%App.template.java | 27 ++++++++++++++++- .../v1/app/javascript/bin/%name%.template.js | 16 +++++++++- .../v1/app/python/app.template.py | 19 +++++++++++- .../v1/app/typescript/bin/%name%.template.ts | 16 +++++++++- .../%name.PascalCased%/Program.template.cs | 29 +++++++++++++++++- .../myorg/%name.PascalCased%App.template.java | 27 ++++++++++++++++- .../v2/app/javascript/bin/%name%.template.js | 16 +++++++++- .../v2/app/python/app.template.py | 19 +++++++++++- .../v2/app/typescript/bin/%name%.template.ts | 16 +++++++++- 10 files changed, 205 insertions(+), 10 deletions(-) diff --git a/packages/aws-cdk/lib/init-templates/v1/app/csharp/src/%name.PascalCased%/Program.template.cs b/packages/aws-cdk/lib/init-templates/v1/app/csharp/src/%name.PascalCased%/Program.template.cs index a2ce1b67fdd53..ec6a50b8bdc00 100644 --- a/packages/aws-cdk/lib/init-templates/v1/app/csharp/src/%name.PascalCased%/Program.template.cs +++ b/packages/aws-cdk/lib/init-templates/v1/app/csharp/src/%name.PascalCased%/Program.template.cs @@ -10,7 +10,35 @@ sealed class Program public static void Main(string[] args) { var app = new App(); - new %name.PascalCased%Stack(app, "%name.PascalCased%Stack"); + new %name.PascalCased%Stack(app, "%name.PascalCased%Stack", new StackProps + { + // If you don't specify 'env', this stack will be environment-agnostic. + // Account/Region-dependent features and context lookups will not work, + // but a single synthesized template can be deployed anywhere. + + // Uncomment the next block to specialize this stack for the AWS Account + // and Region that are implied by the current CLI configuration. + /* + Env = new Amazon.CDK.Environment + { + Account = System.Environment.GetEnvironmentVariable("CDK_DEFAULT_ACCOUNT"), + Region = System.Environment.GetEnvironmentVariable("CDK_DEFAULT_REGION"), + } + */ + + // Uncomment the next block if you know exactly what Account and Region you + // want to deploy the stack to. + /* + Env = new Amazon.CDK.Environment + { + Account = "123456789012", + Region = "us-east-1", + } + */ + + // For more information, see https://docs.aws.amazon.com/cdk/latest/guide/environments.html + }); + app.Synth(); } } diff --git a/packages/aws-cdk/lib/init-templates/v1/app/java/src/main/java/com/myorg/%name.PascalCased%App.template.java b/packages/aws-cdk/lib/init-templates/v1/app/java/src/main/java/com/myorg/%name.PascalCased%App.template.java index 93b1690e7cfe3..b9a43e4549097 100644 --- a/packages/aws-cdk/lib/init-templates/v1/app/java/src/main/java/com/myorg/%name.PascalCased%App.template.java +++ b/packages/aws-cdk/lib/init-templates/v1/app/java/src/main/java/com/myorg/%name.PascalCased%App.template.java @@ -1,6 +1,7 @@ package com.myorg; import software.amazon.awscdk.core.App; +import software.amazon.awscdk.core.Environment; import java.util.Arrays; @@ -8,7 +9,31 @@ public class %name.PascalCased%App { public static void main(final String[] args) { App app = new App(); - new %name.PascalCased%Stack(app, "%name.PascalCased%Stack"); + %name.PascalCased%Stack.Builder.create(app, "%name.PascalCased%Stack") + // If you don't specify 'env', this stack will be environment-agnostic. + // Account/Region-dependent features and context lookups will not work, + // but a single synthesized template can be deployed anywhere. + + // Uncomment the next block to specialize this stack for the AWS Account + // and Region that are implied by the current CLI configuration. + /* + .env(Environment.builder() + .account(System.getenv("CDK_DEFAULT_ACCOUNT")) + .region(System.getenv("CDK_DEFAULT_REGION")) + .build()) + */ + + // Uncomment the next block if you know exactly what Account and Region you + // want to deploy the stack to. + /* + .env(Environment.builder() + .account("123456789012") + .region("us-east-1") + .build()) + */ + + // For more information, see https://docs.aws.amazon.com/cdk/latest/guide/environments.html + .build(); app.synth(); } diff --git a/packages/aws-cdk/lib/init-templates/v1/app/javascript/bin/%name%.template.js b/packages/aws-cdk/lib/init-templates/v1/app/javascript/bin/%name%.template.js index 7ef6ca7df55c0..1a99b7e2c55ec 100644 --- a/packages/aws-cdk/lib/init-templates/v1/app/javascript/bin/%name%.template.js +++ b/packages/aws-cdk/lib/init-templates/v1/app/javascript/bin/%name%.template.js @@ -4,4 +4,18 @@ const cdk = require('@aws-cdk/core'); const { %name.PascalCased%Stack } = require('../lib/%name%-stack'); const app = new cdk.App(); -new %name.PascalCased%Stack(app, '%name.PascalCased%Stack'); +new %name.PascalCased%Stack(app, '%name.PascalCased%Stack', { + /* If you don't specify 'env', this stack will be environment-agnostic. + * Account/Region-dependent features and context lookups will not work, + * but a single synthesized template can be deployed anywhere. */ + + /* Uncomment the next line to specialize this stack for the AWS Account + * and Region that are implied by the current CLI configuration. */ + // env: { account: process.env.CDK_DEFAULT_ACCOUNT, region: process.env.CDK_DEFAULT_REGION }, + + /* Uncomment the next line if you know exactly what Account and Region you + * want to deploy the stack to. */ + // env: { account: '123456789012', region: 'us-east-1' }, + + /* For more information, see https://docs.aws.amazon.com/cdk/latest/guide/environments.html */ +}); \ No newline at end of file diff --git a/packages/aws-cdk/lib/init-templates/v1/app/python/app.template.py b/packages/aws-cdk/lib/init-templates/v1/app/python/app.template.py index bf6da5f40868f..a63ab8ac2e62e 100644 --- a/packages/aws-cdk/lib/init-templates/v1/app/python/app.template.py +++ b/packages/aws-cdk/lib/init-templates/v1/app/python/app.template.py @@ -1,4 +1,5 @@ #!/usr/bin/env python3 +import os from aws_cdk import core as cdk @@ -12,6 +13,22 @@ app = core.App() -%name.PascalCased%Stack(app, "%name.PascalCased%Stack") +%name.PascalCased%Stack(app, "%name.PascalCased%Stack", + # If you don't specify 'env', this stack will be environment-agnostic. + # Account/Region-dependent features and context lookups will not work, + # but a single synthesized template can be deployed anywhere. + + # Uncomment the next line to specialize this stack for the AWS Account + # and Region that are implied by the current CLI configuration. + + #env=core.Environment(account=os.getenv('CDK_DEFAULT_ACCOUNT'), region=os.getenv('CDK_DEFAULT_REGION')), + + # Uncomment the next line if you know exactly what Account and Region you + # want to deploy the stack to. */ + + #env=core.Environment(account='123456789012', region='us-east-1'), + + # For more information, see https://docs.aws.amazon.com/cdk/latest/guide/environments.html + ) app.synth() diff --git a/packages/aws-cdk/lib/init-templates/v1/app/typescript/bin/%name%.template.ts b/packages/aws-cdk/lib/init-templates/v1/app/typescript/bin/%name%.template.ts index 57c0a9a41db06..9479fc651f175 100644 --- a/packages/aws-cdk/lib/init-templates/v1/app/typescript/bin/%name%.template.ts +++ b/packages/aws-cdk/lib/init-templates/v1/app/typescript/bin/%name%.template.ts @@ -4,4 +4,18 @@ import * as cdk from '@aws-cdk/core'; import { %name.PascalCased%Stack } from '../lib/%name%-stack'; const app = new cdk.App(); -new %name.PascalCased%Stack(app, '%name.PascalCased%Stack'); +new %name.PascalCased%Stack(app, '%name.PascalCased%Stack', { + /* If you don't specify 'env', this stack will be environment-agnostic. + * Account/Region-dependent features and context lookups will not work, + * but a single synthesized template can be deployed anywhere. */ + + /* Uncomment the next line to specialize this stack for the AWS Account + * and Region that are implied by the current CLI configuration. */ + // env: { account: process.env.CDK_DEFAULT_ACCOUNT, region: process.env.CDK_DEFAULT_REGION }, + + /* Uncomment the next line if you know exactly what Account and Region you + * want to deploy the stack to. */ + // env: { account: '123456789012', region: 'us-east-1' }, + + /* For more information, see https://docs.aws.amazon.com/cdk/latest/guide/environments.html */ +}); diff --git a/packages/aws-cdk/lib/init-templates/v2/app/csharp/src/%name.PascalCased%/Program.template.cs b/packages/aws-cdk/lib/init-templates/v2/app/csharp/src/%name.PascalCased%/Program.template.cs index 93f1e27a57523..b514172b49459 100644 --- a/packages/aws-cdk/lib/init-templates/v2/app/csharp/src/%name.PascalCased%/Program.template.cs +++ b/packages/aws-cdk/lib/init-templates/v2/app/csharp/src/%name.PascalCased%/Program.template.cs @@ -10,7 +10,34 @@ sealed class Program public static void Main(string[] args) { var app = new App(); - new %name.PascalCased%Stack(app, "%name.PascalCased%Stack"); + new %name.PascalCased%Stack(app, "%name.PascalCased%Stack", new StackProps + { + // If you don't specify 'env', this stack will be environment-agnostic. + // Account/Region-dependent features and context lookups will not work, + // but a single synthesized template can be deployed anywhere. + + // Uncomment the next block to specialize this stack for the AWS Account + // and Region that are implied by the current CLI configuration. + /* + Env = new Amazon.CDK.Environment + { + Account = System.Environment.GetEnvironmentVariable("CDK_DEFAULT_ACCOUNT"), + Region = System.Environment.GetEnvironmentVariable("CDK_DEFAULT_REGION"), + } + */ + + // Uncomment the next block if you know exactly what Account and Region you + // want to deploy the stack to. + /* + Env = new Amazon.CDK.Environment + { + Account = "123456789012", + Region = "us-east-1", + } + */ + + // For more information, see https://docs.aws.amazon.com/cdk/latest/guide/environments.html + }); app.Synth(); } } diff --git a/packages/aws-cdk/lib/init-templates/v2/app/java/src/main/java/com/myorg/%name.PascalCased%App.template.java b/packages/aws-cdk/lib/init-templates/v2/app/java/src/main/java/com/myorg/%name.PascalCased%App.template.java index 2574c970d3992..d68e49440506b 100644 --- a/packages/aws-cdk/lib/init-templates/v2/app/java/src/main/java/com/myorg/%name.PascalCased%App.template.java +++ b/packages/aws-cdk/lib/init-templates/v2/app/java/src/main/java/com/myorg/%name.PascalCased%App.template.java @@ -1,6 +1,7 @@ package com.myorg; import software.amazon.awscdk.lib.App; +import software.amazon.awscdk.lib.Environment; import java.util.Arrays; @@ -8,7 +9,31 @@ public class %name.PascalCased%App { public static void main(final String[] args) { App app = new App(); - new %name.PascalCased%Stack(app, "%name.PascalCased%Stack"); + %name.PascalCased%Stack.Builder.create(app, "%name.PascalCased%Stack") + // If you don't specify 'env', this stack will be environment-agnostic. + // Account/Region-dependent features and context lookups will not work, + // but a single synthesized template can be deployed anywhere. + + // Uncomment the next block to specialize this stack for the AWS Account + // and Region that are implied by the current CLI configuration. + /* + .env(Environment.builder() + .account(System.getenv("CDK_DEFAULT_ACCOUNT")) + .region(System.getenv("CDK_DEFAULT_REGION")) + .build()) + */ + + // Uncomment the next block if you know exactly what Account and Region you + // want to deploy the stack to. + /* + .env(Environment.builder() + .account("123456789012") + .region("us-east-1") + .build()) + */ + + // For more information, see https://docs.aws.amazon.com/cdk/latest/guide/environments.html + .build(); app.synth(); } diff --git a/packages/aws-cdk/lib/init-templates/v2/app/javascript/bin/%name%.template.js b/packages/aws-cdk/lib/init-templates/v2/app/javascript/bin/%name%.template.js index 637cb35435106..46f0d3cbcc860 100644 --- a/packages/aws-cdk/lib/init-templates/v2/app/javascript/bin/%name%.template.js +++ b/packages/aws-cdk/lib/init-templates/v2/app/javascript/bin/%name%.template.js @@ -4,4 +4,18 @@ const cdk = require('aws-cdk-lib'); const { %name.PascalCased%Stack } = require('../lib/%name%-stack'); const app = new cdk.App(); -new %name.PascalCased%Stack(app, '%name.PascalCased%Stack'); +new %name.PascalCased%Stack(app, '%name.PascalCased%Stack', { + /* If you don't specify 'env', this stack will be environment-agnostic. + * Account/Region-dependent features and context lookups will not work, + * but a single synthesized template can be deployed anywhere. */ + + /* Uncomment the next line to specialize this stack for the AWS Account + * and Region that are implied by the current CLI configuration. */ + // env: { account: process.env.CDK_DEFAULT_ACCOUNT, region: process.env.CDK_DEFAULT_REGION }, + + /* Uncomment the next line if you know exactly what Account and Region you + * want to deploy the stack to. */ + // env: { account: '123456789012', region: 'us-east-1' }, + + /* For more information, see https://docs.aws.amazon.com/cdk/latest/guide/environments.html */ +}); diff --git a/packages/aws-cdk/lib/init-templates/v2/app/python/app.template.py b/packages/aws-cdk/lib/init-templates/v2/app/python/app.template.py index 5d1fa551c1c70..a258f798a7e6f 100644 --- a/packages/aws-cdk/lib/init-templates/v2/app/python/app.template.py +++ b/packages/aws-cdk/lib/init-templates/v2/app/python/app.template.py @@ -1,4 +1,5 @@ #!/usr/bin/env python3 +import os import aws_cdk_lib as core @@ -6,6 +7,22 @@ app = core.App() -%name.PascalCased%Stack(app, "%name.PascalCased%Stack") +%name.PascalCased%Stack(app, "%name.PascalCased%Stack", + # If you don't specify 'env', this stack will be environment-agnostic. + # Account/Region-dependent features and context lookups will not work, + # but a single synthesized template can be deployed anywhere. + + # Uncomment the next line to specialize this stack for the AWS Account + # and Region that are implied by the current CLI configuration. + + #env=core.Environment(account=os.getenv('CDK_DEFAULT_ACCOUNT'), region=os.getenv('CDK_DEFAULT_REGION')), + + # Uncomment the next line if you know exactly what Account and Region you + # want to deploy the stack to. */ + + #env=core.Environment(account='123456789012', region='us-east-1'), + + # For more information, see https://docs.aws.amazon.com/cdk/latest/guide/environments.html + ) app.synth() diff --git a/packages/aws-cdk/lib/init-templates/v2/app/typescript/bin/%name%.template.ts b/packages/aws-cdk/lib/init-templates/v2/app/typescript/bin/%name%.template.ts index 2a54cb5615400..d29a34d0b3c79 100644 --- a/packages/aws-cdk/lib/init-templates/v2/app/typescript/bin/%name%.template.ts +++ b/packages/aws-cdk/lib/init-templates/v2/app/typescript/bin/%name%.template.ts @@ -4,4 +4,18 @@ import * as cdk from 'aws-cdk-lib'; import { %name.PascalCased%Stack } from '../lib/%name%-stack'; const app = new cdk.App(); -new %name.PascalCased%Stack(app, '%name.PascalCased%Stack'); +new %name.PascalCased%Stack(app, '%name.PascalCased%Stack', { + /* If you don't specify 'env', this stack will be environment-agnostic. + * Account/Region-dependent features and context lookups will not work, + * but a single synthesized template can be deployed anywhere. */ + + /* Uncomment the next line to specialize this stack for the AWS Account + * and Region that are implied by the current CLI configuration. */ + // env: { account: process.env.CDK_DEFAULT_ACCOUNT, region: process.env.CDK_DEFAULT_REGION }, + + /* Uncomment the next line if you know exactly what Account and Region you + * want to deploy the stack to. */ + // env: { account: '123456789012', region: 'us-east-1' }, + + /* For more information, see https://docs.aws.amazon.com/cdk/latest/guide/environments.html */ +}); \ No newline at end of file From 4fde59ac64e8440a05d17a9b5c5622a9dfb43b1f Mon Sep 17 00:00:00 2001 From: Jonathan Goldwasser Date: Mon, 22 Mar 2021 15:02:52 +0100 Subject: [PATCH 008/260] feat(ec2): client vpn endpoint (#12234) Add support for client VPN endpoints with the following L2s: `ClientVpnEndpoint`, `ClientVpnAuthorizationRule` and `ClientVpnRoute`. Client VPN endpoints can be added to VPCs with the `addClientVpnEndpoint()` method. Both mutual and user-based authentication are supported. The `ClientVpnEndpoint` class implements `IConnectable`. Use a custom resource to import server and client certificates in ACM for the integration test. Close #4206 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-ec2/README.md | 65 ++ .../lib/client-vpn-authorization-rule.ts | 57 ++ .../aws-ec2/lib/client-vpn-endpoint-types.ts | 52 ++ .../aws-ec2/lib/client-vpn-endpoint.ts | 407 ++++++++++++ .../@aws-cdk/aws-ec2/lib/client-vpn-route.ts | 88 +++ packages/@aws-cdk/aws-ec2/lib/index.ts | 4 + packages/@aws-cdk/aws-ec2/lib/vpc.ts | 16 + packages/@aws-cdk/aws-ec2/package.json | 5 +- .../aws-ec2/rosetta/client-vpn.ts-fixture | 17 + .../aws-ec2/test/client-vpn-endpoint.test.ts | 271 ++++++++ .../test/import-certificates-handler/ca.crt | 20 + .../client1.domain.tld.crt | 85 +++ .../client1.domain.tld.key | 28 + .../test/import-certificates-handler/index.ts | 49 ++ .../import-certificates-handler/server.crt | 87 +++ .../import-certificates-handler/server.key | 28 + .../integ.client-vpn-endpoint.expected.json | 612 ++++++++++++++++++ .../aws-ec2/test/integ.client-vpn-endpoint.ts | 73 +++ .../@aws-cdk/aws-lambda/lib/function-base.ts | 2 +- 19 files changed, 1964 insertions(+), 2 deletions(-) create mode 100644 packages/@aws-cdk/aws-ec2/lib/client-vpn-authorization-rule.ts create mode 100644 packages/@aws-cdk/aws-ec2/lib/client-vpn-endpoint-types.ts create mode 100644 packages/@aws-cdk/aws-ec2/lib/client-vpn-endpoint.ts create mode 100644 packages/@aws-cdk/aws-ec2/lib/client-vpn-route.ts create mode 100644 packages/@aws-cdk/aws-ec2/rosetta/client-vpn.ts-fixture create mode 100644 packages/@aws-cdk/aws-ec2/test/client-vpn-endpoint.test.ts create mode 100644 packages/@aws-cdk/aws-ec2/test/import-certificates-handler/ca.crt create mode 100644 packages/@aws-cdk/aws-ec2/test/import-certificates-handler/client1.domain.tld.crt create mode 100644 packages/@aws-cdk/aws-ec2/test/import-certificates-handler/client1.domain.tld.key create mode 100644 packages/@aws-cdk/aws-ec2/test/import-certificates-handler/index.ts create mode 100644 packages/@aws-cdk/aws-ec2/test/import-certificates-handler/server.crt create mode 100644 packages/@aws-cdk/aws-ec2/test/import-certificates-handler/server.key create mode 100644 packages/@aws-cdk/aws-ec2/test/integ.client-vpn-endpoint.expected.json create mode 100644 packages/@aws-cdk/aws-ec2/test/integ.client-vpn-endpoint.ts diff --git a/packages/@aws-cdk/aws-ec2/README.md b/packages/@aws-cdk/aws-ec2/README.md index 90b5b4be9cfb8..5ce9a5c500d4d 100644 --- a/packages/@aws-cdk/aws-ec2/README.md +++ b/packages/@aws-cdk/aws-ec2/README.md @@ -678,6 +678,71 @@ Note: The domain name must be owned (registered through Route53) by the account The VpcEndpointServiceDomainName will handle the AWS side of domain verification, the process for which can be found [here](https://docs.aws.amazon.com/vpc/latest/userguide/endpoint-services-dns-validation.html) +### Client VPN endpoint + +AWS Client VPN is a managed client-based VPN service that enables you to securely access your AWS +resources and resources in your on-premises network. With Client VPN, you can access your resources +from any location using an OpenVPN-based VPN client. + +Use the `addClientVpnEndpoint()` method to add a client VPN endpoint to a VPC: + +```ts fixture=client-vpn +vpc.addClientVpnEndpoint('Endpoint', { + cidr: '10.100.0.0/16', + serverCertificateArn: 'arn:aws:acm:us-east-1:123456789012:certificate/server-certificate-id', + // Mutual authentication + clientCertificateArn: 'arn:aws:acm:us-east-1:123456789012:certificate/client-certificate-id', + // User-based authentication + userBasedAuthentication: ec2.ClientVpnUserBasedAuthentication.federated(samlProvider), +}); +``` + +The endpoint must use at least one [authentication method](https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/client-authentication.html): + +* Mutual authentication with a client certificate +* User-based authentication (directory or federated) + +If user-based authentication is used, the [self-service portal URL](https://docs.aws.amazon.com/vpn/latest/clientvpn-user/self-service-portal.html) +is made available via a CloudFormation output. + +By default, a new security group is created and logging is enabled. Moreover, a rule to +authorize all users to the VPC CIDR is created. + +To customize authorization rules, set the `authorizeAllUsersToVpcCidr` prop to `false` +and use `addaddAuthorizationRule()`: + +```ts fixture=client-vpn +const endpoint = vpc.addClientVpnEndpoint('Endpoint', { + cidr: '10.100.0.0/16', + serverCertificateArn: 'arn:aws:acm:us-east-1:123456789012:certificate/server-certificate-id', + userBasedAuthentication: ec2.ClientVpnUserBasedAuthentication.federated(samlProvider), + authorizeAllUsersToVpcCidr: false, +}); + +endpoint.addAuthorizationRule('Rule', { + cidr: '10.0.10.0/32', + groupId: 'group-id', +}); +``` + +Use `addRoute()` to configure network routes: + +```ts fixture=client-vpn +const endpoint = vpc.addClientVpnEndpoint('Endpoint', { + cidr: '10.100.0.0/16', + serverCertificateArn: 'arn:aws:acm:us-east-1:123456789012:certificate/server-certificate-id', + userBasedAuthentication: ec2.ClientVpnUserBasedAuthentication.federated(samlProvider), +}); + +// Client-to-client access +endpoint.addRoute('Route', { + cidr: '10.100.0.0/16', + target: ec2.ClientVpnRouteTarget.local(), +}); +``` + +Use the `connections` object of the endpoint to allow traffic to other security groups. + ## Instances You can use the `Instance` class to start up a single EC2 instance. For production setups, we recommend diff --git a/packages/@aws-cdk/aws-ec2/lib/client-vpn-authorization-rule.ts b/packages/@aws-cdk/aws-ec2/lib/client-vpn-authorization-rule.ts new file mode 100644 index 0000000000000..c63f940ab4883 --- /dev/null +++ b/packages/@aws-cdk/aws-ec2/lib/client-vpn-authorization-rule.ts @@ -0,0 +1,57 @@ +import { Resource } from '@aws-cdk/core'; +import { Construct } from 'constructs'; +import { IClientVpnEndpoint } from './client-vpn-endpoint-types'; +import { CfnClientVpnAuthorizationRule } from './ec2.generated'; + +/** + * Options for a ClientVpnAuthorizationRule + */ +export interface ClientVpnAuthorizationRuleOptions { + /** + * The IPv4 address range, in CIDR notation, of the network for which access + * is being authorized. + */ + readonly cidr: string; + + /** + * The ID of the group to grant access to, for example, the Active Directory + * group or identity provider (IdP) group. + * + * @default - authorize all groups + */ + readonly groupId?: string; + + /** + * A brief description of the authorization rule. + * + * @default - no description + */ + readonly description?: string; +} + +/** + * Properties for a ClientVpnAuthorizationRule + */ +export interface ClientVpnAuthorizationRuleProps extends ClientVpnAuthorizationRuleOptions { + /** + * The client VPN endpoint to which to add the rule. + */ + readonly clientVpnEndoint: IClientVpnEndpoint; +} + +/** + * A client VPN authorization rule + */ +export class ClientVpnAuthorizationRule extends Resource { + constructor(scope: Construct, id: string, props: ClientVpnAuthorizationRuleProps) { + super(scope, id); + + new CfnClientVpnAuthorizationRule(this, 'Resource', { + clientVpnEndpointId: props.clientVpnEndoint.endpointId, + targetNetworkCidr: props.cidr, + accessGroupId: props.groupId, + authorizeAllGroups: !props.groupId, + description: props.description, + }); + } +} diff --git a/packages/@aws-cdk/aws-ec2/lib/client-vpn-endpoint-types.ts b/packages/@aws-cdk/aws-ec2/lib/client-vpn-endpoint-types.ts new file mode 100644 index 0000000000000..ef33493a8f225 --- /dev/null +++ b/packages/@aws-cdk/aws-ec2/lib/client-vpn-endpoint-types.ts @@ -0,0 +1,52 @@ +import { IDependable, IResource } from '@aws-cdk/core'; +import { IConnectable } from './connections'; + +/** + * A client VPN endpoint + */ +export interface IClientVpnEndpoint extends IResource, IConnectable { + /** + * The endpoint ID + */ + readonly endpointId: string; + + /** + * Dependable that can be depended upon to force target networks associations + */ + readonly targetNetworksAssociated: IDependable; +} + +/** + * A connection handler for client VPN endpoints + */ +export interface IClientVpnConnectionHandler { + /** + * The name of the function + */ + readonly functionName: string; + + /** + * The ARN of the function. + */ + readonly functionArn: string; +} + +/** + * Transport protocol for client VPN + */ +export enum TransportProtocol { + /** Transmission Control Protocol (TCP) */ + TCP = 'tcp', + /** User Datagram Protocol (UDP) */ + UDP = 'udp', +} + +/** + * Port for client VPN + */ +export enum VpnPort { + /** HTTPS */ + HTTPS = 443, + /** OpenVPN */ + OPENVPN = 1194, +} diff --git a/packages/@aws-cdk/aws-ec2/lib/client-vpn-endpoint.ts b/packages/@aws-cdk/aws-ec2/lib/client-vpn-endpoint.ts new file mode 100644 index 0000000000000..43431bd649046 --- /dev/null +++ b/packages/@aws-cdk/aws-ec2/lib/client-vpn-endpoint.ts @@ -0,0 +1,407 @@ +import { ISamlProvider } from '@aws-cdk/aws-iam'; +import * as logs from '@aws-cdk/aws-logs'; +import { CfnOutput, ConcreteDependable, IDependable, Resource, Token } from '@aws-cdk/core'; +import { Construct } from 'constructs'; +import { ClientVpnAuthorizationRule, ClientVpnAuthorizationRuleOptions } from './client-vpn-authorization-rule'; +import { IClientVpnConnectionHandler, IClientVpnEndpoint, TransportProtocol, VpnPort } from './client-vpn-endpoint-types'; +import { ClientVpnRoute, ClientVpnRouteOptions } from './client-vpn-route'; +import { Connections } from './connections'; +import { CfnClientVpnEndpoint, CfnClientVpnTargetNetworkAssociation } from './ec2.generated'; +import { CidrBlock } from './network-util'; +import { ISecurityGroup, SecurityGroup } from './security-group'; +import { IVpc, SubnetSelection } from './vpc'; + +/** + * Options for a client VPN endpoint + */ +export interface ClientVpnEndpointOptions { + /** + * The IPv4 address range, in CIDR notation, from which to assign client IP + * addresses. The address range cannot overlap with the local CIDR of the VPC + * in which the associated subnet is located, or the routes that you add manually. + * + * Changing the address range will replace the Client VPN endpoint. + * + * The CIDR block should be /22 or greater. + */ + readonly cidr: string; + + /** + * The ARN of the client certificate for mutual authentication. + * + * The certificate must be signed by a certificate authority (CA) and it must + * be provisioned in AWS Certificate Manager (ACM). + * + * @default - use user-based authentication + */ + readonly clientCertificateArn?: string; + + /** + * The type of user-based authentication to use. + * + * @see https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/client-authentication.html + * + * @default - use mutual authentication + */ + readonly userBasedAuthentication?: ClientVpnUserBasedAuthentication; + + /** + * Whether to enable connections logging + * + * @default true + */ + readonly logging?: boolean; + + /** + * A CloudWatch Logs log group for connection logging + * + * @default - a new group is created + */ + readonly logGroup?: logs.ILogGroup; + + /** + * A CloudWatch Logs log stream for connection logging + * + * @default - a new stream is created + */ + readonly logStream?: logs.ILogStream; + + /** + * The AWS Lambda function used for connection authorization + * + * The name of the Lambda function must begin with the `AWSClientVPN-` prefix + * + * @default - no connection handler + */ + readonly clientConnectionHandler?: IClientVpnConnectionHandler; + + /** + * A brief description of the Client VPN endpoint. + * + * @default - no description + */ + readonly description?: string; + + /** + * The security groups to apply to the target network. + * + * @default - a new security group is created + */ + readonly securityGroups?: ISecurityGroup[]; + + /** + * Specify whether to enable the self-service portal for the Client VPN endpoint. + * + * @default true + */ + readonly selfServicePortal?: boolean; + + /** + * The ARN of the server certificate + */ + readonly serverCertificateArn: string; + + /** + * Indicates whether split-tunnel is enabled on the AWS Client VPN endpoint. + * + * @see https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/split-tunnel-vpn.html + * + * @default false + */ + readonly splitTunnel?: boolean; + + /** + * The transport protocol to be used by the VPN session. + * + * @default TransportProtocol.UDP + */ + readonly transportProtocol?: TransportProtocol; + + /** + * The port number to assign to the Client VPN endpoint for TCP and UDP + * traffic. + * + * @default VpnPort.HTTPS + */ + readonly port?: VpnPort; + + /** + * Information about the DNS servers to be used for DNS resolution. + * + * A Client VPN endpoint can have up to two DNS servers. + * + * @default - use the DNS address configured on the device + */ + readonly dnsServers?: string[]; + + /** + * Subnets to associate to the client VPN endpoint. + * + * @default - the VPC default strategy + */ + readonly vpcSubnets?: SubnetSelection; + + /** + * Whether to authorize all users to the VPC CIDR + * + * This automatically creates an authorization rule. Set this to `false` and + * use `addAuthorizationRule()` to create your own rules instead. + * + * @default true + */ + readonly authorizeAllUsersToVpcCidr?: boolean; +} + +/** + * User-based authentication for a client VPN endpoint + */ +export abstract class ClientVpnUserBasedAuthentication { + /** + * Active Directory authentication + */ + public static activeDirectory(directoryId: string): ClientVpnUserBasedAuthentication { + return new ActiveDirectoryAuthentication(directoryId); + } + + /** Federated authentication */ + public static federated(samlProvider: ISamlProvider, selfServiceSamlProvider?: ISamlProvider): ClientVpnUserBasedAuthentication { + return new FederatedAuthentication(samlProvider, selfServiceSamlProvider); + } + + /** Renders the user based authentication */ + public abstract render(): any; +} + +/** + * Active Directory authentication + */ +class ActiveDirectoryAuthentication extends ClientVpnUserBasedAuthentication { + constructor(private readonly directoryId: string) { + super(); + } + + render(): any { + return { + type: 'directory-service-authentication', + activeDirectory: { directoryId: this.directoryId }, + }; + } +} + +/** + * Federated authentication + */ +class FederatedAuthentication extends ClientVpnUserBasedAuthentication { + constructor(private readonly samlProvider: ISamlProvider, private readonly selfServiceSamlProvider?: ISamlProvider) { + super(); + } + + render(): any { + return { + type: 'federated-authentication', + federatedAuthentication: { + samlProviderArn: this.samlProvider.samlProviderArn, + selfServiceSamlProviderArn: this.selfServiceSamlProvider?.samlProviderArn, + }, + }; + } +} + +/** + * Properties for a client VPN endpoint + */ +export interface ClientVpnEndpointProps extends ClientVpnEndpointOptions { + /** + * The VPC to connect to. + */ + readonly vpc: IVpc; +} + +/** + * Attributes when importing an existing client VPN endpoint + */ +export interface ClientVpnEndpointAttributes { + /** + * The endpoint ID + */ + readonly endpointId: string; + + /** + * The security groups associated with the endpoint + */ + readonly securityGroups: ISecurityGroup[]; +} + +/** + * A client VPN connnection + */ +export class ClientVpnEndpoint extends Resource implements IClientVpnEndpoint { + /** + * Import an existing client VPN endpoint + */ + public static fromEndpointAttributes(scope: Construct, id: string, attrs: ClientVpnEndpointAttributes): IClientVpnEndpoint { + class Import extends Resource implements IClientVpnEndpoint { + public readonly endpointId = attrs.endpointId; + public readonly connections = new Connections({ securityGroups: attrs.securityGroups }); + public readonly targetNetworksAssociated: IDependable = new ConcreteDependable(); + } + return new Import(scope, id); + } + + public readonly endpointId: string; + + /** + * Allows specify security group connections for the endpoint. + */ + public readonly connections: Connections; + + public readonly targetNetworksAssociated: IDependable; + + private readonly _targetNetworksAssociated = new ConcreteDependable(); + + constructor(scope: Construct, id: string, props: ClientVpnEndpointProps) { + super(scope, id); + + if (!Token.isUnresolved(props.vpc.vpcCidrBlock)) { + const clientCidr = new CidrBlock(props.cidr); + const vpcCidr = new CidrBlock(props.vpc.vpcCidrBlock); + if (vpcCidr.containsCidr(clientCidr)) { + throw new Error('The client CIDR cannot overlap with the local CIDR of the VPC'); + } + } + + if (props.dnsServers && props.dnsServers.length > 2) { + throw new Error('A client VPN endpoint can have up to two DNS servers'); + } + + if (props.logging == false && (props.logGroup || props.logStream)) { + throw new Error('Cannot specify `logGroup` or `logStream` when logging is disabled'); + } + + if (props.clientConnectionHandler + && !Token.isUnresolved(props.clientConnectionHandler.functionName) + && !props.clientConnectionHandler.functionName.startsWith('AWSClientVPN-')) { + throw new Error('The name of the Lambda function must begin with the `AWSClientVPN-` prefix'); + } + + const logging = props.logging ?? true; + const logGroup = logging + ? props.logGroup ?? new logs.LogGroup(this, 'LogGroup') + : undefined; + + const securityGroups = props.securityGroups ?? [new SecurityGroup(this, 'SecurityGroup', { + vpc: props.vpc, + })]; + this.connections = new Connections({ securityGroups }); + + const endpoint = new CfnClientVpnEndpoint(this, 'Resource', { + authenticationOptions: renderAuthenticationOptions(props.clientCertificateArn, props.userBasedAuthentication), + clientCidrBlock: props.cidr, + clientConnectOptions: props.clientConnectionHandler + ? { + enabled: true, + lambdaFunctionArn: props.clientConnectionHandler.functionArn, + } + : undefined, + connectionLogOptions: { + enabled: logging, + cloudwatchLogGroup: logGroup?.logGroupName, + cloudwatchLogStream: props.logStream?.logStreamName, + }, + description: props.description, + dnsServers: props.dnsServers, + securityGroupIds: securityGroups.map(s => s.securityGroupId), + selfServicePortal: booleanToEnabledDisabled(props.selfServicePortal), + serverCertificateArn: props.serverCertificateArn, + splitTunnel: props.splitTunnel, + transportProtocol: props.transportProtocol, + vpcId: props.vpc.vpcId, + vpnPort: props.port, + }); + + this.endpointId = endpoint.ref; + + if (props.userBasedAuthentication && (props.selfServicePortal ?? true)) { + // Output self-service portal URL + new CfnOutput(this, 'SelfServicePortalUrl', { + value: `https://self-service.clientvpn.amazonaws.com/endpoints/${this.endpointId}`, + }); + } + + // Associate subnets + const subnetIds = props.vpc.selectSubnets(props.vpcSubnets).subnetIds; + + if (Token.isUnresolved(subnetIds)) { + throw new Error('Cannot associate subnets when VPC are imported from parameters or exports containing lists of subnet IDs.'); + } + + for (const [idx, subnetId] of Object.entries(subnetIds)) { + this._targetNetworksAssociated.add(new CfnClientVpnTargetNetworkAssociation(this, `Association${idx}`, { + clientVpnEndpointId: this.endpointId, + subnetId, + })); + } + this.targetNetworksAssociated = this._targetNetworksAssociated; + + if (props.authorizeAllUsersToVpcCidr ?? true) { + this.addAuthorizationRule('AuthorizeAll', { + cidr: props.vpc.vpcCidrBlock, + }); + } + } + + /** + * Adds an authorization rule to this endpoint + */ + public addAuthorizationRule(id: string, props: ClientVpnAuthorizationRuleOptions): ClientVpnAuthorizationRule { + return new ClientVpnAuthorizationRule(this, id, { + ...props, + clientVpnEndoint: this, + }); + } + + /** + * Adds a route to this endpoint + */ + public addRoute(id: string, props: ClientVpnRouteOptions): ClientVpnRoute { + return new ClientVpnRoute(this, id, { + ...props, + clientVpnEndoint: this, + }); + } +} + +function renderAuthenticationOptions( + clientCertificateArn?: string, + userBasedAuthentication?: ClientVpnUserBasedAuthentication): CfnClientVpnEndpoint.ClientAuthenticationRequestProperty[] { + const authenticationOptions: CfnClientVpnEndpoint.ClientAuthenticationRequestProperty[] = []; + + if (clientCertificateArn) { + authenticationOptions.push({ + type: 'certificate-authentication', + mutualAuthentication: { + clientRootCertificateChainArn: clientCertificateArn, + }, + }); + } + + if (userBasedAuthentication) { + authenticationOptions.push(userBasedAuthentication.render()); + } + + if (authenticationOptions.length === 0) { + throw new Error('A client VPN endpoint must use at least one authentication option'); + } + return authenticationOptions; +} + +function booleanToEnabledDisabled(val?: boolean): 'enabled' | 'disabled' | undefined { + switch (val) { + case undefined: + return undefined; + case true: + return 'enabled'; + case false: + return 'disabled'; + } +} diff --git a/packages/@aws-cdk/aws-ec2/lib/client-vpn-route.ts b/packages/@aws-cdk/aws-ec2/lib/client-vpn-route.ts new file mode 100644 index 0000000000000..38734631a5d91 --- /dev/null +++ b/packages/@aws-cdk/aws-ec2/lib/client-vpn-route.ts @@ -0,0 +1,88 @@ +import { Resource } from '@aws-cdk/core'; +import { Construct } from 'constructs'; +import { IClientVpnEndpoint } from './client-vpn-endpoint-types'; +import { CfnClientVpnRoute } from './ec2.generated'; +import { ISubnet } from './vpc'; + +/** + * Options for a ClientVpnRoute + */ +export interface ClientVpnRouteOptions { + /** + * The IPv4 address range, in CIDR notation, of the route destination. + * + * For example: + * - To add a route for Internet access, enter 0.0.0.0/0 + * - To add a route for a peered VPC, enter the peered VPC's IPv4 CIDR range + * - To add a route for an on-premises network, enter the AWS Site-to-Site VPN + * connection's IPv4 CIDR range + * - To add a route for the local network, enter the client CIDR range + */ + readonly cidr: string; + + /** + * A brief description of the authorization rule. + * + * @default - no description + */ + readonly description?: string; + + /** + * The target for the route + */ + readonly target: ClientVpnRouteTarget; +} + +/** + * Target for a client VPN route + */ +export abstract class ClientVpnRouteTarget { + /** + * Subnet + * + * The specified subnet must be an existing target network of the client VPN + * endpoint. + */ + public static subnet(subnet: ISubnet): ClientVpnRouteTarget { + return { subnetId: subnet.subnetId }; + } + + /** + * Local network + */ + public static local(): ClientVpnRouteTarget { + return { subnetId: 'local' }; + } + + /** The subnet ID */ + public abstract readonly subnetId: string; +} + +/** + * Properties for a ClientVpnRoute + */ +export interface ClientVpnRouteProps extends ClientVpnRouteOptions { + /** + * The client VPN endpoint to which to add the route. + */ + readonly clientVpnEndoint: IClientVpnEndpoint; +} + +/** + * A client VPN route + */ +export class ClientVpnRoute extends Resource { + constructor(scope: Construct, id: string, props: ClientVpnRouteProps) { + super(scope, id); + + const route = new CfnClientVpnRoute(this, 'Resource', { + clientVpnEndpointId: props.clientVpnEndoint.endpointId, + description: props.description, + destinationCidrBlock: props.cidr, + targetVpcSubnetId: props.target.subnetId, + }); + + // See https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-clientvpnroute.html + route.node.addDependency(props.clientVpnEndoint.targetNetworksAssociated); + } +} diff --git a/packages/@aws-cdk/aws-ec2/lib/index.ts b/packages/@aws-cdk/aws-ec2/lib/index.ts index 9f70a4320060d..1b10e6fa1d566 100644 --- a/packages/@aws-cdk/aws-ec2/lib/index.ts +++ b/packages/@aws-cdk/aws-ec2/lib/index.ts @@ -22,6 +22,10 @@ export * from './vpc-endpoint-service'; export * from './user-data'; export * from './windows-versions'; export * from './vpc-flow-logs'; +export * from './client-vpn-endpoint-types'; +export * from './client-vpn-endpoint'; +export * from './client-vpn-authorization-rule'; +export * from './client-vpn-route'; // AWS::EC2 CloudFormation Resources: export * from './ec2.generated'; diff --git a/packages/@aws-cdk/aws-ec2/lib/vpc.ts b/packages/@aws-cdk/aws-ec2/lib/vpc.ts index 8d878dde26024..1d9667d774a0c 100644 --- a/packages/@aws-cdk/aws-ec2/lib/vpc.ts +++ b/packages/@aws-cdk/aws-ec2/lib/vpc.ts @@ -5,6 +5,7 @@ import { } from '@aws-cdk/core'; import * as cxapi from '@aws-cdk/cx-api'; import { Construct, Node } from 'constructs'; +import { ClientVpnEndpoint, ClientVpnEndpointOptions } from './client-vpn-endpoint'; import { CfnEIP, CfnInternetGateway, CfnNatGateway, CfnRoute, CfnRouteTable, CfnSubnet, CfnSubnetRouteTableAssociation, CfnVPC, CfnVPCGatewayAttachment, CfnVPNGatewayRoutePropagation, @@ -132,6 +133,11 @@ export interface IVpc extends IResource { */ addVpnConnection(id: string, options: VpnConnectionOptions): VpnConnection; + /** + * Adds a new client VPN endpoint to this VPC + */ + addClientVpnEndpoint(id: string, options: ClientVpnEndpointOptions): ClientVpnEndpoint; + /** * Adds a new gateway endpoint to this VPC */ @@ -421,6 +427,16 @@ abstract class VpcBase extends Resource implements IVpc { }); } + /** + * Adds a new client VPN endpoint to this VPC + */ + public addClientVpnEndpoint(id: string, options: ClientVpnEndpointOptions): ClientVpnEndpoint { + return new ClientVpnEndpoint(this, id, { + ...options, + vpc: this, + }); + } + /** * Adds a new interface endpoint to this VPC */ diff --git a/packages/@aws-cdk/aws-ec2/package.json b/packages/@aws-cdk/aws-ec2/package.json index e454bface8c4a..e92b52795b4dc 100644 --- a/packages/@aws-cdk/aws-ec2/package.json +++ b/packages/@aws-cdk/aws-ec2/package.json @@ -636,7 +636,10 @@ "docs-public-apis:@aws-cdk/aws-ec2.WindowsVersion.WINDOWS_SERVER_2008_R2_SP1_PORTUGUESE_BRAZIL_64BIT_BASE", "props-default-doc:@aws-cdk/aws-ec2.InterfaceVpcEndpointAttributes.securityGroupId", "props-default-doc:@aws-cdk/aws-ec2.InterfaceVpcEndpointAttributes.securityGroups", - "props-physical-name:@aws-cdk/aws-ec2.VpnGatewayProps" + "props-physical-name:@aws-cdk/aws-ec2.VpnGatewayProps", + "props-physical-name:@aws-cdk/aws-ec2.ClientVpnEndpointProps", + "props-physical-name:@aws-cdk/aws-ec2.ClientVpnAuthorizationRuleProps", + "props-physical-name:@aws-cdk/aws-ec2.ClientVpnRouteProps" ] }, "stability": "stable", diff --git a/packages/@aws-cdk/aws-ec2/rosetta/client-vpn.ts-fixture b/packages/@aws-cdk/aws-ec2/rosetta/client-vpn.ts-fixture new file mode 100644 index 0000000000000..4886d590211df --- /dev/null +++ b/packages/@aws-cdk/aws-ec2/rosetta/client-vpn.ts-fixture @@ -0,0 +1,17 @@ +// Fixture with packages imported and a VPC created +import { Construct, Stack } from '@aws-cdk/core'; +import iam = require('@aws-cdk/aws-iam'); +import ec2 = require('@aws-cdk/aws-ec2'); + +class Fixture extends Stack { + constructor(scope: Construct, id: string) { + super(scope, id); + + const vpc = new ec2.Vpc(this, 'VPC'); + const samlProvider = new iam.SamlProvider(this, 'Provider', { + metadataDocument: SamlMetadataDocument.fromXml('xml'), + }) + + /// here + } +} diff --git a/packages/@aws-cdk/aws-ec2/test/client-vpn-endpoint.test.ts b/packages/@aws-cdk/aws-ec2/test/client-vpn-endpoint.test.ts new file mode 100644 index 0000000000000..dbb64292b725a --- /dev/null +++ b/packages/@aws-cdk/aws-ec2/test/client-vpn-endpoint.test.ts @@ -0,0 +1,271 @@ +import { ResourcePart } from '@aws-cdk/assert'; +import '@aws-cdk/assert/jest'; +import { SamlMetadataDocument, SamlProvider } from '@aws-cdk/aws-iam'; +import * as logs from '@aws-cdk/aws-logs'; +import { Stack } from '@aws-cdk/core'; +import * as ec2 from '../lib'; +import { ClientVpnUserBasedAuthentication } from '../lib/client-vpn-endpoint'; + +let stack: Stack; +let vpc: ec2.IVpc; +beforeEach(() => { + stack = new Stack(); + vpc = new ec2.Vpc(stack, 'Vpc'); +}); + +test('client vpn endpoint', () => { + const samlProvider = new SamlProvider(stack, 'Provider', { + metadataDocument: SamlMetadataDocument.fromXml('xml'), + }); + + vpc.addClientVpnEndpoint('Endpoint', { + cidr: '10.100.0.0/16', + serverCertificateArn: 'server-certificate-arn', + clientCertificateArn: 'client-certificate-arn', + clientConnectionHandler: { functionArn: 'function-arn', functionName: 'AWSClientVPN-function-name' }, + dnsServers: ['8.8.8.8', '8.8.4.4'], + userBasedAuthentication: ClientVpnUserBasedAuthentication.federated(samlProvider), + }); + + expect(stack).toHaveResource('AWS::EC2::ClientVpnEndpoint', { + AuthenticationOptions: [ + { + MutualAuthentication: { + ClientRootCertificateChainArn: 'client-certificate-arn', + }, + Type: 'certificate-authentication', + }, + { + FederatedAuthentication: { + SAMLProviderArn: { + Ref: 'Provider2281708E', + }, + }, + Type: 'federated-authentication', + }, + ], + ClientCidrBlock: '10.100.0.0/16', + ConnectionLogOptions: { + CloudwatchLogGroup: { + Ref: 'VpcEndpointLogGroup96A18897', + }, + Enabled: true, + }, + ServerCertificateArn: 'server-certificate-arn', + ClientConnectOptions: { + Enabled: true, + LambdaFunctionArn: 'function-arn', + }, + DnsServers: [ + '8.8.8.8', + '8.8.4.4', + ], + SecurityGroupIds: [ + { + 'Fn::GetAtt': [ + 'VpcEndpointSecurityGroup7B25EFDC', + 'GroupId', + ], + }, + ], + VpcId: { + Ref: 'Vpc8378EB38', + }, + }); + + expect(stack).toCountResources('AWS::EC2::ClientVpnTargetNetworkAssociation', 2); + + expect(stack).toHaveResource('AWS::EC2::ClientVpnTargetNetworkAssociation', { + ClientVpnEndpointId: { + Ref: 'VpcEndpoint6FF034F6', + }, + SubnetId: { + Ref: 'VpcPrivateSubnet1Subnet536B997A', + }, + }); + + expect(stack).toHaveResource('AWS::EC2::ClientVpnTargetNetworkAssociation', { + ClientVpnEndpointId: { + Ref: 'VpcEndpoint6FF034F6', + }, + SubnetId: { + Ref: 'VpcPrivateSubnet2Subnet3788AAA1', + }, + }); + + expect(stack).toHaveOutput({ + outputName: 'VpcEndpointSelfServicePortalUrl760AFE23', + outputValue: { + 'Fn::Join': [ + '', + [ + 'https://self-service.clientvpn.amazonaws.com/endpoints/', + { + Ref: 'VpcEndpoint6FF034F6', + }, + ], + ], + }, + }); + + expect(stack).toHaveResource('AWS::EC2::ClientVpnAuthorizationRule', { + ClientVpnEndpointId: { + Ref: 'VpcEndpoint6FF034F6', + }, + TargetNetworkCidr: { + 'Fn::GetAtt': [ + 'Vpc8378EB38', + 'CidrBlock', + ], + }, + AuthorizeAllGroups: true, + }); +}); + +test('client vpn endpoint with custom security groups', () => { + vpc.addClientVpnEndpoint('Endpoint', { + cidr: '10.100.0.0/16', + serverCertificateArn: 'server-certificate-arn', + clientCertificateArn: 'client-certificate-arn', + securityGroups: [ + new ec2.SecurityGroup(stack, 'SG1', { vpc }), + new ec2.SecurityGroup(stack, 'SG2', { vpc }), + ], + }); + + expect(stack).toHaveResource('AWS::EC2::ClientVpnEndpoint', { + SecurityGroupIds: [ + { + 'Fn::GetAtt': [ + 'SG1BA065B6E', + 'GroupId', + ], + }, + { + 'Fn::GetAtt': [ + 'SG20CE3219C', + 'GroupId', + ], + }, + ], + }); +}); + +test('client vpn endpoint with custom logging', () => { + const logGroup = new logs.LogGroup(stack, 'LogGroup', { + retention: logs.RetentionDays.TWO_MONTHS, + }); + vpc.addClientVpnEndpoint('Endpoint', { + cidr: '10.100.0.0/16', + serverCertificateArn: 'server-certificate-arn', + clientCertificateArn: 'client-certificate-arn', + logGroup, + logStream: logGroup.addStream('LogStream'), + }); + + expect(stack).toHaveResource('AWS::EC2::ClientVpnEndpoint', { + ConnectionLogOptions: { + CloudwatchLogGroup: { + Ref: 'LogGroupF5B46931', + }, + CloudwatchLogStream: { + Ref: 'LogGroupLogStream245D76D6', + }, + Enabled: true, + }, + }); +}); + +test('client vpn endpoint with logging disabled', () => { + vpc.addClientVpnEndpoint('Endpoint', { + cidr: '10.100.0.0/16', + serverCertificateArn: 'server-certificate-arn', + clientCertificateArn: 'client-certificate-arn', + logging: false, + }); + + expect(stack).toHaveResource('AWS::EC2::ClientVpnEndpoint', { + ConnectionLogOptions: { + Enabled: false, + }, + }); +}); + +test('client vpn endpoint with custom authorization rules', () => { + const endpoint = vpc.addClientVpnEndpoint('Endpoint', { + cidr: '10.100.0.0/16', + serverCertificateArn: 'server-certificate-arn', + clientCertificateArn: 'client-certificate-arn', + authorizeAllUsersToVpcCidr: false, + }); + + endpoint.addAuthorizationRule('Rule', { + cidr: '10.0.10.0/32', + groupId: 'group-id', + }); + + expect(stack).toCountResources('AWS::EC2::ClientVpnAuthorizationRule', 1); + + expect(stack).toHaveResource('AWS::EC2::ClientVpnAuthorizationRule', { + ClientVpnEndpointId: { + Ref: 'VpcEndpoint6FF034F6', + }, + TargetNetworkCidr: '10.0.10.0/32', + AccessGroupId: 'group-id', + AuthorizeAllGroups: false, + }); +}); + +test('client vpn endpoint with custom route', () => { + const endpoint = vpc.addClientVpnEndpoint('Endpoint', { + cidr: '10.100.0.0/16', + serverCertificateArn: 'server-certificate-arn', + clientCertificateArn: 'client-certificate-arn', + authorizeAllUsersToVpcCidr: false, + }); + + endpoint.addRoute('Route', { + cidr: '10.100.0.0/16', + target: ec2.ClientVpnRouteTarget.local(), + }); + + expect(stack).toHaveResource('AWS::EC2::ClientVpnRoute', { + Properties: { + ClientVpnEndpointId: { + Ref: 'VpcEndpoint6FF034F6', + }, + DestinationCidrBlock: '10.100.0.0/16', + TargetVpcSubnetId: 'local', + }, + DependsOn: [ + 'VpcEndpointAssociation06B066321', + 'VpcEndpointAssociation12B51A67F', + ], + }, ResourcePart.CompleteDefinition); +}); + +test('throws with more than 2 dns servers', () => { + expect(() => vpc.addClientVpnEndpoint('Endpoint', { + cidr: '10.100.0.0/16', + serverCertificateArn: 'server-certificate-arn', + clientCertificateArn: 'client-certificate-arn', + dnsServers: ['1.1.1.1', '2.2.2.2', '3.3.3.3'], + })).toThrow(/A client VPN endpoint can have up to two DNS servers/); +}); + +test('throws when specifying logGroup with logging disabled', () => { + expect(() => vpc.addClientVpnEndpoint('Endpoint', { + cidr: '10.100.0.0/16', + serverCertificateArn: 'server-certificate-arn', + clientCertificateArn: 'client-certificate-arn', + logging: false, + logGroup: new logs.LogGroup(stack, 'LogGroup'), + })).toThrow(/Cannot specify `logGroup` or `logStream` when logging is disabled/); +}); + +test('throws without authentication options', () => { + expect(() => vpc.addClientVpnEndpoint('Endpoint', { + cidr: '10.100.0.0/16', + serverCertificateArn: 'server-certificate-arn', + })).toThrow(/A client VPN endpoint must use at least one authentication option/); +}); diff --git a/packages/@aws-cdk/aws-ec2/test/import-certificates-handler/ca.crt b/packages/@aws-cdk/aws-ec2/test/import-certificates-handler/ca.crt new file mode 100644 index 0000000000000..0a6dbb2b76dc4 --- /dev/null +++ b/packages/@aws-cdk/aws-ec2/test/import-certificates-handler/ca.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDSzCCAjOgAwIBAgIUb5Jgse1JNcl13gP/IFvfOWbm6z4wDQYJKoZIhvcNAQEL +BQAwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjAxMjI1MjEwMTM5WhcNMzAx +MjIzMjEwMTM5WjAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQTCCASIwDQYJKoZIhvcN +AQEBBQADggEPADCCAQoCggEBAOJ/zBeR69zOKbd8GJoL0W1C9gZbqUgykcDYwX03 +1rEhXZWlHQtdejsDgWweIeZjlxHWOSxOCGIjoQh5Syq3ssxNRWGyku2nGsLZHJLL +BAX4nKAmyN3q7EDtRR3t8rYu3x4+eJB0qlE7KNOJE0dyxVwDlW0c5rbccXZXSRU4 +aTWBBkHPM+zswOWQDD2oZm0hAx+8IsjQHPS1omsHaC8jXKADk+ssKO2oom8vMzkE +w7Oeo6ZOGxz8FdDsZo3BpeouW5Wrp92ZvuH1SHZ7RbYGmWEBwDKRO0b+HmRFXiVc +BR1almVY+9clMEKHTpHRKfzw3pBT5bwSA7ndOSu5og3HzdECAwEAAaOBkDCBjTAd +BgNVHQ4EFgQUXmyUf1TxXzxwRV9wnb88M/P+yLIwUQYDVR0jBEowSIAUXmyUf1Tx +XzxwRV9wnb88M/P+yLKhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBghRvkmCx +7Uk1yXXeA/8gW985ZubrPjAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjANBgkq +hkiG9w0BAQsFAAOCAQEAvDHUc5+xIWkuNBJXeR1e18SRuddgTejvc01AMe+H4Oz9 +y8R4/Jv4fYDGRAnWGVFowuwNj6FGdlf1MXOPl0Ukv9pv1svgHW+XlXEU8uwX7J9H +bG6NEuHVfdyfaiDw3MiUWTKGRbjUiHDIkGFVKJxapFHe1XsrVocmy0s8AizbnqIx +MsWLQQ09BU117bsz2Cbr9nd89OvhOUEmVraw99SiEkYte+VF+K0j+ze5sn111LW3 +KqSKHDehEMySBS3sFc6Wp68lfE7g6XFEsqocU+0s/wHg2dfrrS7QQfnWy7tpFWMn +KlljAoS8PN+N3ptEn4JIbaYVd5mYJhR18oLRUTOnOw== +-----END CERTIFICATE----- diff --git a/packages/@aws-cdk/aws-ec2/test/import-certificates-handler/client1.domain.tld.crt b/packages/@aws-cdk/aws-ec2/test/import-certificates-handler/client1.domain.tld.crt new file mode 100644 index 0000000000000..dcbd3cf5f2248 --- /dev/null +++ b/packages/@aws-cdk/aws-ec2/test/import-certificates-handler/client1.domain.tld.crt @@ -0,0 +1,85 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 85:d1:c0:75:1d:a4:9f:4d:d1:0c:d0:a8:25:94:db:85 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=Easy-RSA CA + Validity + Not Before: Dec 25 21:01:55 2020 GMT + Not After : Mar 30 21:01:55 2023 GMT + Subject: CN=client1.domain.tld + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:ee:35:7c:d5:1f:da:fc:60:cd:6d:e4:d9:a2:a7: + 99:08:16:3f:9a:84:e4:43:64:f1:5b:d4:ce:ba:7a: + 2a:66:e8:e4:14:1e:62:0b:61:bf:ed:78:cd:34:96: + 22:ef:e2:67:76:18:6f:bc:50:4b:17:2b:b4:6e:c5: + 60:fc:5f:a7:a9:a6:12:ba:08:74:6f:e5:07:90:8a: + 69:25:45:e5:73:4b:be:75:c4:be:8e:4f:a6:8f:7b: + 8c:c7:e4:32:cb:e2:b4:ba:5e:24:75:17:8b:49:92: + f6:7c:51:94:d2:55:4d:0b:da:19:81:83:2f:c3:b8: + c3:8f:7f:e5:b4:31:e3:26:47:0a:ed:ef:fe:77:69: + 01:6f:fb:91:c9:30:76:a4:76:6b:c4:22:39:95:d4: + e5:c1:40:2a:a8:dd:e5:53:85:22:af:b7:70:2d:ce: + d8:be:df:7f:d4:2a:fd:ac:a4:f7:dd:4f:8e:c6:c0: + a5:dd:a1:b6:69:9f:98:0d:a6:ca:cd:7a:44:85:81: + 5f:c3:01:f5:c4:b5:81:c1:a6:7c:1e:8b:da:21:60: + b3:b0:8d:15:6c:d7:9f:7d:ac:e9:a8:cf:f0:0b:b2: + e0:30:ad:85:83:39:42:90:58:f4:ae:c4:ad:63:2d: + 3d:a4:58:59:2a:0c:f6:15:f1:00:7d:ea:7d:d0:42: + ba:31 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + 14:04:30:68:68:A7:F3:CA:C0:D2:35:F4:F4:BF:ED:F6:CA:18:CA:65 + X509v3 Authority Key Identifier: + keyid:5E:6C:94:7F:54:F1:5F:3C:70:45:5F:70:9D:BF:3C:33:F3:FE:C8:B2 + DirName:/CN=Easy-RSA CA + serial:6F:92:60:B1:ED:49:35:C9:75:DE:03:FF:20:5B:DF:39:66:E6:EB:3E + + X509v3 Extended Key Usage: + TLS Web Client Authentication + X509v3 Key Usage: + Digital Signature + Signature Algorithm: sha256WithRSAEncryption + ab:25:52:5a:10:0a:eb:fd:cb:d4:30:89:de:ee:4f:62:c7:c9: + e5:db:03:70:5e:2a:9f:8d:fa:9a:18:cc:92:07:ae:65:21:3d: + b6:58:75:1b:74:77:c7:b5:58:27:a4:00:e3:a0:7d:d3:0e:44: + 4b:8e:0f:4f:3e:0a:80:66:7e:68:00:a9:da:5c:0b:75:19:1a: + f9:5b:b3:3a:f6:57:0b:59:5c:11:92:55:93:df:a0:39:ef:d4: + 00:77:d3:58:fd:e2:f4:1c:0a:b1:7f:43:57:4f:8a:cc:7f:46: + f6:46:6c:b3:4f:56:78:22:72:93:7c:26:44:79:a9:85:d3:ac: + ce:24:10:b1:59:24:77:4d:79:50:a2:78:f6:73:56:87:bb:a2: + a2:91:3b:d8:42:ff:66:a6:24:ec:1a:b0:c2:9c:c2:6c:5f:ca: + 14:5c:9f:86:f0:d7:0e:af:1b:cc:48:7f:d8:80:58:0a:8a:6d: + de:35:10:2f:37:3b:af:6d:49:3a:b3:8d:b7:cb:ec:80:4a:b8: + 4b:81:fd:3e:39:a0:e6:e1:35:dc:b1:99:95:9b:8a:af:50:73: + 71:9c:e6:d5:d8:bf:53:0a:c8:ef:af:84:d5:9b:0a:68:49:de: + 55:05:57:9f:06:a1:70:e4:40:94:f0:ca:9b:39:79:33:2f:72: + 29:e0:ae:de +-----BEGIN CERTIFICATE----- +MIIDYTCCAkmgAwIBAgIRAIXRwHUdpJ9N0QzQqCWU24UwDQYJKoZIhvcNAQELBQAw +FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjAxMjI1MjEwMTU1WhcNMjMwMzMw +MjEwMTU1WjAdMRswGQYDVQQDDBJjbGllbnQxLmRvbWFpbi50bGQwggEiMA0GCSqG +SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDuNXzVH9r8YM1t5Nmip5kIFj+ahORDZPFb +1M66eipm6OQUHmILYb/teM00liLv4md2GG+8UEsXK7RuxWD8X6epphK6CHRv5QeQ +imklReVzS751xL6OT6aPe4zH5DLL4rS6XiR1F4tJkvZ8UZTSVU0L2hmBgy/DuMOP +f+W0MeMmRwrt7/53aQFv+5HJMHakdmvEIjmV1OXBQCqo3eVThSKvt3Atzti+33/U +Kv2spPfdT47GwKXdobZpn5gNpsrNekSFgV/DAfXEtYHBpnwei9ohYLOwjRVs1599 +rOmoz/ALsuAwrYWDOUKQWPSuxK1jLT2kWFkqDPYV8QB96n3QQroxAgMBAAGjgaIw +gZ8wCQYDVR0TBAIwADAdBgNVHQ4EFgQUFAQwaGin88rA0jX09L/t9soYymUwUQYD +VR0jBEowSIAUXmyUf1TxXzxwRV9wnb88M/P+yLKhGqQYMBYxFDASBgNVBAMMC0Vh +c3ktUlNBIENBghRvkmCx7Uk1yXXeA/8gW985ZubrPjATBgNVHSUEDDAKBggrBgEF +BQcDAjALBgNVHQ8EBAMCB4AwDQYJKoZIhvcNAQELBQADggEBAKslUloQCuv9y9Qw +id7uT2LHyeXbA3BeKp+N+poYzJIHrmUhPbZYdRt0d8e1WCekAOOgfdMOREuOD08+ +CoBmfmgAqdpcC3UZGvlbszr2VwtZXBGSVZPfoDnv1AB301j94vQcCrF/Q1dPisx/ +RvZGbLNPVngicpN8JkR5qYXTrM4kELFZJHdNeVCiePZzVoe7oqKRO9hC/2amJOwa +sMKcwmxfyhRcn4bw1w6vG8xIf9iAWAqKbd41EC83O69tSTqzjbfL7IBKuEuB/T45 +oObhNdyxmZWbiq9Qc3Gc5tXYv1MKyO+vhNWbCmhJ3lUFV58GoXDkQJTwyps5eTMv +cingrt4= +-----END CERTIFICATE----- diff --git a/packages/@aws-cdk/aws-ec2/test/import-certificates-handler/client1.domain.tld.key b/packages/@aws-cdk/aws-ec2/test/import-certificates-handler/client1.domain.tld.key new file mode 100644 index 0000000000000..8d6a2b7f8769f --- /dev/null +++ b/packages/@aws-cdk/aws-ec2/test/import-certificates-handler/client1.domain.tld.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDuNXzVH9r8YM1t +5Nmip5kIFj+ahORDZPFb1M66eipm6OQUHmILYb/teM00liLv4md2GG+8UEsXK7Ru +xWD8X6epphK6CHRv5QeQimklReVzS751xL6OT6aPe4zH5DLL4rS6XiR1F4tJkvZ8 +UZTSVU0L2hmBgy/DuMOPf+W0MeMmRwrt7/53aQFv+5HJMHakdmvEIjmV1OXBQCqo +3eVThSKvt3Atzti+33/UKv2spPfdT47GwKXdobZpn5gNpsrNekSFgV/DAfXEtYHB +pnwei9ohYLOwjRVs1599rOmoz/ALsuAwrYWDOUKQWPSuxK1jLT2kWFkqDPYV8QB9 +6n3QQroxAgMBAAECggEALs3pqkKpF3+5vYcC0DfYFMOyWZ0U8L0Lw3xr5i4M2M2X +yvAxWYUqXfGneFarpLC6nXStt7WbG4Fl4YH8zXnKCsZr1YvFvRqmQts/T6iNLftK +//7ZZkL2OikPf1MyO+delWPcC/nFT36F2eV5tV43VkXTTyREpVNPcYmyy5YlyKY5 +za/xqcAZaTfvsVHROb0k4kmFnLMfdjqaL/ufo+j1l4KYg4mEANVg8byckawqcLpn +buLT4qu0oP1Bu69lX6RKlPvzP0VG+3k8+gi/jNztt7Q9fXrw7H0M40oZMWZX828l +nBvgmVS+9t8l9msGzmIBxc/1aiKUzIdNhDSt29KoZQKBgQD5/OiA1unKLO7DuLon +SAhlW/2qMPjSei36TsyaTWT38+yPslOMqPgaoWFdBNTFuIkEKNidcdDruVGwn/xR +aaYeOk62ptqwAMDssQQYmsUawqSwPw7PmocFcjxe8glCE07ix3sm/v9eFn2Ot5iX +gE6U6m36/0fsbxv8q+tFEKpYcwKBgQDz8A9lay6yb0HT53BQrpaRlLn7t8k+zwgp +Lukzp2IzHR+MDDDGUsAOcCCjVW8jMhk4i3PBxrJyw4LUyB6D05Axo9WEKvQx2akR +Ss9To1ZArfVsmKtBCq0jNnYKBKgn+xKPEdAL6MY+BmOuiaGiRgRefxMoba/tD70t +a31ckBxNywKBgQDv6+xxCtIiOXGF4lq2rIlyThFsL8f+qUhLPSlcxf6rgi191BYf +n2NOm6fIEITspijKFzGeGcf7FEb0jvcoY48M38T/w6+Kz45ZG6LkwlV9U2WfyUU7 +tgD0Fykdrol4IvPI7s6hJIaOFGO4fzgx3vCMN1oKVMsAfbqMi6snA9GZRQKBgH7u +rbRCX5wt1H0lcwYosuSyFUzsR2XNaRu081gTgz/BqcbAGSk5qgJZSkJzlE8mJIWN +2wA8GmMpZQy/zVEfZ2rNK6+IgmTmM9lxqgyFc75YRtrpXkOMAKfQEQAJiE61kOSt +iiqIR4/C11/c8iR0dpWNXjStTtv2UqQtyJ+/xVqdAoGBAJdSIlgFdAmxa3lATbAy +XN7abtkNhIsi+GSKhEFdAFWsZAPjP4M1NRFr1go/z+RwtsDYJxqrG4eAxWQPShl5 +ggR/CIrM9gc8Ju8As33+i3stKOVKcrZWcvdAj1XU8V/OdmfnVFQVrjyHLqY+RU94 +T4q0NBKfcsiroJOqOSAkiAvU +-----END PRIVATE KEY----- diff --git a/packages/@aws-cdk/aws-ec2/test/import-certificates-handler/index.ts b/packages/@aws-cdk/aws-ec2/test/import-certificates-handler/index.ts new file mode 100644 index 0000000000000..846af4be6bcc3 --- /dev/null +++ b/packages/@aws-cdk/aws-ec2/test/import-certificates-handler/index.ts @@ -0,0 +1,49 @@ +import * as fs from 'fs'; +import { ACM } from 'aws-sdk'; // eslint-disable-line import/no-extraneous-dependencies + +const acm = new ACM(); + +export async function handler(event: AWSLambda.CloudFormationCustomResourceEvent) { + switch (event.RequestType) { + case 'Create': + let serverImport; + if (!event.ResourceProperties.ServerCertificateArn) { + serverImport = await acm.importCertificate({ + Certificate: fs.readFileSync('./server.crt'), + PrivateKey: fs.readFileSync('./server.key'), + CertificateChain: fs.readFileSync('./ca.crt'), + }).promise(); + } + + let clientImport; + if (!event.ResourceProperties.ClientCertificateArn) { + clientImport = await acm.importCertificate({ + Certificate: fs.readFileSync('./client1.domain.tld.crt'), + PrivateKey: fs.readFileSync('./client1.domain.tld.key'), + CertificateChain: fs.readFileSync('./ca.crt'), + }).promise(); + } + + + return { + Data: { + ServerCertificateArn: serverImport?.CertificateArn, + ClientCertificateArn: clientImport?.CertificateArn, + }, + }; + case 'Update': + return; + case 'Delete': + if (event.ResourceProperties.ServerCertificateArn) { + await acm.deleteCertificate({ + CertificateArn: event.ResourceProperties.ServerCertificateArn, + }).promise(); + } + if (event.ResourceProperties.ClientCertificateArn) { + await acm.deleteCertificate({ + CertificateArn: event.ResourceProperties.ClientCertificateArn, + }).promise(); + } + return; + } +} diff --git a/packages/@aws-cdk/aws-ec2/test/import-certificates-handler/server.crt b/packages/@aws-cdk/aws-ec2/test/import-certificates-handler/server.crt new file mode 100644 index 0000000000000..2f0cf944f824b --- /dev/null +++ b/packages/@aws-cdk/aws-ec2/test/import-certificates-handler/server.crt @@ -0,0 +1,87 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: + 3f:dd:e1:9d:b0:34:f0:d6:d7:57:1d:bf:fe:76:ee:c0 + Signature Algorithm: sha256WithRSAEncryption + Issuer: CN=Easy-RSA CA + Validity + Not Before: Dec 25 21:01:47 2020 GMT + Not After : Mar 30 21:01:47 2023 GMT + Subject: CN=server + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public-Key: (2048 bit) + Modulus: + 00:da:80:19:4b:f2:f2:7e:36:ac:01:4c:aa:db:0d: + 50:7d:03:8c:b3:a7:51:1b:9b:e9:13:ec:8e:f6:b5: + 38:bb:b9:fc:16:39:1d:70:1c:62:49:48:d3:48:ae: + 3c:b9:bc:27:38:69:08:42:cd:20:10:fa:bd:4e:24: + 4b:b8:f9:1d:0a:3d:a4:06:5d:b6:8f:87:8d:fa:ac: + d4:9f:b4:97:d8:9f:80:d3:de:ff:64:29:c8:50:86: + 5f:ca:fa:c0:c3:92:ac:ba:22:8f:59:e6:5f:57:d4: + 72:cc:5d:5e:f7:06:81:a0:0c:20:4f:79:61:38:10: + e7:77:a2:4a:4c:3b:8c:3b:98:61:7a:83:85:af:5b: + de:0f:31:6c:58:f3:bf:3f:19:e6:2f:14:8a:43:ea: + 43:be:e8:25:e5:8e:16:cb:32:94:f4:58:89:a7:5c: + 18:22:9f:dd:0e:a3:68:d1:e1:92:10:de:50:b0:91: + 82:b2:0b:97:60:41:f4:32:26:76:66:67:55:e8:0b: + 3a:4d:63:be:46:ab:5a:56:2f:ee:f6:9f:d3:99:b3: + 76:79:a8:57:b3:5f:9a:93:47:0d:23:3e:73:18:72: + 71:33:37:ef:fe:c7:0f:fc:ca:c4:4f:cc:59:8a:c0: + 7b:3e:fc:70:1b:5f:15:92:e3:59:ba:fd:a8:fc:3d: + 1a:89 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Basic Constraints: + CA:FALSE + X509v3 Subject Key Identifier: + BF:09:F8:C9:97:0B:72:EE:D2:1A:A9:4C:04:CB:E3:81:48:FF:A8:BD + X509v3 Authority Key Identifier: + keyid:5E:6C:94:7F:54:F1:5F:3C:70:45:5F:70:9D:BF:3C:33:F3:FE:C8:B2 + DirName:/CN=Easy-RSA CA + serial:6F:92:60:B1:ED:49:35:C9:75:DE:03:FF:20:5B:DF:39:66:E6:EB:3E + + X509v3 Extended Key Usage: + TLS Web Server Authentication + X509v3 Key Usage: + Digital Signature, Key Encipherment + X509v3 Subject Alternative Name: + DNS:server + Signature Algorithm: sha256WithRSAEncryption + 9e:7e:15:5b:5d:9d:1e:9b:b8:fe:c8:2a:d8:10:44:08:c1:60: + 1f:e4:83:9a:89:ac:82:94:72:6e:b3:c0:11:c8:03:6d:52:64: + be:63:69:f7:61:ca:9a:66:f0:81:36:83:87:02:6e:b0:01:e4: + cf:34:e1:b4:be:ec:e2:bc:72:5f:02:53:29:ea:87:2d:32:96: + 34:ff:73:32:31:85:63:f7:34:cd:e3:64:5d:ac:c5:0e:b3:09: + c6:3d:0a:bb:73:11:7b:f1:ca:b9:e0:76:96:b3:b1:7b:b2:ef: + ab:b9:70:f5:e0:65:9e:b0:e2:09:8b:12:cd:3a:4d:f9:b5:e2: + c3:aa:b5:ee:a2:05:60:e0:7e:7b:4c:e9:ee:f5:94:78:7b:3b: + b7:90:d3:b0:5b:83:47:7d:1a:06:b3:90:8e:79:3e:3a:66:01: + da:a4:b6:a6:d4:2b:6c:a5:6f:b1:a4:45:11:39:0c:b4:35:64: + 75:e5:f1:07:f2:01:62:74:ab:bf:26:b7:5f:cb:11:d0:c7:71: + 05:73:bb:ee:60:99:2f:31:73:63:a6:25:ef:90:a6:8c:da:ca: + ef:80:42:68:e9:0b:34:ea:f0:fd:f8:98:5d:73:b2:6a:45:d6: + ab:78:21:24:12:1d:14:2d:2e:11:87:20:55:c7:40:df:ed:28: + f9:0e:67:84 +-----BEGIN CERTIFICATE----- +MIIDZzCCAk+gAwIBAgIQP93hnbA08NbXVx2//nbuwDANBgkqhkiG9w0BAQsFADAW +MRQwEgYDVQQDDAtFYXN5LVJTQSBDQTAeFw0yMDEyMjUyMTAxNDdaFw0yMzAzMzAy +MTAxNDdaMBExDzANBgNVBAMMBnNlcnZlcjCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBANqAGUvy8n42rAFMqtsNUH0DjLOnURub6RPsjva1OLu5/BY5HXAc +YklI00iuPLm8JzhpCELNIBD6vU4kS7j5HQo9pAZdto+Hjfqs1J+0l9ifgNPe/2Qp +yFCGX8r6wMOSrLoij1nmX1fUcsxdXvcGgaAMIE95YTgQ53eiSkw7jDuYYXqDha9b +3g8xbFjzvz8Z5i8UikPqQ77oJeWOFssylPRYiadcGCKf3Q6jaNHhkhDeULCRgrIL +l2BB9DImdmZnVegLOk1jvkarWlYv7vaf05mzdnmoV7NfmpNHDSM+cxhycTM37/7H +D/zKxE/MWYrAez78cBtfFZLjWbr9qPw9GokCAwEAAaOBtTCBsjAJBgNVHRMEAjAA +MB0GA1UdDgQWBBS/CfjJlwty7tIaqUwEy+OBSP+ovTBRBgNVHSMESjBIgBRebJR/ +VPFfPHBFX3Cdvzwz8/7IsqEapBgwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0GCFG+S +YLHtSTXJdd4D/yBb3zlm5us+MBMGA1UdJQQMMAoGCCsGAQUFBwMBMAsGA1UdDwQE +AwIFoDARBgNVHREECjAIggZzZXJ2ZXIwDQYJKoZIhvcNAQELBQADggEBAJ5+FVtd +nR6buP7IKtgQRAjBYB/kg5qJrIKUcm6zwBHIA21SZL5jafdhyppm8IE2g4cCbrAB +5M804bS+7OK8cl8CUynqhy0yljT/czIxhWP3NM3jZF2sxQ6zCcY9CrtzEXvxyrng +dpazsXuy76u5cPXgZZ6w4gmLEs06Tfm14sOqte6iBWDgfntM6e71lHh7O7eQ07Bb +g0d9GgazkI55PjpmAdqktqbUK2ylb7GkRRE5DLQ1ZHXl8QfyAWJ0q78mt1/LEdDH +cQVzu+5gmS8xc2OmJe+Qpozayu+AQmjpCzTq8P34mF1zsmpF1qt4ISQSHRQtLhGH +IFXHQN/tKPkOZ4Q= +-----END CERTIFICATE----- diff --git a/packages/@aws-cdk/aws-ec2/test/import-certificates-handler/server.key b/packages/@aws-cdk/aws-ec2/test/import-certificates-handler/server.key new file mode 100644 index 0000000000000..d6b35dc97101b --- /dev/null +++ b/packages/@aws-cdk/aws-ec2/test/import-certificates-handler/server.key @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDagBlL8vJ+NqwB +TKrbDVB9A4yzp1Ebm+kT7I72tTi7ufwWOR1wHGJJSNNIrjy5vCc4aQhCzSAQ+r1O +JEu4+R0KPaQGXbaPh436rNSftJfYn4DT3v9kKchQhl/K+sDDkqy6Io9Z5l9X1HLM +XV73BoGgDCBPeWE4EOd3okpMO4w7mGF6g4WvW94PMWxY878/GeYvFIpD6kO+6CXl +jhbLMpT0WImnXBgin90Oo2jR4ZIQ3lCwkYKyC5dgQfQyJnZmZ1XoCzpNY75Gq1pW +L+72n9OZs3Z5qFezX5qTRw0jPnMYcnEzN+/+xw/8ysRPzFmKwHs+/HAbXxWS41m6 +/aj8PRqJAgMBAAECggEAYBbXiRv1YmX+rK+fr6eiTugBt3wMYjzlenqcwIgfxAbd +gpRpisUgwCPDrwHY+MFy6g7esCnvQShTmgrCNj1vdPJ4sMgDogk1+hiJhRZxdLVo +fURjQhRR4H/Hnsc5gIh/Z3gNXLbAFSr7tT4WpkH5PX43s1uo0nQ0ptr7G51QZWAk +yz1K2Ff4PJ0hpQXFJAMoi+tbSh+dqz0jewN0bcKBpq7/bJr++bJiChTyiVSq8a5b +73XfRuSI8k8L3TJkv2DiEZ5aLsDSqbwqF03f9Dm8I7iaMRfKCS7UhLHFP1kPGyK4 +1vZbexZnelTd+pM2+X+XKSwISGecWd0+GaEtJhV/UQKBgQD1l1N+NeDR1+vHZK7C +dvU33FZBkA/61emV70XrM5Yl8H+o3oTLU72Tgt1/xcTRRcPKi51S+UJpH7FjoE45 +YwoDKlhkpGfUmIsWklOC1szDcVkg2cZ75G9pEzB3noHOxIJXLZ1oyDhOqSsIXx2J +f0DcmnwRcg81UQKr5Ql6RtdFPQKBgQDjwtZMXqhMZ2cOxNxA4pw3KjtB9yWMHaId +3/8bx5XmxBnqBFKi1AGC5UW7TOhe/rLnumbzEyX3wEj0A9kgh35jccJTyha3Wzpf +JTiwyNLxxFADjcMmptysJyVkPOJjXDV9w+qbqlT/KNNPweE047WMP8zBJUst68Hk +lox5L2+3PQKBgQDTqZdxCDh6QrDXyaOAwIu5mDHTEblkAybtbSoCexRmIG+1+AnV +P5f84WXLcISfpJQJJejykRc2iPUWmxuwA/amIcHLA5LlPI9rZbOJ6VzS+QbK9EZH +kuqeUcaM4dSYgu6e+hZXL3CwAsau0WMglMcvGgnh8z6+QdKemahgdVulNQKBgC65 +uQcf4D0UdZMVFe6FzvCOTGvjDSPqrGienJKRZpJaJsrYqi9XeRvmd2DOjVl3vTJH +DnnNsttZ6l2NMI043tf97ZUM/44MPDRqyW+TM5t/375q5d9XGiyDN2uSBgvGTf8I +I2heEGPsdzWEm/QixwsHx7TUNtEr7bI8pIL0FWItAoGAFNQRDOeogfMDPV96EQOP +cWpO0L4S0Xe/9EVfQiBoz9Ga/sciysMCsPMzBajoV2gQPCcqx9rgQ3H8b01stTlp +0cVyrrlbcDUz0ZYe24hN5XlKHDAyZmKpVCmRduQJYTfExZtdhWDl77JSAyyno45G +5c5Y5wQLBH//3hCyVTh1NTA= +-----END PRIVATE KEY----- diff --git a/packages/@aws-cdk/aws-ec2/test/integ.client-vpn-endpoint.expected.json b/packages/@aws-cdk/aws-ec2/test/integ.client-vpn-endpoint.expected.json new file mode 100644 index 0000000000000..17e0059d601d1 --- /dev/null +++ b/packages/@aws-cdk/aws-ec2/test/integ.client-vpn-endpoint.expected.json @@ -0,0 +1,612 @@ +{ + "Resources": { + "ImportCertificatesCreateCertificates71085A81": { + "Type": "Custom::ACMImportCertificates", + "Properties": { + "ServiceToken": { + "Fn::GetAtt": [ + "CustomACMImportCertificatesCustomResourceProviderHandler2EB12457", + "Arn" + ] + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "ImportCertificatesDeleteCertificates6462F0A6": { + "Type": "Custom::ACMImportCertificates", + "Properties": { + "ServiceToken": { + "Fn::GetAtt": [ + "CustomACMImportCertificatesCustomResourceProviderHandler2EB12457", + "Arn" + ] + }, + "ServerCertificateArn": { + "Fn::GetAtt": [ + "ImportCertificatesCreateCertificates71085A81", + "ClientCertificateArn" + ] + }, + "ClientCertificateArn": { + "Fn::GetAtt": [ + "ImportCertificatesCreateCertificates71085A81", + "ServerCertificateArn" + ] + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "CustomACMImportCertificatesCustomResourceProviderRole2CE46D14": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ] + }, + "ManagedPolicyArns": [ + { + "Fn::Sub": "arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + } + ], + "Policies": [ + { + "PolicyName": "Inline", + "PolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "acm:ImportCertificate", + "acm:DeleteCertificate" + ], + "Resource": "*" + } + ] + } + } + ] + } + }, + "CustomACMImportCertificatesCustomResourceProviderHandler2EB12457": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": { + "Ref": "AssetParametersbb3ce11d35aa60dce674523850f7a4a038127a6c48af335699cff4cc55cb0957S3Bucket60FDAA05" + }, + "S3Key": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParametersbb3ce11d35aa60dce674523850f7a4a038127a6c48af335699cff4cc55cb0957S3VersionKeyF2886582" + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParametersbb3ce11d35aa60dce674523850f7a4a038127a6c48af335699cff4cc55cb0957S3VersionKeyF2886582" + } + ] + } + ] + } + ] + ] + } + }, + "Timeout": 900, + "MemorySize": 128, + "Handler": "__entrypoint__.handler", + "Role": { + "Fn::GetAtt": [ + "CustomACMImportCertificatesCustomResourceProviderRole2CE46D14", + "Arn" + ] + }, + "Runtime": "nodejs12.x" + }, + "DependsOn": [ + "CustomACMImportCertificatesCustomResourceProviderRole2CE46D14" + ] + }, + "Vpc8378EB38": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": "10.0.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default", + "Tags": [ + { + "Key": "Name", + "Value": "cdk-ec2-client-vpn-endpoint/Vpc" + } + ] + }, + "DependsOn": [ + "ImportCertificatesCreateCertificates71085A81", + "ImportCertificatesDeleteCertificates6462F0A6" + ] + }, + "VpcPublicSubnet1Subnet5C2D37C4": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "CidrBlock": "10.0.0.0/18", + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": "test-region-1a", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "cdk-ec2-client-vpn-endpoint/Vpc/PublicSubnet1" + } + ] + }, + "DependsOn": [ + "ImportCertificatesCreateCertificates71085A81", + "ImportCertificatesDeleteCertificates6462F0A6" + ] + }, + "VpcPublicSubnet1RouteTable6C95E38E": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "cdk-ec2-client-vpn-endpoint/Vpc/PublicSubnet1" + } + ] + }, + "DependsOn": [ + "ImportCertificatesCreateCertificates71085A81", + "ImportCertificatesDeleteCertificates6462F0A6" + ] + }, + "VpcPublicSubnet1RouteTableAssociation97140677": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + }, + "DependsOn": [ + "ImportCertificatesCreateCertificates71085A81", + "ImportCertificatesDeleteCertificates6462F0A6" + ] + }, + "VpcPublicSubnet1DefaultRoute3DA9E72A": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + } + }, + "DependsOn": [ + "ImportCertificatesCreateCertificates71085A81", + "ImportCertificatesDeleteCertificates6462F0A6", + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet2Subnet691E08A3": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "CidrBlock": "10.0.64.0/18", + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": "test-region-1b", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "cdk-ec2-client-vpn-endpoint/Vpc/PublicSubnet2" + } + ] + }, + "DependsOn": [ + "ImportCertificatesCreateCertificates71085A81", + "ImportCertificatesDeleteCertificates6462F0A6" + ] + }, + "VpcPublicSubnet2RouteTable94F7E489": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "cdk-ec2-client-vpn-endpoint/Vpc/PublicSubnet2" + } + ] + }, + "DependsOn": [ + "ImportCertificatesCreateCertificates71085A81", + "ImportCertificatesDeleteCertificates6462F0A6" + ] + }, + "VpcPublicSubnet2RouteTableAssociationDD5762D8": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + }, + "DependsOn": [ + "ImportCertificatesCreateCertificates71085A81", + "ImportCertificatesDeleteCertificates6462F0A6" + ] + }, + "VpcPublicSubnet2DefaultRoute97F91067": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + } + }, + "DependsOn": [ + "ImportCertificatesCreateCertificates71085A81", + "ImportCertificatesDeleteCertificates6462F0A6", + "VpcVPCGWBF912B6E" + ] + }, + "VpcIsolatedSubnet1SubnetE48C5737": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "CidrBlock": "10.0.128.0/18", + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": "test-region-1a", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Isolated" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Isolated" + }, + { + "Key": "Name", + "Value": "cdk-ec2-client-vpn-endpoint/Vpc/IsolatedSubnet1" + } + ] + }, + "DependsOn": [ + "ImportCertificatesCreateCertificates71085A81", + "ImportCertificatesDeleteCertificates6462F0A6" + ] + }, + "VpcIsolatedSubnet1RouteTable4771E3E5": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "cdk-ec2-client-vpn-endpoint/Vpc/IsolatedSubnet1" + } + ] + }, + "DependsOn": [ + "ImportCertificatesCreateCertificates71085A81", + "ImportCertificatesDeleteCertificates6462F0A6" + ] + }, + "VpcIsolatedSubnet1RouteTableAssociationD300FCBB": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcIsolatedSubnet1RouteTable4771E3E5" + }, + "SubnetId": { + "Ref": "VpcIsolatedSubnet1SubnetE48C5737" + } + }, + "DependsOn": [ + "ImportCertificatesCreateCertificates71085A81", + "ImportCertificatesDeleteCertificates6462F0A6" + ] + }, + "VpcIsolatedSubnet2Subnet16364B91": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "CidrBlock": "10.0.192.0/18", + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": "test-region-1b", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Isolated" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Isolated" + }, + { + "Key": "Name", + "Value": "cdk-ec2-client-vpn-endpoint/Vpc/IsolatedSubnet2" + } + ] + }, + "DependsOn": [ + "ImportCertificatesCreateCertificates71085A81", + "ImportCertificatesDeleteCertificates6462F0A6" + ] + }, + "VpcIsolatedSubnet2RouteTable1D30AF7D": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "cdk-ec2-client-vpn-endpoint/Vpc/IsolatedSubnet2" + } + ] + }, + "DependsOn": [ + "ImportCertificatesCreateCertificates71085A81", + "ImportCertificatesDeleteCertificates6462F0A6" + ] + }, + "VpcIsolatedSubnet2RouteTableAssociationF7B18CCA": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcIsolatedSubnet2RouteTable1D30AF7D" + }, + "SubnetId": { + "Ref": "VpcIsolatedSubnet2Subnet16364B91" + } + }, + "DependsOn": [ + "ImportCertificatesCreateCertificates71085A81", + "ImportCertificatesDeleteCertificates6462F0A6" + ] + }, + "VpcIGWD7BA715C": { + "Type": "AWS::EC2::InternetGateway", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "cdk-ec2-client-vpn-endpoint/Vpc" + } + ] + }, + "DependsOn": [ + "ImportCertificatesCreateCertificates71085A81", + "ImportCertificatesDeleteCertificates6462F0A6" + ] + }, + "VpcVPCGWBF912B6E": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "InternetGatewayId": { + "Ref": "VpcIGWD7BA715C" + } + }, + "DependsOn": [ + "ImportCertificatesCreateCertificates71085A81", + "ImportCertificatesDeleteCertificates6462F0A6" + ] + }, + "VpcEndpointSecurityGroup7B25EFDC": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "cdk-ec2-client-vpn-endpoint/Vpc/Endpoint/SecurityGroup", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "Tags": [ + { + "Key": "Name", + "Value": "cdk-ec2-client-vpn-endpoint/Vpc" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + }, + "DependsOn": [ + "ImportCertificatesCreateCertificates71085A81", + "ImportCertificatesDeleteCertificates6462F0A6" + ] + }, + "VpcEndpoint6FF034F6": { + "Type": "AWS::EC2::ClientVpnEndpoint", + "Properties": { + "AuthenticationOptions": [ + { + "MutualAuthentication": { + "ClientRootCertificateChainArn": { + "Fn::GetAtt": [ + "ImportCertificatesCreateCertificates71085A81", + "ServerCertificateArn" + ] + } + }, + "Type": "certificate-authentication" + } + ], + "ClientCidrBlock": "10.100.0.0/16", + "ConnectionLogOptions": { + "CloudwatchLogGroup": { + "Ref": "LogGroupF5B46931" + }, + "Enabled": true + }, + "ServerCertificateArn": { + "Fn::GetAtt": [ + "ImportCertificatesCreateCertificates71085A81", + "ClientCertificateArn" + ] + }, + "SecurityGroupIds": [ + { + "Fn::GetAtt": [ + "VpcEndpointSecurityGroup7B25EFDC", + "GroupId" + ] + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + }, + "DependsOn": [ + "ImportCertificatesCreateCertificates71085A81", + "ImportCertificatesDeleteCertificates6462F0A6" + ] + }, + "VpcEndpointAssociation06B066321": { + "Type": "AWS::EC2::ClientVpnTargetNetworkAssociation", + "Properties": { + "ClientVpnEndpointId": { + "Ref": "VpcEndpoint6FF034F6" + }, + "SubnetId": { + "Ref": "VpcIsolatedSubnet1SubnetE48C5737" + } + }, + "DependsOn": [ + "ImportCertificatesCreateCertificates71085A81", + "ImportCertificatesDeleteCertificates6462F0A6" + ] + }, + "VpcEndpointAssociation12B51A67F": { + "Type": "AWS::EC2::ClientVpnTargetNetworkAssociation", + "Properties": { + "ClientVpnEndpointId": { + "Ref": "VpcEndpoint6FF034F6" + }, + "SubnetId": { + "Ref": "VpcIsolatedSubnet2Subnet16364B91" + } + }, + "DependsOn": [ + "ImportCertificatesCreateCertificates71085A81", + "ImportCertificatesDeleteCertificates6462F0A6" + ] + }, + "VpcEndpointAuthorizeAll70F0E613": { + "Type": "AWS::EC2::ClientVpnAuthorizationRule", + "Properties": { + "ClientVpnEndpointId": { + "Ref": "VpcEndpoint6FF034F6" + }, + "TargetNetworkCidr": { + "Fn::GetAtt": [ + "Vpc8378EB38", + "CidrBlock" + ] + }, + "AuthorizeAllGroups": true + }, + "DependsOn": [ + "ImportCertificatesCreateCertificates71085A81", + "ImportCertificatesDeleteCertificates6462F0A6" + ] + }, + "LogGroupF5B46931": { + "Type": "AWS::Logs::LogGroup", + "Properties": { + "RetentionInDays": 731 + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + }, + "Parameters": { + "AssetParametersbb3ce11d35aa60dce674523850f7a4a038127a6c48af335699cff4cc55cb0957S3Bucket60FDAA05": { + "Type": "String", + "Description": "S3 bucket for asset \"bb3ce11d35aa60dce674523850f7a4a038127a6c48af335699cff4cc55cb0957\"" + }, + "AssetParametersbb3ce11d35aa60dce674523850f7a4a038127a6c48af335699cff4cc55cb0957S3VersionKeyF2886582": { + "Type": "String", + "Description": "S3 key for asset version \"bb3ce11d35aa60dce674523850f7a4a038127a6c48af335699cff4cc55cb0957\"" + }, + "AssetParametersbb3ce11d35aa60dce674523850f7a4a038127a6c48af335699cff4cc55cb0957ArtifactHashF17C10B6": { + "Type": "String", + "Description": "Artifact hash for asset \"bb3ce11d35aa60dce674523850f7a4a038127a6c48af335699cff4cc55cb0957\"" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-ec2/test/integ.client-vpn-endpoint.ts b/packages/@aws-cdk/aws-ec2/test/integ.client-vpn-endpoint.ts new file mode 100644 index 0000000000000..878f8f057bb3d --- /dev/null +++ b/packages/@aws-cdk/aws-ec2/test/integ.client-vpn-endpoint.ts @@ -0,0 +1,73 @@ +import * as path from 'path'; +import * as logs from '@aws-cdk/aws-logs'; +import { App, CustomResource, CustomResourceProvider, CustomResourceProviderRuntime, RemovalPolicy, Stack, StackProps } from '@aws-cdk/core'; +import { Construct } from 'constructs'; +import * as ec2 from '../lib'; + +// keep this import separate from other imports to reduce chance for merge conflicts with v2-main +// eslint-disable-next-line no-duplicate-imports, import/order +import { Construct as CoreConstruct } from '@aws-cdk/core'; + +class TestStack extends Stack { + constructor(scope: Construct, id: string, props?: StackProps) { + super(scope, id, props); + + // Import server and client certificates in ACM + const certificates = new ImportCertificates(this, 'ImportCertificates'); + + const vpc = new ec2.Vpc(this, 'Vpc', { maxAzs: 2, natGateways: 0 }); + vpc.node.addDependency(certificates); // ensure certificates are deleted last, when not in use anymore + + const logGroup = new logs.LogGroup(this, 'LogGroup', { + removalPolicy: RemovalPolicy.DESTROY, + }); + + vpc.addClientVpnEndpoint('Endpoint', { + cidr: '10.100.0.0/16', + serverCertificateArn: certificates.serverCertificateArn, + clientCertificateArn: certificates.clientCertificateArn, + logGroup, + }); + } +} + +const IMPORT_CERTIFICATES_RESOURCE_TYPE = 'Custom::ACMImportCertificates'; + +class ImportCertificates extends CoreConstruct { + public readonly serverCertificateArn: string; + public readonly clientCertificateArn: string; + + constructor(scope: Construct, id: string) { + super(scope, id); + + const serviceToken = CustomResourceProvider.getOrCreate(this, IMPORT_CERTIFICATES_RESOURCE_TYPE, { + codeDirectory: path.join(__dirname, 'import-certificates-handler'), + runtime: CustomResourceProviderRuntime.NODEJS_12, + policyStatements: [{ + Effect: 'Allow', + Action: ['acm:ImportCertificate', 'acm:DeleteCertificate'], + Resource: '*', + }], + }); + + const createCertificates = new CustomResource(this, 'CreateCertificates', { + resourceType: IMPORT_CERTIFICATES_RESOURCE_TYPE, + serviceToken, + }); + this.serverCertificateArn = createCertificates.getAttString('ClientCertificateArn'); + this.clientCertificateArn = createCertificates.getAttString('ServerCertificateArn'); + + new CustomResource(this, 'DeleteCertificates', { + resourceType: IMPORT_CERTIFICATES_RESOURCE_TYPE, + serviceToken, + properties: { + ServerCertificateArn: this.serverCertificateArn, + ClientCertificateArn: this.clientCertificateArn, + }, + }); + } +} + +const app = new App(); +new TestStack(app, 'cdk-ec2-client-vpn-endpoint'); +app.synth(); diff --git a/packages/@aws-cdk/aws-lambda/lib/function-base.ts b/packages/@aws-cdk/aws-lambda/lib/function-base.ts index 3ea52d5c3433b..f5e7b383f8196 100644 --- a/packages/@aws-cdk/aws-lambda/lib/function-base.ts +++ b/packages/@aws-cdk/aws-lambda/lib/function-base.ts @@ -175,7 +175,7 @@ export interface FunctionAttributes { readonly sameEnvironment?: boolean; } -export abstract class FunctionBase extends Resource implements IFunction { +export abstract class FunctionBase extends Resource implements IFunction, ec2.IClientVpnConnectionHandler { /** * The principal this Lambda Function is running as */ From f2436bf4ff3ce7665a6cde318ad3fc7716ca941f Mon Sep 17 00:00:00 2001 From: Bryan Hunter Date: Mon, 22 Mar 2021 10:08:05 -0500 Subject: [PATCH 009/260] feat(codepipeline-actions): Add detectChanges option to BitBucketSourceAction (#13656) Adds optional `DetectChanges` to BitBucketSourceAction https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference-CodestarConnectionSource.html This option is available in the AWS console when configuring the Source stage. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../lib/bitbucket/source-action.ts | 11 +++++ .../bitbucket/bitbucket-source-action.test.ts | 45 ++++++++++++++++++- 2 files changed, 54 insertions(+), 2 deletions(-) diff --git a/packages/@aws-cdk/aws-codepipeline-actions/lib/bitbucket/source-action.ts b/packages/@aws-cdk/aws-codepipeline-actions/lib/bitbucket/source-action.ts index 7d7625ab4fca4..085ff15e9f162 100644 --- a/packages/@aws-cdk/aws-codepipeline-actions/lib/bitbucket/source-action.ts +++ b/packages/@aws-cdk/aws-codepipeline-actions/lib/bitbucket/source-action.ts @@ -63,6 +63,16 @@ export interface BitBucketSourceActionProps extends codepipeline.CommonAwsAction * @see https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference-CodestarConnectionSource.html#action-reference-CodestarConnectionSource-config */ readonly codeBuildCloneOutput?: boolean; + + /** + * Controls automatically starting your pipeline when a new commit + * is made on the configured repository and branch. If unspecified, + * the default value is true, and the field does not display by default. + * + * @default true + * @see https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference-CodestarConnectionSource.html + */ + readonly triggerOnPush?: boolean; } /** @@ -124,6 +134,7 @@ export class BitBucketSourceAction extends Action { OutputArtifactFormat: this.props.codeBuildCloneOutput === true ? 'CODEBUILD_CLONE_REF' : undefined, + DetectChanges: this.props.triggerOnPush, }, }; } diff --git a/packages/@aws-cdk/aws-codepipeline-actions/test/bitbucket/bitbucket-source-action.test.ts b/packages/@aws-cdk/aws-codepipeline-actions/test/bitbucket/bitbucket-source-action.test.ts index 942811b94b2fd..eccbb53970d33 100644 --- a/packages/@aws-cdk/aws-codepipeline-actions/test/bitbucket/bitbucket-source-action.test.ts +++ b/packages/@aws-cdk/aws-codepipeline-actions/test/bitbucket/bitbucket-source-action.test.ts @@ -82,9 +82,50 @@ nodeunitShim({ test.done(); }, + + 'setting triggerOnPush=false reflects in the configuration'(test: Test) { + const stack = new Stack(); + + createBitBucketAndCodeBuildPipeline(stack, { + triggerOnPush: false, + }); + + expect(stack).to(haveResourceLike('AWS::CodePipeline::Pipeline', { + 'Stages': [ + { + 'Name': 'Source', + 'Actions': [ + { + 'Name': 'BitBucket', + 'ActionTypeId': { + 'Owner': 'AWS', + 'Provider': 'CodeStarSourceConnection', + }, + 'Configuration': { + 'ConnectionArn': 'arn:aws:codestar-connections:us-east-1:123456789012:connection/12345678-abcd-12ab-34cdef5678gh', + 'FullRepositoryId': 'aws/aws-cdk', + 'BranchName': 'master', + 'DetectChanges': false, + }, + }, + ], + }, + { + 'Name': 'Build', + 'Actions': [ + { + 'Name': 'CodeBuild', + }, + ], + }, + ], + })); + + test.done(); + }, }); -function createBitBucketAndCodeBuildPipeline(stack: Stack, props: { codeBuildCloneOutput: boolean }): void { +function createBitBucketAndCodeBuildPipeline(stack: Stack, props: Partial): void { const sourceOutput = new codepipeline.Artifact(); new codepipeline.Pipeline(stack, 'Pipeline', { stages: [ @@ -97,7 +138,7 @@ function createBitBucketAndCodeBuildPipeline(stack: Stack, props: { codeBuildClo repo: 'aws-cdk', output: sourceOutput, connectionArn: 'arn:aws:codestar-connections:us-east-1:123456789012:connection/12345678-abcd-12ab-34cdef5678gh', - codeBuildCloneOutput: props.codeBuildCloneOutput, + ...props, }), ], }, From fab93c63ba68c6398499e7df87a56a70d854ab88 Mon Sep 17 00:00:00 2001 From: Janario Oliveira Date: Mon, 22 Mar 2021 16:50:10 +0100 Subject: [PATCH 010/260] fix(codebuild): Fixed build spec file format to return yaml (#13445) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-amplify/README.md | 2 +- .../@aws-cdk/aws-amplify/test/app.test.ts | 4 +-- packages/@aws-cdk/aws-codebuild/README.md | 3 ++ .../@aws-cdk/aws-codebuild/lib/build-spec.ts | 25 +++++++++++++++++ packages/@aws-cdk/aws-codebuild/package.json | 2 ++ .../aws-codebuild/test/test.project.ts | 28 +++++++++++++++++++ 6 files changed, 61 insertions(+), 3 deletions(-) diff --git a/packages/@aws-cdk/aws-amplify/README.md b/packages/@aws-cdk/aws-amplify/README.md index b8e3bd91c2306..a706cb73bb39b 100644 --- a/packages/@aws-cdk/aws-amplify/README.md +++ b/packages/@aws-cdk/aws-amplify/README.md @@ -38,7 +38,7 @@ const amplifyApp = new amplify.App(this, 'MyApp', { repository: '', oauthToken: cdk.SecretValue.secretsManager('my-github-token') }), - buildSpec: codebuild.BuildSpec.fromObject({ // Alternatively add a `amplify.yml` to the repo + buildSpec: codebuild.BuildSpec.fromObjectToYaml({ // Alternatively add a `amplify.yml` to the repo version: '1.0', frontend: { phases: { diff --git a/packages/@aws-cdk/aws-amplify/test/app.test.ts b/packages/@aws-cdk/aws-amplify/test/app.test.ts index 8cff8e3d5b66d..a9b91f01976df 100644 --- a/packages/@aws-cdk/aws-amplify/test/app.test.ts +++ b/packages/@aws-cdk/aws-amplify/test/app.test.ts @@ -17,7 +17,7 @@ test('create an app connected to a GitHub repository', () => { repository: 'aws-cdk', oauthToken: SecretValue.plainText('secret'), }), - buildSpec: codebuild.BuildSpec.fromObject({ + buildSpec: codebuild.BuildSpec.fromObjectToYaml({ version: '1.0', frontend: { phases: { @@ -34,7 +34,7 @@ test('create an app connected to a GitHub repository', () => { // THEN expect(stack).toHaveResource('AWS::Amplify::App', { Name: 'App', - BuildSpec: '{\n \"version\": \"1.0\",\n \"frontend\": {\n \"phases\": {\n \"build\": {\n \"commands\": [\n \"npm run build\"\n ]\n }\n }\n }\n}', + BuildSpec: 'version: \"1.0\"\nfrontend:\n phases:\n build:\n commands:\n - npm run build\n', IAMServiceRole: { 'Fn::GetAtt': [ 'AppRole1AF9B530', diff --git a/packages/@aws-cdk/aws-codebuild/README.md b/packages/@aws-cdk/aws-codebuild/README.md index cdc3d9f59b665..c0e82f9a6b708 100644 --- a/packages/@aws-cdk/aws-codebuild/README.md +++ b/packages/@aws-cdk/aws-codebuild/README.md @@ -152,6 +152,9 @@ const project = codebuild.Project(stack, 'MyProject', { }); ``` +If you'd prefer your buildspec to be rendered as YAML in the template, +use the `fromObjectToYaml()` method instead of `fromObject()`. + Because we've not set the `name` property, this example will set the `overrideArtifactName` parameter, and produce an artifact named as defined in the Buildspec file, uploaded to an S3 bucket (`bucket`). The path will be diff --git a/packages/@aws-cdk/aws-codebuild/lib/build-spec.ts b/packages/@aws-cdk/aws-codebuild/lib/build-spec.ts index 5f33babced96a..d7e89355a5151 100644 --- a/packages/@aws-cdk/aws-codebuild/lib/build-spec.ts +++ b/packages/@aws-cdk/aws-codebuild/lib/build-spec.ts @@ -1,4 +1,5 @@ import { IResolveContext, Lazy, Stack } from '@aws-cdk/core'; +import * as yaml_cfn from '@aws-cdk/yaml-cfn'; /** * BuildSpec for CodeBuild projects @@ -8,6 +9,15 @@ export abstract class BuildSpec { return new ObjectBuildSpec(value); } + /** + * Create a buildspec from an object that will be rendered as YAML in the resulting CloudFormation template. + * + * @param value the object containing the buildspec that will be rendered as YAML + */ + public static fromObjectToYaml(value: {[key: string]: any}): BuildSpec { + return new YamlBuildSpec(value); + } + /** * Use a file from the source as buildspec * @@ -70,6 +80,21 @@ class ObjectBuildSpec extends BuildSpec { } } +/** + * BuildSpec that exports into YAML format + */ +class YamlBuildSpec extends BuildSpec { + public readonly isImmediate: boolean = true; + + constructor(public readonly spec: {[key: string]: any}) { + super(); + } + + public toBuildSpec(): string { + return yaml_cfn.serialize(this.spec); + } +} + /** * Merge two buildspecs into a new BuildSpec * diff --git a/packages/@aws-cdk/aws-codebuild/package.json b/packages/@aws-cdk/aws-codebuild/package.json index 7b268062d474f..e09f4f68e5264 100644 --- a/packages/@aws-cdk/aws-codebuild/package.json +++ b/packages/@aws-cdk/aws-codebuild/package.json @@ -100,6 +100,7 @@ "@aws-cdk/aws-secretsmanager": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/region-info": "0.0.0", + "@aws-cdk/yaml-cfn": "0.0.0", "constructs": "^3.2.0" }, "homepage": "https://github.com/aws/aws-cdk", @@ -118,6 +119,7 @@ "@aws-cdk/aws-secretsmanager": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/region-info": "0.0.0", + "@aws-cdk/yaml-cfn": "0.0.0", "constructs": "^3.2.0" }, "engines": { diff --git a/packages/@aws-cdk/aws-codebuild/test/test.project.ts b/packages/@aws-cdk/aws-codebuild/test/test.project.ts index 159511589ead7..3d7f8e726fd69 100644 --- a/packages/@aws-cdk/aws-codebuild/test/test.project.ts +++ b/packages/@aws-cdk/aws-codebuild/test/test.project.ts @@ -53,6 +53,34 @@ export = { test.done(); }, + 'can use yamlbuildspec literal'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + new codebuild.Project(stack, 'Project', { + buildSpec: codebuild.BuildSpec.fromObjectToYaml({ + text: 'text', + decimal: 10, + list: ['say hi'], + obj: { + text: 'text', + decimal: 10, + list: ['say hi'], + }, + }), + }); + + // THEN + expect(stack).to(haveResourceLike('AWS::CodeBuild::Project', { + Source: { + BuildSpec: 'text: text\ndecimal: 10\nlist:\n - say hi\nobj:\n text: text\n decimal: 10\n list:\n - say hi\n', + }, + })); + + test.done(); + }, + 'must supply buildspec when using nosource'(test: Test) { // GIVEN const stack = new cdk.Stack(); From ffb0cc71e06e36683d6281512f7bffe73555711a Mon Sep 17 00:00:00 2001 From: Niklas Wallerstedt Date: Mon, 22 Mar 2021 17:30:03 +0100 Subject: [PATCH 011/260] docs(codepipeline-actions): update CloudTrail example for addS3EventSelector (#13728) Fixes #13684 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-codepipeline-actions/README.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/packages/@aws-cdk/aws-codepipeline-actions/README.md b/packages/@aws-cdk/aws-codepipeline-actions/README.md index 559a111f2f18c..4b81b33c58b9f 100644 --- a/packages/@aws-cdk/aws-codepipeline-actions/README.md +++ b/packages/@aws-cdk/aws-codepipeline-actions/README.md @@ -232,7 +232,10 @@ import * as cloudtrail from '@aws-cdk/aws-cloudtrail'; const key = 'some/key.zip'; const trail = new cloudtrail.Trail(this, 'CloudTrail'); -trail.addS3EventSelector([sourceBucket.arnForObjects(key)], { +trail.addS3EventSelector([{ + bucket: sourceBucket, + objectPrefix: key, +}], { readWriteType: cloudtrail.ReadWriteType.WRITE_ONLY, }); const sourceAction = new codepipeline_actions.S3SourceAction({ From 34bb338bfc8e2976691a23969baa5fd9d84727e8 Mon Sep 17 00:00:00 2001 From: Robert Djurasaj Date: Mon, 22 Mar 2021 11:23:29 -0600 Subject: [PATCH 012/260] fix(apigatewayv2): error while configuring ANY as an allowed method in CORS (#13313) API gateway expects `*` to represent `ANY` HTTP method. `HttpMethod` enum doesn't have a value for that, thus causing errors when passing `HttpMethod` 's `ANY` option. This commit introduces `CorsHttpMethod` enum which has a proper `ANY` mapping to `*`. Closes #13280. Closes #13643. BREAKING CHANGE: The type of `allowMethods` property under `corsPreflight` section is changed from `HttpMethod` to `CorsHttpMethod`. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-apigatewayv2/README.md | 2 +- .../@aws-cdk/aws-apigatewayv2/lib/http/api.ts | 24 ++++++++++++++++++- .../aws-apigatewayv2/lib/http/route.ts | 2 +- .../aws-apigatewayv2/test/http/api.test.ts | 5 ++-- 4 files changed, 28 insertions(+), 5 deletions(-) diff --git a/packages/@aws-cdk/aws-apigatewayv2/README.md b/packages/@aws-cdk/aws-apigatewayv2/README.md index 7a71fc00491a1..0d4d7849fd8df 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/README.md +++ b/packages/@aws-cdk/aws-apigatewayv2/README.md @@ -133,7 +133,7 @@ The `corsPreflight` option lets you specify a CORS configuration for an API. new HttpApi(stack, 'HttpProxyApi', { corsPreflight: { allowHeaders: ['Authorization'], - allowMethods: [HttpMethod.GET, HttpMethod.HEAD, HttpMethod.OPTIONS, HttpMethod.POST], + allowMethods: [CorsHttpMethod.GET, CorsHttpMethod.HEAD, CorsHttpMethod.OPTIONS, CorsHttpMethod.POST], allowOrigins: ['*'], maxAge: Duration.days(10), }, diff --git a/packages/@aws-cdk/aws-apigatewayv2/lib/http/api.ts b/packages/@aws-cdk/aws-apigatewayv2/lib/http/api.ts index 24d250dfd6eda..9675a7654a712 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/lib/http/api.ts +++ b/packages/@aws-cdk/aws-apigatewayv2/lib/http/api.ts @@ -99,6 +99,28 @@ export interface HttpApiProps { readonly defaultAuthorizationScopes?: string[]; } +/** + * Supported CORS HTTP methods + */ +export enum CorsHttpMethod{ + /** HTTP ANY */ + ANY = '*', + /** HTTP DELETE */ + DELETE = 'DELETE', + /** HTTP GET */ + GET = 'GET', + /** HTTP HEAD */ + HEAD = 'HEAD', + /** HTTP OPTIONS */ + OPTIONS = 'OPTIONS', + /** HTTP PATCH */ + PATCH = 'PATCH', + /** HTTP POST */ + POST = 'POST', + /** HTTP PUT */ + PUT = 'PUT', +} + /** * Options for the CORS Configuration */ @@ -119,7 +141,7 @@ export interface CorsPreflightOptions { * Represents a collection of allowed HTTP methods. * @default - No Methods are allowed. */ - readonly allowMethods?: HttpMethod[]; + readonly allowMethods?: CorsHttpMethod[]; /** * Represents a collection of allowed origins. diff --git a/packages/@aws-cdk/aws-apigatewayv2/lib/http/route.ts b/packages/@aws-cdk/aws-apigatewayv2/lib/http/route.ts index c3ef630abbbb5..2252630930c27 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/lib/http/route.ts +++ b/packages/@aws-cdk/aws-apigatewayv2/lib/http/route.ts @@ -61,7 +61,7 @@ export class HttpRouteKey { if (path !== '/' && (!path.startsWith('/') || path.endsWith('/'))) { throw new Error('path must always start with a "/" and not end with a "/"'); } - return new HttpRouteKey(`${method ?? 'ANY'} ${path}`, path); + return new HttpRouteKey(`${method ?? HttpMethod.ANY} ${path}`, path); } /** diff --git a/packages/@aws-cdk/aws-apigatewayv2/test/http/api.test.ts b/packages/@aws-cdk/aws-apigatewayv2/test/http/api.test.ts index 348d8dec9aeb4..72495a3bfde3f 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/test/http/api.test.ts +++ b/packages/@aws-cdk/aws-apigatewayv2/test/http/api.test.ts @@ -4,6 +4,7 @@ import { Metric } from '@aws-cdk/aws-cloudwatch'; import * as ec2 from '@aws-cdk/aws-ec2'; import { Duration, Stack } from '@aws-cdk/core'; import { + CorsHttpMethod, HttpApi, HttpAuthorizer, HttpAuthorizerType, HttpIntegrationType, HttpMethod, HttpRouteAuthorizerBindOptions, HttpRouteAuthorizerConfig, HttpRouteIntegrationBindOptions, HttpRouteIntegrationConfig, IHttpRouteAuthorizer, IHttpRouteIntegration, HttpNoneAuthorizer, PayloadFormatVersion, } from '../../lib'; @@ -106,7 +107,7 @@ describe('HttpApi', () => { new HttpApi(stack, 'HttpApi', { corsPreflight: { allowHeaders: ['Authorization'], - allowMethods: [HttpMethod.GET, HttpMethod.HEAD, HttpMethod.OPTIONS, HttpMethod.POST], + allowMethods: [CorsHttpMethod.GET, CorsHttpMethod.HEAD, CorsHttpMethod.OPTIONS, CorsHttpMethod.POST, CorsHttpMethod.ANY], allowOrigins: ['*'], maxAge: Duration.seconds(36400), }, @@ -115,7 +116,7 @@ describe('HttpApi', () => { expect(stack).toHaveResource('AWS::ApiGatewayV2::Api', { CorsConfiguration: { AllowHeaders: ['Authorization'], - AllowMethods: ['GET', 'HEAD', 'OPTIONS', 'POST'], + AllowMethods: ['GET', 'HEAD', 'OPTIONS', 'POST', '*'], AllowOrigins: ['*'], MaxAge: 36400, }, From 2445b68a3ebba9a5d6cd90dc0c15b2d1bdf4d630 Mon Sep 17 00:00:00 2001 From: Niranjan Jayakar Date: Mon, 22 Mar 2021 18:06:42 +0000 Subject: [PATCH 013/260] docs(cognito): minor clarifications (#13732) Minor clarification in the docs. closes #12932 closes #12931 closes #12930 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-cognito/README.md | 8 ++++---- packages/@aws-cdk/aws-cognito/lib/user-pool-client.ts | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/packages/@aws-cdk/aws-cognito/README.md b/packages/@aws-cdk/aws-cognito/README.md index d3f90ff026b36..0582fbdec0f2a 100644 --- a/packages/@aws-cdk/aws-cognito/README.md +++ b/packages/@aws-cdk/aws-cognito/README.md @@ -87,9 +87,9 @@ new cognito.UserPool(this, 'myuserpool', { selfSignUpEnabled: true, userVerification: { emailSubject: 'Verify your email for our awesome app!', - emailBody: 'Hello {username}, Thanks for signing up to our awesome app! Your verification code is {####}', + emailBody: 'Thanks for signing up to our awesome app! Your verification code is {####}', emailStyle: cognito.VerificationEmailStyle.CODE, - smsMessage: 'Hello {username}, Thanks for signing up to our awesome app! Your verification code is {####}', + smsMessage: 'Thanks for signing up to our awesome app! Your verification code is {####}', } }); ``` @@ -345,7 +345,7 @@ on the construct, as so - const authChallengeFn = new lambda.Function(this, 'authChallengeFn', { runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', - code: lambda.Code.fromInline('auth challenge'), + code: lambda.Code.fromAsset(/* path to lambda asset */), }); const userpool = new cognito.UserPool(this, 'myuserpool', { @@ -359,7 +359,7 @@ const userpool = new cognito.UserPool(this, 'myuserpool', { userpool.addTrigger(cognito.UserPoolOperation.USER_MIGRATION, new lambda.Function(this, 'userMigrationFn', { runtime: lambda.Runtime.NODEJS_12_X, handler: 'index.handler', - code: lambda.Code.fromInline('user migration'), + code: lambda.Code.fromAsset(/* path to lambda asset */), })); ``` diff --git a/packages/@aws-cdk/aws-cognito/lib/user-pool-client.ts b/packages/@aws-cdk/aws-cognito/lib/user-pool-client.ts index 866c11015ecfd..d1f89f188c667 100644 --- a/packages/@aws-cdk/aws-cognito/lib/user-pool-client.ts +++ b/packages/@aws-cdk/aws-cognito/lib/user-pool-client.ts @@ -232,7 +232,7 @@ export interface UserPoolClientOptions { readonly disableOAuth?: boolean; /** - * OAuth settings for this to client to interact with the app. + * OAuth settings for this client to interact with the app. * An error is thrown when this is specified and `disableOAuth` is set. * @default - see defaults in `OAuthSettings`. meaningless if `disableOAuth` is set. */ From 5d6233164611d69ac1bf5c73e1518eb14dbace8d Mon Sep 17 00:00:00 2001 From: Niranjan Jayakar Date: Mon, 22 Mar 2021 18:49:42 +0000 Subject: [PATCH 014/260] fix(events,applicationautoscaling): specifying a schedule rate in seconds results in an error (#13689) A previous change - b1449a17 - introduced a validation that should have been applied only when Duration is specified as a token. Instead, it was applied for non token values as well. Adjusting the validation so it only applies to when the duration is a token. fixes #13566 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../aws-applicationautoscaling/lib/schedule.ts | 8 ++++---- .../aws-applicationautoscaling/test/test.cron.ts | 12 +++++++++--- packages/@aws-cdk/aws-events/lib/schedule.ts | 8 ++++---- packages/@aws-cdk/aws-events/test/test.rule.ts | 4 ++-- packages/@aws-cdk/aws-events/test/test.schedule.ts | 14 ++++++++++++++ 5 files changed, 33 insertions(+), 13 deletions(-) diff --git a/packages/@aws-cdk/aws-applicationautoscaling/lib/schedule.ts b/packages/@aws-cdk/aws-applicationautoscaling/lib/schedule.ts index cdeb00be9a426..3bd74c1e4f681 100644 --- a/packages/@aws-cdk/aws-applicationautoscaling/lib/schedule.ts +++ b/packages/@aws-cdk/aws-applicationautoscaling/lib/schedule.ts @@ -17,11 +17,11 @@ export abstract class Schedule { * Construct a schedule from an interval and a time unit */ public static rate(duration: Duration): Schedule { - const validDurationUnit = ['minute', 'minutes', 'hour', 'hours', 'day', 'days']; - if (!validDurationUnit.includes(duration.unitLabel())) { - throw new Error("Allowed unit for scheduling is: 'minute', 'minutes', 'hour', 'hours', 'day' or 'days'"); - } if (duration.isUnresolved()) { + const validDurationUnit = ['minute', 'minutes', 'hour', 'hours', 'day', 'days']; + if (!validDurationUnit.includes(duration.unitLabel())) { + throw new Error("Allowed units for scheduling are: 'minute', 'minutes', 'hour', 'hours', 'day' or 'days'"); + } return new LiteralSchedule(`rate(${duration.formatTokenToNumber()})`); } if (duration.toSeconds() === 0) { diff --git a/packages/@aws-cdk/aws-applicationautoscaling/test/test.cron.ts b/packages/@aws-cdk/aws-applicationautoscaling/test/test.cron.ts index ca0fb69812b10..324b2f8243c97 100644 --- a/packages/@aws-cdk/aws-applicationautoscaling/test/test.cron.ts +++ b/packages/@aws-cdk/aws-applicationautoscaling/test/test.cron.ts @@ -20,10 +20,16 @@ export = { test.done(); }, - 'rate must not be in seconds'(test: Test) { + 'rate can be in seconds'(test: Test) { + const duration = appscaling.Schedule.rate(Duration.seconds(120)); + test.equal('rate(2 minutes)', duration.expressionString); + test.done(); + }, + + 'rate must not be in seconds when specified as a token'(test: Test) { test.throws(() => { - appscaling.Schedule.rate(Duration.seconds(1)); - }, /Allowed unit for scheduling is: 'minute', 'minutes', 'hour', 'hours', 'day' or 'days'/); + appscaling.Schedule.rate(Duration.seconds(Lazy.number({ produce: () => 5 }))); + }, /Allowed units for scheduling/); test.done(); }, diff --git a/packages/@aws-cdk/aws-events/lib/schedule.ts b/packages/@aws-cdk/aws-events/lib/schedule.ts index c12afde30aa01..a3fcbaf399283 100644 --- a/packages/@aws-cdk/aws-events/lib/schedule.ts +++ b/packages/@aws-cdk/aws-events/lib/schedule.ts @@ -17,11 +17,11 @@ export abstract class Schedule { * Construct a schedule from an interval and a time unit */ public static rate(duration: Duration): Schedule { - const validDurationUnit = ['minute', 'minutes', 'hour', 'hours', 'day', 'days']; - if (validDurationUnit.indexOf(duration.unitLabel()) === -1) { - throw new Error('Allowed unit for scheduling is: \'minute\', \'minutes\', \'hour\', \'hours\', \'day\', \'days\''); - } if (duration.isUnresolved()) { + const validDurationUnit = ['minute', 'minutes', 'hour', 'hours', 'day', 'days']; + if (validDurationUnit.indexOf(duration.unitLabel()) === -1) { + throw new Error("Allowed units for scheduling are: 'minute', 'minutes', 'hour', 'hours', 'day', 'days'"); + } return new LiteralSchedule(`rate(${duration.formatTokenToNumber()})`); } if (duration.toSeconds() === 0) { diff --git a/packages/@aws-cdk/aws-events/test/test.rule.ts b/packages/@aws-cdk/aws-events/test/test.rule.ts index 72fe340242924..23fe7e2a2ce3e 100644 --- a/packages/@aws-cdk/aws-events/test/test.rule.ts +++ b/packages/@aws-cdk/aws-events/test/test.rule.ts @@ -70,7 +70,7 @@ export = { 'Seconds is not an allowed value for Schedule rate'(test: Test) { const lazyDuration = cdk.Duration.seconds(cdk.Lazy.number({ produce: () => 5 })); - test.throws(() => Schedule.rate(lazyDuration), /Allowed unit for scheduling is: 'minute', 'minutes', 'hour', 'hours', 'day', 'days'/); + test.throws(() => Schedule.rate(lazyDuration), /Allowed units for scheduling/i); test.done(); }, @@ -78,7 +78,7 @@ export = { const lazyDuration = cdk.Duration.millis(cdk.Lazy.number({ produce: () => 5 })); // THEN - test.throws(() => Schedule.rate(lazyDuration), /Allowed unit for scheduling is: 'minute', 'minutes', 'hour', 'hours', 'day', 'days'/); + test.throws(() => Schedule.rate(lazyDuration), /Allowed units for scheduling/i); test.done(); }, diff --git a/packages/@aws-cdk/aws-events/test/test.schedule.ts b/packages/@aws-cdk/aws-events/test/test.schedule.ts index e9c24a51c92b2..2d9728e743202 100644 --- a/packages/@aws-cdk/aws-events/test/test.schedule.ts +++ b/packages/@aws-cdk/aws-events/test/test.schedule.ts @@ -80,4 +80,18 @@ export = { .expressionString); test.done(); }, + + 'rate can be in seconds'(test: Test) { + test.equal('rate(2 minutes)', + events.Schedule.rate(Duration.seconds(120)) + .expressionString); + test.done(); + }, + + 'rate must not be in seconds when specified as a token'(test: Test) { + test.throws(() => { + events.Schedule.rate(Duration.seconds(Lazy.number({ produce: () => 5 }))); + }, /Allowed units for scheduling/); + test.done(); + }, }; From 77ce45d878f2d1cb453e36ae4d83228bee878ef1 Mon Sep 17 00:00:00 2001 From: Benura Abeywardena <43112139+BLasan@users.noreply.github.com> Date: Tue, 23 Mar 2021 02:36:58 +0530 Subject: [PATCH 015/260] fix(codepipeline-actions): BitBucketAction fails with S3 "Access denied" error (#13637) Previously access control lists for putObject was not called. This had led in getting access denied issue when trying to upload objects into the s3 bucket fixes #13557 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../lib/bitbucket/source-action.ts | 1 + .../bitbucket/bitbucket-source-action.test.ts | 34 +++++++++++++++++-- 2 files changed, 33 insertions(+), 2 deletions(-) diff --git a/packages/@aws-cdk/aws-codepipeline-actions/lib/bitbucket/source-action.ts b/packages/@aws-cdk/aws-codepipeline-actions/lib/bitbucket/source-action.ts index 085ff15e9f162..bdaca541dbf05 100644 --- a/packages/@aws-cdk/aws-codepipeline-actions/lib/bitbucket/source-action.ts +++ b/packages/@aws-cdk/aws-codepipeline-actions/lib/bitbucket/source-action.ts @@ -117,6 +117,7 @@ export class BitBucketSourceAction extends Action { // the action needs to write the output to the pipeline bucket options.bucket.grantReadWrite(options.role); + options.bucket.grantPutAcl(options.role); // if codeBuildCloneOutput is true, // save the connectionArn in the Artifact instance diff --git a/packages/@aws-cdk/aws-codepipeline-actions/test/bitbucket/bitbucket-source-action.test.ts b/packages/@aws-cdk/aws-codepipeline-actions/test/bitbucket/bitbucket-source-action.test.ts index eccbb53970d33..ef5a06305bd56 100644 --- a/packages/@aws-cdk/aws-codepipeline-actions/test/bitbucket/bitbucket-source-action.test.ts +++ b/packages/@aws-cdk/aws-codepipeline-actions/test/bitbucket/bitbucket-source-action.test.ts @@ -1,4 +1,4 @@ -import { expect, haveResourceLike } from '@aws-cdk/assert'; +import { arrayWith, expect, haveResourceLike, objectLike } from '@aws-cdk/assert'; import * as codebuild from '@aws-cdk/aws-codebuild'; import * as codepipeline from '@aws-cdk/aws-codepipeline'; import { Stack } from '@aws-cdk/core'; @@ -82,7 +82,37 @@ nodeunitShim({ test.done(); }, - + 'grant s3 putObjectACL to the following CodeBuild Project'(test: Test) { + const stack = new Stack(); + createBitBucketAndCodeBuildPipeline(stack, { + codeBuildCloneOutput: true, + }); + expect(stack).to(haveResourceLike('AWS::IAM::Policy', { + 'PolicyDocument': { + 'Statement': arrayWith( + objectLike({ + 'Action': 's3:PutObjectAcl', + 'Effect': 'Allow', + 'Resource': { + 'Fn::Join': [ + '', + [ + { + 'Fn::GetAtt': [ + 'PipelineArtifactsBucket22248F97', + 'Arn', + ], + }, + '/*', + ], + ], + }, + }), + ), + }, + })); + test.done(); + }, 'setting triggerOnPush=false reflects in the configuration'(test: Test) { const stack = new Stack(); From 623dd5f6bc5ff82a0d4ed8a76f92a41c2dc6fbce Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 23 Mar 2021 09:51:58 +0000 Subject: [PATCH 016/260] chore(deps): bump hmarr/auto-approve-action from v2.0.0 to v2.1.0 Bumps [hmarr/auto-approve-action](https://github.com/hmarr/auto-approve-action) from v2.0.0 to v2.1.0. - [Release notes](https://github.com/hmarr/auto-approve-action/releases) - [Commits](https://github.com/hmarr/auto-approve-action/compare/v2.0.0...5d04a5ca6da9aeb8ca9f31a5239b96fc3e003029) Signed-off-by: dependabot[bot] --- .github/workflows/auto-approve.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/auto-approve.yml b/.github/workflows/auto-approve.yml index c289f5381995c..9b185ec0fcd47 100644 --- a/.github/workflows/auto-approve.yml +++ b/.github/workflows/auto-approve.yml @@ -14,6 +14,6 @@ jobs: || github.event.pull_request.user.login == 'dependabot-preview[bot]') runs-on: ubuntu-latest steps: - - uses: hmarr/auto-approve-action@v2.0.0 + - uses: hmarr/auto-approve-action@v2.1.0 with: github-token: "${{ secrets.GITHUB_TOKEN }}" From 7966f8d48c4bff26beb22856d289f9d0c7e7081d Mon Sep 17 00:00:00 2001 From: Alban Esc Date: Wed, 24 Mar 2021 01:59:05 -0700 Subject: [PATCH 017/260] feat(events): retry-policy support (#13660) Add retry policy (+ dead letter queue) support for the following targets: - Lambda - LogGroup - CodeBuild - CodePipeline - StepFunction Closes #13659 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../@aws-cdk/aws-events-targets/README.md | 41 ++++++++-- .../aws-events-targets/lib/codebuild.ts | 19 +---- .../aws-events-targets/lib/codepipeline.ts | 6 +- .../@aws-cdk/aws-events-targets/lib/index.ts | 1 + .../@aws-cdk/aws-events-targets/lib/lambda.ts | 19 +---- .../aws-events-targets/lib/log-group.ts | 4 +- .../aws-events-targets/lib/state-machine.ts | 19 +---- .../@aws-cdk/aws-events-targets/lib/util.ts | 62 ++++++++++++++- .../test/codebuild/codebuild.test.ts | 50 +++++++++++- .../integ.project-events.expected.json | 4 + .../test/codebuild/integ.project-events.ts | 2 + .../integ.pipeline-event-target.expected.json | 17 +++++ .../integ.pipeline-event-target.ts | 9 ++- .../test/codepipeline/pipeline.test.ts | 68 ++++++++++++++++- .../test/lambda/integ.events.expected.json | 6 +- .../test/lambda/integ.events.ts | 2 + .../test/lambda/lambda.test.ts | 46 +++++++++++ .../test/logs/integ.log-group.expected.json | 19 ++++- .../test/logs/integ.log-group.ts | 9 ++- .../test/logs/log-group.test.ts | 76 +++++++++++++++++++ .../test/stepfunctions/statemachine.test.ts | 48 ++++++++++++ packages/@aws-cdk/aws-events/lib/rule.ts | 1 + packages/@aws-cdk/aws-events/lib/target.ts | 6 ++ 23 files changed, 469 insertions(+), 65 deletions(-) diff --git a/packages/@aws-cdk/aws-events-targets/README.md b/packages/@aws-cdk/aws-events-targets/README.md index d49621b0199cd..e75e999c1a83a 100644 --- a/packages/@aws-cdk/aws-events-targets/README.md +++ b/packages/@aws-cdk/aws-events-targets/README.md @@ -15,23 +15,28 @@ to the `rule.addTarget()` method. Currently supported are: -* Start a CodeBuild build -* Start a CodePipeline pipeline +* [Start a CodeBuild build](#start-a-codebuild-build) +* [Start a CodePipeline pipeline](#start-a-codepipeline-pipeline) * Run an ECS task -* Invoke a Lambda function +* [Invoke a Lambda function](#invoke-a-lambda-function) * Publish a message to an SNS topic * Send a message to an SQS queue -* Start a StepFunctions state machine +* [Start a StepFunctions state machine](#start-a-stepfunctions-state-machine) * Queue a Batch job * Make an AWS API call * Put a record to a Kinesis stream -* Log an event into a LogGroup +* [Log an event into a LogGroup](#log-an-event-into-a-loggroup) * Put a record to a Kinesis Data Firehose stream * Put an event on an EventBridge bus See the README of the `@aws-cdk/aws-events` library for more information on EventBridge. +## Event retry policy and using dead-letter queues + +The Codebuild, CodePipeline, Lambda, StepFunctions and LogGroup targets support attaching a [dead letter queue and setting retry policies](https://docs.aws.amazon.com/eventbridge/latest/userguide/rule-dlq.html). See the [lambda example](#invoke-a-lambda-function). +Use [escape hatches](https://docs.aws.amazon.com/cdk/latest/guide/cfn_layer.html) for the other target types. + ## Invoke a Lambda function Use the `LambdaFunction` target to invoke a lambda function. @@ -45,6 +50,7 @@ import * as lambda from "@aws-cdk/aws-lambda"; import * as events from "@aws-cdk/aws-events"; import * as sqs from "@aws-cdk/aws-sqs"; import * as targets from "@aws-cdk/aws-events-targets"; +import * as cdk from '@aws-cdk/core'; const fn = new lambda.Function(this, 'MyFunc', { runtime: lambda.Runtime.NODEJS_12_X, @@ -62,6 +68,8 @@ const queue = new sqs.Queue(this, 'Queue'); rule.addTarget(new targets.LambdaFunction(fn, { deadLetterQueue: queue, // Optional: add a dead letter queue + maxEventAge: cdk.Duration.hours(2), // Otional: set the maxEventAge retry policy + retryAttempts: 2, // Optional: set the max number of retry attempts })); ``` @@ -90,7 +98,7 @@ const rule = new events.Rule(this, 'rule', { rule.addTarget(new targets.CloudWatchLogGroup(logGroup)); ``` -## Trigger a CodeBuild project +## Start a CodeBuild build Use the `CodeBuildProject` target to trigger a CodeBuild project. @@ -123,7 +131,26 @@ const onCommitRule = repo.onCommit('OnCommit', { }); ``` -## Trigger a State Machine +## Start a CodePipeline pipeline + +Use the `CodePipeline` target to trigger a CodePipeline pipeline. + +The code snippet below creates a CodePipeline pipeline that is triggered every hour + +```ts +import * as codepipeline from '@aws-sdk/aws-codepipeline'; +import * as sqs from '@aws-sdk/aws-sqs'; + +const pipeline = new codepipeline.Pipeline(this, 'Pipeline'); + +const rule = new events.Rule(stack, 'Rule', { + schedule: events.Schedule.expression('rate(1 hour)'), +}); + +rule.addTarget(new targets.CodePipeline(pipeline)); +``` + +## Start a StepFunctions state machine Use the `SfnStateMachine` target to trigger a State Machine. diff --git a/packages/@aws-cdk/aws-events-targets/lib/codebuild.ts b/packages/@aws-cdk/aws-events-targets/lib/codebuild.ts index a5264b2abe378..a9da8719cfef7 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/codebuild.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/codebuild.ts @@ -1,13 +1,12 @@ import * as codebuild from '@aws-cdk/aws-codebuild'; import * as events from '@aws-cdk/aws-events'; import * as iam from '@aws-cdk/aws-iam'; -import * as sqs from '@aws-cdk/aws-sqs'; -import { addToDeadLetterQueueResourcePolicy, singletonEventRole } from './util'; +import { addToDeadLetterQueueResourcePolicy, bindBaseTargetConfig, singletonEventRole, TargetBaseProps } from './util'; /** * Customize the CodeBuild Event Target */ -export interface CodeBuildProjectProps { +export interface CodeBuildProjectProps extends TargetBaseProps { /** * The role to assume before invoking the target @@ -25,18 +24,6 @@ export interface CodeBuildProjectProps { * @default - the entire EventBridge event */ readonly event?: events.RuleTargetInput; - - /** - * The SQS queue to be used as deadLetterQueue. - * Check out the [considerations for using a dead-letter queue](https://docs.aws.amazon.com/eventbridge/latest/userguide/rule-dlq.html#dlq-considerations). - * - * The events not successfully delivered are automatically retried for a specified period of time, - * depending on the retry policy of the target. - * If an event is not delivered before all retry attempts are exhausted, it will be sent to the dead letter queue. - * - * @default - no dead-letter queue - */ - readonly deadLetterQueue?: sqs.IQueue; } /** @@ -58,8 +45,8 @@ export class CodeBuildProject implements events.IRuleTarget { } return { + ...bindBaseTargetConfig(this.props), arn: this.project.projectArn, - deadLetterConfig: this.props.deadLetterQueue ? { arn: this.props.deadLetterQueue?.queueArn } : undefined, role: this.props.eventRole || singletonEventRole(this.project, [ new iam.PolicyStatement({ actions: ['codebuild:StartBuild'], diff --git a/packages/@aws-cdk/aws-events-targets/lib/codepipeline.ts b/packages/@aws-cdk/aws-events-targets/lib/codepipeline.ts index fc0eb095cfecd..8d2006378f121 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/codepipeline.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/codepipeline.ts @@ -1,12 +1,12 @@ import * as codepipeline from '@aws-cdk/aws-codepipeline'; import * as events from '@aws-cdk/aws-events'; import * as iam from '@aws-cdk/aws-iam'; -import { singletonEventRole } from './util'; +import { bindBaseTargetConfig, singletonEventRole, TargetBaseProps } from './util'; /** * Customization options when creating a {@link CodePipeline} event target. */ -export interface CodePipelineTargetOptions { +export interface CodePipelineTargetOptions extends TargetBaseProps { /** * The role to assume before invoking the target * (i.e., the pipeline) when the given rule is triggered. @@ -27,6 +27,8 @@ export class CodePipeline implements events.IRuleTarget { public bind(_rule: events.IRule, _id?: string): events.RuleTargetConfig { return { + ...bindBaseTargetConfig(this.options), + id: '', arn: this.pipeline.pipelineArn, role: this.options.eventRole || singletonEventRole(this.pipeline, [new iam.PolicyStatement({ resources: [this.pipeline.pipelineArn], diff --git a/packages/@aws-cdk/aws-events-targets/lib/index.ts b/packages/@aws-cdk/aws-events-targets/lib/index.ts index 155791c195d1e..674e657d640a4 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/index.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/index.ts @@ -12,3 +12,4 @@ export * from './state-machine'; export * from './kinesis-stream'; export * from './log-group'; export * from './kinesis-firehose-stream'; +export * from './util'; diff --git a/packages/@aws-cdk/aws-events-targets/lib/lambda.ts b/packages/@aws-cdk/aws-events-targets/lib/lambda.ts index 903b3a2f33683..8dd455ce51056 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/lambda.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/lambda.ts @@ -1,12 +1,11 @@ import * as events from '@aws-cdk/aws-events'; import * as lambda from '@aws-cdk/aws-lambda'; -import * as sqs from '@aws-cdk/aws-sqs'; -import { addLambdaPermission, addToDeadLetterQueueResourcePolicy } from './util'; +import { addLambdaPermission, addToDeadLetterQueueResourcePolicy, TargetBaseProps, bindBaseTargetConfig } from './util'; /** * Customize the Lambda Event Target */ -export interface LambdaFunctionProps { +export interface LambdaFunctionProps extends TargetBaseProps { /** * The event to send to the Lambda * @@ -15,18 +14,6 @@ export interface LambdaFunctionProps { * @default the entire EventBridge event */ readonly event?: events.RuleTargetInput; - - /** - * The SQS queue to be used as deadLetterQueue. - * Check out the [considerations for using a dead-letter queue](https://docs.aws.amazon.com/eventbridge/latest/userguide/rule-dlq.html#dlq-considerations). - * - * The events not successfully delivered are automatically retried for a specified period of time, - * depending on the retry policy of the target. - * If an event is not delivered before all retry attempts are exhausted, it will be sent to the dead letter queue. - * - * @default - no dead-letter queue - */ - readonly deadLetterQueue?: sqs.IQueue; } /** @@ -50,8 +37,8 @@ export class LambdaFunction implements events.IRuleTarget { } return { + ...bindBaseTargetConfig(this.props), arn: this.handler.functionArn, - deadLetterConfig: this.props.deadLetterQueue ? { arn: this.props.deadLetterQueue?.queueArn } : undefined, input: this.props.event, targetResource: this.handler, }; diff --git a/packages/@aws-cdk/aws-events-targets/lib/log-group.ts b/packages/@aws-cdk/aws-events-targets/lib/log-group.ts index d437adaf2375c..688cfc3773c13 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/log-group.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/log-group.ts @@ -3,11 +3,12 @@ import * as iam from '@aws-cdk/aws-iam'; import * as logs from '@aws-cdk/aws-logs'; import * as cdk from '@aws-cdk/core'; import { LogGroupResourcePolicy } from './log-group-resource-policy'; +import { TargetBaseProps, bindBaseTargetConfig } from './util'; /** * Customize the CloudWatch LogGroup Event Target */ -export interface LogGroupProps { +export interface LogGroupProps extends TargetBaseProps { /** * The event to send to the CloudWatch LogGroup * @@ -45,6 +46,7 @@ export class CloudWatchLogGroup implements events.IRuleTarget { } return { + ...bindBaseTargetConfig(this.props), arn: logGroupStack.formatArn({ service: 'logs', resource: 'log-group', diff --git a/packages/@aws-cdk/aws-events-targets/lib/state-machine.ts b/packages/@aws-cdk/aws-events-targets/lib/state-machine.ts index 2407a2023c96b..ce780bf99d2d2 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/state-machine.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/state-machine.ts @@ -1,13 +1,12 @@ import * as events from '@aws-cdk/aws-events'; import * as iam from '@aws-cdk/aws-iam'; -import * as sqs from '@aws-cdk/aws-sqs'; import * as sfn from '@aws-cdk/aws-stepfunctions'; -import { addToDeadLetterQueueResourcePolicy, singletonEventRole } from './util'; +import { addToDeadLetterQueueResourcePolicy, bindBaseTargetConfig, singletonEventRole, TargetBaseProps } from './util'; /** * Customize the Step Functions State Machine target */ -export interface SfnStateMachineProps { +export interface SfnStateMachineProps extends TargetBaseProps { /** * The input to the state machine execution * @@ -21,18 +20,6 @@ export interface SfnStateMachineProps { * @default - a new role will be created */ readonly role?: iam.IRole; - - /** - * The SQS queue to be used as deadLetterQueue. - * Check out the [considerations for using a dead-letter queue](https://docs.aws.amazon.com/eventbridge/latest/userguide/rule-dlq.html#dlq-considerations). - * - * The events not successfully delivered are automatically retried for a specified period of time, - * depending on the retry policy of the target. - * If an event is not delivered before all retry attempts are exhausted, it will be sent to the dead letter queue. - * - * @default - no dead-letter queue - */ - readonly deadLetterQueue?: sqs.IQueue; } /** @@ -61,8 +48,8 @@ export class SfnStateMachine implements events.IRuleTarget { } return { + ...bindBaseTargetConfig(this.props), arn: this.machine.stateMachineArn, - deadLetterConfig: this.props.deadLetterQueue ? { arn: this.props.deadLetterQueue?.queueArn } : undefined, role: this.role, input: this.props.input, targetResource: this.machine, diff --git a/packages/@aws-cdk/aws-events-targets/lib/util.ts b/packages/@aws-cdk/aws-events-targets/lib/util.ts index 069b04a8c5131..6805b7245000f 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/util.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/util.ts @@ -2,17 +2,74 @@ import * as events from '@aws-cdk/aws-events'; import * as iam from '@aws-cdk/aws-iam'; import * as lambda from '@aws-cdk/aws-lambda'; import * as sqs from '@aws-cdk/aws-sqs'; -import { Annotations, ConstructNode, IConstruct, Names, Token, TokenComparison } from '@aws-cdk/core'; +import { Annotations, ConstructNode, IConstruct, Names, Token, TokenComparison, Duration } from '@aws-cdk/core'; // keep this import separate from other imports to reduce chance for merge conflicts with v2-main // eslint-disable-next-line no-duplicate-imports, import/order import { Construct } from '@aws-cdk/core'; +/** + * The generic properties for an RuleTarget + */ +export interface TargetBaseProps { + /** + * The SQS queue to be used as deadLetterQueue. + * Check out the [considerations for using a dead-letter queue](https://docs.aws.amazon.com/eventbridge/latest/userguide/rule-dlq.html#dlq-considerations). + * + * The events not successfully delivered are automatically retried for a specified period of time, + * depending on the retry policy of the target. + * If an event is not delivered before all retry attempts are exhausted, it will be sent to the dead letter queue. + * + * @default - no dead-letter queue + */ + readonly deadLetterQueue?: sqs.IQueue; + /** + * The maximum age of a request that Lambda sends to a function for + * processing. + * + * Minimum value of 60. + * Maximum value of 86400. + * + * @default Duration.hours(24) + */ + readonly maxEventAge?: Duration; + + /** + * The maximum number of times to retry when the function returns an error. + * + * Minimum value of 0. + * Maximum value of 185. + * + * @default 185 + */ + readonly retryAttempts?: number; +} + +/** + * Bind props to base rule target config. + * @internal + */ +export function bindBaseTargetConfig(props: TargetBaseProps) { + let { deadLetterQueue, retryAttempts, maxEventAge } = props; + + return { + deadLetterConfig: deadLetterQueue ? { arn: deadLetterQueue?.queueArn } : undefined, + retryPolicy: retryAttempts || maxEventAge + ? { + maximumRetryAttempts: retryAttempts, + maximumEventAgeInSeconds: maxEventAge?.toSeconds({ integral: true }), + } + : undefined, + }; +} + + /** * Obtain the Role for the EventBridge event * * If a role already exists, it will be returned. This ensures that if multiple * events have the same target, they will share a role. + * @internal */ export function singletonEventRole(scope: IConstruct, policyStatements: iam.PolicyStatement[]): iam.IRole { const id = 'EventsRole'; @@ -30,6 +87,7 @@ export function singletonEventRole(scope: IConstruct, policyStatements: iam.Poli /** * Allows a Lambda function to be called from a rule + * @internal */ export function addLambdaPermission(rule: events.IRule, handler: lambda.IFunction): void { let scope: Construct | undefined; @@ -54,6 +112,7 @@ export function addLambdaPermission(rule: events.IRule, handler: lambda.IFunctio /** * Allow a rule to send events with failed invocation to an Amazon SQS queue. + * @internal */ export function addToDeadLetterQueueResourcePolicy(rule: events.IRule, queue: sqs.IQueue) { if (!sameEnvDimension(rule.env.region, queue.env.region)) { @@ -89,6 +148,7 @@ export function addToDeadLetterQueueResourcePolicy(rule: events.IRule, queue: sq * * Used to compare either accounts or regions, and also returns true if both * are unresolved (in which case both are expted to be "current region" or "current account"). + * @internal */ function sameEnvDimension(dim1: string, dim2: string) { return [TokenComparison.SAME, TokenComparison.BOTH_UNRESOLVED].includes(Token.compareStrings(dim1, dim2)); diff --git a/packages/@aws-cdk/aws-events-targets/test/codebuild/codebuild.test.ts b/packages/@aws-cdk/aws-events-targets/test/codebuild/codebuild.test.ts index 1eba641d7c8ce..235ac1da203bc 100644 --- a/packages/@aws-cdk/aws-events-targets/test/codebuild/codebuild.test.ts +++ b/packages/@aws-cdk/aws-events-targets/test/codebuild/codebuild.test.ts @@ -3,7 +3,7 @@ import * as codebuild from '@aws-cdk/aws-codebuild'; import * as events from '@aws-cdk/aws-events'; import * as iam from '@aws-cdk/aws-iam'; import * as sqs from '@aws-cdk/aws-sqs'; -import { CfnElement, Stack } from '@aws-cdk/core'; +import { CfnElement, Duration, Stack } from '@aws-cdk/core'; import * as targets from '../../lib'; describe('CodeBuild event target', () => { @@ -122,6 +122,54 @@ describe('CodeBuild event target', () => { })); }); + test('specifying retry policy', () => { + // GIVEN + const rule = new events.Rule(stack, 'Rule', { + schedule: events.Schedule.expression('rate(1 hour)'), + }); + + // WHEN + const eventInput = { + buildspecOverride: 'buildspecs/hourly.yml', + }; + + rule.addTarget( + new targets.CodeBuildProject(project, { + event: events.RuleTargetInput.fromObject(eventInput), + retryAttempts: 2, + maxEventAge: Duration.hours(2), + }), + ); + + // THEN + expect(stack).to(haveResource('AWS::Events::Rule', { + ScheduleExpression: 'rate(1 hour)', + State: 'ENABLED', + Targets: [ + { + Arn: { + 'Fn::GetAtt': [ + 'MyProject39F7B0AE', + 'Arn', + ], + }, + Id: 'Target0', + Input: '{"buildspecOverride":"buildspecs/hourly.yml"}', + RetryPolicy: { + MaximumEventAgeInSeconds: 7200, + MaximumRetryAttempts: 2, + }, + RoleArn: { + 'Fn::GetAtt': [ + 'MyProjectEventsRole5B7D93F5', + 'Arn', + ], + }, + }, + ], + })); + }); + test('use a Dead Letter Queue for the rule target', () => { // GIVEN const rule = new events.Rule(stack, 'Rule', { diff --git a/packages/@aws-cdk/aws-events-targets/test/codebuild/integ.project-events.expected.json b/packages/@aws-cdk/aws-events-targets/test/codebuild/integ.project-events.expected.json index aec41898a4622..6d65b68ccb033 100644 --- a/packages/@aws-cdk/aws-events-targets/test/codebuild/integ.project-events.expected.json +++ b/packages/@aws-cdk/aws-events-targets/test/codebuild/integ.project-events.expected.json @@ -51,6 +51,10 @@ ] } }, + "RetryPolicy": { + "MaximumEventAgeInSeconds": 7200, + "MaximumRetryAttempts": 2 + }, "Id": "Target0", "RoleArn": { "Fn::GetAtt": [ diff --git a/packages/@aws-cdk/aws-events-targets/test/codebuild/integ.project-events.ts b/packages/@aws-cdk/aws-events-targets/test/codebuild/integ.project-events.ts index 7974a4188f969..83b48805d2387 100644 --- a/packages/@aws-cdk/aws-events-targets/test/codebuild/integ.project-events.ts +++ b/packages/@aws-cdk/aws-events-targets/test/codebuild/integ.project-events.ts @@ -42,6 +42,8 @@ project.onPhaseChange('PhaseChange', { const onCommitRule = repo.onCommit('OnCommit', { target: new targets.CodeBuildProject(project, { deadLetterQueue: deadLetterQueue, + maxEventAge: cdk.Duration.hours(2), + retryAttempts: 2, }), branches: ['master'], }); diff --git a/packages/@aws-cdk/aws-events-targets/test/codepipeline/integ.pipeline-event-target.expected.json b/packages/@aws-cdk/aws-events-targets/test/codepipeline/integ.pipeline-event-target.expected.json index 66418749eda33..7f2c9d48da34b 100644 --- a/packages/@aws-cdk/aws-events-targets/test/codepipeline/integ.pipeline-event-target.expected.json +++ b/packages/@aws-cdk/aws-events-targets/test/codepipeline/integ.pipeline-event-target.expected.json @@ -397,6 +397,11 @@ ] } }, + "dlq09C78ACC": { + "Type": "AWS::SQS::Queue", + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, "ruleF2C1DCDC": { "Type": "AWS::Events::Rule", "Properties": { @@ -427,7 +432,19 @@ ] ] }, + "DeadLetterConfig": { + "Arn": { + "Fn::GetAtt": [ + "dlq09C78ACC", + "Arn" + ] + } + }, "Id": "Target0", + "RetryPolicy": { + "MaximumEventAgeInSeconds": 7200, + "MaximumRetryAttempts": 2 + }, "RoleArn": { "Fn::GetAtt": [ "pipelinePipeline22F2A91DEventsRole048D7F59", diff --git a/packages/@aws-cdk/aws-events-targets/test/codepipeline/integ.pipeline-event-target.ts b/packages/@aws-cdk/aws-events-targets/test/codepipeline/integ.pipeline-event-target.ts index b4f321230234f..dafad82627605 100644 --- a/packages/@aws-cdk/aws-events-targets/test/codepipeline/integ.pipeline-event-target.ts +++ b/packages/@aws-cdk/aws-events-targets/test/codepipeline/integ.pipeline-event-target.ts @@ -1,6 +1,7 @@ import * as codecommit from '@aws-cdk/aws-codecommit'; import * as codepipeline from '@aws-cdk/aws-codepipeline'; import * as events from '@aws-cdk/aws-events'; +import * as sqs from '@aws-cdk/aws-sqs'; import * as cdk from '@aws-cdk/core'; import * as constructs from 'constructs'; import * as targets from '../../lib'; @@ -64,9 +65,15 @@ pipeline.addStage({ })], }); +let queue = new sqs.Queue(stack, 'dlq'); + new events.Rule(stack, 'rule', { schedule: events.Schedule.expression('rate(1 minute)'), - targets: [new targets.CodePipeline(pipeline)], + targets: [new targets.CodePipeline(pipeline, { + deadLetterQueue: queue, + maxEventAge: cdk.Duration.hours(2), + retryAttempts: 2, + })], }); app.synth(); diff --git a/packages/@aws-cdk/aws-events-targets/test/codepipeline/pipeline.test.ts b/packages/@aws-cdk/aws-events-targets/test/codepipeline/pipeline.test.ts index 68ee1a10ae449..31730035a3c05 100644 --- a/packages/@aws-cdk/aws-events-targets/test/codepipeline/pipeline.test.ts +++ b/packages/@aws-cdk/aws-events-targets/test/codepipeline/pipeline.test.ts @@ -2,7 +2,8 @@ import { expect, haveResource, haveResourceLike } from '@aws-cdk/assert'; import * as codepipeline from '@aws-cdk/aws-codepipeline'; import * as events from '@aws-cdk/aws-events'; import * as iam from '@aws-cdk/aws-iam'; -import { CfnElement, Stack } from '@aws-cdk/core'; +import * as sqs from '@aws-cdk/aws-sqs'; +import { CfnElement, Duration, Stack } from '@aws-cdk/core'; import { Construct } from 'constructs'; import * as targets from '../../lib'; @@ -93,6 +94,71 @@ describe('CodePipeline event target', () => { }); }); + describe('with retry policy and dead letter queue', () => { + test('adds retry attempts and maxEventAge to the target configuration', () => { + // WHEN + let queue = new sqs.Queue(stack, 'dlq'); + + rule.addTarget(new targets.CodePipeline(pipeline, { + retryAttempts: 2, + maxEventAge: Duration.hours(2), + deadLetterQueue: queue, + })); + + // THEN + expect(stack).to(haveResource('AWS::Events::Rule', { + ScheduleExpression: 'rate(1 minute)', + State: 'ENABLED', + Targets: [ + { + Arn: { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':codepipeline:', + { + Ref: 'AWS::Region', + }, + ':', + { + Ref: 'AWS::AccountId', + }, + ':', + { + Ref: 'PipelineC660917D', + }, + ], + ], + }, + DeadLetterConfig: { + Arn: { + 'Fn::GetAtt': [ + 'dlq09C78ACC', + 'Arn', + ], + }, + }, + Id: 'Target0', + RetryPolicy: { + MaximumEventAgeInSeconds: 7200, + MaximumRetryAttempts: 2, + }, + RoleArn: { + 'Fn::GetAtt': [ + 'PipelineEventsRole46BEEA7C', + 'Arn', + ], + }, + }, + ], + })); + }); + }); + describe('with an explicit event role', () => { beforeEach(() => { const role = new iam.Role(stack, 'MyExampleRole', { diff --git a/packages/@aws-cdk/aws-events-targets/test/lambda/integ.events.expected.json b/packages/@aws-cdk/aws-events-targets/test/lambda/integ.events.expected.json index 7df2a4becf021..32474ae439abf 100644 --- a/packages/@aws-cdk/aws-events-targets/test/lambda/integ.events.expected.json +++ b/packages/@aws-cdk/aws-events-targets/test/lambda/integ.events.expected.json @@ -145,7 +145,11 @@ ] } }, - "Id": "Target0" + "Id": "Target0", + "RetryPolicy": { + "MaximumEventAgeInSeconds": 7200, + "MaximumRetryAttempts": 2 + } } ] } diff --git a/packages/@aws-cdk/aws-events-targets/test/lambda/integ.events.ts b/packages/@aws-cdk/aws-events-targets/test/lambda/integ.events.ts index c37c632d803ae..3991d56d9ef56 100644 --- a/packages/@aws-cdk/aws-events-targets/test/lambda/integ.events.ts +++ b/packages/@aws-cdk/aws-events-targets/test/lambda/integ.events.ts @@ -33,6 +33,8 @@ const queue = new sqs.Queue(stack, 'Queue'); timer3.addTarget(new targets.LambdaFunction(fn, { deadLetterQueue: queue, + maxEventAge: cdk.Duration.hours(2), + retryAttempts: 2, })); app.synth(); diff --git a/packages/@aws-cdk/aws-events-targets/test/lambda/lambda.test.ts b/packages/@aws-cdk/aws-events-targets/test/lambda/lambda.test.ts index c5fd260715293..a32b0f422c29b 100644 --- a/packages/@aws-cdk/aws-events-targets/test/lambda/lambda.test.ts +++ b/packages/@aws-cdk/aws-events-targets/test/lambda/lambda.test.ts @@ -325,6 +325,52 @@ test('must display a warning when using a Dead Letter Queue from another account expect(rule?.node.metadata[0].data).toMatch(/Cannot add a resource policy to your dead letter queue associated with rule .* because the queue is in a different account\. You must add the resource policy manually to the dead letter queue in account 222222222222\./); }); + +test('specifying retry policy', () => { + // GIVEN + const app = new cdk.App(); + const stack = new cdk.Stack(app, 'Stack'); + + const fn = new lambda.Function(stack, 'MyLambda', { + code: new lambda.InlineCode('foo'), + handler: 'bar', + runtime: lambda.Runtime.PYTHON_2_7, + }); + + // WHEN + new events.Rule(stack, 'Rule', { + schedule: events.Schedule.rate(cdk.Duration.minutes(1)), + targets: [new targets.LambdaFunction(fn, { + retryAttempts: 2, + maxEventAge: cdk.Duration.hours(2), + })], + }); + + // THEN + expect(() => app.synth()).not.toThrow(); + + // the Permission resource should be in the event stack + expect(stack).toHaveResource('AWS::Events::Rule', { + ScheduleExpression: 'rate(1 minute)', + State: 'ENABLED', + Targets: [ + { + Arn: { + 'Fn::GetAtt': [ + 'MyLambdaCCE802FB', + 'Arn', + ], + }, + Id: 'Target0', + RetryPolicy: { + MaximumEventAgeInSeconds: 7200, + MaximumRetryAttempts: 2, + }, + }, + ], + }); +}); + function newTestLambda(scope: constructs.Construct, suffix = '') { return new lambda.Function(scope, `MyLambda${suffix}`, { code: new lambda.InlineCode('foo'), diff --git a/packages/@aws-cdk/aws-events-targets/test/logs/integ.log-group.expected.json b/packages/@aws-cdk/aws-events-targets/test/logs/integ.log-group.expected.json index 9a150d9cafa32..d39babefd566a 100644 --- a/packages/@aws-cdk/aws-events-targets/test/logs/integ.log-group.expected.json +++ b/packages/@aws-cdk/aws-events-targets/test/logs/integ.log-group.expected.json @@ -337,6 +337,11 @@ "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete" }, + "dlq09C78ACC": { + "Type": "AWS::SQS::Queue", + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, "Timer30894E3BB": { "Type": "AWS::Events::Rule", "Properties": { @@ -364,7 +369,19 @@ ] ] }, - "Id": "Target0" + "DeadLetterConfig": { + "Arn": { + "Fn::GetAtt": [ + "dlq09C78ACC", + "Arn" + ] + } + }, + "Id": "Target0", + "RetryPolicy": { + "MaximumEventAgeInSeconds": 7200, + "MaximumRetryAttempts": 2 + } } ] } diff --git a/packages/@aws-cdk/aws-events-targets/test/logs/integ.log-group.ts b/packages/@aws-cdk/aws-events-targets/test/logs/integ.log-group.ts index 6d813dd3df3dd..df8fcfae9e8bd 100644 --- a/packages/@aws-cdk/aws-events-targets/test/logs/integ.log-group.ts +++ b/packages/@aws-cdk/aws-events-targets/test/logs/integ.log-group.ts @@ -1,5 +1,6 @@ import * as events from '@aws-cdk/aws-events'; import * as logs from '@aws-cdk/aws-logs'; +import * as sqs from '@aws-cdk/aws-sqs'; import * as cdk from '@aws-cdk/core'; import * as targets from '../../lib'; @@ -38,10 +39,16 @@ timer2.addTarget(new targets.CloudWatchLogGroup(logGroup2, { }), })); +const queue = new sqs.Queue(stack, 'dlq'); + const timer3 = new events.Rule(stack, 'Timer3', { schedule: events.Schedule.rate(cdk.Duration.minutes(1)), }); -timer3.addTarget(new targets.CloudWatchLogGroup(importedLogGroup)); +timer3.addTarget(new targets.CloudWatchLogGroup(importedLogGroup, { + deadLetterQueue: queue, + maxEventAge: cdk.Duration.hours(2), + retryAttempts: 2, +})); app.synth(); diff --git a/packages/@aws-cdk/aws-events-targets/test/logs/log-group.test.ts b/packages/@aws-cdk/aws-events-targets/test/logs/log-group.test.ts index 6df5ad191770a..5af09c63de0d9 100644 --- a/packages/@aws-cdk/aws-events-targets/test/logs/log-group.test.ts +++ b/packages/@aws-cdk/aws-events-targets/test/logs/log-group.test.ts @@ -1,6 +1,7 @@ import '@aws-cdk/assert/jest'; import * as events from '@aws-cdk/aws-events'; import * as logs from '@aws-cdk/aws-logs'; +import * as sqs from '@aws-cdk/aws-sqs'; import * as cdk from '@aws-cdk/core'; import * as targets from '../../lib'; @@ -110,3 +111,78 @@ test('use log group as an event rule target with rule target input', () => { ], }); }); + +test('specifying retry policy and dead letter queue', () => { + // GIVEN + const stack = new cdk.Stack(); + const logGroup = new logs.LogGroup(stack, 'MyLogGroup', { + logGroupName: '/aws/events/MyLogGroup', + }); + const rule1 = new events.Rule(stack, 'Rule', { + schedule: events.Schedule.rate(cdk.Duration.minutes(1)), + }); + + const queue = new sqs.Queue(stack, 'Queue'); + + // WHEN + rule1.addTarget(new targets.CloudWatchLogGroup(logGroup, { + event: events.RuleTargetInput.fromObject({ + data: events.EventField.fromPath('$'), + }), + retryAttempts: 2, + maxEventAge: cdk.Duration.hours(2), + deadLetterQueue: queue, + })); + + // THEN + expect(stack).toHaveResource('AWS::Events::Rule', { + ScheduleExpression: 'rate(1 minute)', + State: 'ENABLED', + Targets: [ + { + Arn: { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':logs:', + { + Ref: 'AWS::Region', + }, + ':', + { + Ref: 'AWS::AccountId', + }, + ':log-group:', + { + Ref: 'MyLogGroup5C0DAD85', + }, + ], + ], + }, + DeadLetterConfig: { + Arn: { + 'Fn::GetAtt': [ + 'Queue4A7E3555', + 'Arn', + ], + }, + }, + Id: 'Target0', + InputTransformer: { + InputPathsMap: { + f1: '$', + }, + InputTemplate: '{"data":}', + }, + RetryPolicy: { + MaximumEventAgeInSeconds: 7200, + MaximumRetryAttempts: 2, + }, + }, + ], + }); +}); \ No newline at end of file diff --git a/packages/@aws-cdk/aws-events-targets/test/stepfunctions/statemachine.test.ts b/packages/@aws-cdk/aws-events-targets/test/stepfunctions/statemachine.test.ts index 9dc3b2d0a4e83..651bc7ff3f654 100644 --- a/packages/@aws-cdk/aws-events-targets/test/stepfunctions/statemachine.test.ts +++ b/packages/@aws-cdk/aws-events-targets/test/stepfunctions/statemachine.test.ts @@ -112,6 +112,54 @@ test('Existing role can be used for State machine Rule target', () => { }); }); +test('specifying retry policy', () => { + // GIVEN + const stack = new cdk.Stack(); + const rule = new events.Rule(stack, 'Rule', { + schedule: events.Schedule.expression('rate(1 hour)'), + }); + + // WHEN + const role = new iam.Role(stack, 'Role', { + assumedBy: new iam.ServicePrincipal('events.amazonaws.com'), + }); + const stateMachine = new sfn.StateMachine(stack, 'SM', { + definition: new sfn.Wait(stack, 'Hello', { time: sfn.WaitTime.duration(cdk.Duration.seconds(10)) }), + role, + }); + + rule.addTarget(new targets.SfnStateMachine(stateMachine, { + input: events.RuleTargetInput.fromObject({ SomeParam: 'SomeValue' }), + maxEventAge: cdk.Duration.hours(2), + retryAttempts: 2, + })); + + // THEN + expect(stack).toHaveResource('AWS::Events::Rule', { + ScheduleExpression: 'rate(1 hour)', + State: 'ENABLED', + Targets: [ + { + Arn: { + Ref: 'SM934E715A', + }, + Id: 'Target0', + Input: '{"SomeParam":"SomeValue"}', + RetryPolicy: { + MaximumEventAgeInSeconds: 7200, + MaximumRetryAttempts: 2, + }, + RoleArn: { + 'Fn::GetAtt': [ + 'SMEventsRoleB320A902', + 'Arn', + ], + }, + }, + ], + }); +}); + test('use a Dead Letter Queue for the rule target', () => { // GIVEN const app = new cdk.App(); diff --git a/packages/@aws-cdk/aws-events/lib/rule.ts b/packages/@aws-cdk/aws-events/lib/rule.ts index 2c71054b60828..e6cbf6afd728c 100644 --- a/packages/@aws-cdk/aws-events/lib/rule.ts +++ b/packages/@aws-cdk/aws-events/lib/rule.ts @@ -296,6 +296,7 @@ export class Rule extends Resource implements IRule { runCommandParameters: targetProps.runCommandParameters, batchParameters: targetProps.batchParameters, deadLetterConfig: targetProps.deadLetterConfig, + retryPolicy: targetProps.retryPolicy, sqsParameters: targetProps.sqsParameters, input: inputProps && inputProps.input, inputPath: inputProps && inputProps.inputPath, diff --git a/packages/@aws-cdk/aws-events/lib/target.ts b/packages/@aws-cdk/aws-events/lib/target.ts index 1f7de7e82b36a..6b880e0afa4d5 100644 --- a/packages/@aws-cdk/aws-events/lib/target.ts +++ b/packages/@aws-cdk/aws-events/lib/target.ts @@ -54,6 +54,12 @@ export interface RuleTargetConfig { */ readonly deadLetterConfig?: CfnRule.DeadLetterConfigProperty; + /** + * A RetryPolicy object that includes information about the retry policy settings. + * @default EventBridge default retry policy + */ + readonly retryPolicy?: CfnRule.RetryPolicyProperty; + /** * The Amazon ECS task definition and task count to use, if the event target * is an Amazon ECS task. From 54dcea22f36a4c67e0a68da91025be102f8bb336 Mon Sep 17 00:00:00 2001 From: AWS CDK Automation <43080478+aws-cdk-automation@users.noreply.github.com> Date: Wed, 24 Mar 2021 15:21:58 +0100 Subject: [PATCH 018/260] chore: npm-check-updates && yarn upgrade (#13768) Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date. --- package.json | 6 +- .../@aws-cdk/aws-lambda-nodejs/package.json | 2 +- .../cloud-assembly-schema/package.json | 2 +- packages/@aws-cdk/cx-api/package.json | 2 +- packages/aws-cdk-lib/package.json | 2 +- packages/aws-cdk/package.json | 2 +- packages/awslint/package.json | 4 +- packages/cdk-dasm/package.json | 2 +- packages/decdk/package.json | 4 +- packages/monocdk/package.json | 2 +- tools/cdk-build-tools/package.json | 10 +- tools/cfn2ts/package.json | 2 +- tools/eslint-plugin-cdk/package.json | 2 +- tools/pkglint/package.json | 2 +- yarn.lock | 173 ++++++++++++------ 15 files changed, 135 insertions(+), 82 deletions(-) diff --git a/package.json b/package.json index 2a8cc616236bd..6dad27d90e51f 100644 --- a/package.json +++ b/package.json @@ -18,9 +18,9 @@ "fs-extra": "^9.1.0", "graceful-fs": "^4.2.6", "jest-junit": "^12.0.0", - "jsii-diff": "^1.25.0", - "jsii-pacmak": "^1.25.0", - "jsii-rosetta": "^1.25.0", + "jsii-diff": "^1.26.0", + "jsii-pacmak": "^1.26.0", + "jsii-rosetta": "^1.26.0", "lerna": "^4.0.0", "standard-version": "^9.1.1", "typescript": "~3.9.9" diff --git a/packages/@aws-cdk/aws-lambda-nodejs/package.json b/packages/@aws-cdk/aws-lambda-nodejs/package.json index c411d343615fe..5609a2a2d5b0e 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/package.json +++ b/packages/@aws-cdk/aws-lambda-nodejs/package.json @@ -67,7 +67,7 @@ "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "delay": "5.0.0", - "esbuild": "^0.9.3", + "esbuild": "^0.9.6", "pkglint": "0.0.0" }, "dependencies": { diff --git a/packages/@aws-cdk/cloud-assembly-schema/package.json b/packages/@aws-cdk/cloud-assembly-schema/package.json index fdac837c6ca7a..9608d3fe6c8e0 100644 --- a/packages/@aws-cdk/cloud-assembly-schema/package.json +++ b/packages/@aws-cdk/cloud-assembly-schema/package.json @@ -89,7 +89,7 @@ }, "dependencies": { "jsonschema": "^1.4.0", - "semver": "^7.3.4" + "semver": "^7.3.5" }, "awscdkio": { "announce": false diff --git a/packages/@aws-cdk/cx-api/package.json b/packages/@aws-cdk/cx-api/package.json index 5e5ce913f629c..e054eeb2a3766 100644 --- a/packages/@aws-cdk/cx-api/package.json +++ b/packages/@aws-cdk/cx-api/package.json @@ -57,7 +57,7 @@ }, "dependencies": { "@aws-cdk/cloud-assembly-schema": "0.0.0", - "semver": "^7.3.4" + "semver": "^7.3.5" }, "peerDependencies": { "@aws-cdk/cloud-assembly-schema": "0.0.0" diff --git a/packages/aws-cdk-lib/package.json b/packages/aws-cdk-lib/package.json index 3f4b9857b9231..b0c8139bda0ed 100644 --- a/packages/aws-cdk-lib/package.json +++ b/packages/aws-cdk-lib/package.json @@ -95,7 +95,7 @@ "jsonschema": "^1.4.0", "minimatch": "^3.0.4", "punycode": "^2.1.1", - "semver": "^7.3.4", + "semver": "^7.3.5", "yaml": "1.10.2" }, "devDependencies": { diff --git a/packages/aws-cdk/package.json b/packages/aws-cdk/package.json index d9daa6c7cdb79..58d3863cc454b 100644 --- a/packages/aws-cdk/package.json +++ b/packages/aws-cdk/package.json @@ -84,7 +84,7 @@ "minimatch": ">=3.0", "promptly": "^3.2.0", "proxy-agent": "^4.0.1", - "semver": "^7.3.4", + "semver": "^7.3.5", "source-map-support": "^0.5.19", "table": "^6.0.7", "uuid": "^8.3.2", diff --git a/packages/awslint/package.json b/packages/awslint/package.json index 892c71823bed0..d8b9737cf41a6 100644 --- a/packages/awslint/package.json +++ b/packages/awslint/package.json @@ -16,11 +16,11 @@ "awslint": "bin/awslint" }, "dependencies": { - "@jsii/spec": "^1.25.0", + "@jsii/spec": "^1.26.0", "camelcase": "^6.2.0", "colors": "^1.4.0", "fs-extra": "^9.1.0", - "jsii-reflect": "^1.25.0", + "jsii-reflect": "^1.26.0", "yargs": "^16.2.0" }, "devDependencies": { diff --git a/packages/cdk-dasm/package.json b/packages/cdk-dasm/package.json index 06785f7619185..bb3fe012382df 100644 --- a/packages/cdk-dasm/package.json +++ b/packages/cdk-dasm/package.json @@ -26,7 +26,7 @@ }, "license": "Apache-2.0", "dependencies": { - "codemaker": "^1.25.0", + "codemaker": "^1.26.0", "yaml": "1.10.2" }, "devDependencies": { diff --git a/packages/decdk/package.json b/packages/decdk/package.json index 591d6165b33df..cfa803963ec9e 100644 --- a/packages/decdk/package.json +++ b/packages/decdk/package.json @@ -211,7 +211,7 @@ "@aws-cdk/yaml-cfn": "0.0.0", "constructs": "^3.2.0", "fs-extra": "^9.1.0", - "jsii-reflect": "^1.25.0", + "jsii-reflect": "^1.26.0", "jsonschema": "^1.4.0", "yaml": "1.10.2", "yargs": "^16.2.0" @@ -222,7 +222,7 @@ "@types/yaml": "1.9.7", "@types/yargs": "^15.0.13", "jest": "^26.6.3", - "jsii": "^1.25.0" + "jsii": "^1.26.0" }, "keywords": [ "aws", diff --git a/packages/monocdk/package.json b/packages/monocdk/package.json index 2978fe7a2e8d0..b52c2bec922a5 100644 --- a/packages/monocdk/package.json +++ b/packages/monocdk/package.json @@ -100,7 +100,7 @@ "jsonschema": "^1.4.0", "minimatch": "^3.0.4", "punycode": "^2.1.1", - "semver": "^7.3.4", + "semver": "^7.3.5", "yaml": "1.10.2" }, "devDependencies": { diff --git a/tools/cdk-build-tools/package.json b/tools/cdk-build-tools/package.json index 6d64a070e9afc..e77b0bd3e2cdb 100644 --- a/tools/cdk-build-tools/package.json +++ b/tools/cdk-build-tools/package.json @@ -39,8 +39,8 @@ "pkglint": "0.0.0" }, "dependencies": { - "@typescript-eslint/eslint-plugin": "^4.18.0", - "@typescript-eslint/parser": "^4.18.0", + "@typescript-eslint/eslint-plugin": "^4.19.0", + "@typescript-eslint/parser": "^4.19.0", "awslint": "0.0.0", "colors": "^1.4.0", "eslint": "^7.22.0", @@ -51,12 +51,12 @@ "eslint-plugin-jest": "^24.3.2", "fs-extra": "^9.1.0", "jest": "^26.6.3", - "jsii": "^1.25.0", - "jsii-pacmak": "^1.25.0", + "jsii": "^1.26.0", + "jsii-pacmak": "^1.26.0", "markdownlint-cli": "^0.27.1", "nodeunit": "^0.11.3", "nyc": "^15.1.0", - "semver": "^7.3.4", + "semver": "^7.3.5", "ts-jest": "^26.5.4", "typescript": "~3.9.9", "yargs": "^16.2.0", diff --git a/tools/cfn2ts/package.json b/tools/cfn2ts/package.json index 355b6ea897edb..ad6f7eff24004 100644 --- a/tools/cfn2ts/package.json +++ b/tools/cfn2ts/package.json @@ -30,7 +30,7 @@ "license": "Apache-2.0", "dependencies": { "@aws-cdk/cfnspec": "0.0.0", - "codemaker": "^1.25.0", + "codemaker": "^1.26.0", "fast-json-patch": "^3.0.0-1", "fs-extra": "^9.1.0", "yargs": "^16.2.0" diff --git a/tools/eslint-plugin-cdk/package.json b/tools/eslint-plugin-cdk/package.json index 490c8d98229c1..b96543cec5c2c 100644 --- a/tools/eslint-plugin-cdk/package.json +++ b/tools/eslint-plugin-cdk/package.json @@ -21,7 +21,7 @@ "typescript": "~3.9.9" }, "dependencies": { - "@typescript-eslint/parser": "^4.18.0", + "@typescript-eslint/parser": "^4.19.0", "eslint": "^7.22.0", "fs-extra": "^9.1.0" }, diff --git a/tools/pkglint/package.json b/tools/pkglint/package.json index 0bfea5465a4a0..2924381d124c0 100644 --- a/tools/pkglint/package.json +++ b/tools/pkglint/package.json @@ -48,7 +48,7 @@ "fs-extra": "^9.1.0", "glob": "^7.1.6", "npm-bundled": "^1.1.1", - "semver": "^7.3.4", + "semver": "^7.3.5", "yargs": "^16.2.0" } } diff --git a/yarn.lock b/yarn.lock index 6807fedf2c7d3..e1d8df5db4c1e 100644 --- a/yarn.lock +++ b/yarn.lock @@ -513,10 +513,10 @@ "@types/yargs" "^15.0.0" chalk "^4.0.0" -"@jsii/spec@^1.25.0": - version "1.25.0" - resolved "https://registry.yarnpkg.com/@jsii/spec/-/spec-1.25.0.tgz#535b85aa26d3db1d188c04300a2e20529eeee7fd" - integrity sha512-Zr56+uqZLoxI8qxIZZEweZdYBo0KqWf+q25m/okgwcKV4njCZuh0APXzeT/ebSkSOHQ3tneEE+g2EP/8IPP2og== +"@jsii/spec@^1.26.0": + version "1.26.0" + resolved "https://registry.yarnpkg.com/@jsii/spec/-/spec-1.26.0.tgz#fcf0ceae1eaa486c504fdb6d2d02897870e43ab4" + integrity sha512-wh9Z/wfQYcWE5IgUfKNBYQ9Lhye9Xh/lsRsxMQluqEsgObNqb/8JreenWviqzHzBBcvTcHHyl+G30mpmyO1PWQ== dependencies: jsonschema "^1.4.0" @@ -1692,13 +1692,13 @@ resolved "https://registry.yarnpkg.com/@types/yarnpkg__lockfile/-/yarnpkg__lockfile-1.1.4.tgz#445251eb00bd9c1e751f82c7c6bf4f714edfd464" integrity sha512-/emrKCfQMQmFCqRqqBJ0JueHBT06jBRM3e8OgnvDUcvuExONujIk2hFA5dNsN9Nt41ljGVDdChvCydATZ+KOZw== -"@typescript-eslint/eslint-plugin@^4.18.0": - version "4.18.0" - resolved "https://registry.yarnpkg.com/@typescript-eslint/eslint-plugin/-/eslint-plugin-4.18.0.tgz#50fbce93211b5b690895d20ebec6fe8db48af1f6" - integrity sha512-Lzkc/2+7EoH7+NjIWLS2lVuKKqbEmJhtXe3rmfA8cyiKnZm3IfLf51irnBcmow8Q/AptVV0XBZmBJKuUJTe6cQ== +"@typescript-eslint/eslint-plugin@^4.19.0": + version "4.19.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/eslint-plugin/-/eslint-plugin-4.19.0.tgz#56f8da9ee118fe9763af34d6a526967234f6a7f0" + integrity sha512-CRQNQ0mC2Pa7VLwKFbrGVTArfdVDdefS+gTw0oC98vSI98IX5A8EVH4BzJ2FOB0YlCmm8Im36Elad/Jgtvveaw== dependencies: - "@typescript-eslint/experimental-utils" "4.18.0" - "@typescript-eslint/scope-manager" "4.18.0" + "@typescript-eslint/experimental-utils" "4.19.0" + "@typescript-eslint/scope-manager" "4.19.0" debug "^4.1.1" functional-red-black-tree "^1.0.1" lodash "^4.17.15" @@ -1706,7 +1706,19 @@ semver "^7.3.2" tsutils "^3.17.1" -"@typescript-eslint/experimental-utils@4.18.0", "@typescript-eslint/experimental-utils@^4.0.1": +"@typescript-eslint/experimental-utils@4.19.0": + version "4.19.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/experimental-utils/-/experimental-utils-4.19.0.tgz#9ca379919906dc72cb0fcd817d6cb5aa2d2054c6" + integrity sha512-9/23F1nnyzbHKuoTqFN1iXwN3bvOm/PRIXSBR3qFAYotK/0LveEOHr5JT1WZSzcD6BESl8kPOG3OoDRKO84bHA== + dependencies: + "@types/json-schema" "^7.0.3" + "@typescript-eslint/scope-manager" "4.19.0" + "@typescript-eslint/types" "4.19.0" + "@typescript-eslint/typescript-estree" "4.19.0" + eslint-scope "^5.0.0" + eslint-utils "^2.0.0" + +"@typescript-eslint/experimental-utils@^4.0.1": version "4.18.0" resolved "https://registry.yarnpkg.com/@typescript-eslint/experimental-utils/-/experimental-utils-4.18.0.tgz#ed6c955b940334132b17100d2917449b99a91314" integrity sha512-92h723Kblt9JcT2RRY3QS2xefFKar4ZQFVs3GityOKWQYgtajxt/tuXIzL7sVCUlM1hgreiV5gkGYyBpdOwO6A== @@ -1718,14 +1730,14 @@ eslint-scope "^5.0.0" eslint-utils "^2.0.0" -"@typescript-eslint/parser@^4.18.0": - version "4.18.0" - resolved "https://registry.yarnpkg.com/@typescript-eslint/parser/-/parser-4.18.0.tgz#a211edb14a69fc5177054bec04c95b185b4dde21" - integrity sha512-W3z5S0ZbecwX3PhJEAnq4mnjK5JJXvXUDBYIYGoweCyWyuvAKfGHvzmpUzgB5L4cRBb+cTu9U/ro66dx7dIimA== +"@typescript-eslint/parser@^4.19.0": + version "4.19.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/parser/-/parser-4.19.0.tgz#4ae77513b39f164f1751f21f348d2e6cb2d11128" + integrity sha512-/uabZjo2ZZhm66rdAu21HA8nQebl3lAIDcybUoOxoI7VbZBYavLIwtOOmykKCJy+Xq6Vw6ugkiwn8Js7D6wieA== dependencies: - "@typescript-eslint/scope-manager" "4.18.0" - "@typescript-eslint/types" "4.18.0" - "@typescript-eslint/typescript-estree" "4.18.0" + "@typescript-eslint/scope-manager" "4.19.0" + "@typescript-eslint/types" "4.19.0" + "@typescript-eslint/typescript-estree" "4.19.0" debug "^4.1.1" "@typescript-eslint/scope-manager@4.18.0": @@ -1736,11 +1748,24 @@ "@typescript-eslint/types" "4.18.0" "@typescript-eslint/visitor-keys" "4.18.0" +"@typescript-eslint/scope-manager@4.19.0": + version "4.19.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/scope-manager/-/scope-manager-4.19.0.tgz#5e0b49eca4df7684205d957c9856f4e720717a4f" + integrity sha512-GGy4Ba/hLXwJXygkXqMzduqOMc+Na6LrJTZXJWVhRrSuZeXmu8TAnniQVKgj8uTRKe4igO2ysYzH+Np879G75g== + dependencies: + "@typescript-eslint/types" "4.19.0" + "@typescript-eslint/visitor-keys" "4.19.0" + "@typescript-eslint/types@4.18.0": version "4.18.0" resolved "https://registry.yarnpkg.com/@typescript-eslint/types/-/types-4.18.0.tgz#bebe323f81f2a7e2e320fac9415e60856267584a" integrity sha512-/BRociARpj5E+9yQ7cwCF/SNOWwXJ3qhjurMuK2hIFUbr9vTuDeu476Zpu+ptxY2kSxUHDGLLKy+qGq2sOg37A== +"@typescript-eslint/types@4.19.0": + version "4.19.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/types/-/types-4.19.0.tgz#5181d5d2afd02e5b8f149ebb37ffc8bd7b07a568" + integrity sha512-A4iAlexVvd4IBsSTNxdvdepW0D4uR/fwxDrKUa+iEY9UWvGREu2ZyB8ylTENM1SH8F7bVC9ac9+si3LWNxcBuA== + "@typescript-eslint/typescript-estree@4.18.0": version "4.18.0" resolved "https://registry.yarnpkg.com/@typescript-eslint/typescript-estree/-/typescript-estree-4.18.0.tgz#756d3e61da8c16ab99185532c44872f4cd5538cb" @@ -1754,6 +1779,19 @@ semver "^7.3.2" tsutils "^3.17.1" +"@typescript-eslint/typescript-estree@4.19.0": + version "4.19.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/typescript-estree/-/typescript-estree-4.19.0.tgz#8a709ffa400284ab72df33376df085e2e2f61147" + integrity sha512-3xqArJ/A62smaQYRv2ZFyTA+XxGGWmlDYrsfZG68zJeNbeqRScnhf81rUVa6QG4UgzHnXw5VnMT5cg75dQGDkA== + dependencies: + "@typescript-eslint/types" "4.19.0" + "@typescript-eslint/visitor-keys" "4.19.0" + debug "^4.1.1" + globby "^11.0.1" + is-glob "^4.0.1" + semver "^7.3.2" + tsutils "^3.17.1" + "@typescript-eslint/visitor-keys@4.18.0": version "4.18.0" resolved "https://registry.yarnpkg.com/@typescript-eslint/visitor-keys/-/visitor-keys-4.18.0.tgz#4e6fe2a175ee33418318a029610845a81e2ff7b6" @@ -1762,6 +1800,14 @@ "@typescript-eslint/types" "4.18.0" eslint-visitor-keys "^2.0.0" +"@typescript-eslint/visitor-keys@4.19.0": + version "4.19.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/visitor-keys/-/visitor-keys-4.19.0.tgz#cbea35109cbd9b26e597644556be4546465d8f7f" + integrity sha512-aGPS6kz//j7XLSlgpzU2SeTqHPsmRYxFztj2vPuMMFJXZudpRSehE3WCV+BaxwZFvfAqMoSd86TEuM0PQ59E/A== + dependencies: + "@typescript-eslint/types" "4.19.0" + eslint-visitor-keys "^2.0.0" + "@yarnpkg/lockfile@^1.1.0": version "1.1.0" resolved "https://registry.yarnpkg.com/@yarnpkg/lockfile/-/lockfile-1.1.0.tgz#e77a97fbd345b76d83245edcd17d393b1b41fb31" @@ -2707,10 +2753,10 @@ code-point-at@^1.0.0: resolved "https://registry.yarnpkg.com/code-point-at/-/code-point-at-1.1.0.tgz#0d070b4d043a5bea33a2f1a40e2edb3d9a4ccf77" integrity sha1-DQcLTQQ6W+ozovGkDi7bPZpMz3c= -codemaker@^1.25.0: - version "1.25.0" - resolved "https://registry.yarnpkg.com/codemaker/-/codemaker-1.25.0.tgz#987abcdf4f1ea7c3d71083dded4ce72941044710" - integrity sha512-54qCHs6X6llXIAztHCo2IyzzvuH9GrEecwxxTU925M3EJV4z+7PMiI1AollZxSeyY2pGO5TjNlAQAyLXETI3NQ== +codemaker@^1.26.0: + version "1.26.0" + resolved "https://registry.yarnpkg.com/codemaker/-/codemaker-1.26.0.tgz#31560f44d597afbb366c015267327394e18efbdf" + integrity sha512-oK0SdWi3CUHL7hVcDpXVBQc2xm31RCJSqg7I1wviMifD89zbvu3boAz/s5aoXbcVDKKxLOZn2w55WlGCih9HOw== dependencies: camelcase "^6.2.0" decamelize "^5.0.0" @@ -3651,10 +3697,10 @@ es6-error@^4.0.1: resolved "https://registry.yarnpkg.com/es6-error/-/es6-error-4.1.1.tgz#9e3af407459deed47e9a91f9b885a84eb05c561d" integrity sha512-Um/+FxMr9CISWh0bi5Zv0iOD+4cFh5qLeks1qhAopKVAJw3drgKbKySikp7wGhDL0HPeaja0P5ULZrxLkniUVg== -esbuild@^0.9.3: - version "0.9.3" - resolved "https://registry.yarnpkg.com/esbuild/-/esbuild-0.9.3.tgz#09293a0b824159c6aa2488d1c6c22f57d8448f74" - integrity sha512-G8k0olucZp3LJ7I/p8y388t+IEyb2Y78nHrLeIxuqZqh6TYqDYP/B/7drAvYKfh83CGwKal9txVP+FTypsPJug== +esbuild@^0.9.6: + version "0.9.6" + resolved "https://registry.yarnpkg.com/esbuild/-/esbuild-0.9.6.tgz#2cae519e7ce2328ecf57ae738090d07ce7245850" + integrity sha512-F6vASxU0wT/Davt9aj2qtDwDNSkQxh9VbyO56M7PDWD+D/Vgq/rmUDGDQo7te76W5auauVojjnQr/wTu3vpaUA== escalade@^3.1.1: version "3.1.1" @@ -5876,65 +5922,65 @@ jsesc@^2.5.1: resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-2.5.2.tgz#80564d2e483dacf6e8ef209650a67df3f0c283a4" integrity sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA== -jsii-diff@^1.25.0: - version "1.25.0" - resolved "https://registry.yarnpkg.com/jsii-diff/-/jsii-diff-1.25.0.tgz#410c05422427291c7b19e2d410090b6945eda142" - integrity sha512-rW4mpldvQrUDgDY+9Bvglew6nwXPWyVaePgeYTTB/4+9NEoAE7vecQAYhDokTBRdcOVCaEt5ffucwwawMu2ctQ== +jsii-diff@^1.26.0: + version "1.26.0" + resolved "https://registry.yarnpkg.com/jsii-diff/-/jsii-diff-1.26.0.tgz#41ba434b298771b7542a3a2eb18241ba6cf82a73" + integrity sha512-RWu1AFYE8+U+75yZMSKrn5JFj6G21yiKR2Won+XbggD+DveHDGNbopWi9lDHuB5ec04kfiUB7og0yXkanIO4wg== dependencies: - "@jsii/spec" "^1.25.0" + "@jsii/spec" "^1.26.0" fs-extra "^9.1.0" - jsii-reflect "^1.25.0" + jsii-reflect "^1.26.0" log4js "^6.3.0" typescript "~3.9.9" yargs "^16.2.0" -jsii-pacmak@^1.25.0: - version "1.25.0" - resolved "https://registry.yarnpkg.com/jsii-pacmak/-/jsii-pacmak-1.25.0.tgz#389bc16b8c7337769c2ed7a03e04262476b9b69b" - integrity sha512-GEVdCYvnwYVnVNdcLDrvStaHqWIXBiZCpM9i4LS2rpA+qSsyXJUF8FV4cj2YFjdHsolUdY1EKY7njSs8XQ+1gg== +jsii-pacmak@^1.26.0: + version "1.26.0" + resolved "https://registry.yarnpkg.com/jsii-pacmak/-/jsii-pacmak-1.26.0.tgz#c600cb190255e080944c906d885e9b436edd2cd9" + integrity sha512-KOKOIazxddh8CuyuLMoBURW2bj3prhzyT0qF5ojUhHrbZeuH3eulF/Sn5PaIAadmQdmCiu69DYJe2JIwY/zwjw== dependencies: - "@jsii/spec" "^1.25.0" + "@jsii/spec" "^1.26.0" clone "^2.1.2" - codemaker "^1.25.0" + codemaker "^1.26.0" commonmark "^0.29.3" escape-string-regexp "^4.0.0" fs-extra "^9.1.0" - jsii-reflect "^1.25.0" - jsii-rosetta "^1.25.0" + jsii-reflect "^1.26.0" + jsii-rosetta "^1.26.0" semver "^7.3.4" spdx-license-list "^6.4.0" xmlbuilder "^15.1.1" yargs "^16.2.0" -jsii-reflect@^1.25.0: - version "1.25.0" - resolved "https://registry.yarnpkg.com/jsii-reflect/-/jsii-reflect-1.25.0.tgz#713727a07b270d61304a122be7cb50e135b8fdf0" - integrity sha512-ufBgOeGe6WVmx0CO7ABraEYOzhzxvmx6gJuUvOz/8XMe1dIIU2USLW3O1ArkEtIWchN4F2gITdd7I7jhdzzN1A== +jsii-reflect@^1.26.0: + version "1.26.0" + resolved "https://registry.yarnpkg.com/jsii-reflect/-/jsii-reflect-1.26.0.tgz#6efa0e8058ff8547b02b3b688263ad933feb646b" + integrity sha512-mlu97Xs2M+YCq3Z8z2vzLYOe3XVC3T0YBabvJjkKoNYdH6F/S5zQMVdGwfHEXv1asFv7PrrVu46Zf/dKnqULcw== dependencies: - "@jsii/spec" "^1.25.0" + "@jsii/spec" "^1.26.0" colors "^1.4.0" fs-extra "^9.1.0" - oo-ascii-tree "^1.25.0" + oo-ascii-tree "^1.26.0" yargs "^16.2.0" -jsii-rosetta@^1.25.0: - version "1.25.0" - resolved "https://registry.yarnpkg.com/jsii-rosetta/-/jsii-rosetta-1.25.0.tgz#07eb3c26f76f6ce7d56052014d651a8946629a73" - integrity sha512-2g+O5mkXrcsJPrHs71WPvLhcV4JERYUUzfG4rArZQ+YsGYSlpP2K6FdYlAk8haeCeEgyaedNgsbcW9NbxV8p3A== +jsii-rosetta@^1.26.0: + version "1.26.0" + resolved "https://registry.yarnpkg.com/jsii-rosetta/-/jsii-rosetta-1.26.0.tgz#f2107981b769f10f0b2ebf497702c3e6d9d3a2c1" + integrity sha512-J/VQR8j/mD4Q5qGF0JmfvOJeNWIx0I158nvo6FsnC8aYmHyIpBPmlpKWZzUGC8fHxoD3mC8oeiFLp2Yv8BNtvQ== dependencies: - "@jsii/spec" "^1.25.0" + "@jsii/spec" "^1.26.0" commonmark "^0.29.3" fs-extra "^9.1.0" typescript "~3.9.9" xmldom "^0.5.0" yargs "^16.2.0" -jsii@^1.25.0: - version "1.25.0" - resolved "https://registry.yarnpkg.com/jsii/-/jsii-1.25.0.tgz#ec60566f6c2c7829d25aa8f1fb14d49c700f621e" - integrity sha512-5dchUvG+RTc48v8euUUNvxKxAlPMIaE9rG8BFp4RiXQiB3EFDTJeeM89cXK4w/vAhjgDlAxMDx3EJr7k6e461A== +jsii@^1.26.0: + version "1.26.0" + resolved "https://registry.yarnpkg.com/jsii/-/jsii-1.26.0.tgz#8994498b69a616be7c255285dc6d8142b5032b61" + integrity sha512-ZUu5N8+u12VyNkPgSgvVzIhZ+aEAd531zDZK4qkth7UsGNhSy4zBz9BJMSSKnaVV0oR6Pvehhg5DJ3dCu8qJrw== dependencies: - "@jsii/spec" "^1.25.0" + "@jsii/spec" "^1.26.0" case "^1.6.3" colors "^1.4.0" deep-equal "^2.0.5" @@ -7299,10 +7345,10 @@ onetime@^5.1.0, onetime@^5.1.2: dependencies: mimic-fn "^2.1.0" -oo-ascii-tree@^1.25.0: - version "1.25.0" - resolved "https://registry.yarnpkg.com/oo-ascii-tree/-/oo-ascii-tree-1.25.0.tgz#97ce4d7e61a26d9c44117b041bf313a5329edf85" - integrity sha512-bV3aHhVkSc862VMMj1JV9y8yBqzhXCMNE9UFt8w9NwkM7tvw94O8niGlvmFzNx2Hf4+qhO4gYdtRAYQqUaH+1w== +oo-ascii-tree@^1.26.0: + version "1.26.0" + resolved "https://registry.yarnpkg.com/oo-ascii-tree/-/oo-ascii-tree-1.26.0.tgz#c282175f2e620615d385e613ef451e9ffb6ad9a5" + integrity sha512-JcRUxvHG+QAheXnxx9cwtgDJY6aXc70UAvgoFxKtRz+KfWEU47z/X2HHb81O/aZ3mN4fRnnnnwQhaTUuQRw2Ag== opener@^1.5.1: version "1.5.2" @@ -8469,6 +8515,13 @@ semver@^6.0.0, semver@^6.1.0, semver@^6.1.1, semver@^6.3.0: resolved "https://registry.yarnpkg.com/semver/-/semver-6.3.0.tgz#ee0a64c8af5e8ceea67687b133761e1becbd1d3d" integrity sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw== +semver@^7.3.5: + version "7.3.5" + resolved "https://registry.yarnpkg.com/semver/-/semver-7.3.5.tgz#0b621c879348d8998e4b0e4be94b3f12e6018ef7" + integrity sha512-PoeGJYh8HK4BTO/a9Tf6ZG3veo/A7ZVsYrSA6J8ny9nb3B1VrpkuN+z9OE5wfE5p6H4LchYZsegiQgbJD94ZFQ== + dependencies: + lru-cache "^6.0.0" + set-blocking@^2.0.0, set-blocking@~2.0.0: version "2.0.0" resolved "https://registry.yarnpkg.com/set-blocking/-/set-blocking-2.0.0.tgz#045f9782d011ae9a6803ddd382b24392b3d890f7" From ca391b596fae1c3130a8811088d32df21a23a434 Mon Sep 17 00:00:00 2001 From: Niranjan Jayakar Date: Wed, 24 Mar 2021 16:41:24 +0000 Subject: [PATCH 019/260] chore(lambda-nodejs): prepare code to reduce merge conflicts when deprecated APIs are stripped (#13738) BUNDLING - The `BundlingDockerImage` class is deprecated, replaced by `DockerImage`. Remove all uses of this class across modules in a backwards compatible way. ECR ASSET - Change the way symbols are imported from '@aws-cdk/assets' so that they can be in-place replaced with their replacements from '@aws-cdk/core' module. The `IAsset` interface from the core module introduces the property `assetHash` instead of `sourceHash`. This change makes the code forwards compatible so as to be supportive on v2. Other small backwards compatible changes. BREAKING CHANGE: The type of `image` property in the `Bundling` class is changed from `BundlingDockerImage` to `DockerImage`. * **lambda-nodejs**: The type of `dockerImage` property in `BundlingOptions` is changed from `BundlingDockerImage` to `DockerImage`. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../aws-ecr-assets/lib/image-asset.ts | 29 ++++++--- .../aws-ecr-assets/test/image-asset.test.ts | 62 +++++++++---------- .../aws-events-targets/lib/event-bus.ts | 3 +- .../aws-lambda-nodejs/lib/bundling.ts | 6 +- .../@aws-cdk/aws-lambda-nodejs/lib/types.ts | 4 +- .../aws-lambda-nodejs/test/bundling.test.ts | 6 +- .../aws-lambda-python/lib/bundling.ts | 2 +- packages/@aws-cdk/aws-lambda/lib/runtime.ts | 4 +- packages/@aws-cdk/aws-s3-assets/lib/asset.ts | 6 +- .../test/integ.assets.bundling.lit.ts | 4 +- packages/@aws-cdk/aws-s3/lib/bucket.ts | 2 +- packages/@aws-cdk/core/lib/bundling.ts | 45 +++++++++++++- .../@aws-cdk/cx-api/lib/cloud-assembly.ts | 4 +- 13 files changed, 118 insertions(+), 59 deletions(-) diff --git a/packages/@aws-cdk/aws-ecr-assets/lib/image-asset.ts b/packages/@aws-cdk/aws-ecr-assets/lib/image-asset.ts index 26a3a40f35335..8f99d5081f514 100644 --- a/packages/@aws-cdk/aws-ecr-assets/lib/image-asset.ts +++ b/packages/@aws-cdk/aws-ecr-assets/lib/image-asset.ts @@ -1,11 +1,13 @@ import * as fs from 'fs'; import * as path from 'path'; -import * as assets from '@aws-cdk/assets'; import * as ecr from '@aws-cdk/aws-ecr'; import { Annotations, FeatureFlags, IgnoreMode, Stack, Token } from '@aws-cdk/core'; import * as cxapi from '@aws-cdk/cx-api'; import { Construct } from 'constructs'; +// keep this import separate from other imports to reduce chance for merge conflicts with v2-main +// eslint-disable-next-line +import { FingerprintOptions, IAsset, Staging } from '@aws-cdk/assets'; // keep this import separate from other imports to reduce chance for merge conflicts with v2-main // eslint-disable-next-line no-duplicate-imports, import/order import { Construct as CoreConstruct } from '@aws-cdk/core'; @@ -13,7 +15,7 @@ import { Construct as CoreConstruct } from '@aws-cdk/core'; /** * Options for DockerImageAsset */ -export interface DockerImageAssetOptions extends assets.FingerprintOptions { +export interface DockerImageAssetOptions extends FingerprintOptions { /** * ECR repository name * @@ -69,7 +71,7 @@ export interface DockerImageAssetProps extends DockerImageAssetOptions { * * The image will be created in build time and uploaded to an ECR repository. */ -export class DockerImageAsset extends CoreConstruct implements assets.IAsset { +export class DockerImageAsset extends CoreConstruct implements IAsset { /** * The full URI of the image (including a tag). Use this reference to pull * the asset. @@ -81,8 +83,21 @@ export class DockerImageAsset extends CoreConstruct implements assets.IAsset { */ public repository: ecr.IRepository; + /** + * A hash of the source of this asset, which is available at construction time. As this is a plain + * string, it can be used in construct IDs in order to enforce creation of a new resource when + * the content hash has changed. + * @deprecated use assetHash + */ public readonly sourceHash: string; + /** + * A hash of this asset, which is available at construction time. As this is a plain string, it + * can be used in construct IDs in order to enforce creation of a new resource when the content + * hash has changed. + */ + public readonly assetHash: string; + constructor(scope: Construct, id: string, props: DockerImageAssetProps) { super(scope, id); @@ -141,7 +156,7 @@ export class DockerImageAsset extends CoreConstruct implements assets.IAsset { // deletion of the ECR repository the app used). extraHash.version = '1.21.0'; - const staging = new assets.Staging(this, 'Staging', { + const staging = new Staging(this, 'Staging', { ...props, exclude, ignoreMode, @@ -151,7 +166,8 @@ export class DockerImageAsset extends CoreConstruct implements assets.IAsset { : JSON.stringify(extraHash), }); - this.sourceHash = staging.sourceHash; + this.sourceHash = staging.assetHash; + this.assetHash = staging.assetHash; const stack = Stack.of(this); const location = stack.synthesizer.addDockerImageAsset({ @@ -159,8 +175,7 @@ export class DockerImageAsset extends CoreConstruct implements assets.IAsset { dockerBuildArgs: props.buildArgs, dockerBuildTarget: props.target, dockerFile: props.file, - repositoryName: props.repositoryName, - sourceHash: staging.sourceHash, + sourceHash: staging.assetHash, }); this.repository = ecr.Repository.fromRepositoryName(this, 'Repository', location.repositoryName); diff --git a/packages/@aws-cdk/aws-ecr-assets/test/image-asset.test.ts b/packages/@aws-cdk/aws-ecr-assets/test/image-asset.test.ts index 17fd37be2e234..45b5a1cf0d6de 100644 --- a/packages/@aws-cdk/aws-ecr-assets/test/image-asset.test.ts +++ b/packages/@aws-cdk/aws-ecr-assets/test/image-asset.test.ts @@ -192,8 +192,8 @@ describe('image asset', () => { const session = app.synth(); - expect(fs.existsSync(path.join(session.directory, `asset.${image.sourceHash}`, 'Dockerfile'))).toBeDefined(); - expect(fs.existsSync(path.join(session.directory, `asset.${image.sourceHash}`, 'index.py'))).toBeDefined(); + expect(fs.existsSync(path.join(session.directory, `asset.${image.assetHash}`, 'Dockerfile'))).toBeDefined(); + expect(fs.existsSync(path.join(session.directory, `asset.${image.assetHash}`, 'index.py'))).toBeDefined(); }); @@ -214,16 +214,16 @@ describe('image asset', () => { const session = app.synth(); // Only the files exempted above should be included. - expect(fs.existsSync(path.join(session.directory, `asset.${image.sourceHash}`, '.dockerignore'))).toBeDefined(); - expect(fs.existsSync(path.join(session.directory, `asset.${image.sourceHash}`, 'Dockerfile'))).toBeDefined(); - expect(fs.existsSync(path.join(session.directory, `asset.${image.sourceHash}`, 'index.py'))).toBeDefined(); - expect(fs.existsSync(path.join(session.directory, `asset.${image.sourceHash}`, 'foobar.txt'))).toBeDefined(); - expect(fs.existsSync(path.join(session.directory, `asset.${image.sourceHash}`, 'subdirectory'))).toBeDefined(); - expect(fs.existsSync(path.join(session.directory, `asset.${image.sourceHash}`, 'subdirectory', 'baz.txt'))).toBeDefined(); - expect(!fs.existsSync(path.join(session.directory, `asset.${image.sourceHash}`, 'node_modules'))).toBeDefined(); - expect(!fs.existsSync(path.join(session.directory, `asset.${image.sourceHash}`, 'node_modules', 'one'))).toBeDefined(); - expect(!fs.existsSync(path.join(session.directory, `asset.${image.sourceHash}`, 'node_modules', 'some_dep'))).toBeDefined(); - expect(!fs.existsSync(path.join(session.directory, `asset.${image.sourceHash}`, 'node_modules', 'some_dep', 'file'))).toBeDefined(); + expect(fs.existsSync(path.join(session.directory, `asset.${image.assetHash}`, '.dockerignore'))).toBeDefined(); + expect(fs.existsSync(path.join(session.directory, `asset.${image.assetHash}`, 'Dockerfile'))).toBeDefined(); + expect(fs.existsSync(path.join(session.directory, `asset.${image.assetHash}`, 'index.py'))).toBeDefined(); + expect(fs.existsSync(path.join(session.directory, `asset.${image.assetHash}`, 'foobar.txt'))).toBeDefined(); + expect(fs.existsSync(path.join(session.directory, `asset.${image.assetHash}`, 'subdirectory'))).toBeDefined(); + expect(fs.existsSync(path.join(session.directory, `asset.${image.assetHash}`, 'subdirectory', 'baz.txt'))).toBeDefined(); + expect(!fs.existsSync(path.join(session.directory, `asset.${image.assetHash}`, 'node_modules'))).toBeDefined(); + expect(!fs.existsSync(path.join(session.directory, `asset.${image.assetHash}`, 'node_modules', 'one'))).toBeDefined(); + expect(!fs.existsSync(path.join(session.directory, `asset.${image.assetHash}`, 'node_modules', 'some_dep'))).toBeDefined(); + expect(!fs.existsSync(path.join(session.directory, `asset.${image.assetHash}`, 'node_modules', 'some_dep', 'file'))).toBeDefined(); }); @@ -283,13 +283,13 @@ describe('image asset', () => { const asset6 = new DockerImageAsset(stack, 'Asset6', { directory, extraHash: 'random-extra' }); const asset7 = new DockerImageAsset(stack, 'Asset7', { directory, repositoryName: 'foo' }); - expect(asset1.sourceHash).toEqual('ab01ecd4419f59e1ec0ac9e57a60dbb653be68a29af0223fa8cb24b4b747bc73'); - expect(asset2.sourceHash).toEqual('7fb12f6148098e3f5c56c788a865d2af689125ead403b795fe6a262ec34384b3'); - expect(asset3.sourceHash).toEqual('fc3b6d802ba198ba2ee55079dbef27682bcd1288d5849eb5bbd5cd69038359b3'); - expect(asset4.sourceHash).toEqual('30439ea6dfeb4ddfd9175097286895c78393ef52a78c68f92db08abc4513cad6'); - expect(asset5.sourceHash).toEqual('5775170880e26ba31799745241b90d4340c674bb3b1c01d758e416ee3f1c386f'); - expect(asset6.sourceHash).toEqual('ba82fd351a4d3e3f5c5d948b9948e7e829badc3da90f97e00bb7724afbeacfd4'); - expect(asset7.sourceHash).toEqual('26ec194928431cab6ec5af24ea9f01af2cf7b20e361128b07b2a7405d2951f95'); + expect(asset1.assetHash).toEqual('ab01ecd4419f59e1ec0ac9e57a60dbb653be68a29af0223fa8cb24b4b747bc73'); + expect(asset2.assetHash).toEqual('7fb12f6148098e3f5c56c788a865d2af689125ead403b795fe6a262ec34384b3'); + expect(asset3.assetHash).toEqual('fc3b6d802ba198ba2ee55079dbef27682bcd1288d5849eb5bbd5cd69038359b3'); + expect(asset4.assetHash).toEqual('30439ea6dfeb4ddfd9175097286895c78393ef52a78c68f92db08abc4513cad6'); + expect(asset5.assetHash).toEqual('5775170880e26ba31799745241b90d4340c674bb3b1c01d758e416ee3f1c386f'); + expect(asset6.assetHash).toEqual('ba82fd351a4d3e3f5c5d948b9948e7e829badc3da90f97e00bb7724afbeacfd4'); + expect(asset7.assetHash).toEqual('26ec194928431cab6ec5af24ea9f01af2cf7b20e361128b07b2a7405d2951f95'); }); }); @@ -304,12 +304,12 @@ function testDockerDirectoryIsStagedWithoutFilesSpecifiedInDockerignore(app: App const session = app.synth(); // .dockerignore itself should be included in output to be processed during docker build - expect(fs.existsSync(path.join(session.directory, `asset.${image.sourceHash}`, '.dockerignore'))).toBeDefined(); - expect(fs.existsSync(path.join(session.directory, `asset.${image.sourceHash}`, 'Dockerfile'))).toBeDefined(); - expect(fs.existsSync(path.join(session.directory, `asset.${image.sourceHash}`, 'index.py'))).toBeDefined(); - expect(!fs.existsSync(path.join(session.directory, `asset.${image.sourceHash}`, 'foobar.txt'))).toBeDefined(); - expect(fs.existsSync(path.join(session.directory, `asset.${image.sourceHash}`, 'subdirectory'))).toBeDefined(); - expect(fs.existsSync(path.join(session.directory, `asset.${image.sourceHash}`, 'subdirectory', 'baz.txt'))).toBeDefined(); + expect(fs.existsSync(path.join(session.directory, `asset.${image.assetHash}`, '.dockerignore'))).toBeDefined(); + expect(fs.existsSync(path.join(session.directory, `asset.${image.assetHash}`, 'Dockerfile'))).toBeDefined(); + expect(fs.existsSync(path.join(session.directory, `asset.${image.assetHash}`, 'index.py'))).toBeDefined(); + expect(!fs.existsSync(path.join(session.directory, `asset.${image.assetHash}`, 'foobar.txt'))).toBeDefined(); + expect(fs.existsSync(path.join(session.directory, `asset.${image.assetHash}`, 'subdirectory'))).toBeDefined(); + expect(fs.existsSync(path.join(session.directory, `asset.${image.assetHash}`, 'subdirectory', 'baz.txt'))).toBeDefined(); } @@ -324,12 +324,12 @@ function testDockerDirectoryIsStagedWithoutFilesSpecifiedInExcludeOption(app: Ap const session = app.synth(); - expect(fs.existsSync(path.join(session.directory, `asset.${image.sourceHash}`, '.dockerignore'))).toBeDefined(); - expect(fs.existsSync(path.join(session.directory, `asset.${image.sourceHash}`, 'Dockerfile'))).toBeDefined(); - expect(fs.existsSync(path.join(session.directory, `asset.${image.sourceHash}`, 'index.py'))).toBeDefined(); - expect(!fs.existsSync(path.join(session.directory, `asset.${image.sourceHash}`, 'foobar.txt'))).toBeDefined(); - expect(!fs.existsSync(path.join(session.directory, `asset.${image.sourceHash}`, 'subdirectory'))).toBeDefined(); - expect(!fs.existsSync(path.join(session.directory, `asset.${image.sourceHash}`, 'subdirectory', 'baz.txt'))).toBeDefined(); + expect(fs.existsSync(path.join(session.directory, `asset.${image.assetHash}`, '.dockerignore'))).toBeDefined(); + expect(fs.existsSync(path.join(session.directory, `asset.${image.assetHash}`, 'Dockerfile'))).toBeDefined(); + expect(fs.existsSync(path.join(session.directory, `asset.${image.assetHash}`, 'index.py'))).toBeDefined(); + expect(!fs.existsSync(path.join(session.directory, `asset.${image.assetHash}`, 'foobar.txt'))).toBeDefined(); + expect(!fs.existsSync(path.join(session.directory, `asset.${image.assetHash}`, 'subdirectory'))).toBeDefined(); + expect(!fs.existsSync(path.join(session.directory, `asset.${image.assetHash}`, 'subdirectory', 'baz.txt'))).toBeDefined(); } diff --git a/packages/@aws-cdk/aws-events-targets/lib/event-bus.ts b/packages/@aws-cdk/aws-events-targets/lib/event-bus.ts index 1d07261a8eace..8237b8cdd7993 100644 --- a/packages/@aws-cdk/aws-events-targets/lib/event-bus.ts +++ b/packages/@aws-cdk/aws-events-targets/lib/event-bus.ts @@ -24,13 +24,12 @@ export class EventBus implements events.IRuleTarget { this.role = props.role; } - bind(rule: events.IRule, id?: string): events.RuleTargetConfig { + bind(rule: events.IRule, _id?: string): events.RuleTargetConfig { if (this.role) { this.role.addToPrincipalPolicy(this.putEventStatement()); } const role = this.role ?? singletonEventRole(rule, [this.putEventStatement()]); return { - id: id ?? '', arn: this.eventBus.eventBusArn, role, }; diff --git a/packages/@aws-cdk/aws-lambda-nodejs/lib/bundling.ts b/packages/@aws-cdk/aws-lambda-nodejs/lib/bundling.ts index 536ca1ea7646a..8d4ce3e7261d6 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/lib/bundling.ts +++ b/packages/@aws-cdk/aws-lambda-nodejs/lib/bundling.ts @@ -48,7 +48,7 @@ export class Bundling implements cdk.BundlingOptions { private static runsLocally?: boolean; // Core bundling options - public readonly image: cdk.BundlingDockerImage; + public readonly image: cdk.DockerImage; public readonly command: string[]; public readonly environment?: { [key: string]: string }; public readonly workingDirectory: string; @@ -78,14 +78,14 @@ export class Bundling implements cdk.BundlingOptions { // Docker bundling const shouldBuildImage = props.forceDockerBundling || !Bundling.runsLocally; this.image = shouldBuildImage - ? props.dockerImage ?? cdk.BundlingDockerImage.fromAsset(path.join(__dirname, '../lib'), { + ? props.dockerImage ?? cdk.DockerImage.fromBuild(path.join(__dirname, '../lib'), { buildArgs: { ...props.buildArgs ?? {}, IMAGE: props.runtime.bundlingDockerImage.image, ESBUILD_VERSION: props.esbuildVersion ?? ESBUILD_VERSION, }, }) - : cdk.BundlingDockerImage.fromRegistry('dummy'); // Do not build if we don't need to + : cdk.DockerImage.fromRegistry('dummy'); // Do not build if we don't need to const bundlingCommand = this.createBundlingCommand(cdk.AssetStaging.BUNDLING_INPUT_DIR, cdk.AssetStaging.BUNDLING_OUTPUT_DIR); this.command = ['bash', '-c', bundlingCommand]; diff --git a/packages/@aws-cdk/aws-lambda-nodejs/lib/types.ts b/packages/@aws-cdk/aws-lambda-nodejs/lib/types.ts index 537523abb4f3b..6752d8ca725a1 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/lib/types.ts +++ b/packages/@aws-cdk/aws-lambda-nodejs/lib/types.ts @@ -1,4 +1,4 @@ -import { BundlingDockerImage } from '@aws-cdk/core'; +import { DockerImage } from '@aws-cdk/core'; /** * Bundling options @@ -200,7 +200,7 @@ export interface BundlingOptions { * * @default - use the Docker image provided by @aws-cdk/aws-lambda-nodejs */ - readonly dockerImage?: BundlingDockerImage; + readonly dockerImage?: DockerImage; /** * Command hooks diff --git a/packages/@aws-cdk/aws-lambda-nodejs/test/bundling.test.ts b/packages/@aws-cdk/aws-lambda-nodejs/test/bundling.test.ts index e6c32c496b2ff..f6c373831526c 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/test/bundling.test.ts +++ b/packages/@aws-cdk/aws-lambda-nodejs/test/bundling.test.ts @@ -2,7 +2,7 @@ import * as child_process from 'child_process'; import * as os from 'os'; import * as path from 'path'; import { Code, Runtime } from '@aws-cdk/aws-lambda'; -import { AssetHashType, BundlingDockerImage } from '@aws-cdk/core'; +import { AssetHashType, DockerImage } from '@aws-cdk/core'; import { version as delayVersion } from 'delay/package.json'; import { Bundling } from '../lib/bundling'; import { LogLevel } from '../lib/types'; @@ -11,7 +11,7 @@ import * as util from '../lib/util'; jest.mock('@aws-cdk/aws-lambda'); // Mock BundlingDockerImage.fromAsset() to avoid building the image -let fromAssetMock = jest.spyOn(BundlingDockerImage, 'fromAsset'); +let fromAssetMock = jest.spyOn(DockerImage, 'fromBuild'); let getEsBuildVersionMock = jest.spyOn(util, 'getEsBuildVersion'); beforeEach(() => { jest.clearAllMocks(); @@ -290,7 +290,7 @@ test('Custom bundling docker image', () => { entry, depsLockFilePath, runtime: Runtime.NODEJS_12_X, - dockerImage: BundlingDockerImage.fromRegistry('my-custom-image'), + dockerImage: DockerImage.fromRegistry('my-custom-image'), forceDockerBundling: true, }); diff --git a/packages/@aws-cdk/aws-lambda-python/lib/bundling.ts b/packages/@aws-cdk/aws-lambda-python/lib/bundling.ts index a4446611d9a9d..5a3228a78fef7 100644 --- a/packages/@aws-cdk/aws-lambda-python/lib/bundling.ts +++ b/packages/@aws-cdk/aws-lambda-python/lib/bundling.ts @@ -98,7 +98,7 @@ export function bundle(options: BundlingOptions): lambda.Code { // copy Dockerfile to workdir fs.copyFileSync(path.join(__dirname, dockerfile), path.join(stagedir, dockerfile)); - const image = cdk.BundlingDockerImage.fromAsset(stagedir, { + const image = cdk.DockerImage.fromBuild(stagedir, { buildArgs: { IMAGE: runtime.bundlingDockerImage.image, }, diff --git a/packages/@aws-cdk/aws-lambda/lib/runtime.ts b/packages/@aws-cdk/aws-lambda/lib/runtime.ts index 0f26813b8c4a9..bb24fbba9eeae 100644 --- a/packages/@aws-cdk/aws-lambda/lib/runtime.ts +++ b/packages/@aws-cdk/aws-lambda/lib/runtime.ts @@ -1,4 +1,4 @@ -import { BundlingDockerImage } from '@aws-cdk/core'; +import { BundlingDockerImage, DockerImage } from '@aws-cdk/core'; export interface LambdaRuntimeProps { /** @@ -218,7 +218,7 @@ export class Runtime { this.supportsInlineCode = !!props.supportsInlineCode; this.family = family; const imageName = props.bundlingDockerImage ?? `amazon/aws-sam-cli-build-image-${name}`; - this.bundlingDockerImage = BundlingDockerImage.fromRegistry(imageName); + this.bundlingDockerImage = DockerImage.fromRegistry(imageName); this.supportsCodeGuruProfiling = props.supportsCodeGuruProfiling ?? false; Runtime.ALL.push(this); diff --git a/packages/@aws-cdk/aws-s3-assets/lib/asset.ts b/packages/@aws-cdk/aws-s3-assets/lib/asset.ts index 510834a61c634..aa99ab67e40a3 100644 --- a/packages/@aws-cdk/aws-s3-assets/lib/asset.ts +++ b/packages/@aws-cdk/aws-s3-assets/lib/asset.ts @@ -1,5 +1,4 @@ import * as path from 'path'; -import * as assets from '@aws-cdk/assets'; import * as iam from '@aws-cdk/aws-iam'; import * as kms from '@aws-cdk/aws-kms'; import * as s3 from '@aws-cdk/aws-s3'; @@ -8,11 +7,14 @@ import * as cxapi from '@aws-cdk/cx-api'; import { Construct } from 'constructs'; import { toSymlinkFollow } from './compat'; +// keep this import separate from other imports to reduce chance for merge conflicts with v2-main +// eslint-disable-next-line no-duplicate-imports, import/order +import { CopyOptions } from '@aws-cdk/assets'; // keep this import separate from other imports to reduce chance for merge conflicts with v2-main // eslint-disable-next-line no-duplicate-imports, import/order import { Construct as CoreConstruct } from '@aws-cdk/core'; -export interface AssetOptions extends assets.CopyOptions, cdk.AssetOptions { +export interface AssetOptions extends CopyOptions, cdk.AssetOptions { /** * A list of principals that should be able to read this asset from S3. * You can use `asset.grantRead(principal)` to grant read permissions later. diff --git a/packages/@aws-cdk/aws-s3-assets/test/integ.assets.bundling.lit.ts b/packages/@aws-cdk/aws-s3-assets/test/integ.assets.bundling.lit.ts index 38cfe5c2d1e46..a62554bab726a 100644 --- a/packages/@aws-cdk/aws-s3-assets/test/integ.assets.bundling.lit.ts +++ b/packages/@aws-cdk/aws-s3-assets/test/integ.assets.bundling.lit.ts @@ -1,6 +1,6 @@ import * as path from 'path'; import * as iam from '@aws-cdk/aws-iam'; -import { App, BundlingDockerImage, Stack, StackProps } from '@aws-cdk/core'; +import { App, DockerImage, Stack, StackProps } from '@aws-cdk/core'; import { Construct } from 'constructs'; import * as assets from '../lib'; @@ -12,7 +12,7 @@ class TestStack extends Stack { const asset = new assets.Asset(this, 'BundledAsset', { path: path.join(__dirname, 'markdown-asset'), // /asset-input and working directory in the container bundling: { - image: BundlingDockerImage.fromAsset(path.join(__dirname, 'alpine-markdown')), // Build an image + image: DockerImage.fromBuild(path.join(__dirname, 'alpine-markdown')), // Build an image command: [ 'sh', '-c', ` markdown index.md > /asset-output/index.html diff --git a/packages/@aws-cdk/aws-s3/lib/bucket.ts b/packages/@aws-cdk/aws-s3/lib/bucket.ts index ef1cda8a32f1b..bfaa85206ae86 100644 --- a/packages/@aws-cdk/aws-s3/lib/bucket.ts +++ b/packages/@aws-cdk/aws-s3/lib/bucket.ts @@ -1829,7 +1829,7 @@ export class Bucket extends BucketBase { private enableAutoDeleteObjects() { const provider = CustomResourceProvider.getOrCreateProvider(this, AUTO_DELETE_OBJECTS_RESOURCE_TYPE, { codeDirectory: path.join(__dirname, 'auto-delete-objects-handler'), - runtime: CustomResourceProviderRuntime.NODEJS_12, + runtime: CustomResourceProviderRuntime.NODEJS_12_X, description: `Lambda function for auto-deleting objects in ${this.bucketName} S3 bucket.`, }); diff --git a/packages/@aws-cdk/core/lib/bundling.ts b/packages/@aws-cdk/core/lib/bundling.ts index e3c1458aa0ab9..a9567fe6e464e 100644 --- a/packages/@aws-cdk/core/lib/bundling.ts +++ b/packages/@aws-cdk/core/lib/bundling.ts @@ -146,7 +146,7 @@ export class BundlingDockerImage { * @param image the image name */ public static fromRegistry(image: string) { - return new BundlingDockerImage(image); + return new DockerImage(image); } /** @@ -278,6 +278,49 @@ export class DockerImage extends BundlingDockerImage { public static fromBuild(path: string, options: DockerBuildOptions = {}) { return BundlingDockerImage.fromAsset(path, options); } + + /** + * Reference an image on DockerHub or another online registry. + * + * @param image the image name + */ + public static fromRegistry(image: string) { + return new DockerImage(image); + } + + /** @param image The Docker image */ + constructor(public readonly image: string, _imageHash?: string) { + super(image, _imageHash); + } + + /** + * Provides a stable representation of this image for JSON serialization. + * + * @return The overridden image name if set or image hash name in that order + */ + public toJSON() { + return super.toJSON(); + } + + /** + * Runs a Docker image + */ + public run(options: DockerRunOptions = {}) { + return super.run(options); + } + + /** + * Copies a file or directory out of the Docker image to the local filesystem. + * + * If `outputPath` is omitted the destination path is a temporary directory. + * + * @param imagePath the path in the Docker image + * @param outputPath the destination path for the copy operation + * @returns the destination path + */ + public cp(imagePath: string, outputPath?: string): string { + return super.cp(imagePath, outputPath); + } } /** diff --git a/packages/@aws-cdk/cx-api/lib/cloud-assembly.ts b/packages/@aws-cdk/cx-api/lib/cloud-assembly.ts index 53fafe3d37049..08d8fcbcfbbc0 100644 --- a/packages/@aws-cdk/cx-api/lib/cloud-assembly.ts +++ b/packages/@aws-cdk/cx-api/lib/cloud-assembly.ts @@ -49,7 +49,7 @@ export class CloudAssembly { constructor(directory: string) { this.directory = directory; - this.manifest = cxschema.Manifest.load(path.join(directory, MANIFEST_FILE)); + this.manifest = cxschema.Manifest.loadAssemblyManifest(path.join(directory, MANIFEST_FILE)); this.version = this.manifest.version; this.artifacts = this.renderArtifacts(); this.runtime = this.manifest.runtime || { libraries: { } }; @@ -303,7 +303,7 @@ export class CloudAssemblyBuilder { manifest = filterUndefined(manifest); const manifestFilePath = path.join(this.outdir, MANIFEST_FILE); - cxschema.Manifest.save(manifest, manifestFilePath); + cxschema.Manifest.saveAssemblyManifest(manifest, manifestFilePath); // "backwards compatibility": in order for the old CLI to tell the user they // need a new version, we'll emit the legacy manifest with only "version". From 182685df16e5c108abb65f878ced63b7d5c3bd4f Mon Sep 17 00:00:00 2001 From: Rico Huijbers Date: Wed, 24 Mar 2021 18:14:47 +0100 Subject: [PATCH 020/260] chore: un-jsii and bundle `@aws-cdk/yaml-cfn` (#13699) The `yaml-cfn` library is used as an implementation detail of `cloudformation-include`, `aws-cdk`, `decdk`, and the monopackages. Un-jsii it and bundle it into the framework packages that need it. Does not need to be accessed over jsii and does not need to be exposed in the monopackages. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- package.json | 12 ++++ packages/@aws-cdk/aws-codebuild/package.json | 4 +- .../cloudformation-include/package.json | 4 +- packages/@aws-cdk/yaml-cfn/.gitignore | 3 +- packages/@aws-cdk/yaml-cfn/package.json | 26 -------- packages/@aws-cdk/yaml-cfn/tsconfig.json | 24 +++++++ packages/aws-cdk-lib/package.json | 2 + packages/decdk/test/schema.test.ts | 2 +- packages/monocdk/package.json | 2 + tools/nodeunit-shim/index.ts | 2 +- tools/pkglint/bin/pkglint.ts | 12 +++- tools/pkglint/lib/packagejson.ts | 2 +- tools/pkglint/lib/rules.ts | 63 ++++++++++++++++--- tools/pkglint/lib/util.ts | 36 +++++++++++ 14 files changed, 151 insertions(+), 43 deletions(-) create mode 100644 packages/@aws-cdk/yaml-cfn/tsconfig.json diff --git a/package.json b/package.json index 6dad27d90e51f..c79dbb9cfa2ff 100644 --- a/package.json +++ b/package.json @@ -51,6 +51,9 @@ "nohoist": [ "**/jszip", "**/jszip/**", + "@aws-cdk/aws-codebuild/@aws-cdk/yaml-cfn", + "@aws-cdk/aws-codebuild/@aws-cdk/yaml-cfn/yaml", + "@aws-cdk/aws-codebuild/@aws-cdk/yaml-cfn/yaml/**", "@aws-cdk/aws-codepipeline-actions/case", "@aws-cdk/aws-codepipeline-actions/case/**", "@aws-cdk/aws-cognito/punycode", @@ -63,6 +66,9 @@ "@aws-cdk/cloud-assembly-schema/jsonschema/**", "@aws-cdk/cloud-assembly-schema/semver", "@aws-cdk/cloud-assembly-schema/semver/**", + "@aws-cdk/cloudformation-include/@aws-cdk/yaml-cfn", + "@aws-cdk/cloudformation-include/@aws-cdk/yaml-cfn/yaml", + "@aws-cdk/cloudformation-include/@aws-cdk/yaml-cfn/yaml/**", "@aws-cdk/core/@balena/dockerignore", "@aws-cdk/core/@balena/dockerignore/**", "@aws-cdk/core/fs-extra", @@ -75,6 +81,9 @@ "@aws-cdk/cx-api/semver/**", "@aws-cdk/yaml-cfn/yaml", "@aws-cdk/yaml-cfn/yaml/**", + "aws-cdk-lib/@aws-cdk/yaml-cfn", + "aws-cdk-lib/@aws-cdk/yaml-cfn/yaml", + "aws-cdk-lib/@aws-cdk/yaml-cfn/yaml/**", "aws-cdk-lib/@balena/dockerignore", "aws-cdk-lib/@balena/dockerignore/**", "aws-cdk-lib/case", @@ -93,6 +102,9 @@ "aws-cdk-lib/semver/**", "aws-cdk-lib/yaml", "aws-cdk-lib/yaml/**", + "monocdk/@aws-cdk/yaml-cfn", + "monocdk/@aws-cdk/yaml-cfn/yaml", + "monocdk/@aws-cdk/yaml-cfn/yaml/**", "monocdk/@balena/dockerignore", "monocdk/@balena/dockerignore/**", "monocdk/case", diff --git a/packages/@aws-cdk/aws-codebuild/package.json b/packages/@aws-cdk/aws-codebuild/package.json index e09f4f68e5264..95dba59271449 100644 --- a/packages/@aws-cdk/aws-codebuild/package.json +++ b/packages/@aws-cdk/aws-codebuild/package.json @@ -103,6 +103,9 @@ "@aws-cdk/yaml-cfn": "0.0.0", "constructs": "^3.2.0" }, + "bundledDependencies": [ + "@aws-cdk/yaml-cfn" + ], "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/aws-cloudwatch": "0.0.0", @@ -119,7 +122,6 @@ "@aws-cdk/aws-secretsmanager": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/region-info": "0.0.0", - "@aws-cdk/yaml-cfn": "0.0.0", "constructs": "^3.2.0" }, "engines": { diff --git a/packages/@aws-cdk/cloudformation-include/package.json b/packages/@aws-cdk/cloudformation-include/package.json index c913b93bcdf41..c2ec62d8d0dc2 100644 --- a/packages/@aws-cdk/cloudformation-include/package.json +++ b/packages/@aws-cdk/cloudformation-include/package.json @@ -359,7 +359,6 @@ "@aws-cdk/aws-wafv2": "0.0.0", "@aws-cdk/aws-workspaces": "0.0.0", "@aws-cdk/core": "0.0.0", - "@aws-cdk/yaml-cfn": "0.0.0", "constructs": "^3.2.0" }, "devDependencies": { @@ -371,6 +370,9 @@ "pkglint": "0.0.0", "ts-jest": "^26.5.4" }, + "bundledDependencies": [ + "@aws-cdk/yaml-cfn" + ], "keywords": [ "aws", "cdk", diff --git a/packages/@aws-cdk/yaml-cfn/.gitignore b/packages/@aws-cdk/yaml-cfn/.gitignore index bb785cfb74f08..8b9c845e5d12a 100644 --- a/packages/@aws-cdk/yaml-cfn/.gitignore +++ b/packages/@aws-cdk/yaml-cfn/.gitignore @@ -3,7 +3,6 @@ *.d.ts node_modules dist -tsconfig.json .jsii .LAST_BUILD @@ -15,4 +14,4 @@ nyc.config.js !.eslintrc.js !jest.config.js -junit.xml \ No newline at end of file +junit.xml diff --git a/packages/@aws-cdk/yaml-cfn/package.json b/packages/@aws-cdk/yaml-cfn/package.json index 7fc68d44a23af..842455998dad5 100644 --- a/packages/@aws-cdk/yaml-cfn/package.json +++ b/packages/@aws-cdk/yaml-cfn/package.json @@ -23,32 +23,6 @@ "cloudformation", "yaml" ], - "jsii": { - "outdir": "dist", - "targets": { - "java": { - "package": "software.amazon.awscdk.yaml.cfn", - "maven": { - "groupId": "software.amazon.awscdk", - "artifactId": "cdk-yaml-cfn" - } - }, - "dotnet": { - "namespace": "Amazon.CDK.Yaml.Cfn", - "packageId": "Amazon.CDK.Yaml.Cfn", - "iconUrl": "https://raw.githubusercontent.com/aws/aws-cdk/master/logo/default-256-dark.png" - }, - "python": { - "distName": "aws-cdk.yaml-cfn", - "module": "aws_cdk.yaml_cfn", - "classifiers": [ - "Framework :: AWS CDK", - "Framework :: AWS CDK :: 1" - ] - } - }, - "projectReferences": true - }, "scripts": { "build": "cdk-build", "watch": "cdk-watch", diff --git a/packages/@aws-cdk/yaml-cfn/tsconfig.json b/packages/@aws-cdk/yaml-cfn/tsconfig.json new file mode 100644 index 0000000000000..5e75173fa8734 --- /dev/null +++ b/packages/@aws-cdk/yaml-cfn/tsconfig.json @@ -0,0 +1,24 @@ +{ + "compilerOptions": { + "target":"ES2018", + "module": "commonjs", + "lib": ["es2016", "es2017.object", "es2017.string"], + "declaration": true, + "composite": true, + "strict": true, + "noImplicitAny": true, + "strictNullChecks": true, + "noImplicitThis": true, + "alwaysStrict": true, + "noUnusedLocals": true, + "noUnusedParameters": true, + "noImplicitReturns": true, + "noFallthroughCasesInSwitch": false, + "inlineSourceMap": true, + "inlineSources": true, + "experimentalDecorators": true, + "strictPropertyInitialization":false + }, + "include": ["**/*.ts" ], + "exclude": ["node_modules"] +} diff --git a/packages/aws-cdk-lib/package.json b/packages/aws-cdk-lib/package.json index b0c8139bda0ed..97131ef9ff57f 100644 --- a/packages/aws-cdk-lib/package.json +++ b/packages/aws-cdk-lib/package.json @@ -77,6 +77,7 @@ }, "license": "Apache-2.0", "bundledDependencies": [ + "@aws-cdk/yaml-cfn", "@balena/dockerignore", "case", "fs-extra", @@ -88,6 +89,7 @@ "yaml" ], "dependencies": { + "@aws-cdk/yaml-cfn": "0.0.0", "@balena/dockerignore": "^1.0.2", "case": "1.6.3", "fs-extra": "^9.1.0", diff --git a/packages/decdk/test/schema.test.ts b/packages/decdk/test/schema.test.ts index 7b097dcc9fcbe..84888d94b365b 100644 --- a/packages/decdk/test/schema.test.ts +++ b/packages/decdk/test/schema.test.ts @@ -79,7 +79,7 @@ test('schemaForInterface: interface with primitives', async () => { * are propagated outwards. */ function spawn(command: string, options: SpawnOptions | undefined) { - return new Promise((resolve, reject) => { + return new Promise((resolve, reject) => { const cp = spawnAsync(command, [], { stdio: 'inherit', ...options }); cp.on('error', reject); diff --git a/packages/monocdk/package.json b/packages/monocdk/package.json index b52c2bec922a5..f98dd437ffbf3 100644 --- a/packages/monocdk/package.json +++ b/packages/monocdk/package.json @@ -82,6 +82,7 @@ }, "license": "Apache-2.0", "bundledDependencies": [ + "@aws-cdk/yaml-cfn", "@balena/dockerignore", "case", "fs-extra", @@ -93,6 +94,7 @@ "yaml" ], "dependencies": { + "@aws-cdk/yaml-cfn": "0.0.0", "@balena/dockerignore": "^1.0.2", "case": "1.6.3", "fs-extra": "^9.1.0", diff --git a/tools/nodeunit-shim/index.ts b/tools/nodeunit-shim/index.ts index 8ba50bedefefd..1c4ee174ff229 100644 --- a/tools/nodeunit-shim/index.ts +++ b/tools/nodeunit-shim/index.ts @@ -81,7 +81,7 @@ export function nodeunitShim(exports: Record) { }); } else { // It's a test - test(testName, () => new Promise(ok => { + test(testName, () => new Promise(ok => { testObj(new Test(ok)); })); } diff --git a/tools/pkglint/bin/pkglint.ts b/tools/pkglint/bin/pkglint.ts index 0b5cd61ef1649..31cf7f5d2c74d 100644 --- a/tools/pkglint/bin/pkglint.ts +++ b/tools/pkglint/bin/pkglint.ts @@ -24,8 +24,16 @@ async function main(): Promise { const pkgs = findPackageJsons(argv.directory as string); - rules.forEach(rule => pkgs.filter(pkg => pkg.shouldApply(rule)).forEach(pkg => rule.prepare(pkg))); - rules.forEach(rule => pkgs.filter(pkg => pkg.shouldApply(rule)).forEach(pkg => rule.validate(pkg))); + for (const rule of rules) { + for (const pkg of pkgs.filter(pkg => pkg.shouldApply(rule))) { + rule.prepare(pkg); + } + } + for (const rule of rules) { + for (const pkg of pkgs.filter(pkg => pkg.shouldApply(rule))) { + await rule.validate(pkg); + } + } if (argv.fix) { pkgs.forEach(pkg => pkg.applyFixes()); diff --git a/tools/pkglint/lib/packagejson.ts b/tools/pkglint/lib/packagejson.ts index a59e8f1c6e307..7a7375fbe6fab 100644 --- a/tools/pkglint/lib/packagejson.ts +++ b/tools/pkglint/lib/packagejson.ts @@ -361,5 +361,5 @@ export abstract class ValidationRule { /** * Will be executed for every package definition once, should mutate the package object */ - public abstract validate(pkg: PackageJson): void; + public abstract validate(pkg: PackageJson): void | Promise; } diff --git a/tools/pkglint/lib/rules.ts b/tools/pkglint/lib/rules.ts index 1dd32c1c96392..b91e7954f352d 100644 --- a/tools/pkglint/lib/rules.ts +++ b/tools/pkglint/lib/rules.ts @@ -1,6 +1,7 @@ import * as fs from 'fs'; import * as path from 'path'; import * as caseUtils from 'case'; +import * as fse from 'fs-extra'; import * as glob from 'glob'; import * as semver from 'semver'; import { LICENSE, NOTICE } from './licensing'; @@ -11,6 +12,7 @@ import { fileShouldBe, fileShouldBeginWith, fileShouldContain, fileShouldNotContain, findInnerPackages, + findPackageDir, monoRepoRoot, } from './util'; @@ -1370,25 +1372,42 @@ export class FastFailingBuildScripts extends ValidationRule { } } +/** + * For every bundled dependency, we need to make sure that package and all of its transitive dependencies are nohoisted + * + * Bundling literally works by including `/node_modules/` into + * the tarball when `npm pack` is run, and if that directory does not exist at + * that exact location (because it has been hoisted) then NPM shrugs its + * shoulders and the dependency will be missing from the distribution. + * + * -- + * + * We also must not forget to nohoist transitive dependencies. Strictly + * speaking, we need to only hoist transitive *runtime* dependencies (`dependencies`, not + * `devDependencies`). + * + * For 3rd party deps, there is no difference and we short-circuit by adding a + * catch-all glob (`/node_modules//**`), but for in-repo bundled + * dependencies, we DO need the `devDependencies` installed as per normal and + * only the transitive runtime dependencies nohoisted (recursively). + */ export class YarnNohoistBundledDependencies extends ValidationRule { public readonly name = 'yarn/nohoist-bundled-dependencies'; - public validate(pkg: PackageJson) { + public async validate(pkg: PackageJson) { const bundled: string[] = pkg.json.bundleDependencies || pkg.json.bundledDependencies || []; - if (bundled.length === 0) { return; } const repoPackageJson = path.resolve(__dirname, '../../../package.json'); + const nohoist = new Set(require(repoPackageJson).workspaces.nohoist); // eslint-disable-line @typescript-eslint/no-require-imports - const nohoist: string[] = require(repoPackageJson).workspaces.nohoist; // eslint-disable-line @typescript-eslint/no-require-imports + const expectedNoHoistEntries = new Array(); - const missing = new Array(); for (const dep of bundled) { - for (const entry of [`${pkg.packageName}/${dep}`, `${pkg.packageName}/${dep}/**`]) { - if (nohoist.indexOf(entry) >= 0) { continue; } - missing.push(entry); - } + await noHoistDependency(pkg.packageName, dep, pkg.packageRoot); } + const missing = expectedNoHoistEntries.filter(entry => !nohoist.has(entry)); + if (missing.length > 0) { pkg.report({ ruleName: this.name, @@ -1400,6 +1419,23 @@ export class YarnNohoistBundledDependencies extends ValidationRule { }, }); } + + async function noHoistDependency(parentPackageHierarchy: string, depName: string, parentPackageDir: string) { + expectedNoHoistEntries.push(`${parentPackageHierarchy}/${depName}`); + + const dependencyDir = await findPackageDir(depName, parentPackageDir); + if (!isMonoRepoPackageDir(dependencyDir)) { + // Not one of ours, so we can just ignore everything underneath as well + expectedNoHoistEntries.push(`${parentPackageHierarchy}/${depName}/**`); + return; + } + + // A monorepo package, recurse into dependencies (but not devDependencies) + const packageJson = await fse.readJson(path.join(dependencyDir, 'package.json')); + for (const dep of Object.keys(packageJson.dependencies ?? {})) { + await noHoistDependency(`${parentPackageHierarchy}/${depName}`, dep, dependencyDir); + } + } } } @@ -1669,3 +1705,14 @@ function cdkMajorVersion() { const releaseJson = require(`${__dirname}/../../../release.json`); return releaseJson.majorVersion as number; } + +/** + * Whether this is a package in the monorepo or not + * + * We're going to be cheeky and not do too much analysis, and say that + * a package that has `/node_modules/` in the directory name is NOT in the + * monorepo, otherwise it is. + */ +function isMonoRepoPackageDir(packageDir: string) { + return path.resolve(packageDir).indexOf(`${path.sep}node_modules${path.sep}`) === -1; +} \ No newline at end of file diff --git a/tools/pkglint/lib/util.ts b/tools/pkglint/lib/util.ts index 10b4415a6c3ca..fe56512113ec2 100644 --- a/tools/pkglint/lib/util.ts +++ b/tools/pkglint/lib/util.ts @@ -190,3 +190,39 @@ export function* findInnerPackages(dir: string): IterableIterator { yield* findInnerPackages(path.join(dir, fname)); } } + +/** + * Find package directory + * + * Do this by walking upwards in the directory tree until we find + * `/node_modules//package.json`. + * + * ------- + * + * Things that we tried but don't work: + * + * 1. require.resolve(`${depName}/package.json`, { paths: [rootDir] }); + * + * Breaks with ES Modules if `package.json` has not been exported, which is + * being enforced starting Node12. + * + * 2. findPackageJsonUpwardFrom(require.resolve(depName, { paths: [rootDir] })) + * + * Breaks if a built-in NodeJS package name conflicts with an NPM package name + * (in Node15 `string_decoder` is introduced...) + */ +export async function findPackageDir(depName: string, rootDir: string) { + let prevDir; + let dir = rootDir; + while (dir !== prevDir) { + const candidateDir = path.join(dir, 'node_modules', depName); + if (await new Promise(ok => fs.exists(path.join(candidateDir, 'package.json'), ok))) { + return new Promise((ok, ko) => fs.realpath(candidateDir, (err, result) => err ? ko(err) : ok(result))); + } + + prevDir = dir; + dir = path.dirname(dir); // dirname('/') -> '/', dirname('c:\\') -> 'c:\\' + } + + throw new Error(`Did not find '${depName}' upwards of '${rootDir}'`); +} \ No newline at end of file From 41a2b2ef39a3d2b46ae6e2c6f3480e786e8022b9 Mon Sep 17 00:00:00 2001 From: AWS CDK Automation <43080478+aws-cdk-automation@users.noreply.github.com> Date: Wed, 24 Mar 2021 19:34:06 +0100 Subject: [PATCH 021/260] feat(cfnspec): cloudformation spec v31.1.0 (#13763) * feat: cloudformation spec v31.1.0 * chore: adding awslint exclusions for new attributes Co-authored-by: AWS CDK Team Co-authored-by: Nick Lynch Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> --- packages/@aws-cdk/aws-backup/package.json | 5 + packages/@aws-cdk/aws-fis/.eslintrc.js | 3 + packages/@aws-cdk/aws-fis/.gitignore | 19 + packages/@aws-cdk/aws-fis/.npmignore | 28 ++ packages/@aws-cdk/aws-fis/LICENSE | 201 ++++++++++ packages/@aws-cdk/aws-fis/NOTICE | 2 + packages/@aws-cdk/aws-fis/README.md | 20 + packages/@aws-cdk/aws-fis/jest.config.js | 2 + packages/@aws-cdk/aws-fis/lib/index.ts | 2 + packages/@aws-cdk/aws-fis/package.json | 100 +++++ packages/@aws-cdk/aws-fis/test/fis.test.ts | 6 + packages/@aws-cdk/aws-rds/package.json | 3 +- .../@aws-cdk/aws-s3objectlambda/.eslintrc.js | 3 + .../@aws-cdk/aws-s3objectlambda/.gitignore | 19 + .../@aws-cdk/aws-s3objectlambda/.npmignore | 28 ++ packages/@aws-cdk/aws-s3objectlambda/LICENSE | 201 ++++++++++ packages/@aws-cdk/aws-s3objectlambda/NOTICE | 2 + .../@aws-cdk/aws-s3objectlambda/README.md | 20 + .../aws-s3objectlambda/jest.config.js | 2 + .../@aws-cdk/aws-s3objectlambda/lib/index.ts | 2 + .../@aws-cdk/aws-s3objectlambda/package.json | 100 +++++ .../test/s3objectlambda.test.ts | 6 + packages/@aws-cdk/cfnspec/CHANGELOG.md | 58 +++ packages/@aws-cdk/cfnspec/cfn.version | 2 +- ...0_CloudFormationResourceSpecification.json | 354 ++++++++++++++++-- .../cloudformation-include/package.json | 4 + packages/aws-cdk-lib/package.json | 2 + packages/decdk/package.json | 2 + packages/monocdk/package.json | 2 + ...README-custom-resource-provider.ts-fixture | 18 + .../monocdk/rosetta/client-vpn.ts-fixture | 17 + packages/monocdk/rosetta/conns.ts-fixture | 26 ++ packages/monocdk/rosetta/default.ts-fixture | 65 ++++ .../monocdk/rosetta/with-batch-job.ts-fixture | 38 ++ .../monocdk/rosetta/with-channel.ts-fixture | 15 + .../monocdk/rosetta/with-cluster.ts-fixture | 19 + .../with-filesystem-instance.ts-fixture | 30 ++ .../rosetta/with-lambda-trigger.ts-fixture | 26 ++ packages/monocdk/rosetta/with-vpc.ts-fixture | 13 + 39 files changed, 1441 insertions(+), 24 deletions(-) create mode 100644 packages/@aws-cdk/aws-fis/.eslintrc.js create mode 100644 packages/@aws-cdk/aws-fis/.gitignore create mode 100644 packages/@aws-cdk/aws-fis/.npmignore create mode 100644 packages/@aws-cdk/aws-fis/LICENSE create mode 100644 packages/@aws-cdk/aws-fis/NOTICE create mode 100644 packages/@aws-cdk/aws-fis/README.md create mode 100644 packages/@aws-cdk/aws-fis/jest.config.js create mode 100644 packages/@aws-cdk/aws-fis/lib/index.ts create mode 100644 packages/@aws-cdk/aws-fis/package.json create mode 100644 packages/@aws-cdk/aws-fis/test/fis.test.ts create mode 100644 packages/@aws-cdk/aws-s3objectlambda/.eslintrc.js create mode 100644 packages/@aws-cdk/aws-s3objectlambda/.gitignore create mode 100644 packages/@aws-cdk/aws-s3objectlambda/.npmignore create mode 100644 packages/@aws-cdk/aws-s3objectlambda/LICENSE create mode 100644 packages/@aws-cdk/aws-s3objectlambda/NOTICE create mode 100644 packages/@aws-cdk/aws-s3objectlambda/README.md create mode 100644 packages/@aws-cdk/aws-s3objectlambda/jest.config.js create mode 100644 packages/@aws-cdk/aws-s3objectlambda/lib/index.ts create mode 100644 packages/@aws-cdk/aws-s3objectlambda/package.json create mode 100644 packages/@aws-cdk/aws-s3objectlambda/test/s3objectlambda.test.ts create mode 100644 packages/monocdk/rosetta/README-custom-resource-provider.ts-fixture create mode 100644 packages/monocdk/rosetta/client-vpn.ts-fixture create mode 100644 packages/monocdk/rosetta/conns.ts-fixture create mode 100644 packages/monocdk/rosetta/default.ts-fixture create mode 100644 packages/monocdk/rosetta/with-batch-job.ts-fixture create mode 100644 packages/monocdk/rosetta/with-channel.ts-fixture create mode 100644 packages/monocdk/rosetta/with-cluster.ts-fixture create mode 100644 packages/monocdk/rosetta/with-filesystem-instance.ts-fixture create mode 100644 packages/monocdk/rosetta/with-lambda-trigger.ts-fixture create mode 100644 packages/monocdk/rosetta/with-vpc.ts-fixture diff --git a/packages/@aws-cdk/aws-backup/package.json b/packages/@aws-cdk/aws-backup/package.json index 841f29f929f36..3fe228a5b79bb 100644 --- a/packages/@aws-cdk/aws-backup/package.json +++ b/packages/@aws-cdk/aws-backup/package.json @@ -106,6 +106,11 @@ "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" }, + "awslint": { + "exclude": [ + "resource-attribute:@aws-cdk/aws-backup.BackupSelection.backupSelectionId" + ] + }, "stability": "experimental", "maturity": "experimental", "awscdkio": { diff --git a/packages/@aws-cdk/aws-fis/.eslintrc.js b/packages/@aws-cdk/aws-fis/.eslintrc.js new file mode 100644 index 0000000000000..61dd8dd001f63 --- /dev/null +++ b/packages/@aws-cdk/aws-fis/.eslintrc.js @@ -0,0 +1,3 @@ +const baseConfig = require('cdk-build-tools/config/eslintrc'); +baseConfig.parserOptions.project = __dirname + '/tsconfig.json'; +module.exports = baseConfig; diff --git a/packages/@aws-cdk/aws-fis/.gitignore b/packages/@aws-cdk/aws-fis/.gitignore new file mode 100644 index 0000000000000..62ebc95d75ce6 --- /dev/null +++ b/packages/@aws-cdk/aws-fis/.gitignore @@ -0,0 +1,19 @@ +*.js +*.js.map +*.d.ts +tsconfig.json +node_modules +*.generated.ts +dist +.jsii + +.LAST_BUILD +.nyc_output +coverage +.nycrc +.LAST_PACKAGE +*.snk +nyc.config.js +!.eslintrc.js +!jest.config.js +junit.xml diff --git a/packages/@aws-cdk/aws-fis/.npmignore b/packages/@aws-cdk/aws-fis/.npmignore new file mode 100644 index 0000000000000..e4486030fcb17 --- /dev/null +++ b/packages/@aws-cdk/aws-fis/.npmignore @@ -0,0 +1,28 @@ +# Don't include original .ts files when doing `npm pack` +*.ts +!*.d.ts +coverage +.nyc_output +*.tgz + +dist +.LAST_PACKAGE +.LAST_BUILD +!*.js + +# Include .jsii +!.jsii + +*.snk + +*.tsbuildinfo + +tsconfig.json + +.eslintrc.js +jest.config.js + +# exclude cdk artifacts +**/cdk.out +junit.xml +test/ diff --git a/packages/@aws-cdk/aws-fis/LICENSE b/packages/@aws-cdk/aws-fis/LICENSE new file mode 100644 index 0000000000000..28e4bdcec77ec --- /dev/null +++ b/packages/@aws-cdk/aws-fis/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright 2018-2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/packages/@aws-cdk/aws-fis/NOTICE b/packages/@aws-cdk/aws-fis/NOTICE new file mode 100644 index 0000000000000..5fc3826926b5b --- /dev/null +++ b/packages/@aws-cdk/aws-fis/NOTICE @@ -0,0 +1,2 @@ +AWS Cloud Development Kit (AWS CDK) +Copyright 2018-2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. diff --git a/packages/@aws-cdk/aws-fis/README.md b/packages/@aws-cdk/aws-fis/README.md new file mode 100644 index 0000000000000..6331d99791be2 --- /dev/null +++ b/packages/@aws-cdk/aws-fis/README.md @@ -0,0 +1,20 @@ +# AWS::FIS Construct Library + + +--- + +![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) + +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib + +--- + + + +This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. + +```ts +import fis = require('@aws-cdk/aws-fis'); +``` diff --git a/packages/@aws-cdk/aws-fis/jest.config.js b/packages/@aws-cdk/aws-fis/jest.config.js new file mode 100644 index 0000000000000..54e28beb9798b --- /dev/null +++ b/packages/@aws-cdk/aws-fis/jest.config.js @@ -0,0 +1,2 @@ +const baseConfig = require('cdk-build-tools/config/jest.config'); +module.exports = baseConfig; diff --git a/packages/@aws-cdk/aws-fis/lib/index.ts b/packages/@aws-cdk/aws-fis/lib/index.ts new file mode 100644 index 0000000000000..09841fb313ee8 --- /dev/null +++ b/packages/@aws-cdk/aws-fis/lib/index.ts @@ -0,0 +1,2 @@ +// AWS::FIS CloudFormation Resources: +export * from './fis.generated'; diff --git a/packages/@aws-cdk/aws-fis/package.json b/packages/@aws-cdk/aws-fis/package.json new file mode 100644 index 0000000000000..37f692cf31e0a --- /dev/null +++ b/packages/@aws-cdk/aws-fis/package.json @@ -0,0 +1,100 @@ +{ + "name": "@aws-cdk/aws-fis", + "version": "0.0.0", + "description": "The CDK Construct Library for AWS::FIS", + "main": "lib/index.js", + "types": "lib/index.d.ts", + "jsii": { + "outdir": "dist", + "projectReferences": true, + "targets": { + "dotnet": { + "namespace": "Amazon.CDK.AWS.FIS", + "packageId": "Amazon.CDK.AWS.FIS", + "signAssembly": true, + "assemblyOriginatorKeyFile": "../../key.snk", + "iconUrl": "https://raw.githubusercontent.com/aws/aws-cdk/master/logo/default-256-dark.png" + }, + "java": { + "package": "software.amazon.awscdk.services.fis", + "maven": { + "groupId": "software.amazon.awscdk", + "artifactId": "fis" + } + }, + "python": { + "classifiers": [ + "Framework :: AWS CDK", + "Framework :: AWS CDK :: 1" + ], + "distName": "aws-cdk.aws-fis", + "module": "aws_cdk.aws_fis" + } + } + }, + "repository": { + "type": "git", + "url": "https://github.com/aws/aws-cdk.git", + "directory": "packages/@aws-cdk/aws-fis" + }, + "homepage": "https://github.com/aws/aws-cdk", + "scripts": { + "build": "cdk-build", + "watch": "cdk-watch", + "lint": "cdk-lint", + "test": "cdk-test", + "integ": "cdk-integ", + "pkglint": "pkglint -f", + "package": "cdk-package", + "awslint": "cdk-awslint", + "cfn2ts": "cfn2ts", + "build+test": "yarn build && yarn test", + "build+test+package": "yarn build+test && yarn package", + "compat": "cdk-compat", + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" + }, + "cdk-build": { + "cloudformation": "AWS::FIS", + "jest": true, + "env": { + "AWSLINT_BASE_CONSTRUCT": "true" + } + }, + "keywords": [ + "aws", + "cdk", + "constructs", + "AWS::FIS", + "aws-fis" + ], + "author": { + "name": "Amazon Web Services", + "url": "https://aws.amazon.com", + "organization": true + }, + "license": "Apache-2.0", + "devDependencies": { + "@aws-cdk/assert": "0.0.0", + "cdk-build-tools": "0.0.0", + "cfn2ts": "0.0.0", + "pkglint": "0.0.0" + }, + "dependencies": { + "@aws-cdk/core": "0.0.0" + }, + "peerDependencies": { + "@aws-cdk/core": "0.0.0" + }, + "engines": { + "node": ">= 10.13.0 <13 || >=13.7.0" + }, + "stability": "experimental", + "maturity": "cfn-only", + "awscdkio": { + "announce": false + }, + "publishConfig": { + "tag": "latest" + } +} diff --git a/packages/@aws-cdk/aws-fis/test/fis.test.ts b/packages/@aws-cdk/aws-fis/test/fis.test.ts new file mode 100644 index 0000000000000..e394ef336bfb4 --- /dev/null +++ b/packages/@aws-cdk/aws-fis/test/fis.test.ts @@ -0,0 +1,6 @@ +import '@aws-cdk/assert/jest'; +import {} from '../lib'; + +test('No tests are specified for this package', () => { + expect(true).toBe(true); +}); diff --git a/packages/@aws-cdk/aws-rds/package.json b/packages/@aws-cdk/aws-rds/package.json index 685b5c399b240..e13e10265fdeb 100644 --- a/packages/@aws-cdk/aws-rds/package.json +++ b/packages/@aws-cdk/aws-rds/package.json @@ -134,7 +134,8 @@ "docs-public-apis:@aws-cdk/aws-rds.SecretRotationApplication.MYSQL_ROTATION_SINGLE_USER", "docs-public-apis:@aws-cdk/aws-rds.SecretRotationApplication.MYSQL_ROTATION_MULTI_USER", "docs-public-apis:@aws-cdk/aws-rds.SecretRotationApplication.MARIADB_ROTATION_SINGLE_USER", - "docs-public-apis:@aws-cdk/aws-rds.SecretRotationApplication.MARIADB_ROTATION_MULTI_USER" + "docs-public-apis:@aws-cdk/aws-rds.SecretRotationApplication.MARIADB_ROTATION_MULTI_USER", + "resource-attribute:@aws-cdk/aws-rds.DatabaseProxy.dbProxyVpcId" ] }, "stability": "stable", diff --git a/packages/@aws-cdk/aws-s3objectlambda/.eslintrc.js b/packages/@aws-cdk/aws-s3objectlambda/.eslintrc.js new file mode 100644 index 0000000000000..61dd8dd001f63 --- /dev/null +++ b/packages/@aws-cdk/aws-s3objectlambda/.eslintrc.js @@ -0,0 +1,3 @@ +const baseConfig = require('cdk-build-tools/config/eslintrc'); +baseConfig.parserOptions.project = __dirname + '/tsconfig.json'; +module.exports = baseConfig; diff --git a/packages/@aws-cdk/aws-s3objectlambda/.gitignore b/packages/@aws-cdk/aws-s3objectlambda/.gitignore new file mode 100644 index 0000000000000..62ebc95d75ce6 --- /dev/null +++ b/packages/@aws-cdk/aws-s3objectlambda/.gitignore @@ -0,0 +1,19 @@ +*.js +*.js.map +*.d.ts +tsconfig.json +node_modules +*.generated.ts +dist +.jsii + +.LAST_BUILD +.nyc_output +coverage +.nycrc +.LAST_PACKAGE +*.snk +nyc.config.js +!.eslintrc.js +!jest.config.js +junit.xml diff --git a/packages/@aws-cdk/aws-s3objectlambda/.npmignore b/packages/@aws-cdk/aws-s3objectlambda/.npmignore new file mode 100644 index 0000000000000..e4486030fcb17 --- /dev/null +++ b/packages/@aws-cdk/aws-s3objectlambda/.npmignore @@ -0,0 +1,28 @@ +# Don't include original .ts files when doing `npm pack` +*.ts +!*.d.ts +coverage +.nyc_output +*.tgz + +dist +.LAST_PACKAGE +.LAST_BUILD +!*.js + +# Include .jsii +!.jsii + +*.snk + +*.tsbuildinfo + +tsconfig.json + +.eslintrc.js +jest.config.js + +# exclude cdk artifacts +**/cdk.out +junit.xml +test/ diff --git a/packages/@aws-cdk/aws-s3objectlambda/LICENSE b/packages/@aws-cdk/aws-s3objectlambda/LICENSE new file mode 100644 index 0000000000000..28e4bdcec77ec --- /dev/null +++ b/packages/@aws-cdk/aws-s3objectlambda/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright 2018-2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/packages/@aws-cdk/aws-s3objectlambda/NOTICE b/packages/@aws-cdk/aws-s3objectlambda/NOTICE new file mode 100644 index 0000000000000..5fc3826926b5b --- /dev/null +++ b/packages/@aws-cdk/aws-s3objectlambda/NOTICE @@ -0,0 +1,2 @@ +AWS Cloud Development Kit (AWS CDK) +Copyright 2018-2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. diff --git a/packages/@aws-cdk/aws-s3objectlambda/README.md b/packages/@aws-cdk/aws-s3objectlambda/README.md new file mode 100644 index 0000000000000..ebb6f1b79c7e6 --- /dev/null +++ b/packages/@aws-cdk/aws-s3objectlambda/README.md @@ -0,0 +1,20 @@ +# AWS::S3ObjectLambda Construct Library + + +--- + +![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) + +> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. +> +> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib + +--- + + + +This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aws-cdk) project. + +```ts +import s3objectlambda = require('@aws-cdk/aws-s3objectlambda'); +``` diff --git a/packages/@aws-cdk/aws-s3objectlambda/jest.config.js b/packages/@aws-cdk/aws-s3objectlambda/jest.config.js new file mode 100644 index 0000000000000..54e28beb9798b --- /dev/null +++ b/packages/@aws-cdk/aws-s3objectlambda/jest.config.js @@ -0,0 +1,2 @@ +const baseConfig = require('cdk-build-tools/config/jest.config'); +module.exports = baseConfig; diff --git a/packages/@aws-cdk/aws-s3objectlambda/lib/index.ts b/packages/@aws-cdk/aws-s3objectlambda/lib/index.ts new file mode 100644 index 0000000000000..791ddcf126933 --- /dev/null +++ b/packages/@aws-cdk/aws-s3objectlambda/lib/index.ts @@ -0,0 +1,2 @@ +// AWS::S3ObjectLambda CloudFormation Resources: +export * from './s3objectlambda.generated'; diff --git a/packages/@aws-cdk/aws-s3objectlambda/package.json b/packages/@aws-cdk/aws-s3objectlambda/package.json new file mode 100644 index 0000000000000..7c7f1afc560d8 --- /dev/null +++ b/packages/@aws-cdk/aws-s3objectlambda/package.json @@ -0,0 +1,100 @@ +{ + "name": "@aws-cdk/aws-s3objectlambda", + "version": "0.0.0", + "description": "The CDK Construct Library for AWS::S3ObjectLambda", + "main": "lib/index.js", + "types": "lib/index.d.ts", + "jsii": { + "outdir": "dist", + "projectReferences": true, + "targets": { + "dotnet": { + "namespace": "Amazon.CDK.AWS.S3ObjectLambda", + "packageId": "Amazon.CDK.AWS.S3ObjectLambda", + "signAssembly": true, + "assemblyOriginatorKeyFile": "../../key.snk", + "iconUrl": "https://raw.githubusercontent.com/aws/aws-cdk/master/logo/default-256-dark.png" + }, + "java": { + "package": "software.amazon.awscdk.services.s3objectlambda", + "maven": { + "groupId": "software.amazon.awscdk", + "artifactId": "s3objectlambda" + } + }, + "python": { + "classifiers": [ + "Framework :: AWS CDK", + "Framework :: AWS CDK :: 1" + ], + "distName": "aws-cdk.aws-s3objectlambda", + "module": "aws_cdk.aws_s3objectlambda" + } + } + }, + "repository": { + "type": "git", + "url": "https://github.com/aws/aws-cdk.git", + "directory": "packages/@aws-cdk/aws-s3objectlambda" + }, + "homepage": "https://github.com/aws/aws-cdk", + "scripts": { + "build": "cdk-build", + "watch": "cdk-watch", + "lint": "cdk-lint", + "test": "cdk-test", + "integ": "cdk-integ", + "pkglint": "pkglint -f", + "package": "cdk-package", + "awslint": "cdk-awslint", + "cfn2ts": "cfn2ts", + "build+test": "yarn build && yarn test", + "build+test+package": "yarn build+test && yarn package", + "compat": "cdk-compat", + "gen": "cfn2ts", + "rosetta:extract": "yarn --silent jsii-rosetta extract" + }, + "cdk-build": { + "cloudformation": "AWS::S3ObjectLambda", + "jest": true, + "env": { + "AWSLINT_BASE_CONSTRUCT": "true" + } + }, + "keywords": [ + "aws", + "cdk", + "constructs", + "AWS::S3ObjectLambda", + "aws-s3objectlambda" + ], + "author": { + "name": "Amazon Web Services", + "url": "https://aws.amazon.com", + "organization": true + }, + "license": "Apache-2.0", + "devDependencies": { + "@aws-cdk/assert": "0.0.0", + "cdk-build-tools": "0.0.0", + "cfn2ts": "0.0.0", + "pkglint": "0.0.0" + }, + "dependencies": { + "@aws-cdk/core": "0.0.0" + }, + "peerDependencies": { + "@aws-cdk/core": "0.0.0" + }, + "engines": { + "node": ">= 10.13.0 <13 || >=13.7.0" + }, + "stability": "experimental", + "maturity": "cfn-only", + "awscdkio": { + "announce": false + }, + "publishConfig": { + "tag": "latest" + } +} diff --git a/packages/@aws-cdk/aws-s3objectlambda/test/s3objectlambda.test.ts b/packages/@aws-cdk/aws-s3objectlambda/test/s3objectlambda.test.ts new file mode 100644 index 0000000000000..e394ef336bfb4 --- /dev/null +++ b/packages/@aws-cdk/aws-s3objectlambda/test/s3objectlambda.test.ts @@ -0,0 +1,6 @@ +import '@aws-cdk/assert/jest'; +import {} from '../lib'; + +test('No tests are specified for this package', () => { + expect(true).toBe(true); +}); diff --git a/packages/@aws-cdk/cfnspec/CHANGELOG.md b/packages/@aws-cdk/cfnspec/CHANGELOG.md index 861146ecf1337..43080689a5f8f 100644 --- a/packages/@aws-cdk/cfnspec/CHANGELOG.md +++ b/packages/@aws-cdk/cfnspec/CHANGELOG.md @@ -1,3 +1,61 @@ +# CloudFormation Resource Specification v31.1.0 + +## New Resource Types + +* AWS::FIS::ExperimentTemplate +* AWS::S3ObjectLambda::AccessPoint +* AWS::S3ObjectLambda::AccessPointPolicy + +## Attribute Changes + +* AWS::Backup::BackupSelection Id (__added__) +* AWS::RDS::DBProxy VpcId (__added__) + +## Property Changes + +* AWS::EC2::LaunchTemplate TagSpecifications.ItemType (__added__) +* AWS::EC2::LaunchTemplate TagSpecifications.Type (__changed__) + * Old: TagSpecifications + * New: List +* AWS::ServiceCatalogAppRegistry::AttributeGroup Attributes.Type (__deleted__) +* AWS::ServiceCatalogAppRegistry::AttributeGroup Attributes.PrimitiveType (__added__) +* AWS::ServiceDiscovery::Service Type (__added__) + +## Property Type Changes + +* AWS::EC2::LaunchTemplate.TagSpecifications (__removed__) +* AWS::ServiceCatalogAppRegistry::AttributeGroup.Attributes (__removed__) +* AWS::Backup::BackupSelection.BackupSelectionResourceType IamRoleArn.UpdateType (__changed__) + * Old: Mutable + * New: Immutable +* AWS::Backup::BackupSelection.BackupSelectionResourceType ListOfTags.DuplicatesAllowed (__added__) +* AWS::Backup::BackupSelection.BackupSelectionResourceType ListOfTags.UpdateType (__changed__) + * Old: Mutable + * New: Immutable +* AWS::Backup::BackupSelection.BackupSelectionResourceType Resources.DuplicatesAllowed (__added__) +* AWS::Backup::BackupSelection.BackupSelectionResourceType Resources.UpdateType (__changed__) + * Old: Mutable + * New: Immutable +* AWS::Backup::BackupSelection.BackupSelectionResourceType SelectionName.UpdateType (__changed__) + * Old: Mutable + * New: Immutable +* AWS::Backup::BackupSelection.ConditionResourceType ConditionKey.UpdateType (__changed__) + * Old: Mutable + * New: Immutable +* AWS::Backup::BackupSelection.ConditionResourceType ConditionType.UpdateType (__changed__) + * Old: Mutable + * New: Immutable +* AWS::Backup::BackupSelection.ConditionResourceType ConditionValue.UpdateType (__changed__) + * Old: Mutable + * New: Immutable +* AWS::SSM::MaintenanceWindowTarget.Targets Values.Required (__changed__) + * Old: false + * New: true +* AWS::SSM::MaintenanceWindowTask.Target Values.Required (__changed__) + * Old: false + * New: true + + # CloudFormation Resource Specification v31.0.0 ## New Resource Types diff --git a/packages/@aws-cdk/cfnspec/cfn.version b/packages/@aws-cdk/cfnspec/cfn.version index 221a8da0b5798..cc85ff7699a8e 100644 --- a/packages/@aws-cdk/cfnspec/cfn.version +++ b/packages/@aws-cdk/cfnspec/cfn.version @@ -1 +1 @@ -31.0.0 +31.1.0 diff --git a/packages/@aws-cdk/cfnspec/spec-source/000_CloudFormationResourceSpecification.json b/packages/@aws-cdk/cfnspec/spec-source/000_CloudFormationResourceSpecification.json index c3d61d168d11e..9f5815408d084 100644 --- a/packages/@aws-cdk/cfnspec/spec-source/000_CloudFormationResourceSpecification.json +++ b/packages/@aws-cdk/cfnspec/spec-source/000_CloudFormationResourceSpecification.json @@ -8386,27 +8386,29 @@ "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupselection-backupselectionresourcetype.html#cfn-backup-backupselection-backupselectionresourcetype-iamrolearn", "PrimitiveType": "String", "Required": true, - "UpdateType": "Mutable" + "UpdateType": "Immutable" }, "ListOfTags": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupselection-backupselectionresourcetype.html#cfn-backup-backupselection-backupselectionresourcetype-listoftags", + "DuplicatesAllowed": true, "ItemType": "ConditionResourceType", "Required": false, "Type": "List", - "UpdateType": "Mutable" + "UpdateType": "Immutable" }, "Resources": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupselection-backupselectionresourcetype.html#cfn-backup-backupselection-backupselectionresourcetype-resources", + "DuplicatesAllowed": true, "PrimitiveItemType": "String", "Required": false, "Type": "List", - "UpdateType": "Mutable" + "UpdateType": "Immutable" }, "SelectionName": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupselection-backupselectionresourcetype.html#cfn-backup-backupselection-backupselectionresourcetype-selectionname", "PrimitiveType": "String", "Required": true, - "UpdateType": "Mutable" + "UpdateType": "Immutable" } } }, @@ -8417,19 +8419,19 @@ "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupselection-conditionresourcetype.html#cfn-backup-backupselection-conditionresourcetype-conditionkey", "PrimitiveType": "String", "Required": true, - "UpdateType": "Mutable" + "UpdateType": "Immutable" }, "ConditionType": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupselection-conditionresourcetype.html#cfn-backup-backupselection-conditionresourcetype-conditiontype", "PrimitiveType": "String", "Required": true, - "UpdateType": "Mutable" + "UpdateType": "Immutable" }, "ConditionValue": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-backup-backupselection-conditionresourcetype.html#cfn-backup-backupselection-conditionresourcetype-conditionvalue", "PrimitiveType": "String", "Required": true, - "UpdateType": "Mutable" + "UpdateType": "Immutable" } } }, @@ -17414,13 +17416,6 @@ } } }, - "AWS::EC2::LaunchTemplate.TagSpecifications": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-tagspecifications.html", - "ItemType": "TagSpecification", - "Required": false, - "Type": "List", - "UpdateType": "Mutable" - }, "AWS::EC2::NetworkAclEntry.Icmp": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-networkaclentry-icmp.html", "Properties": { @@ -24183,6 +24178,167 @@ } } }, + "AWS::FIS::ExperimentTemplate.ExperimentTemplateAction": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplateaction.html", + "Properties": { + "actionId": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplateaction.html#cfn-fis-experimenttemplate-experimenttemplateaction-actionid", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "description": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplateaction.html#cfn-fis-experimenttemplate-experimenttemplateaction-description", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + }, + "parameters": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplateaction.html#cfn-fis-experimenttemplate-experimenttemplateaction-parameters", + "Required": false, + "Type": "ExperimentTemplateActionItemParameterMap", + "UpdateType": "Mutable" + }, + "startAfter": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplateaction.html#cfn-fis-experimenttemplate-experimenttemplateaction-startafter", + "Required": false, + "Type": "ExperimentTemplateActionItemStartAfterList", + "UpdateType": "Mutable" + }, + "targets": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplateaction.html#cfn-fis-experimenttemplate-experimenttemplateaction-targets", + "Required": false, + "Type": "ExperimentTemplateActionItemTargetMap", + "UpdateType": "Mutable" + } + } + }, + "AWS::FIS::ExperimentTemplate.ExperimentTemplateActionItemParameterMap": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplateactionitemparametermap.html" + }, + "AWS::FIS::ExperimentTemplate.ExperimentTemplateActionItemStartAfterList": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplateactionitemstartafterlist.html", + "Properties": { + "ExperimentTemplateActionItemStartAfterList": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplateactionitemstartafterlist.html#cfn-fis-experimenttemplate-experimenttemplateactionitemstartafterlist-experimenttemplateactionitemstartafterlist", + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::FIS::ExperimentTemplate.ExperimentTemplateActionItemTargetMap": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplateactionitemtargetmap.html" + }, + "AWS::FIS::ExperimentTemplate.ExperimentTemplateStopCondition": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplatestopcondition.html", + "Properties": { + "source": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplatestopcondition.html#cfn-fis-experimenttemplate-experimenttemplatestopcondition-source", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "value": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplatestopcondition.html#cfn-fis-experimenttemplate-experimenttemplatestopcondition-value", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Mutable" + } + } + }, + "AWS::FIS::ExperimentTemplate.ExperimentTemplateTarget": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplatetarget.html", + "Properties": { + "filters": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplatetarget.html#cfn-fis-experimenttemplate-experimenttemplatetarget-filters", + "Required": false, + "Type": "ExperimentTemplateTargetFilterList", + "UpdateType": "Mutable" + }, + "resourceArns": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplatetarget.html#cfn-fis-experimenttemplate-experimenttemplatetarget-resourcearns", + "Required": false, + "Type": "ResourceArnList", + "UpdateType": "Mutable" + }, + "resourceTags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplatetarget.html#cfn-fis-experimenttemplate-experimenttemplatetarget-resourcetags", + "Required": false, + "Type": "TagMap", + "UpdateType": "Mutable" + }, + "resourceType": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplatetarget.html#cfn-fis-experimenttemplate-experimenttemplatetarget-resourcetype", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "selectionMode": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplatetarget.html#cfn-fis-experimenttemplate-experimenttemplatetarget-selectionmode", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + } + } + }, + "AWS::FIS::ExperimentTemplate.ExperimentTemplateTargetFilter": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplatetargetfilter.html", + "Properties": { + "path": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplatetargetfilter.html#cfn-fis-experimenttemplate-experimenttemplatetargetfilter-path", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "values": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplatetargetfilter.html#cfn-fis-experimenttemplate-experimenttemplatetargetfilter-values", + "Required": true, + "Type": "ExperimentTemplateTargetFilterValues", + "UpdateType": "Mutable" + } + } + }, + "AWS::FIS::ExperimentTemplate.ExperimentTemplateTargetFilterList": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplatetargetfilterlist.html", + "Properties": { + "ExperimentTemplateTargetFilterList": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplatetargetfilterlist.html#cfn-fis-experimenttemplate-experimenttemplatetargetfilterlist-experimenttemplatetargetfilterlist", + "ItemType": "ExperimentTemplateTargetFilter", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::FIS::ExperimentTemplate.ExperimentTemplateTargetFilterValues": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplatetargetfiltervalues.html", + "Properties": { + "ExperimentTemplateTargetFilterValues": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-experimenttemplatetargetfiltervalues.html#cfn-fis-experimenttemplate-experimenttemplatetargetfiltervalues-experimenttemplatetargetfiltervalues", + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::FIS::ExperimentTemplate.ResourceArnList": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-resourcearnlist.html", + "Properties": { + "ResourceArnList": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-resourcearnlist.html#cfn-fis-experimenttemplate-resourcearnlist-resourcearnlist", + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::FIS::ExperimentTemplate.TagMap": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fis-experimenttemplate-tagmap.html" + }, "AWS::FMS::Policy.IEMap": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-iemap.html", "Properties": { @@ -47637,6 +47793,58 @@ } } }, + "AWS::S3ObjectLambda::AccessPoint.ObjectLambdaConfiguration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3objectlambda-accesspoint-objectlambdaconfiguration.html", + "Properties": { + "AllowedFeatures": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3objectlambda-accesspoint-objectlambdaconfiguration.html#cfn-s3objectlambda-accesspoint-objectlambdaconfiguration-allowedfeatures", + "DuplicatesAllowed": false, + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "CloudWatchMetricsEnabled": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3objectlambda-accesspoint-objectlambdaconfiguration.html#cfn-s3objectlambda-accesspoint-objectlambdaconfiguration-cloudwatchmetricsenabled", + "PrimitiveType": "Boolean", + "Required": false, + "UpdateType": "Mutable" + }, + "SupportingAccessPoint": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3objectlambda-accesspoint-objectlambdaconfiguration.html#cfn-s3objectlambda-accesspoint-objectlambdaconfiguration-supportingaccesspoint", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "TransformationConfigurations": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3objectlambda-accesspoint-objectlambdaconfiguration.html#cfn-s3objectlambda-accesspoint-objectlambdaconfiguration-transformationconfigurations", + "DuplicatesAllowed": false, + "ItemType": "TransformationConfiguration", + "Required": true, + "Type": "List", + "UpdateType": "Mutable" + } + } + }, + "AWS::S3ObjectLambda::AccessPoint.TransformationConfiguration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3objectlambda-accesspoint-transformationconfiguration.html", + "Properties": { + "Actions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3objectlambda-accesspoint-transformationconfiguration.html#cfn-s3objectlambda-accesspoint-transformationconfiguration-actions", + "DuplicatesAllowed": false, + "PrimitiveItemType": "String", + "Required": false, + "Type": "List", + "UpdateType": "Mutable" + }, + "ContentTransformation": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3objectlambda-accesspoint-transformationconfiguration.html#cfn-s3objectlambda-accesspoint-transformationconfiguration-contenttransformation", + "PrimitiveType": "Json", + "Required": false, + "UpdateType": "Mutable" + } + } + }, "AWS::S3Outposts::AccessPoint.VpcConfiguration": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3outposts-accesspoint-vpcconfiguration.html", "Properties": { @@ -48213,7 +48421,7 @@ "Values": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-maintenancewindowtarget-targets.html#cfn-ssm-maintenancewindowtarget-targets-values", "PrimitiveItemType": "String", - "Required": false, + "Required": true, "Type": "List", "UpdateType": "Mutable" } @@ -48394,7 +48602,7 @@ "Values": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-maintenancewindowtask-target.html#cfn-ssm-maintenancewindowtask-target-values", "PrimitiveItemType": "String", - "Required": false, + "Required": true, "Type": "List", "UpdateType": "Mutable" } @@ -51298,9 +51506,6 @@ } } }, - "AWS::ServiceCatalogAppRegistry::AttributeGroup.Attributes": { - "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-servicecatalogappregistry-attributegroup-attributes.html" - }, "AWS::ServiceDiscovery::Service.DnsConfig": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-servicediscovery-service-dnsconfig.html", "Properties": { @@ -53845,7 +54050,7 @@ } } }, - "ResourceSpecificationVersion": "31.0.0", + "ResourceSpecificationVersion": "31.1.0", "ResourceTypes": { "AWS::ACMPCA::Certificate": { "Attributes": { @@ -58564,6 +58769,9 @@ "BackupPlanId": { "PrimitiveType": "String" }, + "Id": { + "PrimitiveType": "String" + }, "SelectionId": { "PrimitiveType": "String" } @@ -65055,8 +65263,9 @@ }, "TagSpecifications": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#cfn-ec2-launchtemplate-tagspecifications", + "ItemType": "TagSpecification", "Required": false, - "Type": "TagSpecifications", + "Type": "List", "UpdateType": "Mutable" } } @@ -70324,6 +70533,56 @@ } } }, + "AWS::FIS::ExperimentTemplate": { + "Attributes": { + "id": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-fis-experimenttemplate.html", + "Properties": { + "actions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-fis-experimenttemplate.html#cfn-fis-experimenttemplate-actions", + "ItemType": "ExperimentTemplateAction", + "Required": false, + "Type": "Map", + "UpdateType": "Mutable" + }, + "description": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-fis-experimenttemplate.html#cfn-fis-experimenttemplate-description", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "roleArn": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-fis-experimenttemplate.html#cfn-fis-experimenttemplate-rolearn", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Mutable" + }, + "stopConditions": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-fis-experimenttemplate.html#cfn-fis-experimenttemplate-stopconditions", + "ItemType": "ExperimentTemplateStopCondition", + "Required": true, + "Type": "List", + "UpdateType": "Mutable" + }, + "tags": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-fis-experimenttemplate.html#cfn-fis-experimenttemplate-tags", + "PrimitiveItemType": "String", + "Required": true, + "Type": "Map", + "UpdateType": "Immutable" + }, + "targets": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-fis-experimenttemplate.html#cfn-fis-experimenttemplate-targets", + "ItemType": "ExperimentTemplateTarget", + "Required": true, + "Type": "Map", + "UpdateType": "Mutable" + } + } + }, "AWS::FMS::NotificationChannel": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-fms-notificationchannel.html", "Properties": { @@ -81696,6 +81955,9 @@ }, "Endpoint": { "PrimitiveType": "String" + }, + "VpcId": { + "PrimitiveType": "String" } }, "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbproxy.html", @@ -83346,6 +83608,48 @@ } } }, + "AWS::S3ObjectLambda::AccessPoint": { + "Attributes": { + "Arn": { + "PrimitiveType": "String" + }, + "CreationDate": { + "PrimitiveType": "String" + } + }, + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-s3objectlambda-accesspoint.html", + "Properties": { + "Name": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-s3objectlambda-accesspoint.html#cfn-s3objectlambda-accesspoint-name", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "ObjectLambdaConfiguration": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-s3objectlambda-accesspoint.html#cfn-s3objectlambda-accesspoint-objectlambdaconfiguration", + "Required": false, + "Type": "ObjectLambdaConfiguration", + "UpdateType": "Mutable" + } + } + }, + "AWS::S3ObjectLambda::AccessPointPolicy": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-s3objectlambda-accesspointpolicy.html", + "Properties": { + "ObjectLambdaAccessPoint": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-s3objectlambda-accesspointpolicy.html#cfn-s3objectlambda-accesspointpolicy-objectlambdaaccesspoint", + "PrimitiveType": "String", + "Required": true, + "UpdateType": "Immutable" + }, + "PolicyDocument": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-s3objectlambda-accesspointpolicy.html#cfn-s3objectlambda-accesspointpolicy-policydocument", + "PrimitiveType": "Json", + "Required": true, + "UpdateType": "Mutable" + } + } + }, "AWS::S3Outposts::AccessPoint": { "Attributes": { "Arn": { @@ -86516,8 +86820,8 @@ "Properties": { "Attributes": { "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicecatalogappregistry-attributegroup.html#cfn-servicecatalogappregistry-attributegroup-attributes", + "PrimitiveType": "Json", "Required": true, - "Type": "Attributes", "UpdateType": "Mutable" }, "Description": { @@ -86784,6 +87088,12 @@ "Required": false, "Type": "List", "UpdateType": "Mutable" + }, + "Type": { + "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-service.html#cfn-servicediscovery-service-type", + "PrimitiveType": "String", + "Required": false, + "UpdateType": "Immutable" } } }, diff --git a/packages/@aws-cdk/cloudformation-include/package.json b/packages/@aws-cdk/cloudformation-include/package.json index c2ec62d8d0dc2..b386c0a77079c 100644 --- a/packages/@aws-cdk/cloudformation-include/package.json +++ b/packages/@aws-cdk/cloudformation-include/package.json @@ -131,6 +131,7 @@ "@aws-cdk/aws-emrcontainers": "0.0.0", "@aws-cdk/aws-events": "0.0.0", "@aws-cdk/aws-eventschemas": "0.0.0", + "@aws-cdk/aws-fis": "0.0.0", "@aws-cdk/aws-fms": "0.0.0", "@aws-cdk/aws-fsx": "0.0.0", "@aws-cdk/aws-gamelift": "0.0.0", @@ -186,6 +187,7 @@ "@aws-cdk/aws-route53": "0.0.0", "@aws-cdk/aws-route53resolver": "0.0.0", "@aws-cdk/aws-s3": "0.0.0", + "@aws-cdk/aws-s3objectlambda": "0.0.0", "@aws-cdk/aws-s3outposts": "0.0.0", "@aws-cdk/aws-sagemaker": "0.0.0", "@aws-cdk/aws-sam": "0.0.0", @@ -280,6 +282,7 @@ "@aws-cdk/aws-emrcontainers": "0.0.0", "@aws-cdk/aws-events": "0.0.0", "@aws-cdk/aws-eventschemas": "0.0.0", + "@aws-cdk/aws-fis": "0.0.0", "@aws-cdk/aws-fms": "0.0.0", "@aws-cdk/aws-fsx": "0.0.0", "@aws-cdk/aws-gamelift": "0.0.0", @@ -335,6 +338,7 @@ "@aws-cdk/aws-route53": "0.0.0", "@aws-cdk/aws-route53resolver": "0.0.0", "@aws-cdk/aws-s3": "0.0.0", + "@aws-cdk/aws-s3objectlambda": "0.0.0", "@aws-cdk/aws-s3outposts": "0.0.0", "@aws-cdk/aws-sagemaker": "0.0.0", "@aws-cdk/aws-sam": "0.0.0", diff --git a/packages/aws-cdk-lib/package.json b/packages/aws-cdk-lib/package.json index 97131ef9ff57f..a4760aebb51bf 100644 --- a/packages/aws-cdk-lib/package.json +++ b/packages/aws-cdk-lib/package.json @@ -183,6 +183,7 @@ "@aws-cdk/aws-events": "0.0.0", "@aws-cdk/aws-events-targets": "0.0.0", "@aws-cdk/aws-eventschemas": "0.0.0", + "@aws-cdk/aws-fis": "0.0.0", "@aws-cdk/aws-fms": "0.0.0", "@aws-cdk/aws-fsx": "0.0.0", "@aws-cdk/aws-gamelift": "0.0.0", @@ -249,6 +250,7 @@ "@aws-cdk/aws-s3-assets": "0.0.0", "@aws-cdk/aws-s3-deployment": "0.0.0", "@aws-cdk/aws-s3-notifications": "0.0.0", + "@aws-cdk/aws-s3objectlambda": "0.0.0", "@aws-cdk/aws-s3outposts": "0.0.0", "@aws-cdk/aws-sagemaker": "0.0.0", "@aws-cdk/aws-sam": "0.0.0", diff --git a/packages/decdk/package.json b/packages/decdk/package.json index cfa803963ec9e..d0e5e805b8622 100644 --- a/packages/decdk/package.json +++ b/packages/decdk/package.json @@ -107,6 +107,7 @@ "@aws-cdk/aws-events": "0.0.0", "@aws-cdk/aws-events-targets": "0.0.0", "@aws-cdk/aws-eventschemas": "0.0.0", + "@aws-cdk/aws-fis": "0.0.0", "@aws-cdk/aws-fms": "0.0.0", "@aws-cdk/aws-fsx": "0.0.0", "@aws-cdk/aws-gamelift": "0.0.0", @@ -173,6 +174,7 @@ "@aws-cdk/aws-s3-assets": "0.0.0", "@aws-cdk/aws-s3-deployment": "0.0.0", "@aws-cdk/aws-s3-notifications": "0.0.0", + "@aws-cdk/aws-s3objectlambda": "0.0.0", "@aws-cdk/aws-s3outposts": "0.0.0", "@aws-cdk/aws-sagemaker": "0.0.0", "@aws-cdk/aws-sam": "0.0.0", diff --git a/packages/monocdk/package.json b/packages/monocdk/package.json index f98dd437ffbf3..ffea59b378006 100644 --- a/packages/monocdk/package.json +++ b/packages/monocdk/package.json @@ -188,6 +188,7 @@ "@aws-cdk/aws-events": "0.0.0", "@aws-cdk/aws-events-targets": "0.0.0", "@aws-cdk/aws-eventschemas": "0.0.0", + "@aws-cdk/aws-fis": "0.0.0", "@aws-cdk/aws-fms": "0.0.0", "@aws-cdk/aws-fsx": "0.0.0", "@aws-cdk/aws-gamelift": "0.0.0", @@ -254,6 +255,7 @@ "@aws-cdk/aws-s3-assets": "0.0.0", "@aws-cdk/aws-s3-deployment": "0.0.0", "@aws-cdk/aws-s3-notifications": "0.0.0", + "@aws-cdk/aws-s3objectlambda": "0.0.0", "@aws-cdk/aws-s3outposts": "0.0.0", "@aws-cdk/aws-sagemaker": "0.0.0", "@aws-cdk/aws-sam": "0.0.0", diff --git a/packages/monocdk/rosetta/README-custom-resource-provider.ts-fixture b/packages/monocdk/rosetta/README-custom-resource-provider.ts-fixture new file mode 100644 index 0000000000000..ae4b1befd4b20 --- /dev/null +++ b/packages/monocdk/rosetta/README-custom-resource-provider.ts-fixture @@ -0,0 +1,18 @@ +import { CfnOutput, Construct, Token } from '@aws-cdk/core'; + +declare interface SumProps { + readonly lhs: number; + readonly rhs: number; +} +declare class Sum extends Construct { + public readonly result: number; + constructor(scope: Construct, id: string, props: SumProps); +} + +class fixture$construct extends Construct { + public constructor(scope: Construct, id: string) { + super(scope, id); + + /// here + } +} diff --git a/packages/monocdk/rosetta/client-vpn.ts-fixture b/packages/monocdk/rosetta/client-vpn.ts-fixture new file mode 100644 index 0000000000000..4886d590211df --- /dev/null +++ b/packages/monocdk/rosetta/client-vpn.ts-fixture @@ -0,0 +1,17 @@ +// Fixture with packages imported and a VPC created +import { Construct, Stack } from '@aws-cdk/core'; +import iam = require('@aws-cdk/aws-iam'); +import ec2 = require('@aws-cdk/aws-ec2'); + +class Fixture extends Stack { + constructor(scope: Construct, id: string) { + super(scope, id); + + const vpc = new ec2.Vpc(this, 'VPC'); + const samlProvider = new iam.SamlProvider(this, 'Provider', { + metadataDocument: SamlMetadataDocument.fromXml('xml'), + }) + + /// here + } +} diff --git a/packages/monocdk/rosetta/conns.ts-fixture b/packages/monocdk/rosetta/conns.ts-fixture new file mode 100644 index 0000000000000..f29d9a1816a6e --- /dev/null +++ b/packages/monocdk/rosetta/conns.ts-fixture @@ -0,0 +1,26 @@ +// Fixture with fake connectables +import { Construct, Stack } from '@aws-cdk/core'; +import ec2 = require('@aws-cdk/aws-ec2'); + +class Fixture extends Stack { + constructor(scope: Construct, id: string) { + super(scope, id); + + const vpc = new ec2.Vpc(this, 'VPC'); + + const loadBalancer = new FakeConnectable(); + const appFleet = new FakeConnectable(); + const dbFleet = new FakeConnectable(); + const rdsDatabase = new FakeConnectable(); + const fleet1 = new FakeConnectable(); + const fleet2 = new FakeConnectable(); + const listener = new FakeConnectable(); + const myEndpoint = new FakeConnectable(); + + /// here + } +} + +class FakeConnectable implements ec2.IConnectable { + public readonly connections = new ec2.Connections({ securityGroups: [] }); +} diff --git a/packages/monocdk/rosetta/default.ts-fixture b/packages/monocdk/rosetta/default.ts-fixture new file mode 100644 index 0000000000000..558cc09b1c049 --- /dev/null +++ b/packages/monocdk/rosetta/default.ts-fixture @@ -0,0 +1,65 @@ +import * as cfn from '@aws-cdk/aws-cloudformation'; +import * as customresources from '@aws-cdk/custom-resources'; +import * as iam from '@aws-cdk/aws-iam'; +import * as lambda from '@aws-cdk/aws-lambda'; +import * as sns from '@aws-cdk/aws-sns'; +import * as sqs from '@aws-cdk/aws-sqs'; +import * as s3 from '@aws-cdk/aws-s3'; +import { + App, + Aws, + CfnCondition, + CfnDynamicReference, + CfnDynamicReferenceService, + CfnInclude, + CfnJson, + CfnMapping, + CfnOutput, + CfnParameter, + CfnResource, + CfnResourceProps, + ConcreteDependable, + Construct, + CustomResource, + CustomResourceProvider, + CustomResourceProviderRuntime, + DependableTrait, + Duration, + Fn, + IConstruct, + SecretValue, + Size, + SizeRoundingBehavior, + Stack, + StackProps, + Stage, + Token, +} from '@aws-cdk/core'; + +declare const app: App; +declare const arn: 'arn:partition:service:region:account-id:resource-id'; +declare const cfnResource: CfnResource; +declare const construct: Construct; +declare const constructA: Construct; +declare const constructB: Construct; +declare const constructC: Construct; +declare const functionProps: lambda.FunctionProps; +declare const isCompleteHandler: lambda.Function; +declare const myBucket: s3.IBucket; +declare const myFunction: lambda.IFunction; +declare const myProvider: CustomResourceProvider; +declare const myTopic: sns.ITopic; +declare const onEventHandler: lambda.Function; +declare const resourceProps: CfnResourceProps; +declare const stack: Stack; + +declare class MyStack extends Stack {} +declare class YourStack extends Stack {} + +class fixture$construct extends Construct { + public constructor(scope: Construct, id: string) { + super(scope, id); + + /// here + } +} diff --git a/packages/monocdk/rosetta/with-batch-job.ts-fixture b/packages/monocdk/rosetta/with-batch-job.ts-fixture new file mode 100644 index 0000000000000..47672ba140841 --- /dev/null +++ b/packages/monocdk/rosetta/with-batch-job.ts-fixture @@ -0,0 +1,38 @@ +// Fixture with packages imported, but nothing else +import { Stack } from '@aws-cdk/core'; +import { Construct } from 'constructs'; +import * as sfn from '@aws-cdk/aws-stepfunctions'; +import * as tasks from '@aws-cdk/aws-stepfunctions-tasks'; +import * as batch from '@aws-cdk/aws-batch'; +import * as ec2 from '@aws-cdk/aws-ec2'; +import * as ecs from '@aws-cdk/aws-ecs'; +import * as path from 'path'; + +class Fixture extends Stack { + constructor(scope: Construct, id: string) { + super(scope, id); + + const vpc = ec2.Vpc.fromLookup(this, 'Vpc', { + isDefault: true, + }); + + const batchQueue = new batch.JobQueue(this, 'JobQueue', { + computeEnvironments: [ + { + order: 1, + computeEnvironment: new batch.ComputeEnvironment(this, 'ComputeEnv', { + computeResources: { vpc }, + }), + }, + ], + }); + + const batchJobDefinition = new batch.JobDefinition(this, 'JobDefinition', { + container: { + image: ecs.ContainerImage.fromAsset(path.resolve(__dirname, 'batchjob-image')), + }, + }); + + /// here + } +} diff --git a/packages/monocdk/rosetta/with-channel.ts-fixture b/packages/monocdk/rosetta/with-channel.ts-fixture new file mode 100644 index 0000000000000..44da118b81afa --- /dev/null +++ b/packages/monocdk/rosetta/with-channel.ts-fixture @@ -0,0 +1,15 @@ +// Fixture with packages imported, but nothing else +import { Duration, Stack } from '@aws-cdk/core'; +import { Construct } from 'constructs'; +import * as ivs from '@aws-cdk/aws-ivs'; + +class Fixture extends Stack { + constructor(scope: Construct, id: string) { + super(scope, id); + + const myChannelArn = 'arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh'; + const myChannel = ivs.Channel.fromChannelArn(this, 'Channel', myChannelArn); + + /// here + } +} \ No newline at end of file diff --git a/packages/monocdk/rosetta/with-cluster.ts-fixture b/packages/monocdk/rosetta/with-cluster.ts-fixture new file mode 100644 index 0000000000000..c638d8b4d04fa --- /dev/null +++ b/packages/monocdk/rosetta/with-cluster.ts-fixture @@ -0,0 +1,19 @@ +import { Duration, Stack } from '@aws-cdk/core'; +import { Construct } from 'constructs'; +import * as ec2 from '@aws-cdk/aws-ec2'; +import * as neptune from '@aws-cdk/aws-neptune'; + +class Fixture extends Stack { + constructor(scope: Construct, id: string) { + super(scope, id); + + const vpc = new ec2.Vpc(this, 'VPC', { maxAzs: 2 }); + + const cluster = new neptune.DatabaseCluster(this, 'Database', { + vpc, + instanceType: neptune.InstanceType.R5_LARGE, + }); + + /// here + } +} \ No newline at end of file diff --git a/packages/monocdk/rosetta/with-filesystem-instance.ts-fixture b/packages/monocdk/rosetta/with-filesystem-instance.ts-fixture new file mode 100644 index 0000000000000..092b572afa726 --- /dev/null +++ b/packages/monocdk/rosetta/with-filesystem-instance.ts-fixture @@ -0,0 +1,30 @@ +// Fixture with file system and an EC2 instance created in a VPC +import { Stack } from '@aws-cdk/core'; +import { Construct } from 'constructs'; +import * as efs from '@aws-cdk/aws-efs'; +import * as ec2 from '@aws-cdk/aws-ec2'; + +class Fixture extends Stack { + constructor(scope: Construct, id: string) { + super(scope, id); + + const vpc = new ec2.Vpc(this, 'VPC'); + + const fileSystem = new efs.FileSystem(this, 'FileSystem', { + vpc, + }); + + const instance = new ec2.Instance(this, 'instance', { + instanceType: ec2.InstanceType.of(ec2.InstanceClass.T2, ec2.InstanceSize.LARGE), + machineImage: new ec2.AmazonLinuxImage({ + generation: ec2.AmazonLinuxGeneration.AMAZON_LINUX_2 + }), + vpc, + vpcSubnets: { + subnetType: ec2.SubnetType.PUBLIC, + } + }); + + /// here + } +} diff --git a/packages/monocdk/rosetta/with-lambda-trigger.ts-fixture b/packages/monocdk/rosetta/with-lambda-trigger.ts-fixture new file mode 100644 index 0000000000000..de9aa90eedfc2 --- /dev/null +++ b/packages/monocdk/rosetta/with-lambda-trigger.ts-fixture @@ -0,0 +1,26 @@ +// Fixture with packages imported, but nothing else +import { Stack } from '@aws-cdk/core'; +import { Construct } from 'constructs'; +import * as cognito from '@aws-cdk/aws-cognito'; +import * as iam from '@aws-cdk/aws-iam'; +import * as lambda from '@aws-cdk/aws-lambda'; + +class Fixture extends Stack { + constructor(scope: Construct, id: string) { + super(scope, id); + + const postAuthFn = new lambda.Function(this, 'postAuthFn', { + code: lambda.Code.fromInline('post authentication'), + runtime: lambda.Runtime.NODEJS_12_X, + handler: 'index.handler', + }); + + const userpool = new cognito.UserPool(this, 'myuserpool', { + lambdaTriggers: { + postAuthentication: postAuthFn, + }, + }); + + /// here + } +} diff --git a/packages/monocdk/rosetta/with-vpc.ts-fixture b/packages/monocdk/rosetta/with-vpc.ts-fixture new file mode 100644 index 0000000000000..dd8e539f8cf9f --- /dev/null +++ b/packages/monocdk/rosetta/with-vpc.ts-fixture @@ -0,0 +1,13 @@ +// Fixture with packages imported and a VPC created +import { Construct, Stack } from '@aws-cdk/core'; +import ec2 = require('@aws-cdk/aws-ec2'); + +class Fixture extends Stack { + constructor(scope: Construct, id: string) { + super(scope, id); + + const vpc = new ec2.Vpc(this, 'VPC'); + + /// here + } +} From 7ca79ffad7c18692edaa2dd26cd0d4d441ecf468 Mon Sep 17 00:00:00 2001 From: Adam Ruka Date: Wed, 24 Mar 2021 17:02:23 -0700 Subject: [PATCH 022/260] feat(acmpca): make the ACM PCA module Generally Available (stable) (#13778) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-acmpca/README.md | 61 +++++++++++++++++++---- packages/@aws-cdk/aws-acmpca/package.json | 4 +- 2 files changed, 52 insertions(+), 13 deletions(-) diff --git a/packages/@aws-cdk/aws-acmpca/README.md b/packages/@aws-cdk/aws-acmpca/README.md index 04d167836539c..66f15be5be271 100644 --- a/packages/@aws-cdk/aws-acmpca/README.md +++ b/packages/@aws-cdk/aws-acmpca/README.md @@ -1,21 +1,12 @@ # AWS::ACMPCA Construct Library + --- ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. -> -> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib - -![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) - -> The APIs of higher level constructs in this module are experimental and under active development. -> They are subject to non-backward compatible changes or removal in any future version. These are -> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be -> announced in the release notes. This means that while you may use them, you may need to update -> your source code when upgrading to a newer version of this package. +![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- @@ -26,3 +17,51 @@ This module is part of the [AWS Cloud Development Kit](https://github.com/aws/aw ```ts import * as acmpca from '@aws-cdk/aws-acmpca'; ``` + +## Certificate Authority + +This package contains a `CertificateAuthority` class. +At the moment, you cannot create new Authorities using it, +but you can import existing ones using the `fromCertificateAuthorityArn` static method: + +```ts +const certificateAuthority = acmpca.CertificateAuthority.fromCertificateAuthorityArn(this, 'CA', + 'arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/023077d8-2bfa-4eb0-8f22-05c96deade77'); +``` + +## Low-level `Cfn*` classes + +You can always use the low-level classes +(starting with `Cfn*`) to create resources like the Certificate Authority: + +```ts +const cfnCertificateAuthority = new acmpca.CfnCertificateAuthority(this, 'CA', { + type: 'ROOT', + keyAlgorithm: 'RSA_2048', + signingAlgorithm: 'SHA256WITHRSA', + subject: { + country: 'US', + organization: 'string', + organizationalUnit: 'string', + distinguishedNameQualifier: 'string', + state: 'string', + commonName: '123', + serialNumber: 'string', + locality: 'string', + title: 'string', + surname: 'string', + givenName: 'string', + initials: 'DG', + pseudonym: 'string', + generationQualifier: 'DBG', + }, +}); +``` + +If you need to pass the higher-level `ICertificateAuthority` somewhere, +you can get it from the lower-level `CfnCertificateAuthority` using the same `fromCertificateAuthorityArn` method: + +```ts +const certificateAuthority = acmpca.CertificateAuthority.fromCertificateAuthorityArn(this, 'CertificateAuthority', + cfnCertificateAuthority.attrArn); +``` diff --git a/packages/@aws-cdk/aws-acmpca/package.json b/packages/@aws-cdk/aws-acmpca/package.json index e0956bffbf2c6..5b3a4a414413b 100644 --- a/packages/@aws-cdk/aws-acmpca/package.json +++ b/packages/@aws-cdk/aws-acmpca/package.json @@ -89,8 +89,8 @@ "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" }, - "stability": "experimental", - "maturity": "experimental", + "stability": "stable", + "maturity": "stable", "awscdkio": { "announce": false }, From 77a6268d696dc0f33fbce4c973f45df29da7aef5 Mon Sep 17 00:00:00 2001 From: Elad Ben-Israel Date: Thu, 25 Mar 2021 09:51:00 +0200 Subject: [PATCH 023/260] chore: build go bindings for monocdk (#13399) Add `go` configuration to the `monocdk` and `aws-cdk-lib` packages. Resolves https://github.com/aws/jsii/issues/2611 The following jsii bugs were fixed to enable this: - [x] https://github.com/aws/jsii/issues/2648 - [x] https://github.com/aws/jsii/issues/2649 - [x] https://github.com/aws/jsii/issues/2647 - [x] https://github.com/aws/jsii/issues/2617 - [x] https://github.com/aws/jsii/issues/2632 - [x] https://github.com/aws/jsii/issues/2651 - [x] https://github.com/aws/jsii/issues/2508 - [x] https://github.com/aws/jsii/issues/2692 - [x] https://github.com/aws/jsii/issues/2700 - [x] https://github.com/aws/jsii/issues/2702 --- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../ecs-service-extensions/package.json | 4 ++-- packages/@aws-cdk/alexa-ask/package.json | 4 ++-- packages/@aws-cdk/app-delivery/package.json | 4 ++-- packages/@aws-cdk/assert/package.json | 4 ++-- packages/@aws-cdk/assets/package.json | 4 ++-- packages/@aws-cdk/aws-accessanalyzer/package.json | 4 ++-- packages/@aws-cdk/aws-acmpca/package.json | 4 ++-- packages/@aws-cdk/aws-amazonmq/package.json | 4 ++-- packages/@aws-cdk/aws-amplify/package.json | 4 ++-- packages/@aws-cdk/aws-apigateway/package.json | 4 ++-- .../aws-apigatewayv2-authorizers/package.json | 4 ++-- .../aws-apigatewayv2-integrations/package.json | 4 ++-- packages/@aws-cdk/aws-apigatewayv2/package.json | 4 ++-- packages/@aws-cdk/aws-appconfig/package.json | 4 ++-- .../aws-applicationautoscaling/package.json | 4 ++-- packages/@aws-cdk/aws-appmesh/package.json | 4 ++-- packages/@aws-cdk/aws-appstream/package.json | 4 ++-- packages/@aws-cdk/aws-appsync/package.json | 4 ++-- packages/@aws-cdk/aws-athena/package.json | 4 ++-- .../@aws-cdk/aws-autoscaling-common/package.json | 4 ++-- .../aws-autoscaling-hooktargets/package.json | 4 ++-- packages/@aws-cdk/aws-autoscaling/package.json | 4 ++-- packages/@aws-cdk/aws-autoscalingplans/package.json | 4 ++-- packages/@aws-cdk/aws-backup/package.json | 4 ++-- packages/@aws-cdk/aws-batch/package.json | 4 ++-- packages/@aws-cdk/aws-budgets/package.json | 4 ++-- .../@aws-cdk/aws-certificatemanager/package.json | 4 ++-- packages/@aws-cdk/aws-chatbot/package.json | 4 ++-- packages/@aws-cdk/aws-cloud9/package.json | 4 ++-- packages/@aws-cdk/aws-cloudformation/package.json | 4 ++-- .../@aws-cdk/aws-cloudfront-origins/package.json | 4 ++-- packages/@aws-cdk/aws-cloudfront/package.json | 4 ++-- packages/@aws-cdk/aws-cloudtrail/package.json | 4 ++-- .../@aws-cdk/aws-cloudwatch-actions/package.json | 4 ++-- packages/@aws-cdk/aws-cloudwatch/package.json | 4 ++-- packages/@aws-cdk/aws-codebuild/package.json | 4 ++-- packages/@aws-cdk/aws-codecommit/package.json | 4 ++-- packages/@aws-cdk/aws-codedeploy/package.json | 4 ++-- packages/@aws-cdk/aws-codeguruprofiler/package.json | 4 ++-- .../@aws-cdk/aws-codepipeline-actions/package.json | 4 ++-- packages/@aws-cdk/aws-codepipeline/package.json | 4 ++-- packages/@aws-cdk/aws-codestar/package.json | 4 ++-- .../@aws-cdk/aws-codestarnotifications/package.json | 4 ++-- packages/@aws-cdk/aws-cognito/package.json | 4 ++-- packages/@aws-cdk/aws-config/package.json | 4 ++-- packages/@aws-cdk/aws-datapipeline/package.json | 4 ++-- packages/@aws-cdk/aws-dax/package.json | 4 ++-- packages/@aws-cdk/aws-directoryservice/package.json | 4 ++-- packages/@aws-cdk/aws-dlm/package.json | 4 ++-- packages/@aws-cdk/aws-dms/package.json | 4 ++-- packages/@aws-cdk/aws-docdb/package.json | 4 ++-- packages/@aws-cdk/aws-dynamodb-global/package.json | 4 ++-- packages/@aws-cdk/aws-dynamodb/package.json | 4 ++-- packages/@aws-cdk/aws-ec2/package.json | 4 ++-- packages/@aws-cdk/aws-ecr-assets/package.json | 4 ++-- packages/@aws-cdk/aws-ecr/package.json | 4 ++-- packages/@aws-cdk/aws-ecs-patterns/package.json | 4 ++-- packages/@aws-cdk/aws-ecs/package.json | 4 ++-- packages/@aws-cdk/aws-efs/package.json | 4 ++-- packages/@aws-cdk/aws-eks-legacy/package.json | 4 ++-- packages/@aws-cdk/aws-eks/package.json | 4 ++-- packages/@aws-cdk/aws-elasticache/package.json | 4 ++-- packages/@aws-cdk/aws-elasticbeanstalk/package.json | 4 ++-- .../@aws-cdk/aws-elasticloadbalancing/package.json | 4 ++-- .../aws-elasticloadbalancingv2-actions/package.json | 4 ++-- .../aws-elasticloadbalancingv2-targets/package.json | 4 ++-- .../aws-elasticloadbalancingv2/package.json | 4 ++-- packages/@aws-cdk/aws-elasticsearch/package.json | 4 ++-- packages/@aws-cdk/aws-emr/package.json | 4 ++-- packages/@aws-cdk/aws-events-targets/package.json | 4 ++-- packages/@aws-cdk/aws-events/package.json | 4 ++-- packages/@aws-cdk/aws-eventschemas/package.json | 4 ++-- packages/@aws-cdk/aws-fms/package.json | 4 ++-- packages/@aws-cdk/aws-fsx/package.json | 4 ++-- packages/@aws-cdk/aws-gamelift/package.json | 4 ++-- .../@aws-cdk/aws-globalaccelerator/package.json | 4 ++-- packages/@aws-cdk/aws-glue/package.json | 4 ++-- packages/@aws-cdk/aws-greengrass/package.json | 4 ++-- packages/@aws-cdk/aws-greengrassv2/package.json | 4 ++-- packages/@aws-cdk/aws-guardduty/package.json | 4 ++-- packages/@aws-cdk/aws-iam/package.json | 4 ++-- packages/@aws-cdk/aws-inspector/package.json | 4 ++-- packages/@aws-cdk/aws-iot/package.json | 4 ++-- packages/@aws-cdk/aws-iot1click/package.json | 4 ++-- packages/@aws-cdk/aws-iotanalytics/package.json | 4 ++-- packages/@aws-cdk/aws-iotevents/package.json | 4 ++-- packages/@aws-cdk/aws-iotthingsgraph/package.json | 4 ++-- packages/@aws-cdk/aws-ivs/package.json | 4 ++-- packages/@aws-cdk/aws-kinesis/package.json | 4 ++-- .../aws-kinesisanalytics-flink/package.json | 4 ++-- packages/@aws-cdk/aws-kinesisanalytics/package.json | 4 ++-- packages/@aws-cdk/aws-kinesisfirehose/package.json | 4 ++-- packages/@aws-cdk/aws-kms/package.json | 4 ++-- packages/@aws-cdk/aws-lakeformation/package.json | 4 ++-- .../@aws-cdk/aws-lambda-destinations/package.json | 4 ++-- .../@aws-cdk/aws-lambda-event-sources/package.json | 4 ++-- packages/@aws-cdk/aws-lambda-nodejs/package.json | 4 ++-- packages/@aws-cdk/aws-lambda-python/package.json | 4 ++-- packages/@aws-cdk/aws-lambda/package.json | 4 ++-- .../@aws-cdk/aws-logs-destinations/package.json | 4 ++-- packages/@aws-cdk/aws-logs/package.json | 4 ++-- .../@aws-cdk/aws-managedblockchain/package.json | 4 ++-- packages/@aws-cdk/aws-mediaconvert/package.json | 4 ++-- packages/@aws-cdk/aws-medialive/package.json | 4 ++-- packages/@aws-cdk/aws-mediastore/package.json | 4 ++-- packages/@aws-cdk/aws-msk/package.json | 4 ++-- packages/@aws-cdk/aws-neptune/package.json | 4 ++-- packages/@aws-cdk/aws-opsworks/package.json | 4 ++-- packages/@aws-cdk/aws-opsworkscm/package.json | 4 ++-- packages/@aws-cdk/aws-pinpoint/package.json | 4 ++-- packages/@aws-cdk/aws-pinpointemail/package.json | 4 ++-- packages/@aws-cdk/aws-qldb/package.json | 4 ++-- packages/@aws-cdk/aws-ram/package.json | 4 ++-- packages/@aws-cdk/aws-rds/package.json | 4 ++-- packages/@aws-cdk/aws-redshift/package.json | 4 ++-- packages/@aws-cdk/aws-robomaker/package.json | 4 ++-- packages/@aws-cdk/aws-route53-patterns/package.json | 4 ++-- packages/@aws-cdk/aws-route53-targets/package.json | 4 ++-- packages/@aws-cdk/aws-route53/package.json | 4 ++-- packages/@aws-cdk/aws-route53resolver/package.json | 4 ++-- packages/@aws-cdk/aws-s3-assets/package.json | 4 ++-- packages/@aws-cdk/aws-s3-deployment/package.json | 4 ++-- packages/@aws-cdk/aws-s3-notifications/package.json | 4 ++-- packages/@aws-cdk/aws-s3/package.json | 4 ++-- packages/@aws-cdk/aws-sagemaker/package.json | 4 ++-- packages/@aws-cdk/aws-sam/package.json | 4 ++-- packages/@aws-cdk/aws-sdb/package.json | 4 ++-- packages/@aws-cdk/aws-secretsmanager/package.json | 4 ++-- packages/@aws-cdk/aws-securityhub/package.json | 4 ++-- packages/@aws-cdk/aws-servicecatalog/package.json | 4 ++-- packages/@aws-cdk/aws-servicediscovery/package.json | 4 ++-- packages/@aws-cdk/aws-ses-actions/package.json | 4 ++-- packages/@aws-cdk/aws-ses/package.json | 4 ++-- packages/@aws-cdk/aws-signer/package.json | 4 ++-- .../@aws-cdk/aws-sns-subscriptions/package.json | 4 ++-- packages/@aws-cdk/aws-sns/package.json | 4 ++-- packages/@aws-cdk/aws-sqs/package.json | 4 ++-- packages/@aws-cdk/aws-ssm/package.json | 4 ++-- .../@aws-cdk/aws-stepfunctions-tasks/package.json | 4 ++-- packages/@aws-cdk/aws-stepfunctions/package.json | 4 ++-- packages/@aws-cdk/aws-synthetics/package.json | 4 ++-- packages/@aws-cdk/aws-transfer/package.json | 4 ++-- packages/@aws-cdk/aws-waf/package.json | 4 ++-- packages/@aws-cdk/aws-wafregional/package.json | 4 ++-- packages/@aws-cdk/aws-wafv2/package.json | 4 ++-- packages/@aws-cdk/aws-workspaces/package.json | 4 ++-- .../@aws-cdk/cloudformation-include/package.json | 4 ++-- packages/@aws-cdk/core/package.json | 4 ++-- packages/@aws-cdk/custom-resources/package.json | 4 ++-- .../@aws-cdk/example-construct-library/package.json | 4 ++-- packages/@aws-cdk/lambda-layer-awscli/package.json | 4 ++-- packages/@aws-cdk/lambda-layer-kubectl/package.json | 4 ++-- packages/@aws-cdk/pipelines/package.json | 4 ++-- packages/@monocdk-experiment/assert/package.json | 4 ++-- packages/aws-cdk-lib/package.json | 8 ++++++-- packages/decdk/package.json | 2 +- packages/monocdk/package.json | 9 +++++++-- tools/pkglint/lib/rules.ts | 13 +++++++------ yarn.lock | 8 ++++---- 159 files changed, 333 insertions(+), 323 deletions(-) diff --git a/packages/@aws-cdk-containers/ecs-service-extensions/package.json b/packages/@aws-cdk-containers/ecs-service-extensions/package.json index 05781b7cc3750..4b75bbbd568f4 100644 --- a/packages/@aws-cdk-containers/ecs-service-extensions/package.json +++ b/packages/@aws-cdk-containers/ecs-service-extensions/package.json @@ -66,7 +66,7 @@ "@aws-cdk/core": "0.0.0", "@aws-cdk/custom-resources": "0.0.0", "@aws-cdk/region-info": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -91,7 +91,7 @@ "@aws-cdk/core": "0.0.0", "@aws-cdk/custom-resources": "0.0.0", "@aws-cdk/region-info": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/alexa-ask/package.json b/packages/@aws-cdk/alexa-ask/package.json index 48b5fa2b1e003..97bad8c492ebc 100644 --- a/packages/@aws-cdk/alexa-ask/package.json +++ b/packages/@aws-cdk/alexa-ask/package.json @@ -79,11 +79,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/app-delivery/package.json b/packages/@aws-cdk/app-delivery/package.json index de59545369bfd..7569a0e07a1cc 100644 --- a/packages/@aws-cdk/app-delivery/package.json +++ b/packages/@aws-cdk/app-delivery/package.json @@ -55,7 +55,7 @@ "@aws-cdk/core": "0.0.0", "@aws-cdk/cx-api": "0.0.0", "@aws-cdk/cloud-assembly-schema": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "devDependencies": { "@aws-cdk/assert": "0.0.0", @@ -93,7 +93,7 @@ "@aws-cdk/core": "0.0.0", "@aws-cdk/cx-api": "0.0.0", "@aws-cdk/cloud-assembly-schema": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/assert/package.json b/packages/@aws-cdk/assert/package.json index 50b7b2a9becba..def55461299b0 100644 --- a/packages/@aws-cdk/assert/package.json +++ b/packages/@aws-cdk/assert/package.json @@ -32,11 +32,11 @@ "@aws-cdk/cloudformation-diff": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/cx-api": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0", + "constructs": "^3.3.69", "jest": "^26.6.3" }, "repository": { diff --git a/packages/@aws-cdk/assets/package.json b/packages/@aws-cdk/assets/package.json index b19a88d4a9c12..d63b2f65100dc 100644 --- a/packages/@aws-cdk/assets/package.json +++ b/packages/@aws-cdk/assets/package.json @@ -81,13 +81,13 @@ "dependencies": { "@aws-cdk/core": "0.0.0", "@aws-cdk/cx-api": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/core": "0.0.0", "@aws-cdk/cx-api": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-accessanalyzer/package.json b/packages/@aws-cdk/aws-accessanalyzer/package.json index 85c2a0d682662..38f66127ef9bb 100644 --- a/packages/@aws-cdk/aws-accessanalyzer/package.json +++ b/packages/@aws-cdk/aws-accessanalyzer/package.json @@ -80,11 +80,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-acmpca/package.json b/packages/@aws-cdk/aws-acmpca/package.json index 5b3a4a414413b..23b84d3835bf4 100644 --- a/packages/@aws-cdk/aws-acmpca/package.json +++ b/packages/@aws-cdk/aws-acmpca/package.json @@ -80,11 +80,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-amazonmq/package.json b/packages/@aws-cdk/aws-amazonmq/package.json index c9d6412f5effa..0e70c70d22b42 100644 --- a/packages/@aws-cdk/aws-amazonmq/package.json +++ b/packages/@aws-cdk/aws-amazonmq/package.json @@ -79,11 +79,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-amplify/package.json b/packages/@aws-cdk/aws-amplify/package.json index ea1abbde2ba37..28efe97f04ee3 100644 --- a/packages/@aws-cdk/aws-amplify/package.json +++ b/packages/@aws-cdk/aws-amplify/package.json @@ -86,7 +86,7 @@ "@aws-cdk/aws-codecommit": "0.0.0", "@aws-cdk/aws-secretsmanager": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/aws-iam": "0.0.0", @@ -95,7 +95,7 @@ "@aws-cdk/aws-codecommit": "0.0.0", "@aws-cdk/aws-secretsmanager": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-apigateway/package.json b/packages/@aws-cdk/aws-apigateway/package.json index 7465b7d45a6bd..be2678348bcdd 100644 --- a/packages/@aws-cdk/aws-apigateway/package.json +++ b/packages/@aws-cdk/aws-apigateway/package.json @@ -90,7 +90,7 @@ "@aws-cdk/aws-s3-assets": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/cx-api": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -106,7 +106,7 @@ "@aws-cdk/aws-s3-assets": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/cx-api": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-apigatewayv2-authorizers/package.json b/packages/@aws-cdk/aws-apigatewayv2-authorizers/package.json index f21b19c75f329..07789b522b817 100644 --- a/packages/@aws-cdk/aws-apigatewayv2-authorizers/package.json +++ b/packages/@aws-cdk/aws-apigatewayv2-authorizers/package.json @@ -82,13 +82,13 @@ "@aws-cdk/aws-apigatewayv2": "0.0.0", "@aws-cdk/aws-cognito": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/aws-apigatewayv2": "0.0.0", "@aws-cdk/aws-cognito": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-apigatewayv2-integrations/package.json b/packages/@aws-cdk/aws-apigatewayv2-integrations/package.json index c4a3e3039b9a3..b2e60feab389b 100644 --- a/packages/@aws-cdk/aws-apigatewayv2-integrations/package.json +++ b/packages/@aws-cdk/aws-apigatewayv2-integrations/package.json @@ -84,7 +84,7 @@ "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/aws-servicediscovery": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/aws-apigatewayv2": "0.0.0", @@ -94,7 +94,7 @@ "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/aws-servicediscovery": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-apigatewayv2/package.json b/packages/@aws-cdk/aws-apigatewayv2/package.json index b1dd874b85f9e..d9697bc13a629 100644 --- a/packages/@aws-cdk/aws-apigatewayv2/package.json +++ b/packages/@aws-cdk/aws-apigatewayv2/package.json @@ -88,7 +88,7 @@ "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-cloudwatch": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/aws-ec2": "0.0.0", @@ -96,7 +96,7 @@ "@aws-cdk/aws-certificatemanager": "0.0.0", "@aws-cdk/aws-cloudwatch": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-appconfig/package.json b/packages/@aws-cdk/aws-appconfig/package.json index 0836a936f672c..7b6859ee61cc8 100644 --- a/packages/@aws-cdk/aws-appconfig/package.json +++ b/packages/@aws-cdk/aws-appconfig/package.json @@ -80,11 +80,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-applicationautoscaling/package.json b/packages/@aws-cdk/aws-applicationautoscaling/package.json index e9566094b344a..953fdc578dac9 100644 --- a/packages/@aws-cdk/aws-applicationautoscaling/package.json +++ b/packages/@aws-cdk/aws-applicationautoscaling/package.json @@ -83,7 +83,7 @@ "@aws-cdk/aws-cloudwatch": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -91,7 +91,7 @@ "@aws-cdk/aws-cloudwatch": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-appmesh/package.json b/packages/@aws-cdk/aws-appmesh/package.json index 32176758bd410..2543de4795544 100644 --- a/packages/@aws-cdk/aws-appmesh/package.json +++ b/packages/@aws-cdk/aws-appmesh/package.json @@ -90,7 +90,7 @@ "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-servicediscovery": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/aws-acmpca": "0.0.0", @@ -99,7 +99,7 @@ "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-servicediscovery": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-appstream/package.json b/packages/@aws-cdk/aws-appstream/package.json index e9655519ab834..134f27b59492c 100644 --- a/packages/@aws-cdk/aws-appstream/package.json +++ b/packages/@aws-cdk/aws-appstream/package.json @@ -79,11 +79,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-appsync/package.json b/packages/@aws-cdk/aws-appsync/package.json index f6bfb64813364..a71987c776194 100644 --- a/packages/@aws-cdk/aws-appsync/package.json +++ b/packages/@aws-cdk/aws-appsync/package.json @@ -89,7 +89,7 @@ "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/aws-s3-assets": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -102,7 +102,7 @@ "@aws-cdk/core": "0.0.0", "@aws-cdk/aws-rds": "0.0.0", "@aws-cdk/aws-secretsmanager": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-athena/package.json b/packages/@aws-cdk/aws-athena/package.json index 2a3cd7207b97f..b20bc52a7a0ab 100644 --- a/packages/@aws-cdk/aws-athena/package.json +++ b/packages/@aws-cdk/aws-athena/package.json @@ -80,12 +80,12 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-autoscaling-common/package.json b/packages/@aws-cdk/aws-autoscaling-common/package.json index 8a43f80c5b9c7..ffc31b5241a02 100644 --- a/packages/@aws-cdk/aws-autoscaling-common/package.json +++ b/packages/@aws-cdk/aws-autoscaling-common/package.json @@ -73,13 +73,13 @@ "dependencies": { "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-autoscaling-hooktargets/package.json b/packages/@aws-cdk/aws-autoscaling-hooktargets/package.json index b15364996c1f3..1977b8f8a80f4 100644 --- a/packages/@aws-cdk/aws-autoscaling-hooktargets/package.json +++ b/packages/@aws-cdk/aws-autoscaling-hooktargets/package.json @@ -79,7 +79,7 @@ "@aws-cdk/aws-sns-subscriptions": "0.0.0", "@aws-cdk/aws-sqs": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -91,7 +91,7 @@ "@aws-cdk/aws-sns-subscriptions": "0.0.0", "@aws-cdk/aws-sqs": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-autoscaling/package.json b/packages/@aws-cdk/aws-autoscaling/package.json index 79a8b3e02b967..ef8e51045e724 100644 --- a/packages/@aws-cdk/aws-autoscaling/package.json +++ b/packages/@aws-cdk/aws-autoscaling/package.json @@ -89,7 +89,7 @@ "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -101,7 +101,7 @@ "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-autoscalingplans/package.json b/packages/@aws-cdk/aws-autoscalingplans/package.json index 5674f715e2b80..0b45057dada19 100644 --- a/packages/@aws-cdk/aws-autoscalingplans/package.json +++ b/packages/@aws-cdk/aws-autoscalingplans/package.json @@ -78,12 +78,12 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-backup/package.json b/packages/@aws-cdk/aws-backup/package.json index 3fe228a5b79bb..4ac39c84433d5 100644 --- a/packages/@aws-cdk/aws-backup/package.json +++ b/packages/@aws-cdk/aws-backup/package.json @@ -89,7 +89,7 @@ "@aws-cdk/aws-rds": "0.0.0", "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/aws-dynamodb": "0.0.0", @@ -101,7 +101,7 @@ "@aws-cdk/aws-rds": "0.0.0", "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-batch/package.json b/packages/@aws-cdk/aws-batch/package.json index 0b8f4666ab077..74f0d354ef7f6 100644 --- a/packages/@aws-cdk/aws-batch/package.json +++ b/packages/@aws-cdk/aws-batch/package.json @@ -86,7 +86,7 @@ "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-secretsmanager": "0.0.0", "@aws-cdk/aws-ssm": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -97,7 +97,7 @@ "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-secretsmanager": "0.0.0", "@aws-cdk/aws-ssm": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-budgets/package.json b/packages/@aws-cdk/aws-budgets/package.json index 3d8297269395f..5a7ec7611cf85 100644 --- a/packages/@aws-cdk/aws-budgets/package.json +++ b/packages/@aws-cdk/aws-budgets/package.json @@ -78,12 +78,12 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-certificatemanager/package.json b/packages/@aws-cdk/aws-certificatemanager/package.json index 96e0787fb06ec..5ca408e51b79e 100644 --- a/packages/@aws-cdk/aws-certificatemanager/package.json +++ b/packages/@aws-cdk/aws-certificatemanager/package.json @@ -81,7 +81,7 @@ "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/aws-route53": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -89,7 +89,7 @@ "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/aws-route53": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-chatbot/package.json b/packages/@aws-cdk/aws-chatbot/package.json index ab267bf8f1c0c..285a2637720dd 100644 --- a/packages/@aws-cdk/aws-chatbot/package.json +++ b/packages/@aws-cdk/aws-chatbot/package.json @@ -85,7 +85,7 @@ "@aws-cdk/aws-logs": "0.0.0", "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/aws-cloudwatch": "0.0.0", @@ -93,7 +93,7 @@ "@aws-cdk/aws-logs": "0.0.0", "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-cloud9/package.json b/packages/@aws-cdk/aws-cloud9/package.json index e71b8c60f3bc0..f92a0618a7753 100644 --- a/packages/@aws-cdk/aws-cloud9/package.json +++ b/packages/@aws-cdk/aws-cloud9/package.json @@ -82,14 +82,14 @@ "@aws-cdk/core": "0.0.0", "@aws-cdk/aws-codecommit": "0.0.0", "@aws-cdk/aws-ec2": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/core": "0.0.0", "@aws-cdk/aws-codecommit": "0.0.0", "@aws-cdk/aws-ec2": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-cloudformation/package.json b/packages/@aws-cdk/aws-cloudformation/package.json index 550bc780b750d..b7afa856758b4 100644 --- a/packages/@aws-cdk/aws-cloudformation/package.json +++ b/packages/@aws-cdk/aws-cloudformation/package.json @@ -88,7 +88,7 @@ "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/cx-api": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -98,7 +98,7 @@ "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/cx-api": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-cloudfront-origins/package.json b/packages/@aws-cdk/aws-cloudfront-origins/package.json index d90ce2d097315..5eada454fb380 100644 --- a/packages/@aws-cdk/aws-cloudfront-origins/package.json +++ b/packages/@aws-cdk/aws-cloudfront-origins/package.json @@ -82,12 +82,12 @@ "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-s3": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0", + "constructs": "^3.3.69", "@aws-cdk/aws-cloudfront": "0.0.0", "@aws-cdk/aws-elasticloadbalancingv2": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", diff --git a/packages/@aws-cdk/aws-cloudfront/package.json b/packages/@aws-cdk/aws-cloudfront/package.json index 75b18c5b95444..cf82a65459553 100644 --- a/packages/@aws-cdk/aws-cloudfront/package.json +++ b/packages/@aws-cdk/aws-cloudfront/package.json @@ -89,7 +89,7 @@ "@aws-cdk/aws-s3": "0.0.0", "@aws-cdk/aws-ssm": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -102,7 +102,7 @@ "@aws-cdk/aws-s3": "0.0.0", "@aws-cdk/aws-ssm": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-cloudtrail/package.json b/packages/@aws-cdk/aws-cloudtrail/package.json index ce2c1f2e647ed..094c80dd74482 100644 --- a/packages/@aws-cdk/aws-cloudtrail/package.json +++ b/packages/@aws-cdk/aws-cloudtrail/package.json @@ -89,7 +89,7 @@ "@aws-cdk/aws-s3": "0.0.0", "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -101,7 +101,7 @@ "@aws-cdk/aws-s3": "0.0.0", "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-cloudwatch-actions/package.json b/packages/@aws-cdk/aws-cloudwatch-actions/package.json index 04ed6918384c1..ea06982b3720c 100644 --- a/packages/@aws-cdk/aws-cloudwatch-actions/package.json +++ b/packages/@aws-cdk/aws-cloudwatch-actions/package.json @@ -77,7 +77,7 @@ "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -87,7 +87,7 @@ "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-cloudwatch/package.json b/packages/@aws-cdk/aws-cloudwatch/package.json index 98a3281163384..a100935350289 100644 --- a/packages/@aws-cdk/aws-cloudwatch/package.json +++ b/packages/@aws-cdk/aws-cloudwatch/package.json @@ -81,13 +81,13 @@ "dependencies": { "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "awslint": { "exclude": [ diff --git a/packages/@aws-cdk/aws-codebuild/package.json b/packages/@aws-cdk/aws-codebuild/package.json index 95dba59271449..e3a2a673ad946 100644 --- a/packages/@aws-cdk/aws-codebuild/package.json +++ b/packages/@aws-cdk/aws-codebuild/package.json @@ -101,7 +101,7 @@ "@aws-cdk/core": "0.0.0", "@aws-cdk/region-info": "0.0.0", "@aws-cdk/yaml-cfn": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "bundledDependencies": [ "@aws-cdk/yaml-cfn" @@ -122,7 +122,7 @@ "@aws-cdk/aws-secretsmanager": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/region-info": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-codecommit/package.json b/packages/@aws-cdk/aws-codecommit/package.json index 0580fab198c85..07a03cd891094 100644 --- a/packages/@aws-cdk/aws-codecommit/package.json +++ b/packages/@aws-cdk/aws-codecommit/package.json @@ -89,14 +89,14 @@ "@aws-cdk/aws-events": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/aws-events": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-codedeploy/package.json b/packages/@aws-cdk/aws-codedeploy/package.json index 257e001f0fdbe..fb7eab6fb0b42 100644 --- a/packages/@aws-cdk/aws-codedeploy/package.json +++ b/packages/@aws-cdk/aws-codedeploy/package.json @@ -92,7 +92,7 @@ "@aws-cdk/aws-s3": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/custom-resources": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -106,7 +106,7 @@ "@aws-cdk/aws-s3": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/custom-resources": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-codeguruprofiler/package.json b/packages/@aws-cdk/aws-codeguruprofiler/package.json index dd7c44d1a3527..adf789c7b1d26 100644 --- a/packages/@aws-cdk/aws-codeguruprofiler/package.json +++ b/packages/@aws-cdk/aws-codeguruprofiler/package.json @@ -82,12 +82,12 @@ "dependencies": { "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-codepipeline-actions/package.json b/packages/@aws-cdk/aws-codepipeline-actions/package.json index 62a7868ece518..5e53a737c97fe 100644 --- a/packages/@aws-cdk/aws-codepipeline-actions/package.json +++ b/packages/@aws-cdk/aws-codepipeline-actions/package.json @@ -96,7 +96,7 @@ "@aws-cdk/aws-stepfunctions": "0.0.0", "@aws-cdk/core": "0.0.0", "case": "1.6.3", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -118,7 +118,7 @@ "@aws-cdk/aws-sns-subscriptions": "0.0.0", "@aws-cdk/aws-stepfunctions": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "bundledDependencies": [ "case" diff --git a/packages/@aws-cdk/aws-codepipeline/package.json b/packages/@aws-cdk/aws-codepipeline/package.json index 1cc830be83ec6..f569d96fe23a2 100644 --- a/packages/@aws-cdk/aws-codepipeline/package.json +++ b/packages/@aws-cdk/aws-codepipeline/package.json @@ -92,7 +92,7 @@ "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/aws-s3": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -101,7 +101,7 @@ "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/aws-s3": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-codestar/package.json b/packages/@aws-cdk/aws-codestar/package.json index 01024a24b1248..1144a2a547fa7 100644 --- a/packages/@aws-cdk/aws-codestar/package.json +++ b/packages/@aws-cdk/aws-codestar/package.json @@ -82,12 +82,12 @@ "dependencies": { "@aws-cdk/aws-s3": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/aws-s3": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-codestarnotifications/package.json b/packages/@aws-cdk/aws-codestarnotifications/package.json index 18667b45db8b1..9e2d276212de6 100644 --- a/packages/@aws-cdk/aws-codestarnotifications/package.json +++ b/packages/@aws-cdk/aws-codestarnotifications/package.json @@ -80,11 +80,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-cognito/package.json b/packages/@aws-cdk/aws-cognito/package.json index 3a981167956a3..2046d4d0a387e 100644 --- a/packages/@aws-cdk/aws-cognito/package.json +++ b/packages/@aws-cdk/aws-cognito/package.json @@ -85,7 +85,7 @@ "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/custom-resources": "0.0.0", - "constructs": "^3.2.0", + "constructs": "^3.3.69", "punycode": "^2.1.1" }, "homepage": "https://github.com/aws/aws-cdk", @@ -95,7 +95,7 @@ "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/custom-resources": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "bundledDependencies": [ "punycode" diff --git a/packages/@aws-cdk/aws-config/package.json b/packages/@aws-cdk/aws-config/package.json index 59055c7030216..894029e3ea539 100644 --- a/packages/@aws-cdk/aws-config/package.json +++ b/packages/@aws-cdk/aws-config/package.json @@ -85,7 +85,7 @@ "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -94,7 +94,7 @@ "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-datapipeline/package.json b/packages/@aws-cdk/aws-datapipeline/package.json index 2e1f552ef864a..736c63c17dd81 100644 --- a/packages/@aws-cdk/aws-datapipeline/package.json +++ b/packages/@aws-cdk/aws-datapipeline/package.json @@ -78,12 +78,12 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-dax/package.json b/packages/@aws-cdk/aws-dax/package.json index 83fecea8535ee..9944a0a7985df 100644 --- a/packages/@aws-cdk/aws-dax/package.json +++ b/packages/@aws-cdk/aws-dax/package.json @@ -78,12 +78,12 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-directoryservice/package.json b/packages/@aws-cdk/aws-directoryservice/package.json index 9be65b5324fff..2e24fc7d76bd1 100644 --- a/packages/@aws-cdk/aws-directoryservice/package.json +++ b/packages/@aws-cdk/aws-directoryservice/package.json @@ -78,12 +78,12 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-dlm/package.json b/packages/@aws-cdk/aws-dlm/package.json index 5829ed6a34e11..cb76ab170c3e0 100644 --- a/packages/@aws-cdk/aws-dlm/package.json +++ b/packages/@aws-cdk/aws-dlm/package.json @@ -79,11 +79,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-dms/package.json b/packages/@aws-cdk/aws-dms/package.json index 1c6f0a473b7b3..a684fe9aaa61f 100644 --- a/packages/@aws-cdk/aws-dms/package.json +++ b/packages/@aws-cdk/aws-dms/package.json @@ -78,12 +78,12 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-docdb/package.json b/packages/@aws-cdk/aws-docdb/package.json index 658583ff0d644..8442223e41977 100644 --- a/packages/@aws-cdk/aws-docdb/package.json +++ b/packages/@aws-cdk/aws-docdb/package.json @@ -85,7 +85,7 @@ "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/aws-secretsmanager": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/aws-efs": "0.0.0", @@ -93,7 +93,7 @@ "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/aws-secretsmanager": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-dynamodb-global/package.json b/packages/@aws-cdk/aws-dynamodb-global/package.json index 2a3a41bc29fbb..2c08038564766 100644 --- a/packages/@aws-cdk/aws-dynamodb-global/package.json +++ b/packages/@aws-cdk/aws-dynamodb-global/package.json @@ -53,7 +53,7 @@ "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "devDependencies": { "@aws-cdk/assert": "0.0.0", @@ -68,7 +68,7 @@ "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "scripts": { "build": "cdk-build", diff --git a/packages/@aws-cdk/aws-dynamodb/package.json b/packages/@aws-cdk/aws-dynamodb/package.json index b0e4e4484ae37..344a68f7e3a96 100644 --- a/packages/@aws-cdk/aws-dynamodb/package.json +++ b/packages/@aws-cdk/aws-dynamodb/package.json @@ -91,7 +91,7 @@ "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/custom-resources": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -102,7 +102,7 @@ "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/custom-resources": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-ec2/package.json b/packages/@aws-cdk/aws-ec2/package.json index e92b52795b4dc..915128423eb66 100644 --- a/packages/@aws-cdk/aws-ec2/package.json +++ b/packages/@aws-cdk/aws-ec2/package.json @@ -92,7 +92,7 @@ "@aws-cdk/core": "0.0.0", "@aws-cdk/cx-api": "0.0.0", "@aws-cdk/region-info": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -107,7 +107,7 @@ "@aws-cdk/cx-api": "0.0.0", "@aws-cdk/cloud-assembly-schema": "0.0.0", "@aws-cdk/region-info": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-ecr-assets/package.json b/packages/@aws-cdk/aws-ecr-assets/package.json index 3d8b54ee08122..8cb3d6700a4c6 100644 --- a/packages/@aws-cdk/aws-ecr-assets/package.json +++ b/packages/@aws-cdk/aws-ecr-assets/package.json @@ -81,7 +81,7 @@ "@aws-cdk/assets": "0.0.0", "@aws-cdk/cx-api": "0.0.0", "minimatch": "^3.0.4", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -91,7 +91,7 @@ "@aws-cdk/aws-s3": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/cx-api": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "nyc": { "statements": 70 diff --git a/packages/@aws-cdk/aws-ecr/package.json b/packages/@aws-cdk/aws-ecr/package.json index bc3671a7c5585..bdb9a482116d8 100644 --- a/packages/@aws-cdk/aws-ecr/package.json +++ b/packages/@aws-cdk/aws-ecr/package.json @@ -86,14 +86,14 @@ "@aws-cdk/aws-events": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/aws-events": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-ecs-patterns/package.json b/packages/@aws-cdk/aws-ecs-patterns/package.json index dcb4d8b436bda..cf5358d9234b2 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/package.json +++ b/packages/@aws-cdk/aws-ecs-patterns/package.json @@ -87,7 +87,7 @@ "@aws-cdk/aws-sqs": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/cx-api": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -105,7 +105,7 @@ "@aws-cdk/aws-sqs": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/cx-api": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-ecs/package.json b/packages/@aws-cdk/aws-ecs/package.json index ec829127f9e84..695bfed6e8841 100644 --- a/packages/@aws-cdk/aws-ecs/package.json +++ b/packages/@aws-cdk/aws-ecs/package.json @@ -109,7 +109,7 @@ "@aws-cdk/aws-ssm": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/cx-api": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -138,7 +138,7 @@ "@aws-cdk/cx-api": "0.0.0", "@aws-cdk/aws-s3": "0.0.0", "@aws-cdk/aws-s3-assets": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-efs/package.json b/packages/@aws-cdk/aws-efs/package.json index 6a7cef054b6a2..c956c44fda2eb 100644 --- a/packages/@aws-cdk/aws-efs/package.json +++ b/packages/@aws-cdk/aws-efs/package.json @@ -83,7 +83,7 @@ "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/cx-api": "0.0.0", "@aws-cdk/cloud-assembly-schema": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -92,7 +92,7 @@ "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/cx-api": "0.0.0", "@aws-cdk/cloud-assembly-schema": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-eks-legacy/package.json b/packages/@aws-cdk/aws-eks-legacy/package.json index 67078e5830dcf..d9bc765563688 100644 --- a/packages/@aws-cdk/aws-eks-legacy/package.json +++ b/packages/@aws-cdk/aws-eks-legacy/package.json @@ -84,7 +84,7 @@ "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/aws-ssm": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -95,7 +95,7 @@ "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/aws-ssm": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-eks/package.json b/packages/@aws-cdk/aws-eks/package.json index 7e4f0e2ddf090..83e9691c2d837 100644 --- a/packages/@aws-cdk/aws-eks/package.json +++ b/packages/@aws-cdk/aws-eks/package.json @@ -94,7 +94,7 @@ "@aws-cdk/custom-resources": "0.0.0", "@aws-cdk/lambda-layer-awscli": "0.0.0", "@aws-cdk/lambda-layer-kubectl": "0.0.0", - "constructs": "^3.2.0", + "constructs": "^3.3.69", "yaml": "1.10.2" }, "bundledDependencies": [ @@ -110,7 +110,7 @@ "@aws-cdk/aws-ssm": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/custom-resources": "0.0.0", - "constructs": "^3.2.0", + "constructs": "^3.3.69", "@aws-cdk/lambda-layer-awscli": "0.0.0", "@aws-cdk/lambda-layer-kubectl": "0.0.0" }, diff --git a/packages/@aws-cdk/aws-elasticache/package.json b/packages/@aws-cdk/aws-elasticache/package.json index f0b728276adda..3ea5933334691 100644 --- a/packages/@aws-cdk/aws-elasticache/package.json +++ b/packages/@aws-cdk/aws-elasticache/package.json @@ -78,12 +78,12 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-elasticbeanstalk/package.json b/packages/@aws-cdk/aws-elasticbeanstalk/package.json index 31472f9e21d51..47c4709395351 100644 --- a/packages/@aws-cdk/aws-elasticbeanstalk/package.json +++ b/packages/@aws-cdk/aws-elasticbeanstalk/package.json @@ -78,12 +78,12 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-elasticloadbalancing/package.json b/packages/@aws-cdk/aws-elasticloadbalancing/package.json index 24f25fb2470f8..5229b0ca39e5a 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancing/package.json +++ b/packages/@aws-cdk/aws-elasticloadbalancing/package.json @@ -80,13 +80,13 @@ "dependencies": { "@aws-cdk/aws-ec2": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/aws-ec2": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2-actions/package.json b/packages/@aws-cdk/aws-elasticloadbalancingv2-actions/package.json index dc606985d7c17..fe3127e951721 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2-actions/package.json +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2-actions/package.json @@ -75,7 +75,7 @@ "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-cognito": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -84,7 +84,7 @@ "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-cognito": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/package.json b/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/package.json index 51ae07a4caaa7..70428533a4624 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/package.json +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/package.json @@ -75,7 +75,7 @@ "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -84,7 +84,7 @@ "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/package.json b/packages/@aws-cdk/aws-elasticloadbalancingv2/package.json index 745b87fb4453f..5f39ffbd3e0fc 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/package.json +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/package.json @@ -88,7 +88,7 @@ "@aws-cdk/core": "0.0.0", "@aws-cdk/cx-api": "0.0.0", "@aws-cdk/region-info": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -101,7 +101,7 @@ "@aws-cdk/cloud-assembly-schema": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/cx-api": "0.0.0", - "constructs": "^3.2.0", + "constructs": "^3.3.69", "@aws-cdk/region-info": "0.0.0" }, "engines": { diff --git a/packages/@aws-cdk/aws-elasticsearch/package.json b/packages/@aws-cdk/aws-elasticsearch/package.json index df7d8934559ea..eff2725fb8d1e 100644 --- a/packages/@aws-cdk/aws-elasticsearch/package.json +++ b/packages/@aws-cdk/aws-elasticsearch/package.json @@ -88,7 +88,7 @@ "@aws-cdk/aws-secretsmanager": "0.0.0", "@aws-cdk/custom-resources": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -102,7 +102,7 @@ "@aws-cdk/aws-secretsmanager": "0.0.0", "@aws-cdk/custom-resources": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-emr/package.json b/packages/@aws-cdk/aws-emr/package.json index 0865f9a31783d..3859a1698db7f 100644 --- a/packages/@aws-cdk/aws-emr/package.json +++ b/packages/@aws-cdk/aws-emr/package.json @@ -78,12 +78,12 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-events-targets/package.json b/packages/@aws-cdk/aws-events-targets/package.json index a4eee23c9a028..560af6da71113 100644 --- a/packages/@aws-cdk/aws-events-targets/package.json +++ b/packages/@aws-cdk/aws-events-targets/package.json @@ -99,7 +99,7 @@ "@aws-cdk/aws-stepfunctions": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/custom-resources": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -120,7 +120,7 @@ "@aws-cdk/aws-stepfunctions": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/custom-resources": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-events/package.json b/packages/@aws-cdk/aws-events/package.json index 4c8d4fe304598..ec841b2303a4c 100644 --- a/packages/@aws-cdk/aws-events/package.json +++ b/packages/@aws-cdk/aws-events/package.json @@ -82,13 +82,13 @@ "dependencies": { "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-eventschemas/package.json b/packages/@aws-cdk/aws-eventschemas/package.json index c141a1a389382..0cc862d65d078 100644 --- a/packages/@aws-cdk/aws-eventschemas/package.json +++ b/packages/@aws-cdk/aws-eventschemas/package.json @@ -80,11 +80,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-fms/package.json b/packages/@aws-cdk/aws-fms/package.json index 352a762f1e877..9c4fac4e1b682 100644 --- a/packages/@aws-cdk/aws-fms/package.json +++ b/packages/@aws-cdk/aws-fms/package.json @@ -80,11 +80,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-fsx/package.json b/packages/@aws-cdk/aws-fsx/package.json index f004ef50dc8b4..016a7bb6a7a03 100644 --- a/packages/@aws-cdk/aws-fsx/package.json +++ b/packages/@aws-cdk/aws-fsx/package.json @@ -84,14 +84,14 @@ "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/aws-ec2": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-gamelift/package.json b/packages/@aws-cdk/aws-gamelift/package.json index 9ce7dd38156cb..94c9d4cf0a62e 100644 --- a/packages/@aws-cdk/aws-gamelift/package.json +++ b/packages/@aws-cdk/aws-gamelift/package.json @@ -78,12 +78,12 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-globalaccelerator/package.json b/packages/@aws-cdk/aws-globalaccelerator/package.json index 44d8895ed30a3..1e98de7ee0bc8 100644 --- a/packages/@aws-cdk/aws-globalaccelerator/package.json +++ b/packages/@aws-cdk/aws-globalaccelerator/package.json @@ -84,12 +84,12 @@ "@aws-cdk/aws-ec2": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/custom-resources": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/aws-ec2": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0", + "constructs": "^3.3.69", "@aws-cdk/custom-resources": "0.0.0" }, "engines": { diff --git a/packages/@aws-cdk/aws-glue/package.json b/packages/@aws-cdk/aws-glue/package.json index 3f6a8fa63ceba..87616f35a9506 100644 --- a/packages/@aws-cdk/aws-glue/package.json +++ b/packages/@aws-cdk/aws-glue/package.json @@ -86,7 +86,7 @@ "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/aws-s3": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -95,7 +95,7 @@ "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/aws-s3": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-greengrass/package.json b/packages/@aws-cdk/aws-greengrass/package.json index 666c2f02b99f3..ac30c7ae607c9 100644 --- a/packages/@aws-cdk/aws-greengrass/package.json +++ b/packages/@aws-cdk/aws-greengrass/package.json @@ -80,11 +80,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-greengrassv2/package.json b/packages/@aws-cdk/aws-greengrassv2/package.json index 68d9557122c34..924bb2ab1de28 100644 --- a/packages/@aws-cdk/aws-greengrassv2/package.json +++ b/packages/@aws-cdk/aws-greengrassv2/package.json @@ -80,11 +80,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-guardduty/package.json b/packages/@aws-cdk/aws-guardduty/package.json index 2d772252718cb..b5054e1b86c5d 100644 --- a/packages/@aws-cdk/aws-guardduty/package.json +++ b/packages/@aws-cdk/aws-guardduty/package.json @@ -78,12 +78,12 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-iam/package.json b/packages/@aws-cdk/aws-iam/package.json index 76cd09b7b2d9a..8f10cd29bd595 100644 --- a/packages/@aws-cdk/aws-iam/package.json +++ b/packages/@aws-cdk/aws-iam/package.json @@ -89,12 +89,12 @@ "dependencies": { "@aws-cdk/core": "0.0.0", "@aws-cdk/region-info": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", "@aws-cdk/region-info": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "engines": { diff --git a/packages/@aws-cdk/aws-inspector/package.json b/packages/@aws-cdk/aws-inspector/package.json index a94beb9c3ab2e..dc19a91528a32 100644 --- a/packages/@aws-cdk/aws-inspector/package.json +++ b/packages/@aws-cdk/aws-inspector/package.json @@ -78,12 +78,12 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-iot/package.json b/packages/@aws-cdk/aws-iot/package.json index baec64baf8142..09316dff7ecdc 100644 --- a/packages/@aws-cdk/aws-iot/package.json +++ b/packages/@aws-cdk/aws-iot/package.json @@ -78,12 +78,12 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-iot1click/package.json b/packages/@aws-cdk/aws-iot1click/package.json index 4000a6cd6721d..767559839ff9f 100644 --- a/packages/@aws-cdk/aws-iot1click/package.json +++ b/packages/@aws-cdk/aws-iot1click/package.json @@ -79,11 +79,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-iotanalytics/package.json b/packages/@aws-cdk/aws-iotanalytics/package.json index e3b33ffa331b8..df707e4730152 100644 --- a/packages/@aws-cdk/aws-iotanalytics/package.json +++ b/packages/@aws-cdk/aws-iotanalytics/package.json @@ -80,11 +80,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-iotevents/package.json b/packages/@aws-cdk/aws-iotevents/package.json index d0ecd71421f76..46ac4515ff518 100644 --- a/packages/@aws-cdk/aws-iotevents/package.json +++ b/packages/@aws-cdk/aws-iotevents/package.json @@ -80,11 +80,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-iotthingsgraph/package.json b/packages/@aws-cdk/aws-iotthingsgraph/package.json index 59c5396d37c79..586fefd470202 100644 --- a/packages/@aws-cdk/aws-iotthingsgraph/package.json +++ b/packages/@aws-cdk/aws-iotthingsgraph/package.json @@ -80,11 +80,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-ivs/package.json b/packages/@aws-cdk/aws-ivs/package.json index ce179233a9efa..99ea1cbf0eda0 100644 --- a/packages/@aws-cdk/aws-ivs/package.json +++ b/packages/@aws-cdk/aws-ivs/package.json @@ -91,11 +91,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-kinesis/package.json b/packages/@aws-cdk/aws-kinesis/package.json index 3c7fd281d363b..707ee3b488b6f 100644 --- a/packages/@aws-cdk/aws-kinesis/package.json +++ b/packages/@aws-cdk/aws-kinesis/package.json @@ -83,7 +83,7 @@ "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/aws-logs": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -91,7 +91,7 @@ "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/aws-logs": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-kinesisanalytics-flink/package.json b/packages/@aws-cdk/aws-kinesisanalytics-flink/package.json index 2d28b8fd4df7e..769d2256e8eae 100644 --- a/packages/@aws-cdk/aws-kinesisanalytics-flink/package.json +++ b/packages/@aws-cdk/aws-kinesisanalytics-flink/package.json @@ -79,7 +79,7 @@ "@aws-cdk/aws-logs": "0.0.0", "@aws-cdk/aws-s3": "0.0.0", "@aws-cdk/aws-s3-assets": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -91,7 +91,7 @@ "@aws-cdk/aws-logs": "0.0.0", "@aws-cdk/aws-s3": "0.0.0", "@aws-cdk/aws-s3-assets": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-kinesisanalytics/package.json b/packages/@aws-cdk/aws-kinesisanalytics/package.json index c6b67502056e0..7edbc630d8da5 100644 --- a/packages/@aws-cdk/aws-kinesisanalytics/package.json +++ b/packages/@aws-cdk/aws-kinesisanalytics/package.json @@ -81,12 +81,12 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-kinesisfirehose/package.json b/packages/@aws-cdk/aws-kinesisfirehose/package.json index ae2d309ed8e24..e1afbc8241ff2 100644 --- a/packages/@aws-cdk/aws-kinesisfirehose/package.json +++ b/packages/@aws-cdk/aws-kinesisfirehose/package.json @@ -78,12 +78,12 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-kms/package.json b/packages/@aws-cdk/aws-kms/package.json index 272c610530357..e6900b9703fe7 100644 --- a/packages/@aws-cdk/aws-kms/package.json +++ b/packages/@aws-cdk/aws-kms/package.json @@ -81,14 +81,14 @@ "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/cx-api": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/cx-api": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-lakeformation/package.json b/packages/@aws-cdk/aws-lakeformation/package.json index 8c3f72401111d..100bb1ad255a9 100644 --- a/packages/@aws-cdk/aws-lakeformation/package.json +++ b/packages/@aws-cdk/aws-lakeformation/package.json @@ -80,11 +80,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-lambda-destinations/package.json b/packages/@aws-cdk/aws-lambda-destinations/package.json index 096ee2f6fc12f..fc1d385d0face 100644 --- a/packages/@aws-cdk/aws-lambda-destinations/package.json +++ b/packages/@aws-cdk/aws-lambda-destinations/package.json @@ -76,7 +76,7 @@ "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/aws-sqs": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -86,7 +86,7 @@ "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/aws-sqs": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-lambda-event-sources/package.json b/packages/@aws-cdk/aws-lambda-event-sources/package.json index 33906c1f5219e..d99aeaf3a786a 100644 --- a/packages/@aws-cdk/aws-lambda-event-sources/package.json +++ b/packages/@aws-cdk/aws-lambda-event-sources/package.json @@ -85,7 +85,7 @@ "@aws-cdk/aws-sns-subscriptions": "0.0.0", "@aws-cdk/aws-sqs": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -104,7 +104,7 @@ "@aws-cdk/aws-sns-subscriptions": "0.0.0", "@aws-cdk/aws-sqs": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-lambda-nodejs/package.json b/packages/@aws-cdk/aws-lambda-nodejs/package.json index 5609a2a2d5b0e..7fb257ff676b9 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/package.json +++ b/packages/@aws-cdk/aws-lambda-nodejs/package.json @@ -73,13 +73,13 @@ "dependencies": { "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-lambda-python/package.json b/packages/@aws-cdk/aws-lambda-python/package.json index f22b2076ee43f..855f803abce03 100644 --- a/packages/@aws-cdk/aws-lambda-python/package.json +++ b/packages/@aws-cdk/aws-lambda-python/package.json @@ -71,14 +71,14 @@ "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/aws-ec2": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/aws-ec2": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-lambda/package.json b/packages/@aws-cdk/aws-lambda/package.json index 6eab5cd11b870..667068af6bcf1 100644 --- a/packages/@aws-cdk/aws-lambda/package.json +++ b/packages/@aws-cdk/aws-lambda/package.json @@ -103,7 +103,7 @@ "@aws-cdk/aws-sqs": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/cx-api": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -124,7 +124,7 @@ "@aws-cdk/aws-sqs": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/cx-api": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-logs-destinations/package.json b/packages/@aws-cdk/aws-logs-destinations/package.json index a4edf4ce3473b..29db2d9bf63bc 100644 --- a/packages/@aws-cdk/aws-logs-destinations/package.json +++ b/packages/@aws-cdk/aws-logs-destinations/package.json @@ -75,7 +75,7 @@ "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/aws-logs": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -84,7 +84,7 @@ "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/aws-logs": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-logs/package.json b/packages/@aws-cdk/aws-logs/package.json index b5bded382ba10..aa48d9cbf20e7 100644 --- a/packages/@aws-cdk/aws-logs/package.json +++ b/packages/@aws-cdk/aws-logs/package.json @@ -88,7 +88,7 @@ "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/aws-s3-assets": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -97,7 +97,7 @@ "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/aws-s3-assets": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-managedblockchain/package.json b/packages/@aws-cdk/aws-managedblockchain/package.json index c94f2391242fb..a591e5ac279af 100644 --- a/packages/@aws-cdk/aws-managedblockchain/package.json +++ b/packages/@aws-cdk/aws-managedblockchain/package.json @@ -80,11 +80,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-mediaconvert/package.json b/packages/@aws-cdk/aws-mediaconvert/package.json index 938a726f92183..0c31018d80602 100644 --- a/packages/@aws-cdk/aws-mediaconvert/package.json +++ b/packages/@aws-cdk/aws-mediaconvert/package.json @@ -80,11 +80,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-medialive/package.json b/packages/@aws-cdk/aws-medialive/package.json index 16ecfadc7c1bb..9a1db70a3fd05 100644 --- a/packages/@aws-cdk/aws-medialive/package.json +++ b/packages/@aws-cdk/aws-medialive/package.json @@ -80,11 +80,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-mediastore/package.json b/packages/@aws-cdk/aws-mediastore/package.json index 46878264355f9..f287074114d17 100644 --- a/packages/@aws-cdk/aws-mediastore/package.json +++ b/packages/@aws-cdk/aws-mediastore/package.json @@ -80,11 +80,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-msk/package.json b/packages/@aws-cdk/aws-msk/package.json index efa91da07d39f..8dd68f3038de7 100644 --- a/packages/@aws-cdk/aws-msk/package.json +++ b/packages/@aws-cdk/aws-msk/package.json @@ -80,11 +80,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-neptune/package.json b/packages/@aws-cdk/aws-neptune/package.json index 5afe6d91322a2..df3652d41901d 100644 --- a/packages/@aws-cdk/aws-neptune/package.json +++ b/packages/@aws-cdk/aws-neptune/package.json @@ -83,14 +83,14 @@ "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/aws-ec2": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-opsworks/package.json b/packages/@aws-cdk/aws-opsworks/package.json index b00cff3b7056e..a1a6b0a47c0df 100644 --- a/packages/@aws-cdk/aws-opsworks/package.json +++ b/packages/@aws-cdk/aws-opsworks/package.json @@ -78,12 +78,12 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-opsworkscm/package.json b/packages/@aws-cdk/aws-opsworkscm/package.json index 3c102533e89dc..4b44fef5e2a75 100644 --- a/packages/@aws-cdk/aws-opsworkscm/package.json +++ b/packages/@aws-cdk/aws-opsworkscm/package.json @@ -80,11 +80,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-pinpoint/package.json b/packages/@aws-cdk/aws-pinpoint/package.json index ed7fe94c40090..cbe2531a397ae 100644 --- a/packages/@aws-cdk/aws-pinpoint/package.json +++ b/packages/@aws-cdk/aws-pinpoint/package.json @@ -80,11 +80,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-pinpointemail/package.json b/packages/@aws-cdk/aws-pinpointemail/package.json index 5f98fa3d04e24..3ff901b11c25f 100644 --- a/packages/@aws-cdk/aws-pinpointemail/package.json +++ b/packages/@aws-cdk/aws-pinpointemail/package.json @@ -80,11 +80,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-qldb/package.json b/packages/@aws-cdk/aws-qldb/package.json index 257716f07faea..0146590374fe5 100644 --- a/packages/@aws-cdk/aws-qldb/package.json +++ b/packages/@aws-cdk/aws-qldb/package.json @@ -80,11 +80,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-ram/package.json b/packages/@aws-cdk/aws-ram/package.json index 2ca7d27497147..6ad98acf3de1e 100644 --- a/packages/@aws-cdk/aws-ram/package.json +++ b/packages/@aws-cdk/aws-ram/package.json @@ -80,11 +80,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-rds/package.json b/packages/@aws-cdk/aws-rds/package.json index e13e10265fdeb..24a5e32d86853 100644 --- a/packages/@aws-cdk/aws-rds/package.json +++ b/packages/@aws-cdk/aws-rds/package.json @@ -91,7 +91,7 @@ "@aws-cdk/aws-s3": "0.0.0", "@aws-cdk/aws-secretsmanager": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -104,7 +104,7 @@ "@aws-cdk/aws-secretsmanager": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/aws-s3": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-redshift/package.json b/packages/@aws-cdk/aws-redshift/package.json index cede50f836f54..139a245473580 100644 --- a/packages/@aws-cdk/aws-redshift/package.json +++ b/packages/@aws-cdk/aws-redshift/package.json @@ -84,7 +84,7 @@ "@aws-cdk/aws-s3": "0.0.0", "@aws-cdk/aws-secretsmanager": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -94,7 +94,7 @@ "@aws-cdk/aws-s3": "0.0.0", "@aws-cdk/aws-secretsmanager": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-robomaker/package.json b/packages/@aws-cdk/aws-robomaker/package.json index be52d60f6a739..f75d3f4e23c42 100644 --- a/packages/@aws-cdk/aws-robomaker/package.json +++ b/packages/@aws-cdk/aws-robomaker/package.json @@ -80,11 +80,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-route53-patterns/package.json b/packages/@aws-cdk/aws-route53-patterns/package.json index b10d3e4ceb714..1eeb0800e1cd8 100644 --- a/packages/@aws-cdk/aws-route53-patterns/package.json +++ b/packages/@aws-cdk/aws-route53-patterns/package.json @@ -79,7 +79,7 @@ "@aws-cdk/aws-s3": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/region-info": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -91,7 +91,7 @@ "@aws-cdk/aws-s3": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/region-info": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-route53-targets/package.json b/packages/@aws-cdk/aws-route53-targets/package.json index d98999baaab6a..618727f9e4824 100644 --- a/packages/@aws-cdk/aws-route53-targets/package.json +++ b/packages/@aws-cdk/aws-route53-targets/package.json @@ -85,7 +85,7 @@ "@aws-cdk/aws-s3": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/region-info": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -102,7 +102,7 @@ "@aws-cdk/aws-s3": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/region-info": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-route53/package.json b/packages/@aws-cdk/aws-route53/package.json index 9a22737d55347..4693e9d5c2d19 100644 --- a/packages/@aws-cdk/aws-route53/package.json +++ b/packages/@aws-cdk/aws-route53/package.json @@ -88,7 +88,7 @@ "@aws-cdk/core": "0.0.0", "@aws-cdk/cloud-assembly-schema": "0.0.0", "@aws-cdk/custom-resources": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -98,7 +98,7 @@ "@aws-cdk/core": "0.0.0", "@aws-cdk/cloud-assembly-schema": "0.0.0", "@aws-cdk/custom-resources": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-route53resolver/package.json b/packages/@aws-cdk/aws-route53resolver/package.json index 79142ad18b7ef..c08a6b9107d68 100644 --- a/packages/@aws-cdk/aws-route53resolver/package.json +++ b/packages/@aws-cdk/aws-route53resolver/package.json @@ -79,11 +79,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-s3-assets/package.json b/packages/@aws-cdk/aws-s3-assets/package.json index 6d03905f64f85..cd05debf37718 100644 --- a/packages/@aws-cdk/aws-s3-assets/package.json +++ b/packages/@aws-cdk/aws-s3-assets/package.json @@ -82,7 +82,7 @@ "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/cx-api": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -92,7 +92,7 @@ "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/cx-api": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-s3-deployment/package.json b/packages/@aws-cdk/aws-s3-deployment/package.json index e92226c156359..1474657a73322 100644 --- a/packages/@aws-cdk/aws-s3-deployment/package.json +++ b/packages/@aws-cdk/aws-s3-deployment/package.json @@ -94,7 +94,7 @@ "@aws-cdk/aws-s3-assets": "0.0.0", "@aws-cdk/lambda-layer-awscli": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -106,7 +106,7 @@ "@aws-cdk/aws-s3-assets": "0.0.0", "@aws-cdk/lambda-layer-awscli": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-s3-notifications/package.json b/packages/@aws-cdk/aws-s3-notifications/package.json index 00d38a536ca6a..957c3ea735383 100644 --- a/packages/@aws-cdk/aws-s3-notifications/package.json +++ b/packages/@aws-cdk/aws-s3-notifications/package.json @@ -75,7 +75,7 @@ "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/aws-sqs": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -85,7 +85,7 @@ "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/aws-sqs": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-s3/package.json b/packages/@aws-cdk/aws-s3/package.json index 23d3345e1bfd5..e04c4e881737b 100644 --- a/packages/@aws-cdk/aws-s3/package.json +++ b/packages/@aws-cdk/aws-s3/package.json @@ -84,7 +84,7 @@ "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/cx-api": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -93,7 +93,7 @@ "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/cx-api": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-sagemaker/package.json b/packages/@aws-cdk/aws-sagemaker/package.json index 532be18efa37d..0f7af7410d071 100644 --- a/packages/@aws-cdk/aws-sagemaker/package.json +++ b/packages/@aws-cdk/aws-sagemaker/package.json @@ -79,11 +79,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-sam/package.json b/packages/@aws-cdk/aws-sam/package.json index 52991896dcda8..4b0b0c44b92e0 100644 --- a/packages/@aws-cdk/aws-sam/package.json +++ b/packages/@aws-cdk/aws-sam/package.json @@ -82,11 +82,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-sdb/package.json b/packages/@aws-cdk/aws-sdb/package.json index 9c1660f111f4b..76b4242610137 100644 --- a/packages/@aws-cdk/aws-sdb/package.json +++ b/packages/@aws-cdk/aws-sdb/package.json @@ -78,12 +78,12 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-secretsmanager/package.json b/packages/@aws-cdk/aws-secretsmanager/package.json index fbd131bf94e89..b5ae9676b9cb4 100644 --- a/packages/@aws-cdk/aws-secretsmanager/package.json +++ b/packages/@aws-cdk/aws-secretsmanager/package.json @@ -86,7 +86,7 @@ "@aws-cdk/aws-sam": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/cx-api": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/aws-ec2": "0.0.0", @@ -96,7 +96,7 @@ "@aws-cdk/aws-sam": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/cx-api": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-securityhub/package.json b/packages/@aws-cdk/aws-securityhub/package.json index 32dc742b38c9c..d0df934b28bca 100644 --- a/packages/@aws-cdk/aws-securityhub/package.json +++ b/packages/@aws-cdk/aws-securityhub/package.json @@ -80,11 +80,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-servicecatalog/package.json b/packages/@aws-cdk/aws-servicecatalog/package.json index 546f615a66693..0316920053157 100644 --- a/packages/@aws-cdk/aws-servicecatalog/package.json +++ b/packages/@aws-cdk/aws-servicecatalog/package.json @@ -78,12 +78,12 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-servicediscovery/package.json b/packages/@aws-cdk/aws-servicediscovery/package.json index 4af44ea9879e1..0ddc6c54550eb 100644 --- a/packages/@aws-cdk/aws-servicediscovery/package.json +++ b/packages/@aws-cdk/aws-servicediscovery/package.json @@ -86,7 +86,7 @@ "@aws-cdk/aws-elasticloadbalancingv2": "0.0.0", "@aws-cdk/aws-route53": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -94,7 +94,7 @@ "@aws-cdk/aws-elasticloadbalancingv2": "0.0.0", "@aws-cdk/aws-route53": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-ses-actions/package.json b/packages/@aws-cdk/aws-ses-actions/package.json index ea141e0c8d37f..94109fb910b1b 100644 --- a/packages/@aws-cdk/aws-ses-actions/package.json +++ b/packages/@aws-cdk/aws-ses-actions/package.json @@ -78,7 +78,7 @@ "@aws-cdk/aws-ses": "0.0.0", "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -89,7 +89,7 @@ "@aws-cdk/aws-ses": "0.0.0", "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-ses/package.json b/packages/@aws-cdk/aws-ses/package.json index c4fac8762a988..b8e12dca280f2 100644 --- a/packages/@aws-cdk/aws-ses/package.json +++ b/packages/@aws-cdk/aws-ses/package.json @@ -82,14 +82,14 @@ "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-signer/package.json b/packages/@aws-cdk/aws-signer/package.json index 2baa7ffe143bc..e4190b9408a2a 100644 --- a/packages/@aws-cdk/aws-signer/package.json +++ b/packages/@aws-cdk/aws-signer/package.json @@ -80,11 +80,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-sns-subscriptions/package.json b/packages/@aws-cdk/aws-sns-subscriptions/package.json index 354b1c386b44e..dc9e346eb62b3 100644 --- a/packages/@aws-cdk/aws-sns-subscriptions/package.json +++ b/packages/@aws-cdk/aws-sns-subscriptions/package.json @@ -75,7 +75,7 @@ "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/aws-sqs": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -84,7 +84,7 @@ "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/aws-sqs": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-sns/package.json b/packages/@aws-cdk/aws-sns/package.json index 4b60a53f24c35..cef563ba53f0c 100644 --- a/packages/@aws-cdk/aws-sns/package.json +++ b/packages/@aws-cdk/aws-sns/package.json @@ -89,7 +89,7 @@ "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/aws-sqs": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -99,7 +99,7 @@ "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/aws-sqs": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-sqs/package.json b/packages/@aws-cdk/aws-sqs/package.json index 7b610c64bb71c..ddb3f3dcddbb3 100644 --- a/packages/@aws-cdk/aws-sqs/package.json +++ b/packages/@aws-cdk/aws-sqs/package.json @@ -85,7 +85,7 @@ "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -93,7 +93,7 @@ "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-ssm/package.json b/packages/@aws-cdk/aws-ssm/package.json index 234d166c9152f..2e45299a902c5 100644 --- a/packages/@aws-cdk/aws-ssm/package.json +++ b/packages/@aws-cdk/aws-ssm/package.json @@ -83,7 +83,7 @@ "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/cloud-assembly-schema": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -91,7 +91,7 @@ "@aws-cdk/aws-kms": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/cloud-assembly-schema": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-stepfunctions-tasks/package.json b/packages/@aws-cdk/aws-stepfunctions-tasks/package.json index b18cd8fc7704c..2c7642a4f57a8 100644 --- a/packages/@aws-cdk/aws-stepfunctions-tasks/package.json +++ b/packages/@aws-cdk/aws-stepfunctions-tasks/package.json @@ -94,7 +94,7 @@ "@aws-cdk/aws-sqs": "0.0.0", "@aws-cdk/aws-stepfunctions": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -120,7 +120,7 @@ "@aws-cdk/aws-sqs": "0.0.0", "@aws-cdk/aws-stepfunctions": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-stepfunctions/package.json b/packages/@aws-cdk/aws-stepfunctions/package.json index 80035201f8b36..5ace8651d0a74 100644 --- a/packages/@aws-cdk/aws-stepfunctions/package.json +++ b/packages/@aws-cdk/aws-stepfunctions/package.json @@ -84,7 +84,7 @@ "@aws-cdk/aws-logs": "0.0.0", "@aws-cdk/aws-s3": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -94,7 +94,7 @@ "@aws-cdk/aws-logs": "0.0.0", "@aws-cdk/aws-s3": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-synthetics/package.json b/packages/@aws-cdk/aws-synthetics/package.json index 3b15e2a0b8ffb..330ecec1f363f 100644 --- a/packages/@aws-cdk/aws-synthetics/package.json +++ b/packages/@aws-cdk/aws-synthetics/package.json @@ -85,7 +85,7 @@ "@aws-cdk/aws-s3-assets": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/aws-cloudwatch": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", @@ -93,7 +93,7 @@ "@aws-cdk/aws-s3-assets": "0.0.0", "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-cloudwatch": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-transfer/package.json b/packages/@aws-cdk/aws-transfer/package.json index b70fc5929c4c0..7629d1c72d1be 100644 --- a/packages/@aws-cdk/aws-transfer/package.json +++ b/packages/@aws-cdk/aws-transfer/package.json @@ -80,11 +80,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-waf/package.json b/packages/@aws-cdk/aws-waf/package.json index ced3ca7dc741b..e9c8419cf2d8e 100644 --- a/packages/@aws-cdk/aws-waf/package.json +++ b/packages/@aws-cdk/aws-waf/package.json @@ -78,12 +78,12 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-wafregional/package.json b/packages/@aws-cdk/aws-wafregional/package.json index 8e165fd4169f8..240b77d19f731 100644 --- a/packages/@aws-cdk/aws-wafregional/package.json +++ b/packages/@aws-cdk/aws-wafregional/package.json @@ -78,12 +78,12 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-wafv2/package.json b/packages/@aws-cdk/aws-wafv2/package.json index 7bae0807f8209..3df9f71170a3b 100644 --- a/packages/@aws-cdk/aws-wafv2/package.json +++ b/packages/@aws-cdk/aws-wafv2/package.json @@ -80,11 +80,11 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/aws-workspaces/package.json b/packages/@aws-cdk/aws-workspaces/package.json index d2a3313f491dd..1166897521665 100644 --- a/packages/@aws-cdk/aws-workspaces/package.json +++ b/packages/@aws-cdk/aws-workspaces/package.json @@ -78,12 +78,12 @@ }, "dependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/cloudformation-include/package.json b/packages/@aws-cdk/cloudformation-include/package.json index b386c0a77079c..402577b396714 100644 --- a/packages/@aws-cdk/cloudformation-include/package.json +++ b/packages/@aws-cdk/cloudformation-include/package.json @@ -213,7 +213,7 @@ "@aws-cdk/aws-workspaces": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/yaml-cfn": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "peerDependencies": { "@aws-cdk/alexa-ask": "0.0.0", @@ -363,7 +363,7 @@ "@aws-cdk/aws-wafv2": "0.0.0", "@aws-cdk/aws-workspaces": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "devDependencies": { "@aws-cdk/assert": "0.0.0", diff --git a/packages/@aws-cdk/core/package.json b/packages/@aws-cdk/core/package.json index d1a10d8ac8fd2..26be28dcd023d 100644 --- a/packages/@aws-cdk/core/package.json +++ b/packages/@aws-cdk/core/package.json @@ -192,7 +192,7 @@ "@aws-cdk/cx-api": "0.0.0", "@aws-cdk/region-info": "0.0.0", "@balena/dockerignore": "^1.0.2", - "constructs": "^3.2.0", + "constructs": "^3.3.69", "fs-extra": "^9.1.0", "ignore": "^5.1.8", "minimatch": "^3.0.4" @@ -208,7 +208,7 @@ "@aws-cdk/cloud-assembly-schema": "0.0.0", "@aws-cdk/cx-api": "0.0.0", "@aws-cdk/region-info": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/custom-resources/package.json b/packages/@aws-cdk/custom-resources/package.json index 6c3c3d4f2d0b5..cd26828aa92a5 100644 --- a/packages/@aws-cdk/custom-resources/package.json +++ b/packages/@aws-cdk/custom-resources/package.json @@ -96,7 +96,7 @@ "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/aws-ec2": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -107,7 +107,7 @@ "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/aws-ec2": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/example-construct-library/package.json b/packages/@aws-cdk/example-construct-library/package.json index 762b080eff94a..4349cc7b6612e 100644 --- a/packages/@aws-cdk/example-construct-library/package.json +++ b/packages/@aws-cdk/example-construct-library/package.json @@ -77,7 +77,7 @@ "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-s3": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { @@ -87,7 +87,7 @@ "@aws-cdk/aws-iam": "0.0.0", "@aws-cdk/aws-s3": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/lambda-layer-awscli/package.json b/packages/@aws-cdk/lambda-layer-awscli/package.json index 115f686f9e414..46262f6008feb 100644 --- a/packages/@aws-cdk/lambda-layer-awscli/package.json +++ b/packages/@aws-cdk/lambda-layer-awscli/package.json @@ -73,13 +73,13 @@ "dependencies": { "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/lambda-layer-kubectl/package.json b/packages/@aws-cdk/lambda-layer-kubectl/package.json index 9ba2b10e89d47..fd2f129bb6999 100644 --- a/packages/@aws-cdk/lambda-layer-kubectl/package.json +++ b/packages/@aws-cdk/lambda-layer-kubectl/package.json @@ -79,13 +79,13 @@ "dependencies": { "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/aws-lambda": "0.0.0", "@aws-cdk/core": "0.0.0", - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" diff --git a/packages/@aws-cdk/pipelines/package.json b/packages/@aws-cdk/pipelines/package.json index 8717570fc8f1d..e2517b66e0d26 100644 --- a/packages/@aws-cdk/pipelines/package.json +++ b/packages/@aws-cdk/pipelines/package.json @@ -40,7 +40,7 @@ "@aws-cdk/aws-ecr-assets": "0.0.0" }, "peerDependencies": { - "constructs": "^3.2.0", + "constructs": "^3.3.69", "@aws-cdk/core": "0.0.0", "@aws-cdk/aws-codebuild": "0.0.0", "@aws-cdk/aws-codepipeline": "0.0.0", @@ -53,7 +53,7 @@ "@aws-cdk/cx-api": "0.0.0" }, "dependencies": { - "constructs": "^3.2.0", + "constructs": "^3.3.69", "@aws-cdk/core": "0.0.0", "@aws-cdk/aws-codebuild": "0.0.0", "@aws-cdk/aws-codepipeline": "0.0.0", diff --git a/packages/@monocdk-experiment/assert/package.json b/packages/@monocdk-experiment/assert/package.json index a0f33eba501ac..8f028a635dba0 100644 --- a/packages/@monocdk-experiment/assert/package.json +++ b/packages/@monocdk-experiment/assert/package.json @@ -37,7 +37,7 @@ "@types/jest": "^26.0.21", "@types/node": "^10.17.55", "cdk-build-tools": "0.0.0", - "constructs": "^3.2.0", + "constructs": "^3.3.69", "jest": "^26.6.3", "monocdk": "0.0.0", "pkglint": "0.0.0", @@ -47,7 +47,7 @@ "@aws-cdk/cloudformation-diff": "0.0.0" }, "peerDependencies": { - "constructs": "^3.2.0", + "constructs": "^3.3.69", "jest": "^26.6.3", "monocdk": "^0.0.0" }, diff --git a/packages/aws-cdk-lib/package.json b/packages/aws-cdk-lib/package.json index a4760aebb51bf..7abdfa6de5a45 100644 --- a/packages/aws-cdk-lib/package.json +++ b/packages/aws-cdk-lib/package.json @@ -66,6 +66,10 @@ "python": { "distName": "aws-cdk-lib", "module": "aws_cdk" + }, + "go": { + "moduleName": "github.com/aws/aws-cdk-go", + "packageName": "awscdk" } }, "projectReferences": false @@ -290,7 +294,7 @@ "@types/fs-extra": "^8.1.1", "@types/node": "^10.17.55", "cdk-build-tools": "0.0.0", - "constructs": "^3.2.0", + "constructs": "^3.3.69", "fs-extra": "^9.1.0", "pkglint": "0.0.0", "ts-node": "^9.1.1", @@ -298,7 +302,7 @@ "ubergen": "0.0.0" }, "peerDependencies": { - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "engines": { diff --git a/packages/decdk/package.json b/packages/decdk/package.json index d0e5e805b8622..27978f6c4d451 100644 --- a/packages/decdk/package.json +++ b/packages/decdk/package.json @@ -211,7 +211,7 @@ "@aws-cdk/pipelines": "0.0.0", "@aws-cdk/region-info": "0.0.0", "@aws-cdk/yaml-cfn": "0.0.0", - "constructs": "^3.2.0", + "constructs": "^3.3.69", "fs-extra": "^9.1.0", "jsii-reflect": "^1.26.0", "jsonschema": "^1.4.0", diff --git a/packages/monocdk/package.json b/packages/monocdk/package.json index ffea59b378006..42ac44b1a8a60 100644 --- a/packages/monocdk/package.json +++ b/packages/monocdk/package.json @@ -71,6 +71,11 @@ "python": { "distName": "monocdk", "module": "monocdk" + }, + "go": { + "moduleName": "github.com/aws/aws-cdk-go", + "packageName": "awscdk", + "versionSuffix": "-devpreview" } }, "projectReferences": false @@ -295,7 +300,7 @@ "@types/fs-extra": "^8.1.1", "@types/node": "^10.17.55", "cdk-build-tools": "0.0.0", - "constructs": "^3.2.0", + "constructs": "^3.3.69", "fs-extra": "^9.1.0", "pkglint": "0.0.0", "ts-node": "^9.1.1", @@ -303,7 +308,7 @@ "ubergen": "0.0.0" }, "peerDependencies": { - "constructs": "^3.2.0" + "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", "engines": { diff --git a/tools/pkglint/lib/rules.ts b/tools/pkglint/lib/rules.ts index b91e7954f352d..6f4e41b83c00c 100644 --- a/tools/pkglint/lib/rules.ts +++ b/tools/pkglint/lib/rules.ts @@ -627,10 +627,11 @@ export class NoPeerDependenciesMonocdk extends ValidationRule { * Note: v1 and v2 use different versions respectively. */ export class ConstructsVersion extends ValidationRule { - public readonly name = 'deps/constructs'; - private readonly expectedRange = cdkMajorVersion() === 2 + public static readonly VERSION = cdkMajorVersion() === 2 ? '10.0.0-pre.5' - : '^3.2.0'; + : '^3.3.69'; + + public readonly name = 'deps/constructs'; public validate(pkg: PackageJson) { const toCheck = new Array(); @@ -646,7 +647,7 @@ export class ConstructsVersion extends ValidationRule { } for (const cfg of toCheck) { - expectJSON(this.name, pkg, `${cfg}.constructs`, this.expectedRange); + expectJSON(this.name, pkg, `${cfg}.constructs`, ConstructsVersion.VERSION); } } } @@ -1443,7 +1444,7 @@ export class ConstructsDependency extends ValidationRule { public readonly name = 'constructs/dependency'; public validate(pkg: PackageJson) { - const REQUIRED_VERSION = '^3.2.0'; + const REQUIRED_VERSION = ConstructsVersion.VERSION;; if (pkg.devDependencies?.constructs && pkg.devDependencies?.constructs !== REQUIRED_VERSION) { pkg.report({ @@ -1715,4 +1716,4 @@ function cdkMajorVersion() { */ function isMonoRepoPackageDir(packageDir: string) { return path.resolve(packageDir).indexOf(`${path.sep}node_modules${path.sep}`) === -1; -} \ No newline at end of file +} diff --git a/yarn.lock b/yarn.lock index e1d8df5db4c1e..44a1f4e1a85f6 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2900,10 +2900,10 @@ console-control-strings@^1.0.0, console-control-strings@~1.1.0: resolved "https://registry.yarnpkg.com/console-control-strings/-/console-control-strings-1.1.0.tgz#3d7cf4464db6446ea644bf4b39507f9851008e8e" integrity sha1-PXz0Rk22RG6mRL9LOVB/mFEAjo4= -constructs@^3.2.0: - version "3.3.65" - resolved "https://registry.yarnpkg.com/constructs/-/constructs-3.3.65.tgz#e1cef2a91ccbf10a10147e38e238b1a3482ee2a6" - integrity sha512-/tjHzxwK4Nz9SAm40kkC2mij3Y3LngVVj/dvk7Xpex25/PMhVRYy1pmJ0/5I5Y6bAMG1HRjcSAyf4k9YZyxJjw== +constructs@^3.3.69: + version "3.3.71" + resolved "https://registry.yarnpkg.com/constructs/-/constructs-3.3.71.tgz#5a3e968de484ad327bc2650aa4a7f37a39834ac5" + integrity sha512-3KFtTsA7OV27m/+pJhN4iJkKzHbPIPvyvEX5BQ/JCAWjfCHOQEVpIgxHLpT4i8L1OFta+pJrzcEVAHo6UitwqA== contains-path@^0.1.0: version "0.1.0" From f5744f062a0de396ffa45f22c6f9fc433ebca2c4 Mon Sep 17 00:00:00 2001 From: AWS CDK Team Date: Thu, 25 Mar 2021 09:59:12 +0000 Subject: [PATCH 024/260] chore(release): 1.95.0 --- CHANGELOG.md | 47 +++++++++++++++++++++++++++++++++++++++++++++++ version.v1.json | 2 +- 2 files changed, 48 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index a9fe72678f70a..54dee502b6d69 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,53 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [1.95.0](https://github.com/aws/aws-cdk/compare/v1.94.1...v1.95.0) (2021-03-25) + + +### ⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES + +* **lambda-nodejs:** The type of `image` property in the +`Bundling` class is changed from `BundlingDockerImage` to +`DockerImage`. +* **lambda-nodejs**: The type of `dockerImage` property in +`BundlingOptions` is changed from `BundlingDockerImage` to +`DockerImage`. +* **apigatewayv2:** The type of `allowMethods` property under `corsPreflight` +section is changed from `HttpMethod` to `CorsHttpMethod`. +* **lambda-nodejs:** the default runtime of a `NodejsFunction` is now Node.js 14.x if the environment from which it is deployed uses Node.js >= 14 and Node.js 12.x otherwise. + +### Features + +* **acmpca:** make the ACM PCA module Generally Available (stable) ([#13778](https://github.com/aws/aws-cdk/issues/13778)) ([7ca79ff](https://github.com/aws/aws-cdk/commit/7ca79ffad7c18692edaa2dd26cd0d4d441ecf468)) +* **apigatewayv2:** http api - default authorizer options ([#13172](https://github.com/aws/aws-cdk/issues/13172)) ([53d9661](https://github.com/aws/aws-cdk/commit/53d96618ac006d7b3f6282c8b5c4ae7aeed2b104)) +* **cfnspec:** cloudformation spec v31.0.0 ([#13633](https://github.com/aws/aws-cdk/issues/13633)) ([9b1c786](https://github.com/aws/aws-cdk/commit/9b1c786846f68fdac94b04b76d546c3d47e2251c)) +* **cfnspec:** cloudformation spec v31.1.0 ([#13763](https://github.com/aws/aws-cdk/issues/13763)) ([41a2b2e](https://github.com/aws/aws-cdk/commit/41a2b2ef39a3d2b46ae6e2c6f3480e786e8022b9)) +* **codepipeline-actions:** Add detectChanges option to BitBucketSourceAction ([#13656](https://github.com/aws/aws-cdk/issues/13656)) ([f2436bf](https://github.com/aws/aws-cdk/commit/f2436bf4ff3ce7665a6cde318ad3fc7716ca941f)) +* **ec2:** client vpn endpoint ([#12234](https://github.com/aws/aws-cdk/issues/12234)) ([4fde59a](https://github.com/aws/aws-cdk/commit/4fde59ac64e8440a05d17a9b5c5622a9dfb43b1f)), closes [#4206](https://github.com/aws/aws-cdk/issues/4206) +* **events:** retry-policy support ([#13660](https://github.com/aws/aws-cdk/issues/13660)) ([7966f8d](https://github.com/aws/aws-cdk/commit/7966f8d48c4bff26beb22856d289f9d0c7e7081d)), closes [#13659](https://github.com/aws/aws-cdk/issues/13659) +* **init-templates:** app template comes with hint comments for 'env' ([#13696](https://github.com/aws/aws-cdk/issues/13696)) ([b940710](https://github.com/aws/aws-cdk/commit/b9407102304f043adcd9a4fc1cde4d23d3da9004)), closes [#12321](https://github.com/aws/aws-cdk/issues/12321) +* **lambda-event-sources:** msk and self-managed kafka event sources ([#12507](https://github.com/aws/aws-cdk/issues/12507)) ([73209e1](https://github.com/aws/aws-cdk/commit/73209e17f314cf61f703d51ef3b9f197d2f1bdc3)), closes [#12099](https://github.com/aws/aws-cdk/issues/12099) +* **rds:** make rds secret name configurable ([#13626](https://github.com/aws/aws-cdk/issues/13626)) ([62a91b7](https://github.com/aws/aws-cdk/commit/62a91b7a30f8b6419a983d7ea7bdb3c39f2fdfd0)), closes [#8984](https://github.com/aws/aws-cdk/issues/8984) +* **sns:** enable passing PolicyDocument to TopicPolicy ([#10559](https://github.com/aws/aws-cdk/issues/10559)) ([0d9c300](https://github.com/aws/aws-cdk/commit/0d9c300f5244d3e5720832343830947f6cc5b352)), closes [#7934](https://github.com/aws/aws-cdk/issues/7934) + + +### Bug Fixes + +* **apigatewayv2:** error while configuring ANY as an allowed method in CORS ([#13313](https://github.com/aws/aws-cdk/issues/13313)) ([34bb338](https://github.com/aws/aws-cdk/commit/34bb338bfc8e2976691a23969baa5fd9d84727e8)), closes [#13280](https://github.com/aws/aws-cdk/issues/13280) [#13643](https://github.com/aws/aws-cdk/issues/13643) +* **aws-ecs:** drain hook lambda allows tasks to stop gracefully ([#13559](https://github.com/aws/aws-cdk/issues/13559)) ([3e1148e](https://github.com/aws/aws-cdk/commit/3e1148e74dce0e15379e2cfa372bd367183f9c6f)), closes [#13506](https://github.com/aws/aws-cdk/issues/13506) +* **codebuild:** Fixed build spec file format to return yaml ([#13445](https://github.com/aws/aws-cdk/issues/13445)) ([fab93c6](https://github.com/aws/aws-cdk/commit/fab93c63ba68c6398499e7df87a56a70d854ab88)) +* **codedeploy:** Use aws-cli instead of awscli for yum ([#13655](https://github.com/aws/aws-cdk/issues/13655)) ([449ce12](https://github.com/aws/aws-cdk/commit/449ce129b860ddc302e1e5270d5819ebe5aa27bf)) +* **codepipeline-actions:** BitBucketAction fails with S3 "Access denied" error ([#13637](https://github.com/aws/aws-cdk/issues/13637)) ([77ce45d](https://github.com/aws/aws-cdk/commit/77ce45d878f2d1cb453e36ae4d83228bee878ef1)), closes [#13557](https://github.com/aws/aws-cdk/issues/13557) +* **core:** `toJsonString()` cannot handle list intrinsics ([#13544](https://github.com/aws/aws-cdk/issues/13544)) ([a5be042](https://github.com/aws/aws-cdk/commit/a5be04270c2a372132964ab13d080a16f1a6f00c)), closes [#13465](https://github.com/aws/aws-cdk/issues/13465) +* **events,applicationautoscaling:** specifying a schedule rate in seconds results in an error ([#13689](https://github.com/aws/aws-cdk/issues/13689)) ([5d62331](https://github.com/aws/aws-cdk/commit/5d6233164611d69ac1bf5c73e1518eb14dbace8d)), closes [#13566](https://github.com/aws/aws-cdk/issues/13566) +* **lambda:** incorrect values for prop UntrustedArtifactOnDeployment ([#13667](https://github.com/aws/aws-cdk/issues/13667)) ([0757686](https://github.com/aws/aws-cdk/commit/0757686790c25ab1cc0f040d9f6039cef6648d44)), closes [#13586](https://github.com/aws/aws-cdk/issues/13586) +* **neptune:** create correct IAM statement in grantConnect() ([#13641](https://github.com/aws/aws-cdk/issues/13641)) ([2e7f046](https://github.com/aws/aws-cdk/commit/2e7f0462fef80714abb923cf0c14ed01d698b4fa)), closes [#13640](https://github.com/aws/aws-cdk/issues/13640) +* **s3:** Notifications fail to deploy due to incompatible node runtime ([#13624](https://github.com/aws/aws-cdk/issues/13624)) ([aa32cf6](https://github.com/aws/aws-cdk/commit/aa32cf64d20e4ba1eb2bc8236daeb05e89e4c12d)) + + +* **lambda-nodejs:** prepare code to reduce merge conflicts when deprecated APIs are stripped ([#13738](https://github.com/aws/aws-cdk/issues/13738)) ([ca391b5](https://github.com/aws/aws-cdk/commit/ca391b596fae1c3130a8811088d32df21a23a434)) +* **lambda-nodejs:** update default runtime ([#13664](https://github.com/aws/aws-cdk/issues/13664)) ([ca42461](https://github.com/aws/aws-cdk/commit/ca42461acd4f42a8bd7c0fb05788c7ea50834de2)) + ## [1.94.1](https://github.com/aws/aws-cdk/compare/v1.94.0...v1.94.1) (2021-03-16) diff --git a/version.v1.json b/version.v1.json index 0a93d433950d0..15eb58f541684 100644 --- a/version.v1.json +++ b/version.v1.json @@ -1,3 +1,3 @@ { - "version": "1.94.1" + "version": "1.95.0" } From 25e8d04d7266a2642f11154750bef49a31b1892e Mon Sep 17 00:00:00 2001 From: Adam Ruka Date: Thu, 25 Mar 2021 10:06:37 -0700 Subject: [PATCH 025/260] fix(codedeploy): script installing CodeDeploy agent fails (#13758) There is a typo in the UserData script that install the CodeDeploy Agent on EC2 instances for the server DeploymentGroup. Fixes #13755 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../@aws-cdk/aws-codedeploy/lib/server/deployment-group.ts | 5 ++--- .../test/server/integ.deployment-group.expected.json | 4 ++-- .../aws-codedeploy/test/server/test.deployment-group.ts | 2 +- 3 files changed, 5 insertions(+), 6 deletions(-) diff --git a/packages/@aws-cdk/aws-codedeploy/lib/server/deployment-group.ts b/packages/@aws-cdk/aws-codedeploy/lib/server/deployment-group.ts index 2babdecf478be..4e1a436ef9b77 100644 --- a/packages/@aws-cdk/aws-codedeploy/lib/server/deployment-group.ts +++ b/packages/@aws-cdk/aws-codedeploy/lib/server/deployment-group.ts @@ -356,7 +356,7 @@ export class ServerDeploymentGroup extends ServerDeploymentGroupBase { 'if [ -z "$PKG_CMD" ]; then', 'PKG_CMD=apt-get', 'else', - 'PKG=CMD=yum', + 'PKG_CMD=yum', 'fi', '$PKG_CMD update -y', 'set +e', // make sure we don't exit on the next command failing (we check its exit code below) @@ -367,8 +367,7 @@ export class ServerDeploymentGroup extends ServerDeploymentGroupBase { '$PKG_CMD install -y ruby', 'fi', 'AWS_CLI_PACKAGE_NAME=awscli', - 'if [[ "$PKG_CMD" = "yum" ]];', - 'then', + 'if [ "$PKG_CMD" = "yum" ]; then', 'AWS_CLI_PACKAGE_NAME=aws-cli', 'fi', '$PKG_CMD install -y $AWS_CLI_PACKAGE_NAME', diff --git a/packages/@aws-cdk/aws-codedeploy/test/server/integ.deployment-group.expected.json b/packages/@aws-cdk/aws-codedeploy/test/server/integ.deployment-group.expected.json index 1f5d3d109128d..c5ae20b9ac145 100644 --- a/packages/@aws-cdk/aws-codedeploy/test/server/integ.deployment-group.expected.json +++ b/packages/@aws-cdk/aws-codedeploy/test/server/integ.deployment-group.expected.json @@ -659,7 +659,7 @@ "Fn::Join": [ "", [ - "#!/bin/bash\nset +e\nPKG_CMD=`which yum 2>/dev/null`\nset -e\nif [ -z \"$PKG_CMD\" ]; then\nPKG_CMD=apt-get\nelse\nPKG=CMD=yum\nfi\n$PKG_CMD update -y\nset +e\n$PKG_CMD install -y ruby2.0\nRUBY2_INSTALL=$?\nset -e\nif [ $RUBY2_INSTALL -ne 0 ]; then\n$PKG_CMD install -y ruby\nfi\nAWS_CLI_PACKAGE_NAME=awscli\nif [[ \"$PKG_CMD\" = \"yum\" ]];\nthen\nAWS_CLI_PACKAGE_NAME=aws-cli\nfi\n$PKG_CMD install -y $AWS_CLI_PACKAGE_NAME\nTMP_DIR=`mktemp -d`\ncd $TMP_DIR\naws s3 cp s3://aws-codedeploy-", + "#!/bin/bash\nset +e\nPKG_CMD=`which yum 2>/dev/null`\nset -e\nif [ -z \"$PKG_CMD\" ]; then\nPKG_CMD=apt-get\nelse\nPKG_CMD=yum\nfi\n$PKG_CMD update -y\nset +e\n$PKG_CMD install -y ruby2.0\nRUBY2_INSTALL=$?\nset -e\nif [ $RUBY2_INSTALL -ne 0 ]; then\n$PKG_CMD install -y ruby\nfi\nAWS_CLI_PACKAGE_NAME=awscli\nif [ \"$PKG_CMD\" = \"yum\" ]; then\nAWS_CLI_PACKAGE_NAME=aws-cli\nfi\n$PKG_CMD install -y $AWS_CLI_PACKAGE_NAME\nTMP_DIR=`mktemp -d`\ncd $TMP_DIR\naws s3 cp s3://aws-codedeploy-", { "Ref": "AWS::Region" }, @@ -884,4 +884,4 @@ "Default": "/aws/service/ami-amazon-linux-latest/amzn-ami-hvm-x86_64-gp2" } } -} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-codedeploy/test/server/test.deployment-group.ts b/packages/@aws-cdk/aws-codedeploy/test/server/test.deployment-group.ts index 6aa102e97da11..5eaffc0de5741 100644 --- a/packages/@aws-cdk/aws-codedeploy/test/server/test.deployment-group.ts +++ b/packages/@aws-cdk/aws-codedeploy/test/server/test.deployment-group.ts @@ -81,7 +81,7 @@ export = { 'Fn::Join': [ '', [ - '#!/bin/bash\nset +e\nPKG_CMD=`which yum 2>/dev/null`\nset -e\nif [ -z "$PKG_CMD" ]; then\nPKG_CMD=apt-get\nelse\nPKG=CMD=yum\nfi\n$PKG_CMD update -y\nset +e\n$PKG_CMD install -y ruby2.0\nRUBY2_INSTALL=$?\nset -e\nif [ $RUBY2_INSTALL -ne 0 ]; then\n$PKG_CMD install -y ruby\nfi\nAWS_CLI_PACKAGE_NAME=awscli\nif [[ "$PKG_CMD" = "yum" ]];\nthen\nAWS_CLI_PACKAGE_NAME=aws-cli\nfi\n$PKG_CMD install -y $AWS_CLI_PACKAGE_NAME\nTMP_DIR=`mktemp -d`\ncd $TMP_DIR\naws s3 cp s3://aws-codedeploy-', + '#!/bin/bash\nset +e\nPKG_CMD=`which yum 2>/dev/null`\nset -e\nif [ -z "$PKG_CMD" ]; then\nPKG_CMD=apt-get\nelse\nPKG_CMD=yum\nfi\n$PKG_CMD update -y\nset +e\n$PKG_CMD install -y ruby2.0\nRUBY2_INSTALL=$?\nset -e\nif [ $RUBY2_INSTALL -ne 0 ]; then\n$PKG_CMD install -y ruby\nfi\nAWS_CLI_PACKAGE_NAME=awscli\nif [ "$PKG_CMD" = "yum" ]; then\nAWS_CLI_PACKAGE_NAME=aws-cli\nfi\n$PKG_CMD install -y $AWS_CLI_PACKAGE_NAME\nTMP_DIR=`mktemp -d`\ncd $TMP_DIR\naws s3 cp s3://aws-codedeploy-', { 'Ref': 'AWS::Region', }, From b1ffd335b6c41a26c1f88db2fc5a739c4c18c7fe Mon Sep 17 00:00:00 2001 From: Adam Ruka Date: Thu, 25 Mar 2021 15:07:05 -0700 Subject: [PATCH 026/260] fix(codebuild): module fails to load with error "Cannot use import statement outside a module" The bundling done in #13699 is somehow only putting the TypeScript files in the resulting NPM bundle, and thus causing the above error (from Node trying to execute TypeScript). This reverts commit 41a2b2ef from PR #13699. --- package.json | 12 ----- packages/@aws-cdk/aws-codebuild/package.json | 4 +- .../cloudformation-include/package.json | 4 +- packages/@aws-cdk/yaml-cfn/.gitignore | 3 +- packages/@aws-cdk/yaml-cfn/package.json | 26 ++++++++++ packages/@aws-cdk/yaml-cfn/tsconfig.json | 24 --------- packages/aws-cdk-lib/package.json | 2 - packages/decdk/test/schema.test.ts | 2 +- packages/monocdk/package.json | 2 - tools/nodeunit-shim/index.ts | 2 +- tools/pkglint/bin/pkglint.ts | 12 +---- tools/pkglint/lib/packagejson.ts | 2 +- tools/pkglint/lib/rules.ts | 52 +++---------------- tools/pkglint/lib/util.ts | 36 ------------- 14 files changed, 43 insertions(+), 140 deletions(-) delete mode 100644 packages/@aws-cdk/yaml-cfn/tsconfig.json diff --git a/package.json b/package.json index c79dbb9cfa2ff..6dad27d90e51f 100644 --- a/package.json +++ b/package.json @@ -51,9 +51,6 @@ "nohoist": [ "**/jszip", "**/jszip/**", - "@aws-cdk/aws-codebuild/@aws-cdk/yaml-cfn", - "@aws-cdk/aws-codebuild/@aws-cdk/yaml-cfn/yaml", - "@aws-cdk/aws-codebuild/@aws-cdk/yaml-cfn/yaml/**", "@aws-cdk/aws-codepipeline-actions/case", "@aws-cdk/aws-codepipeline-actions/case/**", "@aws-cdk/aws-cognito/punycode", @@ -66,9 +63,6 @@ "@aws-cdk/cloud-assembly-schema/jsonschema/**", "@aws-cdk/cloud-assembly-schema/semver", "@aws-cdk/cloud-assembly-schema/semver/**", - "@aws-cdk/cloudformation-include/@aws-cdk/yaml-cfn", - "@aws-cdk/cloudformation-include/@aws-cdk/yaml-cfn/yaml", - "@aws-cdk/cloudformation-include/@aws-cdk/yaml-cfn/yaml/**", "@aws-cdk/core/@balena/dockerignore", "@aws-cdk/core/@balena/dockerignore/**", "@aws-cdk/core/fs-extra", @@ -81,9 +75,6 @@ "@aws-cdk/cx-api/semver/**", "@aws-cdk/yaml-cfn/yaml", "@aws-cdk/yaml-cfn/yaml/**", - "aws-cdk-lib/@aws-cdk/yaml-cfn", - "aws-cdk-lib/@aws-cdk/yaml-cfn/yaml", - "aws-cdk-lib/@aws-cdk/yaml-cfn/yaml/**", "aws-cdk-lib/@balena/dockerignore", "aws-cdk-lib/@balena/dockerignore/**", "aws-cdk-lib/case", @@ -102,9 +93,6 @@ "aws-cdk-lib/semver/**", "aws-cdk-lib/yaml", "aws-cdk-lib/yaml/**", - "monocdk/@aws-cdk/yaml-cfn", - "monocdk/@aws-cdk/yaml-cfn/yaml", - "monocdk/@aws-cdk/yaml-cfn/yaml/**", "monocdk/@balena/dockerignore", "monocdk/@balena/dockerignore/**", "monocdk/case", diff --git a/packages/@aws-cdk/aws-codebuild/package.json b/packages/@aws-cdk/aws-codebuild/package.json index e3a2a673ad946..e5a9a34ecd807 100644 --- a/packages/@aws-cdk/aws-codebuild/package.json +++ b/packages/@aws-cdk/aws-codebuild/package.json @@ -103,9 +103,6 @@ "@aws-cdk/yaml-cfn": "0.0.0", "constructs": "^3.3.69" }, - "bundledDependencies": [ - "@aws-cdk/yaml-cfn" - ], "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/aws-cloudwatch": "0.0.0", @@ -122,6 +119,7 @@ "@aws-cdk/aws-secretsmanager": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/region-info": "0.0.0", + "@aws-cdk/yaml-cfn": "0.0.0", "constructs": "^3.3.69" }, "engines": { diff --git a/packages/@aws-cdk/cloudformation-include/package.json b/packages/@aws-cdk/cloudformation-include/package.json index 402577b396714..6ec40598cac62 100644 --- a/packages/@aws-cdk/cloudformation-include/package.json +++ b/packages/@aws-cdk/cloudformation-include/package.json @@ -363,6 +363,7 @@ "@aws-cdk/aws-wafv2": "0.0.0", "@aws-cdk/aws-workspaces": "0.0.0", "@aws-cdk/core": "0.0.0", + "@aws-cdk/yaml-cfn": "0.0.0", "constructs": "^3.3.69" }, "devDependencies": { @@ -374,9 +375,6 @@ "pkglint": "0.0.0", "ts-jest": "^26.5.4" }, - "bundledDependencies": [ - "@aws-cdk/yaml-cfn" - ], "keywords": [ "aws", "cdk", diff --git a/packages/@aws-cdk/yaml-cfn/.gitignore b/packages/@aws-cdk/yaml-cfn/.gitignore index 8b9c845e5d12a..bb785cfb74f08 100644 --- a/packages/@aws-cdk/yaml-cfn/.gitignore +++ b/packages/@aws-cdk/yaml-cfn/.gitignore @@ -3,6 +3,7 @@ *.d.ts node_modules dist +tsconfig.json .jsii .LAST_BUILD @@ -14,4 +15,4 @@ nyc.config.js !.eslintrc.js !jest.config.js -junit.xml +junit.xml \ No newline at end of file diff --git a/packages/@aws-cdk/yaml-cfn/package.json b/packages/@aws-cdk/yaml-cfn/package.json index 842455998dad5..7fc68d44a23af 100644 --- a/packages/@aws-cdk/yaml-cfn/package.json +++ b/packages/@aws-cdk/yaml-cfn/package.json @@ -23,6 +23,32 @@ "cloudformation", "yaml" ], + "jsii": { + "outdir": "dist", + "targets": { + "java": { + "package": "software.amazon.awscdk.yaml.cfn", + "maven": { + "groupId": "software.amazon.awscdk", + "artifactId": "cdk-yaml-cfn" + } + }, + "dotnet": { + "namespace": "Amazon.CDK.Yaml.Cfn", + "packageId": "Amazon.CDK.Yaml.Cfn", + "iconUrl": "https://raw.githubusercontent.com/aws/aws-cdk/master/logo/default-256-dark.png" + }, + "python": { + "distName": "aws-cdk.yaml-cfn", + "module": "aws_cdk.yaml_cfn", + "classifiers": [ + "Framework :: AWS CDK", + "Framework :: AWS CDK :: 1" + ] + } + }, + "projectReferences": true + }, "scripts": { "build": "cdk-build", "watch": "cdk-watch", diff --git a/packages/@aws-cdk/yaml-cfn/tsconfig.json b/packages/@aws-cdk/yaml-cfn/tsconfig.json deleted file mode 100644 index 5e75173fa8734..0000000000000 --- a/packages/@aws-cdk/yaml-cfn/tsconfig.json +++ /dev/null @@ -1,24 +0,0 @@ -{ - "compilerOptions": { - "target":"ES2018", - "module": "commonjs", - "lib": ["es2016", "es2017.object", "es2017.string"], - "declaration": true, - "composite": true, - "strict": true, - "noImplicitAny": true, - "strictNullChecks": true, - "noImplicitThis": true, - "alwaysStrict": true, - "noUnusedLocals": true, - "noUnusedParameters": true, - "noImplicitReturns": true, - "noFallthroughCasesInSwitch": false, - "inlineSourceMap": true, - "inlineSources": true, - "experimentalDecorators": true, - "strictPropertyInitialization":false - }, - "include": ["**/*.ts" ], - "exclude": ["node_modules"] -} diff --git a/packages/aws-cdk-lib/package.json b/packages/aws-cdk-lib/package.json index 7abdfa6de5a45..bc1a4b73f08c2 100644 --- a/packages/aws-cdk-lib/package.json +++ b/packages/aws-cdk-lib/package.json @@ -81,7 +81,6 @@ }, "license": "Apache-2.0", "bundledDependencies": [ - "@aws-cdk/yaml-cfn", "@balena/dockerignore", "case", "fs-extra", @@ -93,7 +92,6 @@ "yaml" ], "dependencies": { - "@aws-cdk/yaml-cfn": "0.0.0", "@balena/dockerignore": "^1.0.2", "case": "1.6.3", "fs-extra": "^9.1.0", diff --git a/packages/decdk/test/schema.test.ts b/packages/decdk/test/schema.test.ts index 84888d94b365b..7b097dcc9fcbe 100644 --- a/packages/decdk/test/schema.test.ts +++ b/packages/decdk/test/schema.test.ts @@ -79,7 +79,7 @@ test('schemaForInterface: interface with primitives', async () => { * are propagated outwards. */ function spawn(command: string, options: SpawnOptions | undefined) { - return new Promise((resolve, reject) => { + return new Promise((resolve, reject) => { const cp = spawnAsync(command, [], { stdio: 'inherit', ...options }); cp.on('error', reject); diff --git a/packages/monocdk/package.json b/packages/monocdk/package.json index 42ac44b1a8a60..7f1f6da5555b1 100644 --- a/packages/monocdk/package.json +++ b/packages/monocdk/package.json @@ -87,7 +87,6 @@ }, "license": "Apache-2.0", "bundledDependencies": [ - "@aws-cdk/yaml-cfn", "@balena/dockerignore", "case", "fs-extra", @@ -99,7 +98,6 @@ "yaml" ], "dependencies": { - "@aws-cdk/yaml-cfn": "0.0.0", "@balena/dockerignore": "^1.0.2", "case": "1.6.3", "fs-extra": "^9.1.0", diff --git a/tools/nodeunit-shim/index.ts b/tools/nodeunit-shim/index.ts index 1c4ee174ff229..8ba50bedefefd 100644 --- a/tools/nodeunit-shim/index.ts +++ b/tools/nodeunit-shim/index.ts @@ -81,7 +81,7 @@ export function nodeunitShim(exports: Record) { }); } else { // It's a test - test(testName, () => new Promise(ok => { + test(testName, () => new Promise(ok => { testObj(new Test(ok)); })); } diff --git a/tools/pkglint/bin/pkglint.ts b/tools/pkglint/bin/pkglint.ts index 31cf7f5d2c74d..0b5cd61ef1649 100644 --- a/tools/pkglint/bin/pkglint.ts +++ b/tools/pkglint/bin/pkglint.ts @@ -24,16 +24,8 @@ async function main(): Promise { const pkgs = findPackageJsons(argv.directory as string); - for (const rule of rules) { - for (const pkg of pkgs.filter(pkg => pkg.shouldApply(rule))) { - rule.prepare(pkg); - } - } - for (const rule of rules) { - for (const pkg of pkgs.filter(pkg => pkg.shouldApply(rule))) { - await rule.validate(pkg); - } - } + rules.forEach(rule => pkgs.filter(pkg => pkg.shouldApply(rule)).forEach(pkg => rule.prepare(pkg))); + rules.forEach(rule => pkgs.filter(pkg => pkg.shouldApply(rule)).forEach(pkg => rule.validate(pkg))); if (argv.fix) { pkgs.forEach(pkg => pkg.applyFixes()); diff --git a/tools/pkglint/lib/packagejson.ts b/tools/pkglint/lib/packagejson.ts index 7a7375fbe6fab..a59e8f1c6e307 100644 --- a/tools/pkglint/lib/packagejson.ts +++ b/tools/pkglint/lib/packagejson.ts @@ -361,5 +361,5 @@ export abstract class ValidationRule { /** * Will be executed for every package definition once, should mutate the package object */ - public abstract validate(pkg: PackageJson): void | Promise; + public abstract validate(pkg: PackageJson): void; } diff --git a/tools/pkglint/lib/rules.ts b/tools/pkglint/lib/rules.ts index 6f4e41b83c00c..25d8a51481d6b 100644 --- a/tools/pkglint/lib/rules.ts +++ b/tools/pkglint/lib/rules.ts @@ -1,7 +1,6 @@ import * as fs from 'fs'; import * as path from 'path'; import * as caseUtils from 'case'; -import * as fse from 'fs-extra'; import * as glob from 'glob'; import * as semver from 'semver'; import { LICENSE, NOTICE } from './licensing'; @@ -12,7 +11,6 @@ import { fileShouldBe, fileShouldBeginWith, fileShouldContain, fileShouldNotContain, findInnerPackages, - findPackageDir, monoRepoRoot, } from './util'; @@ -1373,42 +1371,25 @@ export class FastFailingBuildScripts extends ValidationRule { } } -/** - * For every bundled dependency, we need to make sure that package and all of its transitive dependencies are nohoisted - * - * Bundling literally works by including `/node_modules/` into - * the tarball when `npm pack` is run, and if that directory does not exist at - * that exact location (because it has been hoisted) then NPM shrugs its - * shoulders and the dependency will be missing from the distribution. - * - * -- - * - * We also must not forget to nohoist transitive dependencies. Strictly - * speaking, we need to only hoist transitive *runtime* dependencies (`dependencies`, not - * `devDependencies`). - * - * For 3rd party deps, there is no difference and we short-circuit by adding a - * catch-all glob (`/node_modules//**`), but for in-repo bundled - * dependencies, we DO need the `devDependencies` installed as per normal and - * only the transitive runtime dependencies nohoisted (recursively). - */ export class YarnNohoistBundledDependencies extends ValidationRule { public readonly name = 'yarn/nohoist-bundled-dependencies'; - public async validate(pkg: PackageJson) { + public validate(pkg: PackageJson) { const bundled: string[] = pkg.json.bundleDependencies || pkg.json.bundledDependencies || []; + if (bundled.length === 0) { return; } const repoPackageJson = path.resolve(__dirname, '../../../package.json'); - const nohoist = new Set(require(repoPackageJson).workspaces.nohoist); // eslint-disable-line @typescript-eslint/no-require-imports - const expectedNoHoistEntries = new Array(); + const nohoist: string[] = require(repoPackageJson).workspaces.nohoist; // eslint-disable-line @typescript-eslint/no-require-imports + const missing = new Array(); for (const dep of bundled) { - await noHoistDependency(pkg.packageName, dep, pkg.packageRoot); + for (const entry of [`${pkg.packageName}/${dep}`, `${pkg.packageName}/${dep}/**`]) { + if (nohoist.indexOf(entry) >= 0) { continue; } + missing.push(entry); + } } - const missing = expectedNoHoistEntries.filter(entry => !nohoist.has(entry)); - if (missing.length > 0) { pkg.report({ ruleName: this.name, @@ -1420,23 +1401,6 @@ export class YarnNohoistBundledDependencies extends ValidationRule { }, }); } - - async function noHoistDependency(parentPackageHierarchy: string, depName: string, parentPackageDir: string) { - expectedNoHoistEntries.push(`${parentPackageHierarchy}/${depName}`); - - const dependencyDir = await findPackageDir(depName, parentPackageDir); - if (!isMonoRepoPackageDir(dependencyDir)) { - // Not one of ours, so we can just ignore everything underneath as well - expectedNoHoistEntries.push(`${parentPackageHierarchy}/${depName}/**`); - return; - } - - // A monorepo package, recurse into dependencies (but not devDependencies) - const packageJson = await fse.readJson(path.join(dependencyDir, 'package.json')); - for (const dep of Object.keys(packageJson.dependencies ?? {})) { - await noHoistDependency(`${parentPackageHierarchy}/${depName}`, dep, dependencyDir); - } - } } } diff --git a/tools/pkglint/lib/util.ts b/tools/pkglint/lib/util.ts index fe56512113ec2..10b4415a6c3ca 100644 --- a/tools/pkglint/lib/util.ts +++ b/tools/pkglint/lib/util.ts @@ -190,39 +190,3 @@ export function* findInnerPackages(dir: string): IterableIterator { yield* findInnerPackages(path.join(dir, fname)); } } - -/** - * Find package directory - * - * Do this by walking upwards in the directory tree until we find - * `/node_modules//package.json`. - * - * ------- - * - * Things that we tried but don't work: - * - * 1. require.resolve(`${depName}/package.json`, { paths: [rootDir] }); - * - * Breaks with ES Modules if `package.json` has not been exported, which is - * being enforced starting Node12. - * - * 2. findPackageJsonUpwardFrom(require.resolve(depName, { paths: [rootDir] })) - * - * Breaks if a built-in NodeJS package name conflicts with an NPM package name - * (in Node15 `string_decoder` is introduced...) - */ -export async function findPackageDir(depName: string, rootDir: string) { - let prevDir; - let dir = rootDir; - while (dir !== prevDir) { - const candidateDir = path.join(dir, 'node_modules', depName); - if (await new Promise(ok => fs.exists(path.join(candidateDir, 'package.json'), ok))) { - return new Promise((ok, ko) => fs.realpath(candidateDir, (err, result) => err ? ko(err) : ok(result))); - } - - prevDir = dir; - dir = path.dirname(dir); // dirname('/') -> '/', dirname('c:\\') -> 'c:\\' - } - - throw new Error(`Did not find '${depName}' upwards of '${rootDir}'`); -} \ No newline at end of file From 15169dee88082b4a12c8bae7b4484ae468dbf89f Mon Sep 17 00:00:00 2001 From: Adam Ruka Date: Thu, 25 Mar 2021 15:12:26 -0700 Subject: [PATCH 027/260] chore(release): 1.95.1 --- CHANGELOG.md | 7 +++++++ version.v1.json | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 54dee502b6d69..3a949e3bfc65a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,13 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [1.95.1](https://github.com/aws/aws-cdk/compare/v1.95.0...v1.95.1) (2021-03-25) + + +### Bug Fixes + +* **codebuild:** module fails to load with error "Cannot use import statement outside a module" ([b1ffd33](https://github.com/aws/aws-cdk/commit/b1ffd335b6c41a26c1f88db2fc5a739c4c18c7fe)), closes [#13699](https://github.com/aws/aws-cdk/issues/13699) [#13699](https://github.com/aws/aws-cdk/issues/13699) + ## [1.95.0](https://github.com/aws/aws-cdk/compare/v1.94.1...v1.95.0) (2021-03-25) diff --git a/version.v1.json b/version.v1.json index 15eb58f541684..cf4c9c13cf1bc 100644 --- a/version.v1.json +++ b/version.v1.json @@ -1,3 +1,3 @@ { - "version": "1.95.0" + "version": "1.95.1" } From 4ec9383b9a096e9dd077525fb74dfbe88b96b44f Mon Sep 17 00:00:00 2001 From: Adam Ruka Date: Thu, 25 Mar 2021 15:31:03 -0700 Subject: [PATCH 028/260] Remove unused isMonoRepoPackageDir function in pkglint/rules.ts. --- tools/pkglint/lib/rules.ts | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/tools/pkglint/lib/rules.ts b/tools/pkglint/lib/rules.ts index 25d8a51481d6b..f7929a353035a 100644 --- a/tools/pkglint/lib/rules.ts +++ b/tools/pkglint/lib/rules.ts @@ -1670,14 +1670,3 @@ function cdkMajorVersion() { const releaseJson = require(`${__dirname}/../../../release.json`); return releaseJson.majorVersion as number; } - -/** - * Whether this is a package in the monorepo or not - * - * We're going to be cheeky and not do too much analysis, and say that - * a package that has `/node_modules/` in the directory name is NOT in the - * monorepo, otherwise it is. - */ -function isMonoRepoPackageDir(packageDir: string) { - return path.resolve(packageDir).indexOf(`${path.sep}node_modules${path.sep}`) === -1; -} From dd22e8fc29f1fc33d391d1bb9ae93963bfd82563 Mon Sep 17 00:00:00 2001 From: Benura Abeywardena <43112139+BLasan@users.noreply.github.com> Date: Fri, 26 Mar 2021 09:24:16 +0530 Subject: [PATCH 029/260] fix(rds): fail with a descriptive error if Cluster's instance count is a deploy-time value (#13765) Added a condition to check whether the `instanceCount` is a token or not. If it's not a token then an exception will be thrown. Fixes #13558 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-rds/lib/cluster.ts | 3 ++ .../@aws-cdk/aws-rds/test/cluster.test.ts | 50 ++++++------------- 2 files changed, 17 insertions(+), 36 deletions(-) diff --git a/packages/@aws-cdk/aws-rds/lib/cluster.ts b/packages/@aws-cdk/aws-rds/lib/cluster.ts index a3f06555afdb9..4e4e86f6a4d7f 100644 --- a/packages/@aws-cdk/aws-rds/lib/cluster.ts +++ b/packages/@aws-cdk/aws-rds/lib/cluster.ts @@ -651,6 +651,9 @@ interface InstanceConfig { */ function createInstances(cluster: DatabaseClusterNew, props: DatabaseClusterBaseProps, subnetGroup: ISubnetGroup): InstanceConfig { const instanceCount = props.instances != null ? props.instances : 2; + if (Token.isUnresolved(instanceCount)) { + throw new Error('The number of instances an RDS Cluster consists of cannot be provided as a deploy-time only value!'); + } if (instanceCount < 1) { throw new Error('At least one instance is required'); } diff --git a/packages/@aws-cdk/aws-rds/test/cluster.test.ts b/packages/@aws-cdk/aws-rds/test/cluster.test.ts index 74f538be5d998..de7c5900de836 100644 --- a/packages/@aws-cdk/aws-rds/test/cluster.test.ts +++ b/packages/@aws-cdk/aws-rds/test/cluster.test.ts @@ -50,8 +50,22 @@ describe('cluster', () => { DeletionPolicy: 'Delete', UpdateReplacePolicy: 'Delete', }, ResourcePart.CompleteDefinition); + }); + test('validates that the number of instances is not a deploy-time value', () => { + const stack = testStack(); + const vpc = new ec2.Vpc(stack, 'VPC'); + const parameter = new cdk.CfnParameter(stack, 'Param', { type: 'Number' }); + expect(() => { + new DatabaseCluster(stack, 'Database', { + instances: parameter.valueAsNumber, + engine: DatabaseClusterEngine.AURORA, + instanceProps: { + vpc, + }, + }); + }).toThrow('The number of instances an RDS Cluster consists of cannot be provided as a deploy-time only value!'); }); test('can create a cluster with a single instance', () => { @@ -81,8 +95,6 @@ describe('cluster', () => { MasterUserPassword: 'tooshort', VpcSecurityGroupIds: [{ 'Fn::GetAtt': ['DatabaseSecurityGroup5C91FDCB', 'GroupId'] }], }); - - }); test('can create a cluster with imported vpc and security group', () => { @@ -116,8 +128,6 @@ describe('cluster', () => { MasterUserPassword: 'tooshort', VpcSecurityGroupIds: ['SecurityGroupId12345'], }); - - }); test('cluster with parameter group', () => { @@ -150,8 +160,6 @@ describe('cluster', () => { expect(stack).toHaveResource('AWS::RDS::DBCluster', { DBClusterParameterGroupName: { Ref: 'ParamsA8366201' }, }); - - }); test("sets the retention policy of the SubnetGroup to 'Retain' if the Cluster is created with 'Retain'", () => { @@ -172,8 +180,6 @@ describe('cluster', () => { DeletionPolicy: 'Retain', UpdateReplacePolicy: 'Retain', }, ResourcePart.CompleteDefinition); - - }); test('creates a secret when master credentials are not specified', () => { @@ -230,8 +236,6 @@ describe('cluster', () => { SecretStringTemplate: '{"username":"admin"}', }, }); - - }); test('create an encrypted cluster with custom KMS key', () => { @@ -261,8 +265,6 @@ describe('cluster', () => { ], }, }); - - }); test('cluster with instance parameter group', () => { @@ -294,8 +296,6 @@ describe('cluster', () => { Ref: 'ParameterGroup5E32DECB', }, }); - - }); describe('performance insights', () => { @@ -323,8 +323,6 @@ describe('cluster', () => { PerformanceInsightsRetentionPeriod: 731, PerformanceInsightsKMSKeyId: { 'Fn::GetAtt': ['Key961B73FD', 'Arn'] }, }); - - }); test('setting performance insights fields enables performance insights', () => { @@ -348,8 +346,6 @@ describe('cluster', () => { EnablePerformanceInsights: true, PerformanceInsightsRetentionPeriod: 731, }); - - }); test('throws if performance insights fields are set but performance insights is disabled', () => { @@ -370,8 +366,6 @@ describe('cluster', () => { }, }); }).toThrow(/`enablePerformanceInsights` disabled, but `performanceInsightRetention` or `performanceInsightEncryptionKey` was set/); - - }); }); @@ -392,8 +386,6 @@ describe('cluster', () => { expect(stack).toHaveResource('AWS::RDS::DBInstance', { AutoMinorVersionUpgrade: false, }); - - }); test('cluster with allow upgrade of major version', () => { @@ -413,8 +405,6 @@ describe('cluster', () => { expect(stack).toHaveResourceLike('AWS::RDS::DBInstance', { AllowMajorVersionUpgrade: true, }); - - }); test('cluster with disallow remove backups', () => { @@ -434,8 +424,6 @@ describe('cluster', () => { expect(stack).toHaveResourceLike('AWS::RDS::DBInstance', { DeleteAutomatedBackups: false, }); - - }); test('create a cluster using a specific version of MySQL', () => { @@ -462,8 +450,6 @@ describe('cluster', () => { Engine: 'aurora-mysql', EngineVersion: '5.7.mysql_aurora.2.04.4', }); - - }); test('create a cluster using a specific version of Postgresql', () => { @@ -513,8 +499,6 @@ describe('cluster', () => { // THEN expect(stack.resolve(cluster.clusterEndpoint)).not.toEqual(stack.resolve(cluster.clusterReadEndpoint)); - - }); test('imported cluster with imported security group honors allowAllOutbound', () => { @@ -540,8 +524,6 @@ describe('cluster', () => { expect(stack).toHaveResource('AWS::EC2::SecurityGroupEgress', { GroupId: 'sg-123456789', }); - - }); test('can import a cluster with minimal attributes', () => { @@ -567,8 +549,6 @@ describe('cluster', () => { expect(() => cluster.clusterReadEndpoint).toThrow(/Cannot access `clusterReadEndpoint` of an imported cluster/); expect(() => cluster.instanceIdentifiers).toThrow(/Cannot access `instanceIdentifiers` of an imported cluster/); expect(() => cluster.instanceEndpoints).toThrow(/Cannot access `instanceEndpoints` of an imported cluster/); - - }); test('imported cluster can access properties if attributes are provided', () => { @@ -590,8 +570,6 @@ describe('cluster', () => { expect(cluster.clusterReadEndpoint.socketAddress).toEqual('reader-address:3306'); expect(cluster.instanceIdentifiers).toEqual(['identifier']); expect(cluster.instanceEndpoints.map(endpoint => endpoint.socketAddress)).toEqual(['instance-addr:3306']); - - }); test('cluster supports metrics', () => { From 9cceb3f855b1ece2effe60b5a8b84f2986c270c4 Mon Sep 17 00:00:00 2001 From: Niranjan Jayakar Date: Fri, 26 Mar 2021 13:14:35 +0000 Subject: [PATCH 030/260] chore(core): remove all references to BundlingDockerImage in the public API (#13814) A previous commit - ad01099d - deprecated BundlingDockerImage in favour of DockerImage. However, there are still uses of BundlingDockerImage that remain. Since bundling is still experimental, swap all uses of BundlingDockerImage and replace with DockerImage. Motivation No non-deprecated public API can reference a deprecated type as part of CDKv2. BREAKING CHANGE: The type of the `image` property in `BundlingOptions` is changed from `BundlingDockerImage` to `DockerImage`. * **core:** The return type of the `DockerImage.fromBuild()` API is changed from `BundlingDockerImage` to `DockerImage`. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/core/lib/bundling.ts | 58 ++++++++++---------- packages/@aws-cdk/core/test/bundling.test.ts | 4 +- 2 files changed, 31 insertions(+), 31 deletions(-) diff --git a/packages/@aws-cdk/core/lib/bundling.ts b/packages/@aws-cdk/core/lib/bundling.ts index a9567fe6e464e..5b4a579caf8f1 100644 --- a/packages/@aws-cdk/core/lib/bundling.ts +++ b/packages/@aws-cdk/core/lib/bundling.ts @@ -12,7 +12,7 @@ export interface BundlingOptions { /** * The Docker image where the command will run. */ - readonly image: BundlingDockerImage; + readonly image: DockerImage; /** * The entrypoint to run in the Docker container. @@ -158,33 +158,7 @@ export class BundlingDockerImage { * @deprecated use DockerImage.fromBuild() */ public static fromAsset(path: string, options: DockerBuildOptions = {}) { - const buildArgs = options.buildArgs || {}; - - if (options.file && isAbsolute(options.file)) { - throw new Error(`"file" must be relative to the docker build directory. Got ${options.file}`); - } - - // Image tag derived from path and build options - const input = JSON.stringify({ path, ...options }); - const tagHash = crypto.createHash('sha256').update(input).digest('hex'); - const tag = `cdk-${tagHash}`; - - const dockerArgs: string[] = [ - 'build', '-t', tag, - ...(options.file ? ['-f', join(path, options.file)] : []), - ...flatten(Object.entries(buildArgs).map(([k, v]) => ['--build-arg', `${k}=${v}`])), - path, - ]; - - dockerExec(dockerArgs); - - // Fingerprints the directory containing the Dockerfile we're building and - // differentiates the fingerprint based on build arguments. We do this so - // we can provide a stable image hash. Otherwise, the image ID will be - // different every time the Docker layer cache is cleared, due primarily to - // timestamps. - const hash = FileSystem.fingerprint(path, { extraHash: JSON.stringify(options) }); - return new BundlingDockerImage(tag, hash); + DockerImage.fromBuild(path, options) as BundlingDockerImage; } /** @param image The Docker image */ @@ -276,7 +250,33 @@ export class DockerImage extends BundlingDockerImage { * @param options Docker build options */ public static fromBuild(path: string, options: DockerBuildOptions = {}) { - return BundlingDockerImage.fromAsset(path, options); + const buildArgs = options.buildArgs || {}; + + if (options.file && isAbsolute(options.file)) { + throw new Error(`"file" must be relative to the docker build directory. Got ${options.file}`); + } + + // Image tag derived from path and build options + const input = JSON.stringify({ path, ...options }); + const tagHash = crypto.createHash('sha256').update(input).digest('hex'); + const tag = `cdk-${tagHash}`; + + const dockerArgs: string[] = [ + 'build', '-t', tag, + ...(options.file ? ['-f', join(path, options.file)] : []), + ...flatten(Object.entries(buildArgs).map(([k, v]) => ['--build-arg', `${k}=${v}`])), + path, + ]; + + dockerExec(dockerArgs); + + // Fingerprints the directory containing the Dockerfile we're building and + // differentiates the fingerprint based on build arguments. We do this so + // we can provide a stable image hash. Otherwise, the image ID will be + // different every time the Docker layer cache is cleared, due primarily to + // timestamps. + const hash = FileSystem.fingerprint(path, { extraHash: JSON.stringify(options) }); + return new DockerImage(tag, hash); } /** diff --git a/packages/@aws-cdk/core/test/bundling.test.ts b/packages/@aws-cdk/core/test/bundling.test.ts index 99548030c011a..1c909142b3127 100644 --- a/packages/@aws-cdk/core/test/bundling.test.ts +++ b/packages/@aws-cdk/core/test/bundling.test.ts @@ -60,7 +60,7 @@ nodeunitShim({ const fingerprintStub = sinon.stub(FileSystem, 'fingerprint'); fingerprintStub.callsFake(() => imageHash); - const image = BundlingDockerImage.fromAsset('docker-path', { + const image = DockerImage.fromBuild('docker-path', { buildArgs: { TEST_ARG: 'cdk-test', }, @@ -139,7 +139,7 @@ nodeunitShim({ const fingerprintStub = sinon.stub(FileSystem, 'fingerprint'); fingerprintStub.callsFake(() => imageHash); - const image = BundlingDockerImage.fromAsset('docker-path'); + const image = DockerImage.fromBuild('docker-path'); const tagHash = crypto.createHash('sha256').update(JSON.stringify({ path: 'docker-path', From 88f2c5ac302145f0b56462943a72e2b133c70bdf Mon Sep 17 00:00:00 2001 From: Niranjan Jayakar Date: Fri, 26 Mar 2021 14:29:00 +0000 Subject: [PATCH 031/260] chore(aws-cdk-lib): strip out deprecated symbols from public API (#13815) The jsii build the 'aws-cdk-lib' module will now run with the 'strip deprecated' flag enabled. This ensures that the public API of this module will contain no deprecated symbols. This is enabled by a new option configured in the module's `package.json` and recognized by `cdk-build`. Previous commits - ca391b59 and a872e672 - have removed the majority of deprecated symbols from public APIs. A few remain that are removed as part of this change. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../@aws-cdk/aws-lambda/lib/log-retention.ts | 2 -- packages/@aws-cdk/aws-lambda/lib/runtime.ts | 9 ++++++++- packages/@aws-cdk/core/lib/construct-compat.ts | 8 +++++++- packages/@aws-cdk/core/lib/stack.ts | 18 +++++++++++++----- packages/aws-cdk-lib/package.json | 3 ++- tools/cdk-build-tools/lib/compile.ts | 2 +- tools/cdk-build-tools/lib/package-info.ts | 14 ++++++++++++-- 7 files changed, 43 insertions(+), 13 deletions(-) diff --git a/packages/@aws-cdk/aws-lambda/lib/log-retention.ts b/packages/@aws-cdk/aws-lambda/lib/log-retention.ts index e499764f96e20..3fe6db5e81880 100644 --- a/packages/@aws-cdk/aws-lambda/lib/log-retention.ts +++ b/packages/@aws-cdk/aws-lambda/lib/log-retention.ts @@ -3,8 +3,6 @@ import { Construct } from 'constructs'; /** * Retry options for all AWS API calls. - * - * @deprecated use `LogRetentionRetryOptions` from '@aws-cdk/aws-logs' instead */ export interface LogRetentionRetryOptions extends logs.LogRetentionRetryOptions { } diff --git a/packages/@aws-cdk/aws-lambda/lib/runtime.ts b/packages/@aws-cdk/aws-lambda/lib/runtime.ts index bb24fbba9eeae..e7e1451b79125 100644 --- a/packages/@aws-cdk/aws-lambda/lib/runtime.ts +++ b/packages/@aws-cdk/aws-lambda/lib/runtime.ts @@ -209,16 +209,23 @@ export class Runtime { public readonly family?: RuntimeFamily; /** - * The bundling Docker image for this runtime. + * DEPRECATED + * @deprecated use `bundlingImage` */ public readonly bundlingDockerImage: BundlingDockerImage; + /** + * The bundling Docker image for this runtime. + */ + public readonly bundlingImage: DockerImage; + constructor(name: string, family?: RuntimeFamily, props: LambdaRuntimeProps = { }) { this.name = name; this.supportsInlineCode = !!props.supportsInlineCode; this.family = family; const imageName = props.bundlingDockerImage ?? `amazon/aws-sam-cli-build-image-${name}`; this.bundlingDockerImage = DockerImage.fromRegistry(imageName); + this.bundlingImage = this.bundlingDockerImage; this.supportsCodeGuruProfiling = props.supportsCodeGuruProfiling ?? false; Runtime.ALL.push(this); diff --git a/packages/@aws-cdk/core/lib/construct-compat.ts b/packages/@aws-cdk/core/lib/construct-compat.ts index ac7873a837dde..09a6fbd929496 100644 --- a/packages/@aws-cdk/core/lib/construct-compat.ts +++ b/packages/@aws-cdk/core/lib/construct-compat.ts @@ -412,11 +412,17 @@ export class ConstructNode { return this._actualNode.tryGetContext(key); } + /** + * DEPRECATED + * @deprecated use `metadataEntry` + */ + public get metadata() { return this._actualNode.metadata as cxapi.MetadataEntry[]; } + /** * An immutable array of metadata objects associated with this construct. * This can be used, for example, to implement support for deprecation notices, source mapping, etc. */ - public get metadata() { return this._actualNode.metadata as cxapi.MetadataEntry[]; } + public get metadataEntry() { return this._actualNode.metadata; } /** * Adds a metadata entry to this construct. diff --git a/packages/@aws-cdk/core/lib/stack.ts b/packages/@aws-cdk/core/lib/stack.ts index 2284ddedc203f..bd6f77c0da2f9 100644 --- a/packages/@aws-cdk/core/lib/stack.ts +++ b/packages/@aws-cdk/core/lib/stack.ts @@ -424,6 +424,17 @@ export class Stack extends CoreConstruct implements ITaggable { return CloudFormationLang.toJSON(obj, space).toString(); } + /** + * DEPRECATED + * @deprecated use `reportMissingContextKey()` + */ + public reportMissingContext(report: cxapi.MissingContext) { + if (!Object.values(cxschema.ContextProvider).includes(report.provider as cxschema.ContextProvider)) { + throw new Error(`Unknown context provider requested in: ${JSON.stringify(report)}`); + } + this.reportMissingContextKey(report as cxschema.MissingContext); + } + /** * Indicate that a context key was expected * @@ -432,11 +443,8 @@ export class Stack extends CoreConstruct implements ITaggable { * * @param report The set of parameters needed to obtain the context */ - public reportMissingContext(report: cxapi.MissingContext) { - if (!Object.values(cxschema.ContextProvider).includes(report.provider as cxschema.ContextProvider)) { - throw new Error(`Unknown context provider requested in: ${JSON.stringify(report)}`); - } - this._missingContext.push(report as cxschema.MissingContext); + public reportMissingContextKey(report: cxschema.MissingContext) { + this._missingContext.push(report); } /** diff --git a/packages/aws-cdk-lib/package.json b/packages/aws-cdk-lib/package.json index bc1a4b73f08c2..5bd2c80c966f9 100644 --- a/packages/aws-cdk-lib/package.json +++ b/packages/aws-cdk-lib/package.json @@ -33,7 +33,8 @@ "cdk-build": { "eslint": { "disable": true - } + }, + "stripDeprecated": true }, "pkglint": { "exclude": [ diff --git a/tools/cdk-build-tools/lib/compile.ts b/tools/cdk-build-tools/lib/compile.ts index fe63d0c8f346e..173fea93685b5 100644 --- a/tools/cdk-build-tools/lib/compile.ts +++ b/tools/cdk-build-tools/lib/compile.ts @@ -7,7 +7,7 @@ import { Timers } from './timer'; */ export async function compileCurrentPackage(options: CDKBuildOptions, timers: Timers, compilers: CompilerOverrides = {}): Promise { const env = options.env; - await shell(packageCompiler(compilers), { timers, env }); + await shell(packageCompiler(compilers, options), { timers, env }); // Find files in bin/ that look like they should be executable, and make them so. const scripts = currentPackageJson().bin || {}; diff --git a/tools/cdk-build-tools/lib/package-info.ts b/tools/cdk-build-tools/lib/package-info.ts index 9e12b86b80580..b9d5b7614eb30 100644 --- a/tools/cdk-build-tools/lib/package-info.ts +++ b/tools/cdk-build-tools/lib/package-info.ts @@ -81,9 +81,13 @@ export interface CompilerOverrides { /** * Return the compiler for this package (either tsc or jsii) */ -export function packageCompiler(compilers: CompilerOverrides): string[] { +export function packageCompiler(compilers: CompilerOverrides, options?: CDKBuildOptions): string[] { if (isJsii()) { - return [compilers.jsii || require.resolve('jsii/bin/jsii'), '--silence-warnings=reserved-word']; + const args = ['--silence-warnings=reserved-word']; + if (options?.stripDeprecated) { + args.push('--strip-deprecated'); + } + return [compilers.jsii || require.resolve('jsii/bin/jsii'), ...args]; } else { return [compilers.tsc || require.resolve('typescript/bin/tsc'), '--build']; } @@ -148,6 +152,12 @@ export interface CDKBuildOptions { * Environment variables to be passed to 'cdk-build' and all of its child processes. */ env?: NodeJS.ProcessEnv; + + /** + * Whether deprecated symbols should be stripped from the jsii assembly and typescript declaration files. + * @see https://aws.github.io/jsii/user-guides/lib-author/toolchain/jsii/#-strip-deprecated + */ + stripDeprecated?: boolean; } /** From e9f2773aedeb7f01ebf2a05face719be9bb8b0d7 Mon Sep 17 00:00:00 2001 From: Matt Simpson Date: Sat, 27 Mar 2021 04:30:54 +1300 Subject: [PATCH 032/260] feat(lambda-event-sources): tumbling window (#13412) fixes #13411 *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../aws-lambda-event-sources/README.md | 2 ++ .../aws-lambda-event-sources/lib/stream.ts | 9 +++++ .../test/integ.dynamodb.expected.json | 1 + .../test/integ.dynamodb.ts | 1 + .../test/integ.kinesis.expected.json | 1 + .../test/integ.kinesis.ts | 1 + .../test/test.dynamo.ts | 27 +++++++++++++++ .../test/test.kinesis.ts | 32 ++++++++++++++++++ .../aws-lambda/lib/event-source-mapping.ts | 16 +++++++++ .../test/event-source-mapping.test.ts | 33 ++++++++++++++++++- 10 files changed, 122 insertions(+), 1 deletion(-) diff --git a/packages/@aws-cdk/aws-lambda-event-sources/README.md b/packages/@aws-cdk/aws-lambda-event-sources/README.md index eb4f206c8f3c9..a03baa6bf1542 100644 --- a/packages/@aws-cdk/aws-lambda-event-sources/README.md +++ b/packages/@aws-cdk/aws-lambda-event-sources/README.md @@ -148,6 +148,7 @@ and add it to your Lambda function. The following parameters will impact Amazon * __parallelizationFactor__: The number of batches to concurrently process on each shard. * __retryAttempts__: The maximum number of times a record should be retried in the event of failure. * __startingPosition__: Will determine where to being consumption, either at the most recent ('LATEST') record or the oldest record ('TRIM_HORIZON'). 'TRIM_HORIZON' will ensure you process all available data, while 'LATEST' will ignore all records that arrived prior to attaching the event source. +* __tumblingWindow__: The duration in seconds of a processing window when using streams. * __enabled__: If the DynamoDB Streams event source mapping should be enabled. The default is true. ```ts @@ -192,6 +193,7 @@ behavior: * __parallelizationFactor__: The number of batches to concurrently process on each shard. * __retryAttempts__: The maximum number of times a record should be retried in the event of failure. * __startingPosition__: Will determine where to being consumption, either at the most recent ('LATEST') record or the oldest record ('TRIM_HORIZON'). 'TRIM_HORIZON' will ensure you process all available data, while 'LATEST' will ignore all records that arrived prior to attaching the event source. +* __tumblingWindow__: The duration in seconds of a processing window when using streams. * __enabled__: If the DynamoDB Streams event source mapping should be enabled. The default is true. ```ts diff --git a/packages/@aws-cdk/aws-lambda-event-sources/lib/stream.ts b/packages/@aws-cdk/aws-lambda-event-sources/lib/stream.ts index 96907b97835fc..c9de62653a93e 100644 --- a/packages/@aws-cdk/aws-lambda-event-sources/lib/stream.ts +++ b/packages/@aws-cdk/aws-lambda-event-sources/lib/stream.ts @@ -78,6 +78,14 @@ export interface StreamEventSourceProps { */ readonly maxBatchingWindow?: Duration; + /** + * The size of the tumbling windows to group records sent to DynamoDB or Kinesis + * Valid Range: 0 - 15 minutes + * + * @default - None + */ + readonly tumblingWindow?: Duration; + /** * If the stream event source mapping should be enabled. * @@ -106,6 +114,7 @@ export abstract class StreamEventSource implements lambda.IEventSource { retryAttempts: this.props.retryAttempts, parallelizationFactor: this.props.parallelizationFactor, onFailure: this.props.onFailure, + tumblingWindow: this.props.tumblingWindow, enabled: this.props.enabled, }; } diff --git a/packages/@aws-cdk/aws-lambda-event-sources/test/integ.dynamodb.expected.json b/packages/@aws-cdk/aws-lambda-event-sources/test/integ.dynamodb.expected.json index 406a123559d74..0f3557acedc33 100644 --- a/packages/@aws-cdk/aws-lambda-event-sources/test/integ.dynamodb.expected.json +++ b/packages/@aws-cdk/aws-lambda-event-sources/test/integ.dynamodb.expected.json @@ -99,6 +99,7 @@ "StreamArn" ] }, + "TumblingWindowInSeconds": 60, "StartingPosition": "TRIM_HORIZON" } }, diff --git a/packages/@aws-cdk/aws-lambda-event-sources/test/integ.dynamodb.ts b/packages/@aws-cdk/aws-lambda-event-sources/test/integ.dynamodb.ts index ea5089bf98706..aa4f6f244ee94 100644 --- a/packages/@aws-cdk/aws-lambda-event-sources/test/integ.dynamodb.ts +++ b/packages/@aws-cdk/aws-lambda-event-sources/test/integ.dynamodb.ts @@ -21,6 +21,7 @@ class DynamoEventSourceTest extends cdk.Stack { fn.addEventSource(new DynamoEventSource(queue, { batchSize: 5, startingPosition: lambda.StartingPosition.TRIM_HORIZON, + tumblingWindow: cdk.Duration.seconds(60), })); } } diff --git a/packages/@aws-cdk/aws-lambda-event-sources/test/integ.kinesis.expected.json b/packages/@aws-cdk/aws-lambda-event-sources/test/integ.kinesis.expected.json index 54bfa6f32f361..aafb84ca19c72 100644 --- a/packages/@aws-cdk/aws-lambda-event-sources/test/integ.kinesis.expected.json +++ b/packages/@aws-cdk/aws-lambda-event-sources/test/integ.kinesis.expected.json @@ -106,6 +106,7 @@ "Arn" ] }, + "TumblingWindowInSeconds": 60, "StartingPosition": "TRIM_HORIZON" } }, diff --git a/packages/@aws-cdk/aws-lambda-event-sources/test/integ.kinesis.ts b/packages/@aws-cdk/aws-lambda-event-sources/test/integ.kinesis.ts index 40dde2a809fc9..212c66e44ec11 100644 --- a/packages/@aws-cdk/aws-lambda-event-sources/test/integ.kinesis.ts +++ b/packages/@aws-cdk/aws-lambda-event-sources/test/integ.kinesis.ts @@ -13,6 +13,7 @@ class KinesisEventSourceTest extends cdk.Stack { fn.addEventSource(new KinesisEventSource(stream, { startingPosition: lambda.StartingPosition.TRIM_HORIZON, + tumblingWindow: cdk.Duration.seconds(60), })); } } diff --git a/packages/@aws-cdk/aws-lambda-event-sources/test/test.dynamo.ts b/packages/@aws-cdk/aws-lambda-event-sources/test/test.dynamo.ts index 41d8535d90235..7793cf54b9cc0 100644 --- a/packages/@aws-cdk/aws-lambda-event-sources/test/test.dynamo.ts +++ b/packages/@aws-cdk/aws-lambda-event-sources/test/test.dynamo.ts @@ -76,6 +76,33 @@ export = { test.done(); }, + 'specific tumblingWindow'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + const fn = new TestFunction(stack, 'Fn'); + const table = new dynamodb.Table(stack, 'T', { + partitionKey: { + name: 'id', + type: dynamodb.AttributeType.STRING, + }, + stream: dynamodb.StreamViewType.NEW_IMAGE, + }); + + // WHEN + fn.addEventSource(new sources.DynamoEventSource(table, { + batchSize: 50, + startingPosition: lambda.StartingPosition.LATEST, + tumblingWindow: cdk.Duration.seconds(60), + })); + + // THEN + expect(stack).to(haveResource('AWS::Lambda::EventSourceMapping', { + TumblingWindowInSeconds: 60, + })); + + test.done(); + }, + 'specific batch size'(test: Test) { // GIVEN const stack = new cdk.Stack(); diff --git a/packages/@aws-cdk/aws-lambda-event-sources/test/test.kinesis.ts b/packages/@aws-cdk/aws-lambda-event-sources/test/test.kinesis.ts index 76e437de0ae34..c36ecba6156ce 100644 --- a/packages/@aws-cdk/aws-lambda-event-sources/test/test.kinesis.ts +++ b/packages/@aws-cdk/aws-lambda-event-sources/test/test.kinesis.ts @@ -76,6 +76,38 @@ export = { test.done(); }, + 'specific tumblingWindowInSeconds'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + const fn = new TestFunction(stack, 'Fn'); + const stream = new kinesis.Stream(stack, 'S'); + + // WHEN + fn.addEventSource(new sources.KinesisEventSource(stream, { + batchSize: 50, + startingPosition: lambda.StartingPosition.LATEST, + tumblingWindow: cdk.Duration.seconds(60), + })); + + // THEN + expect(stack).to(haveResource('AWS::Lambda::EventSourceMapping', { + 'EventSourceArn': { + 'Fn::GetAtt': [ + 'S509448A1', + 'Arn', + ], + }, + 'FunctionName': { + 'Ref': 'Fn9270CBC0', + }, + 'BatchSize': 50, + 'StartingPosition': 'LATEST', + 'TumblingWindowInSeconds': 60, + })); + + test.done(); + }, + 'specific batch size'(test: Test) { // GIVEN const stack = new cdk.Stack(); diff --git a/packages/@aws-cdk/aws-lambda/lib/event-source-mapping.ts b/packages/@aws-cdk/aws-lambda/lib/event-source-mapping.ts index 239bf58671b7e..924868449a973 100644 --- a/packages/@aws-cdk/aws-lambda/lib/event-source-mapping.ts +++ b/packages/@aws-cdk/aws-lambda/lib/event-source-mapping.ts @@ -168,6 +168,17 @@ export interface EventSourceMappingOptions { */ readonly kafkaTopic?: string; + /** + * The size of the tumbling windows to group records sent to DynamoDB or Kinesis + * + * @see https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html#services-ddb-windows + * + * Valid Range: 0 - 15 minutes + * + * @default - None + */ + readonly tumblingWindow?: cdk.Duration; + /** * A list of host and port pairs that are the addresses of the Kafka brokers in a self managed "bootstrap" Kafka cluster * that a Kafka client connects to initially to bootstrap itself. @@ -269,6 +280,10 @@ export class EventSourceMapping extends cdk.Resource implements IEventSourceMapp } }); + if (props.tumblingWindow && !cdk.Token.isUnresolved(props.tumblingWindow) && props.tumblingWindow.toSeconds() > 900) { + throw new Error(`tumblingWindow cannot be over 900 seconds, got ${props.tumblingWindow.toSeconds()}`); + } + let destinationConfig; @@ -296,6 +311,7 @@ export class EventSourceMapping extends cdk.Resource implements IEventSourceMapp maximumRetryAttempts: props.retryAttempts, parallelizationFactor: props.parallelizationFactor, topics: props.kafkaTopic !== undefined ? [props.kafkaTopic] : undefined, + tumblingWindowInSeconds: props.tumblingWindow?.toSeconds(), sourceAccessConfigurations: props.sourceAccessConfigurations?.map((o) => {return { type: o.type.type, uri: o.uri };}), selfManagedEventSource, }); diff --git a/packages/@aws-cdk/aws-lambda/test/event-source-mapping.test.ts b/packages/@aws-cdk/aws-lambda/test/event-source-mapping.test.ts index 5d833a2d865c6..92e60d3959f29 100644 --- a/packages/@aws-cdk/aws-lambda/test/event-source-mapping.test.ts +++ b/packages/@aws-cdk/aws-lambda/test/event-source-mapping.test.ts @@ -261,4 +261,35 @@ describe('event source mapping', () => { SelfManagedEventSource: { Endpoints: { KafkaBootstrapServers: kafkaBootstrapServers } }, }); }); -}); + + test('throws if tumblingWindow > 900 seconds', () => { + const stack = new cdk.Stack(); + const fn = new Function(stack, 'fn', { + handler: 'index.handler', + code: Code.fromInline('exports.handler = ${handler.toString()}'), + runtime: Runtime.NODEJS_10_X, + }); + + expect(() => new EventSourceMapping(stack, 'test', { + target: fn, + eventSourceArn: '', + tumblingWindow: cdk.Duration.seconds(901), + })).toThrow(/tumblingWindow cannot be over 900 seconds/); + }); + + test('accepts if tumblingWindow is a token', () => { + const stack = new cdk.Stack(); + const fn = new Function(stack, 'fn', { + handler: 'index.handler', + code: Code.fromInline('exports.handler = ${handler.toString()}'), + runtime: Runtime.NODEJS_10_X, + }); + const lazyDuration = cdk.Duration.seconds(cdk.Lazy.number({ produce: () => 60 })); + + new EventSourceMapping(stack, 'test', { + target: fn, + eventSourceArn: '', + tumblingWindow: lazyDuration, + }); + }); +}); \ No newline at end of file From 6743e3bb79a8281a4be5677fff018d702c85038d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stefan=20=C3=96desj=C3=B6?= Date: Fri, 26 Mar 2021 17:08:19 +0100 Subject: [PATCH 033/260] feat(lambda-event-sources): support for batching window to sqs event source (#13406) Fixes #11722 This is continued work from #11724 closes #13770 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../aws-lambda-event-sources/README.md | 5 +- .../aws-lambda-event-sources/lib/sqs.ts | 29 ++++- .../aws-lambda-event-sources/test/test.sqs.ts | 113 +++++++++++++++++- 3 files changed, 141 insertions(+), 6 deletions(-) diff --git a/packages/@aws-cdk/aws-lambda-event-sources/README.md b/packages/@aws-cdk/aws-lambda-event-sources/README.md index a03baa6bf1542..55cd7e864125a 100644 --- a/packages/@aws-cdk/aws-lambda-event-sources/README.md +++ b/packages/@aws-cdk/aws-lambda-event-sources/README.md @@ -53,6 +53,8 @@ behavior: * __receiveMessageWaitTime__: Will determine [long poll](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-long-polling.html) duration. The default value is 20 seconds. +* __batchSize__: Determines how many records are buffered before invoking your lambda function. +* __maxBatchingWindow__: The maximum amount of time to gather records before invoking the lambda. This increases the likelihood of a full batch at the cost of delayed processing. * __enabled__: If the SQS event source mapping should be enabled. The default is true. ```ts @@ -67,6 +69,7 @@ const queue = new sqs.Queue(this, 'MyQueue', { lambda.addEventSource(new SqsEventSource(queue, { batchSize: 10, // default + maxBatchingWindow: Duration.minutes(5), })); ``` @@ -214,7 +217,7 @@ myFunction.addEventSource(new KinesisEventSource(stream, { You can write Lambda functions to process data either from [Amazon MSK](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html) or a [self managed Kafka](https://docs.aws.amazon.com/lambda/latest/dg/kafka-smaa.html) cluster. The following code sets up Amazon MSK as an event source for a lambda function. Credentials will need to be configured to access the -MSK cluster, as described in [Username/Password authentication](https://docs.aws.amazon.com/msk/latest/developerguide/msk-password.html). +MSK cluster, as described in [Username/Password authentication](https://docs.aws.amazon.com/msk/latest/developerguide/msk-password.html). ```ts import * as lambda from '@aws-cdk/aws-lambda'; diff --git a/packages/@aws-cdk/aws-lambda-event-sources/lib/sqs.ts b/packages/@aws-cdk/aws-lambda-event-sources/lib/sqs.ts index 88cc1682f2be5..8a67e63fb6199 100644 --- a/packages/@aws-cdk/aws-lambda-event-sources/lib/sqs.ts +++ b/packages/@aws-cdk/aws-lambda-event-sources/lib/sqs.ts @@ -1,6 +1,6 @@ import * as lambda from '@aws-cdk/aws-lambda'; import * as sqs from '@aws-cdk/aws-sqs'; -import { Names } from '@aws-cdk/core'; +import { Duration, Names, Token } from '@aws-cdk/core'; export interface SqsEventSourceProps { /** @@ -14,6 +14,15 @@ export interface SqsEventSourceProps { */ readonly batchSize?: number; + /** + * The maximum amount of time to gather records before invoking the function. + * + * Valid Range: Minimum value of 0 minutes. Maximum value of 5 minutes. + * + * @default - no batching window. The lambda function will be invoked immediately with the records that are available. + */ + readonly maxBatchingWindow?: Duration; + /** * If the SQS event source mapping should be enabled. * @@ -29,14 +38,28 @@ export class SqsEventSource implements lambda.IEventSource { private _eventSourceMappingId?: string = undefined; constructor(readonly queue: sqs.IQueue, private readonly props: SqsEventSourceProps = { }) { - if (this.props.batchSize !== undefined && (this.props.batchSize < 1 || this.props.batchSize > 10)) { - throw new Error(`Maximum batch size must be between 1 and 10 inclusive (given ${this.props.batchSize})`); + if (this.props.maxBatchingWindow !== undefined) { + if (queue.fifo) { + throw new Error('Batching window is not supported for FIFO queues'); + } + if (!this.props.maxBatchingWindow.isUnresolved() && this.props.maxBatchingWindow.toSeconds() > 300) { + throw new Error(`Maximum batching window must be 300 seconds or less (given ${this.props.maxBatchingWindow.toHumanString()})`); + } + } + if (this.props.batchSize !== undefined && !Token.isUnresolved(this.props.batchSize)) { + if (this.props.maxBatchingWindow !== undefined && (this.props.batchSize < 1 || this.props.batchSize > 10000)) { + throw new Error(`Maximum batch size must be between 1 and 10000 inclusive (given ${this.props.batchSize}) when batching window is specified.`); + } + if (this.props.maxBatchingWindow === undefined && (this.props.batchSize < 1 || this.props.batchSize > 10)) { + throw new Error(`Maximum batch size must be between 1 and 10 inclusive (given ${this.props.batchSize}) when batching window is not specified.`); + } } } public bind(target: lambda.IFunction) { const eventSourceMapping = target.addEventSourceMapping(`SqsEventSource:${Names.nodeUniqueId(this.queue.node)}`, { batchSize: this.props.batchSize, + maxBatchingWindow: this.props.maxBatchingWindow, enabled: this.props.enabled, eventSourceArn: this.queue.queueArn, }); diff --git a/packages/@aws-cdk/aws-lambda-event-sources/test/test.sqs.ts b/packages/@aws-cdk/aws-lambda-event-sources/test/test.sqs.ts index fd02dda47a304..e67204f2c590c 100644 --- a/packages/@aws-cdk/aws-lambda-event-sources/test/test.sqs.ts +++ b/packages/@aws-cdk/aws-lambda-event-sources/test/test.sqs.ts @@ -85,6 +85,30 @@ export = { test.done(); }, + 'unresolved batch size'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + const fn = new TestFunction(stack, 'Fn'); + const q = new sqs.Queue(stack, 'Q'); + const batchSize : number = 500; + + // WHEN + fn.addEventSource(new sources.SqsEventSource(q, { + batchSize: cdk.Lazy.number({ + produce() { + return batchSize; + }, + }), + })); + + // THEN + expect(stack).to(haveResource('AWS::Lambda::EventSourceMapping', { + 'BatchSize': 500, + })); + + test.done(); + }, + 'fails if batch size is < 1'(test: Test) { // GIVEN const stack = new cdk.Stack(); @@ -94,7 +118,7 @@ export = { // WHEN/THEN test.throws(() => fn.addEventSource(new sources.SqsEventSource(q, { batchSize: 0, - })), /Maximum batch size must be between 1 and 10 inclusive \(given 0\)/); + })), /Maximum batch size must be between 1 and 10 inclusive \(given 0\) when batching window is not specified\./); test.done(); }, @@ -108,7 +132,92 @@ export = { // WHEN/THEN test.throws(() => fn.addEventSource(new sources.SqsEventSource(q, { batchSize: 11, - })), /Maximum batch size must be between 1 and 10 inclusive \(given 11\)/); + })), /Maximum batch size must be between 1 and 10 inclusive \(given 11\) when batching window is not specified\./); + + test.done(); + }, + + 'batch size is > 10 and batch window is defined'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + const fn = new TestFunction(stack, 'Fn'); + const q = new sqs.Queue(stack, 'Q'); + + // WHEN + fn.addEventSource(new sources.SqsEventSource(q, { + batchSize: 1000, + maxBatchingWindow: cdk.Duration.minutes(5), + })); + + // THEN + expect(stack).to(haveResource('AWS::Lambda::EventSourceMapping', { + 'BatchSize': 1000, + 'MaximumBatchingWindowInSeconds': 300, + })); + + test.done(); + }, + + 'fails if batch size is > 10000 and batch window is defined'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + const fn = new TestFunction(stack, 'Fn'); + const q = new sqs.Queue(stack, 'Q'); + + // WHEN/THEN + test.throws(() => fn.addEventSource(new sources.SqsEventSource(q, { + batchSize: 11000, + maxBatchingWindow: cdk.Duration.minutes(5), + })), /Maximum batch size must be between 1 and 10000 inclusive/i); + + test.done(); + }, + + 'specific batch window'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + const fn = new TestFunction(stack, 'Fn'); + const q = new sqs.Queue(stack, 'Q'); + + // WHEN + fn.addEventSource(new sources.SqsEventSource(q, { + maxBatchingWindow: cdk.Duration.minutes(5), + })); + + // THEN + expect(stack).to(haveResource('AWS::Lambda::EventSourceMapping', { + 'MaximumBatchingWindowInSeconds': 300, + })); + + test.done(); + }, + + 'fails if batch window defined for FIFO queue'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + const fn = new TestFunction(stack, 'Fn'); + const q = new sqs.Queue(stack, 'Q', { + fifo: true, + }); + + // WHEN/THEN + test.throws(() => fn.addEventSource(new sources.SqsEventSource(q, { + maxBatchingWindow: cdk.Duration.minutes(5), + })), /Batching window is not supported for FIFO queues/); + + test.done(); + }, + + 'fails if batch window is > 5'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + const fn = new TestFunction(stack, 'Fn'); + const q = new sqs.Queue(stack, 'Q'); + + // WHEN/THEN + test.throws(() => fn.addEventSource(new sources.SqsEventSource(q, { + maxBatchingWindow: cdk.Duration.minutes(7), + })), /Maximum batching window must be 300 seconds or less/i); test.done(); }, From 6f6e079569fcdb7e0631717fbe269e94f8f7b127 Mon Sep 17 00:00:00 2001 From: Adam Ruka Date: Fri, 26 Mar 2021 11:26:11 -0700 Subject: [PATCH 034/260] fix(codebuild): allow passing the ARN of the Secret in environment variables (#13706) In the SecretsManager-typed environment variables in CodeBuild, the code in the Project class assumed those would be passed as names. As it turns out, CodeBuild also allows passing there entire ARNs of secrets (both partial, and full), and also optional qualifiers, separated by colons, that specify SecretsManager attributes like the JSON key, or the secret version. Add handling of all of these cases. Fixes #12703 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../@aws-cdk/aws-codebuild/lib/project.ts | 72 +- .../aws-codebuild/test/test.project.ts | 690 ++++++++++++++---- 2 files changed, 587 insertions(+), 175 deletions(-) diff --git a/packages/@aws-cdk/aws-codebuild/lib/project.ts b/packages/@aws-cdk/aws-codebuild/lib/project.ts index 718f7263ada13..4b03ed8756f9f 100644 --- a/packages/@aws-cdk/aws-codebuild/lib/project.ts +++ b/packages/@aws-cdk/aws-codebuild/lib/project.ts @@ -7,7 +7,7 @@ import * as iam from '@aws-cdk/aws-iam'; import * as kms from '@aws-cdk/aws-kms'; import * as s3 from '@aws-cdk/aws-s3'; import * as secretsmanager from '@aws-cdk/aws-secretsmanager'; -import { Aws, Duration, IResource, Lazy, Names, PhysicalName, Resource, SecretValue, Stack, Tokenization } from '@aws-cdk/core'; +import { ArnComponents, Aws, Duration, IResource, Lazy, Names, PhysicalName, Resource, SecretValue, Stack, Token, Tokenization } from '@aws-cdk/core'; import { Construct } from 'constructs'; import { IArtifacts } from './artifacts'; import { BuildSpec } from './build-spec'; @@ -707,14 +707,15 @@ export class Project extends ProjectBase { validateNoPlainTextSecrets: boolean = false, principal?: iam.IGrantable): CfnProject.EnvironmentVariableProperty[] { const ret = new Array(); - const ssmVariables = new Array(); - const secretsManagerSecrets = new Array(); + const ssmIamResources = new Array(); + const secretsManagerIamResources = new Array(); for (const [name, envVariable] of Object.entries(environmentVariables)) { + const envVariableValue = envVariable.value?.toString(); const cfnEnvVariable: CfnProject.EnvironmentVariableProperty = { name, type: envVariable.type || BuildEnvironmentVariableType.PLAINTEXT, - value: envVariable.value?.toString(), + value: envVariableValue, }; ret.push(cfnEnvVariable); @@ -733,10 +734,11 @@ export class Project extends ProjectBase { } if (principal) { + const stack = Stack.of(principal); + // save the SSM env variables if (envVariable.type === BuildEnvironmentVariableType.PARAMETER_STORE) { - const envVariableValue = envVariable.value.toString(); - ssmVariables.push(Stack.of(principal).formatArn({ + ssmIamResources.push(stack.formatArn({ service: 'ssm', resource: 'parameter', // If the parameter name starts with / the resource name is not separated with a double '/' @@ -749,27 +751,58 @@ export class Project extends ProjectBase { // save SecretsManager env variables if (envVariable.type === BuildEnvironmentVariableType.SECRETS_MANAGER) { - secretsManagerSecrets.push(Stack.of(principal).formatArn({ - service: 'secretsmanager', - resource: 'secret', - // we don't know the exact ARN of the Secret just from its name, but we can get close - resourceName: `${envVariable.value}-??????`, - sep: ':', - })); + if (Token.isUnresolved(envVariableValue)) { + // the value of the property can be a complex string, separated by ':'; + // see https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec.env.secrets-manager + const secretArn = envVariableValue.split(':')[0]; + + // if we are passed a Token, we should assume it's the ARN of the Secret + // (as the name would not work anyway, because it would be the full name, which CodeBuild does not support) + secretsManagerIamResources.push(secretArn); + } else { + // check if the provided value is a full ARN of the Secret + let parsedArn: ArnComponents | undefined; + try { + parsedArn = stack.parseArn(envVariableValue, ':'); + } catch (e) {} + const secretSpecifier: string = parsedArn ? parsedArn.resourceName : envVariableValue; + + // the value of the property can be a complex string, separated by ':'; + // see https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec.env.secrets-manager + const secretName = secretSpecifier.split(':')[0]; + const secretIamResourceName = parsedArn + // If we were given an ARN, we don't' know whether the name is full, or partial, + // as CodeBuild supports both ARN forms. + // Because of that, follow the name with a '*', which works for both + ? `${secretName}*` + // If we were given just a name, it must be partial, as CodeBuild doesn't support providing full names. + // In this case, we need to accommodate for the generated suffix in the IAM resource name + : `${secretName}-??????`; + secretsManagerIamResources.push(Stack.of(principal).formatArn({ + service: 'secretsmanager', + resource: 'secret', + resourceName: secretIamResourceName, + sep: ':', + // if we were given an ARN, we need to use the provided partition/account/region + partition: parsedArn?.partition, + account: parsedArn?.account, + region: parsedArn?.region, + })); + } } } } - if (ssmVariables.length !== 0) { + if (ssmIamResources.length !== 0) { principal?.grantPrincipal.addToPrincipalPolicy(new iam.PolicyStatement({ actions: ['ssm:GetParameters'], - resources: ssmVariables, + resources: ssmIamResources, })); } - if (secretsManagerSecrets.length !== 0) { + if (secretsManagerIamResources.length !== 0) { principal?.grantPrincipal.addToPrincipalPolicy(new iam.PolicyStatement({ actions: ['secretsmanager:GetSecretValue'], - resources: secretsManagerSecrets, + resources: secretsManagerIamResources, })); } @@ -1831,7 +1864,10 @@ export interface BuildEnvironmentVariable { * The value of the environment variable. * For plain-text variables (the default), this is the literal value of variable. * For SSM parameter variables, pass the name of the parameter here (`parameterName` property of `IParameter`). - * For SecretsManager variables secrets, pass the secret name here (`secretName` property of `ISecret`). + * For SecretsManager variables secrets, pass either the secret name (`secretName` property of `ISecret`) + * or the secret ARN (`secretArn` property of `ISecret`) here, + * along with optional SecretsManager qualifiers separated by ':', like the JSON key, or the version or stage + * (see https://docs.aws.amazon.com/codebuild/latest/userguide/build-spec-ref.html#build-spec.env.secrets-manager for details). */ readonly value: any; } diff --git a/packages/@aws-cdk/aws-codebuild/test/test.project.ts b/packages/@aws-cdk/aws-codebuild/test/test.project.ts index 3d7f8e726fd69..80c6940bd79bd 100644 --- a/packages/@aws-cdk/aws-codebuild/test/test.project.ts +++ b/packages/@aws-cdk/aws-codebuild/test/test.project.ts @@ -765,192 +765,568 @@ export = { }, 'EnvironmentVariables': { - 'can use environment variables from parameter store'(test: Test) { - // GIVEN - const stack = new cdk.Stack(); + 'from SSM': { + 'can use environment variables'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + new codebuild.Project(stack, 'Project', { + source: codebuild.Source.s3({ + bucket: new s3.Bucket(stack, 'Bucket'), + path: 'path', + }), + environment: { + buildImage: codebuild.LinuxBuildImage.fromDockerRegistry('myimage'), + }, + environmentVariables: { + 'ENV_VAR1': { + type: codebuild.BuildEnvironmentVariableType.PARAMETER_STORE, + value: '/params/param1', + }, + }, + }); - // WHEN - new codebuild.Project(stack, 'Project', { - source: codebuild.Source.s3({ - bucket: new s3.Bucket(stack, 'Bucket'), - path: 'path', - }), - environment: { - buildImage: codebuild.LinuxBuildImage.fromDockerRegistry('myimage'), - }, - environmentVariables: { - 'ENV_VAR1': { - type: codebuild.BuildEnvironmentVariableType.PARAMETER_STORE, - value: '/params/param1', + // THEN + expect(stack).to(haveResourceLike('AWS::CodeBuild::Project', { + Environment: objectLike({ + EnvironmentVariables: [{ + Name: 'ENV_VAR1', + Type: 'PARAMETER_STORE', + Value: '/params/param1', + }], + }), + })); + + test.done(); + }, + + 'grants the correct read permissions'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + new codebuild.Project(stack, 'Project', { + source: codebuild.Source.s3({ + bucket: new s3.Bucket(stack, 'Bucket'), + path: 'path', + }), + environment: { + buildImage: codebuild.LinuxBuildImage.fromDockerRegistry('myimage'), }, - }, - }); + environmentVariables: { + 'ENV_VAR1': { + type: codebuild.BuildEnvironmentVariableType.PARAMETER_STORE, + value: '/params/param1', + }, + 'ENV_VAR2': { + type: codebuild.BuildEnvironmentVariableType.PARAMETER_STORE, + value: 'params/param2', + }, + }, + }); - // THEN - expect(stack).to(haveResourceLike('AWS::CodeBuild::Project', { - Environment: objectLike({ - EnvironmentVariables: [{ - Name: 'ENV_VAR1', - Type: 'PARAMETER_STORE', - Value: '/params/param1', - }], - }), - })); + // THEN + expect(stack).to(haveResourceLike('AWS::IAM::Policy', { + 'PolicyDocument': { + 'Statement': arrayWith(objectLike({ + 'Action': 'ssm:GetParameters', + 'Effect': 'Allow', + 'Resource': [{ + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':ssm:', + { + Ref: 'AWS::Region', + }, + ':', + { + Ref: 'AWS::AccountId', + }, + ':parameter/params/param1', + ], + ], + }, + { + 'Fn::Join': [ + '', + [ + 'arn:', + { + Ref: 'AWS::Partition', + }, + ':ssm:', + { + Ref: 'AWS::Region', + }, + ':', + { + Ref: 'AWS::AccountId', + }, + ':parameter/params/param2', + ], + ], + }], + })), + }, + })); - test.done(); - }, + test.done(); + }, - 'grant read permission for parameter store variables'(test: Test) { - // GIVEN - const stack = new cdk.Stack(); + 'does not grant read permissions when variables are not from parameter store'(test: Test) { - // WHEN - new codebuild.Project(stack, 'Project', { - source: codebuild.Source.s3({ - bucket: new s3.Bucket(stack, 'Bucket'), - path: 'path', - }), - environment: { - buildImage: codebuild.LinuxBuildImage.fromDockerRegistry('myimage'), - }, - environmentVariables: { - 'ENV_VAR1': { - type: codebuild.BuildEnvironmentVariableType.PARAMETER_STORE, - value: '/params/param1', + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + new codebuild.Project(stack, 'Project', { + source: codebuild.Source.s3({ + bucket: new s3.Bucket(stack, 'Bucket'), + path: 'path', + }), + environment: { + buildImage: codebuild.LinuxBuildImage.fromDockerRegistry('myimage'), }, - 'ENV_VAR2': { - type: codebuild.BuildEnvironmentVariableType.PARAMETER_STORE, - value: 'params/param2', + environmentVariables: { + 'ENV_VAR1': { + type: codebuild.BuildEnvironmentVariableType.PLAINTEXT, + value: 'var1-value', + }, }, - }, - }); + }); - // THEN - expect(stack).to(haveResourceLike('AWS::IAM::Policy', { - 'PolicyDocument': { - 'Statement': arrayWith(objectLike({ - 'Action': 'ssm:GetParameters', - 'Effect': 'Allow', - 'Resource': [{ - 'Fn::Join': [ - '', - [ + // THEN + expect(stack).notTo(haveResourceLike('AWS::IAM::Policy', { + 'PolicyDocument': { + 'Statement': arrayWith(objectLike({ + 'Action': 'ssm:GetParameters', + 'Effect': 'Allow', + })), + }, + })); + + test.done(); + }, + }, + + 'from SecretsManager': { + 'can be provided as a verbatim secret name'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + new codebuild.PipelineProject(stack, 'Project', { + environmentVariables: { + 'ENV_VAR1': { + type: codebuild.BuildEnvironmentVariableType.SECRETS_MANAGER, + value: 'my-secret', + }, + }, + }); + + // THEN + expect(stack).to(haveResourceLike('AWS::CodeBuild::Project', { + 'Environment': { + 'EnvironmentVariables': [ + { + 'Name': 'ENV_VAR1', + 'Type': 'SECRETS_MANAGER', + 'Value': 'my-secret', + }, + ], + }, + })); + + // THEN + expect(stack).to(haveResourceLike('AWS::IAM::Policy', { + 'PolicyDocument': { + 'Statement': arrayWith({ + 'Action': 'secretsmanager:GetSecretValue', + 'Effect': 'Allow', + 'Resource': { + 'Fn::Join': ['', [ 'arn:', - { - Ref: 'AWS::Partition', - }, - ':ssm:', - { - Ref: 'AWS::Region', - }, + { Ref: 'AWS::Partition' }, + ':secretsmanager:', + { Ref: 'AWS::Region' }, ':', - { - Ref: 'AWS::AccountId', - }, - ':parameter/params/param1', - ], - ], + { Ref: 'AWS::AccountId' }, + ':secret:my-secret-??????', + ]], + }, + }), + }, + })); + + test.done(); + }, + + 'can be provided as a verbatim secret name followed by a JSON key'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + new codebuild.PipelineProject(stack, 'Project', { + environmentVariables: { + 'ENV_VAR1': { + type: codebuild.BuildEnvironmentVariableType.SECRETS_MANAGER, + value: 'my-secret:json-key', }, - { - 'Fn::Join': [ - '', - [ + }, + }); + + // THEN + expect(stack).to(haveResourceLike('AWS::CodeBuild::Project', { + 'Environment': { + 'EnvironmentVariables': [ + { + 'Name': 'ENV_VAR1', + 'Type': 'SECRETS_MANAGER', + 'Value': 'my-secret:json-key', + }, + ], + }, + })); + + // THEN + expect(stack).to(haveResourceLike('AWS::IAM::Policy', { + 'PolicyDocument': { + 'Statement': arrayWith({ + 'Action': 'secretsmanager:GetSecretValue', + 'Effect': 'Allow', + 'Resource': { + 'Fn::Join': ['', [ 'arn:', - { - Ref: 'AWS::Partition', - }, - ':ssm:', - { - Ref: 'AWS::Region', - }, + { Ref: 'AWS::Partition' }, + ':secretsmanager:', + { Ref: 'AWS::Region' }, ':', - { - Ref: 'AWS::AccountId', - }, - ':parameter/params/param2', - ], - ], - }], - })), - }, - })); + { Ref: 'AWS::AccountId' }, + ':secret:my-secret-??????', + ]], + }, + }), + }, + })); + test.done(); + }, - test.done(); - }, + 'can be provided as a verbatim full secret ARN followed by a JSON key'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); - 'should not grant read permission when variables are not from parameter store'(test: Test) { + // WHEN + new codebuild.PipelineProject(stack, 'Project', { + environmentVariables: { + 'ENV_VAR1': { + type: codebuild.BuildEnvironmentVariableType.SECRETS_MANAGER, + value: 'arn:aws:secretsmanager:us-west-2:123456789012:secret:my-secret-123456:json-key', + }, + }, + }); - // GIVEN - const stack = new cdk.Stack(); + // THEN + expect(stack).to(haveResourceLike('AWS::CodeBuild::Project', { + 'Environment': { + 'EnvironmentVariables': [ + { + 'Name': 'ENV_VAR1', + 'Type': 'SECRETS_MANAGER', + 'Value': 'arn:aws:secretsmanager:us-west-2:123456789012:secret:my-secret-123456:json-key', + }, + ], + }, + })); + + // THEN + expect(stack).to(haveResourceLike('AWS::IAM::Policy', { + 'PolicyDocument': { + 'Statement': arrayWith({ + 'Action': 'secretsmanager:GetSecretValue', + 'Effect': 'Allow', + 'Resource': 'arn:aws:secretsmanager:us-west-2:123456789012:secret:my-secret-123456*', + }), + }, + })); - // WHEN - new codebuild.Project(stack, 'Project', { - source: codebuild.Source.s3({ - bucket: new s3.Bucket(stack, 'Bucket'), - path: 'path', - }), - environment: { - buildImage: codebuild.LinuxBuildImage.fromDockerRegistry('myimage'), - }, - environmentVariables: { - 'ENV_VAR1': { - type: codebuild.BuildEnvironmentVariableType.PLAINTEXT, - value: 'var1-value', + test.done(); + }, + + 'can be provided as a verbatim partial secret ARN'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + new codebuild.PipelineProject(stack, 'Project', { + environmentVariables: { + 'ENV_VAR1': { + type: codebuild.BuildEnvironmentVariableType.SECRETS_MANAGER, + value: 'arn:aws:secretsmanager:us-west-2:123456789012:secret:mysecret', + }, }, - }, - }); + }); - // THEN - expect(stack).notTo(haveResourceLike('AWS::IAM::Policy', { - 'PolicyDocument': { - 'Statement': arrayWith(objectLike({ - 'Action': 'ssm:GetParameters', - 'Effect': 'Allow', - })), - }, - })); + // THEN + expect(stack).to(haveResourceLike('AWS::CodeBuild::Project', { + 'Environment': { + 'EnvironmentVariables': [ + { + 'Name': 'ENV_VAR1', + 'Type': 'SECRETS_MANAGER', + 'Value': 'arn:aws:secretsmanager:us-west-2:123456789012:secret:mysecret', + }, + ], + }, + })); + + // THEN + expect(stack).to(haveResourceLike('AWS::IAM::Policy', { + 'PolicyDocument': { + 'Statement': arrayWith({ + 'Action': 'secretsmanager:GetSecretValue', + 'Effect': 'Allow', + 'Resource': 'arn:aws:secretsmanager:us-west-2:123456789012:secret:mysecret*', + }), + }, + })); - test.done(); - }, + test.done(); + }, - "grants the Project's Role read permissions to the SecretsManager environment variables"(test: Test) { - // GIVEN - const stack = new cdk.Stack(); + 'can be provided as the ARN attribute of a new Secret'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); - // WHEN - new codebuild.PipelineProject(stack, 'Project', { - environmentVariables: { - 'ENV_VAR1': { - type: codebuild.BuildEnvironmentVariableType.SECRETS_MANAGER, - value: 'my-secret', + // WHEN + const secret = new secretsmanager.Secret(stack, 'Secret'); + new codebuild.PipelineProject(stack, 'Project', { + environmentVariables: { + 'ENV_VAR1': { + type: codebuild.BuildEnvironmentVariableType.SECRETS_MANAGER, + value: secret.secretArn, + }, }, - }, - }); + }); - // THEN - expect(stack).to(haveResourceLike('AWS::IAM::Policy', { - 'PolicyDocument': { - 'Statement': arrayWith({ - 'Action': 'secretsmanager:GetSecretValue', - 'Effect': 'Allow', - 'Resource': { - 'Fn::Join': ['', [ - 'arn:', - { Ref: 'AWS::Partition' }, - ':secretsmanager:', - { Ref: 'AWS::Region' }, - ':', - { Ref: 'AWS::AccountId' }, - ':secret:my-secret-??????', - ]], + // THEN + expect(stack).to(haveResourceLike('AWS::CodeBuild::Project', { + 'Environment': { + 'EnvironmentVariables': [ + { + 'Name': 'ENV_VAR1', + 'Type': 'SECRETS_MANAGER', + 'Value': { 'Ref': 'SecretA720EF05' }, + }, + ], + }, + })); + + // THEN + expect(stack).to(haveResourceLike('AWS::IAM::Policy', { + 'PolicyDocument': { + 'Statement': arrayWith({ + 'Action': 'secretsmanager:GetSecretValue', + 'Effect': 'Allow', + 'Resource': { 'Ref': 'SecretA720EF05' }, + }), + }, + })); + + test.done(); + }, + + 'can be provided as the ARN attribute of a new Secret, followed by a JSON key'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const secret = new secretsmanager.Secret(stack, 'Secret'); + new codebuild.PipelineProject(stack, 'Project', { + environmentVariables: { + 'ENV_VAR1': { + type: codebuild.BuildEnvironmentVariableType.SECRETS_MANAGER, + value: `${secret.secretArn}:json-key:version-stage`, }, - }), - }, - })); + }, + }); - test.done(); + // THEN + expect(stack).to(haveResourceLike('AWS::CodeBuild::Project', { + 'Environment': { + 'EnvironmentVariables': [ + { + 'Name': 'ENV_VAR1', + 'Type': 'SECRETS_MANAGER', + 'Value': { + 'Fn::Join': ['', [ + { 'Ref': 'SecretA720EF05' }, + ':json-key:version-stage', + ]], + }, + }, + ], + }, + })); + + // THEN + expect(stack).to(haveResourceLike('AWS::IAM::Policy', { + 'PolicyDocument': { + 'Statement': arrayWith({ + 'Action': 'secretsmanager:GetSecretValue', + 'Effect': 'Allow', + 'Resource': { 'Ref': 'SecretA720EF05' }, + }), + }, + })); + + test.done(); + }, + + 'can be provided as the name attribute of a Secret imported by name'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const secret = secretsmanager.Secret.fromSecretNameV2(stack, 'Secret', 'mysecret'); + new codebuild.PipelineProject(stack, 'Project', { + environmentVariables: { + 'ENV_VAR1': { + type: codebuild.BuildEnvironmentVariableType.SECRETS_MANAGER, + value: secret.secretName, + }, + }, + }); + + // THEN + expect(stack).to(haveResourceLike('AWS::CodeBuild::Project', { + 'Environment': { + 'EnvironmentVariables': [ + { + 'Name': 'ENV_VAR1', + 'Type': 'SECRETS_MANAGER', + 'Value': 'mysecret', + }, + ], + }, + })); + + // THEN + expect(stack).to(haveResourceLike('AWS::IAM::Policy', { + 'PolicyDocument': { + 'Statement': arrayWith({ + 'Action': 'secretsmanager:GetSecretValue', + 'Effect': 'Allow', + 'Resource': { + 'Fn::Join': ['', [ + 'arn:', + { 'Ref': 'AWS::Partition' }, + ':secretsmanager:', + { 'Ref': 'AWS::Region' }, + ':', + { 'Ref': 'AWS::AccountId' }, + ':secret:mysecret-??????', + ]], + }, + }), + }, + })); + + test.done(); + }, + + 'can be provided as the ARN attribute of a Secret imported by partial ARN, followed by a JSON key'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const secret = secretsmanager.Secret.fromSecretPartialArn(stack, 'Secret', + 'arn:aws:secretsmanager:us-west-2:123456789012:secret:mysecret'); + new codebuild.PipelineProject(stack, 'Project', { + environmentVariables: { + 'ENV_VAR1': { + type: codebuild.BuildEnvironmentVariableType.SECRETS_MANAGER, + value: `${secret.secretArn}:json-key`, + }, + }, + }); + + // THEN + expect(stack).to(haveResourceLike('AWS::CodeBuild::Project', { + 'Environment': { + 'EnvironmentVariables': [ + { + 'Name': 'ENV_VAR1', + 'Type': 'SECRETS_MANAGER', + 'Value': 'arn:aws:secretsmanager:us-west-2:123456789012:secret:mysecret:json-key', + }, + ], + }, + })); + + // THEN + expect(stack).to(haveResourceLike('AWS::IAM::Policy', { + 'PolicyDocument': { + 'Statement': arrayWith({ + 'Action': 'secretsmanager:GetSecretValue', + 'Effect': 'Allow', + 'Resource': 'arn:aws:secretsmanager:us-west-2:123456789012:secret:mysecret*', + }), + }, + })); + + test.done(); + }, + + 'can be provided as the ARN attribute of a Secret imported by complete ARN, followed by a JSON key'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const secret = secretsmanager.Secret.fromSecretCompleteArn(stack, 'Secret', + 'arn:aws:secretsmanager:us-west-2:123456789012:secret:mysecret-123456'); + new codebuild.PipelineProject(stack, 'Project', { + environmentVariables: { + 'ENV_VAR1': { + type: codebuild.BuildEnvironmentVariableType.SECRETS_MANAGER, + value: `${secret.secretArn}:json-key`, + }, + }, + }); + + // THEN + expect(stack).to(haveResourceLike('AWS::CodeBuild::Project', { + 'Environment': { + 'EnvironmentVariables': [ + { + 'Name': 'ENV_VAR1', + 'Type': 'SECRETS_MANAGER', + 'Value': 'arn:aws:secretsmanager:us-west-2:123456789012:secret:mysecret-123456:json-key', + }, + ], + }, + })); + + // THEN + expect(stack).to(haveResourceLike('AWS::IAM::Policy', { + 'PolicyDocument': { + 'Statement': arrayWith({ + 'Action': 'secretsmanager:GetSecretValue', + 'Effect': 'Allow', + 'Resource': 'arn:aws:secretsmanager:us-west-2:123456789012:secret:mysecret-123456*', + }), + }, + })); + + test.done(); + }, }, 'should fail creating when using a secret value in a plaintext variable'(test: Test) { From aa9fd9cd9bbaea4149927e08d57d29e547933f49 Mon Sep 17 00:00:00 2001 From: Alban Esc Date: Sat, 27 Mar 2021 02:00:57 -0700 Subject: [PATCH 035/260] fix(cognito): imported userpool not retaining environment from arn (#13715) Importing a `UserPool` using `fromUserPoolArn()` method would not retain the account/region from the ARN and would instead use the environment from the scope it is imported to. Closes #13691 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../@aws-cdk/aws-cognito/lib/user-pool.ts | 37 +++++++++++++----- .../aws-cognito/test/user-pool.test.ts | 39 ++++++++++++++----- 2 files changed, 56 insertions(+), 20 deletions(-) diff --git a/packages/@aws-cdk/aws-cognito/lib/user-pool.ts b/packages/@aws-cdk/aws-cognito/lib/user-pool.ts index eff29527ab4af..28e37670b05a2 100644 --- a/packages/@aws-cdk/aws-cognito/lib/user-pool.ts +++ b/packages/@aws-cdk/aws-cognito/lib/user-pool.ts @@ -660,22 +660,39 @@ export class UserPool extends UserPoolBase { * Import an existing user pool based on its id. */ public static fromUserPoolId(scope: Construct, id: string, userPoolId: string): IUserPool { - class Import extends UserPoolBase { - public readonly userPoolId = userPoolId; - public readonly userPoolArn = Stack.of(this).formatArn({ - service: 'cognito-idp', - resource: 'userpool', - resourceName: userPoolId, - }); - } - return new Import(scope, id); + let userPoolArn = Stack.of(scope).formatArn({ + service: 'cognito-idp', + resource: 'userpool', + resourceName: userPoolId, + }); + + return UserPool.fromUserPoolArn(scope, id, userPoolArn); } /** * Import an existing user pool based on its ARN. */ public static fromUserPoolArn(scope: Construct, id: string, userPoolArn: string): IUserPool { - return UserPool.fromUserPoolId(scope, id, Stack.of(scope).parseArn(userPoolArn).resourceName!); + const arnParts = Stack.of(scope).parseArn(userPoolArn); + + if (!arnParts.resourceName) { + throw new Error('invalid user pool ARN'); + } + + const userPoolId = arnParts.resourceName; + + class ImportedUserPool extends UserPoolBase { + public readonly userPoolArn = userPoolArn; + public readonly userPoolId = userPoolId; + constructor() { + super(scope, id, { + account: arnParts.account, + region: arnParts.region, + }); + } + } + + return new ImportedUserPool(); } /** diff --git a/packages/@aws-cdk/aws-cognito/test/user-pool.test.ts b/packages/@aws-cdk/aws-cognito/test/user-pool.test.ts index 4aa6a1bf4b85a..db6c036877f7c 100644 --- a/packages/@aws-cdk/aws-cognito/test/user-pool.test.ts +++ b/packages/@aws-cdk/aws-cognito/test/user-pool.test.ts @@ -211,17 +211,36 @@ describe('User Pool', () => { // WHEN const pool = UserPool.fromUserPoolArn(stack, 'userpool', userPoolArn); expect(pool.userPoolId).toEqual('test-user-pool'); - expect(stack.resolve(pool.userPoolArn)).toEqual({ - 'Fn::Join': ['', [ - 'arn:', - { Ref: 'AWS::Partition' }, - ':cognito-idp:', - { Ref: 'AWS::Region' }, - ':', - { Ref: 'AWS::AccountId' }, - ':userpool/test-user-pool', - ]], + expect(stack.resolve(pool.userPoolArn)).toEqual('arn:aws:cognito-idp:us-east-1:0123456789012:userpool/test-user-pool'); + }); + + test('import using arn without resourceName fails', () => { + // GIVEN + const stack = new Stack(); + const userPoolArn = 'arn:aws:cognito-idp:us-east-1:0123456789012:*'; + + // WHEN + expect(() => { + UserPool.fromUserPoolArn(stack, 'userpool', userPoolArn); + }).toThrowError(/invalid user pool ARN/); + }); + + test('import from different account region using arn', () => { + // GIVEN + const userPoolArn = 'arn:aws:cognito-idp:us-east-1:0123456789012:userpool/test-user-pool'; + + const stack = new Stack(undefined, undefined, { + env: { + account: '111111111111', + region: 'us-east-2', + }, }); + + // WHEN + const pool = UserPool.fromUserPoolArn(stack, 'userpool', userPoolArn); + expect(pool.env.account).toEqual('0123456789012'); + expect(pool.env.region).toEqual('us-east-1'); + expect(pool.userPoolArn).toEqual('arn:aws:cognito-idp:us-east-1:0123456789012:userpool/test-user-pool'); }); test('support tags', () => { From 41fd42b89f6f9a95c6e736c17bd404d80c4756a7 Mon Sep 17 00:00:00 2001 From: Elad Ben-Israel Date: Mon, 29 Mar 2021 15:11:19 +0300 Subject: [PATCH 036/260] feat(cli): app init template for golang (#13840) Introduce an initial `cdk init` project template for Go. The template includes a single stack with an SNS topic, `cdk.json` and a simple unit test. Output example: https://github.com/eladb/hello-go-cdk/tree/go-init-template Resolves aws/jsii#2678 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../v1/app/go/%name%.template.go | 68 +++++++++++++++++++ .../v1/app/go/%name%_test.template.go | 28 ++++++++ .../v1/app/go/.template.gitignore | 19 ++++++ .../lib/init-templates/v1/app/go/README.md | 14 ++++ .../v1/app/go/cdk.template.json | 3 + .../init-templates/v1/app/go/go.template.mod | 13 ++++ packages/aws-cdk/test/integ/init/test-all.sh | 1 + packages/aws-cdk/test/integ/init/test-go.sh | 26 +++++++ 8 files changed, 172 insertions(+) create mode 100644 packages/aws-cdk/lib/init-templates/v1/app/go/%name%.template.go create mode 100644 packages/aws-cdk/lib/init-templates/v1/app/go/%name%_test.template.go create mode 100644 packages/aws-cdk/lib/init-templates/v1/app/go/.template.gitignore create mode 100644 packages/aws-cdk/lib/init-templates/v1/app/go/README.md create mode 100644 packages/aws-cdk/lib/init-templates/v1/app/go/cdk.template.json create mode 100644 packages/aws-cdk/lib/init-templates/v1/app/go/go.template.mod create mode 100755 packages/aws-cdk/test/integ/init/test-go.sh diff --git a/packages/aws-cdk/lib/init-templates/v1/app/go/%name%.template.go b/packages/aws-cdk/lib/init-templates/v1/app/go/%name%.template.go new file mode 100644 index 0000000000000..24a2b0e90b616 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v1/app/go/%name%.template.go @@ -0,0 +1,68 @@ +package main + +import ( + "github.com/aws/aws-cdk-go/awscdk" + "github.com/aws/aws-cdk-go/awscdk/awssns" + "github.com/aws/constructs-go/constructs/v3" + "github.com/aws/jsii-runtime-go" +) + +type %name.PascalCased%StackProps struct { + awscdk.StackProps +} + +func New%name.PascalCased%Stack(scope constructs.Construct, id string, props *%name.PascalCased%StackProps) awscdk.Stack { + var sprops awscdk.StackProps + if props != nil { + sprops = props.StackProps + } + stack := awscdk.NewStack(scope, &id, &sprops) + + // The code that defines your stack goes here + + // as an example, here's how you would define an AWS SNS topic: + awssns.NewTopic(stack, jsii.String("MyTopic"), &awssns.TopicProps{ + DisplayName: jsii.String("MyCoolTopic"), + }) + + return stack +} + +func main() { + app := awscdk.NewApp(nil) + + New%name.PascalCased%Stack(app, "%name.PascalCased%Stack", &%name.PascalCased%StackProps{ + awscdk.StackProps{ + Env: env(), + }, + }) + + app.Synth(nil) +} + +// env determines the AWS environment (account+region) in which our stack is to +// be deployed. For more information see: https://docs.aws.amazon.com/cdk/latest/guide/environments.html +func env() *awscdk.Environment { + // If unspecified, this stack will be "environment-agnostic". + // Account/Region-dependent features and context lookups will not work, but a + // single synthesized template can be deployed anywhere. + //--------------------------------------------------------------------------- + return nil + + // Uncomment if you know exactly what account and region you want to deploy + // the stack to. This is the recommendation for production stacks. + //--------------------------------------------------------------------------- + // return &awscdk.Environment{ + // Account: jsii.String("123456789012"), + // Region: jsii.String("us-east-1"), + // } + + // Uncomment to specialize this stack for the AWS Account and Region that are + // implied by the current CLI configuration. This is recommended for dev + // stacks. + //--------------------------------------------------------------------------- + // return &awscdk.Environment{ + // Account: jsii.String(os.Getenv("CDK_DEFAULT_ACCOUNT")), + // Region: jsii.String(os.Getenv("CDK_DEFAULT_REGION")), + // } +} diff --git a/packages/aws-cdk/lib/init-templates/v1/app/go/%name%_test.template.go b/packages/aws-cdk/lib/init-templates/v1/app/go/%name%_test.template.go new file mode 100644 index 0000000000000..c0534249b6282 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v1/app/go/%name%_test.template.go @@ -0,0 +1,28 @@ +package main + +import ( + "encoding/json" + "testing" + + "github.com/aws/aws-cdk-go/awscdk" + "github.com/stretchr/testify/assert" + "github.com/tidwall/gjson" +) + +func Test%name.PascalCased%Stack(t *testing.T) { + // GIVEN + app := awscdk.NewApp(nil) + + // WHEN + stack := New%name.PascalCased%Stack(app, "MyStack", nil) + + // THEN + bytes, err := json.Marshal(app.Synth(nil).GetStackArtifact(stack.ArtifactId()).Template()) + if err != nil { + t.Error(err) + } + + template := gjson.ParseBytes(bytes) + displayName := template.Get("Resources.MyTopic86869434.Properties.DisplayName").String() + assert.Equal(t, "MyCoolTopic", displayName) +} diff --git a/packages/aws-cdk/lib/init-templates/v1/app/go/.template.gitignore b/packages/aws-cdk/lib/init-templates/v1/app/go/.template.gitignore new file mode 100644 index 0000000000000..92fe1ec34b4b6 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v1/app/go/.template.gitignore @@ -0,0 +1,19 @@ +# Binaries for programs and plugins +*.exe +*.exe~ +*.dll +*.so +*.dylib + +# Test binary, built with `go test -c` +*.test + +# Output of the go coverage tool, specifically when used with LiteIDE +*.out + +# go.sum should be committed +!go.sum + +# CDK asset staging directory +.cdk.staging +cdk.out diff --git a/packages/aws-cdk/lib/init-templates/v1/app/go/README.md b/packages/aws-cdk/lib/init-templates/v1/app/go/README.md new file mode 100644 index 0000000000000..9b8d4b29f26e3 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v1/app/go/README.md @@ -0,0 +1,14 @@ +# Welcome to your CDK Go project! + +This is a blank project for Go development with CDK. + +**NOTICE**: Go support is still in Developer Preview. This implies that APIs may +change while we address early feedback from the community. We would love to hear +about your experience through GitHub issues. + +## Useful commands + + * `cdk deploy` deploy this stack to your default AWS account/region + * `cdk diff` compare deployed stack with current state + * `cdk synth` emits the synthesized CloudFormation template + * `go test` run unit tests diff --git a/packages/aws-cdk/lib/init-templates/v1/app/go/cdk.template.json b/packages/aws-cdk/lib/init-templates/v1/app/go/cdk.template.json new file mode 100644 index 0000000000000..ad88cd7ef75f3 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v1/app/go/cdk.template.json @@ -0,0 +1,3 @@ +{ + "app": "go mod download && go run %name%.go" +} \ No newline at end of file diff --git a/packages/aws-cdk/lib/init-templates/v1/app/go/go.template.mod b/packages/aws-cdk/lib/init-templates/v1/app/go/go.template.mod new file mode 100644 index 0000000000000..a1dcb391c1614 --- /dev/null +++ b/packages/aws-cdk/lib/init-templates/v1/app/go/go.template.mod @@ -0,0 +1,13 @@ +module %name% + +go 1.16 + +require ( + github.com/aws/aws-cdk-go/awscdk v%cdk-version%-devpreview + github.com/aws/constructs-go/constructs/v3 v3.3.71 + github.com/aws/jsii-runtime-go v1.26.0 + + // for testing + github.com/tidwall/gjson v1.7.4 + github.com/stretchr/testify v1.7.0 +) diff --git a/packages/aws-cdk/test/integ/init/test-all.sh b/packages/aws-cdk/test/integ/init/test-all.sh index cbca0f859feb2..f191d37bf4296 100755 --- a/packages/aws-cdk/test/integ/init/test-all.sh +++ b/packages/aws-cdk/test/integ/init/test-all.sh @@ -7,5 +7,6 @@ $scriptdir/test-java.sh $scriptdir/test-javascript.sh $scriptdir/test-python.sh $scriptdir/test-typescript.sh +$scriptdir/test-go.sh echo "SUCCESS" diff --git a/packages/aws-cdk/test/integ/init/test-go.sh b/packages/aws-cdk/test/integ/init/test-go.sh new file mode 100755 index 0000000000000..6b461f3e25ef5 --- /dev/null +++ b/packages/aws-cdk/test/integ/init/test-go.sh @@ -0,0 +1,26 @@ +#!/bin/bash +#------------------------------------------------------------------ +# setup +#------------------------------------------------------------------ +set -eu +scriptdir=$(cd $(dirname $0) && pwd) +source ${scriptdir}/common.bash + +header Go + +#------------------------------------------------------------------ + +if [[ "${1:-}" == "" ]]; then + templates="app" +else + templates="$@" +fi + +for template in $templates; do + echo "Trying Go template $template" + + setup + + cdk init -l go $template + cdk synth +done From 4f067cb90d43d04659f68dec6b866ba77f10642c Mon Sep 17 00:00:00 2001 From: Robert Djurasaj Date: Mon, 29 Mar 2021 07:00:55 -0600 Subject: [PATCH 037/260] fix(cloudfront): auto-generated cache policy name might conflict cross-region (#13737) This commit changes the auto-generated name of the `CachePolicy` to include stack name and region, thus providing unique name for the `CachePolicy` account-wide. Closes #13629. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-cloudfront/lib/cache-policy.ts | 4 ++-- packages/@aws-cdk/aws-cloudfront/test/cache-policy.test.ts | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/packages/@aws-cdk/aws-cloudfront/lib/cache-policy.ts b/packages/@aws-cdk/aws-cloudfront/lib/cache-policy.ts index e9dbf46901eda..a71569e89f02d 100644 --- a/packages/@aws-cdk/aws-cloudfront/lib/cache-policy.ts +++ b/packages/@aws-cdk/aws-cloudfront/lib/cache-policy.ts @@ -1,4 +1,4 @@ -import { Duration, Names, Resource, Token } from '@aws-cdk/core'; +import { Duration, Names, Resource, Stack, Token } from '@aws-cdk/core'; import { Construct } from 'constructs'; import { CfnCachePolicy } from './cloudfront.generated'; @@ -125,7 +125,7 @@ export class CachePolicy extends Resource implements ICachePolicy { physicalName: props.cachePolicyName, }); - const cachePolicyName = props.cachePolicyName ?? Names.uniqueId(this); + const cachePolicyName = props.cachePolicyName ?? `${Names.uniqueId(this)}-${Stack.of(this).region}`; if (!Token.isUnresolved(cachePolicyName) && !cachePolicyName.match(/^[\w-]+$/i)) { throw new Error(`'cachePolicyName' can only include '-', '_', and alphanumeric characters, got: '${props.cachePolicyName}'`); } diff --git a/packages/@aws-cdk/aws-cloudfront/test/cache-policy.test.ts b/packages/@aws-cdk/aws-cloudfront/test/cache-policy.test.ts index 4f6d618c51621..07d2752de4e2c 100644 --- a/packages/@aws-cdk/aws-cloudfront/test/cache-policy.test.ts +++ b/packages/@aws-cdk/aws-cloudfront/test/cache-policy.test.ts @@ -24,7 +24,7 @@ describe('CachePolicy', () => { expect(stack).toHaveResource('AWS::CloudFront::CachePolicy', { CachePolicyConfig: { - Name: 'StackCachePolicy0D6FCBC0', + Name: 'StackCachePolicy0D6FCBC0-testregion', MinTTL: 0, DefaultTTL: 86400, MaxTTL: 31536000, From 37a5502ced1bf1b451ac4bd921752746277461bf Mon Sep 17 00:00:00 2001 From: Elad Ben-Israel Date: Mon, 29 Mar 2021 16:53:13 +0300 Subject: [PATCH 038/260] =?UTF-8?q?feat(lambda-nodejs):=20graduate=20to=20?= =?UTF-8?q?stable=20=F0=9F=9A=80=20=20(#13844)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We are excited to graduate the @aws-cdk/lambda-nodejs module to STABLE. Many thanks to @jogold and the CDK community for leading the work on this useful feature. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-lambda-nodejs/README.md | 8 +------- packages/@aws-cdk/aws-lambda-nodejs/package.json | 4 ++-- 2 files changed, 3 insertions(+), 9 deletions(-) diff --git a/packages/@aws-cdk/aws-lambda-nodejs/README.md b/packages/@aws-cdk/aws-lambda-nodejs/README.md index d11602c5e656e..ac756f7d09bbe 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/README.md +++ b/packages/@aws-cdk/aws-lambda-nodejs/README.md @@ -3,13 +3,7 @@ --- -![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) - -> The APIs of higher level constructs in this module are experimental and under active development. -> They are subject to non-backward compatible changes or removal in any future version. These are -> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be -> announced in the release notes. This means that while you may use them, you may need to update -> your source code when upgrading to a newer version of this package. +![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- diff --git a/packages/@aws-cdk/aws-lambda-nodejs/package.json b/packages/@aws-cdk/aws-lambda-nodejs/package.json index 7fb257ff676b9..d8e6780a6faac 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/package.json +++ b/packages/@aws-cdk/aws-lambda-nodejs/package.json @@ -84,8 +84,8 @@ "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" }, - "stability": "experimental", - "maturity": "experimental", + "stability": "stable", + "maturity": "stable", "awscdkio": { "announce": false }, From 8fb30ea6c9199c97aee8986483f96a7831e4f72b Mon Sep 17 00:00:00 2001 From: Adam Ruka Date: Mon, 29 Mar 2021 07:27:29 -0700 Subject: [PATCH 039/260] chore: add new interfaces for Assets (#13807) This is a re-submit of the PR #13356, which had to be reverted because of JSII issue https://github.com/aws/jsii/issues/2653. Since that issue has been fixed in JSII version `1.26.0`, which is what we currently use, re-introduce the changes from that PR. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/assets/lib/fs/options.ts | 1 + .../aws-ecr-assets/lib/image-asset.ts | 19 +++++-- packages/@aws-cdk/aws-s3-assets/lib/asset.ts | 4 +- packages/@aws-cdk/core/lib/fs/options.ts | 51 ++++++++++++++----- 4 files changed, 55 insertions(+), 20 deletions(-) diff --git a/packages/@aws-cdk/assets/lib/fs/options.ts b/packages/@aws-cdk/assets/lib/fs/options.ts index 3ccc107d3700d..548fa4bda42ee 100644 --- a/packages/@aws-cdk/assets/lib/fs/options.ts +++ b/packages/@aws-cdk/assets/lib/fs/options.ts @@ -10,6 +10,7 @@ export interface CopyOptions { * A strategy for how to handle symlinks. * * @default Never + * @deprecated use `followSymlinks` instead */ readonly follow?: FollowMode; diff --git a/packages/@aws-cdk/aws-ecr-assets/lib/image-asset.ts b/packages/@aws-cdk/aws-ecr-assets/lib/image-asset.ts index 8f99d5081f514..67d7b263973f8 100644 --- a/packages/@aws-cdk/aws-ecr-assets/lib/image-asset.ts +++ b/packages/@aws-cdk/aws-ecr-assets/lib/image-asset.ts @@ -1,13 +1,13 @@ import * as fs from 'fs'; import * as path from 'path'; import * as ecr from '@aws-cdk/aws-ecr'; -import { Annotations, FeatureFlags, IgnoreMode, Stack, Token } from '@aws-cdk/core'; +import { Annotations, AssetStaging, FeatureFlags, FileFingerprintOptions, IgnoreMode, Stack, SymlinkFollowMode, Token } from '@aws-cdk/core'; import * as cxapi from '@aws-cdk/cx-api'; import { Construct } from 'constructs'; // keep this import separate from other imports to reduce chance for merge conflicts with v2-main // eslint-disable-next-line -import { FingerprintOptions, IAsset, Staging } from '@aws-cdk/assets'; +import { FingerprintOptions, FollowMode, IAsset } from '@aws-cdk/assets'; // keep this import separate from other imports to reduce chance for merge conflicts with v2-main // eslint-disable-next-line no-duplicate-imports, import/order import { Construct as CoreConstruct } from '@aws-cdk/core'; @@ -15,7 +15,7 @@ import { Construct as CoreConstruct } from '@aws-cdk/core'; /** * Options for DockerImageAsset */ -export interface DockerImageAssetOptions extends FingerprintOptions { +export interface DockerImageAssetOptions extends FingerprintOptions, FileFingerprintOptions { /** * ECR repository name * @@ -156,8 +156,9 @@ export class DockerImageAsset extends CoreConstruct implements IAsset { // deletion of the ECR repository the app used). extraHash.version = '1.21.0'; - const staging = new Staging(this, 'Staging', { + const staging = new AssetStaging(this, 'Staging', { ...props, + follow: props.followSymlinks ?? toSymlinkFollow(props.follow), exclude, ignoreMode, sourcePath: dir, @@ -200,3 +201,13 @@ function validateBuildArgs(buildArgs?: { [key: string]: string }) { } } } + +function toSymlinkFollow(follow?: FollowMode): SymlinkFollowMode | undefined { + switch (follow) { + case undefined: return undefined; + case FollowMode.NEVER: return SymlinkFollowMode.NEVER; + case FollowMode.ALWAYS: return SymlinkFollowMode.ALWAYS; + case FollowMode.BLOCK_EXTERNAL: return SymlinkFollowMode.BLOCK_EXTERNAL; + case FollowMode.EXTERNAL: return SymlinkFollowMode.EXTERNAL; + } +} diff --git a/packages/@aws-cdk/aws-s3-assets/lib/asset.ts b/packages/@aws-cdk/aws-s3-assets/lib/asset.ts index aa99ab67e40a3..0777602e788f6 100644 --- a/packages/@aws-cdk/aws-s3-assets/lib/asset.ts +++ b/packages/@aws-cdk/aws-s3-assets/lib/asset.ts @@ -14,7 +14,7 @@ import { CopyOptions } from '@aws-cdk/assets'; // eslint-disable-next-line no-duplicate-imports, import/order import { Construct as CoreConstruct } from '@aws-cdk/core'; -export interface AssetOptions extends CopyOptions, cdk.AssetOptions { +export interface AssetOptions extends CopyOptions, cdk.FileCopyOptions, cdk.AssetOptions { /** * A list of principals that should be able to read this asset from S3. * You can use `asset.grantRead(principal)` to grant read permissions later. @@ -127,7 +127,7 @@ export class Asset extends CoreConstruct implements cdk.IAsset { const staging = new cdk.AssetStaging(this, 'Stage', { ...props, sourcePath: path.resolve(props.path), - follow: toSymlinkFollow(props.follow), + follow: props.followSymlinks ?? toSymlinkFollow(props.follow), assetHash: props.assetHash ?? props.sourceHash, }); diff --git a/packages/@aws-cdk/core/lib/fs/options.ts b/packages/@aws-cdk/core/lib/fs/options.ts index 3ea836a24e831..baf73bd7ffd30 100644 --- a/packages/@aws-cdk/core/lib/fs/options.ts +++ b/packages/@aws-cdk/core/lib/fs/options.ts @@ -56,19 +56,9 @@ export enum IgnoreMode { * context flag is set. */ DOCKER = 'docker' -}; - -/** - * Obtains applied when copying directories into the staging location. - */ -export interface CopyOptions { - /** - * A strategy for how to handle symlinks. - * - * @default SymlinkFollowMode.NEVER - */ - readonly follow?: SymlinkFollowMode; +} +interface FileOptions { /** * Glob patterns to exclude from the copy. * @@ -85,9 +75,30 @@ export interface CopyOptions { } /** - * Options related to calculating source hash. + * Options applied when copying directories + */ +export interface CopyOptions extends FileOptions { + /** + * A strategy for how to handle symlinks. + * + * @default SymlinkFollowMode.NEVER + */ + readonly follow?: SymlinkFollowMode; +} + +/** + * Options applied when copying directories into the staging location. */ -export interface FingerprintOptions extends CopyOptions { +export interface FileCopyOptions extends FileOptions { + /** + * A strategy for how to handle symlinks. + * + * @default SymlinkFollowMode.NEVER + */ + readonly followSymlinks?: SymlinkFollowMode; +} + +interface ExtraHashOptions { /** * Extra information to encode into the fingerprint (e.g. build instructions * and other inputs) @@ -96,3 +107,15 @@ export interface FingerprintOptions extends CopyOptions { */ readonly extraHash?: string; } + +/** + * Options related to calculating source hash. + */ +export interface FingerprintOptions extends CopyOptions, ExtraHashOptions { +} + +/** + * Options related to calculating source hash. + */ +export interface FileFingerprintOptions extends FileCopyOptions, ExtraHashOptions { +} From 7176a5d5208da7d727bbf5112bc12533983380ea Mon Sep 17 00:00:00 2001 From: Niranjan Jayakar Date: Mon, 29 Mar 2021 17:01:30 +0100 Subject: [PATCH 040/260] fix(core): BundlingDockerImage.fromAsset() does not return a BundlingDockerImage (#13846) A previous change missed to fix the 'return' statement on this method. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/core/lib/bundling.ts | 4 ++-- packages/@aws-cdk/core/test/bundling.test.ts | 19 +++++++++++++++++++ 2 files changed, 21 insertions(+), 2 deletions(-) diff --git a/packages/@aws-cdk/core/lib/bundling.ts b/packages/@aws-cdk/core/lib/bundling.ts index 5b4a579caf8f1..bd9299a5a990d 100644 --- a/packages/@aws-cdk/core/lib/bundling.ts +++ b/packages/@aws-cdk/core/lib/bundling.ts @@ -157,8 +157,8 @@ export class BundlingDockerImage { * * @deprecated use DockerImage.fromBuild() */ - public static fromAsset(path: string, options: DockerBuildOptions = {}) { - DockerImage.fromBuild(path, options) as BundlingDockerImage; + public static fromAsset(path: string, options: DockerBuildOptions = {}): BundlingDockerImage { + return DockerImage.fromBuild(path, options); } /** @param image The Docker image */ diff --git a/packages/@aws-cdk/core/test/bundling.test.ts b/packages/@aws-cdk/core/test/bundling.test.ts index 1c909142b3127..97b9d5969c2b3 100644 --- a/packages/@aws-cdk/core/test/bundling.test.ts +++ b/packages/@aws-cdk/core/test/bundling.test.ts @@ -173,6 +173,25 @@ nodeunitShim({ test.done(); }, + 'fromAsset'(test: Test) { + sinon.stub(child_process, 'spawnSync').returns({ + status: 0, + stderr: Buffer.from('stderr'), + stdout: Buffer.from('sha256:1234567890abcdef'), + pid: 123, + output: ['stdout', 'stderr'], + signal: null, + }); + + const imagePath = path.join(__dirname, 'fs/fixtures/test1'); + const image = BundlingDockerImage.fromAsset(imagePath, { + file: 'my-dockerfile', + }); + test.ok(image); + test.ok(image.image); + test.done(); + }, + 'custom entrypoint is passed through to docker exec'(test: Test) { const spawnSyncStub = sinon.stub(child_process, 'spawnSync').returns({ status: 0, From 2d623d08d8d5d8c356d871ccd69a8cdac9c4170e Mon Sep 17 00:00:00 2001 From: Neta Nir Date: Mon, 29 Mar 2021 16:26:20 -0700 Subject: [PATCH 041/260] =?UTF-8?q?feat(autoscaling-common):=20graduate=20?= =?UTF-8?q?to=20stable=20=F0=9F=9A=80=20=20(#13862)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-autoscaling-common/README.md | 8 +------- packages/@aws-cdk/aws-autoscaling-common/package.json | 4 ++-- 2 files changed, 3 insertions(+), 9 deletions(-) diff --git a/packages/@aws-cdk/aws-autoscaling-common/README.md b/packages/@aws-cdk/aws-autoscaling-common/README.md index 83b483af43573..fdea0531620e1 100644 --- a/packages/@aws-cdk/aws-autoscaling-common/README.md +++ b/packages/@aws-cdk/aws-autoscaling-common/README.md @@ -3,13 +3,7 @@ --- -![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) - -> The APIs of higher level constructs in this module are experimental and under active development. -> They are subject to non-backward compatible changes or removal in any future version. These are -> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be -> announced in the release notes. This means that while you may use them, you may need to update -> your source code when upgrading to a newer version of this package. +![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- diff --git a/packages/@aws-cdk/aws-autoscaling-common/package.json b/packages/@aws-cdk/aws-autoscaling-common/package.json index ffc31b5241a02..6378bdc86c35d 100644 --- a/packages/@aws-cdk/aws-autoscaling-common/package.json +++ b/packages/@aws-cdk/aws-autoscaling-common/package.json @@ -105,8 +105,8 @@ "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" }, - "stability": "experimental", - "maturity": "experimental", + "stability": "stable", + "maturity": "stable", "awscdkio": { "announce": false }, From 294f54692c609eaf20257caba0b53ceb9882ff35 Mon Sep 17 00:00:00 2001 From: Neta Nir Date: Mon, 29 Mar 2021 17:01:02 -0700 Subject: [PATCH 042/260] =?UTF-8?q?feat(cloudformation-diff):=20graduate?= =?UTF-8?q?=20to=20stable=20=F0=9F=9A=80=20=20(#13857)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/cloudformation-diff/README.md | 8 +------- packages/@aws-cdk/cloudformation-diff/package.json | 4 ++-- 2 files changed, 3 insertions(+), 9 deletions(-) diff --git a/packages/@aws-cdk/cloudformation-diff/README.md b/packages/@aws-cdk/cloudformation-diff/README.md index 678bc2c9ba0d2..cc8a457769e9e 100644 --- a/packages/@aws-cdk/cloudformation-diff/README.md +++ b/packages/@aws-cdk/cloudformation-diff/README.md @@ -3,13 +3,7 @@ --- -![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) - -> The APIs of higher level constructs in this module are experimental and under active development. -> They are subject to non-backward compatible changes or removal in any future version. These are -> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be -> announced in the release notes. This means that while you may use them, you may need to update -> your source code when upgrading to a newer version of this package. +![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- diff --git a/packages/@aws-cdk/cloudformation-diff/package.json b/packages/@aws-cdk/cloudformation-diff/package.json index f9b2c7342a84e..d781b061ff175 100644 --- a/packages/@aws-cdk/cloudformation-diff/package.json +++ b/packages/@aws-cdk/cloudformation-diff/package.json @@ -51,8 +51,8 @@ "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" }, - "stability": "experimental", - "maturity": "experimental", + "stability": "stable", + "maturity": "stable", "cdk-build": { "jest": true }, From fb6512314db1b11fc608cd62753090684ad0d3c4 Mon Sep 17 00:00:00 2001 From: Adam Ruka Date: Mon, 29 Mar 2021 23:26:41 -0700 Subject: [PATCH 043/260] fix(codebuild): take the account & region of an imported Project from its ARN (#13708) This is needed to correctly use CodeBuild in CodePipeline (which needs to know whether the Project is from a different account/region). Fixes #13694 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-codebuild/lib/project.ts | 9 +++++++-- .../@aws-cdk/aws-codebuild/test/test.project.ts | 15 +++++++++++++++ 2 files changed, 22 insertions(+), 2 deletions(-) diff --git a/packages/@aws-cdk/aws-codebuild/lib/project.ts b/packages/@aws-cdk/aws-codebuild/lib/project.ts index 4b03ed8756f9f..abca536a2c354 100644 --- a/packages/@aws-cdk/aws-codebuild/lib/project.ts +++ b/packages/@aws-cdk/aws-codebuild/lib/project.ts @@ -639,14 +639,19 @@ export interface BindToCodePipelineOptions { export class Project extends ProjectBase { public static fromProjectArn(scope: Construct, id: string, projectArn: string): IProject { + const parsedArn = Stack.of(scope).parseArn(projectArn); + class Import extends ProjectBase { public readonly grantPrincipal: iam.IPrincipal; public readonly projectArn = projectArn; - public readonly projectName = Stack.of(scope).parseArn(projectArn).resourceName!; + public readonly projectName = parsedArn.resourceName!; public readonly role?: iam.Role = undefined; constructor(s: Construct, i: string) { - super(s, i); + super(s, i, { + account: parsedArn.account, + region: parsedArn.region, + }); this.grantPrincipal = new iam.UnknownPrincipal({ resource: this }); } } diff --git a/packages/@aws-cdk/aws-codebuild/test/test.project.ts b/packages/@aws-cdk/aws-codebuild/test/test.project.ts index 80c6940bd79bd..d1c6ad1e85b13 100644 --- a/packages/@aws-cdk/aws-codebuild/test/test.project.ts +++ b/packages/@aws-cdk/aws-codebuild/test/test.project.ts @@ -1386,6 +1386,7 @@ export = { test.done(); }, + 'can override build timeout'(test: Test) { // GIVEN const stack = new cdk.Stack(); @@ -1407,4 +1408,18 @@ export = { test.done(); }, }, + + 'can be imported': { + 'by ARN'(test: Test) { + const stack = new cdk.Stack(); + const project = codebuild.Project.fromProjectArn(stack, 'Project', + 'arn:aws:codebuild:us-west-2:123456789012:project/My-Project'); + + test.equal(project.projectName, 'My-Project'); + test.equal(project.env.account, '123456789012'); + test.equal(project.env.region, 'us-west-2'); + + test.done(); + }, + }, }; From ffea818f26a383e7f314dac3505c46f3b4b4348d Mon Sep 17 00:00:00 2001 From: Adam Ruka Date: Tue, 30 Mar 2021 00:58:27 -0700 Subject: [PATCH 044/260] fix(yaml-cfn): do not deserialize year-month-date as strings (#13745) Currently, we are using the `yaml-1.1` schema when de-serializing YAML documents, Unfortunately, this has the side effect of treating unquoted parts of the template like '2010-09-09' as Date objects, instead of just simple strings. This has been noted by a customer using the cloudformation-include module, but I assume a very similar problem exists for other places we parse YAML, like cloudformation-diff. Switch to the `core` schema from `yaml-1.1`, where those are treated as strings, instead of dates. Fixes #13709 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../yaml/year-month-date-as-strings.yaml | 14 ++++++++ .../test/yaml-templates.test.ts | 27 +++++++++++++++ packages/@aws-cdk/yaml-cfn/lib/yaml.ts | 2 +- .../yaml-cfn/test/deserialization.test.ts | 34 +++++++++++++++++++ .../yaml-cfn/test/serialization.test.ts | 8 +++++ packages/@aws-cdk/yaml-cfn/test/yaml.test.ts | 5 --- 6 files changed, 84 insertions(+), 6 deletions(-) create mode 100644 packages/@aws-cdk/cloudformation-include/test/test-templates/yaml/year-month-date-as-strings.yaml create mode 100644 packages/@aws-cdk/yaml-cfn/test/deserialization.test.ts create mode 100644 packages/@aws-cdk/yaml-cfn/test/serialization.test.ts delete mode 100644 packages/@aws-cdk/yaml-cfn/test/yaml.test.ts diff --git a/packages/@aws-cdk/cloudformation-include/test/test-templates/yaml/year-month-date-as-strings.yaml b/packages/@aws-cdk/cloudformation-include/test/test-templates/yaml/year-month-date-as-strings.yaml new file mode 100644 index 0000000000000..f25f363879810 --- /dev/null +++ b/packages/@aws-cdk/cloudformation-include/test/test-templates/yaml/year-month-date-as-strings.yaml @@ -0,0 +1,14 @@ +AWSTemplateFormatVersion: 2010-09-09 +Resources: + Role: + Type: AWS::IAM::Role + Properties: + AssumeRolePolicyDocument: + Version: 2012-10-17 + Statement: + - Effect: Allow + Principal: + Service: + - ec2.amazonaws.com + Action: + - sts:AssumeRole diff --git a/packages/@aws-cdk/cloudformation-include/test/yaml-templates.test.ts b/packages/@aws-cdk/cloudformation-include/test/yaml-templates.test.ts index 5faf8bd1a5e1c..0724020f90f56 100644 --- a/packages/@aws-cdk/cloudformation-include/test/yaml-templates.test.ts +++ b/packages/@aws-cdk/cloudformation-include/test/yaml-templates.test.ts @@ -23,6 +23,33 @@ describe('CDK Include', () => { ); }); + test('can ingest a template with year-month-date parsed as string instead of Date', () => { + includeTestTemplate(stack, 'year-month-date-as-strings.yaml'); + + expect(stack).toMatchTemplate({ + "AWSTemplateFormatVersion": "2010-09-09", + "Resources": { + "Role": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Principal": { + "Service": ["ec2.amazonaws.com"], + }, + "Action": ["sts:AssumeRole"], + }, + ], + }, + }, + }, + }, + }); + }); + test('can ingest a template with the short form Base64 function', () => { includeTestTemplate(stack, 'short-form-base64.yaml'); diff --git a/packages/@aws-cdk/yaml-cfn/lib/yaml.ts b/packages/@aws-cdk/yaml-cfn/lib/yaml.ts index eca37db0ed048..e46c8f8d6bf72 100644 --- a/packages/@aws-cdk/yaml-cfn/lib/yaml.ts +++ b/packages/@aws-cdk/yaml-cfn/lib/yaml.ts @@ -54,6 +54,6 @@ const shortForms: yaml_types.Schema.CustomTag[] = [ function parseYamlStrWithCfnTags(text: string): any { return yaml.parse(text, { customTags: shortForms, - schema: 'yaml-1.1', + schema: 'core', }); } diff --git a/packages/@aws-cdk/yaml-cfn/test/deserialization.test.ts b/packages/@aws-cdk/yaml-cfn/test/deserialization.test.ts new file mode 100644 index 0000000000000..e2a3688393b61 --- /dev/null +++ b/packages/@aws-cdk/yaml-cfn/test/deserialization.test.ts @@ -0,0 +1,34 @@ +import '@aws-cdk/assert/jest'; +import * as yaml_cfn from '../lib'; + +test('Unquoted year-month-day is treated as a string, not a Date', () => { + const value = yaml_cfn.deserialize('Key: 2020-12-31'); + + expect(value).toEqual({ + Key: '2020-12-31', + }); +}); + +test("Unquoted 'No' is treated as a string, not a boolean", () => { + const value = yaml_cfn.deserialize('Key: No'); + + expect(value).toEqual({ + Key: 'No', + }); +}); + +test("Short-form 'Ref' is deserialized correctly", () => { + const value = yaml_cfn.deserialize('!Ref Resource'); + + expect(value).toEqual({ + Ref: 'Resource', + }); +}); + +test("Short-form 'Fn::GetAtt' is deserialized correctly", () => { + const value = yaml_cfn.deserialize('!GetAtt Resource.Attribute'); + + expect(value).toEqual({ + 'Fn::GetAtt': 'Resource.Attribute', + }); +}); diff --git a/packages/@aws-cdk/yaml-cfn/test/serialization.test.ts b/packages/@aws-cdk/yaml-cfn/test/serialization.test.ts new file mode 100644 index 0000000000000..bbc3a45d6ac26 --- /dev/null +++ b/packages/@aws-cdk/yaml-cfn/test/serialization.test.ts @@ -0,0 +1,8 @@ +import '@aws-cdk/assert/jest'; +import * as yaml_cfn from '../lib'; + +test('An object with a single string value is serialized as a simple string', () => { + const value = yaml_cfn.serialize({ key: 'some string' }); + + expect(value).toEqual('key: some string\n'); +}); diff --git a/packages/@aws-cdk/yaml-cfn/test/yaml.test.ts b/packages/@aws-cdk/yaml-cfn/test/yaml.test.ts deleted file mode 100644 index f8ce8131c4de7..0000000000000 --- a/packages/@aws-cdk/yaml-cfn/test/yaml.test.ts +++ /dev/null @@ -1,5 +0,0 @@ -import '@aws-cdk/assert/jest'; - -test('No tests are specified for this package', () => { - expect(true).toBe(true); -}); From 08fa5ede1721f5165fad5fcf402a83fc2496bc46 Mon Sep 17 00:00:00 2001 From: Neta Nir Date: Tue, 30 Mar 2021 01:39:33 -0700 Subject: [PATCH 045/260] =?UTF-8?q?feat(elasticloadbalancingv2):=20graduat?= =?UTF-8?q?e=20to=20stable=20=F0=9F=9A=80=20=20(#13861)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../@aws-cdk/aws-elasticloadbalancingv2-targets/README.md | 8 +------- .../aws-elasticloadbalancingv2-targets/package.json | 4 ++-- 2 files changed, 3 insertions(+), 9 deletions(-) diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/README.md b/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/README.md index 9b3a3745cb679..b94a08b0c478a 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/README.md +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/README.md @@ -3,13 +3,7 @@ --- -![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) - -> The APIs of higher level constructs in this module are experimental and under active development. -> They are subject to non-backward compatible changes or removal in any future version. These are -> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be -> announced in the release notes. This means that while you may use them, you may need to update -> your source code when upgrading to a newer version of this package. +![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/package.json b/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/package.json index 70428533a4624..ff7f061ba0769 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/package.json +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2-targets/package.json @@ -89,8 +89,8 @@ "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" }, - "stability": "experimental", - "maturity": "experimental", + "stability": "stable", + "maturity": "stable", "awslint": { "exclude": [ "docs-public-apis:@aws-cdk/aws-elasticloadbalancingv2-targets.InstanceTarget", From 793230c7a6dcaf93408206e680bd26159ece1b7d Mon Sep 17 00:00:00 2001 From: Devyn Goetsch Date: Tue, 30 Mar 2021 04:31:02 -0500 Subject: [PATCH 046/260] feat(ec2): allow disabling inline security group rules (#13613) Adds a resource property and a context key for disabling security group inline rules --- packages/@aws-cdk/aws-ec2/README.md | 21 + .../@aws-cdk/aws-ec2/lib/security-group.ts | 66 ++- .../aws-ec2/test/security-group.test.ts | 452 +++++++++++++++++- 3 files changed, 528 insertions(+), 11 deletions(-) diff --git a/packages/@aws-cdk/aws-ec2/README.md b/packages/@aws-cdk/aws-ec2/README.md index 5ce9a5c500d4d..123ef79f3aa66 100644 --- a/packages/@aws-cdk/aws-ec2/README.md +++ b/packages/@aws-cdk/aws-ec2/README.md @@ -520,6 +520,27 @@ listener.connections.allowDefaultPortFromAnyIpv4('Allow public'); appFleet.connections.allowDefaultPortTo(rdsDatabase, 'Fleet can access database'); ``` +### Security group rules + +By default, security group wills be added inline to the security group in the output cloud formation +template, if applicable. This includes any static rules by ip address and port range. This +optimization helps to minimize the size of the template. + +In some environments this is not desirable, for example if your security group access is controlled +via tags. You can disable inline rules per security group or globally via the context key +`@aws-cdk/aws-ec2.securityGroupDisableInlineRules`. + +```ts fixture=with-vpc +const mySecurityGroupWithoutInlineRules = new ec2.SecurityGroup(this, 'SecurityGroup', { + vpc, + description: 'Allow ssh access to ec2 instances', + allowAllOutbound: true, + disableInlineRules: true +}); +//This will add the rule as an external cloud formation construct +mySecurityGroupWithoutInlineRules.addIngressRule(ec2.Peer.anyIpv4(), ec2.Port.tcp(22), 'allow ssh access from the world'); +``` + ## Machine Images (AMIs) AMIs control the OS that gets launched when you start your EC2 instance. The EC2 diff --git a/packages/@aws-cdk/aws-ec2/lib/security-group.ts b/packages/@aws-cdk/aws-ec2/lib/security-group.ts index b5c3e4bf5cff2..70bc1311bf8ab 100644 --- a/packages/@aws-cdk/aws-ec2/lib/security-group.ts +++ b/packages/@aws-cdk/aws-ec2/lib/security-group.ts @@ -4,12 +4,14 @@ import * as cxapi from '@aws-cdk/cx-api'; import { Construct } from 'constructs'; import { Connections } from './connections'; import { CfnSecurityGroup, CfnSecurityGroupEgress, CfnSecurityGroupIngress } from './ec2.generated'; -import { IPeer } from './peer'; +import { IPeer, Peer } from './peer'; import { Port } from './port'; import { IVpc } from './vpc'; const SECURITY_GROUP_SYMBOL = Symbol.for('@aws-cdk/iam.SecurityGroup'); +const SECURITY_GROUP_DISABLE_INLINE_RULES_CONTEXT_KEY = '@aws-cdk/aws-ec2.securityGroupDisableInlineRules'; + /** * Interface for security group-like objects */ @@ -229,6 +231,22 @@ export interface SecurityGroupProps { * @default true */ readonly allowAllOutbound?: boolean; + + /** + * Whether to disable inline ingress and egress rule optimization. + * + * If this is set to true, ingress and egress rules will not be declared under the + * SecurityGroup in cloudformation, but will be separate elements. + * + * Inlining rules is an optimization for producing smaller stack templates. Sometimes + * this is not desirable, for example when security group access is managed via tags. + * + * The default value can be overriden globally by setting the context variable + * '@aws-cdk/aws-ec2.securityGroupDisableInlineRules'. + * + * @default false + */ + readonly disableInlineRules?: boolean; } /** @@ -390,6 +408,11 @@ export class SecurityGroup extends SecurityGroupBase { private readonly directIngressRules: CfnSecurityGroup.IngressProperty[] = []; private readonly directEgressRules: CfnSecurityGroup.EgressProperty[] = []; + /** + * Whether to disable optimization for inline security group rules. + */ + private readonly disableInlineRules: boolean; + constructor(scope: Construct, id: string, props: SecurityGroupProps) { super(scope, id, { physicalName: props.securityGroupName, @@ -399,6 +422,10 @@ export class SecurityGroup extends SecurityGroupBase { this.allowAllOutbound = props.allowAllOutbound !== false; + this.disableInlineRules = props.disableInlineRules !== undefined ? + !!props.disableInlineRules : + !!this.node.tryGetContext(SECURITY_GROUP_DISABLE_INLINE_RULES_CONTEXT_KEY); + this.securityGroup = new CfnSecurityGroup(this, 'Resource', { groupName: this.physicalName, groupDescription, @@ -415,7 +442,7 @@ export class SecurityGroup extends SecurityGroupBase { } public addIngressRule(peer: IPeer, connection: Port, description?: string, remoteRule?: boolean) { - if (!peer.canInlineRule || !connection.canInlineRule) { + if (!peer.canInlineRule || !connection.canInlineRule || this.disableInlineRules) { super.addIngressRule(peer, connection, description, remoteRule); return; } @@ -445,7 +472,7 @@ export class SecurityGroup extends SecurityGroupBase { this.removeNoTrafficRule(); } - if (!peer.canInlineRule || !connection.canInlineRule) { + if (!peer.canInlineRule || !connection.canInlineRule || this.disableInlineRules) { super.addEgressRule(peer, connection, description, remoteRule); return; } @@ -519,10 +546,14 @@ export class SecurityGroup extends SecurityGroupBase { * strictly necessary). */ private addDefaultEgressRule() { - if (this.allowAllOutbound) { - this.directEgressRules.push(ALLOW_ALL_RULE); + if (this.disableInlineRules) { + const peer = this.allowAllOutbound ? ALL_TRAFFIC_PEER : NO_TRAFFIC_PEER; + const port = this.allowAllOutbound ? ALL_TRAFFIC_PORT : NO_TRAFFIC_PORT; + const description = this.allowAllOutbound ? ALLOW_ALL_RULE.description : MATCH_NO_TRAFFIC.description; + super.addEgressRule(peer, port, description, false); } else { - this.directEgressRules.push(MATCH_NO_TRAFFIC); + const rule = this.allowAllOutbound? ALLOW_ALL_RULE : MATCH_NO_TRAFFIC; + this.directEgressRules.push(rule); } } @@ -530,9 +561,20 @@ export class SecurityGroup extends SecurityGroupBase { * Remove the bogus rule if it exists */ private removeNoTrafficRule() { - const i = this.directEgressRules.findIndex(r => egressRulesEqual(r, MATCH_NO_TRAFFIC)); - if (i > -1) { - this.directEgressRules.splice(i, 1); + if (this.disableInlineRules) { + const [scope, id] = determineRuleScope( + this, + NO_TRAFFIC_PEER, + NO_TRAFFIC_PORT, + 'to', + false); + + scope.node.tryRemoveChild(id); + } else { + const i = this.directEgressRules.findIndex(r => egressRulesEqual(r, MATCH_NO_TRAFFIC)); + if (i > -1) { + this.directEgressRules.splice(i, 1); + } } } } @@ -554,6 +596,9 @@ const MATCH_NO_TRAFFIC = { toPort: 86, }; +const NO_TRAFFIC_PEER = Peer.ipv4(MATCH_NO_TRAFFIC.cidrIp); +const NO_TRAFFIC_PORT = Port.icmpTypeAndCode(MATCH_NO_TRAFFIC.fromPort, MATCH_NO_TRAFFIC.toPort); + /** * Egress rule that matches all traffic */ @@ -563,6 +608,9 @@ const ALLOW_ALL_RULE = { ipProtocol: '-1', }; +const ALL_TRAFFIC_PEER = Peer.anyIpv4(); +const ALL_TRAFFIC_PORT = Port.allTraffic(); + export interface ConnectionRule { /** * The IP protocol name (tcp, udp, icmp) or number (see Protocol Numbers). diff --git a/packages/@aws-cdk/aws-ec2/test/security-group.test.ts b/packages/@aws-cdk/aws-ec2/test/security-group.test.ts index 9851d87235c41..59f7c4192ff99 100644 --- a/packages/@aws-cdk/aws-ec2/test/security-group.test.ts +++ b/packages/@aws-cdk/aws-ec2/test/security-group.test.ts @@ -1,7 +1,9 @@ -import { expect, haveResource, not } from '@aws-cdk/assert'; +import { expect, haveResource, haveResourceLike, not } from '@aws-cdk/assert'; import { App, Intrinsic, Lazy, Stack, Token } from '@aws-cdk/core'; import { nodeunitShim, Test } from 'nodeunit-shim'; -import { Peer, Port, SecurityGroup, Vpc } from '../lib'; +import { Peer, Port, SecurityGroup, SecurityGroupProps, Vpc } from '../lib'; + +const SECURITY_GROUP_DISABLE_INLINE_RULES_CONTEXT_KEY = '@aws-cdk/aws-ec2.securityGroupDisableInlineRules'; nodeunitShim({ 'security group can allows all outbound traffic by default'(test: Test) { @@ -148,6 +150,23 @@ nodeunitShim({ test.done(); }, + 'Inline Rule Control': { + //Not inlined + 'When props.disableInlineRules is true': testRulesAreNotInlined(undefined, true), + 'When context.disableInlineRules is true': testRulesAreNotInlined(true, undefined), + 'When context.disableInlineRules is true and props.disableInlineRules is true': testRulesAreNotInlined(true, true), + 'When context.disableInlineRules is false and props.disableInlineRules is true': testRulesAreNotInlined(false, true), + 'When props.disableInlineRules is true and context.disableInlineRules is null': testRulesAreNotInlined(null, true), + //Inlined + 'When context.disableInlineRules is false and props.disableInlineRules is false': testRulesAreInlined(false, false), + 'When context.disableInlineRules is true and props.disableInlineRules is false': testRulesAreInlined(true, false), + 'When context.disableInlineRules is false': testRulesAreInlined(false, undefined), + 'When props.disableInlineRules is false': testRulesAreInlined(undefined, false), + 'When neither props.disableInlineRules nor context.disableInlineRules are defined': testRulesAreInlined(undefined, undefined), + 'When props.disableInlineRules is undefined and context.disableInlineRules is null': testRulesAreInlined(null, undefined), + 'When props.disableInlineRules is false and context.disableInlineRules is null': testRulesAreInlined(null, false), + }, + 'peer between all types of peers and port range types'(test: Test) { // GIVEN const stack = new Stack(undefined, 'TestStack', { env: { account: '12345678', region: 'dummy' } }); @@ -311,3 +330,432 @@ nodeunitShim({ test.done(); }, }); + +function testRulesAreInlined(contextDisableInlineRules: boolean | undefined | null, optionsDisableInlineRules: boolean | undefined) { + return { + 'When allowAllOutbound': { + 'new SecurityGroup will create an inline SecurityGroupEgress rule to allow all traffic'(test: Test) { + // GIVEN + const stack = new Stack(); + stack.node.setContext(SECURITY_GROUP_DISABLE_INLINE_RULES_CONTEXT_KEY, contextDisableInlineRules); + const vpc = new Vpc(stack, 'VPC'); + const props: SecurityGroupProps = { vpc, allowAllOutbound: true, disableInlineRules: optionsDisableInlineRules }; + + // WHEN + new SecurityGroup(stack, 'SG1', props); + + expect(stack).to(haveResource('AWS::EC2::SecurityGroup', { + GroupDescription: 'Default/SG1', + VpcId: stack.resolve(vpc.vpcId), + SecurityGroupEgress: [ + { + CidrIp: '0.0.0.0/0', + Description: 'Allow all outbound traffic by default', + IpProtocol: '-1', + }, + ], + })); + expect(stack).to(not(haveResourceLike('AWS::EC2::SecurityGroupEgress', {}))); + expect(stack).to(not(haveResourceLike('AWS::EC2::SecurityGroupIngress', {}))); + test.done(); + }, + + 'addEgressRule rule will not modify egress rules'(test: Test) { + // GIVEN + const stack = new Stack(); + stack.node.setContext(SECURITY_GROUP_DISABLE_INLINE_RULES_CONTEXT_KEY, contextDisableInlineRules); + const vpc = new Vpc(stack, 'VPC'); + const props: SecurityGroupProps = { vpc, allowAllOutbound: true, disableInlineRules: optionsDisableInlineRules }; + + // WHEN + const sg = new SecurityGroup(stack, 'SG1', props); + sg.addEgressRule(Peer.anyIpv4(), Port.tcp(86), 'An external Rule'); + + expect(stack).to(haveResource('AWS::EC2::SecurityGroup', { + GroupDescription: 'Default/SG1', + VpcId: stack.resolve(vpc.vpcId), + SecurityGroupEgress: [ + { + CidrIp: '0.0.0.0/0', + Description: 'Allow all outbound traffic by default', + IpProtocol: '-1', + }, + ], + })); + + expect(stack).to(not(haveResourceLike('AWS::EC2::SecurityGroupEgress', {}))); + expect(stack).to(not(haveResourceLike('AWS::EC2::SecurityGroupIngress', {}))); + test.done(); + }, + + 'addIngressRule will add a new ingress rule'(test: Test) { + // GIVEN + const stack = new Stack(); + stack.node.setContext(SECURITY_GROUP_DISABLE_INLINE_RULES_CONTEXT_KEY, contextDisableInlineRules); + const vpc = new Vpc(stack, 'VPC'); + const props: SecurityGroupProps = { vpc, allowAllOutbound: true, disableInlineRules: optionsDisableInlineRules }; + + // WHEN + const sg = new SecurityGroup(stack, 'SG1', props); + sg.addIngressRule(Peer.anyIpv4(), Port.tcp(86), 'An external Rule'); + + expect(stack).to(haveResource('AWS::EC2::SecurityGroup', { + GroupDescription: 'Default/SG1', + VpcId: stack.resolve(vpc.vpcId), + SecurityGroupIngress: [ + { + CidrIp: '0.0.0.0/0', + Description: 'An external Rule', + FromPort: 86, + IpProtocol: 'tcp', + ToPort: 86, + }, + ], + SecurityGroupEgress: [ + { + CidrIp: '0.0.0.0/0', + Description: 'Allow all outbound traffic by default', + IpProtocol: '-1', + }, + ], + })); + + expect(stack).to(not(haveResourceLike('AWS::EC2::SecurityGroupEgress', {}))); + expect(stack).to(not(haveResourceLike('AWS::EC2::SecurityGroupIngress', {}))); + test.done(); + }, + }, + + 'When do not allowAllOutbound': { + 'new SecurityGroup rule will create an egress rule that denies all traffic'(test: Test) { + // GIVEN + const stack = new Stack(); + stack.node.setContext(SECURITY_GROUP_DISABLE_INLINE_RULES_CONTEXT_KEY, contextDisableInlineRules); + const vpc = new Vpc(stack, 'VPC'); + const props: SecurityGroupProps = { vpc, allowAllOutbound: false, disableInlineRules: optionsDisableInlineRules }; + + // WHEN + new SecurityGroup(stack, 'SG1', props); + + expect(stack).to(haveResource('AWS::EC2::SecurityGroup', { + GroupDescription: 'Default/SG1', + VpcId: stack.resolve(vpc.vpcId), + SecurityGroupEgress: [ + { + CidrIp: '255.255.255.255/32', + Description: 'Disallow all traffic', + IpProtocol: 'icmp', + FromPort: 252, + ToPort: 86, + }, + ], + })); + expect(stack).to(not(haveResourceLike('AWS::EC2::SecurityGroupIngress', {}))); + expect(stack).to(not(haveResourceLike('AWS::EC2::SecurityGroupIngress', {}))); + + test.done(); + }, + 'addEgressRule rule will add a new inline egress rule and remove the denyAllTraffic rule'(test: Test) { + // GIVEN + const stack = new Stack(); + stack.node.setContext(SECURITY_GROUP_DISABLE_INLINE_RULES_CONTEXT_KEY, contextDisableInlineRules); + const vpc = new Vpc(stack, 'VPC'); + const props: SecurityGroupProps = { vpc, allowAllOutbound: false, disableInlineRules: optionsDisableInlineRules }; + + // WHEN + const sg = new SecurityGroup(stack, 'SG1', props); + sg.addEgressRule(Peer.anyIpv4(), Port.tcp(86), 'An inline Rule'); + + expect(stack).to(haveResource('AWS::EC2::SecurityGroup', { + GroupDescription: 'Default/SG1', + VpcId: stack.resolve(vpc.vpcId), + SecurityGroupEgress: [ + { + CidrIp: '0.0.0.0/0', + Description: 'An inline Rule', + FromPort: 86, + IpProtocol: 'tcp', + ToPort: 86, + }, + ], + })); + + expect(stack).to(not(haveResourceLike('AWS::EC2::SecurityGroupEgress', {}))); + expect(stack).to(not(haveResourceLike('AWS::EC2::SecurityGroupIngress', {}))); + test.done(); + }, + + 'addIngressRule will add a new ingress rule'(test: Test) { + // GIVEN + const stack = new Stack(); + stack.node.setContext(SECURITY_GROUP_DISABLE_INLINE_RULES_CONTEXT_KEY, contextDisableInlineRules); + const vpc = new Vpc(stack, 'VPC'); + const props: SecurityGroupProps = { vpc, allowAllOutbound: false, disableInlineRules: optionsDisableInlineRules }; + + // WHEN + const sg = new SecurityGroup(stack, 'SG1', props); + sg.addIngressRule(Peer.anyIpv4(), Port.tcp(86), 'An external Rule'); + + expect(stack).to(haveResource('AWS::EC2::SecurityGroup', { + GroupDescription: 'Default/SG1', + VpcId: stack.resolve(vpc.vpcId), + SecurityGroupIngress: [ + { + CidrIp: '0.0.0.0/0', + Description: 'An external Rule', + FromPort: 86, + IpProtocol: 'tcp', + ToPort: 86, + }, + ], + SecurityGroupEgress: [ + { + CidrIp: '255.255.255.255/32', + Description: 'Disallow all traffic', + IpProtocol: 'icmp', + FromPort: 252, + ToPort: 86, + }, + ], + })); + + expect(stack).to(not(haveResourceLike('AWS::EC2::SecurityGroupEgress', {}))); + expect(stack).to(not(haveResourceLike('AWS::EC2::SecurityGroupIngress', {}))); + test.done(); + }, + }, + }; +} + + +function testRulesAreNotInlined(contextDisableInlineRules: boolean | undefined | null, optionsDisableInlineRules: boolean | undefined) { + return { + 'When allowAllOutbound': { + 'new SecurityGroup will create an external SecurityGroupEgress rule'(test: Test) { + // GIVEN + const stack = new Stack(); + stack.node.setContext(SECURITY_GROUP_DISABLE_INLINE_RULES_CONTEXT_KEY, contextDisableInlineRules); + const vpc = new Vpc(stack, 'VPC'); + const props: SecurityGroupProps = { vpc, allowAllOutbound: true, disableInlineRules: optionsDisableInlineRules }; + + // WHEN + const sg = new SecurityGroup(stack, 'SG1', props); + + expect(stack).to(haveResource('AWS::EC2::SecurityGroup', { + GroupDescription: 'Default/SG1', + VpcId: stack.resolve(vpc.vpcId), + })); + expect(stack).to(haveResource('AWS::EC2::SecurityGroupEgress', { + GroupId: stack.resolve(sg.securityGroupId), + CidrIp: '0.0.0.0/0', + Description: 'Allow all outbound traffic by default', + IpProtocol: '-1', + })); + expect(stack).to(not(haveResourceLike('AWS::EC2::SecurityGroupIngress', {}))); + test.done(); + }, + + 'addIngressRule rule will not remove external allowAllOutbound rule'(test: Test) { + // GIVEN + const stack = new Stack(); + stack.node.setContext(SECURITY_GROUP_DISABLE_INLINE_RULES_CONTEXT_KEY, contextDisableInlineRules); + const vpc = new Vpc(stack, 'VPC'); + const props: SecurityGroupProps = { vpc, allowAllOutbound: true, disableInlineRules: optionsDisableInlineRules }; + + // WHEN + const sg = new SecurityGroup(stack, 'SG1', props); + sg.addEgressRule(Peer.anyIpv4(), Port.tcp(86), 'An external Rule'); + + expect(stack).to(haveResource('AWS::EC2::SecurityGroup', { + GroupDescription: 'Default/SG1', + VpcId: stack.resolve(vpc.vpcId), + })); + + expect(stack).to(haveResource('AWS::EC2::SecurityGroupEgress', { + GroupId: stack.resolve(sg.securityGroupId), + CidrIp: '0.0.0.0/0', + Description: 'Allow all outbound traffic by default', + IpProtocol: '-1', + })); + + expect(stack).to(not(haveResourceLike('AWS::EC2::SecurityGroupIngress', {}))); + test.done(); + }, + + 'addIngressRule rule will not add a new egress rule'(test: Test) { + // GIVEN + const stack = new Stack(); + stack.node.setContext(SECURITY_GROUP_DISABLE_INLINE_RULES_CONTEXT_KEY, contextDisableInlineRules); + const vpc = new Vpc(stack, 'VPC'); + const props: SecurityGroupProps = { vpc, allowAllOutbound: true, disableInlineRules: optionsDisableInlineRules }; + + // WHEN + const sg = new SecurityGroup(stack, 'SG1', props); + sg.addEgressRule(Peer.anyIpv4(), Port.tcp(86), 'An external Rule'); + + expect(stack).to(haveResource('AWS::EC2::SecurityGroup', { + GroupDescription: 'Default/SG1', + VpcId: stack.resolve(vpc.vpcId), + })); + + expect(stack).to(not(haveResource('AWS::EC2::SecurityGroupEgress', { + GroupId: stack.resolve(sg.securityGroupId), + Description: 'An external Rule', + }))); + + expect(stack).to(not(haveResourceLike('AWS::EC2::SecurityGroupIngress', {}))); + test.done(); + }, + + 'addIngressRule rule will add a new external ingress rule even if it could have been inlined'(test: Test) { + // GIVEN + const stack = new Stack(); + stack.node.setContext(SECURITY_GROUP_DISABLE_INLINE_RULES_CONTEXT_KEY, contextDisableInlineRules); + const vpc = new Vpc(stack, 'VPC'); + const props: SecurityGroupProps = { vpc, allowAllOutbound: true, disableInlineRules: optionsDisableInlineRules }; + + // WHEN + const sg = new SecurityGroup(stack, 'SG1', props); + sg.addIngressRule(Peer.anyIpv4(), Port.tcp(86), 'An external Rule'); + + expect(stack).to(haveResource('AWS::EC2::SecurityGroup', { + GroupDescription: 'Default/SG1', + VpcId: stack.resolve(vpc.vpcId), + })); + + expect(stack).to(haveResource('AWS::EC2::SecurityGroupIngress', { + GroupId: stack.resolve(sg.securityGroupId), + CidrIp: '0.0.0.0/0', + Description: 'An external Rule', + FromPort: 86, + IpProtocol: 'tcp', + ToPort: 86, + })); + + expect(stack).to(haveResource('AWS::EC2::SecurityGroupEgress', { + GroupId: stack.resolve(sg.securityGroupId), + CidrIp: '0.0.0.0/0', + Description: 'Allow all outbound traffic by default', + IpProtocol: '-1', + })); + test.done(); + }, + }, + + 'When do not allowAllOutbound': { + 'new SecurityGroup rule will create an external egress rule that denies all traffic'(test: Test) { + // GIVEN + const stack = new Stack(); + stack.node.setContext(SECURITY_GROUP_DISABLE_INLINE_RULES_CONTEXT_KEY, contextDisableInlineRules); + const vpc = new Vpc(stack, 'VPC'); + const props: SecurityGroupProps = { vpc, allowAllOutbound: false, disableInlineRules: optionsDisableInlineRules }; + + // WHEN + const sg = new SecurityGroup(stack, 'SG1', props); + + expect(stack).to(haveResource('AWS::EC2::SecurityGroup', { + GroupDescription: 'Default/SG1', + VpcId: stack.resolve(vpc.vpcId), + })); + expect(stack).to(not(haveResourceLike('AWS::EC2::SecurityGroupIngress', {}))); + expect(stack).to(haveResource('AWS::EC2::SecurityGroupEgress', { + GroupId: stack.resolve(sg.securityGroupId), + CidrIp: '255.255.255.255/32', + Description: 'Disallow all traffic', + IpProtocol: 'icmp', + FromPort: 252, + ToPort: 86, + })); + test.done(); + }, + + 'addEgressRule rule will remove the rule that denies all traffic if another egress rule is added'(test: Test) { + // GIVEN + const stack = new Stack(); + stack.node.setContext(SECURITY_GROUP_DISABLE_INLINE_RULES_CONTEXT_KEY, contextDisableInlineRules); + const vpc = new Vpc(stack, 'VPC'); + const props: SecurityGroupProps = { vpc, allowAllOutbound: false, disableInlineRules: optionsDisableInlineRules }; + + // WHEN + const sg = new SecurityGroup(stack, 'SG1', props); + sg.addEgressRule(Peer.anyIpv4(), Port.tcp(86), 'An external Rule'); + + expect(stack).to(haveResource('AWS::EC2::SecurityGroup', { + GroupDescription: 'Default/SG1', + VpcId: stack.resolve(vpc.vpcId), + })); + expect(stack).to(not(haveResourceLike('AWS::EC2::SecurityGroupIngress', {}))); + expect(stack).to(not(haveResourceLike('AWS::EC2::SecurityGroupEgress', { + GroupId: stack.resolve(sg.securityGroupId), + CidrIp: '255.255.255.255/32', + }))); + test.done(); + }, + + 'addEgressRule rule will add a new external egress rule even if it could have been inlined'(test: Test) { + // GIVEN + const stack = new Stack(); + stack.node.setContext(SECURITY_GROUP_DISABLE_INLINE_RULES_CONTEXT_KEY, contextDisableInlineRules); + const vpc = new Vpc(stack, 'VPC'); + const props: SecurityGroupProps = { vpc, allowAllOutbound: false, disableInlineRules: optionsDisableInlineRules }; + + // WHEN + const sg = new SecurityGroup(stack, 'SG1', props); + sg.addEgressRule(Peer.anyIpv4(), Port.tcp(86), 'An external Rule'); + + expect(stack).to(haveResource('AWS::EC2::SecurityGroup', { + GroupDescription: 'Default/SG1', + VpcId: stack.resolve(vpc.vpcId), + })); + + expect(stack).to(haveResource('AWS::EC2::SecurityGroupEgress', { + GroupId: stack.resolve(sg.securityGroupId), + CidrIp: '0.0.0.0/0', + Description: 'An external Rule', + FromPort: 86, + IpProtocol: 'tcp', + ToPort: 86, + })); + + expect(stack).to(not(haveResourceLike('AWS::EC2::SecurityGroupIngress', {}))); + test.done(); + }, + + 'addIngressRule will add a new external ingress rule even if it could have been inlined'(test: Test) { + // GIVEN + const stack = new Stack(); + stack.node.setContext(SECURITY_GROUP_DISABLE_INLINE_RULES_CONTEXT_KEY, contextDisableInlineRules); + const vpc = new Vpc(stack, 'VPC'); + const props: SecurityGroupProps = { vpc, allowAllOutbound: false, disableInlineRules: optionsDisableInlineRules }; + + // WHEN + const sg = new SecurityGroup(stack, 'SG1', props); + sg.addIngressRule(Peer.anyIpv4(), Port.tcp(86), 'An external Rule'); + + expect(stack).to(haveResource('AWS::EC2::SecurityGroup', { + GroupDescription: 'Default/SG1', + VpcId: stack.resolve(vpc.vpcId), + })); + + expect(stack).to(haveResource('AWS::EC2::SecurityGroupIngress', { + GroupId: stack.resolve(sg.securityGroupId), + CidrIp: '0.0.0.0/0', + Description: 'An external Rule', + FromPort: 86, + IpProtocol: 'tcp', + ToPort: 86, + })); + + expect(stack).to(haveResource('AWS::EC2::SecurityGroupEgress', { + GroupId: stack.resolve(sg.securityGroupId), + CidrIp: '255.255.255.255/32', + Description: 'Disallow all traffic', + IpProtocol: 'icmp', + FromPort: 252, + ToPort: 86, + })); + test.done(); + }, + }, + }; +} \ No newline at end of file From b2322aac00dbbf5b171d5887fef2a3c8f3267c73 Mon Sep 17 00:00:00 2001 From: Neta Nir Date: Tue, 30 Mar 2021 03:14:42 -0700 Subject: [PATCH 047/260] =?UTF-8?q?feat(fsx):=20graduate=20to=20stable=20?= =?UTF-8?q?=F0=9F=9A=80=20=20(#13860)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-fsx/README.md | 12 +----------- packages/@aws-cdk/aws-fsx/package.json | 4 ++-- 2 files changed, 3 insertions(+), 13 deletions(-) diff --git a/packages/@aws-cdk/aws-fsx/README.md b/packages/@aws-cdk/aws-fsx/README.md index bcb2497f145ff..ebcd311266036 100644 --- a/packages/@aws-cdk/aws-fsx/README.md +++ b/packages/@aws-cdk/aws-fsx/README.md @@ -5,17 +5,7 @@ ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. -> -> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib - -![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) - -> The APIs of higher level constructs in this module are experimental and under active development. -> They are subject to non-backward compatible changes or removal in any future version. These are -> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be -> announced in the release notes. This means that while you may use them, you may need to update -> your source code when upgrading to a newer version of this package. +![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- diff --git a/packages/@aws-cdk/aws-fsx/package.json b/packages/@aws-cdk/aws-fsx/package.json index 016a7bb6a7a03..419bafd1d7ef3 100644 --- a/packages/@aws-cdk/aws-fsx/package.json +++ b/packages/@aws-cdk/aws-fsx/package.json @@ -102,8 +102,8 @@ "resource-interface:@aws-cdk/aws-fsx.LustreFileSystem" ] }, - "stability": "experimental", - "maturity": "experimental", + "stability": "stable", + "maturity": "stable", "awscdkio": { "announce": false }, From 2384cdd39bae1639bf3e6bfdeb7a08edc6306cac Mon Sep 17 00:00:00 2001 From: Neta Nir Date: Tue, 30 Mar 2021 03:48:33 -0700 Subject: [PATCH 048/260] =?UTF-8?q?feat(chatbot):=20graduate=20to=20stable?= =?UTF-8?q?=20=F0=9F=9A=80=20=20(#13863)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-chatbot/README.md | 12 +----------- packages/@aws-cdk/aws-chatbot/package.json | 4 ++-- 2 files changed, 3 insertions(+), 13 deletions(-) diff --git a/packages/@aws-cdk/aws-chatbot/README.md b/packages/@aws-cdk/aws-chatbot/README.md index 2c4cee1196900..857e2524ed784 100644 --- a/packages/@aws-cdk/aws-chatbot/README.md +++ b/packages/@aws-cdk/aws-chatbot/README.md @@ -5,17 +5,7 @@ ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. -> -> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib - -![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) - -> The APIs of higher level constructs in this module are experimental and under active development. -> They are subject to non-backward compatible changes or removal in any future version. These are -> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be -> announced in the release notes. This means that while you may use them, you may need to update -> your source code when upgrading to a newer version of this package. +![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- diff --git a/packages/@aws-cdk/aws-chatbot/package.json b/packages/@aws-cdk/aws-chatbot/package.json index 285a2637720dd..6873e8860eb2e 100644 --- a/packages/@aws-cdk/aws-chatbot/package.json +++ b/packages/@aws-cdk/aws-chatbot/package.json @@ -98,8 +98,8 @@ "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" }, - "stability": "experimental", - "maturity": "experimental", + "stability": "stable", + "maturity": "stable", "awscdkio": { "announce": false }, From 560a8536ffc31f74fe2366b1365681c1e56e33da Mon Sep 17 00:00:00 2001 From: Adam Ruka Date: Tue, 30 Mar 2021 04:22:14 -0700 Subject: [PATCH 049/260] fix(iam): Role import doesn't fail when forgetting the region in the ARN (#13821) If you forget the region part of the ARN for an IAM resource like a Role (and considering the region is never provided for IAM resources, it's easy to forget, as you have to provide it as `::`), the IAM library doesn't catch this error, and you only find out about it at deployment time, with a very confusing `Fn::Select cannot select nonexistent value at index 5` message from CloudFormation. Re-factor the ARN parsing code in core a little bit to allow us to catch this common error. Fixes #13812 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../aws-iam/test/role.from-role-arn.test.ts | 17 ++++++++++- packages/@aws-cdk/core/lib/arn.ts | 28 ++++++++++++------- packages/@aws-cdk/core/test/arn.test.ts | 6 ++-- 3 files changed, 37 insertions(+), 14 deletions(-) diff --git a/packages/@aws-cdk/aws-iam/test/role.from-role-arn.test.ts b/packages/@aws-cdk/aws-iam/test/role.from-role-arn.test.ts index afe6fb576f298..abc7db01d35a6 100644 --- a/packages/@aws-cdk/aws-iam/test/role.from-role-arn.test.ts +++ b/packages/@aws-cdk/aws-iam/test/role.from-role-arn.test.ts @@ -1,5 +1,5 @@ import '@aws-cdk/assert/jest'; -import { App, CfnElement, Lazy, Stack } from '@aws-cdk/core'; +import { App, Aws, CfnElement, Lazy, Stack } from '@aws-cdk/core'; import { AnyPrincipal, ArnPrincipal, IRole, Policy, PolicyStatement, Role } from '../lib'; /* eslint-disable quote-props */ @@ -519,6 +519,21 @@ describe('IAM Role.fromRoleArn', () => { }); }); }); + + describe('for an incorrect ARN', () => { + beforeEach(() => { + roleStack = new Stack(app, 'RoleStack'); + }); + + describe("that accidentally skipped the 'region' fragment of the ARN", () => { + test('throws an exception, indicating that error', () => { + expect(() => { + Role.fromRoleArn(roleStack, 'Role', + `arn:${Aws.PARTITION}:iam:${Aws.ACCOUNT_ID}:role/AwsCicd-${Aws.REGION}-CodeBuildRole`); + }).toThrow(/The `resource` component \(6th component\) of an ARN is required:/); + }); + }); + }); }); function somePolicyStatement() { diff --git a/packages/@aws-cdk/core/lib/arn.ts b/packages/@aws-cdk/core/lib/arn.ts index 1ffcc2da2b33c..fe6b5b12b934b 100644 --- a/packages/@aws-cdk/core/lib/arn.ts +++ b/packages/@aws-cdk/core/lib/arn.ts @@ -286,31 +286,39 @@ function parseToken(arnToken: string, sep: string = '/', hasName: boolean = true * Validate that a string is either unparseable or looks mostly like an ARN */ function parseArnShape(arn: string): 'token' | string[] { - const components = arn.split(':'); - const looksLikeArn = arn.startsWith('arn:') && components.length >= 6; + // assume anything that starts with 'arn:' is an ARN, + // so we can report better errors + const looksLikeArn = arn.startsWith('arn:'); if (!looksLikeArn) { - if (Token.isUnresolved(arn)) { return 'token'; } - throw new Error(`ARNs must start with "arn:" and have at least 6 components: ${arn}`); + if (Token.isUnresolved(arn)) { + return 'token'; + } else { + throw new Error(`ARNs must start with "arn:" and have at least 6 components: ${arn}`); + } } // If the ARN merely contains Tokens, but otherwise *looks* mostly like an ARN, - // it's a string of the form 'arn:${partition}:service:${region}:${account}:abc/xyz'. + // it's a string of the form 'arn:${partition}:service:${region}:${account}:resource/xyz'. // Parse fields out to the best of our ability. // Tokens won't contain ":", so this won't break them. + const components = arn.split(':'); - const [/* arn */, partition, service, /* region */ , /* account */ , resource] = components; + // const [/* arn */, partition, service, /* region */ , /* account */ , resource] = components; + const partition = components.length > 1 ? components[1] : undefined; if (!partition) { - throw new Error('The `partition` component (2nd component) is required: ' + arn); + throw new Error('The `partition` component (2nd component) of an ARN is required: ' + arn); } + const service = components.length > 2 ? components[2] : undefined; if (!service) { - throw new Error('The `service` component (3rd component) is required: ' + arn); + throw new Error('The `service` component (3rd component) of an ARN is required: ' + arn); } + const resource = components.length > 5 ? components[5] : undefined; if (!resource) { - throw new Error('The `resource` component (6th component) is required: ' + arn); + throw new Error('The `resource` component (6th component) of an ARN is required: ' + arn); } // Region can be missing in global ARNs (such as used by IAM) @@ -318,4 +326,4 @@ function parseArnShape(arn: string): 'token' | string[] { // Account can be missing in some ARN types (such as used for S3 buckets) return components; -} \ No newline at end of file +} diff --git a/packages/@aws-cdk/core/test/arn.test.ts b/packages/@aws-cdk/core/test/arn.test.ts index b4b135fff94e6..febbcc407c2b7 100644 --- a/packages/@aws-cdk/core/test/arn.test.ts +++ b/packages/@aws-cdk/core/test/arn.test.ts @@ -110,19 +110,19 @@ nodeunitShim({ 'if the ARN doesnt have enough components'(test: Test) { const stack = new Stack(); - test.throws(() => stack.parseArn('arn:is:too:short'), /ARNs must.*have at least 6 components.*arn:is:too:short/); + test.throws(() => stack.parseArn('arn:is:too:short'), /The `resource` component \(6th component\) of an ARN is required/); test.done(); }, 'if "service" is not specified'(test: Test) { const stack = new Stack(); - test.throws(() => stack.parseArn('arn:aws::4:5:6'), /The `service` component \(3rd component\) is required/); + test.throws(() => stack.parseArn('arn:aws::4:5:6'), /The `service` component \(3rd component\) of an ARN is required/); test.done(); }, 'if "resource" is not specified'(test: Test) { const stack = new Stack(); - test.throws(() => stack.parseArn('arn:aws:service:::'), /The `resource` component \(6th component\) is required/); + test.throws(() => stack.parseArn('arn:aws:service:::'), /The `resource` component \(6th component\) of an ARN is required/); test.done(); }, }, From 08de26210e2a0f3a104da4afa42e8478f2d7d171 Mon Sep 17 00:00:00 2001 From: Niranjan Jayakar Date: Tue, 30 Mar 2021 12:56:07 +0100 Subject: [PATCH 050/260] chore: upgrade to netmask@2 (#13874) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit netmask@1 is affected by CVE-2021-28918 https://github.com/advisories/GHSA-pch5-whg9-qr2r netmask is a depdendency to the CDK via aws-cdk → proxy-agent@4.0.1 → pac-proxy-agent@4.1.0 → pac-resolver@4.1.0 → netmask@1.0.6 None of these dependencies have upgraded to netmask@2 as yet. Use yarn's [selective dependency resolution], to explicitly pick netmask@2. This upgrades yarn.lock and the CLI's npm-shrinkwrap.json. With this fix, npm customers will no longer depend on netmask@2 transitively via the CDK. For yarn customers, there is no clean resolution since yarn does not respective the the 'resolutions' key in dependencies' package.json and does not respect the shrinkwrap. The init templates now ship the 'resolutions' key so that new customers using yarn will be unaffected. A different solution has to be devised for existing customers on yarn. [selective dependency resolution]: https://classic.yarnpkg.com/en/docs/selective-version-resolutions/ ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- package.json | 4 +++- .../v1/app/javascript/package.template.json | 3 +++ .../v1/app/typescript/package.template.json | 3 +++ .../v1/lib/typescript/package.template.json | 3 +++ .../v1/sample-app/javascript/package.template.json | 3 +++ .../v1/sample-app/typescript/package.template.json | 3 +++ .../v2/app/javascript/package.template.json | 3 +++ .../v2/app/typescript/package.template.json | 3 +++ .../v2/lib/typescript/package.template.json | 3 +++ .../v2/sample-app/javascript/package.template.json | 3 +++ .../v2/sample-app/typescript/package.template.json | 3 +++ yarn.lock | 8 ++++---- 12 files changed, 37 insertions(+), 5 deletions(-) diff --git a/package.json b/package.json index 6dad27d90e51f..d4e3ecd04c1c1 100644 --- a/package.json +++ b/package.json @@ -25,8 +25,10 @@ "standard-version": "^9.1.1", "typescript": "~3.9.9" }, - "resolutions-comment": "should be removed or reviewed when nodeunit dependency is dropped or adjusted", + "netmask-resolutions-comment": "transitive dep from proxy-agent@4.0.1. review when dependencies upgrade", + "tap-mocha-reporter-resolutions-comment": "should be removed or reviewed when nodeunit dependency is dropped or adjusted", "resolutions": { + "netmask": "2.0.1", "tap-mocha-reporter": "^5.0.1" }, "repository": { diff --git a/packages/aws-cdk/lib/init-templates/v1/app/javascript/package.template.json b/packages/aws-cdk/lib/init-templates/v1/app/javascript/package.template.json index 5547dacf3a673..94fa701483337 100644 --- a/packages/aws-cdk/lib/init-templates/v1/app/javascript/package.template.json +++ b/packages/aws-cdk/lib/init-templates/v1/app/javascript/package.template.json @@ -16,5 +16,8 @@ }, "dependencies": { "@aws-cdk/core": "%cdk-version%" + }, + "resolutions": { + "netmask": "2.0.1" } } diff --git a/packages/aws-cdk/lib/init-templates/v1/app/typescript/package.template.json b/packages/aws-cdk/lib/init-templates/v1/app/typescript/package.template.json index df89ae6a206bb..2ae2ecf430317 100644 --- a/packages/aws-cdk/lib/init-templates/v1/app/typescript/package.template.json +++ b/packages/aws-cdk/lib/init-templates/v1/app/typescript/package.template.json @@ -23,5 +23,8 @@ "dependencies": { "@aws-cdk/core": "%cdk-version%", "source-map-support": "^0.5.16" + }, + "resolutions": { + "netmask": "2.0.1" } } diff --git a/packages/aws-cdk/lib/init-templates/v1/lib/typescript/package.template.json b/packages/aws-cdk/lib/init-templates/v1/lib/typescript/package.template.json index 8d9ef219c74ca..04f72fb1387c1 100644 --- a/packages/aws-cdk/lib/init-templates/v1/lib/typescript/package.template.json +++ b/packages/aws-cdk/lib/init-templates/v1/lib/typescript/package.template.json @@ -21,5 +21,8 @@ }, "dependencies": { "@aws-cdk/core": "%cdk-version%" + }, + "resolutions": { + "netmask": "2.0.1" } } diff --git a/packages/aws-cdk/lib/init-templates/v1/sample-app/javascript/package.template.json b/packages/aws-cdk/lib/init-templates/v1/sample-app/javascript/package.template.json index 7594be2ffb151..bf83cd9b9b0af 100644 --- a/packages/aws-cdk/lib/init-templates/v1/sample-app/javascript/package.template.json +++ b/packages/aws-cdk/lib/init-templates/v1/sample-app/javascript/package.template.json @@ -19,5 +19,8 @@ "@aws-cdk/aws-sns-subscriptions": "%cdk-version%", "@aws-cdk/aws-sqs": "%cdk-version%", "@aws-cdk/core": "%cdk-version%" + }, + "resolutions": { + "netmask": "2.0.1" } } diff --git a/packages/aws-cdk/lib/init-templates/v1/sample-app/typescript/package.template.json b/packages/aws-cdk/lib/init-templates/v1/sample-app/typescript/package.template.json index 98942aa31c167..558e796efb50a 100644 --- a/packages/aws-cdk/lib/init-templates/v1/sample-app/typescript/package.template.json +++ b/packages/aws-cdk/lib/init-templates/v1/sample-app/typescript/package.template.json @@ -25,5 +25,8 @@ "@aws-cdk/aws-sns-subscriptions": "%cdk-version%", "@aws-cdk/aws-sqs": "%cdk-version%", "@aws-cdk/core": "%cdk-version%" + }, + "resolutions": { + "netmask": "2.0.1" } } diff --git a/packages/aws-cdk/lib/init-templates/v2/app/javascript/package.template.json b/packages/aws-cdk/lib/init-templates/v2/app/javascript/package.template.json index 165f100d82429..d93d6ce796824 100644 --- a/packages/aws-cdk/lib/init-templates/v2/app/javascript/package.template.json +++ b/packages/aws-cdk/lib/init-templates/v2/app/javascript/package.template.json @@ -16,5 +16,8 @@ "dependencies": { "aws-cdk-lib": "%cdk-version%", "constructs": "^3.0.4" + }, + "resolutions": { + "netmask": "2.0.1" } } diff --git a/packages/aws-cdk/lib/init-templates/v2/app/typescript/package.template.json b/packages/aws-cdk/lib/init-templates/v2/app/typescript/package.template.json index c71e1aea5f5ae..363b3c58c9984 100644 --- a/packages/aws-cdk/lib/init-templates/v2/app/typescript/package.template.json +++ b/packages/aws-cdk/lib/init-templates/v2/app/typescript/package.template.json @@ -23,5 +23,8 @@ "aws-cdk-lib": "%cdk-version%", "constructs": "^3.0.4", "source-map-support": "^0.5.16" + }, + "resolutions": { + "netmask": "2.0.1" } } diff --git a/packages/aws-cdk/lib/init-templates/v2/lib/typescript/package.template.json b/packages/aws-cdk/lib/init-templates/v2/lib/typescript/package.template.json index f255ef76f1fb9..26ae2f022b3f5 100644 --- a/packages/aws-cdk/lib/init-templates/v2/lib/typescript/package.template.json +++ b/packages/aws-cdk/lib/init-templates/v2/lib/typescript/package.template.json @@ -22,5 +22,8 @@ "dependencies": { "aws-cdk-lib": "%cdk-version%", "constructs": "^3.0.4" + }, + "resolutions": { + "netmask": "2.0.1" } } diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/package.template.json b/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/package.template.json index 165f100d82429..d93d6ce796824 100644 --- a/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/package.template.json +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/package.template.json @@ -16,5 +16,8 @@ "dependencies": { "aws-cdk-lib": "%cdk-version%", "constructs": "^3.0.4" + }, + "resolutions": { + "netmask": "2.0.1" } } diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/package.template.json b/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/package.template.json index 4b36fa55ec3ad..707672df12df9 100644 --- a/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/package.template.json +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/package.template.json @@ -22,5 +22,8 @@ "dependencies": { "aws-cdk-lib": "%cdk-version%", "constructs": "^3.0.4" + }, + "resolutions": { + "netmask": "2.0.1" } } diff --git a/yarn.lock b/yarn.lock index 44a1f4e1a85f6..11d022227b7d1 100644 --- a/yarn.lock +++ b/yarn.lock @@ -6909,10 +6909,10 @@ nested-error-stacks@^2.0.0: resolved "https://registry.yarnpkg.com/nested-error-stacks/-/nested-error-stacks-2.1.0.tgz#0fbdcf3e13fe4994781280524f8b96b0cdff9c61" integrity sha512-AO81vsIO1k1sM4Zrd6Hu7regmJN1NSiAja10gc4bX3F0wd+9rQmcuHQaHVQCYIEC8iFXnE+mavh23GOt7wBgug== -netmask@^1.0.6: - version "1.0.6" - resolved "https://registry.yarnpkg.com/netmask/-/netmask-1.0.6.tgz#20297e89d86f6f6400f250d9f4f6b4c1945fcd35" - integrity sha1-ICl+idhvb2QA8lDZ9Pa0wZRfzTU= +netmask@2.0.1, netmask@^1.0.6: + version "2.0.1" + resolved "https://registry.yarnpkg.com/netmask/-/netmask-2.0.1.tgz#5a5cbdcbb7b6de650870e15e83d3e9553a414cf4" + integrity sha512-gB8eG6ubxz67c7O2gaGiyWdRUIbH61q7anjgueDqCC9kvIs/b4CTtCMaQKeJbv1/Y7FT19I4zKwYmjnjInRQsg== nice-try@^1.0.4: version "1.0.5" From 169c2fc55c3de2426380d0a1151d1d33cbcc2190 Mon Sep 17 00:00:00 2001 From: Eli Polonsky Date: Tue, 30 Mar 2021 15:30:35 +0300 Subject: [PATCH 051/260] =?UTF-8?q?feat(docdb):=20graduate=20to=20stable?= =?UTF-8?q?=20=F0=9F=9A=80=20=20(#13875)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR also includes some last minute ergonomic changes. BREAKING CHANGE: `DatabaseClusterProps.instanceProps` was hoisted and all its properties are now available one level up directly in `DatabaseClusterProps`. - **docdb**: `DatabaseInstanceProps.instanceClass` renamed to `DatabaseInstanceProps.instanceType`. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-docdb/README.md | 24 +-- packages/@aws-cdk/aws-docdb/lib/cluster.ts | 51 +++++-- packages/@aws-cdk/aws-docdb/lib/instance.ts | 4 +- packages/@aws-cdk/aws-docdb/lib/props.ts | 40 ----- packages/@aws-cdk/aws-docdb/package.json | 4 +- .../@aws-cdk/aws-docdb/test/cluster.test.ts | 144 ++++++------------ .../@aws-cdk/aws-docdb/test/instance.test.ts | 14 +- .../test/integ.cluster-rotation.lit.ts | 6 +- .../@aws-cdk/aws-docdb/test/integ.cluster.ts | 8 +- 9 files changed, 106 insertions(+), 189 deletions(-) diff --git a/packages/@aws-cdk/aws-docdb/README.md b/packages/@aws-cdk/aws-docdb/README.md index 530942578a090..7121a5dee71bb 100644 --- a/packages/@aws-cdk/aws-docdb/README.md +++ b/packages/@aws-cdk/aws-docdb/README.md @@ -5,17 +5,7 @@ ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. -> -> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib - -![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) - -> The APIs of higher level constructs in this module are experimental and under active development. -> They are subject to non-backward compatible changes or removal in any future version. These are -> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be -> announced in the release notes. This means that while you may use them, you may need to update -> your source code when upgrading to a newer version of this package. +![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- @@ -32,13 +22,11 @@ const cluster = new DatabaseCluster(this, 'Database', { masterUser: { username: 'myuser' // NOTE: 'admin' is reserved by DocumentDB }, - instanceProps: { - instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.LARGE), - vpcSubnets: { - subnetType: ec2.SubnetType.PUBLIC, - }, - vpc - } + instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.LARGE), + vpcSubnets: { + subnetType: ec2.SubnetType.PUBLIC, + }, + vpc }); ``` diff --git a/packages/@aws-cdk/aws-docdb/lib/cluster.ts b/packages/@aws-cdk/aws-docdb/lib/cluster.ts index f60a332d1b77f..71df7275d5cba 100644 --- a/packages/@aws-cdk/aws-docdb/lib/cluster.ts +++ b/packages/@aws-cdk/aws-docdb/lib/cluster.ts @@ -8,7 +8,7 @@ import { DatabaseSecret } from './database-secret'; import { CfnDBCluster, CfnDBInstance, CfnDBSubnetGroup } from './docdb.generated'; import { Endpoint } from './endpoint'; import { IClusterParameterGroup } from './parameter-group'; -import { BackupProps, InstanceProps, Login, RotationMultiUserOptions } from './props'; +import { BackupProps, Login, RotationMultiUserOptions } from './props'; /** * Properties for a new database cluster @@ -82,9 +82,37 @@ export interface DatabaseClusterProps { readonly instanceIdentifierBase?: string; /** - * Settings for the individual instances that are launched + * What type of instance to start for the replicas */ - readonly instanceProps: InstanceProps; + readonly instanceType: ec2.InstanceType; + + /** + * What subnets to run the DocumentDB instances in. + * + * Must be at least 2 subnets in two different AZs. + */ + readonly vpc: ec2.IVpc; + + /** + * Where to place the instances within the VPC + * + * @default private subnets + */ + readonly vpcSubnets?: ec2.SubnetSelection; + + /** + * Security group. + * + * @default a new security group is created. + */ + readonly securityGroup?: ec2.ISecurityGroup; + + /** + * The DB parameter group to associate with the instance. + * + * @default no parameter group + */ + readonly parameterGroup?: IClusterParameterGroup; /** * A weekly time range in which maintenance should preferably execute. @@ -99,13 +127,6 @@ export interface DatabaseClusterProps { */ readonly preferredMaintenanceWindow?: string; - /** - * Additional parameters to pass to the database engine - * - * @default - No parameter group. - */ - readonly parameterGroup?: IClusterParameterGroup; - /** * The removal policy to apply when the cluster and its instances are removed * or replaced during a stack update, or when the stack is deleted. This @@ -275,8 +296,8 @@ export class DatabaseCluster extends DatabaseClusterBase { constructor(scope: Construct, id: string, props: DatabaseClusterProps) { super(scope, id); - this.vpc = props.instanceProps.vpc; - this.vpcSubnets = props.instanceProps.vpcSubnets; + this.vpc = props.vpc; + this.vpcSubnets = props.vpcSubnets; // Determine the subnet(s) to deploy the DocDB cluster to const { subnetIds, internetConnectivityEstablished } = this.vpc.selectSubnets(this.vpcSubnets); @@ -295,8 +316,8 @@ export class DatabaseCluster extends DatabaseClusterBase { // Create the security group for the DB cluster let securityGroup: ec2.ISecurityGroup; - if (props.instanceProps.securityGroup) { - securityGroup = props.instanceProps.securityGroup; + if (props.securityGroup) { + securityGroup = props.securityGroup; } else { securityGroup = new ec2.SecurityGroup(this, 'SecurityGroup', { description: 'DocumentDB security group', @@ -381,7 +402,7 @@ export class DatabaseCluster extends DatabaseClusterBase { dbClusterIdentifier: cluster.ref, dbInstanceIdentifier: instanceIdentifier, // Instance properties - dbInstanceClass: databaseInstanceType(props.instanceProps.instanceType), + dbInstanceClass: databaseInstanceType(props.instanceType), }); instance.applyRemovalPolicy(props.removalPolicy, { diff --git a/packages/@aws-cdk/aws-docdb/lib/instance.ts b/packages/@aws-cdk/aws-docdb/lib/instance.ts index 3208bda7107f7..a7563cb601388 100644 --- a/packages/@aws-cdk/aws-docdb/lib/instance.ts +++ b/packages/@aws-cdk/aws-docdb/lib/instance.ts @@ -120,7 +120,7 @@ export interface DatabaseInstanceProps { /** * The name of the compute and memory capacity classes. */ - readonly instanceClass: ec2.InstanceType; + readonly instanceType: ec2.InstanceType; /** * The name of the Availability Zone where the DB instance will be located. @@ -202,7 +202,7 @@ export class DatabaseInstance extends DatabaseInstanceBase implements IDatabaseI const instance = new CfnDBInstance(this, 'Resource', { dbClusterIdentifier: props.cluster.clusterIdentifier, - dbInstanceClass: `db.${props.instanceClass}`, + dbInstanceClass: `db.${props.instanceType}`, autoMinorVersionUpgrade: props.autoMinorVersionUpgrade ?? true, availabilityZone: props.availabilityZone, dbInstanceIdentifier: props.dbInstanceName, diff --git a/packages/@aws-cdk/aws-docdb/lib/props.ts b/packages/@aws-cdk/aws-docdb/lib/props.ts index 270bc51cdc203..9cd24b1fce1bc 100644 --- a/packages/@aws-cdk/aws-docdb/lib/props.ts +++ b/packages/@aws-cdk/aws-docdb/lib/props.ts @@ -1,8 +1,6 @@ -import * as ec2 from '@aws-cdk/aws-ec2'; import * as kms from '@aws-cdk/aws-kms'; import * as secretsmanager from '@aws-cdk/aws-secretsmanager'; import { Duration, SecretValue } from '@aws-cdk/core'; -import { IClusterParameterGroup } from './parameter-group'; /** * Backup configuration for DocumentDB databases @@ -57,44 +55,6 @@ export interface Login { readonly kmsKey?: kms.IKey; } -/** - * Instance properties for database instances - */ -export interface InstanceProps { - /** - * What type of instance to start for the replicas - */ - readonly instanceType: ec2.InstanceType; - - /** - * What subnets to run the DocumentDB instances in. - * - * Must be at least 2 subnets in two different AZs. - */ - readonly vpc: ec2.IVpc; - - /** - * Where to place the instances within the VPC - * - * @default private subnets - */ - readonly vpcSubnets?: ec2.SubnetSelection; - - /** - * Security group. - * - * @default a new security group is created. - */ - readonly securityGroup?: ec2.ISecurityGroup; - - /** - * The DB parameter group to associate with the instance. - * - * @default no parameter group - */ - readonly parameterGroup?: IClusterParameterGroup; -} - /** * Options to add the multi user rotation */ diff --git a/packages/@aws-cdk/aws-docdb/package.json b/packages/@aws-cdk/aws-docdb/package.json index 8442223e41977..b9b4f70a7030c 100644 --- a/packages/@aws-cdk/aws-docdb/package.json +++ b/packages/@aws-cdk/aws-docdb/package.json @@ -104,8 +104,8 @@ "attribute-tag:@aws-cdk/aws-docdb.DatabaseSecret.secretName" ] }, - "stability": "experimental", - "maturity": "experimental", + "stability": "stable", + "maturity": "stable", "awscdkio": { "announce": false }, diff --git a/packages/@aws-cdk/aws-docdb/test/cluster.test.ts b/packages/@aws-cdk/aws-docdb/test/cluster.test.ts index f227293310bf3..a868ff2bf83e9 100644 --- a/packages/@aws-cdk/aws-docdb/test/cluster.test.ts +++ b/packages/@aws-cdk/aws-docdb/test/cluster.test.ts @@ -18,10 +18,8 @@ describe('DatabaseCluster', () => { username: 'admin', password: cdk.SecretValue.plainText('tooshort'), }, - instanceProps: { - instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.SMALL), - vpc, - }, + instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.SMALL), + vpc, }); // THEN @@ -63,10 +61,8 @@ describe('DatabaseCluster', () => { username: 'admin', password: cdk.SecretValue.plainText('tooshort'), }, - instanceProps: { - instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.SMALL), - vpc, - }, + instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.SMALL), + vpc, }); // THEN @@ -90,10 +86,8 @@ describe('DatabaseCluster', () => { masterUser: { username: 'admin', }, - instanceProps: { - vpc, - instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.LARGE), - }, + vpc, + instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.LARGE), }); }).toThrowError('At least one instance is required'); }); @@ -112,12 +106,10 @@ describe('DatabaseCluster', () => { masterUser: { username: 'admin', }, - instanceProps: { - vpc, - instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.LARGE), - vpcSubnets: { - subnetType: ec2.SubnetType.PRIVATE, - }, + vpc, + instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.LARGE), + vpcSubnets: { + subnetType: ec2.SubnetType.PRIVATE, }, }); }).toThrowError('Cluster requires at least 2 subnets, got 1'); @@ -134,10 +126,8 @@ describe('DatabaseCluster', () => { masterUser: { username: 'admin', }, - instanceProps: { - instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.SMALL), - vpc, - }, + instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.SMALL), + vpc, }); // THEN @@ -163,11 +153,9 @@ describe('DatabaseCluster', () => { username: 'admin', password: cdk.SecretValue.plainText('tooshort'), }, - instanceProps: { - instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.SMALL), - vpc, - securityGroup: sg, - }, + instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.SMALL), + vpc, + securityGroup: sg, }); // THEN @@ -197,10 +185,8 @@ describe('DatabaseCluster', () => { username: 'admin', password: cdk.SecretValue.plainText('tooshort'), }, - instanceProps: { - instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.SMALL), - vpc, - }, + instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.SMALL), + vpc, parameterGroup: group, }); @@ -223,10 +209,8 @@ describe('DatabaseCluster', () => { username: 'admin', password: cdk.SecretValue.plainText('tooshort'), }, - instanceProps: { - instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.SMALL), - vpc, - }, + instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.SMALL), + vpc, parameterGroup: group, }); @@ -246,10 +230,8 @@ describe('DatabaseCluster', () => { masterUser: { username: 'admin', }, - instanceProps: { - instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.SMALL), - vpc, - }, + instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.SMALL), + vpc, }); // THEN @@ -300,10 +282,8 @@ describe('DatabaseCluster', () => { masterUser: { username: 'admin', }, - instanceProps: { - instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.SMALL), - vpc, - }, + instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.SMALL), + vpc, kmsKey: new kms.Key(stack, 'Key'), }); @@ -329,10 +309,8 @@ describe('DatabaseCluster', () => { masterUser: { username: 'admin', }, - instanceProps: { - instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.SMALL), - vpc, - }, + instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.SMALL), + vpc, }); // THEN @@ -352,10 +330,8 @@ describe('DatabaseCluster', () => { masterUser: { username: 'admin', }, - instanceProps: { - instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.SMALL), - vpc, - }, + instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.SMALL), + vpc, kmsKey: new kms.Key(stack, 'Key'), storageEncrypted: false, }); @@ -375,10 +351,8 @@ describe('DatabaseCluster', () => { masterUser: { username: 'admin', }, - instanceProps: { - instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.SMALL), - vpc, - }, + instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE2, ec2.InstanceSize.SMALL), + vpc, }); // THEN @@ -396,10 +370,8 @@ describe('DatabaseCluster', () => { masterUser: { username: 'admin', }, - instanceProps: { - vpc, - instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.SMALL), - }, + vpc, + instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.SMALL), instanceIdentifierBase, }); @@ -420,10 +392,8 @@ describe('DatabaseCluster', () => { masterUser: { username: 'admin', }, - instanceProps: { - vpc, - instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.SMALL), - }, + vpc, + instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.SMALL), dbClusterName: clusterIdentifier, }); @@ -494,10 +464,8 @@ describe('DatabaseCluster', () => { masterUser: { username: 'admin', }, - instanceProps: { - vpc, - instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.SMALL), - }, + vpc, + instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.SMALL), backup: { retention: cdk.Duration.days(20), }, @@ -519,10 +487,8 @@ describe('DatabaseCluster', () => { masterUser: { username: 'admin', }, - instanceProps: { - vpc, - instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.SMALL), - }, + vpc, + instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.SMALL), backup: { retention: cdk.Duration.days(20), preferredWindow: '07:34-08:04', @@ -546,10 +512,8 @@ describe('DatabaseCluster', () => { masterUser: { username: 'admin', }, - instanceProps: { - vpc, - instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.SMALL), - }, + vpc, + instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.SMALL), preferredMaintenanceWindow: '07:34-08:04', }); @@ -567,10 +531,8 @@ describe('DatabaseCluster', () => { masterUser: { username: 'admin', }, - instanceProps: { - vpc, - instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.SMALL), - }, + vpc, + instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.SMALL), }); // WHEN @@ -630,10 +592,8 @@ describe('DatabaseCluster', () => { username: 'admin', password: cdk.SecretValue.plainText('secret'), }, - instanceProps: { - vpc, - instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.SMALL), - }, + vpc, + instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.SMALL), }); // WHEN @@ -653,10 +613,8 @@ describe('DatabaseCluster', () => { masterUser: { username: 'admin', }, - instanceProps: { - vpc, - instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.SMALL), - }, + vpc, + instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.SMALL), }); // WHEN @@ -677,10 +635,8 @@ describe('DatabaseCluster', () => { masterUser: { username: 'admin', }, - instanceProps: { - vpc, - instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.SMALL), - }, + vpc, + instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.SMALL), }); const userSecret = new DatabaseSecret(stack, 'UserSecret', { username: 'seconduser', @@ -749,10 +705,8 @@ describe('DatabaseCluster', () => { username: 'admin', password: cdk.SecretValue.plainText('secret'), }, - instanceProps: { - vpc, - instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.SMALL), - }, + vpc, + instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.SMALL), }); const userSecret = new DatabaseSecret(stack, 'UserSecret', { username: 'seconduser', diff --git a/packages/@aws-cdk/aws-docdb/test/instance.test.ts b/packages/@aws-cdk/aws-docdb/test/instance.test.ts index b3785e700ca01..afb16ef61a773 100644 --- a/packages/@aws-cdk/aws-docdb/test/instance.test.ts +++ b/packages/@aws-cdk/aws-docdb/test/instance.test.ts @@ -17,7 +17,7 @@ describe('DatabaseInstance', () => { // WHEN new DatabaseInstance(stack, 'Instance', { cluster: stack.cluster, - instanceClass: SINGLE_INSTANCE_TYPE, + instanceType: SINGLE_INSTANCE_TYPE, }); // THEN @@ -43,7 +43,7 @@ describe('DatabaseInstance', () => { // WHEN new DatabaseInstance(stack, 'Instance', { cluster: stack.cluster, - instanceClass: SINGLE_INSTANCE_TYPE, + instanceType: SINGLE_INSTANCE_TYPE, autoMinorVersionUpgrade: given, }); @@ -64,7 +64,7 @@ describe('DatabaseInstance', () => { const stack = testStack(); const instance = new DatabaseInstance(stack, 'Instance', { cluster: stack.cluster, - instanceClass: SINGLE_INSTANCE_TYPE, + instanceType: SINGLE_INSTANCE_TYPE, }); const exportName = 'DbInstanceEndpoint'; @@ -95,7 +95,7 @@ describe('DatabaseInstance', () => { const stack = testStack(); const instance = new DatabaseInstance(stack, 'Instance', { cluster: stack.cluster, - instanceClass: SINGLE_INSTANCE_TYPE, + instanceType: SINGLE_INSTANCE_TYPE, }); const exportName = 'DbInstanceArn'; @@ -182,10 +182,8 @@ class TestStack extends cdk.Stack { username: 'admin', password: cdk.SecretValue.plainText('tooshort'), }, - instanceProps: { - instanceType: CLUSTER_INSTANCE_TYPE, - vpc: this.vpc, - }, + instanceType: CLUSTER_INSTANCE_TYPE, + vpc: this.vpc, }); } } diff --git a/packages/@aws-cdk/aws-docdb/test/integ.cluster-rotation.lit.ts b/packages/@aws-cdk/aws-docdb/test/integ.cluster-rotation.lit.ts index e8c6ed141e1f9..ae655dd213a4d 100644 --- a/packages/@aws-cdk/aws-docdb/test/integ.cluster-rotation.lit.ts +++ b/packages/@aws-cdk/aws-docdb/test/integ.cluster-rotation.lit.ts @@ -20,10 +20,8 @@ const cluster = new docdb.DatabaseCluster(stack, 'Database', { masterUser: { username: 'docdb', }, - instanceProps: { - instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.LARGE), - vpc, - }, + instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.LARGE), + vpc, removalPolicy: cdk.RemovalPolicy.DESTROY, }); diff --git a/packages/@aws-cdk/aws-docdb/test/integ.cluster.ts b/packages/@aws-cdk/aws-docdb/test/integ.cluster.ts index 5e7b2049507aa..084502d0dae65 100644 --- a/packages/@aws-cdk/aws-docdb/test/integ.cluster.ts +++ b/packages/@aws-cdk/aws-docdb/test/integ.cluster.ts @@ -35,11 +35,9 @@ class TestStack extends cdk.Stack { username: 'docdb', password: cdk.SecretValue.plainText('7959866cacc02c2d243ecfe177464fe6'), }, - instanceProps: { - instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.LARGE), - vpcSubnets: { subnetType: ec2.SubnetType.PUBLIC }, - vpc, - }, + instanceType: ec2.InstanceType.of(ec2.InstanceClass.R5, ec2.InstanceSize.LARGE), + vpcSubnets: { subnetType: ec2.SubnetType.PUBLIC }, + vpc, parameterGroup: params, kmsKey, removalPolicy: cdk.RemovalPolicy.DESTROY, From 8571008884df8e048754fc4e0cfdf06ab20f0149 Mon Sep 17 00:00:00 2001 From: Rico Huijbers Date: Tue, 30 Mar 2021 15:04:54 +0200 Subject: [PATCH 052/260] feat(globalaccelerator): stabilize AWS Global Accelerator module (#13843) There are a number of changes to this module, made in order to stabilize it. The changes are as follows: * Endpoints as constructs would only work in TypeScript; they have been moved out as integration classes into `aws-globalaccelerator-endpoints` in order to support languages like Java and C#. * The automatic naming algorithm has been changed to reduce chances of conflict. * There are now convenience methods, `addListener()` and `addEndpointGroup()` that will create the appropriate objects, as alternatives to `new Listener()` and `new EndpointGroup()`. * EndpointGroups can take a list of `endpoints` in the constructor. * A Listener's `toPort` is optional (and defaults to `fromPort` if not supplied). * Support all the EndpointGroup properties. * An EndpointGroup's `region` is automatically determined from its configured endpoints, if possible. * The looked-up SecurityGroup is no longer accessible as a full Security Group, it can just be reference as a Peer (modifying the rules is not recommended by AGA and should not be allowed from the CDK). Changes to other libraries made to support this: * core, elbv2: imported Load Balancers now are aware of the region and account they were actually imported from, in order to be able to make `region` implicit in the AGA API. BREAKING CHANGE: automatic naming algorithm has been changed: if you have existing Accelerators you will need to pass an explicit name to prevent them from being replaced. All endpoints are now added by calling `addEndpoint()` with a target-specific class that can be found in `@aws-cdk/aws-globalaccelerator-endpoints`. The generated Security Group is now looked up by calling `endpointGroup.connectionsPeer()`. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-ec2/lib/peer.ts | 2 +- .../aws-ecs-patterns/test/ec2/test.l3s.ts | 4 +- .../test.load-balanced-fargate-service.ts | 4 +- .../lib/alb/application-load-balancer.ts | 9 +- .../lib/nlb/network-load-balancer.ts | 4 +- .../test/alb/load-balancer.test.ts | 19 +- .../test/nlb/load-balancer.test.ts | 18 +- .../.eslintrc.js | 3 + .../.gitignore | 22 ++ .../.npmignore | 27 ++ .../aws-globalaccelerator-endpoints/LICENSE | 201 +++++++++++++ .../aws-globalaccelerator-endpoints/NOTICE | 2 + .../aws-globalaccelerator-endpoints/README.md | 18 ++ .../jest.config.js | 11 + .../lib/_util.ts | 7 + .../lib/alb.ts | 50 ++++ .../lib/eip.ts | 38 +++ .../lib/index.ts | 4 + .../lib/instance.ts | 51 ++++ .../lib/nlb.ts | 36 +++ .../package.json | 105 +++++++ .../test/endpoints.test.ts | 183 ++++++++++++ .../integ.globalaccelerator.expected.json | 263 +++++++++++++++--- .../test/integ.globalaccelerator.ts | 29 +- .../@aws-cdk/aws-globalaccelerator/README.md | 217 +++++++++------ ...roup.ts => _accelerator-security-group.ts} | 37 ++- .../aws-globalaccelerator/lib/accelerator.ts | 15 +- .../lib/endpoint-group.ts | 254 ++++++++--------- .../aws-globalaccelerator/lib/endpoint.ts | 87 ++++++ .../aws-globalaccelerator/lib/index.ts | 2 +- .../aws-globalaccelerator/lib/listener.ts | 61 ++-- .../aws-globalaccelerator/package.json | 5 +- .../globalaccelerator-security-group.test.ts | 21 +- .../test/globalaccelerator.test.ts | 152 +++++----- .../aws-globalaccelerator/test/util.ts | 51 +--- packages/@aws-cdk/core/lib/resource.ts | 22 +- packages/@aws-cdk/core/test/resource.test.ts | 20 +- packages/aws-cdk-lib/package.json | 1 + packages/decdk/package.json | 1 + packages/monocdk/package.json | 1 + 40 files changed, 1602 insertions(+), 455 deletions(-) create mode 100644 packages/@aws-cdk/aws-globalaccelerator-endpoints/.eslintrc.js create mode 100644 packages/@aws-cdk/aws-globalaccelerator-endpoints/.gitignore create mode 100644 packages/@aws-cdk/aws-globalaccelerator-endpoints/.npmignore create mode 100644 packages/@aws-cdk/aws-globalaccelerator-endpoints/LICENSE create mode 100644 packages/@aws-cdk/aws-globalaccelerator-endpoints/NOTICE create mode 100644 packages/@aws-cdk/aws-globalaccelerator-endpoints/README.md create mode 100644 packages/@aws-cdk/aws-globalaccelerator-endpoints/jest.config.js create mode 100644 packages/@aws-cdk/aws-globalaccelerator-endpoints/lib/_util.ts create mode 100644 packages/@aws-cdk/aws-globalaccelerator-endpoints/lib/alb.ts create mode 100644 packages/@aws-cdk/aws-globalaccelerator-endpoints/lib/eip.ts create mode 100644 packages/@aws-cdk/aws-globalaccelerator-endpoints/lib/index.ts create mode 100644 packages/@aws-cdk/aws-globalaccelerator-endpoints/lib/instance.ts create mode 100644 packages/@aws-cdk/aws-globalaccelerator-endpoints/lib/nlb.ts create mode 100644 packages/@aws-cdk/aws-globalaccelerator-endpoints/package.json create mode 100644 packages/@aws-cdk/aws-globalaccelerator-endpoints/test/endpoints.test.ts rename packages/@aws-cdk/{aws-globalaccelerator => aws-globalaccelerator-endpoints}/test/integ.globalaccelerator.expected.json (79%) rename packages/@aws-cdk/{aws-globalaccelerator => aws-globalaccelerator-endpoints}/test/integ.globalaccelerator.ts (63%) rename packages/@aws-cdk/aws-globalaccelerator/lib/{accelerator-security-group.ts => _accelerator-security-group.ts} (72%) create mode 100644 packages/@aws-cdk/aws-globalaccelerator/lib/endpoint.ts diff --git a/packages/@aws-cdk/aws-ec2/lib/peer.ts b/packages/@aws-cdk/aws-ec2/lib/peer.ts index 7bd343b6f2828..333bd66bc91a9 100644 --- a/packages/@aws-cdk/aws-ec2/lib/peer.ts +++ b/packages/@aws-cdk/aws-ec2/lib/peer.ts @@ -198,4 +198,4 @@ class PrefixList implements IPeer { public toEgressRuleConfig(): any { return { destinationPrefixListId: this.prefixListId }; } -} \ No newline at end of file +} diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/test.l3s.ts b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/test.l3s.ts index d41a7684fd677..fa1d71cdb6d4a 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/test/ec2/test.l3s.ts +++ b/packages/@aws-cdk/aws-ecs-patterns/test/ec2/test.l3s.ts @@ -1198,7 +1198,7 @@ export = { 'NetworkLoadBalancedEC2Service accepts imported load balancer'(test: Test) { // GIVEN const stack = new cdk.Stack(); - const nlbArn = 'arn:aws:elasticloadbalancing::000000000000::dummyloadbalancer'; + const nlbArn = 'arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188'; const vpc = new ec2.Vpc(stack, 'Vpc'); const cluster = new ecs.Cluster(stack, 'Cluster', { vpc, clusterName: 'MyCluster' }); cluster.addCapacity('Capacity', { instanceType: new ec2.InstanceType('t2.micro') }); @@ -1274,7 +1274,7 @@ export = { 'ApplicationLoadBalancedEC2Service accepts imported load balancer'(test: Test) { // GIVEN const stack = new cdk.Stack(); - const albArn = 'arn:aws:elasticloadbalancing::000000000000::dummyloadbalancer'; + const albArn = 'arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188'; const vpc = new ec2.Vpc(stack, 'Vpc'); const cluster = new ecs.Cluster(stack, 'Cluster', { vpc, clusterName: 'MyCluster' }); cluster.addCapacity('Capacity', { instanceType: new ec2.InstanceType('t2.micro') }); diff --git a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/test.load-balanced-fargate-service.ts b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/test.load-balanced-fargate-service.ts index 3a17962c8b230..e7e847fb5cf45 100644 --- a/packages/@aws-cdk/aws-ecs-patterns/test/fargate/test.load-balanced-fargate-service.ts +++ b/packages/@aws-cdk/aws-ecs-patterns/test/fargate/test.load-balanced-fargate-service.ts @@ -810,7 +810,7 @@ export = { const stack1 = new cdk.Stack(app, 'MyStack'); const vpc1 = new ec2.Vpc(stack1, 'VPC'); const cluster1 = new ecs.Cluster(stack1, 'Cluster', { vpc: vpc1 }); - const nlbArn = 'arn:aws:elasticloadbalancing::000000000000::dummyloadbalancer'; + const nlbArn = 'arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188'; const stack2 = new cdk.Stack(stack1, 'Stack2'); const cluster2 = ecs.Cluster.fromClusterAttributes(stack2, 'ImportedCluster', { vpc: vpc1, @@ -887,7 +887,7 @@ export = { 'passing in imported application load balancer and resources to ALB Fargate Service'(test: Test) { // GIVEN const stack1 = new cdk.Stack(); - const albArn = 'arn:aws:elasticloadbalancing::000000000000::dummyloadbalancer'; + const albArn = 'arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188'; const vpc = new ec2.Vpc(stack1, 'Vpc'); const cluster = new ecs.Cluster(stack1, 'Cluster', { vpc, clusterName: 'MyClusterName' }); const sg = new ec2.SecurityGroup(stack1, 'SecurityGroup', { vpc }); diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/alb/application-load-balancer.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/alb/application-load-balancer.ts index 4ad4dcb5fa081..d686396d5e9e0 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/alb/application-load-balancer.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/alb/application-load-balancer.ts @@ -562,7 +562,10 @@ class ImportedApplicationLoadBalancer extends Resource implements IApplicationLo public readonly vpc?: ec2.IVpc; constructor(scope: Construct, id: string, private readonly props: ApplicationLoadBalancerAttributes) { - super(scope, id); + super(scope, id, { + environmentFromArn: props.loadBalancerArn, + }); + this.vpc = props.vpc; this.loadBalancerArn = props.loadBalancerArn; this.connections = new ec2.Connections({ @@ -601,7 +604,9 @@ class LookedUpApplicationLoadBalancer extends Resource implements IApplicationLo public readonly vpc?: ec2.IVpc; constructor(scope: Construct, id: string, props: cxapi.LoadBalancerContextResponse) { - super(scope, id); + super(scope, id, { + environmentFromArn: props.loadBalancerArn, + }); this.loadBalancerArn = props.loadBalancerArn; this.loadBalancerCanonicalHostedZoneId = props.loadBalancerCanonicalHostedZoneId; diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts index d6f7858114102..5261a3ce8a63d 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/nlb/network-load-balancer.ts @@ -102,7 +102,7 @@ export class NetworkLoadBalancer extends BaseLoadBalancer implements INetworkLoa } } - return new Import(scope, id); + return new Import(scope, id, { environmentFromArn: attrs.loadBalancerArn }); } constructor(scope: Construct, id: string, props: NetworkLoadBalancerProps) { @@ -306,7 +306,7 @@ class LookedUpNetworkLoadBalancer extends Resource implements INetworkLoadBalanc public readonly vpc?: ec2.IVpc; constructor(scope: Construct, id: string, props: cxapi.LoadBalancerContextResponse) { - super(scope, id); + super(scope, id, { environmentFromArn: props.loadBalancerArn }); this.loadBalancerArn = props.loadBalancerArn; this.loadBalancerCanonicalHostedZoneId = props.loadBalancerCanonicalHostedZoneId; diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/test/alb/load-balancer.test.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2/test/alb/load-balancer.test.ts index f017a4a67f3fa..1ae34a272dac4 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/test/alb/load-balancer.test.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/test/alb/load-balancer.test.ts @@ -284,7 +284,7 @@ describe('tests', () => { // GIVEN const stack = new cdk.Stack(); const vpc = new ec2.Vpc(stack, 'Vpc'); - const albArn = 'myArn'; + const albArn = 'arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188'; const sg = new ec2.SecurityGroup(stack, 'sg', { vpc, securityGroupName: 'mySg', @@ -303,7 +303,7 @@ describe('tests', () => { // GIVEN const stack = new cdk.Stack(); const vpc = new ec2.Vpc(stack, 'Vpc'); - const albArn = 'MyArn'; + const albArn = 'arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188'; const sg = new ec2.SecurityGroup(stack, 'sg', { vpc, securityGroupName: 'mySg', @@ -319,6 +319,20 @@ describe('tests', () => { expect(() => listener.addTargets('Targets', { port: 8080 })).not.toThrow(); }); + test('imported load balancer knows its region', () => { + const stack = new cdk.Stack(); + + // WHEN + const albArn = 'arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188'; + const alb = elbv2.ApplicationLoadBalancer.fromApplicationLoadBalancerAttributes(stack, 'ALB', { + loadBalancerArn: albArn, + securityGroupId: 'sg-1234', + }); + + // THEN + expect(alb.env.region).toEqual('us-west-2'); + }); + test('can add secondary security groups', () => { const stack = new cdk.Stack(); const vpc = new ec2.Vpc(stack, 'Stack'); @@ -364,6 +378,7 @@ describe('tests', () => { expect(loadBalancer.loadBalancerDnsName).toEqual('my-load-balancer-1234567890.us-west-2.elb.amazonaws.com'); expect(loadBalancer.ipAddressType).toEqual(elbv2.IpAddressType.DUAL_STACK); expect(loadBalancer.connections.securityGroups[0].securityGroupId).toEqual('sg-12345'); + expect(loadBalancer.env.region).toEqual('us-west-2'); }); test('Can add listeners to a looked-up ApplicationLoadBalancer', () => { diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/test/nlb/load-balancer.test.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2/test/nlb/load-balancer.test.ts index 546b88ab7d541..bb9e6a30ddecd 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/test/nlb/load-balancer.test.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/test/nlb/load-balancer.test.ts @@ -227,7 +227,7 @@ describe('tests', () => { test('imported network load balancer with no vpc specified throws error when calling addTargets', () => { // GIVEN const stack = new cdk.Stack(); - const nlbArn = 'arn:aws:elasticloadbalancing::000000000000::dummyloadbalancer'; + const nlbArn = 'arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188'; const nlb = elbv2.NetworkLoadBalancer.fromNetworkLoadBalancerAttributes(stack, 'NLB', { loadBalancerArn: nlbArn, }); @@ -240,7 +240,7 @@ describe('tests', () => { // GIVEN const stack = new cdk.Stack(); const vpc = new ec2.Vpc(stack, 'Vpc'); - const nlbArn = 'arn:aws:elasticloadbalancing::000000000000::dummyloadbalancer'; + const nlbArn = 'arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188'; const nlb = elbv2.NetworkLoadBalancer.fromNetworkLoadBalancerAttributes(stack, 'NLB', { loadBalancerArn: nlbArn, vpc, @@ -250,6 +250,19 @@ describe('tests', () => { expect(() => listener.addTargets('targetgroup', { port: 8080 })).not.toThrow(); }); + test('imported load balancer knows its region', () => { + const stack = new cdk.Stack(); + + // WHEN + const albArn = 'arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188'; + const alb = elbv2.NetworkLoadBalancer.fromNetworkLoadBalancerAttributes(stack, 'ALB', { + loadBalancerArn: albArn, + }); + + // THEN + expect(alb.env.region).toEqual('us-west-2'); + }); + test('Trivial construction: internal with Isolated subnets only', () => { // GIVEN const stack = new cdk.Stack(); @@ -429,6 +442,7 @@ describe('tests', () => { expect(loadBalancer.loadBalancerArn).toEqual('arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/network/my-load-balancer/50dc6c495c0c9188'); expect(loadBalancer.loadBalancerCanonicalHostedZoneId).toEqual('Z3DZXE0EXAMPLE'); expect(loadBalancer.loadBalancerDnsName).toEqual('my-load-balancer-1234567890.us-west-2.elb.amazonaws.com'); + expect(loadBalancer.env.region).toEqual('us-west-2'); }); test('Can add listeners to a looked-up NetworkLoadBalancer', () => { diff --git a/packages/@aws-cdk/aws-globalaccelerator-endpoints/.eslintrc.js b/packages/@aws-cdk/aws-globalaccelerator-endpoints/.eslintrc.js new file mode 100644 index 0000000000000..61dd8dd001f63 --- /dev/null +++ b/packages/@aws-cdk/aws-globalaccelerator-endpoints/.eslintrc.js @@ -0,0 +1,3 @@ +const baseConfig = require('cdk-build-tools/config/eslintrc'); +baseConfig.parserOptions.project = __dirname + '/tsconfig.json'; +module.exports = baseConfig; diff --git a/packages/@aws-cdk/aws-globalaccelerator-endpoints/.gitignore b/packages/@aws-cdk/aws-globalaccelerator-endpoints/.gitignore new file mode 100644 index 0000000000000..2ed02868c78fb --- /dev/null +++ b/packages/@aws-cdk/aws-globalaccelerator-endpoints/.gitignore @@ -0,0 +1,22 @@ +*.js +tsconfig.json +*.js.map +*.d.ts +*.generated.ts +dist +lib/generated/resources.ts +.jsii + +.LAST_BUILD +.nyc_output +coverage +nyc.config.js +.LAST_PACKAGE +*.snk +.cdk.staging + +lib/sdk-api-metadata.json +!.eslintrc.js +!jest.config.js + +junit.xml \ No newline at end of file diff --git a/packages/@aws-cdk/aws-globalaccelerator-endpoints/.npmignore b/packages/@aws-cdk/aws-globalaccelerator-endpoints/.npmignore new file mode 100644 index 0000000000000..63ab95621c764 --- /dev/null +++ b/packages/@aws-cdk/aws-globalaccelerator-endpoints/.npmignore @@ -0,0 +1,27 @@ +# Don't include original .ts files when doing `npm pack` +*.ts +!*.d.ts +coverage +.nyc_output +*.tgz + +dist +.LAST_PACKAGE +.LAST_BUILD +!*.js + +# Include .jsii +!.jsii + +*.snk + +*.tsbuildinfo + +tsconfig.json +.eslintrc.js +jest.config.js + +# exclude cdk artifacts +**/cdk.out +junit.xml +test/ \ No newline at end of file diff --git a/packages/@aws-cdk/aws-globalaccelerator-endpoints/LICENSE b/packages/@aws-cdk/aws-globalaccelerator-endpoints/LICENSE new file mode 100644 index 0000000000000..28e4bdcec77ec --- /dev/null +++ b/packages/@aws-cdk/aws-globalaccelerator-endpoints/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright 2018-2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/packages/@aws-cdk/aws-globalaccelerator-endpoints/NOTICE b/packages/@aws-cdk/aws-globalaccelerator-endpoints/NOTICE new file mode 100644 index 0000000000000..5fc3826926b5b --- /dev/null +++ b/packages/@aws-cdk/aws-globalaccelerator-endpoints/NOTICE @@ -0,0 +1,2 @@ +AWS Cloud Development Kit (AWS CDK) +Copyright 2018-2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. diff --git a/packages/@aws-cdk/aws-globalaccelerator-endpoints/README.md b/packages/@aws-cdk/aws-globalaccelerator-endpoints/README.md new file mode 100644 index 0000000000000..d4fe7f8159b5d --- /dev/null +++ b/packages/@aws-cdk/aws-globalaccelerator-endpoints/README.md @@ -0,0 +1,18 @@ +# Endpoints for AWS Global Accelerator + + +--- + +![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) + +--- + + + +This library contains integration classes to reference endpoints in AWS +Global Accelerator. Instances of these classes should be passed to the +`endpointGroup.addEndpoint()` method. + +See the README of the `@aws-cdk/aws-globalaccelerator` library for more information on +AWS Global Accelerator, and examples of all the integration classes available in +this module. diff --git a/packages/@aws-cdk/aws-globalaccelerator-endpoints/jest.config.js b/packages/@aws-cdk/aws-globalaccelerator-endpoints/jest.config.js new file mode 100644 index 0000000000000..49e81658a0875 --- /dev/null +++ b/packages/@aws-cdk/aws-globalaccelerator-endpoints/jest.config.js @@ -0,0 +1,11 @@ +const baseConfig = require('cdk-build-tools/config/jest.config'); +module.exports = { + ...baseConfig, + coverageThreshold: { + global: { + ...baseConfig.coverageThreshold.global, + branches: 50, + }, + }, +}; + diff --git a/packages/@aws-cdk/aws-globalaccelerator-endpoints/lib/_util.ts b/packages/@aws-cdk/aws-globalaccelerator-endpoints/lib/_util.ts new file mode 100644 index 0000000000000..aee44257d056b --- /dev/null +++ b/packages/@aws-cdk/aws-globalaccelerator-endpoints/lib/_util.ts @@ -0,0 +1,7 @@ +import { Token } from '@aws-cdk/core'; + +export function validateWeight(x?: number) { + if (x !== undefined && !Token.isUnresolved(x) && (x < 0 || x > 255)) { + throw new Error(`'weight' must be between 0 and 255, got: ${x}`); + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-globalaccelerator-endpoints/lib/alb.ts b/packages/@aws-cdk/aws-globalaccelerator-endpoints/lib/alb.ts new file mode 100644 index 0000000000000..1c4f618c16235 --- /dev/null +++ b/packages/@aws-cdk/aws-globalaccelerator-endpoints/lib/alb.ts @@ -0,0 +1,50 @@ +import * as elbv2 from '@aws-cdk/aws-elasticloadbalancingv2'; +import * as ga from '@aws-cdk/aws-globalaccelerator'; +import { validateWeight } from './_util'; + +/** + * Properties for a ApplicationLoadBalancerEndpoint + */ +export interface ApplicationLoadBalancerEndpointOptions { + /** + * Endpoint weight across all endpoints in the group + * + * Must be a value between 0 and 255. + * + * @default 128 + */ + readonly weight?: number; + + /** + * Forward the client IP address in an `X-Forwarded-For` header + * + * GlobalAccelerator will create Network Interfaces in your VPC in order + * to preserve the client IP address. + * + * Client IP address preservation is supported only in specific AWS Regions. + * See the GlobalAccelerator Developer Guide for a list. + * + * @default true if available + */ + readonly preserveClientIp?: boolean; +} + +/** + * Use an Application Load Balancer as a Global Accelerator Endpoint + */ +export class ApplicationLoadBalancerEndpoint implements ga.IEndpoint { + public readonly region?: string; + + constructor(private readonly loadBalancer: elbv2.IApplicationLoadBalancer, private readonly options: ApplicationLoadBalancerEndpointOptions = {}) { + validateWeight(options.weight); + this.region = loadBalancer.env.region; + } + + public renderEndpointConfiguration(): any { + return { + endpointId: this.loadBalancer.loadBalancerArn, + weight: this.options.weight, + clientIpPreservationEnabled: this.options.preserveClientIp, + } as ga.CfnEndpointGroup.EndpointConfigurationProperty; + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-globalaccelerator-endpoints/lib/eip.ts b/packages/@aws-cdk/aws-globalaccelerator-endpoints/lib/eip.ts new file mode 100644 index 0000000000000..924eb391efc0b --- /dev/null +++ b/packages/@aws-cdk/aws-globalaccelerator-endpoints/lib/eip.ts @@ -0,0 +1,38 @@ +import * as ec2 from '@aws-cdk/aws-ec2'; +import * as ga from '@aws-cdk/aws-globalaccelerator'; +import { Stack } from '@aws-cdk/core'; +import { validateWeight } from './_util'; + +/** + * Properties for a NetworkLoadBalancerEndpoint + */ +export interface CfnEipEndpointProps { + /** + * Endpoint weight across all endpoints in the group + * + * Must be a value between 0 and 255. + * + * @default 128 + */ + readonly weight?: number; +} + +/** + * Use an EC2 Instance as a Global Accelerator Endpoint + */ +export class CfnEipEndpoint implements ga.IEndpoint { + public readonly region?: string; + + constructor(private readonly eip: ec2.CfnEIP, private readonly options: CfnEipEndpointProps = {}) { + validateWeight(options.weight); + + this.region = Stack.of(eip).region; + } + + public renderEndpointConfiguration(): any { + return { + endpointId: this.eip.attrAllocationId, + weight: this.options.weight, + } as ga.CfnEndpointGroup.EndpointConfigurationProperty; + } +} diff --git a/packages/@aws-cdk/aws-globalaccelerator-endpoints/lib/index.ts b/packages/@aws-cdk/aws-globalaccelerator-endpoints/lib/index.ts new file mode 100644 index 0000000000000..4286ae4cbd68c --- /dev/null +++ b/packages/@aws-cdk/aws-globalaccelerator-endpoints/lib/index.ts @@ -0,0 +1,4 @@ +export * from './alb'; +export * from './nlb'; +export * from './instance'; +export * from './eip'; \ No newline at end of file diff --git a/packages/@aws-cdk/aws-globalaccelerator-endpoints/lib/instance.ts b/packages/@aws-cdk/aws-globalaccelerator-endpoints/lib/instance.ts new file mode 100644 index 0000000000000..a5d16298ec514 --- /dev/null +++ b/packages/@aws-cdk/aws-globalaccelerator-endpoints/lib/instance.ts @@ -0,0 +1,51 @@ +import * as ec2 from '@aws-cdk/aws-ec2'; +import * as ga from '@aws-cdk/aws-globalaccelerator'; +import { validateWeight } from './_util'; + +/** + * Properties for a NetworkLoadBalancerEndpoint + */ +export interface InstanceEndpointProps { + /** + * Endpoint weight across all endpoints in the group + * + * Must be a value between 0 and 255. + * + * @default 128 + */ + readonly weight?: number; + + /** + * Forward the client IP address + * + * GlobalAccelerator will create Network Interfaces in your VPC in order + * to preserve the client IP address. + * + * Client IP address preservation is supported only in specific AWS Regions. + * See the GlobalAccelerator Developer Guide for a list. + * + * @default true if available + */ + readonly preserveClientIp?: boolean; +} + +/** + * Use an EC2 Instance as a Global Accelerator Endpoint + */ +export class InstanceEndpoint implements ga.IEndpoint { + public readonly region?: string; + + constructor(private readonly instance: ec2.IInstance, private readonly options: InstanceEndpointProps = {}) { + validateWeight(options.weight); + + this.region = instance.env.region; + } + + public renderEndpointConfiguration(): any { + return { + endpointId: this.instance.instanceId, + weight: this.options.weight, + clientIpPreservationEnabled: this.options.preserveClientIp, + } as ga.CfnEndpointGroup.EndpointConfigurationProperty; + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-globalaccelerator-endpoints/lib/nlb.ts b/packages/@aws-cdk/aws-globalaccelerator-endpoints/lib/nlb.ts new file mode 100644 index 0000000000000..f94bfff5f5357 --- /dev/null +++ b/packages/@aws-cdk/aws-globalaccelerator-endpoints/lib/nlb.ts @@ -0,0 +1,36 @@ +import * as elbv2 from '@aws-cdk/aws-elasticloadbalancingv2'; +import * as ga from '@aws-cdk/aws-globalaccelerator'; +import { validateWeight } from './_util'; + +/** + * Properties for a NetworkLoadBalancerEndpoint + */ +export interface NetworkLoadBalancerEndpointProps { + /** + * Endpoint weight across all endpoints in the group + * + * Must be a value between 0 and 255. + * + * @default 128 + */ + readonly weight?: number; +} + +/** + * Use a Network Load Balancer as a Global Accelerator Endpoint + */ +export class NetworkLoadBalancerEndpoint implements ga.IEndpoint { + public readonly region?: string; + + constructor(private readonly loadBalancer: elbv2.INetworkLoadBalancer, private readonly options: NetworkLoadBalancerEndpointProps = {}) { + validateWeight(options.weight); + this.region = loadBalancer.env.region; + } + + public renderEndpointConfiguration(): any { + return { + endpointId: this.loadBalancer.loadBalancerArn, + weight: this.options.weight, + } as ga.CfnEndpointGroup.EndpointConfigurationProperty; + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-globalaccelerator-endpoints/package.json b/packages/@aws-cdk/aws-globalaccelerator-endpoints/package.json new file mode 100644 index 0000000000000..fa8fc01ec835a --- /dev/null +++ b/packages/@aws-cdk/aws-globalaccelerator-endpoints/package.json @@ -0,0 +1,105 @@ +{ + "name": "@aws-cdk/aws-globalaccelerator-endpoints", + "version": "0.0.0", + "description": "Endpoints for AWS Global Accelerator", + "main": "lib/index.js", + "types": "lib/index.d.ts", + "jsii": { + "outdir": "dist", + "targets": { + "dotnet": { + "namespace": "Amazon.CDK.AWS.GlobalAccelerator.Endpoints", + "packageId": "Amazon.CDK.AWS.GlobalAccelerator.Endpoints", + "iconUrl": "https://raw.githubusercontent.com/aws/aws-cdk/master/logo/default-256-dark.png" + }, + "java": { + "package": "software.amazon.awscdk.services.globalaccelerator.endpoints", + "maven": { + "groupId": "software.amazon.awscdk", + "artifactId": "globalaccelerator-endpoints" + } + }, + "python": { + "distName": "aws-cdk.aws-globalaccelerator-endpoints", + "module": "aws_cdk.aws_globalaccelerator_endpoints", + "classifiers": [ + "Framework :: AWS CDK", + "Framework :: AWS CDK :: 1" + ] + } + }, + "projectReferences": true + }, + "repository": { + "type": "git", + "url": "https://github.com/aws/aws-cdk.git", + "directory": "packages/@aws-cdk/aws-globalaccelerator-endpoints" + }, + "scripts": { + "build": "cdk-build", + "watch": "cdk-watch", + "lint": "cdk-lint", + "test": "cdk-test", + "integ": "cdk-integ", + "pkglint": "pkglint -f", + "package": "cdk-package", + "awslint": "cdk-awslint", + "build+test+package": "yarn build+test && yarn package", + "build+test": "yarn build && yarn test", + "compat": "cdk-compat", + "rosetta:extract": "yarn --silent jsii-rosetta extract" + }, + "cdk-build": { + "jest": true, + "env": { + "AWSLINT_BASE_CONSTRUCT": true + } + }, + "keywords": [ + "aws", + "cdk", + "constructs", + "globalaccelerator" + ], + "author": { + "name": "Amazon Web Services", + "url": "https://aws.amazon.com", + "organization": true + }, + "license": "Apache-2.0", + "devDependencies": { + "@aws-cdk/assert": "0.0.0", + "aws-sdk": "^2.848.0", + "aws-sdk-mock": "^5.1.0", + "cdk-build-tools": "0.0.0", + "cdk-integ-tools": "0.0.0", + "jest": "^26.6.3", + "pkglint": "0.0.0" + }, + "dependencies": { + "@aws-cdk/aws-ec2": "0.0.0", + "@aws-cdk/aws-elasticloadbalancingv2": "0.0.0", + "@aws-cdk/aws-globalaccelerator": "0.0.0", + "@aws-cdk/core": "0.0.0", + "constructs": "^3.3.69" + }, + "homepage": "https://github.com/aws/aws-cdk", + "peerDependencies": { + "@aws-cdk/aws-ec2": "0.0.0", + "@aws-cdk/aws-elasticloadbalancingv2": "0.0.0", + "@aws-cdk/aws-globalaccelerator": "0.0.0", + "@aws-cdk/core": "0.0.0", + "constructs": "^3.3.69" + }, + "engines": { + "node": ">= 10.13.0 <13 || >=13.7.0" + }, + "stability": "stable", + "awscdkio": { + "announce": false + }, + "maturity": "stable", + "publishConfig": { + "tag": "latest" + } +} diff --git a/packages/@aws-cdk/aws-globalaccelerator-endpoints/test/endpoints.test.ts b/packages/@aws-cdk/aws-globalaccelerator-endpoints/test/endpoints.test.ts new file mode 100644 index 0000000000000..068d885c32586 --- /dev/null +++ b/packages/@aws-cdk/aws-globalaccelerator-endpoints/test/endpoints.test.ts @@ -0,0 +1,183 @@ +import '@aws-cdk/assert/jest'; +import * as ec2 from '@aws-cdk/aws-ec2'; +import * as elbv2 from '@aws-cdk/aws-elasticloadbalancingv2'; +import * as ga from '@aws-cdk/aws-globalaccelerator'; +import { Stack } from '@aws-cdk/core'; +import * as endpoints from '../lib'; + +let stack: Stack; +let vpc: ec2.Vpc; +let accelerator: ga.Accelerator; +let listener: ga.Listener; +beforeEach(() => { + stack = new Stack(); + vpc = new ec2.Vpc(stack, 'Vpc'); + + accelerator = new ga.Accelerator(stack, 'Accelerator'); + listener = accelerator.addListener('Listener', { + portRanges: [{ fromPort: 80 }], + }); +}); + +test('Application Load Balancer with all properties', () => { + // WHEN + const alb = new elbv2.ApplicationLoadBalancer(stack, 'ALB', { vpc, internetFacing: true }); + listener.addEndpointGroup('Group', { + endpoints: [ + new endpoints.ApplicationLoadBalancerEndpoint(alb, { + weight: 50, + preserveClientIp: true, + }), + ], + }); + + // THEN + expect(stack).toHaveResourceLike('AWS::GlobalAccelerator::EndpointGroup', { + EndpointConfigurations: [ + { + EndpointId: { Ref: 'ALBAEE750D2' }, + Weight: 50, + ClientIPPreservationEnabled: true, + }, + ], + }); +}); + +// Doesn't work yet because 'fromApplicationLoadBalancerAttributes' doesn't set the imported resource env +test('Get region from imported ALB', () => { + // WHEN + const alb = elbv2.ApplicationLoadBalancer.fromApplicationLoadBalancerAttributes(stack, 'ALB', { + loadBalancerArn: 'arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188', + securityGroupId: 'sg-1234', + }); + listener.addEndpointGroup('Group', { + endpoints: [ + new endpoints.ApplicationLoadBalancerEndpoint(alb), + ], + }); + + // THEN + expect(stack).toHaveResourceLike('AWS::GlobalAccelerator::EndpointGroup', { + EndpointGroupRegion: 'us-west-2', + EndpointConfigurations: [ + { + EndpointId: 'arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188', + }, + ], + }); +}); + +test('Network Load Balancer with all properties', () => { + // WHEN + const nlb = new elbv2.NetworkLoadBalancer(stack, 'NLB', { vpc, internetFacing: true }); + listener.addEndpointGroup('Group', { + endpoints: [ + new endpoints.NetworkLoadBalancerEndpoint(nlb, { + weight: 50, + }), + ], + }); + + // THEN + expect(stack).toHaveResourceLike('AWS::GlobalAccelerator::EndpointGroup', { + EndpointConfigurations: [ + { + EndpointId: { Ref: 'NLB55158F82' }, + Weight: 50, + }, + ], + }); +}); + +// Doesn't work yet because 'fromNetworkLoadBalancerAttributes' doesn't set the imported resource env +test('Get region from imported NLB', () => { + // WHEN + const nlb = elbv2.NetworkLoadBalancer.fromNetworkLoadBalancerAttributes(stack, 'NLB', { + loadBalancerArn: 'arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188', + }); + listener.addEndpointGroup('Group', { + endpoints: [ + new endpoints.NetworkLoadBalancerEndpoint(nlb), + ], + }); + + // THEN + expect(stack).toHaveResourceLike('AWS::GlobalAccelerator::EndpointGroup', { + EndpointGroupRegion: 'us-west-2', + EndpointConfigurations: [ + { + EndpointId: 'arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188', + }, + ], + }); +}); + +test('CFN EIP with all properties', () => { + // WHEN + const eip = new ec2.CfnEIP(stack, 'ElasticIpAddress'); + listener.addEndpointGroup('Group', { + endpoints: [ + new endpoints.CfnEipEndpoint(eip, { + weight: 50, + }), + ], + }); + + // THEN + expect(stack).toHaveResourceLike('AWS::GlobalAccelerator::EndpointGroup', { + EndpointConfigurations: [ + { + EndpointId: { 'Fn::GetAtt': ['ElasticIpAddress', 'AllocationId'] }, + Weight: 50, + }, + ], + }); +}); + +test('EC2 Instance with all properties', () => { + // WHEN + const instance = new ec2.Instance(stack, 'Instance', { + vpc, + machineImage: new ec2.AmazonLinuxImage(), + instanceType: new ec2.InstanceType('t3.small'), + }); + listener.addEndpointGroup('Group', { + endpoints: [ + new endpoints.InstanceEndpoint(instance, { + weight: 50, + preserveClientIp: true, + }), + ], + }); + + // THEN + expect(stack).toHaveResourceLike('AWS::GlobalAccelerator::EndpointGroup', { + EndpointConfigurations: [ + { + EndpointId: { Ref: 'InstanceC1063A87' }, + Weight: 50, + ClientIPPreservationEnabled: true, + }, + ], + }); +}); + +test('throws if weight is not in range', () => { + // WHEN + const instance = new ec2.Instance(stack, 'Instance', { + vpc, + machineImage: new ec2.AmazonLinuxImage(), + instanceType: new ec2.InstanceType('t3.small'), + }); + + expect(() => { + listener.addEndpointGroup('Group', { + endpoints: [ + new endpoints.InstanceEndpoint(instance, { + weight: 300, + preserveClientIp: true, + }), + ], + }); + }).toThrow(/'weight' must be between 0 and 255/); +}); \ No newline at end of file diff --git a/packages/@aws-cdk/aws-globalaccelerator/test/integ.globalaccelerator.expected.json b/packages/@aws-cdk/aws-globalaccelerator-endpoints/test/integ.globalaccelerator.expected.json similarity index 79% rename from packages/@aws-cdk/aws-globalaccelerator/test/integ.globalaccelerator.expected.json rename to packages/@aws-cdk/aws-globalaccelerator-endpoints/test/integ.globalaccelerator.expected.json index 6e141037d0f36..36f2af987a0e2 100644 --- a/packages/@aws-cdk/aws-globalaccelerator/test/integ.globalaccelerator.expected.json +++ b/packages/@aws-cdk/aws-globalaccelerator-endpoints/test/integ.globalaccelerator.expected.json @@ -453,7 +453,7 @@ "Accelerator8EB0B6B1": { "Type": "AWS::GlobalAccelerator::Accelerator", "Properties": { - "Name": "Accelerator", + "Name": "integglobalacceleratorAccelerator5D88FB42", "Enabled": true } }, @@ -476,50 +476,6 @@ "ClientAffinity": "NONE" } }, - "GroupC77FDACD": { - "Type": "AWS::GlobalAccelerator::EndpointGroup", - "Properties": { - "EndpointGroupRegion": { - "Ref": "AWS::Region" - }, - "ListenerArn": { - "Fn::GetAtt": [ - "Listener828B0E81", - "ListenerArn" - ] - }, - "EndpointConfigurations": [ - { - "EndpointId": { - "Ref": "ALBAEE750D2" - } - }, - { - "EndpointId": { - "Ref": "NLB55158F82" - } - }, - { - "EndpointId": { - "Fn::GetAtt": [ - "ElasticIpAddress", - "AllocationId" - ] - } - }, - { - "EndpointId": { - "Ref": "Instance008A4B15C" - } - }, - { - "EndpointId": { - "Ref": "Instance14BC3991D" - } - } - ] - } - }, "ALBAEE750D2": { "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", "Properties": { @@ -575,6 +531,27 @@ } } }, + "ALBSecurityGroupfromGlobalAcceleratorGroup4435D2AC398": { + "Type": "AWS::EC2::SecurityGroupIngress", + "Properties": { + "IpProtocol": "tcp", + "Description": "from GlobalAcceleratorGroup:443", + "FromPort": 443, + "GroupId": { + "Fn::GetAtt": [ + "ALBSecurityGroup8B8624F8", + "GroupId" + ] + }, + "SourceSecurityGroupId": { + "Fn::GetAtt": [ + "GroupPeerCustomResourceB3A15D36", + "SecurityGroups.0.GroupId" + ] + }, + "ToPort": 443 + } + }, "NLB55158F82": { "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", "Properties": { @@ -808,12 +785,208 @@ "DependsOn": [ "Instance1InstanceRoleBC4D05C6" ] + }, + "GroupC77FDACD": { + "Type": "AWS::GlobalAccelerator::EndpointGroup", + "Properties": { + "EndpointGroupRegion": { + "Ref": "AWS::Region" + }, + "ListenerArn": { + "Fn::GetAtt": [ + "Listener828B0E81", + "ListenerArn" + ] + }, + "EndpointConfigurations": [ + { + "EndpointId": { + "Ref": "ALBAEE750D2" + } + }, + { + "EndpointId": { + "Ref": "NLB55158F82" + } + }, + { + "EndpointId": { + "Fn::GetAtt": [ + "ElasticIpAddress", + "AllocationId" + ] + } + }, + { + "EndpointId": { + "Ref": "Instance008A4B15C" + } + }, + { + "EndpointId": { + "Ref": "Instance14BC3991D" + } + } + ] + } + }, + "GroupPeerCustomResourceCustomResourcePolicy42EF8263": { + "Type": "AWS::IAM::Policy", + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": "ec2:DescribeSecurityGroups", + "Effect": "Allow", + "Resource": "*" + } + ], + "Version": "2012-10-17" + }, + "PolicyName": "GroupPeerCustomResourceCustomResourcePolicy42EF8263", + "Roles": [ + { + "Ref": "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2" + } + ] + }, + "DependsOn": [ + "GroupC77FDACD" + ] + }, + "GroupPeerCustomResourceB3A15D36": { + "Type": "Custom::AWS", + "Properties": { + "ServiceToken": { + "Fn::GetAtt": [ + "AWS679f53fac002430cb0da5b7982bd22872D164C4C", + "Arn" + ] + }, + "Create": { + "Fn::Join": [ + "", + [ + "{\"service\":\"EC2\",\"action\":\"describeSecurityGroups\",\"parameters\":{\"Filters\":[{\"Name\":\"group-name\",\"Values\":[\"GlobalAccelerator\"]},{\"Name\":\"vpc-id\",\"Values\":[\"", + { + "Ref": "VPCB9E5F0B4" + }, + "\"]}]},\"physicalResourceId\":{\"responsePath\":\"SecurityGroups.0.GroupId\"}}" + ] + ] + }, + "InstallLatestAwsSdk": true + }, + "DependsOn": [ + "GroupPeerCustomResourceCustomResourcePolicy42EF8263", + "GroupC77FDACD" + ], + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + }, + "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + } + } + ], + "Version": "2012-10-17" + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition" + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ] + ] + } + ] + } + }, + "AWS679f53fac002430cb0da5b7982bd22872D164C4C": { + "Type": "AWS::Lambda::Function", + "Properties": { + "Code": { + "S3Bucket": { + "Ref": "AssetParameters0625b1566df06e0ffd948f0f65f97a3d22d48242e66196d3f72b480f5309b343S3Bucket65227904" + }, + "S3Key": { + "Fn::Join": [ + "", + [ + { + "Fn::Select": [ + 0, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters0625b1566df06e0ffd948f0f65f97a3d22d48242e66196d3f72b480f5309b343S3VersionKey3AF0E7DF" + } + ] + } + ] + }, + { + "Fn::Select": [ + 1, + { + "Fn::Split": [ + "||", + { + "Ref": "AssetParameters0625b1566df06e0ffd948f0f65f97a3d22d48242e66196d3f72b480f5309b343S3VersionKey3AF0E7DF" + } + ] + } + ] + } + ] + ] + } + }, + "Role": { + "Fn::GetAtt": [ + "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2", + "Arn" + ] + }, + "Handler": "index.handler", + "Runtime": "nodejs12.x", + "Timeout": 120 + }, + "DependsOn": [ + "AWS679f53fac002430cb0da5b7982bd2287ServiceRoleC1EA0FF2" + ] } }, "Parameters": { "SsmParameterValueawsserviceamiamazonlinuxlatestamznamihvmx8664gp2C96584B6F00A464EAD1953AFF4B05118Parameter": { "Type": "AWS::SSM::Parameter::Value", "Default": "/aws/service/ami-amazon-linux-latest/amzn-ami-hvm-x86_64-gp2" + }, + "AssetParameters0625b1566df06e0ffd948f0f65f97a3d22d48242e66196d3f72b480f5309b343S3Bucket65227904": { + "Type": "String", + "Description": "S3 bucket for asset \"0625b1566df06e0ffd948f0f65f97a3d22d48242e66196d3f72b480f5309b343\"" + }, + "AssetParameters0625b1566df06e0ffd948f0f65f97a3d22d48242e66196d3f72b480f5309b343S3VersionKey3AF0E7DF": { + "Type": "String", + "Description": "S3 key for asset version \"0625b1566df06e0ffd948f0f65f97a3d22d48242e66196d3f72b480f5309b343\"" + }, + "AssetParameters0625b1566df06e0ffd948f0f65f97a3d22d48242e66196d3f72b480f5309b343ArtifactHash0C561FF5": { + "Type": "String", + "Description": "Artifact hash for asset \"0625b1566df06e0ffd948f0f65f97a3d22d48242e66196d3f72b480f5309b343\"" } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-globalaccelerator/test/integ.globalaccelerator.ts b/packages/@aws-cdk/aws-globalaccelerator-endpoints/test/integ.globalaccelerator.ts similarity index 63% rename from packages/@aws-cdk/aws-globalaccelerator/test/integ.globalaccelerator.ts rename to packages/@aws-cdk/aws-globalaccelerator-endpoints/test/integ.globalaccelerator.ts index bee56b820d7ec..d4b5c2ada5ca1 100644 --- a/packages/@aws-cdk/aws-globalaccelerator/test/integ.globalaccelerator.ts +++ b/packages/@aws-cdk/aws-globalaccelerator-endpoints/test/integ.globalaccelerator.ts @@ -1,12 +1,11 @@ - import * as ec2 from '@aws-cdk/aws-ec2'; import * as elbv2 from '@aws-cdk/aws-elasticloadbalancingv2'; -import * as cdk from '@aws-cdk/core'; +import * as ga from '@aws-cdk/aws-globalaccelerator'; +import { App, Stack } from '@aws-cdk/core'; import * as constructs from 'constructs'; -import * as ga from '../lib'; -import * as testfixture from './util'; +import * as endpoints from '../lib'; -class GaStack extends testfixture.TestStack { +class GaStack extends Stack { constructor(scope: constructs.Construct, id: string) { super(scope, id); @@ -21,7 +20,6 @@ class GaStack extends testfixture.TestStack { }, ], }); - const endpointGroup = new ga.EndpointGroup(this, 'Group', { listener }); const alb = new elbv2.ApplicationLoadBalancer(this, 'ALB', { vpc, internetFacing: true }); const nlb = new elbv2.NetworkLoadBalancer(this, 'NLB', { vpc, internetFacing: true }); const eip = new ec2.CfnEIP(this, 'ElasticIpAddress'); @@ -35,15 +33,20 @@ class GaStack extends testfixture.TestStack { })); } - endpointGroup.addLoadBalancer('AlbEndpoint', alb); - endpointGroup.addLoadBalancer('NlbEndpoint', nlb); - endpointGroup.addElasticIpAddress('EipEndpoint', eip); - endpointGroup.addEc2Instance('InstanceEndpoint', instances[0]); - endpointGroup.addEndpoint('InstanceEndpoint2', instances[1].instanceId); + const group = new ga.EndpointGroup(this, 'Group', { + listener, + endpoints: [ + new endpoints.ApplicationLoadBalancerEndpoint(alb), + new endpoints.NetworkLoadBalancerEndpoint(nlb), + new endpoints.CfnEipEndpoint(eip), + new endpoints.InstanceEndpoint(instances[0]), + new endpoints.InstanceEndpoint(instances[1]), + ], + }); + alb.connections.allowFrom(group.connectionsPeer('Peer', vpc), ec2.Port.tcp(443)); } } -const app = new cdk.App(); - +const app = new App(); new GaStack(app, 'integ-globalaccelerator'); diff --git a/packages/@aws-cdk/aws-globalaccelerator/README.md b/packages/@aws-cdk/aws-globalaccelerator/README.md index d959a2e9238ad..bdbb6780fadd2 100644 --- a/packages/@aws-cdk/aws-globalaccelerator/README.md +++ b/packages/@aws-cdk/aws-globalaccelerator/README.md @@ -5,17 +5,7 @@ ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. -> -> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib - -![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) - -> The APIs of higher level constructs in this module are experimental and under active development. -> They are subject to non-backward compatible changes or removal in any future version. These are -> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be -> announced in the release notes. This means that while you may use them, you may need to update -> your source code when upgrading to a newer version of this package. +![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- @@ -23,115 +13,178 @@ ## Introduction -AWS Global Accelerator (AGA) is a service that improves the availability and performance of your applications with local or global users. It provides static IP addresses that act as a fixed entry point to your application endpoints in a single or multiple AWS Regions, such as your Application Load Balancers, Network Load Balancers or Amazon EC2 instances. +AWS Global Accelerator (AGA) is a service that improves the availability and +performance of your applications with local or global users. + +It intercepts your user's network connection at an edge location close to +them, and routes it to one of potentially multiple, redundant backends across +the more reliable and less congested AWS global network. -This module supports features under [AWS Global Accelerator](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/AWS_GlobalAccelerator.html) that allows users set up resources using the `@aws-cdk/aws-globalaccelerator` module. +AGA can be used to route traffic to Application Load Balancers, Network Load +Balancers, EC2 Instances and Elastic IP Addresses. -## Accelerator +For more information, see the [AWS Global +Accelerator Developer Guide](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/AWS_GlobalAccelerator.html). -The `Accelerator` resource is a Global Accelerator resource type that contains information about how you create an accelerator. An accelerator includes one or more listeners that process inbound connections and direct traffic to one or more endpoint groups, each of which includes endpoints, such as Application Load Balancers, Network Load Balancers, and Amazon EC2 instances. +## Example -To create the `Accelerator`: +Here's an example that sets up a Global Accelerator for two Application Load +Balancers in two different AWS Regions: ```ts import globalaccelerator = require('@aws-cdk/aws-globalaccelerator'); +import ga_endpoints = require('@aws-cdk/aws-globalaccelerator-endpoints'); +import elbv2 = require('@aws-cdk/aws-elasticloadbalancingv2'); -new globalaccelerator.Accelerator(stack, 'Accelerator'); +// Create an Accelerator +const accelerator = new globalaccelerator.Accelerator(stack, 'Accelerator'); + +// Create a Listener +const listener = accelerator.addListener('Listener', { + portRanges: [ + { fromPort: 80 }, + { fromPort: 443 }, + ], +}); + +// Import the Load Balancers +const nlb1 = elbv2.NetworkLoadBalancer.fromNetworkLoadBalancerAttributes(stack, 'NLB1', { + loadBalancerArn: 'arn:aws:elasticloadbalancing:us-west-2:111111111111:loadbalancer/app/my-load-balancer1/e16bef66805b', +}); +const nlb2 = elbv2.NetworkLoadBalancer.fromNetworkLoadBalancerAttributes(stack, 'NLB2', { + loadBalancerArn: 'arn:aws:elasticloadbalancing:ap-south-1:111111111111:loadbalancer/app/my-load-balancer2/5513dc2ea8a1', +}); +// Add one EndpointGroup for each Region we are targeting +listener.addEndpointGroup('Group1', { + endpoints: [new ga_endpoints.NetworkLoadBalancerEndpoint(nlb1)], +}); +listener.addEndpointGroup('Group2', { + // Imported load balancers automatically calculate their Region from the ARN. + // If you are load balancing to other resources, you must also pass a `region` + // parameter here. + endpoints: [new ga_endpoints.NetworkLoadBalancerEndpoint(nlb2)], +}); ``` -## Listener +## Concepts + +The **Accelerator** construct defines a Global Accelerator resource. + +An Accelerator includes one or more **Listeners** that accepts inbound +connections on one or more ports. + +Each Listener has one or more **Endpoint Groups**, representing multiple +geographically distributed copies of your application. There is one Endpoint +Group per Region, and user traffic is routed to the closest Region by default. + +An Endpoint Group consists of one or more **Endpoints**, which is where the +user traffic coming in on the Listener is ultimately sent. The Endpoint port +used is the same as the traffic came in on at the Listener, unless overridden. + +## Types of Endpoints + +There are 4 types of Endpoints, and they can be found in the +`@aws-cdk/aws-globalaccelerator-endpoints` package: -The `Listener` resource is a Global Accelerator resource type that contains information about how you create a listener to process inbound connections from clients to an accelerator. Connections arrive to assigned static IP addresses on a port, port range, or list of port ranges that you specify. +* Application Load Balancers +* Network Load Balancers +* EC2 Instances +* Elastic IP Addresses -To create the `Listener` listening on TCP 80: +### Application Load Balancers ```ts -new globalaccelerator.Listener(stack, 'Listener', { - accelerator, - portRanges: [ - { - fromPort: 80, - toPort: 80, - }, +const alb = new elbv2.ApplicationLoadBalancer(...); + +listener.addEndpointGroup('Group', { + endpoints: [ + new ga_endpoints.ApplicationLoadBalancerEndpoint(alb, { + weight: 128, + preserveClientIp: true, + }), ], }); ``` - -## EndpointGroup - -The `EndpointGroup` resource is a Global Accelerator resource type that contains information about how you create an endpoint group for the specified listener. An endpoint group is a collection of endpoints in one AWS Region. - -To create the `EndpointGroup`: +### Network Load Balancers ```ts -new globalaccelerator.EndpointGroup(stack, 'Group', { listener }); +const nlb = new elbv2.NetworkLoadBalancer(...); +listener.addEndpointGroup('Group', { + endpoints: [ + new ga_endpoints.NetworkLoadBalancerEndpoint(nlb, { + weight: 128, + }), + ], +}); ``` -## Add Endpoint into EndpointGroup - -You may use the following methods to add endpoints into the `EndpointGroup`: +### EC2 Instances -- `addEndpoint` to add a generic `endpoint` into the `EndpointGroup`. -- `addLoadBalancer` to add an Application Load Balancer or Network Load Balancer. -- `addEc2Instance` to add an EC2 Instance. -- `addElasticIpAddress` to add an Elastic IP Address. +```ts +const instance = new ec2.instance(...); + +listener.addEndpointGroup('Group', { + endpoints: [ + new ga_endpoints.InstanceEndpoint(instance, { + weight: 128, + preserveClientIp: true, + }), + ], +}); +``` +### Elastic IP Addresses ```ts -const endpointGroup = new globalaccelerator.EndpointGroup(stack, 'Group', { listener }); -const alb = new elbv2.ApplicationLoadBalancer(stack, 'ALB', { vpc, internetFacing: true }); -const nlb = new elbv2.NetworkLoadBalancer(stack, 'NLB', { vpc, internetFacing: true }); -const eip = new ec2.CfnEIP(stack, 'ElasticIpAddress'); -const instances = new Array(); - -for ( let i = 0; i < 2; i++) { - instances.push(new ec2.Instance(stack, `Instance${i}`, { - vpc, - machineImage: new ec2.AmazonLinuxImage(), - instanceType: new ec2.InstanceType('t3.small'), - })); -} - -endpointGroup.addLoadBalancer('AlbEndpoint', alb); -endpointGroup.addLoadBalancer('NlbEndpoint', nlb); -endpointGroup.addElasticIpAddress('EipEndpoint', eip); -endpointGroup.addEc2Instance('InstanceEndpoint', instances[0]); -endpointGroup.addEndpoint('InstanceEndpoint2', instances[1].instanceId); +const eip = new ec2.CfnEIP(...); + +listener.addEndpointGroup('Group', { + endpoints: [ + new ga_endpoints.CfnEipEndpoint(eip, { + weight: 128, + }), + ], +}); ``` -## Accelerator Security Groups +## Client IP Address Preservation and Security Groups -When using certain AGA features (client IP address preservation), AGA creates elastic network interfaces (ENI) in your AWS account which are -associated with a Security Group, and which are reused for all AGAs associated with that VPC. Per the -[best practices](https://docs.aws.amazon.com/global-accelerator/latest/dg/best-practices-aga.html) page, AGA creates a specific security group -called `GlobalAccelerator` for each VPC it has an ENI in. You can use the security group created by AGA as a source group in other security -groups, such as those for EC2 instances or Elastic Load Balancers, in order to implement least-privilege security group rules. +When using the `preserveClientIp` feature, AGA creates +**Elastic Network Interfaces** (ENIs) in your AWS account, that are +associated with a Security Group AGA creates for you. You can use the +security group created by AGA as a source group in other security groups +(such as those for EC2 instances or Elastic Load Balancers), if you want to +restrict incoming traffic to the AGA security group rules. -CloudFormation doesn't support referencing the security group created by AGA. CDK has a library that enables you to reference the AGA security group -for a VPC using an AwsCustomResource. +AGA creates a specific security group called `GlobalAccelerator` for each VPC +it has an ENI in (this behavior can not be changed). CloudFormation doesn't +support referencing the security group created by AGA, but this construct +library comes with a custom resource that enables you to reference the AGA +security group. + +Call `endpointGroup.connectionsPeer()` to obtain a reference to the Security Group +which you can use in connection rules. You must pass a reference to the VPC in whose +context the security group will be looked up. Example: ```ts -const vpc = new Vpc(stack, 'VPC', {}); -const alb = new elbv2.ApplicationLoadBalancer(stack, 'ALB', { vpc, internetFacing: false }); -const accelerator = new ga.Accelerator(stack, 'Accelerator'); -const listener = new ga.Listener(stack, 'Listener', { - accelerator, - portRanges: [ - { - fromPort: 443, - toPort: 443, - }, +// ... + +// Non-open ALB +const alb = new elbv2.ApplicationLoadBalancer(stack, 'ALB', { /* ... */ }); + +const endpointGroup = listener.addEndpointGroup('Group', { + endpoints: [ + new ga_endpoints.ApplicationLoadBalancerEndpoint(alb, { + preserveClientIps: true, + })], ], }); -const endpointGroup = new ga.EndpointGroup(stack, 'Group', { listener }); -endpointGroup.addLoadBalancer('AlbEndpoint', alb); // Remember that there is only one AGA security group per VPC. -// This code will fail at CloudFormation deployment time if you do not have an AGA -const agaSg = ga.AcceleratorSecurityGroup.fromVpc(stack, 'GlobalAcceleratorSG', vpc); +const agaSg = endpointGroup.connectionsPeer('GlobalAcceleratorSG', vpc); // Allow connections from the AGA to the ALB alb.connections.allowFrom(agaSg, Port.tcp(443)); diff --git a/packages/@aws-cdk/aws-globalaccelerator/lib/accelerator-security-group.ts b/packages/@aws-cdk/aws-globalaccelerator/lib/_accelerator-security-group.ts similarity index 72% rename from packages/@aws-cdk/aws-globalaccelerator/lib/accelerator-security-group.ts rename to packages/@aws-cdk/aws-globalaccelerator/lib/_accelerator-security-group.ts index 9197613d69b61..d59f572ecaebc 100644 --- a/packages/@aws-cdk/aws-globalaccelerator/lib/accelerator-security-group.ts +++ b/packages/@aws-cdk/aws-globalaccelerator/lib/_accelerator-security-group.ts @@ -1,16 +1,14 @@ -import { ISecurityGroup, SecurityGroup, IVpc } from '@aws-cdk/aws-ec2'; +import * as ec2 from '@aws-cdk/aws-ec2'; +import { CfnResource } from '@aws-cdk/core'; import { AwsCustomResource, AwsCustomResourcePolicy, PhysicalResourceId } from '@aws-cdk/custom-resources'; +import { Construct } from 'constructs'; import { EndpointGroup } from '../lib'; -// keep this import separate from other imports to reduce chance for merge conflicts with v2-main -// eslint-disable-next-line no-duplicate-imports, import/order -import { Construct } from '@aws-cdk/core'; - /** * The security group used by a Global Accelerator to send traffic to resources in a VPC. */ -export class AcceleratorSecurityGroup { +export class AcceleratorSecurityGroupPeer implements ec2.IPeer { /** * Lookup the Global Accelerator security group at CloudFormation deployment time. * @@ -21,7 +19,7 @@ export class AcceleratorSecurityGroup { * the AGA security group for a given VPC at CloudFormation deployment time, and lets you create rules for traffic from AGA * to other resources created by CDK. */ - public static fromVpc(scope: Construct, id: string, vpc: IVpc, endpointGroup: EndpointGroup): ISecurityGroup { + public static fromVpc(scope: Construct, id: string, vpc: ec2.IVpc, endpointGroup: EndpointGroup) { // The security group name is always 'GlobalAccelerator' const globalAcceleratorSGName = 'GlobalAccelerator'; @@ -59,16 +57,27 @@ export class AcceleratorSecurityGroup { }), }); - // Look up the security group ID - const sg = SecurityGroup.fromSecurityGroupId(scope, - id, - lookupAcceleratorSGCustomResource.getResponseField(ec2ResponseSGIdField)); // We add a dependency on the endpoint group, guaranteeing that CloudFormation won't // try and look up the SG before AGA creates it. The SG is created when a VPC resource // is associated with an AGA - lookupAcceleratorSGCustomResource.node.addDependency(endpointGroup); - return sg; + lookupAcceleratorSGCustomResource.node.addDependency(endpointGroup.node.defaultChild as CfnResource); + + // Look up the security group ID + return new AcceleratorSecurityGroupPeer(lookupAcceleratorSGCustomResource.getResponseField(ec2ResponseSGIdField)); + } + + public readonly canInlineRule = false; + public readonly connections: ec2.Connections = new ec2.Connections({ peer: this }); + public readonly uniqueId: string = 'GlobalAcceleratorGroup'; + + private constructor(private readonly securityGroupId: string) { } - private constructor() {} + public toIngressRuleConfig(): any { + return { sourceSecurityGroupId: this.securityGroupId }; + } + + public toEgressRuleConfig(): any { + return { destinationSecurityGroupId: this.securityGroupId }; + } } diff --git a/packages/@aws-cdk/aws-globalaccelerator/lib/accelerator.ts b/packages/@aws-cdk/aws-globalaccelerator/lib/accelerator.ts index 721f641d3c19b..939e91f0a2839 100644 --- a/packages/@aws-cdk/aws-globalaccelerator/lib/accelerator.ts +++ b/packages/@aws-cdk/aws-globalaccelerator/lib/accelerator.ts @@ -1,6 +1,7 @@ import * as cdk from '@aws-cdk/core'; import { Construct } from 'constructs'; import * as ga from './globalaccelerator.generated'; +import { Listener, ListenerOptions } from './listener'; /** * The interface of the Accelerator @@ -63,7 +64,7 @@ export class Accelerator extends cdk.Resource implements IAccelerator { /** * import from attributes */ - public static fromAcceleratorAttributes(scope: Construct, id: string, attrs: AcceleratorAttributes ): IAccelerator { + public static fromAcceleratorAttributes(scope: Construct, id: string, attrs: AcceleratorAttributes): IAccelerator { class Import extends cdk.Resource implements IAccelerator { public readonly acceleratorArn = attrs.acceleratorArn; public readonly dnsName = attrs.dnsName; @@ -86,10 +87,20 @@ export class Accelerator extends cdk.Resource implements IAccelerator { const resource = new ga.CfnAccelerator(this, 'Resource', { enabled: props.enabled ?? true, - name: props.acceleratorName ?? id, + name: props.acceleratorName ?? cdk.Names.uniqueId(this), }); this.acceleratorArn = resource.attrAcceleratorArn; this.dnsName = resource.attrDnsName; } + + /** + * Add a listener to the accelerator + */ + public addListener(id: string, options: ListenerOptions) { + return new Listener(this, id, { + accelerator: this, + ...options, + }); + } } diff --git a/packages/@aws-cdk/aws-globalaccelerator/lib/endpoint-group.ts b/packages/@aws-cdk/aws-globalaccelerator/lib/endpoint-group.ts index b5c96bcd547ba..635ac85ff5708 100644 --- a/packages/@aws-cdk/aws-globalaccelerator/lib/endpoint-group.ts +++ b/packages/@aws-cdk/aws-globalaccelerator/lib/endpoint-group.ts @@ -1,12 +1,11 @@ +import * as ec2 from '@aws-cdk/aws-ec2'; import * as cdk from '@aws-cdk/core'; import { Construct } from 'constructs'; +import { AcceleratorSecurityGroupPeer } from './_accelerator-security-group'; +import { IEndpoint } from './endpoint'; import * as ga from './globalaccelerator.generated'; import { IListener } from './listener'; -// keep this import separate from other imports to reduce chance for merge conflicts with v2-main -// eslint-disable-next-line no-duplicate-imports, import/order -import { Construct as CoreConstruct } from '@aws-cdk/core'; - /** * The interface of the EndpointGroup */ @@ -19,125 +18,135 @@ export interface IEndpointGroup extends cdk.IResource { } /** - * Options for `addLoadBalancer`, `addElasticIpAddress` and `addEc2Instance` to add endpoints into the endpoint group + * Basic options for creating a new EndpointGroup */ -export interface EndpointConfigurationOptions { +export interface EndpointGroupOptions { /** - * Indicates whether client IP address preservation is enabled for an Application Load Balancer endpoint + * Name of the endpoint group * - * @default true + * @default - logical ID of the resource */ - readonly clientIpReservation?: boolean; + readonly endpointGroupName?: string; /** - * The weight associated with the endpoint. When you add weights to endpoints, you configure AWS Global Accelerator - * to route traffic based on proportions that you specify. For example, you might specify endpoint weights of 4, 5, - * 5, and 6 (sum=20). The result is that 4/20 of your traffic, on average, is routed to the first endpoint, 5/20 is - * routed both to the second and third endpoints, and 6/20 is routed to the last endpoint. - * @see https://docs.aws.amazon.com/global-accelerator/latest/dg/about-endpoints-endpoint-weights.html - * @default - not specified + * The AWS Region where the endpoint group is located. + * + * @default - region of the first endpoint in this group, or the stack region if that region can't be determined */ - readonly weight?: number; -} + readonly region?: string; -/** - * Properties to create EndpointConfiguration - * - */ -export interface EndpointConfigurationProps extends EndpointConfigurationOptions { /** - * The endopoint group reesource + * The time between health checks for each endpoint + * + * Must be either 10 or 30 seconds. * - * [disable-awslint:ref-via-interface] + * @default Duration.seconds(30) */ - readonly endpointGroup: EndpointGroup; + readonly healthCheckInterval?: cdk.Duration; /** - * An ID for the endpoint. If the endpoint is a Network Load Balancer or Application Load Balancer, - * this is the Amazon Resource Name (ARN) of the resource. If the endpoint is an Elastic IP address, - * this is the Elastic IP address allocation ID. For EC2 instances, this is the EC2 instance ID. + * The ping path for health checks (if the protocol is HTTP(S)). + * + * @default '/' */ - readonly endpointId: string; -} + readonly healthCheckPath?: string; -/** - * LoadBalancer Interface - */ -export interface LoadBalancer { /** - * The ARN of this load balancer + * The port used to perform health checks + * + * @default - The listener's port */ - readonly loadBalancerArn: string; -} + readonly healthCheckPort?: number; -/** - * EC2 Instance interface - */ -export interface Ec2Instance { /** - * The id of the instance resource + * The protocol used to perform health checks + * + * @default HealthCheckProtocol.TCP */ - readonly instanceId: string; -} + readonly healthCheckProtocol?: HealthCheckProtocol; -/** - * EIP Interface - */ -export interface ElasticIpAddress { /** - * allocation ID of the EIP resoruce + * The number of consecutive health checks required to set the state of a + * healthy endpoint to unhealthy, or to set an unhealthy endpoint to healthy. + * + * @default 3 */ - readonly attrAllocationId: string -} + readonly healthCheckThreshold?: number; -/** - * Property of the EndpointGroup - */ -export interface EndpointGroupProps { /** - * Name of the endpoint group + * The percentage of traffic to send to this AWS Region. * - * @default - logical ID of the resource + * The percentage is applied to the traffic that would otherwise have been + * routed to the Region based on optimal routing. Additional traffic is + * distributed to other endpoint groups for this listener. + * + * @default 100 */ - readonly endpointGroupName?: string; + readonly trafficDialPercentage?: number; /** - * The Amazon Resource Name (ARN) of the listener. + * Override the destination ports used to route traffic to an endpoint. + * + * Unless overridden, the port used to hit the endpoint will be the same as the port + * that traffic arrives on at the listener. + * + * @default - No overrides */ - readonly listener: IListener; + readonly portOverrides?: PortOverride[] /** - * The AWS Region where the endpoint group is located. + * Initial list of endpoints for this group * - * @default - the region of the current stack + * @default - Group is initially empty */ - readonly region?: string; + readonly endpoints?: IEndpoint[]; } /** - * The class for endpoint configuration + * Override specific listener ports used to route traffic to endpoints that are part of an endpoint group. */ -export class EndpointConfiguration extends CoreConstruct { +export interface PortOverride { /** - * The property containing all the configuration to be rendered + * The listener port that you want to map to a specific endpoint port. + * + * This is the port that user traffic arrives to the Global Accelerator on. */ - public readonly props: EndpointConfigurationProps; - constructor(scope: Construct, id: string, props: EndpointConfigurationProps) { - super(scope, id); - this.props = props; - props.endpointGroup._linkEndpoint(this); - } + readonly listenerPort: number; /** - * render the endpoint configuration for the endpoint group + * The endpoint port that you want a listener port to be mapped to. + * + * This is the port on the endpoint, such as the Application Load Balancer or Amazon EC2 instance. */ - public renderEndpointConfiguration(): ga.CfnEndpointGroup.EndpointConfigurationProperty { - return { - clientIpPreservationEnabled: this.props.clientIpReservation, - endpointId: this.props.endpointId, - weight: this.props.weight, - }; - } + readonly endpointPort: number; +} + +/** + * The protocol for the connections from clients to the accelerator. + */ +export enum HealthCheckProtocol { + /** + * TCP + */ + TCP = 'TCP', + /** + * HTTP + */ + HTTP = 'HTTP', + /** + * HTTPS + */ + HTTPS = 'HTTPS', +} + +/** + * Property of the EndpointGroup + */ +export interface EndpointGroupProps extends EndpointGroupOptions { + /** + * The Amazon Resource Name (ARN) of the listener. + */ + readonly listener: IListener; } /** @@ -165,75 +174,72 @@ export class EndpointGroup extends cdk.Resource implements IEndpointGroup { /** * The array of the endpoints in this endpoint group */ - protected readonly endpoints = new Array(); + protected readonly endpoints = new Array(); constructor(scope: Construct, id: string, props: EndpointGroupProps) { super(scope, id); const resource = new ga.CfnEndpointGroup(this, 'Resource', { listenerArn: props.listener.listenerArn, - endpointGroupRegion: props.region ?? cdk.Stack.of(this).region, + endpointGroupRegion: props.region ?? cdk.Lazy.string({ produce: () => this.firstEndpointRegion() }), endpointConfigurations: cdk.Lazy.any({ produce: () => this.renderEndpoints() }, { omitEmptyArray: true }), + healthCheckIntervalSeconds: props.healthCheckInterval?.toSeconds({ integral: true }), + healthCheckPath: props.healthCheckPath, + healthCheckPort: props.healthCheckPort, + healthCheckProtocol: props.healthCheckProtocol, + thresholdCount: props.healthCheckThreshold, + trafficDialPercentage: props.trafficDialPercentage, + portOverrides: props.portOverrides?.map(o => ({ + endpointPort: o.endpointPort, + listenerPort: o.listenerPort, + })), }); this.endpointGroupArn = resource.attrEndpointGroupArn; this.endpointGroupName = props.endpointGroupName ?? resource.logicalId; - } - /** - * Add an endpoint - */ - public addEndpoint(id: string, endpointId: string, props: EndpointConfigurationOptions = - {}) { - return new EndpointConfiguration(this, id, { - endpointGroup: this, - endpointId, - ...props, - }); + for (const endpoint of props.endpoints ?? []) { + this.addEndpoint(endpoint); + } } /** - * Add an Elastic Load Balancer as an endpoint in this endpoint group + * Add an endpoint */ - public addLoadBalancer(id: string, lb: LoadBalancer, props: EndpointConfigurationOptions = {}) { - return new EndpointConfiguration(this, id, { - endpointId: lb.loadBalancerArn, - endpointGroup: this, - ...props, - }); + public addEndpoint(endpoint: IEndpoint) { + this.endpoints.push(endpoint); } /** - * Add an EIP as an endpoint in this endpoint group + * Return an object that represents the Accelerator's Security Group + * + * Uses a Custom Resource to look up the Security Group that Accelerator + * creates at deploy time. Requires your VPC ID to perform the lookup. + * + * The Security Group will only be created if you enable **Client IP + * Preservation** on any of the endpoints. + * + * You cannot manipulate the rules inside this security group, but you can + * use this security group as a Peer in Connections rules on other + * constructs. */ - public addElasticIpAddress(id: string, eip: ElasticIpAddress, props: EndpointConfigurationOptions = {}) { - return new EndpointConfiguration(this, id, { - endpointId: eip.attrAllocationId, - endpointGroup: this, - ...props, - }); + public connectionsPeer(id: string, vpc: ec2.IVpc): ec2.IPeer { + return AcceleratorSecurityGroupPeer.fromVpc(this, id, vpc, this); } - /** - * Add an EC2 Instance as an endpoint in this endpoint group - */ - public addEc2Instance(id: string, instance: Ec2Instance, props: EndpointConfigurationOptions = {}) { - return new EndpointConfiguration(this, id, { - endpointId: instance.instanceId, - endpointGroup: this, - ...props, - }); + private renderEndpoints() { + return this.endpoints.map(e => e.renderEndpointConfiguration()); } /** - * Links a endpoint to this endpoint group - * @internal + * Return the first (readable) region of the endpoints in this group */ - public _linkEndpoint(endpoint: EndpointConfiguration) { - this.endpoints.push(endpoint); - } - - private renderEndpoints() { - return this.endpoints.map(e => e.renderEndpointConfiguration()); + private firstEndpointRegion() { + for (const endpoint of this.endpoints) { + if (endpoint.region) { + return endpoint.region; + } + } + return cdk.Stack.of(this).region; } } diff --git a/packages/@aws-cdk/aws-globalaccelerator/lib/endpoint.ts b/packages/@aws-cdk/aws-globalaccelerator/lib/endpoint.ts new file mode 100644 index 0000000000000..a99f54421fab1 --- /dev/null +++ b/packages/@aws-cdk/aws-globalaccelerator/lib/endpoint.ts @@ -0,0 +1,87 @@ +import { CfnEndpointGroup } from './globalaccelerator.generated'; + +/** + * An endpoint for the endpoint group + * + * Implementations of `IEndpoint` can be found in the `aws-globalaccelerator-endpoints` package. + */ +export interface IEndpoint { + /** + * The region where the endpoint is located + * + * If the region cannot be determined, `undefined` is returned + */ + readonly region?: string; + + /** + * Render the endpoint to an endpoint configuration + */ + renderEndpointConfiguration(): any; +} + +/** + * Properties for RawEndpoint + */ +export interface RawEndpointProps { + /** + * Identifier of the endpoint + * + * Load balancer ARN, instance ID or EIP allocation ID. + */ + readonly endpointId: string; + + /** + * Endpoint weight across all endpoints in the group + * + * Must be a value between 0 and 255. + * + * @default 128 + */ + readonly weight?: number; + + /** + * Forward the client IP address + * + * GlobalAccelerator will create Network Interfaces in your VPC in order + * to preserve the client IP address. + * + * Only applies to Application Load Balancers and EC2 instances. + * + * Client IP address preservation is supported only in specific AWS Regions. + * See the GlobalAccelerator Developer Guide for a list. + * + * @default true if possible and available + */ + readonly preserveClientIp?: boolean; + + /** + * The region where this endpoint is located + * + * @default - Unknown what region this endpoint is located + */ + readonly region?: string; +} + +/** + * Untyped endpoint implementation + * + * Prefer using the classes in the `aws-globalaccelerator-endpoints` package instead, + * as they accept typed constructs. You can use this class if you want to use an + * endpoint type that does not have an appropriate class in that package yet. + */ +export class RawEndpoint implements IEndpoint { + public readonly region?: string; + + constructor(private readonly props: RawEndpointProps) { + this.region = props.region; + } + + public renderEndpointConfiguration(): any { + return { + endpointId: this.props.endpointId, + weight: this.props.weight, + clientIpPreservationEnabled: this.props.preserveClientIp, + } as CfnEndpointGroup.EndpointConfigurationProperty; + } +} + diff --git a/packages/@aws-cdk/aws-globalaccelerator/lib/index.ts b/packages/@aws-cdk/aws-globalaccelerator/lib/index.ts index ff4675e6af2e5..de29a6d6ed08b 100644 --- a/packages/@aws-cdk/aws-globalaccelerator/lib/index.ts +++ b/packages/@aws-cdk/aws-globalaccelerator/lib/index.ts @@ -1,6 +1,6 @@ // AWS::GlobalAccelerator CloudFormation Resources: export * from './globalaccelerator.generated'; export * from './accelerator'; -export * from './accelerator-security-group'; export * from './listener'; export * from './endpoint-group'; +export * from './endpoint'; diff --git a/packages/@aws-cdk/aws-globalaccelerator/lib/listener.ts b/packages/@aws-cdk/aws-globalaccelerator/lib/listener.ts index 2f29bde4b03c7..39c5c0e4699b1 100644 --- a/packages/@aws-cdk/aws-globalaccelerator/lib/listener.ts +++ b/packages/@aws-cdk/aws-globalaccelerator/lib/listener.ts @@ -1,6 +1,7 @@ import * as cdk from '@aws-cdk/core'; import { Construct } from 'constructs'; import { IAccelerator } from './accelerator'; +import { EndpointGroup, EndpointGroupOptions } from './endpoint-group'; import * as ga from './globalaccelerator.generated'; /** @@ -16,9 +17,9 @@ export interface IListener extends cdk.IResource { } /** - * construct properties for Listener + * Construct options for Listener */ -export interface ListenerProps { +export interface ListenerOptions { /** * Name of the listener * @@ -26,11 +27,6 @@ export interface ListenerProps { */ readonly listenerName?: string; - /** - * The accelerator for this listener - */ - readonly accelerator: IAccelerator; - /** * The list of port ranges for the connections from clients to the accelerator */ @@ -39,18 +35,35 @@ export interface ListenerProps { /** * The protocol for the connections from clients to the accelerator * - * @default TCP + * @default ConnectionProtocol.TCP */ readonly protocol?: ConnectionProtocol; /** * Client affinity to direct all requests from a user to the same endpoint * - * @default NONE + * If you have stateful applications, client affinity lets you direct all + * requests from a user to the same endpoint. + * + * By default, each connection from each client is routed to seperate + * endpoints. Set client affinity to SOURCE_IP to route all connections from + * a single client to the same endpoint. + * + * @default ClientAffinity.NONE */ readonly clientAffinity?: ClientAffinity; } +/** + * Construct properties for Listener + */ +export interface ListenerProps extends ListenerOptions { + /** + * The accelerator for this listener + */ + readonly accelerator: IAccelerator; +} + /** * The list of port ranges for the connections from clients to the accelerator. */ @@ -58,11 +71,14 @@ export interface PortRange { /** * The first port in the range of ports, inclusive. */ - readonly fromPort: number, + readonly fromPort: number; + /** * The last port in the range of ports, inclusive. + * + * @default - same as `fromPort` */ - readonly toPort: number, + readonly toPort?: number; } /** @@ -80,20 +96,20 @@ export enum ConnectionProtocol { } /** - * Client affinity lets you direct all requests from a user to the same endpoint, if you have stateful applications, - * regardless of the port and protocol of the client request. Client affinity gives you control over whether to always - * route each client to the same specific endpoint. If you want a given client to always be routed to the same - * endpoint, set client affinity to SOURCE_IP. + * Client affinity gives you control over whether to always route each client to the same specific endpoint. * * @see https://docs.aws.amazon.com/global-accelerator/latest/dg/about-listeners.html#about-listeners-client-affinity */ export enum ClientAffinity { /** - * default affinity + * Route traffic based on the 5-tuple `(source IP, source port, destination IP, destination port, protocol)` */ NONE = 'NONE', + /** - * affinity by source IP + * Route traffic based on the 2-tuple `(source IP, destination IP)` + * + * The result is that multiple connections from the same client will be routed the same. */ SOURCE_IP = 'SOURCE_IP', } @@ -127,7 +143,7 @@ export class Listener extends cdk.Resource implements IListener { acceleratorArn: props.accelerator.acceleratorArn, portRanges: props.portRanges.map(m => ({ fromPort: m.fromPort, - toPort: m.toPort, + toPort: m.toPort ?? m.fromPort, })), protocol: props.protocol ?? ConnectionProtocol.TCP, clientAffinity: props.clientAffinity ?? ClientAffinity.NONE, @@ -135,6 +151,15 @@ export class Listener extends cdk.Resource implements IListener { this.listenerArn = resource.attrListenerArn; this.listenerName = props.listenerName ?? resource.logicalId; + } + /** + * Add a new endpoint group to this listener + */ + public addEndpointGroup(id: string, options: EndpointGroupOptions = {}) { + return new EndpointGroup(this, id, { + listener: this, + ...options, + }); } } diff --git a/packages/@aws-cdk/aws-globalaccelerator/package.json b/packages/@aws-cdk/aws-globalaccelerator/package.json index 1e98de7ee0bc8..f325ec000d862 100644 --- a/packages/@aws-cdk/aws-globalaccelerator/package.json +++ b/packages/@aws-cdk/aws-globalaccelerator/package.json @@ -74,7 +74,6 @@ "license": "Apache-2.0", "devDependencies": { "@aws-cdk/assert": "0.0.0", - "@aws-cdk/aws-elasticloadbalancingv2": "0.0.0", "cdk-integ-tools": "0.0.0", "cdk-build-tools": "0.0.0", "cfn2ts": "0.0.0", @@ -95,8 +94,8 @@ "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" }, - "stability": "experimental", - "maturity": "experimental", + "stability": "stable", + "maturity": "stable", "awscdkio": { "announce": false }, diff --git a/packages/@aws-cdk/aws-globalaccelerator/test/globalaccelerator-security-group.test.ts b/packages/@aws-cdk/aws-globalaccelerator/test/globalaccelerator-security-group.test.ts index 20881d152f396..8101fa98acfba 100644 --- a/packages/@aws-cdk/aws-globalaccelerator/test/globalaccelerator-security-group.test.ts +++ b/packages/@aws-cdk/aws-globalaccelerator/test/globalaccelerator-security-group.test.ts @@ -1,7 +1,7 @@ import { expect, haveResource, ResourcePart } from '@aws-cdk/assert'; -import { Port } from '@aws-cdk/aws-ec2'; +import * as ec2 from '@aws-cdk/aws-ec2'; import * as ga from '../lib'; -import { testFixture, testFixtureAlb } from './util'; +import { testFixture } from './util'; test('custom resource exists', () => { // GIVEN @@ -19,7 +19,7 @@ test('custom resource exists', () => { const endpointGroup = new ga.EndpointGroup(stack, 'Group', { listener }); // WHEN - ga.AcceleratorSecurityGroup.fromVpc(stack, 'GlobalAcceleratorSG', vpc, endpointGroup); + endpointGroup.connectionsPeer('GlobalAcceleratorSG', vpc); // THEN expect(stack).to(haveResource('Custom::AWS', { @@ -45,7 +45,7 @@ test('custom resource exists', () => { InstallLatestAwsSdk: true, }, DependsOn: [ - 'GlobalAcceleratorSGCustomResourceCustomResourcePolicyF3294553', + 'GroupGlobalAcceleratorSGCustomResourceCustomResourcePolicy9C957AD2', 'GroupC77FDACD', ], }, ResourcePart.CompleteDefinition)); @@ -53,7 +53,7 @@ test('custom resource exists', () => { test('can create security group rule', () => { // GIVEN - const { stack, alb, vpc } = testFixtureAlb(); + const { stack, vpc } = testFixture(); const accelerator = new ga.Accelerator(stack, 'Accelerator'); const listener = new ga.Listener(stack, 'Listener', { accelerator, @@ -65,11 +65,12 @@ test('can create security group rule', () => { ], }); const endpointGroup = new ga.EndpointGroup(stack, 'Group', { listener }); - endpointGroup.addLoadBalancer('endpoint', alb); // WHEN - const sg = ga.AcceleratorSecurityGroup.fromVpc(stack, 'GlobalAcceleratorSG', vpc, endpointGroup); - alb.connections.allowFrom(sg, Port.tcp(443)); + const gaSg = endpointGroup.connectionsPeer('GlobalAcceleratorSG', vpc); + const instanceSg = new ec2.SecurityGroup(stack, 'SG', { vpc }); + const instanceConnections = new ec2.Connections({ securityGroups: [instanceSg] }); + instanceConnections.allowFrom(gaSg, ec2.Port.tcp(443)); // THEN expect(stack).to(haveResource('AWS::EC2::SecurityGroupIngress', { @@ -77,13 +78,13 @@ test('can create security group rule', () => { FromPort: 443, GroupId: { 'Fn::GetAtt': [ - 'ALBSecurityGroup8B8624F8', + 'SGADB53937', 'GroupId', ], }, SourceSecurityGroupId: { 'Fn::GetAtt': [ - 'GlobalAcceleratorSGCustomResourceC1DB5287', + 'GroupGlobalAcceleratorSGCustomResource0C8056E9', 'SecurityGroups.0.GroupId', ], }, diff --git a/packages/@aws-cdk/aws-globalaccelerator/test/globalaccelerator.test.ts b/packages/@aws-cdk/aws-globalaccelerator/test/globalaccelerator.test.ts index 72e1c79e586dd..ddbd69c269ca2 100644 --- a/packages/@aws-cdk/aws-globalaccelerator/test/globalaccelerator.test.ts +++ b/packages/@aws-cdk/aws-globalaccelerator/test/globalaccelerator.test.ts @@ -1,6 +1,5 @@ import { expect, haveResourceLike } from '@aws-cdk/assert'; -import * as ec2 from '@aws-cdk/aws-ec2'; -import * as elbv2 from '@aws-cdk/aws-elasticloadbalancingv2'; +import { Duration } from '@aws-cdk/core'; import * as ga from '../lib'; import { testFixture } from './util'; @@ -52,6 +51,29 @@ test('create listener', () => { })); }); +test('toPort defaults to fromPort if left out', () => { + // GIVEN + const { stack } = testFixture(); + + // WHEN + const accelerator = new ga.Accelerator(stack, 'Accelerator'); + accelerator.addListener('Listener', { + portRanges: [ + { fromPort: 123 }, + ], + }); + + // THEN + expect(stack).to(haveResourceLike('AWS::GlobalAccelerator::Listener', { + PortRanges: [ + { + FromPort: 123, + ToPort: 123, + }, + ], + })); +}); + test('create endpointgroup', () => { // GIVEN const { stack } = testFixture(); @@ -83,73 +105,75 @@ test('create endpointgroup', () => { })); }); -test('addEndpoint', () => { +test('endpointgroup region is the first endpoint\'s region', () => { // GIVEN - const { stack, vpc } = testFixture(); + const { stack } = testFixture(); // WHEN const accelerator = new ga.Accelerator(stack, 'Accelerator'); const listener = new ga.Listener(stack, 'Listener', { accelerator, - portRanges: [ - { - fromPort: 80, - toPort: 80, - }, - ], + portRanges: [{ fromPort: 80 }], }); - const endpointGroup = new ga.EndpointGroup(stack, 'Group', { listener }); - const instance = new ec2.Instance(stack, 'Instance', { - vpc, - machineImage: new ec2.AmazonLinuxImage(), - instanceType: new ec2.InstanceType('t3.small'), + listener.addEndpointGroup('Group', { + endpoints: [ + new ga.RawEndpoint({ + endpointId: 'x-123', + region: 'us-bla-5', + }), + ], }); - endpointGroup.addEndpoint('endpoint', instance.instanceId); // THEN expect(stack).to(haveResourceLike('AWS::GlobalAccelerator::EndpointGroup', { - EndpointConfigurations: [ - { - EndpointId: { - Ref: 'InstanceC1063A87', - }, - }, - ], + EndpointGroupRegion: 'us-bla-5', })); }); -test('addLoadBalancer', () => { +test('endpointgroup with all parameters', () => { // GIVEN - const { stack, vpc } = testFixture(); + const { stack } = testFixture(); // WHEN const accelerator = new ga.Accelerator(stack, 'Accelerator'); - const listener = new ga.Listener(stack, 'Listener', { - accelerator, - portRanges: [ + const listener = accelerator.addListener('Listener', { + portRanges: [{ fromPort: 80 }], + }); + listener.addEndpointGroup('Group', { + region: 'us-bla-5', + healthCheckInterval: Duration.seconds(10), + healthCheckPath: '/ping', + healthCheckPort: 123, + healthCheckProtocol: ga.HealthCheckProtocol.HTTPS, + healthCheckThreshold: 23, + trafficDialPercentage: 86, + portOverrides: [ { - fromPort: 80, - toPort: 80, + listenerPort: 80, + endpointPort: 8080, }, ], }); - const endpointGroup = new ga.EndpointGroup(stack, 'Group', { listener }); - const alb = new elbv2.ApplicationLoadBalancer(stack, 'ALB', { vpc, internetFacing: true }); - endpointGroup.addLoadBalancer('endpoint', alb); // THEN expect(stack).to(haveResourceLike('AWS::GlobalAccelerator::EndpointGroup', { - EndpointConfigurations: [ + EndpointGroupRegion: 'us-bla-5', + HealthCheckIntervalSeconds: 10, + HealthCheckPath: '/ping', + HealthCheckPort: 123, + HealthCheckProtocol: 'HTTPS', + PortOverrides: [ { - EndpointId: { - Ref: 'ALBAEE750D2', - }, + EndpointPort: 8080, + ListenerPort: 80, }, ], + ThresholdCount: 23, + TrafficDialPercentage: 86, })); }); -test('addElasticIpAddress', () => { +test('addEndpoint', () => { // GIVEN const { stack } = testFixture(); @@ -164,56 +188,26 @@ test('addElasticIpAddress', () => { }, ], }); - const endpointGroup = new ga.EndpointGroup(stack, 'Group', { listener }); - const eip = new ec2.CfnEIP(stack, 'ElasticIpAddress'); - endpointGroup.addElasticIpAddress('endpoint', eip); - - // THEN - expect(stack).to(haveResourceLike('AWS::GlobalAccelerator::EndpointGroup', { - EndpointConfigurations: [ - { - EndpointId: { - 'Fn::GetAtt': [ - 'ElasticIpAddress', - 'AllocationId', - ], - }, - }, - ], - })); -}); -test('addEc2Instance', () => { - // GIVEN - const { stack, vpc } = testFixture(); - // WHEN - const accelerator = new ga.Accelerator(stack, 'Accelerator'); - const listener = new ga.Listener(stack, 'Listener', { - accelerator, - portRanges: [ - { - fromPort: 80, - toPort: 80, - }, + listener.addEndpointGroup('Group', { + endpoints: [ + new ga.RawEndpoint({ + endpointId: 'i-123', + preserveClientIp: true, + weight: 30, + }), ], }); - const endpointGroup = new ga.EndpointGroup(stack, 'Group', { listener }); - const instance = new ec2.Instance(stack, 'Instance', { - vpc, - machineImage: new ec2.AmazonLinuxImage(), - instanceType: new ec2.InstanceType('t3.small'), - }); - endpointGroup.addEc2Instance('endpoint', instance); // THEN expect(stack).to(haveResourceLike('AWS::GlobalAccelerator::EndpointGroup', { EndpointConfigurations: [ { - EndpointId: { - Ref: 'InstanceC1063A87', - }, + EndpointId: 'i-123', + ClientIPPreservationEnabled: true, + Weight: 30, }, ], })); -}); +}); \ No newline at end of file diff --git a/packages/@aws-cdk/aws-globalaccelerator/test/util.ts b/packages/@aws-cdk/aws-globalaccelerator/test/util.ts index 9cf60a33a2064..0ad64f2329cf2 100644 --- a/packages/@aws-cdk/aws-globalaccelerator/test/util.ts +++ b/packages/@aws-cdk/aws-globalaccelerator/test/util.ts @@ -1,55 +1,10 @@ import * as ec2 from '@aws-cdk/aws-ec2'; -import * as elbv2 from '@aws-cdk/aws-elasticloadbalancingv2'; import { App, Stack } from '@aws-cdk/core'; -import { Construct } from 'constructs'; export function testFixture() { - const { stack, app } = testFixtureNoVpc(); - const vpc = new ec2.Vpc(stack, 'VPC'); - - return { stack, vpc, app }; -} - -export function testFixtureNoVpc() { const app = new App(); const stack = new Stack(app, 'Stack'); - return { stack, app }; -} - -export function testFixtureAlb() { - const { stack, app, vpc } = testFixture(); - const alb = new elbv2.ApplicationLoadBalancer(stack, 'ALB', { vpc, internetFacing: true }); - - return { stack, app, alb, vpc }; -} - -export function testFixtureNlb() { - const { stack, app, vpc } = testFixture(); - const nlb = new elbv2.NetworkLoadBalancer(stack, 'NLB', { vpc, internetFacing: true }); - - return { stack, app, nlb }; -} - -export function testFixtureEip() { - const { stack, app } = testFixtureNoVpc(); - const eip = new ec2.CfnEIP(stack, 'ElasticIpAddress'); - - return { stack, app, eip }; -} - -export function testFixtureEc2() { - const { stack, app, vpc } = testFixture(); - const instance = new ec2.Instance(stack, 'Ec2', { - vpc, - machineImage: new ec2.AmazonLinuxImage(), - instanceType: new ec2.InstanceType('t3.small'), - }); - - return { stack, app, instance }; -} + const vpc = new ec2.Vpc(stack, 'VPC'); -export class TestStack extends Stack { - constructor(scope: Construct, id: string) { - super(scope, id); - } -} + return { stack, vpc, app }; +} \ No newline at end of file diff --git a/packages/@aws-cdk/core/lib/resource.ts b/packages/@aws-cdk/core/lib/resource.ts index a828f0d6cec98..79d5542acc56e 100644 --- a/packages/@aws-cdk/core/lib/resource.ts +++ b/packages/@aws-cdk/core/lib/resource.ts @@ -90,6 +90,18 @@ export interface ResourceProps { * @default - the resource is in the same region as the stack it belongs to */ readonly region?: string; + + /** + * ARN to deduce region and account from + * + * The ARN is parsed and the account and region are taken from the ARN. + * This should be used for imported resources. + * + * Cannot be supplied together with either `account` or `region`. + * + * @default - take environment from `account`, `region` parameters, or use Stack environment. + */ + readonly environmentFromArn?: string; } /** @@ -126,12 +138,18 @@ export abstract class Resource extends CoreConstruct implements IResource { constructor(scope: Construct, id: string, props: ResourceProps = {}) { super(scope, id); + if ((props.account !== undefined || props.region !== undefined) && props.environmentFromArn !== undefined) { + throw new Error(`Supply at most one of 'account'/'region' (${props.account}/${props.region}) and 'environmentFromArn' (${props.environmentFromArn})`); + } + Object.defineProperty(this, RESOURCE_SYMBOL, { value: true }); this.stack = Stack.of(this); + + const parsedArn = props.environmentFromArn ? this.stack.parseArn(props.environmentFromArn) : undefined; this.env = { - account: props.account ?? this.stack.account, - region: props.region ?? this.stack.region, + account: props.account ?? parsedArn?.account ?? this.stack.account, + region: props.region ?? parsedArn?.region ?? this.stack.region, }; let physicalName = props.physicalName; diff --git a/packages/@aws-cdk/core/test/resource.test.ts b/packages/@aws-cdk/core/test/resource.test.ts index b883d11f8d752..aa8fbe74575fc 100644 --- a/packages/@aws-cdk/core/test/resource.test.ts +++ b/packages/@aws-cdk/core/test/resource.test.ts @@ -3,7 +3,7 @@ import { nodeunitShim, Test } from 'nodeunit-shim'; import { App, App as Root, CfnCondition, CfnDeletionPolicy, CfnResource, Construct, - Fn, RemovalPolicy, Stack, + Fn, RemovalPolicy, Resource, Stack, } from '../lib'; import { synthesize } from '../lib/private/synthesis'; import { toCloudFormation } from './util'; @@ -818,6 +818,19 @@ nodeunitShim({ }, }); +test('Resource can get account and Region from ARN', () => { + const stack = new Stack(); + + // WHEN + const resource = new TestResource(stack, 'Resource', { + environmentFromArn: 'arn:partition:service:region:account:relative-id', + }); + + // THEN + expect(resource.env.account).toEqual('account'); + expect(resource.env.region).toEqual('region'); +}); + interface CounterProps { Count: number; } @@ -887,3 +900,8 @@ class CustomizableResource extends CfnResource { return cleanProps; } } + +/** + * Because Resource is abstract + */ +class TestResource extends Resource {} \ No newline at end of file diff --git a/packages/aws-cdk-lib/package.json b/packages/aws-cdk-lib/package.json index 5bd2c80c966f9..be2c9d0b7b87f 100644 --- a/packages/aws-cdk-lib/package.json +++ b/packages/aws-cdk-lib/package.json @@ -191,6 +191,7 @@ "@aws-cdk/aws-fsx": "0.0.0", "@aws-cdk/aws-gamelift": "0.0.0", "@aws-cdk/aws-globalaccelerator": "0.0.0", + "@aws-cdk/aws-globalaccelerator-endpoints": "0.0.0", "@aws-cdk/aws-glue": "0.0.0", "@aws-cdk/aws-greengrass": "0.0.0", "@aws-cdk/aws-greengrassv2": "0.0.0", diff --git a/packages/decdk/package.json b/packages/decdk/package.json index 27978f6c4d451..62d20f552353b 100644 --- a/packages/decdk/package.json +++ b/packages/decdk/package.json @@ -112,6 +112,7 @@ "@aws-cdk/aws-fsx": "0.0.0", "@aws-cdk/aws-gamelift": "0.0.0", "@aws-cdk/aws-globalaccelerator": "0.0.0", + "@aws-cdk/aws-globalaccelerator-endpoints": "0.0.0", "@aws-cdk/aws-glue": "0.0.0", "@aws-cdk/aws-greengrass": "0.0.0", "@aws-cdk/aws-greengrassv2": "0.0.0", diff --git a/packages/monocdk/package.json b/packages/monocdk/package.json index 7f1f6da5555b1..fc542a6dee2b9 100644 --- a/packages/monocdk/package.json +++ b/packages/monocdk/package.json @@ -196,6 +196,7 @@ "@aws-cdk/aws-fsx": "0.0.0", "@aws-cdk/aws-gamelift": "0.0.0", "@aws-cdk/aws-globalaccelerator": "0.0.0", + "@aws-cdk/aws-globalaccelerator-endpoints": "0.0.0", "@aws-cdk/aws-glue": "0.0.0", "@aws-cdk/aws-greengrass": "0.0.0", "@aws-cdk/aws-greengrassv2": "0.0.0", From e9d9299b6bcdab489d94c974074e8c796bce00f3 Mon Sep 17 00:00:00 2001 From: Benjamin Genz Date: Tue, 30 Mar 2021 20:35:48 +0200 Subject: [PATCH 053/260] fix(aws-ecs): broken splunk-logging `tag`-option in fargate platform version 1.4 (#13882) Set `splunk-tag` when `tag` is set. This will keep the API constant, however it will add an additional `splunk-tag` in the key-value `Options` property in `AWS::ECS::TaskDefinition`s - `LogConfiguration`. This is a very pragmatic approach. Feel free to suggest something else. closes #13881 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../lib/log-drivers/splunk-log-driver.ts | 1 + .../aws-ecs/test/splunk-log-driver.test.ts | 31 +++++++++++++++++++ 2 files changed, 32 insertions(+) diff --git a/packages/@aws-cdk/aws-ecs/lib/log-drivers/splunk-log-driver.ts b/packages/@aws-cdk/aws-ecs/lib/log-drivers/splunk-log-driver.ts index ecb4d9f0dd9c1..b536db6003ec3 100644 --- a/packages/@aws-cdk/aws-ecs/lib/log-drivers/splunk-log-driver.ts +++ b/packages/@aws-cdk/aws-ecs/lib/log-drivers/splunk-log-driver.ts @@ -145,6 +145,7 @@ export class SplunkLogDriver extends LogDriver { 'splunk-verify-connection': this.props.verifyConnection, 'splunk-gzip': this.props.gzip, 'splunk-gzip-level': this.props.gzipLevel, + 'splunk-tag': this.props.tag, ...renderCommonLogDriverOptions(this.props), }), }; diff --git a/packages/@aws-cdk/aws-ecs/test/splunk-log-driver.test.ts b/packages/@aws-cdk/aws-ecs/test/splunk-log-driver.test.ts index c8afd01daade1..fb1091a3ae027 100644 --- a/packages/@aws-cdk/aws-ecs/test/splunk-log-driver.test.ts +++ b/packages/@aws-cdk/aws-ecs/test/splunk-log-driver.test.ts @@ -103,4 +103,35 @@ nodeunitShim({ test.done(); }, + + 'create a splunk log driver using splunk-tag property when tag is defined'(test: Test) { + // WHEN + td.addContainer('Container', { + image, + logging: ecs.LogDrivers.splunk({ + token: cdk.SecretValue.secretsManager('my-splunk-token'), + url: 'my-splunk-url', + tag: 'abc', + }), + memoryLimitMiB: 128, + }); + + // THEN + expect(stack).to(haveResourceLike('AWS::ECS::TaskDefinition', { + ContainerDefinitions: [ + { + LogConfiguration: { + LogDriver: 'splunk', + Options: { + 'splunk-token': '{{resolve:secretsmanager:my-splunk-token:SecretString:::}}', + 'splunk-url': 'my-splunk-url', + 'splunk-tag': 'abc', + }, + }, + }, + ], + })); + + test.done(); + }, }); From ae4bfd13ec653f4bc31edf0919dc3a84d27b4fb8 Mon Sep 17 00:00:00 2001 From: Neta Nir Date: Tue, 30 Mar 2021 16:36:47 -0700 Subject: [PATCH 054/260] chore(release): 1.95.2 (#13885) see [CHANGELOG](https://github.com/aws/aws-cdk/blob/ebb5c7af622ab36f46e58103608dfc025a21691a/CHANGELOG.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- CHANGELOG.md | 4 ++++ version.v1.json | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3a949e3bfc65a..fdc020ee9a034 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,10 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [1.95.2](https://github.com/aws/aws-cdk/compare/v1.95.1...v1.95.2) (2021-03-30) + +* upgrade `netmask` dependency to address [CVE-2021-28918](https://github.com/advisories/GHSA-pch5-whg9-qr2r) ([#13874](https://github.com/aws/aws-cdk/pull/13874)) ([08de262](https://github.com/aws/aws-cdk/commit/08de26210e2a0f3a104da4afa42e8478f2d7d171)) + ## [1.95.1](https://github.com/aws/aws-cdk/compare/v1.95.0...v1.95.1) (2021-03-25) diff --git a/version.v1.json b/version.v1.json index cf4c9c13cf1bc..80981e652a8d5 100644 --- a/version.v1.json +++ b/version.v1.json @@ -1,3 +1,3 @@ { - "version": "1.95.1" + "version": "1.95.2" } From df5c133312cef3f40374488973361ca9ef3303f7 Mon Sep 17 00:00:00 2001 From: Neta Nir Date: Tue, 30 Mar 2021 17:30:52 -0700 Subject: [PATCH 055/260] revert: chore(release): 1.95.2 (#13886) Reverts aws/aws-cdk#13885 --- CHANGELOG.md | 4 ---- version.v1.json | 2 +- 2 files changed, 1 insertion(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index fdc020ee9a034..3a949e3bfc65a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,10 +2,6 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. -## [1.95.2](https://github.com/aws/aws-cdk/compare/v1.95.1...v1.95.2) (2021-03-30) - -* upgrade `netmask` dependency to address [CVE-2021-28918](https://github.com/advisories/GHSA-pch5-whg9-qr2r) ([#13874](https://github.com/aws/aws-cdk/pull/13874)) ([08de262](https://github.com/aws/aws-cdk/commit/08de26210e2a0f3a104da4afa42e8478f2d7d171)) - ## [1.95.1](https://github.com/aws/aws-cdk/compare/v1.95.0...v1.95.1) (2021-03-25) diff --git a/version.v1.json b/version.v1.json index 80981e652a8d5..cf4c9c13cf1bc 100644 --- a/version.v1.json +++ b/version.v1.json @@ -1,3 +1,3 @@ { - "version": "1.95.2" + "version": "1.95.1" } From 5c99d0d0e0fde00582e469b667265ebc9f5ef330 Mon Sep 17 00:00:00 2001 From: Adam Ruka Date: Wed, 31 Mar 2021 02:45:56 -0700 Subject: [PATCH 056/260] fix(dynamodb): table with replicas fails to deploy with "Unresolved resource dependencies" error (#13889) When creating the Custom Resources that implement the global tables functionality, we add dependencies between them, as you can't create replicas of the same Table concurrently. However, if the Stack the Table is part of is env-agnostic, we also add a CFN Condition to the Custom Resource that checks whether the given region is the deployed-to region, and skip creating the replica in that case (as the Table itself acts as the replica in this case). But that Condition is not compatible with the dependency clause, as the resource will not exist if the Condition is false. Use a trick, and instead of using a DependsOn, add a CFN metadata that refers to the other Custom Resource through a Ref expression, which adds an implicit dependency, and wrap the entire Metadata in a Fn::If, guarded by the same Condition the other Custom Resource uses. Noticed by a customer in https://github.com/aws/aws-cdk/issues/13671#issuecomment-810538273. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-dynamodb/lib/table.ts | 23 +++++++++++++++---- ....global-replicas-provisioned.expected.json | 14 ++++++++++- 2 files changed, 32 insertions(+), 5 deletions(-) diff --git a/packages/@aws-cdk/aws-dynamodb/lib/table.ts b/packages/@aws-cdk/aws-dynamodb/lib/table.ts index a958bf135546e..ed8f6a786d03c 100644 --- a/packages/@aws-cdk/aws-dynamodb/lib/table.ts +++ b/packages/@aws-cdk/aws-dynamodb/lib/table.ts @@ -3,7 +3,7 @@ import * as cloudwatch from '@aws-cdk/aws-cloudwatch'; import * as iam from '@aws-cdk/aws-iam'; import * as kms from '@aws-cdk/aws-kms'; import { - Aws, CfnCondition, CfnCustomResource, CustomResource, Duration, + Aws, CfnCondition, CfnCustomResource, CfnResource, CustomResource, Duration, Fn, IResource, Lazy, Names, RemovalPolicy, Resource, Stack, Token, } from '@aws-cdk/core'; import { Construct } from 'constructs'; @@ -1477,7 +1477,8 @@ export class Table extends TableBase { this.grant(onEventHandlerPolicy, 'dynamodb:*'); this.grant(isCompleteHandlerPolicy, 'dynamodb:DescribeTable'); - let previousRegion; + let previousRegion: CustomResource | undefined; + let previousRegionCondition: CfnCondition | undefined; for (const region of new Set(regions)) { // Remove duplicates // Use multiple custom resources because multiple create/delete // updates cannot be combined in a single API call. @@ -1498,8 +1499,9 @@ export class Table extends TableBase { // Deploy time check to prevent from creating a replica in the region // where this stack is deployed. Only needed for environment agnostic // stacks. + let createReplica: CfnCondition | undefined; if (Token.isUnresolved(stack.region)) { - const createReplica = new CfnCondition(this, `StackRegionNotEquals${region}`, { + createReplica = new CfnCondition(this, `StackRegionNotEquals${region}`, { expression: Fn.conditionNot(Fn.conditionEquals(region, Aws.REGION)), }); const cfnCustomResource = currentRegion.node.defaultChild as CfnCustomResource; @@ -1518,9 +1520,22 @@ export class Table extends TableBase { // have multiple table updates at the same time. The `isCompleteHandler` // of the provider waits until the replica is in an ACTIVE state. if (previousRegion) { - currentRegion.node.addDependency(previousRegion); + if (previousRegionCondition) { + // we can't simply use a Dependency, + // because the previousRegion is protected by the "different region" Condition, + // and you can't have Fn::If in DependsOn. + // Instead, rely on Ref adding a dependency implicitly! + const previousRegionCfnResource = previousRegion.node.defaultChild as CfnResource; + const currentRegionCfnResource = currentRegion.node.defaultChild as CfnResource; + currentRegionCfnResource.addMetadata('DynamoDbReplicationDependency', + Fn.conditionIf(previousRegionCondition.logicalId, previousRegionCfnResource.ref, Aws.NO_VALUE)); + } else { + currentRegion.node.addDependency(previousRegion); + } } + previousRegion = currentRegion; + previousRegionCondition = createReplica; } // Permissions in the destination regions (outside of the loop to diff --git a/packages/@aws-cdk/aws-dynamodb/test/integ.global-replicas-provisioned.expected.json b/packages/@aws-cdk/aws-dynamodb/test/integ.global-replicas-provisioned.expected.json index af1e8defceed6..ce43b532ea7c6 100644 --- a/packages/@aws-cdk/aws-dynamodb/test/integ.global-replicas-provisioned.expected.json +++ b/packages/@aws-cdk/aws-dynamodb/test/integ.global-replicas-provisioned.expected.json @@ -199,7 +199,6 @@ "Region": "eu-west-3" }, "DependsOn": [ - "TableReplicauseast28A15C236", "TableSourceTableAttachedManagedPolicyawscdkdynamodbglobalreplicasprovisionedawscdkawsdynamodbReplicaProviderIsCompleteHandlerServiceRoleBE2B1C1A5DC546D2", "TableSourceTableAttachedManagedPolicyawscdkdynamodbglobalreplicasprovisionedawscdkawsdynamodbReplicaProviderOnEventHandlerServiceRoleD9856B771F8F2CCB", "TableWriteScalingTargetE5669214", @@ -207,6 +206,19 @@ ], "UpdateReplacePolicy": "Delete", "DeletionPolicy": "Delete", + "Metadata": { + "DynamoDbReplicationDependency": { + "Fn::If": [ + "TableStackRegionNotEqualsuseast2D20A1E77", + { + "Ref": "TableReplicauseast28A15C236" + }, + { + "Ref": "AWS::NoValue" + } + ] + } + }, "Condition": "TableStackRegionNotEqualseuwest302B3591C" }, "TableWriteScalingTargetE5669214": { From 7108c3ae6a71202a382e0e8d6d76c9233d083b65 Mon Sep 17 00:00:00 2001 From: AWS CDK Automation <43080478+aws-cdk-automation@users.noreply.github.com> Date: Wed, 31 Mar 2021 16:24:15 +0200 Subject: [PATCH 057/260] chore: npm-check-updates && yarn upgrade (#13905) Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date. --- packages/@aws-cdk/assert/package.json | 2 +- .../package.json | 2 +- .../@aws-cdk/aws-cloudformation/package.json | 2 +- .../aws-global-table-coordinator/package.json | 2 +- packages/@aws-cdk/aws-dynamodb/package.json | 2 +- .../@aws-cdk/aws-lambda-nodejs/package.json | 2 +- packages/@aws-cdk/aws-lambda/package.json | 2 +- .../@aws-cdk/aws-s3-deployment/package.json | 2 +- packages/@aws-cdk/aws-sam/package.json | 2 +- .../@aws-cdk/cdk-assets-schema/package.json | 2 +- .../cloud-assembly-schema/package.json | 2 +- .../@aws-cdk/cloudformation-diff/package.json | 4 +- .../cloudformation-include/package.json | 2 +- packages/@aws-cdk/core/package.json | 4 +- .../@aws-cdk/custom-resources/package.json | 2 +- packages/@aws-cdk/cx-api/package.json | 2 +- packages/@aws-cdk/yaml-cfn/package.json | 2 +- .../@monocdk-experiment/assert/package.json | 4 +- .../rewrite-imports/package.json | 4 +- packages/aws-cdk-lib/package.json | 2 +- packages/aws-cdk/package.json | 10 +- packages/cdk-assets/package.json | 4 +- packages/cdk-dasm/package.json | 2 +- packages/decdk/package.json | 2 +- packages/monocdk/package.json | 2 +- tools/cdk-build-tools/package.json | 8 +- tools/cfn2ts/package.json | 2 +- tools/eslint-plugin-cdk/package.json | 10 +- tools/nodeunit-shim/package.json | 4 +- tools/yarn-cling/package.json | 4 +- yarn.lock | 204 ++++++++++++------ 31 files changed, 185 insertions(+), 115 deletions(-) diff --git a/packages/@aws-cdk/assert/package.json b/packages/@aws-cdk/assert/package.json index def55461299b0..40ba792dc1f74 100644 --- a/packages/@aws-cdk/assert/package.json +++ b/packages/@aws-cdk/assert/package.json @@ -21,7 +21,7 @@ }, "license": "Apache-2.0", "devDependencies": { - "@types/jest": "^26.0.21", + "@types/jest": "^26.0.22", "cdk-build-tools": "0.0.0", "jest": "^26.6.3", "pkglint": "0.0.0", diff --git a/packages/@aws-cdk/aws-certificatemanager/lambda-packages/dns_validated_certificate_handler/package.json b/packages/@aws-cdk/aws-certificatemanager/lambda-packages/dns_validated_certificate_handler/package.json index 0ccfbcc561479..fd561b065d25e 100644 --- a/packages/@aws-cdk/aws-certificatemanager/lambda-packages/dns_validated_certificate_handler/package.json +++ b/packages/@aws-cdk/aws-certificatemanager/lambda-packages/dns_validated_certificate_handler/package.json @@ -29,7 +29,7 @@ "devDependencies": { "aws-sdk": "^2.596.0", "aws-sdk-mock": "^5.1.0", - "eslint": "^7.22.0", + "eslint": "^7.23.0", "eslint-config-standard": "^14.1.1", "eslint-plugin-import": "^2.22.1", "eslint-plugin-node": "^11.1.0", diff --git a/packages/@aws-cdk/aws-cloudformation/package.json b/packages/@aws-cdk/aws-cloudformation/package.json index b7afa856758b4..ee1f4477ed421 100644 --- a/packages/@aws-cdk/aws-cloudformation/package.json +++ b/packages/@aws-cdk/aws-cloudformation/package.json @@ -73,7 +73,7 @@ "@aws-cdk/aws-sns-subscriptions": "0.0.0", "@aws-cdk/aws-sqs": "0.0.0", "@aws-cdk/aws-ssm": "0.0.0", - "@types/aws-lambda": "^8.10.72", + "@types/aws-lambda": "^8.10.73", "@types/nodeunit": "^0.0.31", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", diff --git a/packages/@aws-cdk/aws-dynamodb-global/lambda-packages/aws-global-table-coordinator/package.json b/packages/@aws-cdk/aws-dynamodb-global/lambda-packages/aws-global-table-coordinator/package.json index 2753afe5af09f..d67e31884cd8a 100644 --- a/packages/@aws-cdk/aws-dynamodb-global/lambda-packages/aws-global-table-coordinator/package.json +++ b/packages/@aws-cdk/aws-dynamodb-global/lambda-packages/aws-global-table-coordinator/package.json @@ -29,7 +29,7 @@ "devDependencies": { "aws-sdk": "^2.596.0", "aws-sdk-mock": "^5.1.0", - "eslint": "^7.22.0", + "eslint": "^7.23.0", "eslint-config-standard": "^14.1.1", "eslint-plugin-import": "^2.22.1", "eslint-plugin-node": "^11.1.0", diff --git a/packages/@aws-cdk/aws-dynamodb/package.json b/packages/@aws-cdk/aws-dynamodb/package.json index 344a68f7e3a96..e59e48a6461f9 100644 --- a/packages/@aws-cdk/aws-dynamodb/package.json +++ b/packages/@aws-cdk/aws-dynamodb/package.json @@ -72,7 +72,7 @@ "license": "Apache-2.0", "devDependencies": { "@aws-cdk/assert": "0.0.0", - "@types/jest": "^26.0.21", + "@types/jest": "^26.0.22", "aws-sdk": "^2.848.0", "aws-sdk-mock": "^5.1.0", "cdk-build-tools": "0.0.0", diff --git a/packages/@aws-cdk/aws-lambda-nodejs/package.json b/packages/@aws-cdk/aws-lambda-nodejs/package.json index d8e6780a6faac..4fc08212d2961 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/package.json +++ b/packages/@aws-cdk/aws-lambda-nodejs/package.json @@ -67,7 +67,7 @@ "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "delay": "5.0.0", - "esbuild": "^0.9.6", + "esbuild": "^0.11.2", "pkglint": "0.0.0" }, "dependencies": { diff --git a/packages/@aws-cdk/aws-lambda/package.json b/packages/@aws-cdk/aws-lambda/package.json index 667068af6bcf1..48b706274796e 100644 --- a/packages/@aws-cdk/aws-lambda/package.json +++ b/packages/@aws-cdk/aws-lambda/package.json @@ -76,7 +76,7 @@ "license": "Apache-2.0", "devDependencies": { "@aws-cdk/assert": "0.0.0", - "@types/aws-lambda": "^8.10.72", + "@types/aws-lambda": "^8.10.73", "@types/lodash": "^4.14.168", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", diff --git a/packages/@aws-cdk/aws-s3-deployment/package.json b/packages/@aws-cdk/aws-s3-deployment/package.json index 1474657a73322..71dabe9caf6e0 100644 --- a/packages/@aws-cdk/aws-s3-deployment/package.json +++ b/packages/@aws-cdk/aws-s3-deployment/package.json @@ -79,7 +79,7 @@ "devDependencies": { "@aws-cdk/assert": "0.0.0", "@aws-cdk/cx-api": "0.0.0", - "@types/jest": "^26.0.21", + "@types/jest": "^26.0.22", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "jest": "^26.6.3", diff --git a/packages/@aws-cdk/aws-sam/package.json b/packages/@aws-cdk/aws-sam/package.json index 4b0b0c44b92e0..b6f36a639ba2a 100644 --- a/packages/@aws-cdk/aws-sam/package.json +++ b/packages/@aws-cdk/aws-sam/package.json @@ -73,7 +73,7 @@ "license": "Apache-2.0", "devDependencies": { "@aws-cdk/assert": "0.0.0", - "@types/jest": "^26.0.21", + "@types/jest": "^26.0.22", "cdk-build-tools": "0.0.0", "cfn2ts": "0.0.0", "jest": "^26.6.3", diff --git a/packages/@aws-cdk/cdk-assets-schema/package.json b/packages/@aws-cdk/cdk-assets-schema/package.json index 80be64f4b67d3..1016f2d99ff1f 100644 --- a/packages/@aws-cdk/cdk-assets-schema/package.json +++ b/packages/@aws-cdk/cdk-assets-schema/package.json @@ -50,7 +50,7 @@ }, "license": "Apache-2.0", "devDependencies": { - "@types/jest": "^26.0.21", + "@types/jest": "^26.0.22", "cdk-build-tools": "0.0.0", "jest": "^26.6.3", "pkglint": "0.0.0" diff --git a/packages/@aws-cdk/cloud-assembly-schema/package.json b/packages/@aws-cdk/cloud-assembly-schema/package.json index 9608d3fe6c8e0..08097a47c767d 100644 --- a/packages/@aws-cdk/cloud-assembly-schema/package.json +++ b/packages/@aws-cdk/cloud-assembly-schema/package.json @@ -58,7 +58,7 @@ }, "license": "Apache-2.0", "devDependencies": { - "@types/jest": "^26.0.21", + "@types/jest": "^26.0.22", "@types/mock-fs": "^4.13.0", "cdk-build-tools": "0.0.0", "jest": "^26.6.3", diff --git a/packages/@aws-cdk/cloudformation-diff/package.json b/packages/@aws-cdk/cloudformation-diff/package.json index d781b061ff175..5b4afe8d0dcc4 100644 --- a/packages/@aws-cdk/cloudformation-diff/package.json +++ b/packages/@aws-cdk/cloudformation-diff/package.json @@ -26,10 +26,10 @@ "diff": "^5.0.0", "fast-deep-equal": "^3.1.3", "string-width": "^4.2.2", - "table": "^6.0.7" + "table": "^6.0.9" }, "devDependencies": { - "@types/jest": "^26.0.21", + "@types/jest": "^26.0.22", "@types/string-width": "^4.0.1", "@types/table": "^6.0.0", "cdk-build-tools": "0.0.0", diff --git a/packages/@aws-cdk/cloudformation-include/package.json b/packages/@aws-cdk/cloudformation-include/package.json index 6ec40598cac62..b9b82e67f55a3 100644 --- a/packages/@aws-cdk/cloudformation-include/package.json +++ b/packages/@aws-cdk/cloudformation-include/package.json @@ -368,7 +368,7 @@ }, "devDependencies": { "@aws-cdk/assert": "0.0.0", - "@types/jest": "^26.0.21", + "@types/jest": "^26.0.22", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "jest": "^26.6.3", diff --git a/packages/@aws-cdk/core/package.json b/packages/@aws-cdk/core/package.json index 26be28dcd023d..fb821664abaf5 100644 --- a/packages/@aws-cdk/core/package.json +++ b/packages/@aws-cdk/core/package.json @@ -175,8 +175,8 @@ "license": "Apache-2.0", "devDependencies": { "@types/lodash": "^4.14.168", - "@types/minimatch": "^3.0.3", - "@types/node": "^10.17.55", + "@types/minimatch": "^3.0.4", + "@types/node": "^10.17.56", "@types/sinon": "^9.0.11", "cdk-build-tools": "0.0.0", "cfn2ts": "0.0.0", diff --git a/packages/@aws-cdk/custom-resources/package.json b/packages/@aws-cdk/custom-resources/package.json index cd26828aa92a5..9ba8ada806d57 100644 --- a/packages/@aws-cdk/custom-resources/package.json +++ b/packages/@aws-cdk/custom-resources/package.json @@ -75,7 +75,7 @@ "@aws-cdk/aws-events": "0.0.0", "@aws-cdk/aws-s3": "0.0.0", "@aws-cdk/aws-ssm": "0.0.0", - "@types/aws-lambda": "^8.10.72", + "@types/aws-lambda": "^8.10.73", "@types/fs-extra": "^8.1.1", "@types/sinon": "^9.0.11", "aws-sdk": "^2.848.0", diff --git a/packages/@aws-cdk/cx-api/package.json b/packages/@aws-cdk/cx-api/package.json index e054eeb2a3766..5b3f241e06afe 100644 --- a/packages/@aws-cdk/cx-api/package.json +++ b/packages/@aws-cdk/cx-api/package.json @@ -64,7 +64,7 @@ }, "license": "Apache-2.0", "devDependencies": { - "@types/jest": "^26.0.21", + "@types/jest": "^26.0.22", "@types/mock-fs": "^4.13.0", "@types/semver": "^7.3.4", "cdk-build-tools": "0.0.0", diff --git a/packages/@aws-cdk/yaml-cfn/package.json b/packages/@aws-cdk/yaml-cfn/package.json index 7fc68d44a23af..f10beb171366c 100644 --- a/packages/@aws-cdk/yaml-cfn/package.json +++ b/packages/@aws-cdk/yaml-cfn/package.json @@ -67,7 +67,7 @@ }, "devDependencies": { "@aws-cdk/assert": "0.0.0", - "@types/jest": "^26.0.21", + "@types/jest": "^26.0.22", "@types/yaml": "^1.9.7", "cdk-build-tools": "0.0.0", "jest": "^26.6.3", diff --git a/packages/@monocdk-experiment/assert/package.json b/packages/@monocdk-experiment/assert/package.json index 8f028a635dba0..ea6e9e6a43059 100644 --- a/packages/@monocdk-experiment/assert/package.json +++ b/packages/@monocdk-experiment/assert/package.json @@ -34,8 +34,8 @@ "license": "Apache-2.0", "devDependencies": { "@monocdk-experiment/rewrite-imports": "0.0.0", - "@types/jest": "^26.0.21", - "@types/node": "^10.17.55", + "@types/jest": "^26.0.22", + "@types/node": "^10.17.56", "cdk-build-tools": "0.0.0", "constructs": "^3.3.69", "jest": "^26.6.3", diff --git a/packages/@monocdk-experiment/rewrite-imports/package.json b/packages/@monocdk-experiment/rewrite-imports/package.json index 6c8a2788e1f53..17db78f91896d 100644 --- a/packages/@monocdk-experiment/rewrite-imports/package.json +++ b/packages/@monocdk-experiment/rewrite-imports/package.json @@ -37,8 +37,8 @@ }, "devDependencies": { "@types/glob": "^7.1.3", - "@types/jest": "^26.0.21", - "@types/node": "^10.17.55", + "@types/jest": "^26.0.22", + "@types/node": "^10.17.56", "cdk-build-tools": "0.0.0", "pkglint": "0.0.0" }, diff --git a/packages/aws-cdk-lib/package.json b/packages/aws-cdk-lib/package.json index be2c9d0b7b87f..cef21953bf34a 100644 --- a/packages/aws-cdk-lib/package.json +++ b/packages/aws-cdk-lib/package.json @@ -292,7 +292,7 @@ "@aws-cdk/region-info": "0.0.0", "@aws-cdk/yaml-cfn": "0.0.0", "@types/fs-extra": "^8.1.1", - "@types/node": "^10.17.55", + "@types/node": "^10.17.56", "cdk-build-tools": "0.0.0", "constructs": "^3.3.69", "fs-extra": "^9.1.0", diff --git a/packages/aws-cdk/package.json b/packages/aws-cdk/package.json index 58d3863cc454b..29da596ef45bd 100644 --- a/packages/aws-cdk/package.json +++ b/packages/aws-cdk/package.json @@ -39,14 +39,14 @@ "license": "Apache-2.0", "devDependencies": { "@aws-cdk/core": "0.0.0", - "@octokit/rest": "^18.3.5", + "@octokit/rest": "^18.5.2", "@types/archiver": "^5.1.0", "@types/fs-extra": "^8.1.1", "@types/glob": "^7.1.3", - "@types/jest": "^26.0.21", - "@types/minimatch": "^3.0.3", + "@types/jest": "^26.0.22", + "@types/minimatch": "^3.0.4", "@types/mockery": "^1.4.29", - "@types/node": "^10.17.55", + "@types/node": "^10.17.56", "@types/promptly": "^3.0.1", "@types/semver": "^7.3.4", "@types/sinon": "^9.0.11", @@ -86,7 +86,7 @@ "proxy-agent": "^4.0.1", "semver": "^7.3.5", "source-map-support": "^0.5.19", - "table": "^6.0.7", + "table": "^6.0.9", "uuid": "^8.3.2", "wrap-ansi": "^7.0.0", "yargs": "^16.2.0" diff --git a/packages/cdk-assets/package.json b/packages/cdk-assets/package.json index 6df6c69730a29..5d685e1d8c8b0 100644 --- a/packages/cdk-assets/package.json +++ b/packages/cdk-assets/package.json @@ -32,10 +32,10 @@ "devDependencies": { "@types/archiver": "^5.1.0", "@types/glob": "^7.1.3", - "@types/jest": "^26.0.21", + "@types/jest": "^26.0.22", "@types/jszip": "^3.4.1", "@types/mock-fs": "^4.13.0", - "@types/node": "^10.17.55", + "@types/node": "^10.17.56", "@types/yargs": "^15.0.13", "cdk-build-tools": "0.0.0", "jest": "^26.6.3", diff --git a/packages/cdk-dasm/package.json b/packages/cdk-dasm/package.json index bb3fe012382df..2d0a216158e44 100644 --- a/packages/cdk-dasm/package.json +++ b/packages/cdk-dasm/package.json @@ -30,7 +30,7 @@ "yaml": "1.10.2" }, "devDependencies": { - "@types/jest": "^26.0.21", + "@types/jest": "^26.0.22", "@types/yaml": "1.9.7", "jest": "^26.6.3" }, diff --git a/packages/decdk/package.json b/packages/decdk/package.json index 62d20f552353b..055a1e1af08b2 100644 --- a/packages/decdk/package.json +++ b/packages/decdk/package.json @@ -221,7 +221,7 @@ }, "devDependencies": { "@types/fs-extra": "^8.1.1", - "@types/jest": "^26.0.21", + "@types/jest": "^26.0.22", "@types/yaml": "1.9.7", "@types/yargs": "^15.0.13", "jest": "^26.6.3", diff --git a/packages/monocdk/package.json b/packages/monocdk/package.json index fc542a6dee2b9..ce9057690ff00 100644 --- a/packages/monocdk/package.json +++ b/packages/monocdk/package.json @@ -297,7 +297,7 @@ "@aws-cdk/region-info": "0.0.0", "@aws-cdk/yaml-cfn": "0.0.0", "@types/fs-extra": "^8.1.1", - "@types/node": "^10.17.55", + "@types/node": "^10.17.56", "cdk-build-tools": "0.0.0", "constructs": "^3.3.69", "fs-extra": "^9.1.0", diff --git a/tools/cdk-build-tools/package.json b/tools/cdk-build-tools/package.json index e77b0bd3e2cdb..f061a6249a738 100644 --- a/tools/cdk-build-tools/package.json +++ b/tools/cdk-build-tools/package.json @@ -34,16 +34,16 @@ "license": "Apache-2.0", "devDependencies": { "@types/fs-extra": "^8.1.1", - "@types/jest": "^26.0.21", + "@types/jest": "^26.0.22", "@types/yargs": "^15.0.13", "pkglint": "0.0.0" }, "dependencies": { - "@typescript-eslint/eslint-plugin": "^4.19.0", - "@typescript-eslint/parser": "^4.19.0", + "@typescript-eslint/eslint-plugin": "^4.20.0", + "@typescript-eslint/parser": "^4.20.0", "awslint": "0.0.0", "colors": "^1.4.0", - "eslint": "^7.22.0", + "eslint": "^7.23.0", "eslint-import-resolver-node": "^0.3.4", "eslint-import-resolver-typescript": "^2.4.0", "eslint-plugin-cdk": "0.0.0", diff --git a/tools/cfn2ts/package.json b/tools/cfn2ts/package.json index ad6f7eff24004..847f25acebeb5 100644 --- a/tools/cfn2ts/package.json +++ b/tools/cfn2ts/package.json @@ -37,7 +37,7 @@ }, "devDependencies": { "@types/fs-extra": "^8.1.1", - "@types/jest": "^26.0.21", + "@types/jest": "^26.0.22", "@types/yargs": "^15.0.13", "cdk-build-tools": "0.0.0", "jest": "^26.6.3", diff --git a/tools/eslint-plugin-cdk/package.json b/tools/eslint-plugin-cdk/package.json index b96543cec5c2c..78b9364bebf39 100644 --- a/tools/eslint-plugin-cdk/package.json +++ b/tools/eslint-plugin-cdk/package.json @@ -12,17 +12,17 @@ "build+test": "npm run build && npm test" }, "devDependencies": { - "@types/eslint": "^7.2.7", + "@types/eslint": "^7.2.8", "@types/fs-extra": "^8.1.1", - "@types/jest": "^26.0.21", - "@types/node": "^10.17.55", + "@types/jest": "^26.0.22", + "@types/node": "^10.17.56", "eslint-plugin-rulesdir": "^0.2.0", "jest": "^26.6.3", "typescript": "~3.9.9" }, "dependencies": { - "@typescript-eslint/parser": "^4.19.0", - "eslint": "^7.22.0", + "@typescript-eslint/parser": "^4.20.0", + "eslint": "^7.23.0", "fs-extra": "^9.1.0" }, "jest": { diff --git a/tools/nodeunit-shim/package.json b/tools/nodeunit-shim/package.json index c576c1271a271..58424e094b085 100644 --- a/tools/nodeunit-shim/package.json +++ b/tools/nodeunit-shim/package.json @@ -12,8 +12,8 @@ "build+test": "npm run build && npm test" }, "devDependencies": { - "@types/jest": "^26.0.21", - "@types/node": "^10.17.55", + "@types/jest": "^26.0.22", + "@types/node": "^10.17.56", "typescript": "~3.9.9" }, "dependencies": { diff --git a/tools/yarn-cling/package.json b/tools/yarn-cling/package.json index ceeacb4544b08..151a4bd84e65b 100644 --- a/tools/yarn-cling/package.json +++ b/tools/yarn-cling/package.json @@ -38,8 +38,8 @@ ] }, "devDependencies": { - "@types/jest": "^26.0.21", - "@types/node": "^10.17.55", + "@types/jest": "^26.0.22", + "@types/node": "^10.17.56", "@types/yarnpkg__lockfile": "^1.1.4", "jest": "^26.6.3", "pkglint": "0.0.0", diff --git a/yarn.lock b/yarn.lock index 11d022227b7d1..07db37c22796e 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1314,6 +1314,11 @@ resolved "https://registry.yarnpkg.com/@octokit/openapi-types/-/openapi-types-5.3.2.tgz#b8ac43c5c3d00aef61a34cf744e315110c78deb4" integrity sha512-NxF1yfYOUO92rCx3dwvA2onF30Vdlg7YUkMVXkeptqpzA3tRLplThhFleV/UKWFgh7rpKu1yYRbvNDUtzSopKA== +"@octokit/openapi-types@^6.0.0": + version "6.0.0" + resolved "https://registry.yarnpkg.com/@octokit/openapi-types/-/openapi-types-6.0.0.tgz#7da8d7d5a72d3282c1a3ff9f951c8133a707480d" + integrity sha512-CnDdK7ivHkBtJYzWzZm7gEkanA7gKH6a09Eguz7flHw//GacPJLmkHA3f3N++MJmlxD1Fl+mB7B32EEpSCwztQ== + "@octokit/plugin-enterprise-rest@^6.0.1": version "6.0.1" resolved "https://registry.yarnpkg.com/@octokit/plugin-enterprise-rest/-/plugin-enterprise-rest-6.0.1.tgz#e07896739618dab8da7d4077c658003775f95437" @@ -1339,6 +1344,14 @@ "@octokit/types" "^6.12.2" deprecation "^2.3.1" +"@octokit/plugin-rest-endpoint-methods@5.0.0": + version "5.0.0" + resolved "https://registry.yarnpkg.com/@octokit/plugin-rest-endpoint-methods/-/plugin-rest-endpoint-methods-5.0.0.tgz#cf2cdeb24ea829c31688216a5b165010b61f9a98" + integrity sha512-Jc7CLNUueIshXT+HWt6T+M0sySPjF32mSFQAK7UfAg8qGeRI6OM1GSBxDLwbXjkqy2NVdnqCedJcP1nC785JYg== + dependencies: + "@octokit/types" "^6.13.0" + deprecation "^2.3.1" + "@octokit/request-error@^2.0.0", "@octokit/request-error@^2.0.5": version "2.0.5" resolved "https://registry.yarnpkg.com/@octokit/request-error/-/request-error-2.0.5.tgz#72cc91edc870281ad583a42619256b380c600143" @@ -1362,7 +1375,7 @@ once "^1.4.0" universal-user-agent "^6.0.0" -"@octokit/rest@^18.1.0", "@octokit/rest@^18.3.5": +"@octokit/rest@^18.1.0": version "18.3.5" resolved "https://registry.yarnpkg.com/@octokit/rest/-/rest-18.3.5.tgz#a89903d46e0b4273bd3234674ec2777a651d68ab" integrity sha512-ZPeRms3WhWxQBEvoIh0zzf8xdU2FX0Capa7+lTca8YHmRsO3QNJzf1H3PcuKKsfgp91/xVDRtX91sTe1kexlbw== @@ -1372,6 +1385,16 @@ "@octokit/plugin-request-log" "^1.0.2" "@octokit/plugin-rest-endpoint-methods" "4.13.5" +"@octokit/rest@^18.5.2": + version "18.5.2" + resolved "https://registry.yarnpkg.com/@octokit/rest/-/rest-18.5.2.tgz#0369e554b7076e3749005147be94c661c7a5a74b" + integrity sha512-Kz03XYfKS0yYdi61BkL9/aJ0pP2A/WK5vF/syhu9/kY30J8He3P68hv9GRpn8bULFx2K0A9MEErn4v3QEdbZcw== + dependencies: + "@octokit/core" "^3.2.3" + "@octokit/plugin-paginate-rest" "^2.6.2" + "@octokit/plugin-request-log" "^1.0.2" + "@octokit/plugin-rest-endpoint-methods" "5.0.0" + "@octokit/types@^6.0.3", "@octokit/types@^6.11.0", "@octokit/types@^6.12.2", "@octokit/types@^6.7.1": version "6.12.2" resolved "https://registry.yarnpkg.com/@octokit/types/-/types-6.12.2.tgz#5b44add079a478b8eb27d78cf384cc47e4411362" @@ -1379,6 +1402,13 @@ dependencies: "@octokit/openapi-types" "^5.3.2" +"@octokit/types@^6.13.0": + version "6.13.0" + resolved "https://registry.yarnpkg.com/@octokit/types/-/types-6.13.0.tgz#779e5b7566c8dde68f2f6273861dd2f0409480d0" + integrity sha512-W2J9qlVIU11jMwKHUp5/rbVUeErqelCsO5vW5PKNb7wAXQVUz87Rc+imjlEvpvbH8yUb+KHmv8NEjVZdsdpyxA== + dependencies: + "@octokit/openapi-types" "^6.0.0" + "@sinonjs/commons@^1.6.0", "@sinonjs/commons@^1.7.0", "@sinonjs/commons@^1.8.1": version "1.8.2" resolved "https://registry.yarnpkg.com/@sinonjs/commons/-/commons-1.8.2.tgz#858f5c4b48d80778fde4b9d541f27edc0d56488b" @@ -1419,10 +1449,10 @@ dependencies: "@types/glob" "*" -"@types/aws-lambda@^8.10.72": - version "8.10.72" - resolved "https://registry.yarnpkg.com/@types/aws-lambda/-/aws-lambda-8.10.72.tgz#af2a6eeaf39be9674e3856f1870d9d15cf75e2e0" - integrity sha512-jOrTwAhSiUtBIN/QsWNKlI4+4aDtpZ0sr2BRvKW6XQZdspgHUSHPcuzxbzCRiHUiDQ+0026u5TSE38VyIhNnfA== +"@types/aws-lambda@^8.10.73": + version "8.10.73" + resolved "https://registry.yarnpkg.com/@types/aws-lambda/-/aws-lambda-8.10.73.tgz#77773c9accb2cec26fcb7c6b510a555805604a53" + integrity sha512-P+a6TRQbRnVQOIjWkmw6F23wiJcF+4Uniasbzx7NAXjLQCVGx/Z4VoMfit81/pxlmcXNxAMGuYPugn6CrJLilQ== "@types/babel__core@^7.0.0", "@types/babel__core@^7.1.7": version "7.1.13" @@ -1457,10 +1487,10 @@ dependencies: "@babel/types" "^7.3.0" -"@types/eslint@^7.2.7": - version "7.2.7" - resolved "https://registry.yarnpkg.com/@types/eslint/-/eslint-7.2.7.tgz#f7ef1cf0dceab0ae6f9a976a0a9af14ab1baca26" - integrity sha512-EHXbc1z2GoQRqHaAT7+grxlTJ3WE2YNeD6jlpPoRc83cCoThRY+NUWjCUZaYmk51OICkPXn2hhphcWcWXgNW0Q== +"@types/eslint@^7.2.8": + version "7.2.8" + resolved "https://registry.yarnpkg.com/@types/eslint/-/eslint-7.2.8.tgz#45cd802380fcc352e5680e1781d43c50916f12ee" + integrity sha512-RTKvBsfz0T8CKOGZMfuluDNyMFHnu5lvNr4hWEsQeHXH6FcmIDIozOyWMh36nLGMwVd5UFNXC2xztA8lln22MQ== dependencies: "@types/estree" "*" "@types/json-schema" "*" @@ -1511,10 +1541,10 @@ dependencies: "@types/istanbul-lib-report" "*" -"@types/jest@^26.0.21": - version "26.0.21" - resolved "https://registry.yarnpkg.com/@types/jest/-/jest-26.0.21.tgz#3a73c2731e7e4f0fbaea56ce7ff8c79cf812bd24" - integrity sha512-ab9TyM/69yg7eew9eOwKMUmvIZAKEGZYlq/dhe5/0IMUd/QLJv5ldRMdddSn+u22N13FP3s5jYyktxuBwY0kDA== +"@types/jest@^26.0.22": + version "26.0.22" + resolved "https://registry.yarnpkg.com/@types/jest/-/jest-26.0.22.tgz#8308a1debdf1b807aa47be2838acdcd91e88fbe6" + integrity sha512-eeWwWjlqxvBxc4oQdkueW5OF/gtfSceKk4OnOAGlUSwS/liBRtZppbJuz1YkgbrbfGOoeBHun9fOvXnjNwrSOw== dependencies: jest-diff "^26.0.0" pretty-format "^26.0.0" @@ -1553,6 +1583,11 @@ resolved "https://registry.yarnpkg.com/@types/minimatch/-/minimatch-3.0.3.tgz#3dca0e3f33b200fc7d1139c0cd96c1268cadfd9d" integrity sha512-tHq6qdbT9U1IRSGf14CL0pUlULksvY9OZ+5eEgl1N7t+OA3tGvNpxJCzuKQlsNgCVwbAs670L1vcVQi8j9HjnA== +"@types/minimatch@^3.0.4": + version "3.0.4" + resolved "https://registry.yarnpkg.com/@types/minimatch/-/minimatch-3.0.4.tgz#f0ec25dbf2f0e4b18647313ac031134ca5b24b21" + integrity sha512-1z8k4wzFnNjVK/tlxvrWuK5WMt6mydWWP7+zvH5eFep4oj+UkrfiJTRtjCeBXNpwaA/FYqqtb4/QS4ianFpIRA== + "@types/minimist@^1.2.0": version "1.2.1" resolved "https://registry.yarnpkg.com/@types/minimist/-/minimist-1.2.1.tgz#283f669ff76d7b8260df8ab7a4262cc83d988256" @@ -1575,10 +1610,10 @@ resolved "https://registry.yarnpkg.com/@types/node/-/node-14.14.35.tgz#42c953a4e2b18ab931f72477e7012172f4ffa313" integrity sha512-Lt+wj8NVPx0zUmUwumiVXapmaLUcAk3yPuHCFVXras9k5VT9TdhJqKqGVUQCD60OTMCl0qxJ57OiTL0Mic3Iag== -"@types/node@^10.17.55": - version "10.17.55" - resolved "https://registry.yarnpkg.com/@types/node/-/node-10.17.55.tgz#a147f282edec679b894d4694edb5abeb595fecbd" - integrity sha512-koZJ89uLZufDvToeWO5BrC4CR4OUfHnUz2qoPs/daQH6qq3IN62QFxCTZ+bKaCE0xaoCAJYE4AXre8AbghCrhg== +"@types/node@^10.17.56": + version "10.17.56" + resolved "https://registry.yarnpkg.com/@types/node/-/node-10.17.56.tgz#010c9e047c3ff09ddcd11cbb6cf5912725cdc2b3" + integrity sha512-LuAa6t1t0Bfw4CuSR0UITsm1hP17YL+u82kfHGrHUWdhlBtH7sa7jGY5z7glGaIj/WDYDkRtgGd+KCjCzxBW1w== "@types/nodeunit@^0.0.31": version "0.0.31" @@ -1692,13 +1727,13 @@ resolved "https://registry.yarnpkg.com/@types/yarnpkg__lockfile/-/yarnpkg__lockfile-1.1.4.tgz#445251eb00bd9c1e751f82c7c6bf4f714edfd464" integrity sha512-/emrKCfQMQmFCqRqqBJ0JueHBT06jBRM3e8OgnvDUcvuExONujIk2hFA5dNsN9Nt41ljGVDdChvCydATZ+KOZw== -"@typescript-eslint/eslint-plugin@^4.19.0": - version "4.19.0" - resolved "https://registry.yarnpkg.com/@typescript-eslint/eslint-plugin/-/eslint-plugin-4.19.0.tgz#56f8da9ee118fe9763af34d6a526967234f6a7f0" - integrity sha512-CRQNQ0mC2Pa7VLwKFbrGVTArfdVDdefS+gTw0oC98vSI98IX5A8EVH4BzJ2FOB0YlCmm8Im36Elad/Jgtvveaw== +"@typescript-eslint/eslint-plugin@^4.20.0": + version "4.20.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/eslint-plugin/-/eslint-plugin-4.20.0.tgz#9d8794bd99aad9153092ad13c96164e3082e9a92" + integrity sha512-sw+3HO5aehYqn5w177z2D82ZQlqHCwcKSMboueo7oE4KU9QiC0SAgfS/D4z9xXvpTc8Bt41Raa9fBR8T2tIhoQ== dependencies: - "@typescript-eslint/experimental-utils" "4.19.0" - "@typescript-eslint/scope-manager" "4.19.0" + "@typescript-eslint/experimental-utils" "4.20.0" + "@typescript-eslint/scope-manager" "4.20.0" debug "^4.1.1" functional-red-black-tree "^1.0.1" lodash "^4.17.15" @@ -1706,15 +1741,15 @@ semver "^7.3.2" tsutils "^3.17.1" -"@typescript-eslint/experimental-utils@4.19.0": - version "4.19.0" - resolved "https://registry.yarnpkg.com/@typescript-eslint/experimental-utils/-/experimental-utils-4.19.0.tgz#9ca379919906dc72cb0fcd817d6cb5aa2d2054c6" - integrity sha512-9/23F1nnyzbHKuoTqFN1iXwN3bvOm/PRIXSBR3qFAYotK/0LveEOHr5JT1WZSzcD6BESl8kPOG3OoDRKO84bHA== +"@typescript-eslint/experimental-utils@4.20.0": + version "4.20.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/experimental-utils/-/experimental-utils-4.20.0.tgz#a8ab2d7b61924f99042b7d77372996d5f41dc44b" + integrity sha512-sQNlf6rjLq2yB5lELl3gOE7OuoA/6IVXJUJ+Vs7emrQMva14CkOwyQwD7CW+TkmOJ4Q/YGmoDLmbfFrpGmbKng== dependencies: "@types/json-schema" "^7.0.3" - "@typescript-eslint/scope-manager" "4.19.0" - "@typescript-eslint/types" "4.19.0" - "@typescript-eslint/typescript-estree" "4.19.0" + "@typescript-eslint/scope-manager" "4.20.0" + "@typescript-eslint/types" "4.20.0" + "@typescript-eslint/typescript-estree" "4.20.0" eslint-scope "^5.0.0" eslint-utils "^2.0.0" @@ -1730,14 +1765,14 @@ eslint-scope "^5.0.0" eslint-utils "^2.0.0" -"@typescript-eslint/parser@^4.19.0": - version "4.19.0" - resolved "https://registry.yarnpkg.com/@typescript-eslint/parser/-/parser-4.19.0.tgz#4ae77513b39f164f1751f21f348d2e6cb2d11128" - integrity sha512-/uabZjo2ZZhm66rdAu21HA8nQebl3lAIDcybUoOxoI7VbZBYavLIwtOOmykKCJy+Xq6Vw6ugkiwn8Js7D6wieA== +"@typescript-eslint/parser@^4.20.0": + version "4.20.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/parser/-/parser-4.20.0.tgz#8dd403c8b4258b99194972d9799e201b8d083bdd" + integrity sha512-m6vDtgL9EABdjMtKVw5rr6DdeMCH3OA1vFb0dAyuZSa3e5yw1YRzlwFnm9knma9Lz6b2GPvoNSa8vOXrqsaglA== dependencies: - "@typescript-eslint/scope-manager" "4.19.0" - "@typescript-eslint/types" "4.19.0" - "@typescript-eslint/typescript-estree" "4.19.0" + "@typescript-eslint/scope-manager" "4.20.0" + "@typescript-eslint/types" "4.20.0" + "@typescript-eslint/typescript-estree" "4.20.0" debug "^4.1.1" "@typescript-eslint/scope-manager@4.18.0": @@ -1748,23 +1783,23 @@ "@typescript-eslint/types" "4.18.0" "@typescript-eslint/visitor-keys" "4.18.0" -"@typescript-eslint/scope-manager@4.19.0": - version "4.19.0" - resolved "https://registry.yarnpkg.com/@typescript-eslint/scope-manager/-/scope-manager-4.19.0.tgz#5e0b49eca4df7684205d957c9856f4e720717a4f" - integrity sha512-GGy4Ba/hLXwJXygkXqMzduqOMc+Na6LrJTZXJWVhRrSuZeXmu8TAnniQVKgj8uTRKe4igO2ysYzH+Np879G75g== +"@typescript-eslint/scope-manager@4.20.0": + version "4.20.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/scope-manager/-/scope-manager-4.20.0.tgz#953ecbf3b00845ece7be66246608be9d126d05ca" + integrity sha512-/zm6WR6iclD5HhGpcwl/GOYDTzrTHmvf8LLLkwKqqPKG6+KZt/CfSgPCiybshmck66M2L5fWSF/MKNuCwtKQSQ== dependencies: - "@typescript-eslint/types" "4.19.0" - "@typescript-eslint/visitor-keys" "4.19.0" + "@typescript-eslint/types" "4.20.0" + "@typescript-eslint/visitor-keys" "4.20.0" "@typescript-eslint/types@4.18.0": version "4.18.0" resolved "https://registry.yarnpkg.com/@typescript-eslint/types/-/types-4.18.0.tgz#bebe323f81f2a7e2e320fac9415e60856267584a" integrity sha512-/BRociARpj5E+9yQ7cwCF/SNOWwXJ3qhjurMuK2hIFUbr9vTuDeu476Zpu+ptxY2kSxUHDGLLKy+qGq2sOg37A== -"@typescript-eslint/types@4.19.0": - version "4.19.0" - resolved "https://registry.yarnpkg.com/@typescript-eslint/types/-/types-4.19.0.tgz#5181d5d2afd02e5b8f149ebb37ffc8bd7b07a568" - integrity sha512-A4iAlexVvd4IBsSTNxdvdepW0D4uR/fwxDrKUa+iEY9UWvGREu2ZyB8ylTENM1SH8F7bVC9ac9+si3LWNxcBuA== +"@typescript-eslint/types@4.20.0": + version "4.20.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/types/-/types-4.20.0.tgz#c6cf5ef3c9b1c8f699a9bbdafb7a1da1ca781225" + integrity sha512-cYY+1PIjei1nk49JAPnH1VEnu7OYdWRdJhYI5wiKOUMhLTG1qsx5cQxCUTuwWCmQoyriadz3Ni8HZmGSofeC+w== "@typescript-eslint/typescript-estree@4.18.0": version "4.18.0" @@ -1779,13 +1814,13 @@ semver "^7.3.2" tsutils "^3.17.1" -"@typescript-eslint/typescript-estree@4.19.0": - version "4.19.0" - resolved "https://registry.yarnpkg.com/@typescript-eslint/typescript-estree/-/typescript-estree-4.19.0.tgz#8a709ffa400284ab72df33376df085e2e2f61147" - integrity sha512-3xqArJ/A62smaQYRv2ZFyTA+XxGGWmlDYrsfZG68zJeNbeqRScnhf81rUVa6QG4UgzHnXw5VnMT5cg75dQGDkA== +"@typescript-eslint/typescript-estree@4.20.0": + version "4.20.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/typescript-estree/-/typescript-estree-4.20.0.tgz#8b3b08f85f18a8da5d88f65cb400f013e88ab7be" + integrity sha512-Knpp0reOd4ZsyoEJdW8i/sK3mtZ47Ls7ZHvD8WVABNx5Xnn7KhenMTRGegoyMTx6TiXlOVgMz9r0pDgXTEEIHA== dependencies: - "@typescript-eslint/types" "4.19.0" - "@typescript-eslint/visitor-keys" "4.19.0" + "@typescript-eslint/types" "4.20.0" + "@typescript-eslint/visitor-keys" "4.20.0" debug "^4.1.1" globby "^11.0.1" is-glob "^4.0.1" @@ -1800,12 +1835,12 @@ "@typescript-eslint/types" "4.18.0" eslint-visitor-keys "^2.0.0" -"@typescript-eslint/visitor-keys@4.19.0": - version "4.19.0" - resolved "https://registry.yarnpkg.com/@typescript-eslint/visitor-keys/-/visitor-keys-4.19.0.tgz#cbea35109cbd9b26e597644556be4546465d8f7f" - integrity sha512-aGPS6kz//j7XLSlgpzU2SeTqHPsmRYxFztj2vPuMMFJXZudpRSehE3WCV+BaxwZFvfAqMoSd86TEuM0PQ59E/A== +"@typescript-eslint/visitor-keys@4.20.0": + version "4.20.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/visitor-keys/-/visitor-keys-4.20.0.tgz#1e84db034da13f208325e6bfc995c3b75f7dbd62" + integrity sha512-NXKRM3oOVQL8yNFDNCZuieRIwZ5UtjNLYtmMx2PacEAGmbaEYtGgVHUHVyZvU/0rYZcizdrWjDo+WBtRPSgq+A== dependencies: - "@typescript-eslint/types" "4.19.0" + "@typescript-eslint/types" "4.20.0" eslint-visitor-keys "^2.0.0" "@yarnpkg/lockfile@^1.1.0": @@ -1903,6 +1938,16 @@ ajv@^7.0.2: require-from-string "^2.0.2" uri-js "^4.2.2" +ajv@^8.0.1: + version "8.0.2" + resolved "https://registry.yarnpkg.com/ajv/-/ajv-8.0.2.tgz#1396e27f208ed56dd5638ab5a251edeb1c91d402" + integrity sha512-V0HGxJd0PiDF0ecHYIesTOqfd1gJguwQUOYfMfAWnRsWQEXfc5ifbUFhD3Wjc+O+y7VAqL+g07prq9gHQ/JOZQ== + dependencies: + fast-deep-equal "^3.1.1" + json-schema-traverse "^1.0.0" + require-from-string "^2.0.2" + uri-js "^4.2.2" + ansi-colors@^4.1.1: version "4.1.1" resolved "https://registry.yarnpkg.com/ansi-colors/-/ansi-colors-4.1.1.tgz#cbb9ae256bf750af1eab344f229aa27fe94ba348" @@ -3697,10 +3742,10 @@ es6-error@^4.0.1: resolved "https://registry.yarnpkg.com/es6-error/-/es6-error-4.1.1.tgz#9e3af407459deed47e9a91f9b885a84eb05c561d" integrity sha512-Um/+FxMr9CISWh0bi5Zv0iOD+4cFh5qLeks1qhAopKVAJw3drgKbKySikp7wGhDL0HPeaja0P5ULZrxLkniUVg== -esbuild@^0.9.6: - version "0.9.6" - resolved "https://registry.yarnpkg.com/esbuild/-/esbuild-0.9.6.tgz#2cae519e7ce2328ecf57ae738090d07ce7245850" - integrity sha512-F6vASxU0wT/Davt9aj2qtDwDNSkQxh9VbyO56M7PDWD+D/Vgq/rmUDGDQo7te76W5auauVojjnQr/wTu3vpaUA== +esbuild@^0.11.2: + version "0.11.2" + resolved "https://registry.yarnpkg.com/esbuild/-/esbuild-0.11.2.tgz#3b995e107f2054d9090402b98a3b79ceffd05eb6" + integrity sha512-8d5FCQrR+juXC2u9zjTQ3+IYiuFuaWyKYwmApFJLquTrYNbk36H/+MkRQeTuOJg7IjUchRX2Ulwo1zRYXZ1pUg== escalade@^3.1.1: version "3.1.1" @@ -3852,10 +3897,10 @@ eslint-visitor-keys@^2.0.0: resolved "https://registry.yarnpkg.com/eslint-visitor-keys/-/eslint-visitor-keys-2.0.0.tgz#21fdc8fbcd9c795cc0321f0563702095751511a8" integrity sha512-QudtT6av5WXels9WjIM7qz1XD1cWGvX4gGXvp/zBn9nXG02D0utdU3Em2m/QjTnrsk6bBjmCygl3rmj118msQQ== -eslint@^7.22.0: - version "7.22.0" - resolved "https://registry.yarnpkg.com/eslint/-/eslint-7.22.0.tgz#07ecc61052fec63661a2cab6bd507127c07adc6f" - integrity sha512-3VawOtjSJUQiiqac8MQc+w457iGLfuNGLFn8JmF051tTKbh5/x/0vlcEj8OgDCaw7Ysa2Jn8paGshV7x2abKXg== +eslint@^7.23.0: + version "7.23.0" + resolved "https://registry.yarnpkg.com/eslint/-/eslint-7.23.0.tgz#8d029d252f6e8cf45894b4bee08f5493f8e94325" + integrity sha512-kqvNVbdkjzpFy0XOszNwjkKzZ+6TcwCQ/h+ozlcIWwaimBBuhlQ4nN6kbiM2L+OjDcznkTJxzYfRFH92sx4a0Q== dependencies: "@babel/code-frame" "7.12.11" "@eslint/eslintrc" "^0.4.0" @@ -6339,6 +6384,11 @@ lodash._reinterpolate@^3.0.0: resolved "https://registry.yarnpkg.com/lodash._reinterpolate/-/lodash._reinterpolate-3.0.0.tgz#0ccf2d89166af03b3663c796538b75ac6e114d9d" integrity sha1-DM8tiRZq8Ds2Y8eWU4t1rG4RTZ0= +lodash.clonedeep@^4.5.0: + version "4.5.0" + resolved "https://registry.yarnpkg.com/lodash.clonedeep/-/lodash.clonedeep-4.5.0.tgz#e23f3f9c4f8fbdde872529c1071857a086e5ccef" + integrity sha1-4j8/nE+Pvd6HJSnBBxhXoIblzO8= + lodash.defaults@^4.2.0: version "4.2.0" resolved "https://registry.yarnpkg.com/lodash.defaults/-/lodash.defaults-4.2.0.tgz#d09178716ffea4dde9e5fb7b37f6f0802274580c" @@ -6404,6 +6454,11 @@ lodash.templatesettings@^4.0.0: dependencies: lodash._reinterpolate "^3.0.0" +lodash.truncate@^4.4.2: + version "4.4.2" + resolved "https://registry.yarnpkg.com/lodash.truncate/-/lodash.truncate-4.4.2.tgz#5a350da0b1113b837ecfffd5812cbe58d6eae193" + integrity sha1-WjUNoLERO4N+z//VgSy+WNbq4ZM= + lodash.union@^4.6.0: version "4.6.0" resolved "https://registry.yarnpkg.com/lodash.union/-/lodash.union-4.6.0.tgz#48bb5088409f16f1821666641c44dd1aaae3cd88" @@ -9141,7 +9196,7 @@ symbol-tree@^3.2.4: resolved "https://registry.yarnpkg.com/symbol-tree/-/symbol-tree-3.2.4.tgz#430637d248ba77e078883951fb9aa0eed7c63fa2" integrity sha512-9QNk5KwDF+Bvz+PyObkmSYjI5ksVUYtjW7AU22r2NKcfLJcXp96hkDWU3+XndOsUb+AQ9QhfzfCT2O+CNWT5Tw== -table@^6.0.4, table@^6.0.7: +table@^6.0.4: version "6.0.7" resolved "https://registry.yarnpkg.com/table/-/table-6.0.7.tgz#e45897ffbcc1bcf9e8a87bf420f2c9e5a7a52a34" integrity sha512-rxZevLGTUzWna/qBLObOe16kB2RTnnbhciwgPbMMlazz1yZGVEgnZK762xyVdVznhqxrfCeBMmMkgOOaPwjH7g== @@ -9151,6 +9206,21 @@ table@^6.0.4, table@^6.0.7: slice-ansi "^4.0.0" string-width "^4.2.0" +table@^6.0.9: + version "6.0.9" + resolved "https://registry.yarnpkg.com/table/-/table-6.0.9.tgz#790a12bf1e09b87b30e60419bafd6a1fd85536fb" + integrity sha512-F3cLs9a3hL1Z7N4+EkSscsel3z55XT950AvB05bwayrNg5T1/gykXtigioTAjbltvbMSJvvhFCbnf6mX+ntnJQ== + dependencies: + ajv "^8.0.1" + is-boolean-object "^1.1.0" + is-number-object "^1.0.4" + is-string "^1.0.5" + lodash.clonedeep "^4.5.0" + lodash.flatten "^4.4.0" + lodash.truncate "^4.4.2" + slice-ansi "^4.0.0" + string-width "^4.2.0" + tap-mocha-reporter@^3.0.9, tap-mocha-reporter@^5.0.1: version "5.0.1" resolved "https://registry.yarnpkg.com/tap-mocha-reporter/-/tap-mocha-reporter-5.0.1.tgz#74f00be2ddd2a380adad45e085795137bc39497a" From 9b0a6cf0d349ef3ce1c941b25bbe8e630e09c639 Mon Sep 17 00:00:00 2001 From: Robert Djurasaj Date: Wed, 31 Mar 2021 10:09:26 -0600 Subject: [PATCH 058/260] fix(cloudfront): Origin Request Policy headers enforce soft limit of 10 (#13907) Validation was added in #13410 to enforce a limit of the number of headers allowed in the allow list for a Origin Request Policy; that limit is a soft limit and should not be hard-enforced in code. Relates to #13903 This commit partially reverts changes introduced in 42f3740. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../aws-cloudfront/lib/origin-request-policy.ts | 3 --- .../aws-cloudfront/test/origin-request-policy.test.ts | 11 ----------- 2 files changed, 14 deletions(-) diff --git a/packages/@aws-cdk/aws-cloudfront/lib/origin-request-policy.ts b/packages/@aws-cdk/aws-cloudfront/lib/origin-request-policy.ts index 17e7894e6e84e..1bd4fde321080 100644 --- a/packages/@aws-cdk/aws-cloudfront/lib/origin-request-policy.ts +++ b/packages/@aws-cdk/aws-cloudfront/lib/origin-request-policy.ts @@ -184,9 +184,6 @@ export class OriginRequestHeaderBehavior { if (headers.length === 0) { throw new Error('At least one header to allow must be provided'); } - if (headers.length > 10) { - throw new Error(`Maximum allowed headers in Origin Request Policy is 10; got ${headers.length}.`); - } if (/Authorization/i.test(headers.join('|')) || /Accept-Encoding/i.test(headers.join('|'))) { throw new Error('you cannot pass `Authorization` or `Accept-Encoding` as header values; use a CachePolicy to forward these headers instead'); } diff --git a/packages/@aws-cdk/aws-cloudfront/test/origin-request-policy.test.ts b/packages/@aws-cdk/aws-cloudfront/test/origin-request-policy.test.ts index b342ac434e48e..f2f65107c180a 100644 --- a/packages/@aws-cdk/aws-cloudfront/test/origin-request-policy.test.ts +++ b/packages/@aws-cdk/aws-cloudfront/test/origin-request-policy.test.ts @@ -89,17 +89,6 @@ describe('OriginRequestPolicy', () => { expect(() => new OriginRequestPolicy(stack, 'OriginRequestPolicy7', { headerBehavior: OriginRequestHeaderBehavior.allowList('Foo', 'Bar') })).not.toThrow(); }); - test('throws if more than 10 OriginRequestHeaderBehavior headers are being passed', () => { - const errorMessage = /Maximum allowed headers in Origin Request Policy is 10; got (.*?)/; - expect(() => new OriginRequestPolicy(stack, 'OriginRequestPolicy1', { - headerBehavior: OriginRequestHeaderBehavior.allowList('Lorem', 'ipsum', 'dolor', 'sit', 'amet', 'consectetur', 'adipiscing', 'elit', 'sed', 'do', 'eiusmod'), - })).toThrow(errorMessage); - - expect(() => new OriginRequestPolicy(stack, 'OriginRequestPolicy2', { - headerBehavior: OriginRequestHeaderBehavior.allowList('Lorem', 'ipsum', 'dolor', 'sit', 'amet', 'consectetur', 'adipiscing', 'elit', 'sed', 'do'), - })).not.toThrow(); - }); - test('does not throw if originRequestPolicyName is a token', () => { expect(() => new OriginRequestPolicy(stack, 'CachePolicy', { originRequestPolicyName: Aws.STACK_NAME, From 93dac4c699e5ad817203398a7caa26695a3d7f47 Mon Sep 17 00:00:00 2001 From: Rico Huijbers Date: Wed, 31 Mar 2021 19:05:35 +0200 Subject: [PATCH 059/260] chore: fail early on impossible shrinkwrap (#13899) If the **resolved** version of a package (the one we force using Yarn) does not match the **required** version of a package (the one in `package.json`), then NPM ignores the resolved version and installs the package from the `requires` list anyway, *even* if it's processing a shrinkwrap file. Unfortunately, sometimes we have to force this situation, such as with the `netmask` issue, where the required version is declared at `^1.0.6` but we need to force it to be resolved to `2.0.1`. Detect this situation early and bail out, so that we don't try to ship something that doesn't have the version resolution we expected to ship. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- tools/yarn-cling/lib/hoisting.ts | 2 +- tools/yarn-cling/lib/index.ts | 80 ++++++++++++++++++++++++++++- tools/yarn-cling/lib/types.ts | 4 +- tools/yarn-cling/package.json | 3 +- tools/yarn-cling/test/cling.test.ts | 66 ++++++++++++++++-------- 5 files changed, 128 insertions(+), 27 deletions(-) diff --git a/tools/yarn-cling/lib/hoisting.ts b/tools/yarn-cling/lib/hoisting.ts index 5f920fe3ce7f1..5f486c0828355 100644 --- a/tools/yarn-cling/lib/hoisting.ts +++ b/tools/yarn-cling/lib/hoisting.ts @@ -1,4 +1,4 @@ -import { PackageLockPackage } from "./types"; +import { PackageLockPackage } from './types'; /** * Hoist package-lock dependencies in-place diff --git a/tools/yarn-cling/lib/index.ts b/tools/yarn-cling/lib/index.ts index 38a766c27d7e5..75a3605166255 100644 --- a/tools/yarn-cling/lib/index.ts +++ b/tools/yarn-cling/lib/index.ts @@ -1,6 +1,7 @@ import { promises as fs, exists } from 'fs'; import * as path from 'path'; import * as lockfile from '@yarnpkg/lockfile'; +import * as semver from 'semver'; import { hoistDependencies } from './hoisting'; import { PackageJson, PackageLock, PackageLockEntry, PackageLockPackage, YarnLock } from './types'; @@ -49,13 +50,17 @@ export async function generateShrinkwrap(options: ShrinkwrapOptions): Promise { - return { + const lockFile = { name: pkgJson.name, version: pkgJson.version, lockfileVersion: 1, requires: true, dependencies: await dependenciesFor(pkgJson.dependencies || {}, yarnLock, rootDir), }; + + checkRequiredVersions(lockFile); + + return lockFile; } // eslint-disable-next-line max-len @@ -186,4 +191,77 @@ async function findPackageDir(depName: string, rootDir: string) { } throw new Error(`Did not find '${depName}' upwards of '${rootDir}'`); +} + +/** + * We may sometimes try to adjust a package version to a version that's incompatible with the declared requirement. + * + * For example, this recently happened for 'netmask', where the package we + * depend on has `{ requires: { netmask: '^1.0.6', } }`, but we need to force-substitute in version `2.0.1`. + * + * If NPM processes the shrinkwrap and encounters the following situation: + * + * ``` + * { + * netmask: { version: '2.0.1' }, + * resolver: { + * requires: { + * netmask: '^1.0.6' + * } + * } + * } + * ``` + * + * NPM is going to disregard the swhinkrwap and still give `resolver` its own private + * copy of netmask `^1.0.6`. + * + * We tried overriding the `requires` version, and that works for `npm install` (yay) + * but if anyone runs `npm ls` afterwards, `npm ls` is going to check the actual source + * `package.jsons` against the actual `node_modules` file tree, and complain that the + * versions don't match. + * + * We run `npm ls` in our tests to make sure our dependency tree is sane, and our customers + * might too, so this is not a great solution. + * + * To cut any discussion short in the future, we're going to detect this situation and + * tell our future selves that is cannot and will not work, and we should find another + * solution. + */ +export function checkRequiredVersions(root: PackageLock | PackageLockPackage) { + recurse(root, []); + + function recurse(entry: PackageLock | PackageLockPackage, parentChain: PackageLockEntry[]) { + // On the root, 'requires' is the value 'true', for God knows what reason. Don't care about those. + if (typeof entry.requires === 'object') { + + // For every 'requires' dependency, find the version it actually got resolved to and compare. + for (const [name, range] of Object.entries(entry.requires)) { + const resolvedPackage = findResolved(name, [entry, ...parentChain]); + if (!resolvedPackage) { continue; } + + if (!semver.satisfies(resolvedPackage.version, range)) { + // Ruh-roh. + throw new Error(`Looks like we're trying to force '${name}' to version '${resolvedPackage.version}', but the dependency ` + + `is specified as '${range}'. This can never properly work via shrinkwrapping. Try vendoring a patched ` + + 'version of the intermediary dependencies instead.'); + } + } + } + + for (const dep of Object.values(entry.dependencies ?? {})) { + recurse(dep, [entry, ...parentChain]); + } + } + + /** + * Find a package name in a package lock tree. + */ + function findResolved(name: string, chain: PackageLockEntry[]) { + for (const level of chain) { + if (level.dependencies?.[name]) { + return level.dependencies?.[name]; + } + } + return undefined; + } } \ No newline at end of file diff --git a/tools/yarn-cling/lib/types.ts b/tools/yarn-cling/lib/types.ts index 0f800cc50de52..2af924f90cb6f 100644 --- a/tools/yarn-cling/lib/types.ts +++ b/tools/yarn-cling/lib/types.ts @@ -29,8 +29,8 @@ export interface ResolvedYarnPackage { export interface PackageLock extends PackageLockEntry { name: string; - lockfileVersion: 1; - requires: true; + lockfileVersion: number; + requires: boolean; } export interface PackageLockEntry { diff --git a/tools/yarn-cling/package.json b/tools/yarn-cling/package.json index 151a4bd84e65b..134064d892405 100644 --- a/tools/yarn-cling/package.json +++ b/tools/yarn-cling/package.json @@ -46,7 +46,8 @@ "typescript": "~3.9.9" }, "dependencies": { - "@yarnpkg/lockfile": "^1.1.0" + "@yarnpkg/lockfile": "^1.1.0", + "semver": "^7.3.5" }, "keywords": [ "aws", diff --git a/tools/yarn-cling/test/cling.test.ts b/tools/yarn-cling/test/cling.test.ts index 6b5854db688ed..1628d2415a1ae 100644 --- a/tools/yarn-cling/test/cling.test.ts +++ b/tools/yarn-cling/test/cling.test.ts @@ -1,5 +1,5 @@ import * as path from 'path'; -import { generateShrinkwrap } from "../lib"; +import { checkRequiredVersions, generateShrinkwrap } from '../lib'; test('generate lock for fixture directory', async () => { const lockFile = await generateShrinkwrap({ @@ -9,27 +9,27 @@ test('generate lock for fixture directory', async () => { expect(lockFile).toEqual({ lockfileVersion: 1, - name: "package1", + name: 'package1', requires: true, - version: "1.1.1", + version: '1.1.1', dependencies: { package2: { - version: "2.2.2", + version: '2.2.2', }, registrydependency1: { dependencies: { registrydependency2: { - integrity: "sha512-pineapple", - resolved: "https://registry.bla.com/stuff", - version: "2.3.999", + integrity: 'sha512-pineapple', + resolved: 'https://registry.bla.com/stuff', + version: '2.3.999', }, }, - integrity: "sha512-banana", + integrity: 'sha512-banana', requires: { - registrydependency2: "^2.3.4", + registrydependency2: '^2.3.4', }, - resolved: "https://registry.bla.com/stuff", - version: "1.2.999", + resolved: 'https://registry.bla.com/stuff', + version: '1.2.999', }, }, }); @@ -43,26 +43,48 @@ test('generate hoisted lock for fixture directory', async () => { expect(lockFile).toEqual({ lockfileVersion: 1, - name: "package1", + name: 'package1', requires: true, - version: "1.1.1", + version: '1.1.1', dependencies: { package2: { - version: "2.2.2", + version: '2.2.2', }, registrydependency1: { - integrity: "sha512-banana", + integrity: 'sha512-banana', requires: { - registrydependency2: "^2.3.4", + registrydependency2: '^2.3.4', }, - resolved: "https://registry.bla.com/stuff", - version: "1.2.999", + resolved: 'https://registry.bla.com/stuff', + version: '1.2.999', }, registrydependency2: { - integrity: "sha512-pineapple", - resolved: "https://registry.bla.com/stuff", - version: "2.3.999", + integrity: 'sha512-pineapple', + resolved: 'https://registry.bla.com/stuff', + version: '2.3.999', }, }, }); -}); \ No newline at end of file +}); + +test('fail when requires cannot be satisfied', async () => { + const lockFile = { + lockfileVersion: 1, + name: 'package1', + requires: true, + version: '1.1.1', + dependencies: { + package1: { + version: '2.2.2', + requires: { + package2: '^3.3.3', // <- this needs to be adjusted + }, + }, + package2: { + version: '4.4.4', + }, + }, + }; + + expect(() => checkRequiredVersions(lockFile)).toThrow(/This can never/); +}); From 794c951b5da900fd30827e6f7b0b631bf21df979 Mon Sep 17 00:00:00 2001 From: Eli Polonsky Date: Thu, 1 Apr 2021 00:56:47 +0300 Subject: [PATCH 060/260] chore: bump pac-resolver to 4.2.0 (#13914) This in turn bumps `netmask`. See https://github.com/TooTallNate/node-pac-resolver/pull/25 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- package.json | 2 -- yarn.lock | 10 +++++----- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/package.json b/package.json index d4e3ecd04c1c1..d284a9710ee61 100644 --- a/package.json +++ b/package.json @@ -25,10 +25,8 @@ "standard-version": "^9.1.1", "typescript": "~3.9.9" }, - "netmask-resolutions-comment": "transitive dep from proxy-agent@4.0.1. review when dependencies upgrade", "tap-mocha-reporter-resolutions-comment": "should be removed or reviewed when nodeunit dependency is dropped or adjusted", "resolutions": { - "netmask": "2.0.1", "tap-mocha-reporter": "^5.0.1" }, "repository": { diff --git a/yarn.lock b/yarn.lock index 07db37c22796e..925d810fe1e4e 100644 --- a/yarn.lock +++ b/yarn.lock @@ -6964,7 +6964,7 @@ nested-error-stacks@^2.0.0: resolved "https://registry.yarnpkg.com/nested-error-stacks/-/nested-error-stacks-2.1.0.tgz#0fbdcf3e13fe4994781280524f8b96b0cdff9c61" integrity sha512-AO81vsIO1k1sM4Zrd6Hu7regmJN1NSiAja10gc4bX3F0wd+9rQmcuHQaHVQCYIEC8iFXnE+mavh23GOt7wBgug== -netmask@2.0.1, netmask@^1.0.6: +netmask@^2.0.1: version "2.0.1" resolved "https://registry.yarnpkg.com/netmask/-/netmask-2.0.1.tgz#5a5cbdcbb7b6de650870e15e83d3e9553a414cf4" integrity sha512-gB8eG6ubxz67c7O2gaGiyWdRUIbH61q7anjgueDqCC9kvIs/b4CTtCMaQKeJbv1/Y7FT19I4zKwYmjnjInRQsg== @@ -7600,13 +7600,13 @@ pac-proxy-agent@^4.1.0: socks-proxy-agent "5" pac-resolver@^4.1.0: - version "4.1.0" - resolved "https://registry.yarnpkg.com/pac-resolver/-/pac-resolver-4.1.0.tgz#4b12e7d096b255a3b84e53f6831f32e9c7e5fe95" - integrity sha512-d6lf2IrZJJ7ooVHr7BfwSjRO1yKSJMaiiWYSHcrxSIUtZrCa4KKGwcztdkZ/E9LFleJfjoi1yl+XLR7AX24nbQ== + version "4.2.0" + resolved "https://registry.yarnpkg.com/pac-resolver/-/pac-resolver-4.2.0.tgz#b82bcb9992d48166920bc83c7542abb454bd9bdd" + integrity sha512-rPACZdUyuxT5Io/gFKUeeZFfE5T7ve7cAkE5TUZRRfuKP0u5Hocwe48X7ZEm6mYB+bTB0Qf+xlVlA/RM/i6RCQ== dependencies: degenerator "^2.2.0" ip "^1.1.5" - netmask "^1.0.6" + netmask "^2.0.1" package-hash@^3.0.0: version "3.0.0" From aefc2418755fd486e1f6a87f3f90e646e9e7630f Mon Sep 17 00:00:00 2001 From: Neta Nir Date: Wed, 31 Mar 2021 18:18:52 -0700 Subject: [PATCH 061/260] chore: remove resolution clause from init template (#13919) Since the downstream dependency was patched we don't require the resolution clause. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../lib/init-templates/v1/app/javascript/package.template.json | 3 --- .../lib/init-templates/v1/app/typescript/package.template.json | 3 --- .../lib/init-templates/v1/lib/typescript/package.template.json | 3 --- .../v1/sample-app/javascript/package.template.json | 3 --- .../v1/sample-app/typescript/package.template.json | 3 --- .../lib/init-templates/v2/app/javascript/package.template.json | 3 --- .../lib/init-templates/v2/app/typescript/package.template.json | 3 --- .../lib/init-templates/v2/lib/typescript/package.template.json | 3 --- .../v2/sample-app/javascript/package.template.json | 3 --- .../v2/sample-app/typescript/package.template.json | 3 --- 10 files changed, 30 deletions(-) diff --git a/packages/aws-cdk/lib/init-templates/v1/app/javascript/package.template.json b/packages/aws-cdk/lib/init-templates/v1/app/javascript/package.template.json index 94fa701483337..5547dacf3a673 100644 --- a/packages/aws-cdk/lib/init-templates/v1/app/javascript/package.template.json +++ b/packages/aws-cdk/lib/init-templates/v1/app/javascript/package.template.json @@ -16,8 +16,5 @@ }, "dependencies": { "@aws-cdk/core": "%cdk-version%" - }, - "resolutions": { - "netmask": "2.0.1" } } diff --git a/packages/aws-cdk/lib/init-templates/v1/app/typescript/package.template.json b/packages/aws-cdk/lib/init-templates/v1/app/typescript/package.template.json index 2ae2ecf430317..df89ae6a206bb 100644 --- a/packages/aws-cdk/lib/init-templates/v1/app/typescript/package.template.json +++ b/packages/aws-cdk/lib/init-templates/v1/app/typescript/package.template.json @@ -23,8 +23,5 @@ "dependencies": { "@aws-cdk/core": "%cdk-version%", "source-map-support": "^0.5.16" - }, - "resolutions": { - "netmask": "2.0.1" } } diff --git a/packages/aws-cdk/lib/init-templates/v1/lib/typescript/package.template.json b/packages/aws-cdk/lib/init-templates/v1/lib/typescript/package.template.json index 04f72fb1387c1..8d9ef219c74ca 100644 --- a/packages/aws-cdk/lib/init-templates/v1/lib/typescript/package.template.json +++ b/packages/aws-cdk/lib/init-templates/v1/lib/typescript/package.template.json @@ -21,8 +21,5 @@ }, "dependencies": { "@aws-cdk/core": "%cdk-version%" - }, - "resolutions": { - "netmask": "2.0.1" } } diff --git a/packages/aws-cdk/lib/init-templates/v1/sample-app/javascript/package.template.json b/packages/aws-cdk/lib/init-templates/v1/sample-app/javascript/package.template.json index bf83cd9b9b0af..7594be2ffb151 100644 --- a/packages/aws-cdk/lib/init-templates/v1/sample-app/javascript/package.template.json +++ b/packages/aws-cdk/lib/init-templates/v1/sample-app/javascript/package.template.json @@ -19,8 +19,5 @@ "@aws-cdk/aws-sns-subscriptions": "%cdk-version%", "@aws-cdk/aws-sqs": "%cdk-version%", "@aws-cdk/core": "%cdk-version%" - }, - "resolutions": { - "netmask": "2.0.1" } } diff --git a/packages/aws-cdk/lib/init-templates/v1/sample-app/typescript/package.template.json b/packages/aws-cdk/lib/init-templates/v1/sample-app/typescript/package.template.json index 558e796efb50a..98942aa31c167 100644 --- a/packages/aws-cdk/lib/init-templates/v1/sample-app/typescript/package.template.json +++ b/packages/aws-cdk/lib/init-templates/v1/sample-app/typescript/package.template.json @@ -25,8 +25,5 @@ "@aws-cdk/aws-sns-subscriptions": "%cdk-version%", "@aws-cdk/aws-sqs": "%cdk-version%", "@aws-cdk/core": "%cdk-version%" - }, - "resolutions": { - "netmask": "2.0.1" } } diff --git a/packages/aws-cdk/lib/init-templates/v2/app/javascript/package.template.json b/packages/aws-cdk/lib/init-templates/v2/app/javascript/package.template.json index d93d6ce796824..165f100d82429 100644 --- a/packages/aws-cdk/lib/init-templates/v2/app/javascript/package.template.json +++ b/packages/aws-cdk/lib/init-templates/v2/app/javascript/package.template.json @@ -16,8 +16,5 @@ "dependencies": { "aws-cdk-lib": "%cdk-version%", "constructs": "^3.0.4" - }, - "resolutions": { - "netmask": "2.0.1" } } diff --git a/packages/aws-cdk/lib/init-templates/v2/app/typescript/package.template.json b/packages/aws-cdk/lib/init-templates/v2/app/typescript/package.template.json index 363b3c58c9984..c71e1aea5f5ae 100644 --- a/packages/aws-cdk/lib/init-templates/v2/app/typescript/package.template.json +++ b/packages/aws-cdk/lib/init-templates/v2/app/typescript/package.template.json @@ -23,8 +23,5 @@ "aws-cdk-lib": "%cdk-version%", "constructs": "^3.0.4", "source-map-support": "^0.5.16" - }, - "resolutions": { - "netmask": "2.0.1" } } diff --git a/packages/aws-cdk/lib/init-templates/v2/lib/typescript/package.template.json b/packages/aws-cdk/lib/init-templates/v2/lib/typescript/package.template.json index 26ae2f022b3f5..f255ef76f1fb9 100644 --- a/packages/aws-cdk/lib/init-templates/v2/lib/typescript/package.template.json +++ b/packages/aws-cdk/lib/init-templates/v2/lib/typescript/package.template.json @@ -22,8 +22,5 @@ "dependencies": { "aws-cdk-lib": "%cdk-version%", "constructs": "^3.0.4" - }, - "resolutions": { - "netmask": "2.0.1" } } diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/package.template.json b/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/package.template.json index d93d6ce796824..165f100d82429 100644 --- a/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/package.template.json +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/javascript/package.template.json @@ -16,8 +16,5 @@ "dependencies": { "aws-cdk-lib": "%cdk-version%", "constructs": "^3.0.4" - }, - "resolutions": { - "netmask": "2.0.1" } } diff --git a/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/package.template.json b/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/package.template.json index 707672df12df9..4b36fa55ec3ad 100644 --- a/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/package.template.json +++ b/packages/aws-cdk/lib/init-templates/v2/sample-app/typescript/package.template.json @@ -22,8 +22,5 @@ "dependencies": { "aws-cdk-lib": "%cdk-version%", "constructs": "^3.0.4" - }, - "resolutions": { - "netmask": "2.0.1" } } From c9b3d536965a53c7f9d1f0ff250a17e402ff0a20 Mon Sep 17 00:00:00 2001 From: Eli Polonsky Date: Thu, 1 Apr 2021 00:56:47 +0300 Subject: [PATCH 062/260] chore: bump pac-resolver to 4.2.0 (#13914) This in turn bumps `netmask`. See https://github.com/TooTallNate/node-pac-resolver/pull/25 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- package.json | 2 +- yarn.lock | 16 ++++++++-------- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/package.json b/package.json index 6dad27d90e51f..d284a9710ee61 100644 --- a/package.json +++ b/package.json @@ -25,7 +25,7 @@ "standard-version": "^9.1.1", "typescript": "~3.9.9" }, - "resolutions-comment": "should be removed or reviewed when nodeunit dependency is dropped or adjusted", + "tap-mocha-reporter-resolutions-comment": "should be removed or reviewed when nodeunit dependency is dropped or adjusted", "resolutions": { "tap-mocha-reporter": "^5.0.1" }, diff --git a/yarn.lock b/yarn.lock index 44a1f4e1a85f6..fcfc5e004e0e7 100644 --- a/yarn.lock +++ b/yarn.lock @@ -6909,10 +6909,10 @@ nested-error-stacks@^2.0.0: resolved "https://registry.yarnpkg.com/nested-error-stacks/-/nested-error-stacks-2.1.0.tgz#0fbdcf3e13fe4994781280524f8b96b0cdff9c61" integrity sha512-AO81vsIO1k1sM4Zrd6Hu7regmJN1NSiAja10gc4bX3F0wd+9rQmcuHQaHVQCYIEC8iFXnE+mavh23GOt7wBgug== -netmask@^1.0.6: - version "1.0.6" - resolved "https://registry.yarnpkg.com/netmask/-/netmask-1.0.6.tgz#20297e89d86f6f6400f250d9f4f6b4c1945fcd35" - integrity sha1-ICl+idhvb2QA8lDZ9Pa0wZRfzTU= +netmask@^2.0.1: + version "2.0.1" + resolved "https://registry.yarnpkg.com/netmask/-/netmask-2.0.1.tgz#5a5cbdcbb7b6de650870e15e83d3e9553a414cf4" + integrity sha512-gB8eG6ubxz67c7O2gaGiyWdRUIbH61q7anjgueDqCC9kvIs/b4CTtCMaQKeJbv1/Y7FT19I4zKwYmjnjInRQsg== nice-try@^1.0.4: version "1.0.5" @@ -7545,13 +7545,13 @@ pac-proxy-agent@^4.1.0: socks-proxy-agent "5" pac-resolver@^4.1.0: - version "4.1.0" - resolved "https://registry.yarnpkg.com/pac-resolver/-/pac-resolver-4.1.0.tgz#4b12e7d096b255a3b84e53f6831f32e9c7e5fe95" - integrity sha512-d6lf2IrZJJ7ooVHr7BfwSjRO1yKSJMaiiWYSHcrxSIUtZrCa4KKGwcztdkZ/E9LFleJfjoi1yl+XLR7AX24nbQ== + version "4.2.0" + resolved "https://registry.yarnpkg.com/pac-resolver/-/pac-resolver-4.2.0.tgz#b82bcb9992d48166920bc83c7542abb454bd9bdd" + integrity sha512-rPACZdUyuxT5Io/gFKUeeZFfE5T7ve7cAkE5TUZRRfuKP0u5Hocwe48X7ZEm6mYB+bTB0Qf+xlVlA/RM/i6RCQ== dependencies: degenerator "^2.2.0" ip "^1.1.5" - netmask "^1.0.6" + netmask "^2.0.1" package-hash@^3.0.0: version "3.0.0" From bc8cd18f07e5a73f75532a350730928d72e5c156 Mon Sep 17 00:00:00 2001 From: NetaNir Date: Wed, 31 Mar 2021 18:43:17 -0700 Subject: [PATCH 063/260] chore(release): 1.95.2 --- CHANGELOG.md | 2 ++ version.v1.json | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3a949e3bfc65a..4eeeaf676550c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,8 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +### [1.95.2](https://github.com/aws/aws-cdk/compare/v1.95.1...v1.95.2) (2021-04-01) + ## [1.95.1](https://github.com/aws/aws-cdk/compare/v1.95.0...v1.95.1) (2021-03-25) diff --git a/version.v1.json b/version.v1.json index cf4c9c13cf1bc..80981e652a8d5 100644 --- a/version.v1.json +++ b/version.v1.json @@ -1,3 +1,3 @@ { - "version": "1.95.1" + "version": "1.95.2" } From abb06dd78854d115e3790e84e18d798b8b9e0aec Mon Sep 17 00:00:00 2001 From: NetaNir Date: Wed, 31 Mar 2021 18:49:46 -0700 Subject: [PATCH 064/260] changelog update --- CHANGELOG.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4eeeaf676550c..11dc78f785cb4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,9 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. -### [1.95.2](https://github.com/aws/aws-cdk/compare/v1.95.1...v1.95.2) (2021-04-01) +## [1.95.2](https://github.com/aws/aws-cdk/compare/v1.95.1...v1.95.2) (2021-04-01) + +* Upgrade downstream dependency - [pac-resolver](https://github.com/TooTallNate/node-pac-resolver), to mitigate [CVE-2021-28918](https://github.com/advisories/GHSA-pch5-whg9-qr2r) ([13914](https://github.com/aws/aws-cdk/pull/13914)) ([794c951](https://github.com/aws/aws-cdk/commit/794c951b5da900fd30827e6f7b0b631bf21df979)) ## [1.95.1](https://github.com/aws/aws-cdk/compare/v1.95.0...v1.95.1) (2021-03-25) From c17cf8e46eff5e9e116647ea00789b8ca73c4345 Mon Sep 17 00:00:00 2001 From: Neta Nir Date: Wed, 31 Mar 2021 18:57:54 -0700 Subject: [PATCH 065/260] Update CHANGELOG.md --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 11dc78f785cb4..9a27cdaa5c09c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,7 +4,7 @@ All notable changes to this project will be documented in this file. See [standa ## [1.95.2](https://github.com/aws/aws-cdk/compare/v1.95.1...v1.95.2) (2021-04-01) -* Upgrade downstream dependency - [pac-resolver](https://github.com/TooTallNate/node-pac-resolver), to mitigate [CVE-2021-28918](https://github.com/advisories/GHSA-pch5-whg9-qr2r) ([13914](https://github.com/aws/aws-cdk/pull/13914)) ([794c951](https://github.com/aws/aws-cdk/commit/794c951b5da900fd30827e6f7b0b631bf21df979)) +* Upgrade downstream dependency ([pac-resolver](https://github.com/TooTallNate/node-pac-resolver)) of the aws-cdk (the CDK CLI), to mitigate [CVE-2021-28918](https://github.com/advisories/GHSA-pch5-whg9-qr2r) ([13914](https://github.com/aws/aws-cdk/pull/13914)) ([794c951](https://github.com/aws/aws-cdk/commit/794c951b5da900fd30827e6f7b0b631bf21df979)) ## [1.95.1](https://github.com/aws/aws-cdk/compare/v1.95.0...v1.95.1) (2021-03-25) From 81de725cb541985608a7e6bcf83b182fb0cd59e0 Mon Sep 17 00:00:00 2001 From: Neta Nir Date: Wed, 31 Mar 2021 18:59:34 -0700 Subject: [PATCH 066/260] Update CHANGELOG.md --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 9a27cdaa5c09c..55650f8a69ff0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,7 +4,7 @@ All notable changes to this project will be documented in this file. See [standa ## [1.95.2](https://github.com/aws/aws-cdk/compare/v1.95.1...v1.95.2) (2021-04-01) -* Upgrade downstream dependency ([pac-resolver](https://github.com/TooTallNate/node-pac-resolver)) of the aws-cdk (the CDK CLI), to mitigate [CVE-2021-28918](https://github.com/advisories/GHSA-pch5-whg9-qr2r) ([13914](https://github.com/aws/aws-cdk/pull/13914)) ([794c951](https://github.com/aws/aws-cdk/commit/794c951b5da900fd30827e6f7b0b631bf21df979)) +* Upgrade a downstream dependency([pac-resolver](https://github.com/TooTallNate/node-pac-resolver)) of the aws-cdk (the CDK CLI), to mitigate [CVE-2021-28918](https://github.com/advisories/GHSA-pch5-whg9-qr2r) ([13914](https://github.com/aws/aws-cdk/pull/13914)) ([794c951](https://github.com/aws/aws-cdk/commit/794c951b5da900fd30827e6f7b0b631bf21df979)) ## [1.95.1](https://github.com/aws/aws-cdk/compare/v1.95.0...v1.95.1) (2021-03-25) From e2e008bd19c3ff1b08ccb093dba576551ec73240 Mon Sep 17 00:00:00 2001 From: Philipp Garbe Date: Thu, 1 Apr 2021 09:51:20 +0200 Subject: [PATCH 067/260] feat(lambda): switch bundling images from DockerHub to ECR public gallery (#13473) fixes #11296 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-lambda-nodejs/README.md | 2 +- .../@aws-cdk/aws-lambda-nodejs/lib/Dockerfile | 2 +- .../test/integ.dependencies.expected.json | 24 +++---- .../test/integ.function.expected.json | 70 +++++++++---------- packages/@aws-cdk/aws-lambda-python/README.md | 2 +- .../@aws-cdk/aws-lambda-python/lib/Dockerfile | 2 +- .../lib/Dockerfile.dependencies | 2 +- .../test/integ.function.expected.json | 18 ++--- .../test/integ.function.pipenv.expected.json | 54 +++++++------- .../test/integ.function.poetry.expected.json | 54 +++++++------- .../test/integ.function.project.expected.json | 36 +++++----- .../test/integ.function.py38.expected.json | 18 ++--- ...unction.requirements.removed.expected.json | 18 ++--- .../test/integ.function.vpc.expected.json | 18 ++--- packages/@aws-cdk/aws-lambda/lib/runtime.ts | 11 +-- .../test/integ.bundling.expected.json | 20 +++--- .../@aws-cdk/aws-lambda/test/runtime.test.ts | 2 +- 17 files changed, 177 insertions(+), 176 deletions(-) diff --git a/packages/@aws-cdk/aws-lambda-nodejs/README.md b/packages/@aws-cdk/aws-lambda-nodejs/README.md index ac756f7d09bbe..42257f7df5225 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/README.md +++ b/packages/@aws-cdk/aws-lambda-nodejs/README.md @@ -61,7 +61,7 @@ used by your function. Otherwise bundling will fail. ## Local bundling If `esbuild` is available it will be used to bundle your code in your environment. Otherwise, -bundling will happen in a [Lambda compatible Docker container](https://hub.docker.com/r/amazon/aws-sam-cli-build-image-nodejs12.x). +bundling will happen in a [Lambda compatible Docker container](https://gallery.ecr.aws/sam/build-nodejs12.x). For macOS the recommendend approach is to install `esbuild` as Docker volume performance is really poor. diff --git a/packages/@aws-cdk/aws-lambda-nodejs/lib/Dockerfile b/packages/@aws-cdk/aws-lambda-nodejs/lib/Dockerfile index a92d2fd2092cc..27fe83af43c35 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/lib/Dockerfile +++ b/packages/@aws-cdk/aws-lambda-nodejs/lib/Dockerfile @@ -1,6 +1,6 @@ # The correct AWS SAM build image based on the runtime of the function will be # passed as build arg. The default allows to do `docker build .` when testing. -ARG IMAGE=amazon/aws-sam-cli-build-image-nodejs12.x +ARG IMAGE=public.ecr.aws/sam/build-nodejs12.x FROM $IMAGE # Install yarn diff --git a/packages/@aws-cdk/aws-lambda-nodejs/test/integ.dependencies.expected.json b/packages/@aws-cdk/aws-lambda-nodejs/test/integ.dependencies.expected.json index 75ecb420e7ef5..1800768023419 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/test/integ.dependencies.expected.json +++ b/packages/@aws-cdk/aws-lambda-nodejs/test/integ.dependencies.expected.json @@ -36,7 +36,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParameters2ff0fab1efcce787182abdd9a3c77a111379358a40cb16d90d7eb7c71ed11835S3BucketF29906B2" + "Ref": "AssetParameters5f9b499dbba1111518df1120b55b863471ac359778441164007b5518a70b9746S3Bucket01854DA0" }, "S3Key": { "Fn::Join": [ @@ -49,7 +49,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters2ff0fab1efcce787182abdd9a3c77a111379358a40cb16d90d7eb7c71ed11835S3VersionKey320A7F12" + "Ref": "AssetParameters5f9b499dbba1111518df1120b55b863471ac359778441164007b5518a70b9746S3VersionKey1CC8C283" } ] } @@ -62,7 +62,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters2ff0fab1efcce787182abdd9a3c77a111379358a40cb16d90d7eb7c71ed11835S3VersionKey320A7F12" + "Ref": "AssetParameters5f9b499dbba1111518df1120b55b863471ac359778441164007b5518a70b9746S3VersionKey1CC8C283" } ] } @@ -72,19 +72,19 @@ ] } }, - "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "externalServiceRole85A00A90", "Arn" ] }, - "Runtime": "nodejs12.x", "Environment": { "Variables": { "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1" } - } + }, + "Handler": "index.handler", + "Runtime": "nodejs12.x" }, "DependsOn": [ "externalServiceRole85A00A90" @@ -92,17 +92,17 @@ } }, "Parameters": { - "AssetParameters2ff0fab1efcce787182abdd9a3c77a111379358a40cb16d90d7eb7c71ed11835S3BucketF29906B2": { + "AssetParameters5f9b499dbba1111518df1120b55b863471ac359778441164007b5518a70b9746S3Bucket01854DA0": { "Type": "String", - "Description": "S3 bucket for asset \"2ff0fab1efcce787182abdd9a3c77a111379358a40cb16d90d7eb7c71ed11835\"" + "Description": "S3 bucket for asset \"5f9b499dbba1111518df1120b55b863471ac359778441164007b5518a70b9746\"" }, - "AssetParameters2ff0fab1efcce787182abdd9a3c77a111379358a40cb16d90d7eb7c71ed11835S3VersionKey320A7F12": { + "AssetParameters5f9b499dbba1111518df1120b55b863471ac359778441164007b5518a70b9746S3VersionKey1CC8C283": { "Type": "String", - "Description": "S3 key for asset version \"2ff0fab1efcce787182abdd9a3c77a111379358a40cb16d90d7eb7c71ed11835\"" + "Description": "S3 key for asset version \"5f9b499dbba1111518df1120b55b863471ac359778441164007b5518a70b9746\"" }, - "AssetParameters2ff0fab1efcce787182abdd9a3c77a111379358a40cb16d90d7eb7c71ed11835ArtifactHash9E439F77": { + "AssetParameters5f9b499dbba1111518df1120b55b863471ac359778441164007b5518a70b9746ArtifactHashAA3B8064": { "Type": "String", - "Description": "Artifact hash for asset \"2ff0fab1efcce787182abdd9a3c77a111379358a40cb16d90d7eb7c71ed11835\"" + "Description": "Artifact hash for asset \"5f9b499dbba1111518df1120b55b863471ac359778441164007b5518a70b9746\"" } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda-nodejs/test/integ.function.expected.json b/packages/@aws-cdk/aws-lambda-nodejs/test/integ.function.expected.json index e41f6a5cc565e..061ad0bc939a7 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/test/integ.function.expected.json +++ b/packages/@aws-cdk/aws-lambda-nodejs/test/integ.function.expected.json @@ -36,7 +36,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParameters1f516d02fb984ea91e74064999e8508f09dd0001d2cf198ccc376d2c0fcd14dcS3Bucket499E594B" + "Ref": "AssetParameterse693e416c0e5591cb0eaa424f7526a449f788de8aa8a89f06f27671feaba8031S3Bucket29060E55" }, "S3Key": { "Fn::Join": [ @@ -49,7 +49,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters1f516d02fb984ea91e74064999e8508f09dd0001d2cf198ccc376d2c0fcd14dcS3VersionKey0D51A516" + "Ref": "AssetParameterse693e416c0e5591cb0eaa424f7526a449f788de8aa8a89f06f27671feaba8031S3VersionKeyE68A6B82" } ] } @@ -62,7 +62,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters1f516d02fb984ea91e74064999e8508f09dd0001d2cf198ccc376d2c0fcd14dcS3VersionKey0D51A516" + "Ref": "AssetParameterse693e416c0e5591cb0eaa424f7526a449f788de8aa8a89f06f27671feaba8031S3VersionKeyE68A6B82" } ] } @@ -72,19 +72,19 @@ ] } }, - "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "tshandlerServiceRole8876B8E7", "Arn" ] }, - "Runtime": "nodejs12.x", "Environment": { "Variables": { "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1" } - } + }, + "Handler": "index.handler", + "Runtime": "nodejs12.x" }, "DependsOn": [ "tshandlerServiceRole8876B8E7" @@ -126,7 +126,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParameters565126ff75ab727f0b3a67e78cf0fa9996426d1458123e8d6ee81c7ea93a6cfaS3BucketDFAA619E" + "Ref": "AssetParameters8bda5a67feb4905ef8b67b45ee665d3e466be7357e6c361ad2aa773e5867db39S3Bucket4A9B4410" }, "S3Key": { "Fn::Join": [ @@ -139,7 +139,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters565126ff75ab727f0b3a67e78cf0fa9996426d1458123e8d6ee81c7ea93a6cfaS3VersionKey2DF01059" + "Ref": "AssetParameters8bda5a67feb4905ef8b67b45ee665d3e466be7357e6c361ad2aa773e5867db39S3VersionKeyA27DDFEA" } ] } @@ -152,7 +152,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters565126ff75ab727f0b3a67e78cf0fa9996426d1458123e8d6ee81c7ea93a6cfaS3VersionKey2DF01059" + "Ref": "AssetParameters8bda5a67feb4905ef8b67b45ee665d3e466be7357e6c361ad2aa773e5867db39S3VersionKeyA27DDFEA" } ] } @@ -162,19 +162,19 @@ ] } }, - "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "jshandlerServiceRole781AF366", "Arn" ] }, - "Runtime": "nodejs12.x", "Environment": { "Variables": { "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1" } - } + }, + "Handler": "index.handler", + "Runtime": "nodejs12.x" }, "DependsOn": [ "jshandlerServiceRole781AF366" @@ -758,7 +758,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParametersb4497848198c9836bf6ea202ecdc73dd7e3bee7c77f78fff0a61d19b8161adc2S3Bucket42C3CE17" + "Ref": "AssetParameters9aa4dd3191867438d7cf78d5509ee4ffc26b9f3954f6d9a2977c478b7728736cS3BucketA6D7D091" }, "S3Key": { "Fn::Join": [ @@ -771,7 +771,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersb4497848198c9836bf6ea202ecdc73dd7e3bee7c77f78fff0a61d19b8161adc2S3VersionKey4389D827" + "Ref": "AssetParameters9aa4dd3191867438d7cf78d5509ee4ffc26b9f3954f6d9a2977c478b7728736cS3VersionKeyD716694C" } ] } @@ -784,7 +784,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersb4497848198c9836bf6ea202ecdc73dd7e3bee7c77f78fff0a61d19b8161adc2S3VersionKey4389D827" + "Ref": "AssetParameters9aa4dd3191867438d7cf78d5509ee4ffc26b9f3954f6d9a2977c478b7728736cS3VersionKeyD716694C" } ] } @@ -794,19 +794,19 @@ ] } }, - "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "tshandlervpcServiceRoleF6D326A3", "Arn" ] }, - "Runtime": "nodejs12.x", "Environment": { "Variables": { "AWS_NODEJS_CONNECTION_REUSE_ENABLED": "1" } }, + "Handler": "index.handler", + "Runtime": "nodejs12.x", "VpcConfig": { "SecurityGroupIds": [ { @@ -835,41 +835,41 @@ } }, "Parameters": { - "AssetParameters1f516d02fb984ea91e74064999e8508f09dd0001d2cf198ccc376d2c0fcd14dcS3Bucket499E594B": { + "AssetParameterse693e416c0e5591cb0eaa424f7526a449f788de8aa8a89f06f27671feaba8031S3Bucket29060E55": { "Type": "String", - "Description": "S3 bucket for asset \"1f516d02fb984ea91e74064999e8508f09dd0001d2cf198ccc376d2c0fcd14dc\"" + "Description": "S3 bucket for asset \"e693e416c0e5591cb0eaa424f7526a449f788de8aa8a89f06f27671feaba8031\"" }, - "AssetParameters1f516d02fb984ea91e74064999e8508f09dd0001d2cf198ccc376d2c0fcd14dcS3VersionKey0D51A516": { + "AssetParameterse693e416c0e5591cb0eaa424f7526a449f788de8aa8a89f06f27671feaba8031S3VersionKeyE68A6B82": { "Type": "String", - "Description": "S3 key for asset version \"1f516d02fb984ea91e74064999e8508f09dd0001d2cf198ccc376d2c0fcd14dc\"" + "Description": "S3 key for asset version \"e693e416c0e5591cb0eaa424f7526a449f788de8aa8a89f06f27671feaba8031\"" }, - "AssetParameters1f516d02fb984ea91e74064999e8508f09dd0001d2cf198ccc376d2c0fcd14dcArtifactHashECB545C0": { + "AssetParameterse693e416c0e5591cb0eaa424f7526a449f788de8aa8a89f06f27671feaba8031ArtifactHash0218547C": { "Type": "String", - "Description": "Artifact hash for asset \"1f516d02fb984ea91e74064999e8508f09dd0001d2cf198ccc376d2c0fcd14dc\"" + "Description": "Artifact hash for asset \"e693e416c0e5591cb0eaa424f7526a449f788de8aa8a89f06f27671feaba8031\"" }, - "AssetParameters565126ff75ab727f0b3a67e78cf0fa9996426d1458123e8d6ee81c7ea93a6cfaS3BucketDFAA619E": { + "AssetParameters8bda5a67feb4905ef8b67b45ee665d3e466be7357e6c361ad2aa773e5867db39S3Bucket4A9B4410": { "Type": "String", - "Description": "S3 bucket for asset \"565126ff75ab727f0b3a67e78cf0fa9996426d1458123e8d6ee81c7ea93a6cfa\"" + "Description": "S3 bucket for asset \"8bda5a67feb4905ef8b67b45ee665d3e466be7357e6c361ad2aa773e5867db39\"" }, - "AssetParameters565126ff75ab727f0b3a67e78cf0fa9996426d1458123e8d6ee81c7ea93a6cfaS3VersionKey2DF01059": { + "AssetParameters8bda5a67feb4905ef8b67b45ee665d3e466be7357e6c361ad2aa773e5867db39S3VersionKeyA27DDFEA": { "Type": "String", - "Description": "S3 key for asset version \"565126ff75ab727f0b3a67e78cf0fa9996426d1458123e8d6ee81c7ea93a6cfa\"" + "Description": "S3 key for asset version \"8bda5a67feb4905ef8b67b45ee665d3e466be7357e6c361ad2aa773e5867db39\"" }, - "AssetParameters565126ff75ab727f0b3a67e78cf0fa9996426d1458123e8d6ee81c7ea93a6cfaArtifactHashF74A21AB": { + "AssetParameters8bda5a67feb4905ef8b67b45ee665d3e466be7357e6c361ad2aa773e5867db39ArtifactHash13E6F6BF": { "Type": "String", - "Description": "Artifact hash for asset \"565126ff75ab727f0b3a67e78cf0fa9996426d1458123e8d6ee81c7ea93a6cfa\"" + "Description": "Artifact hash for asset \"8bda5a67feb4905ef8b67b45ee665d3e466be7357e6c361ad2aa773e5867db39\"" }, - "AssetParametersb4497848198c9836bf6ea202ecdc73dd7e3bee7c77f78fff0a61d19b8161adc2S3Bucket42C3CE17": { + "AssetParameters9aa4dd3191867438d7cf78d5509ee4ffc26b9f3954f6d9a2977c478b7728736cS3BucketA6D7D091": { "Type": "String", - "Description": "S3 bucket for asset \"b4497848198c9836bf6ea202ecdc73dd7e3bee7c77f78fff0a61d19b8161adc2\"" + "Description": "S3 bucket for asset \"9aa4dd3191867438d7cf78d5509ee4ffc26b9f3954f6d9a2977c478b7728736c\"" }, - "AssetParametersb4497848198c9836bf6ea202ecdc73dd7e3bee7c77f78fff0a61d19b8161adc2S3VersionKey4389D827": { + "AssetParameters9aa4dd3191867438d7cf78d5509ee4ffc26b9f3954f6d9a2977c478b7728736cS3VersionKeyD716694C": { "Type": "String", - "Description": "S3 key for asset version \"b4497848198c9836bf6ea202ecdc73dd7e3bee7c77f78fff0a61d19b8161adc2\"" + "Description": "S3 key for asset version \"9aa4dd3191867438d7cf78d5509ee4ffc26b9f3954f6d9a2977c478b7728736c\"" }, - "AssetParametersb4497848198c9836bf6ea202ecdc73dd7e3bee7c77f78fff0a61d19b8161adc2ArtifactHash7EA2459D": { + "AssetParameters9aa4dd3191867438d7cf78d5509ee4ffc26b9f3954f6d9a2977c478b7728736cArtifactHashF03B1BE8": { "Type": "String", - "Description": "Artifact hash for asset \"b4497848198c9836bf6ea202ecdc73dd7e3bee7c77f78fff0a61d19b8161adc2\"" + "Description": "Artifact hash for asset \"9aa4dd3191867438d7cf78d5509ee4ffc26b9f3954f6d9a2977c478b7728736c\"" } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-lambda-python/README.md b/packages/@aws-cdk/aws-lambda-python/README.md index 7f9afc15072b9..77c9fee5a6f7b 100644 --- a/packages/@aws-cdk/aws-lambda-python/README.md +++ b/packages/@aws-cdk/aws-lambda-python/README.md @@ -41,7 +41,7 @@ All other properties of `lambda.Function` are supported, see also the [AWS Lambd ## Module Dependencies If `requirements.txt` or `Pipfile` exists at the entry path, the construct will handle installing -all required modules in a [Lambda compatible Docker container](https://hub.docker.com/r/amazon/aws-sam-cli-build-image-python3.7) +all required modules in a [Lambda compatible Docker container](https://gallery.ecr.aws/sam/build-python3.7) according to the `runtime`. **Lambda with a requirements.txt** diff --git a/packages/@aws-cdk/aws-lambda-python/lib/Dockerfile b/packages/@aws-cdk/aws-lambda-python/lib/Dockerfile index 057512cf4a35c..ab45f0480735f 100644 --- a/packages/@aws-cdk/aws-lambda-python/lib/Dockerfile +++ b/packages/@aws-cdk/aws-lambda-python/lib/Dockerfile @@ -1,6 +1,6 @@ # The correct AWS SAM build image based on the runtime of the function will be # passed as build arg. The default allows to do `docker build .` when testing. -ARG IMAGE=amazon/aws-sam-cli-build-image-python3.7 +ARG IMAGE=public.ecr.aws/sam/build-python3.7 FROM $IMAGE # Ensure rsync is installed diff --git a/packages/@aws-cdk/aws-lambda-python/lib/Dockerfile.dependencies b/packages/@aws-cdk/aws-lambda-python/lib/Dockerfile.dependencies index 536887fd69a9a..6793987212603 100644 --- a/packages/@aws-cdk/aws-lambda-python/lib/Dockerfile.dependencies +++ b/packages/@aws-cdk/aws-lambda-python/lib/Dockerfile.dependencies @@ -1,6 +1,6 @@ # The correct AWS SAM build image based on the runtime of the function will be # passed as build arg. The default allows to do `docker build .` when testing. -ARG IMAGE=amazon/aws-sam-cli-build-image-python3.7 +ARG IMAGE=public.ecr.aws/sam/build-python3.7 FROM $IMAGE # Ensure rsync is installed diff --git a/packages/@aws-cdk/aws-lambda-python/test/integ.function.expected.json b/packages/@aws-cdk/aws-lambda-python/test/integ.function.expected.json index 45fb46b70aeb9..6ed7f497e9ee0 100644 --- a/packages/@aws-cdk/aws-lambda-python/test/integ.function.expected.json +++ b/packages/@aws-cdk/aws-lambda-python/test/integ.function.expected.json @@ -36,7 +36,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParameters79d8f328899b90e2c16929e9393ebf344f098abde8981abdff0168fc9b0589acS3Bucket424FEB44" + "Ref": "AssetParameters5b8ff93384af5b488025e13b274c2dd894e474a810f1a406af1aeb4edbba6a3cS3Bucket5B146B0B" }, "S3Key": { "Fn::Join": [ @@ -49,7 +49,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters79d8f328899b90e2c16929e9393ebf344f098abde8981abdff0168fc9b0589acS3VersionKeyCEB2635C" + "Ref": "AssetParameters5b8ff93384af5b488025e13b274c2dd894e474a810f1a406af1aeb4edbba6a3cS3VersionKeyC0C8A627" } ] } @@ -62,7 +62,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters79d8f328899b90e2c16929e9393ebf344f098abde8981abdff0168fc9b0589acS3VersionKeyCEB2635C" + "Ref": "AssetParameters5b8ff93384af5b488025e13b274c2dd894e474a810f1a406af1aeb4edbba6a3cS3VersionKeyC0C8A627" } ] } @@ -87,17 +87,17 @@ } }, "Parameters": { - "AssetParameters79d8f328899b90e2c16929e9393ebf344f098abde8981abdff0168fc9b0589acS3Bucket424FEB44": { + "AssetParameters5b8ff93384af5b488025e13b274c2dd894e474a810f1a406af1aeb4edbba6a3cS3Bucket5B146B0B": { "Type": "String", - "Description": "S3 bucket for asset \"79d8f328899b90e2c16929e9393ebf344f098abde8981abdff0168fc9b0589ac\"" + "Description": "S3 bucket for asset \"5b8ff93384af5b488025e13b274c2dd894e474a810f1a406af1aeb4edbba6a3c\"" }, - "AssetParameters79d8f328899b90e2c16929e9393ebf344f098abde8981abdff0168fc9b0589acS3VersionKeyCEB2635C": { + "AssetParameters5b8ff93384af5b488025e13b274c2dd894e474a810f1a406af1aeb4edbba6a3cS3VersionKeyC0C8A627": { "Type": "String", - "Description": "S3 key for asset version \"79d8f328899b90e2c16929e9393ebf344f098abde8981abdff0168fc9b0589ac\"" + "Description": "S3 key for asset version \"5b8ff93384af5b488025e13b274c2dd894e474a810f1a406af1aeb4edbba6a3c\"" }, - "AssetParameters79d8f328899b90e2c16929e9393ebf344f098abde8981abdff0168fc9b0589acArtifactHashE38133D4": { + "AssetParameters5b8ff93384af5b488025e13b274c2dd894e474a810f1a406af1aeb4edbba6a3cArtifactHashB6A7723E": { "Type": "String", - "Description": "Artifact hash for asset \"79d8f328899b90e2c16929e9393ebf344f098abde8981abdff0168fc9b0589ac\"" + "Description": "Artifact hash for asset \"5b8ff93384af5b488025e13b274c2dd894e474a810f1a406af1aeb4edbba6a3c\"" } }, "Outputs": { diff --git a/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv.expected.json b/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv.expected.json index aa7bc5fbbcd68..6766584717e3d 100644 --- a/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv.expected.json +++ b/packages/@aws-cdk/aws-lambda-python/test/integ.function.pipenv.expected.json @@ -36,7 +36,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParameters50fe6f46cf18fb257f00fed007da5c80fbf5dee08bec37fe765c50188eecae0bS3Bucket4125B4E4" + "Ref": "AssetParameters1a697367cf267ba8a72f772b462c503dd5a6e7bcdd8cb353d89604e9d18802eeS3BucketADC4FFB3" }, "S3Key": { "Fn::Join": [ @@ -49,7 +49,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters50fe6f46cf18fb257f00fed007da5c80fbf5dee08bec37fe765c50188eecae0bS3VersionKey1CF28CF5" + "Ref": "AssetParameters1a697367cf267ba8a72f772b462c503dd5a6e7bcdd8cb353d89604e9d18802eeS3VersionKey784D7689" } ] } @@ -62,7 +62,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters50fe6f46cf18fb257f00fed007da5c80fbf5dee08bec37fe765c50188eecae0bS3VersionKey1CF28CF5" + "Ref": "AssetParameters1a697367cf267ba8a72f772b462c503dd5a6e7bcdd8cb353d89604e9d18802eeS3VersionKey784D7689" } ] } @@ -121,7 +121,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParameters314bcf2cee9a5b01d3be2c2815602d1d784611fac220dde672aca6cb54299076S3BucketD6F6E4F2" + "Ref": "AssetParameters8eb49c58869010ec84a5b407369006e9cb5fdf9667d8609638d6fa59265fc3ecS3Bucket5B706387" }, "S3Key": { "Fn::Join": [ @@ -134,7 +134,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters314bcf2cee9a5b01d3be2c2815602d1d784611fac220dde672aca6cb54299076S3VersionKeyE0B47D8E" + "Ref": "AssetParameters8eb49c58869010ec84a5b407369006e9cb5fdf9667d8609638d6fa59265fc3ecS3VersionKey48CF3C03" } ] } @@ -147,7 +147,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters314bcf2cee9a5b01d3be2c2815602d1d784611fac220dde672aca6cb54299076S3VersionKeyE0B47D8E" + "Ref": "AssetParameters8eb49c58869010ec84a5b407369006e9cb5fdf9667d8609638d6fa59265fc3ecS3VersionKey48CF3C03" } ] } @@ -206,7 +206,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParameters11846740cde0308720709e44dce627bf1ceb557ee9d0dbb556a05632da565ef2S3BucketE17A9F3E" + "Ref": "AssetParameters992750d379dbbe94426dbd352099e3344b9edcfd098a56691b53eafaeb227b10S3Bucket9E9FE80F" }, "S3Key": { "Fn::Join": [ @@ -219,7 +219,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters11846740cde0308720709e44dce627bf1ceb557ee9d0dbb556a05632da565ef2S3VersionKey0A0F7F93" + "Ref": "AssetParameters992750d379dbbe94426dbd352099e3344b9edcfd098a56691b53eafaeb227b10S3VersionKeyFFAE128A" } ] } @@ -232,7 +232,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters11846740cde0308720709e44dce627bf1ceb557ee9d0dbb556a05632da565ef2S3VersionKey0A0F7F93" + "Ref": "AssetParameters992750d379dbbe94426dbd352099e3344b9edcfd098a56691b53eafaeb227b10S3VersionKeyFFAE128A" } ] } @@ -257,41 +257,41 @@ } }, "Parameters": { - "AssetParameters50fe6f46cf18fb257f00fed007da5c80fbf5dee08bec37fe765c50188eecae0bS3Bucket4125B4E4": { + "AssetParameters1a697367cf267ba8a72f772b462c503dd5a6e7bcdd8cb353d89604e9d18802eeS3BucketADC4FFB3": { "Type": "String", - "Description": "S3 bucket for asset \"50fe6f46cf18fb257f00fed007da5c80fbf5dee08bec37fe765c50188eecae0b\"" + "Description": "S3 bucket for asset \"1a697367cf267ba8a72f772b462c503dd5a6e7bcdd8cb353d89604e9d18802ee\"" }, - "AssetParameters50fe6f46cf18fb257f00fed007da5c80fbf5dee08bec37fe765c50188eecae0bS3VersionKey1CF28CF5": { + "AssetParameters1a697367cf267ba8a72f772b462c503dd5a6e7bcdd8cb353d89604e9d18802eeS3VersionKey784D7689": { "Type": "String", - "Description": "S3 key for asset version \"50fe6f46cf18fb257f00fed007da5c80fbf5dee08bec37fe765c50188eecae0b\"" + "Description": "S3 key for asset version \"1a697367cf267ba8a72f772b462c503dd5a6e7bcdd8cb353d89604e9d18802ee\"" }, - "AssetParameters50fe6f46cf18fb257f00fed007da5c80fbf5dee08bec37fe765c50188eecae0bArtifactHashC28E4EDF": { + "AssetParameters1a697367cf267ba8a72f772b462c503dd5a6e7bcdd8cb353d89604e9d18802eeArtifactHash76BB0F66": { "Type": "String", - "Description": "Artifact hash for asset \"50fe6f46cf18fb257f00fed007da5c80fbf5dee08bec37fe765c50188eecae0b\"" + "Description": "Artifact hash for asset \"1a697367cf267ba8a72f772b462c503dd5a6e7bcdd8cb353d89604e9d18802ee\"" }, - "AssetParameters314bcf2cee9a5b01d3be2c2815602d1d784611fac220dde672aca6cb54299076S3BucketD6F6E4F2": { + "AssetParameters8eb49c58869010ec84a5b407369006e9cb5fdf9667d8609638d6fa59265fc3ecS3Bucket5B706387": { "Type": "String", - "Description": "S3 bucket for asset \"314bcf2cee9a5b01d3be2c2815602d1d784611fac220dde672aca6cb54299076\"" + "Description": "S3 bucket for asset \"8eb49c58869010ec84a5b407369006e9cb5fdf9667d8609638d6fa59265fc3ec\"" }, - "AssetParameters314bcf2cee9a5b01d3be2c2815602d1d784611fac220dde672aca6cb54299076S3VersionKeyE0B47D8E": { + "AssetParameters8eb49c58869010ec84a5b407369006e9cb5fdf9667d8609638d6fa59265fc3ecS3VersionKey48CF3C03": { "Type": "String", - "Description": "S3 key for asset version \"314bcf2cee9a5b01d3be2c2815602d1d784611fac220dde672aca6cb54299076\"" + "Description": "S3 key for asset version \"8eb49c58869010ec84a5b407369006e9cb5fdf9667d8609638d6fa59265fc3ec\"" }, - "AssetParameters314bcf2cee9a5b01d3be2c2815602d1d784611fac220dde672aca6cb54299076ArtifactHash45C2DF56": { + "AssetParameters8eb49c58869010ec84a5b407369006e9cb5fdf9667d8609638d6fa59265fc3ecArtifactHashD17A32B8": { "Type": "String", - "Description": "Artifact hash for asset \"314bcf2cee9a5b01d3be2c2815602d1d784611fac220dde672aca6cb54299076\"" + "Description": "Artifact hash for asset \"8eb49c58869010ec84a5b407369006e9cb5fdf9667d8609638d6fa59265fc3ec\"" }, - "AssetParameters11846740cde0308720709e44dce627bf1ceb557ee9d0dbb556a05632da565ef2S3BucketE17A9F3E": { + "AssetParameters992750d379dbbe94426dbd352099e3344b9edcfd098a56691b53eafaeb227b10S3Bucket9E9FE80F": { "Type": "String", - "Description": "S3 bucket for asset \"11846740cde0308720709e44dce627bf1ceb557ee9d0dbb556a05632da565ef2\"" + "Description": "S3 bucket for asset \"992750d379dbbe94426dbd352099e3344b9edcfd098a56691b53eafaeb227b10\"" }, - "AssetParameters11846740cde0308720709e44dce627bf1ceb557ee9d0dbb556a05632da565ef2S3VersionKey0A0F7F93": { + "AssetParameters992750d379dbbe94426dbd352099e3344b9edcfd098a56691b53eafaeb227b10S3VersionKeyFFAE128A": { "Type": "String", - "Description": "S3 key for asset version \"11846740cde0308720709e44dce627bf1ceb557ee9d0dbb556a05632da565ef2\"" + "Description": "S3 key for asset version \"992750d379dbbe94426dbd352099e3344b9edcfd098a56691b53eafaeb227b10\"" }, - "AssetParameters11846740cde0308720709e44dce627bf1ceb557ee9d0dbb556a05632da565ef2ArtifactHash743A82BD": { + "AssetParameters992750d379dbbe94426dbd352099e3344b9edcfd098a56691b53eafaeb227b10ArtifactHashCAE919EE": { "Type": "String", - "Description": "Artifact hash for asset \"11846740cde0308720709e44dce627bf1ceb557ee9d0dbb556a05632da565ef2\"" + "Description": "Artifact hash for asset \"992750d379dbbe94426dbd352099e3344b9edcfd098a56691b53eafaeb227b10\"" } }, "Outputs": { diff --git a/packages/@aws-cdk/aws-lambda-python/test/integ.function.poetry.expected.json b/packages/@aws-cdk/aws-lambda-python/test/integ.function.poetry.expected.json index c2ad372f25649..9b5e2aba2f075 100644 --- a/packages/@aws-cdk/aws-lambda-python/test/integ.function.poetry.expected.json +++ b/packages/@aws-cdk/aws-lambda-python/test/integ.function.poetry.expected.json @@ -36,7 +36,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParameters3bc4d0e28b60c2b2468004185dabbe33a91c04563872cafb35b5b71e8a8f33d4S3Bucket68AF28A9" + "Ref": "AssetParameters75ddddb47479a218a15821c4afd818c51d26c8340cbbe49f6eca0b7b802e3923S3Bucket1A5FBFC5" }, "S3Key": { "Fn::Join": [ @@ -49,7 +49,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters3bc4d0e28b60c2b2468004185dabbe33a91c04563872cafb35b5b71e8a8f33d4S3VersionKeyACC0084B" + "Ref": "AssetParameters75ddddb47479a218a15821c4afd818c51d26c8340cbbe49f6eca0b7b802e3923S3VersionKey67EF2E81" } ] } @@ -62,7 +62,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters3bc4d0e28b60c2b2468004185dabbe33a91c04563872cafb35b5b71e8a8f33d4S3VersionKeyACC0084B" + "Ref": "AssetParameters75ddddb47479a218a15821c4afd818c51d26c8340cbbe49f6eca0b7b802e3923S3VersionKey67EF2E81" } ] } @@ -121,7 +121,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParametersc1614067648b8b7e151e321ce82879d259a2b8f2bd10dddd61f0f2ce26287c17S3Bucket980A99E7" + "Ref": "AssetParameters929810b8fc5030a232173abd44cd2d54f4735eece74ac8cf1c34e7b9dd9161a3S3Bucket0ECFE319" }, "S3Key": { "Fn::Join": [ @@ -134,7 +134,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersc1614067648b8b7e151e321ce82879d259a2b8f2bd10dddd61f0f2ce26287c17S3VersionKeyC4E1E9B5" + "Ref": "AssetParameters929810b8fc5030a232173abd44cd2d54f4735eece74ac8cf1c34e7b9dd9161a3S3VersionKeyA373952D" } ] } @@ -147,7 +147,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersc1614067648b8b7e151e321ce82879d259a2b8f2bd10dddd61f0f2ce26287c17S3VersionKeyC4E1E9B5" + "Ref": "AssetParameters929810b8fc5030a232173abd44cd2d54f4735eece74ac8cf1c34e7b9dd9161a3S3VersionKeyA373952D" } ] } @@ -206,7 +206,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParameters3610bde00ecd0013f7806e2ab0e80d7ac26232cd3ffc2934b5ca28fef120bdf6S3Bucket91AABE39" + "Ref": "AssetParameters5a08158e59eb223498febeed20bc4005c3e81534f6c47bd7d8a2079f256f25d0S3BucketDB10730C" }, "S3Key": { "Fn::Join": [ @@ -219,7 +219,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters3610bde00ecd0013f7806e2ab0e80d7ac26232cd3ffc2934b5ca28fef120bdf6S3VersionKeyEE0FAD90" + "Ref": "AssetParameters5a08158e59eb223498febeed20bc4005c3e81534f6c47bd7d8a2079f256f25d0S3VersionKeyE7AE1114" } ] } @@ -232,7 +232,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters3610bde00ecd0013f7806e2ab0e80d7ac26232cd3ffc2934b5ca28fef120bdf6S3VersionKeyEE0FAD90" + "Ref": "AssetParameters5a08158e59eb223498febeed20bc4005c3e81534f6c47bd7d8a2079f256f25d0S3VersionKeyE7AE1114" } ] } @@ -257,41 +257,41 @@ } }, "Parameters": { - "AssetParameters3bc4d0e28b60c2b2468004185dabbe33a91c04563872cafb35b5b71e8a8f33d4S3Bucket68AF28A9": { + "AssetParameters75ddddb47479a218a15821c4afd818c51d26c8340cbbe49f6eca0b7b802e3923S3Bucket1A5FBFC5": { "Type": "String", - "Description": "S3 bucket for asset \"3bc4d0e28b60c2b2468004185dabbe33a91c04563872cafb35b5b71e8a8f33d4\"" + "Description": "S3 bucket for asset \"75ddddb47479a218a15821c4afd818c51d26c8340cbbe49f6eca0b7b802e3923\"" }, - "AssetParameters3bc4d0e28b60c2b2468004185dabbe33a91c04563872cafb35b5b71e8a8f33d4S3VersionKeyACC0084B": { + "AssetParameters75ddddb47479a218a15821c4afd818c51d26c8340cbbe49f6eca0b7b802e3923S3VersionKey67EF2E81": { "Type": "String", - "Description": "S3 key for asset version \"3bc4d0e28b60c2b2468004185dabbe33a91c04563872cafb35b5b71e8a8f33d4\"" + "Description": "S3 key for asset version \"75ddddb47479a218a15821c4afd818c51d26c8340cbbe49f6eca0b7b802e3923\"" }, - "AssetParameters3bc4d0e28b60c2b2468004185dabbe33a91c04563872cafb35b5b71e8a8f33d4ArtifactHashC2D4B1C3": { + "AssetParameters75ddddb47479a218a15821c4afd818c51d26c8340cbbe49f6eca0b7b802e3923ArtifactHash122807F1": { "Type": "String", - "Description": "Artifact hash for asset \"3bc4d0e28b60c2b2468004185dabbe33a91c04563872cafb35b5b71e8a8f33d4\"" + "Description": "Artifact hash for asset \"75ddddb47479a218a15821c4afd818c51d26c8340cbbe49f6eca0b7b802e3923\"" }, - "AssetParametersc1614067648b8b7e151e321ce82879d259a2b8f2bd10dddd61f0f2ce26287c17S3Bucket980A99E7": { + "AssetParameters929810b8fc5030a232173abd44cd2d54f4735eece74ac8cf1c34e7b9dd9161a3S3Bucket0ECFE319": { "Type": "String", - "Description": "S3 bucket for asset \"c1614067648b8b7e151e321ce82879d259a2b8f2bd10dddd61f0f2ce26287c17\"" + "Description": "S3 bucket for asset \"929810b8fc5030a232173abd44cd2d54f4735eece74ac8cf1c34e7b9dd9161a3\"" }, - "AssetParametersc1614067648b8b7e151e321ce82879d259a2b8f2bd10dddd61f0f2ce26287c17S3VersionKeyC4E1E9B5": { + "AssetParameters929810b8fc5030a232173abd44cd2d54f4735eece74ac8cf1c34e7b9dd9161a3S3VersionKeyA373952D": { "Type": "String", - "Description": "S3 key for asset version \"c1614067648b8b7e151e321ce82879d259a2b8f2bd10dddd61f0f2ce26287c17\"" + "Description": "S3 key for asset version \"929810b8fc5030a232173abd44cd2d54f4735eece74ac8cf1c34e7b9dd9161a3\"" }, - "AssetParametersc1614067648b8b7e151e321ce82879d259a2b8f2bd10dddd61f0f2ce26287c17ArtifactHash5B02FA4D": { + "AssetParameters929810b8fc5030a232173abd44cd2d54f4735eece74ac8cf1c34e7b9dd9161a3ArtifactHash196D379D": { "Type": "String", - "Description": "Artifact hash for asset \"c1614067648b8b7e151e321ce82879d259a2b8f2bd10dddd61f0f2ce26287c17\"" + "Description": "Artifact hash for asset \"929810b8fc5030a232173abd44cd2d54f4735eece74ac8cf1c34e7b9dd9161a3\"" }, - "AssetParameters3610bde00ecd0013f7806e2ab0e80d7ac26232cd3ffc2934b5ca28fef120bdf6S3Bucket91AABE39": { + "AssetParameters5a08158e59eb223498febeed20bc4005c3e81534f6c47bd7d8a2079f256f25d0S3BucketDB10730C": { "Type": "String", - "Description": "S3 bucket for asset \"3610bde00ecd0013f7806e2ab0e80d7ac26232cd3ffc2934b5ca28fef120bdf6\"" + "Description": "S3 bucket for asset \"5a08158e59eb223498febeed20bc4005c3e81534f6c47bd7d8a2079f256f25d0\"" }, - "AssetParameters3610bde00ecd0013f7806e2ab0e80d7ac26232cd3ffc2934b5ca28fef120bdf6S3VersionKeyEE0FAD90": { + "AssetParameters5a08158e59eb223498febeed20bc4005c3e81534f6c47bd7d8a2079f256f25d0S3VersionKeyE7AE1114": { "Type": "String", - "Description": "S3 key for asset version \"3610bde00ecd0013f7806e2ab0e80d7ac26232cd3ffc2934b5ca28fef120bdf6\"" + "Description": "S3 key for asset version \"5a08158e59eb223498febeed20bc4005c3e81534f6c47bd7d8a2079f256f25d0\"" }, - "AssetParameters3610bde00ecd0013f7806e2ab0e80d7ac26232cd3ffc2934b5ca28fef120bdf6ArtifactHash09CEB444": { + "AssetParameters5a08158e59eb223498febeed20bc4005c3e81534f6c47bd7d8a2079f256f25d0ArtifactHashF5CC0D13": { "Type": "String", - "Description": "Artifact hash for asset \"3610bde00ecd0013f7806e2ab0e80d7ac26232cd3ffc2934b5ca28fef120bdf6\"" + "Description": "Artifact hash for asset \"5a08158e59eb223498febeed20bc4005c3e81534f6c47bd7d8a2079f256f25d0\"" } }, "Outputs": { diff --git a/packages/@aws-cdk/aws-lambda-python/test/integ.function.project.expected.json b/packages/@aws-cdk/aws-lambda-python/test/integ.function.project.expected.json index aa13e73295e64..68838ca5bb2f0 100644 --- a/packages/@aws-cdk/aws-lambda-python/test/integ.function.project.expected.json +++ b/packages/@aws-cdk/aws-lambda-python/test/integ.function.project.expected.json @@ -5,7 +5,7 @@ "Properties": { "Content": { "S3Bucket": { - "Ref": "AssetParameterse174a6a88cb48eb510c29b2bf0203c181cfa059320745e6ae6429e522b36c66eS3Bucket7A00FCB4" + "Ref": "AssetParameters66cf329731482a1903f36e710c64efa07dd7fc320739e9a1c0d915fe3cfa3aa0S3BucketF123FCA1" }, "S3Key": { "Fn::Join": [ @@ -18,7 +18,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameterse174a6a88cb48eb510c29b2bf0203c181cfa059320745e6ae6429e522b36c66eS3VersionKey8BF2F9D6" + "Ref": "AssetParameters66cf329731482a1903f36e710c64efa07dd7fc320739e9a1c0d915fe3cfa3aa0S3VersionKey6FABFCA9" } ] } @@ -31,7 +31,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameterse174a6a88cb48eb510c29b2bf0203c181cfa059320745e6ae6429e522b36c66eS3VersionKey8BF2F9D6" + "Ref": "AssetParameters66cf329731482a1903f36e710c64efa07dd7fc320739e9a1c0d915fe3cfa3aa0S3VersionKey6FABFCA9" } ] } @@ -82,7 +82,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParameters907ec4b12820d4b2dc64e7f0f1f1f6267c1db622bc42aa57f5361efa12b1aafbS3Bucket16F02289" + "Ref": "AssetParameters2355f1daf8ff0670c3287d5f2b9bf5061dce576b20f03dddb2f016ba7a203c86S3Bucket03A296A2" }, "S3Key": { "Fn::Join": [ @@ -95,7 +95,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters907ec4b12820d4b2dc64e7f0f1f1f6267c1db622bc42aa57f5361efa12b1aafbS3VersionKeyDAF0A5BD" + "Ref": "AssetParameters2355f1daf8ff0670c3287d5f2b9bf5061dce576b20f03dddb2f016ba7a203c86S3VersionKey90B885D0" } ] } @@ -108,7 +108,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters907ec4b12820d4b2dc64e7f0f1f1f6267c1db622bc42aa57f5361efa12b1aafbS3VersionKeyDAF0A5BD" + "Ref": "AssetParameters2355f1daf8ff0670c3287d5f2b9bf5061dce576b20f03dddb2f016ba7a203c86S3VersionKey90B885D0" } ] } @@ -138,29 +138,29 @@ } }, "Parameters": { - "AssetParameterse174a6a88cb48eb510c29b2bf0203c181cfa059320745e6ae6429e522b36c66eS3Bucket7A00FCB4": { + "AssetParameters66cf329731482a1903f36e710c64efa07dd7fc320739e9a1c0d915fe3cfa3aa0S3BucketF123FCA1": { "Type": "String", - "Description": "S3 bucket for asset \"e174a6a88cb48eb510c29b2bf0203c181cfa059320745e6ae6429e522b36c66e\"" + "Description": "S3 bucket for asset \"66cf329731482a1903f36e710c64efa07dd7fc320739e9a1c0d915fe3cfa3aa0\"" }, - "AssetParameterse174a6a88cb48eb510c29b2bf0203c181cfa059320745e6ae6429e522b36c66eS3VersionKey8BF2F9D6": { + "AssetParameters66cf329731482a1903f36e710c64efa07dd7fc320739e9a1c0d915fe3cfa3aa0S3VersionKey6FABFCA9": { "Type": "String", - "Description": "S3 key for asset version \"e174a6a88cb48eb510c29b2bf0203c181cfa059320745e6ae6429e522b36c66e\"" + "Description": "S3 key for asset version \"66cf329731482a1903f36e710c64efa07dd7fc320739e9a1c0d915fe3cfa3aa0\"" }, - "AssetParameterse174a6a88cb48eb510c29b2bf0203c181cfa059320745e6ae6429e522b36c66eArtifactHash2DECF34E": { + "AssetParameters66cf329731482a1903f36e710c64efa07dd7fc320739e9a1c0d915fe3cfa3aa0ArtifactHash0384F1C8": { "Type": "String", - "Description": "Artifact hash for asset \"e174a6a88cb48eb510c29b2bf0203c181cfa059320745e6ae6429e522b36c66e\"" + "Description": "Artifact hash for asset \"66cf329731482a1903f36e710c64efa07dd7fc320739e9a1c0d915fe3cfa3aa0\"" }, - "AssetParameters907ec4b12820d4b2dc64e7f0f1f1f6267c1db622bc42aa57f5361efa12b1aafbS3Bucket16F02289": { + "AssetParameters2355f1daf8ff0670c3287d5f2b9bf5061dce576b20f03dddb2f016ba7a203c86S3Bucket03A296A2": { "Type": "String", - "Description": "S3 bucket for asset \"907ec4b12820d4b2dc64e7f0f1f1f6267c1db622bc42aa57f5361efa12b1aafb\"" + "Description": "S3 bucket for asset \"2355f1daf8ff0670c3287d5f2b9bf5061dce576b20f03dddb2f016ba7a203c86\"" }, - "AssetParameters907ec4b12820d4b2dc64e7f0f1f1f6267c1db622bc42aa57f5361efa12b1aafbS3VersionKeyDAF0A5BD": { + "AssetParameters2355f1daf8ff0670c3287d5f2b9bf5061dce576b20f03dddb2f016ba7a203c86S3VersionKey90B885D0": { "Type": "String", - "Description": "S3 key for asset version \"907ec4b12820d4b2dc64e7f0f1f1f6267c1db622bc42aa57f5361efa12b1aafb\"" + "Description": "S3 key for asset version \"2355f1daf8ff0670c3287d5f2b9bf5061dce576b20f03dddb2f016ba7a203c86\"" }, - "AssetParameters907ec4b12820d4b2dc64e7f0f1f1f6267c1db622bc42aa57f5361efa12b1aafbArtifactHashD7592B0F": { + "AssetParameters2355f1daf8ff0670c3287d5f2b9bf5061dce576b20f03dddb2f016ba7a203c86ArtifactHash937218E0": { "Type": "String", - "Description": "Artifact hash for asset \"907ec4b12820d4b2dc64e7f0f1f1f6267c1db622bc42aa57f5361efa12b1aafb\"" + "Description": "Artifact hash for asset \"2355f1daf8ff0670c3287d5f2b9bf5061dce576b20f03dddb2f016ba7a203c86\"" } }, "Outputs": { diff --git a/packages/@aws-cdk/aws-lambda-python/test/integ.function.py38.expected.json b/packages/@aws-cdk/aws-lambda-python/test/integ.function.py38.expected.json index c49f5e312d873..df601bc92acd9 100644 --- a/packages/@aws-cdk/aws-lambda-python/test/integ.function.py38.expected.json +++ b/packages/@aws-cdk/aws-lambda-python/test/integ.function.py38.expected.json @@ -36,7 +36,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParameters6cc4994756d4085a860e734568c92826773e52c22c58894ce368b1e698da413dS3Bucket74CBB570" + "Ref": "AssetParameters29cd01a5fe529da311cdec40c163fb1c04b1b3dc8caadff0ea696fb6e63610feS3Bucket38F00249" }, "S3Key": { "Fn::Join": [ @@ -49,7 +49,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters6cc4994756d4085a860e734568c92826773e52c22c58894ce368b1e698da413dS3VersionKey3CBAF21A" + "Ref": "AssetParameters29cd01a5fe529da311cdec40c163fb1c04b1b3dc8caadff0ea696fb6e63610feS3VersionKey60957E7E" } ] } @@ -62,7 +62,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters6cc4994756d4085a860e734568c92826773e52c22c58894ce368b1e698da413dS3VersionKey3CBAF21A" + "Ref": "AssetParameters29cd01a5fe529da311cdec40c163fb1c04b1b3dc8caadff0ea696fb6e63610feS3VersionKey60957E7E" } ] } @@ -87,17 +87,17 @@ } }, "Parameters": { - "AssetParameters6cc4994756d4085a860e734568c92826773e52c22c58894ce368b1e698da413dS3Bucket74CBB570": { + "AssetParameters29cd01a5fe529da311cdec40c163fb1c04b1b3dc8caadff0ea696fb6e63610feS3Bucket38F00249": { "Type": "String", - "Description": "S3 bucket for asset \"6cc4994756d4085a860e734568c92826773e52c22c58894ce368b1e698da413d\"" + "Description": "S3 bucket for asset \"29cd01a5fe529da311cdec40c163fb1c04b1b3dc8caadff0ea696fb6e63610fe\"" }, - "AssetParameters6cc4994756d4085a860e734568c92826773e52c22c58894ce368b1e698da413dS3VersionKey3CBAF21A": { + "AssetParameters29cd01a5fe529da311cdec40c163fb1c04b1b3dc8caadff0ea696fb6e63610feS3VersionKey60957E7E": { "Type": "String", - "Description": "S3 key for asset version \"6cc4994756d4085a860e734568c92826773e52c22c58894ce368b1e698da413d\"" + "Description": "S3 key for asset version \"29cd01a5fe529da311cdec40c163fb1c04b1b3dc8caadff0ea696fb6e63610fe\"" }, - "AssetParameters6cc4994756d4085a860e734568c92826773e52c22c58894ce368b1e698da413dArtifactHash750F3AF8": { + "AssetParameters29cd01a5fe529da311cdec40c163fb1c04b1b3dc8caadff0ea696fb6e63610feArtifactHash29C18922": { "Type": "String", - "Description": "Artifact hash for asset \"6cc4994756d4085a860e734568c92826773e52c22c58894ce368b1e698da413d\"" + "Description": "Artifact hash for asset \"29cd01a5fe529da311cdec40c163fb1c04b1b3dc8caadff0ea696fb6e63610fe\"" } }, "Outputs": { diff --git a/packages/@aws-cdk/aws-lambda-python/test/integ.function.requirements.removed.expected.json b/packages/@aws-cdk/aws-lambda-python/test/integ.function.requirements.removed.expected.json index c70f4a0ca8933..131ca14b5e5c9 100644 --- a/packages/@aws-cdk/aws-lambda-python/test/integ.function.requirements.removed.expected.json +++ b/packages/@aws-cdk/aws-lambda-python/test/integ.function.requirements.removed.expected.json @@ -36,7 +36,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParameters6fa8e0c54d06a6402126a86fab5da1fa1397bcce628a0fb56f8356a2edf6280dS3Bucket2F189DB9" + "Ref": "AssetParameterse6fadc5eeabdb3ea6ecd571e8ec74e7943cd34cd4ec9d46d0506a200e6163a93S3BucketBA49B914" }, "S3Key": { "Fn::Join": [ @@ -49,7 +49,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters6fa8e0c54d06a6402126a86fab5da1fa1397bcce628a0fb56f8356a2edf6280dS3VersionKeyDF03C812" + "Ref": "AssetParameterse6fadc5eeabdb3ea6ecd571e8ec74e7943cd34cd4ec9d46d0506a200e6163a93S3VersionKey74688352" } ] } @@ -62,7 +62,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters6fa8e0c54d06a6402126a86fab5da1fa1397bcce628a0fb56f8356a2edf6280dS3VersionKeyDF03C812" + "Ref": "AssetParameterse6fadc5eeabdb3ea6ecd571e8ec74e7943cd34cd4ec9d46d0506a200e6163a93S3VersionKey74688352" } ] } @@ -87,17 +87,17 @@ } }, "Parameters": { - "AssetParameters6fa8e0c54d06a6402126a86fab5da1fa1397bcce628a0fb56f8356a2edf6280dS3Bucket2F189DB9": { + "AssetParameterse6fadc5eeabdb3ea6ecd571e8ec74e7943cd34cd4ec9d46d0506a200e6163a93S3BucketBA49B914": { "Type": "String", - "Description": "S3 bucket for asset \"6fa8e0c54d06a6402126a86fab5da1fa1397bcce628a0fb56f8356a2edf6280d\"" + "Description": "S3 bucket for asset \"e6fadc5eeabdb3ea6ecd571e8ec74e7943cd34cd4ec9d46d0506a200e6163a93\"" }, - "AssetParameters6fa8e0c54d06a6402126a86fab5da1fa1397bcce628a0fb56f8356a2edf6280dS3VersionKeyDF03C812": { + "AssetParameterse6fadc5eeabdb3ea6ecd571e8ec74e7943cd34cd4ec9d46d0506a200e6163a93S3VersionKey74688352": { "Type": "String", - "Description": "S3 key for asset version \"6fa8e0c54d06a6402126a86fab5da1fa1397bcce628a0fb56f8356a2edf6280d\"" + "Description": "S3 key for asset version \"e6fadc5eeabdb3ea6ecd571e8ec74e7943cd34cd4ec9d46d0506a200e6163a93\"" }, - "AssetParameters6fa8e0c54d06a6402126a86fab5da1fa1397bcce628a0fb56f8356a2edf6280dArtifactHash1F692755": { + "AssetParameterse6fadc5eeabdb3ea6ecd571e8ec74e7943cd34cd4ec9d46d0506a200e6163a93ArtifactHash6870D06D": { "Type": "String", - "Description": "Artifact hash for asset \"6fa8e0c54d06a6402126a86fab5da1fa1397bcce628a0fb56f8356a2edf6280d\"" + "Description": "Artifact hash for asset \"e6fadc5eeabdb3ea6ecd571e8ec74e7943cd34cd4ec9d46d0506a200e6163a93\"" } }, "Outputs": { diff --git a/packages/@aws-cdk/aws-lambda-python/test/integ.function.vpc.expected.json b/packages/@aws-cdk/aws-lambda-python/test/integ.function.vpc.expected.json index 6787327a15e40..1efa22d57d44f 100644 --- a/packages/@aws-cdk/aws-lambda-python/test/integ.function.vpc.expected.json +++ b/packages/@aws-cdk/aws-lambda-python/test/integ.function.vpc.expected.json @@ -296,7 +296,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParameters83be407310ab5911f40fa4934091a233f92ce3be1d81c48846f30fa0a9330530S3Bucket82392CBF" + "Ref": "AssetParameters5b8ff93384af5b488025e13b274c2dd894e474a810f1a406af1aeb4edbba6a3cS3Bucket5B146B0B" }, "S3Key": { "Fn::Join": [ @@ -309,7 +309,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters83be407310ab5911f40fa4934091a233f92ce3be1d81c48846f30fa0a9330530S3VersionKey292822E7" + "Ref": "AssetParameters5b8ff93384af5b488025e13b274c2dd894e474a810f1a406af1aeb4edbba6a3cS3VersionKeyC0C8A627" } ] } @@ -322,7 +322,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters83be407310ab5911f40fa4934091a233f92ce3be1d81c48846f30fa0a9330530S3VersionKey292822E7" + "Ref": "AssetParameters5b8ff93384af5b488025e13b274c2dd894e474a810f1a406af1aeb4edbba6a3cS3VersionKeyC0C8A627" } ] } @@ -368,17 +368,17 @@ } }, "Parameters": { - "AssetParameters83be407310ab5911f40fa4934091a233f92ce3be1d81c48846f30fa0a9330530S3Bucket82392CBF": { + "AssetParameters5b8ff93384af5b488025e13b274c2dd894e474a810f1a406af1aeb4edbba6a3cS3Bucket5B146B0B": { "Type": "String", - "Description": "S3 bucket for asset \"83be407310ab5911f40fa4934091a233f92ce3be1d81c48846f30fa0a9330530\"" + "Description": "S3 bucket for asset \"5b8ff93384af5b488025e13b274c2dd894e474a810f1a406af1aeb4edbba6a3c\"" }, - "AssetParameters83be407310ab5911f40fa4934091a233f92ce3be1d81c48846f30fa0a9330530S3VersionKey292822E7": { + "AssetParameters5b8ff93384af5b488025e13b274c2dd894e474a810f1a406af1aeb4edbba6a3cS3VersionKeyC0C8A627": { "Type": "String", - "Description": "S3 key for asset version \"83be407310ab5911f40fa4934091a233f92ce3be1d81c48846f30fa0a9330530\"" + "Description": "S3 key for asset version \"5b8ff93384af5b488025e13b274c2dd894e474a810f1a406af1aeb4edbba6a3c\"" }, - "AssetParameters83be407310ab5911f40fa4934091a233f92ce3be1d81c48846f30fa0a9330530ArtifactHash8818CE02": { + "AssetParameters5b8ff93384af5b488025e13b274c2dd894e474a810f1a406af1aeb4edbba6a3cArtifactHashB6A7723E": { "Type": "String", - "Description": "Artifact hash for asset \"83be407310ab5911f40fa4934091a233f92ce3be1d81c48846f30fa0a9330530\"" + "Description": "Artifact hash for asset \"5b8ff93384af5b488025e13b274c2dd894e474a810f1a406af1aeb4edbba6a3c\"" } }, "Outputs": { diff --git a/packages/@aws-cdk/aws-lambda/lib/runtime.ts b/packages/@aws-cdk/aws-lambda/lib/runtime.ts index e7e1451b79125..e354e5862cc6e 100644 --- a/packages/@aws-cdk/aws-lambda/lib/runtime.ts +++ b/packages/@aws-cdk/aws-lambda/lib/runtime.ts @@ -9,7 +9,7 @@ export interface LambdaRuntimeProps { /** * The Docker image name to be used for bundling in this runtime. - * @default - the latest docker image "amazon/aws-sam-cli-build-image-" from https://hub.docker.com/u/amazon + * @default - the latest docker image "amazon/public.ecr.aws/sam/build-" from https://gallery.ecr.aws */ readonly bundlingDockerImage?: string; @@ -219,11 +219,12 @@ export class Runtime { */ public readonly bundlingImage: DockerImage; - constructor(name: string, family?: RuntimeFamily, props: LambdaRuntimeProps = { }) { + constructor(name: string, family?: RuntimeFamily, props: LambdaRuntimeProps = {}) { this.name = name; this.supportsInlineCode = !!props.supportsInlineCode; this.family = family; - const imageName = props.bundlingDockerImage ?? `amazon/aws-sam-cli-build-image-${name}`; + + const imageName = props.bundlingDockerImage ?? `public.ecr.aws/sam/build-${name}`; this.bundlingDockerImage = DockerImage.fromRegistry(imageName); this.bundlingImage = this.bundlingDockerImage; this.supportsCodeGuruProfiling = props.supportsCodeGuruProfiling ?? false; @@ -237,7 +238,7 @@ export class Runtime { public runtimeEquals(other: Runtime): boolean { return other.name === this.name && - other.family === this.family && - other.supportsInlineCode === this.supportsInlineCode; + other.family === this.family && + other.supportsInlineCode === this.supportsInlineCode; } } diff --git a/packages/@aws-cdk/aws-lambda/test/integ.bundling.expected.json b/packages/@aws-cdk/aws-lambda/test/integ.bundling.expected.json index f91b4ba673c9e..75863fbac5fab 100644 --- a/packages/@aws-cdk/aws-lambda/test/integ.bundling.expected.json +++ b/packages/@aws-cdk/aws-lambda/test/integ.bundling.expected.json @@ -36,7 +36,7 @@ "Properties": { "Code": { "S3Bucket": { - "Ref": "AssetParametersfbf992a3e922c30f9aed74db034a1ec115ec16544160e6820e5d2463bf1e29d1S3BucketF4EA3D4A" + "Ref": "AssetParameters4096fd7ad39dc95026cb4c6254d2421d276c3170018ff7abdb41197d50ebd47bS3Bucket48F36117" }, "S3Key": { "Fn::Join": [ @@ -49,7 +49,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersfbf992a3e922c30f9aed74db034a1ec115ec16544160e6820e5d2463bf1e29d1S3VersionKey50AB224E" + "Ref": "AssetParameters4096fd7ad39dc95026cb4c6254d2421d276c3170018ff7abdb41197d50ebd47bS3VersionKey5B24FA75" } ] } @@ -62,7 +62,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParametersfbf992a3e922c30f9aed74db034a1ec115ec16544160e6820e5d2463bf1e29d1S3VersionKey50AB224E" + "Ref": "AssetParameters4096fd7ad39dc95026cb4c6254d2421d276c3170018ff7abdb41197d50ebd47bS3VersionKey5B24FA75" } ] } @@ -72,13 +72,13 @@ ] } }, - "Handler": "index.handler", "Role": { "Fn::GetAtt": [ "FunctionServiceRole675BB04A", "Arn" ] }, + "Handler": "index.handler", "Runtime": "python3.6" }, "DependsOn": [ @@ -87,17 +87,17 @@ } }, "Parameters": { - "AssetParametersfbf992a3e922c30f9aed74db034a1ec115ec16544160e6820e5d2463bf1e29d1S3BucketF4EA3D4A": { + "AssetParameters4096fd7ad39dc95026cb4c6254d2421d276c3170018ff7abdb41197d50ebd47bS3Bucket48F36117": { "Type": "String", - "Description": "S3 bucket for asset \"fbf992a3e922c30f9aed74db034a1ec115ec16544160e6820e5d2463bf1e29d1\"" + "Description": "S3 bucket for asset \"4096fd7ad39dc95026cb4c6254d2421d276c3170018ff7abdb41197d50ebd47b\"" }, - "AssetParametersfbf992a3e922c30f9aed74db034a1ec115ec16544160e6820e5d2463bf1e29d1S3VersionKey50AB224E": { + "AssetParameters4096fd7ad39dc95026cb4c6254d2421d276c3170018ff7abdb41197d50ebd47bS3VersionKey5B24FA75": { "Type": "String", - "Description": "S3 key for asset version \"fbf992a3e922c30f9aed74db034a1ec115ec16544160e6820e5d2463bf1e29d1\"" + "Description": "S3 key for asset version \"4096fd7ad39dc95026cb4c6254d2421d276c3170018ff7abdb41197d50ebd47b\"" }, - "AssetParametersfbf992a3e922c30f9aed74db034a1ec115ec16544160e6820e5d2463bf1e29d1ArtifactHashDD1BB80E": { + "AssetParameters4096fd7ad39dc95026cb4c6254d2421d276c3170018ff7abdb41197d50ebd47bArtifactHashFE4A3131": { "Type": "String", - "Description": "Artifact hash for asset \"fbf992a3e922c30f9aed74db034a1ec115ec16544160e6820e5d2463bf1e29d1\"" + "Description": "Artifact hash for asset \"4096fd7ad39dc95026cb4c6254d2421d276c3170018ff7abdb41197d50ebd47b\"" } }, "Outputs": { diff --git a/packages/@aws-cdk/aws-lambda/test/runtime.test.ts b/packages/@aws-cdk/aws-lambda/test/runtime.test.ts index e90d7535d8045..8e275927319a0 100644 --- a/packages/@aws-cdk/aws-lambda/test/runtime.test.ts +++ b/packages/@aws-cdk/aws-lambda/test/runtime.test.ts @@ -43,7 +43,7 @@ describe('runtime', () => { const runtime = new lambda.Runtime('my-runtime-name'); // THEN - expect(runtime.bundlingDockerImage.image).toEqual('amazon/aws-sam-cli-build-image-my-runtime-name'); + expect(runtime.bundlingDockerImage.image).toEqual('public.ecr.aws/sam/build-my-runtime-name'); }); test('overridde to bundlingDockerImage points to the correct image', () => { From e9519ee30fa2dab9e34ddeaed53ae6157b4189f5 Mon Sep 17 00:00:00 2001 From: Shubham Aggarwal Date: Thu, 1 Apr 2021 17:24:54 +0530 Subject: [PATCH 068/260] chore(eks): Typo in README.md (#13911) Fix typo ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-eks/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/@aws-cdk/aws-eks/README.md b/packages/@aws-cdk/aws-eks/README.md index 59909c9ea9a0b..1cc2ce685070b 100644 --- a/packages/@aws-cdk/aws-eks/README.md +++ b/packages/@aws-cdk/aws-eks/README.md @@ -34,7 +34,7 @@ In addition, the library also supports defining Kubernetes resource manifests wi * [Kubernetes Manifests](#kubernetes-manifests) * [Helm Charts](#helm-charts) * [CDK8s Charts](#cdk8s-charts) -* [Patching Kuberentes Resources](#patching-kubernetes-resources) +* [Patching Kubernetes Resources](#patching-kubernetes-resources) * [Querying Kubernetes Resources](#querying-kubernetes-resources) * [Using existing clusters](#using-existing-clusters) * [Known Issues and Limitations](#known-issues-and-limitations) From 0e9b28e766781ad06c214fd1eb79425add399fe0 Mon Sep 17 00:00:00 2001 From: AWS CDK Team Date: Thu, 1 Apr 2021 12:45:11 +0000 Subject: [PATCH 069/260] chore(release): 1.96.0 --- CHANGELOG.md | 52 +++++++++++++++++++++++++++++++++++++++++++++++++ version.v1.json | 2 +- 2 files changed, 53 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 55650f8a69ff0..4dbea979b3d2b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,58 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [1.96.0](https://github.com/aws/aws-cdk/compare/v1.95.2...v1.96.0) (2021-04-01) + + +### ⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES + +* **globalaccelerator:** automatic naming algorithm has been changed: if you have existing Accelerators you will need to pass an +explicit name to prevent them from being replaced. All endpoints are now added by calling `addEndpoint()` with a +target-specific class that can be found in `@aws-cdk/aws-globalaccelerator-endpoints`. The generated Security Group +is now looked up by calling `endpointGroup.connectionsPeer()`. +* **docdb:** `DatabaseClusterProps.instanceProps` was hoisted and all its properties are now available one level up directly in `DatabaseClusterProps`. + + - **docdb**: `DatabaseInstanceProps.instanceClass` renamed to `DatabaseInstanceProps.instanceType`. +* **core:** The type of the `image` property in `BundlingOptions` +is changed from `BundlingDockerImage` to `DockerImage`. +* **core:** The return type of the `DockerImage.fromBuild()` API is +changed from `BundlingDockerImage` to `DockerImage`. + +### Features + +* **autoscaling-common:** graduate to stable 🚀 ([#13862](https://github.com/aws/aws-cdk/issues/13862)) ([2d623d0](https://github.com/aws/aws-cdk/commit/2d623d08d8d5d8c356d871ccd69a8cdac9c4170e)) +* **chatbot:** graduate to stable 🚀 ([#13863](https://github.com/aws/aws-cdk/issues/13863)) ([2384cdd](https://github.com/aws/aws-cdk/commit/2384cdd39bae1639bf3e6bfdeb7a08edc6306cac)) +* **cli:** app init template for golang ([#13840](https://github.com/aws/aws-cdk/issues/13840)) ([41fd42b](https://github.com/aws/aws-cdk/commit/41fd42b89f6f9a95c6e736c17bd404d80c4756a7)), closes [aws/jsii#2678](https://github.com/aws/jsii/issues/2678) +* **cloudformation-diff:** graduate to stable 🚀 ([#13857](https://github.com/aws/aws-cdk/issues/13857)) ([294f546](https://github.com/aws/aws-cdk/commit/294f54692c609eaf20257caba0b53ceb9882ff35)) +* **docdb:** graduate to stable 🚀 ([#13875](https://github.com/aws/aws-cdk/issues/13875)) ([169c2fc](https://github.com/aws/aws-cdk/commit/169c2fc55c3de2426380d0a1151d1d33cbcc2190)) +* **ec2:** allow disabling inline security group rules ([#13613](https://github.com/aws/aws-cdk/issues/13613)) ([793230c](https://github.com/aws/aws-cdk/commit/793230c7a6dcaf93408206e680bd26159ece1b7d)) +* **elasticloadbalancingv2:** graduate to stable 🚀 ([#13861](https://github.com/aws/aws-cdk/issues/13861)) ([08fa5ed](https://github.com/aws/aws-cdk/commit/08fa5ede1721f5165fad5fcf402a83fc2496bc46)) +* **fsx:** graduate to stable 🚀 ([#13860](https://github.com/aws/aws-cdk/issues/13860)) ([b2322aa](https://github.com/aws/aws-cdk/commit/b2322aac00dbbf5b171d5887fef2a3c8f3267c73)) +* **globalaccelerator:** stabilize AWS Global Accelerator module ([#13843](https://github.com/aws/aws-cdk/issues/13843)) ([8571008](https://github.com/aws/aws-cdk/commit/8571008884df8e048754fc4e0cfdf06ab20f0149)) +* **lambda:** switch bundling images from DockerHub to ECR public gallery ([#13473](https://github.com/aws/aws-cdk/issues/13473)) ([e2e008b](https://github.com/aws/aws-cdk/commit/e2e008bd19c3ff1b08ccb093dba576551ec73240)), closes [#11296](https://github.com/aws/aws-cdk/issues/11296) +* **lambda-event-sources:** support for batching window to sqs event source ([#13406](https://github.com/aws/aws-cdk/issues/13406)) ([6743e3b](https://github.com/aws/aws-cdk/commit/6743e3bb79a8281a4be5677fff018d702c85038d)), closes [#11722](https://github.com/aws/aws-cdk/issues/11722) [#11724](https://github.com/aws/aws-cdk/issues/11724) [#13770](https://github.com/aws/aws-cdk/issues/13770) +* **lambda-event-sources:** tumbling window ([#13412](https://github.com/aws/aws-cdk/issues/13412)) ([e9f2773](https://github.com/aws/aws-cdk/commit/e9f2773aedeb7f01ebf2a05face719be9bb8b0d7)), closes [#13411](https://github.com/aws/aws-cdk/issues/13411) +* **lambda-nodejs:** graduate to stable 🚀 ([#13844](https://github.com/aws/aws-cdk/issues/13844)) ([37a5502](https://github.com/aws/aws-cdk/commit/37a5502ced1bf1b451ac4bd921752746277461bf)) + + +### Bug Fixes + +* **aws-ecs:** broken splunk-logging `tag`-option in fargate platform version 1.4 ([#13882](https://github.com/aws/aws-cdk/issues/13882)) ([e9d9299](https://github.com/aws/aws-cdk/commit/e9d9299b6bcdab489d94c974074e8c796bce00f3)), closes [#13881](https://github.com/aws/aws-cdk/issues/13881) +* **cloudfront:** auto-generated cache policy name might conflict cross-region ([#13737](https://github.com/aws/aws-cdk/issues/13737)) ([4f067cb](https://github.com/aws/aws-cdk/commit/4f067cb90d43d04659f68dec6b866ba77f10642c)), closes [#13629](https://github.com/aws/aws-cdk/issues/13629) +* **cloudfront:** Origin Request Policy headers enforce soft limit of 10 ([#13907](https://github.com/aws/aws-cdk/issues/13907)) ([9b0a6cf](https://github.com/aws/aws-cdk/commit/9b0a6cf0d349ef3ce1c941b25bbe8e630e09c639)), closes [#13410](https://github.com/aws/aws-cdk/issues/13410) [#13903](https://github.com/aws/aws-cdk/issues/13903) +* **codebuild:** allow passing the ARN of the Secret in environment variables ([#13706](https://github.com/aws/aws-cdk/issues/13706)) ([6f6e079](https://github.com/aws/aws-cdk/commit/6f6e079569fcdb7e0631717fbe269e94f8f7b127)), closes [#12703](https://github.com/aws/aws-cdk/issues/12703) +* **codebuild:** take the account & region of an imported Project from its ARN ([#13708](https://github.com/aws/aws-cdk/issues/13708)) ([fb65123](https://github.com/aws/aws-cdk/commit/fb6512314db1b11fc608cd62753090684ad0d3c4)), closes [#13694](https://github.com/aws/aws-cdk/issues/13694) +* **codedeploy:** script installing CodeDeploy agent fails ([#13758](https://github.com/aws/aws-cdk/issues/13758)) ([25e8d04](https://github.com/aws/aws-cdk/commit/25e8d04d7266a2642f11154750bef49a31b1892e)), closes [#13755](https://github.com/aws/aws-cdk/issues/13755) +* **cognito:** imported userpool not retaining environment from arn ([#13715](https://github.com/aws/aws-cdk/issues/13715)) ([aa9fd9c](https://github.com/aws/aws-cdk/commit/aa9fd9cd9bbaea4149927e08d57d29e547933f49)), closes [#13691](https://github.com/aws/aws-cdk/issues/13691) +* **core:** BundlingDockerImage.fromAsset() does not return a BundlingDockerImage ([#13846](https://github.com/aws/aws-cdk/issues/13846)) ([7176a5d](https://github.com/aws/aws-cdk/commit/7176a5d5208da7d727bbf5112bc12533983380ea)) +* **dynamodb:** table with replicas fails to deploy with "Unresolved resource dependencies" error ([#13889](https://github.com/aws/aws-cdk/issues/13889)) ([5c99d0d](https://github.com/aws/aws-cdk/commit/5c99d0d0e0fde00582e469b667265ebc9f5ef330)), closes [/github.com/aws/aws-cdk/issues/13671#issuecomment-810538273](https://github.com/aws//github.com/aws/aws-cdk/issues/13671/issues/issuecomment-810538273) +* **iam:** Role import doesn't fail when forgetting the region in the ARN ([#13821](https://github.com/aws/aws-cdk/issues/13821)) ([560a853](https://github.com/aws/aws-cdk/commit/560a8536ffc31f74fe2366b1365681c1e56e33da)), closes [#13812](https://github.com/aws/aws-cdk/issues/13812) +* **rds:** fail with a descriptive error if Cluster's instance count is a deploy-time value ([#13765](https://github.com/aws/aws-cdk/issues/13765)) ([dd22e8f](https://github.com/aws/aws-cdk/commit/dd22e8fc29f1fc33d391d1bb9ae93963bfd82563)), closes [#13558](https://github.com/aws/aws-cdk/issues/13558) +* **yaml-cfn:** do not deserialize year-month-date as strings ([#13745](https://github.com/aws/aws-cdk/issues/13745)) ([ffea818](https://github.com/aws/aws-cdk/commit/ffea818f26a383e7f314dac3505c46f3b4b4348d)), closes [#13709](https://github.com/aws/aws-cdk/issues/13709) + + +* **core:** remove all references to BundlingDockerImage in the public API ([#13814](https://github.com/aws/aws-cdk/issues/13814)) ([9cceb3f](https://github.com/aws/aws-cdk/commit/9cceb3f855b1ece2effe60b5a8b84f2986c270c4)) + ## [1.95.2](https://github.com/aws/aws-cdk/compare/v1.95.1...v1.95.2) (2021-04-01) * Upgrade a downstream dependency([pac-resolver](https://github.com/TooTallNate/node-pac-resolver)) of the aws-cdk (the CDK CLI), to mitigate [CVE-2021-28918](https://github.com/advisories/GHSA-pch5-whg9-qr2r) ([13914](https://github.com/aws/aws-cdk/pull/13914)) ([794c951](https://github.com/aws/aws-cdk/commit/794c951b5da900fd30827e6f7b0b631bf21df979)) diff --git a/version.v1.json b/version.v1.json index 80981e652a8d5..708b23a0d165c 100644 --- a/version.v1.json +++ b/version.v1.json @@ -1,3 +1,3 @@ { - "version": "1.95.2" + "version": "1.96.0" } From e591c41092214c6b718ebc0e1683f5da9a693ced Mon Sep 17 00:00:00 2001 From: Niranjan Jayakar Date: Thu, 1 Apr 2021 13:51:03 +0100 Subject: [PATCH 070/260] Apply suggestions from code review --- CHANGELOG.md | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4dbea979b3d2b..0aabd7d2f2719 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -12,8 +12,7 @@ explicit name to prevent them from being replaced. All endpoints are now added b target-specific class that can be found in `@aws-cdk/aws-globalaccelerator-endpoints`. The generated Security Group is now looked up by calling `endpointGroup.connectionsPeer()`. * **docdb:** `DatabaseClusterProps.instanceProps` was hoisted and all its properties are now available one level up directly in `DatabaseClusterProps`. - - - **docdb**: `DatabaseInstanceProps.instanceClass` renamed to `DatabaseInstanceProps.instanceType`. +* **docdb**: `DatabaseInstanceProps.instanceClass` renamed to `DatabaseInstanceProps.instanceType`. * **core:** The type of the `image` property in `BundlingOptions` is changed from `BundlingDockerImage` to `DockerImage`. * **core:** The return type of the `DockerImage.fromBuild()` API is @@ -29,7 +28,7 @@ changed from `BundlingDockerImage` to `DockerImage`. * **ec2:** allow disabling inline security group rules ([#13613](https://github.com/aws/aws-cdk/issues/13613)) ([793230c](https://github.com/aws/aws-cdk/commit/793230c7a6dcaf93408206e680bd26159ece1b7d)) * **elasticloadbalancingv2:** graduate to stable 🚀 ([#13861](https://github.com/aws/aws-cdk/issues/13861)) ([08fa5ed](https://github.com/aws/aws-cdk/commit/08fa5ede1721f5165fad5fcf402a83fc2496bc46)) * **fsx:** graduate to stable 🚀 ([#13860](https://github.com/aws/aws-cdk/issues/13860)) ([b2322aa](https://github.com/aws/aws-cdk/commit/b2322aac00dbbf5b171d5887fef2a3c8f3267c73)) -* **globalaccelerator:** stabilize AWS Global Accelerator module ([#13843](https://github.com/aws/aws-cdk/issues/13843)) ([8571008](https://github.com/aws/aws-cdk/commit/8571008884df8e048754fc4e0cfdf06ab20f0149)) +* **globalaccelerator:** graduate to stable 🚀 ([#13843](https://github.com/aws/aws-cdk/issues/13843)) ([8571008](https://github.com/aws/aws-cdk/commit/8571008884df8e048754fc4e0cfdf06ab20f0149)) * **lambda:** switch bundling images from DockerHub to ECR public gallery ([#13473](https://github.com/aws/aws-cdk/issues/13473)) ([e2e008b](https://github.com/aws/aws-cdk/commit/e2e008bd19c3ff1b08ccb093dba576551ec73240)), closes [#11296](https://github.com/aws/aws-cdk/issues/11296) * **lambda-event-sources:** support for batching window to sqs event source ([#13406](https://github.com/aws/aws-cdk/issues/13406)) ([6743e3b](https://github.com/aws/aws-cdk/commit/6743e3bb79a8281a4be5677fff018d702c85038d)), closes [#11722](https://github.com/aws/aws-cdk/issues/11722) [#11724](https://github.com/aws/aws-cdk/issues/11724) [#13770](https://github.com/aws/aws-cdk/issues/13770) * **lambda-event-sources:** tumbling window ([#13412](https://github.com/aws/aws-cdk/issues/13412)) ([e9f2773](https://github.com/aws/aws-cdk/commit/e9f2773aedeb7f01ebf2a05face719be9bb8b0d7)), closes [#13411](https://github.com/aws/aws-cdk/issues/13411) @@ -51,9 +50,6 @@ changed from `BundlingDockerImage` to `DockerImage`. * **rds:** fail with a descriptive error if Cluster's instance count is a deploy-time value ([#13765](https://github.com/aws/aws-cdk/issues/13765)) ([dd22e8f](https://github.com/aws/aws-cdk/commit/dd22e8fc29f1fc33d391d1bb9ae93963bfd82563)), closes [#13558](https://github.com/aws/aws-cdk/issues/13558) * **yaml-cfn:** do not deserialize year-month-date as strings ([#13745](https://github.com/aws/aws-cdk/issues/13745)) ([ffea818](https://github.com/aws/aws-cdk/commit/ffea818f26a383e7f314dac3505c46f3b4b4348d)), closes [#13709](https://github.com/aws/aws-cdk/issues/13709) - -* **core:** remove all references to BundlingDockerImage in the public API ([#13814](https://github.com/aws/aws-cdk/issues/13814)) ([9cceb3f](https://github.com/aws/aws-cdk/commit/9cceb3f855b1ece2effe60b5a8b84f2986c270c4)) - ## [1.95.2](https://github.com/aws/aws-cdk/compare/v1.95.1...v1.95.2) (2021-04-01) * Upgrade a downstream dependency([pac-resolver](https://github.com/TooTallNate/node-pac-resolver)) of the aws-cdk (the CDK CLI), to mitigate [CVE-2021-28918](https://github.com/advisories/GHSA-pch5-whg9-qr2r) ([13914](https://github.com/aws/aws-cdk/pull/13914)) ([794c951](https://github.com/aws/aws-cdk/commit/794c951b5da900fd30827e6f7b0b631bf21df979)) From 56cd8635f77d6a5aefb32c6e1224e1f0a6ca3540 Mon Sep 17 00:00:00 2001 From: Angus Lees Date: Thu, 1 Apr 2021 23:54:32 +1100 Subject: [PATCH 071/260] feat(eks): Support bootstrap.sh --dns-cluster-ip arg (#13890) Add support for EKS customized AMI's `--dns-cluster-ip` arg to `bootstrap.sh` ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-eks/lib/cluster.ts | 10 ++++++++++ packages/@aws-cdk/aws-eks/lib/user-data.ts | 4 ++++ packages/@aws-cdk/aws-eks/test/test.user-data.ts | 14 ++++++++++++++ 3 files changed, 28 insertions(+) diff --git a/packages/@aws-cdk/aws-eks/lib/cluster.ts b/packages/@aws-cdk/aws-eks/lib/cluster.ts index c578b90fa388b..3b6f6fa9be348 100644 --- a/packages/@aws-cdk/aws-eks/lib/cluster.ts +++ b/packages/@aws-cdk/aws-eks/lib/cluster.ts @@ -1637,6 +1637,16 @@ export interface BootstrapOptions { */ readonly dockerConfigJson?: string; + /** + + * Overrides the IP address to use for DNS queries within the + * cluster. + * + * @default - 10.100.0.10 or 172.20.0.10 based on the IP + * address of the primary interface. + */ + readonly dnsClusterIp?: string; + /** * Extra arguments to add to the kubelet. Useful for adding labels or taints. * diff --git a/packages/@aws-cdk/aws-eks/lib/user-data.ts b/packages/@aws-cdk/aws-eks/lib/user-data.ts index 3b8d997535771..c6f30d215a9c0 100644 --- a/packages/@aws-cdk/aws-eks/lib/user-data.ts +++ b/packages/@aws-cdk/aws-eks/lib/user-data.ts @@ -27,6 +27,10 @@ export function renderAmazonLinuxUserData(clusterName: string, autoScalingGroup: extraArgs.push(`--docker-config-json '${options.dockerConfigJson}'`); } + if (options.dnsClusterIp) { + extraArgs.push(`--dns-cluster-ip ${options.dnsClusterIp}`); + } + if (options.additionalArgs) { extraArgs.push(options.additionalArgs); } diff --git a/packages/@aws-cdk/aws-eks/test/test.user-data.ts b/packages/@aws-cdk/aws-eks/test/test.user-data.ts index 044d1ff55f7ca..e796e5fd19ee4 100644 --- a/packages/@aws-cdk/aws-eks/test/test.user-data.ts +++ b/packages/@aws-cdk/aws-eks/test/test.user-data.ts @@ -66,6 +66,20 @@ export = { test.done(); }, + '--dns-cluster-ip'(test: Test) { + // GIVEN + const { asg, stack } = newFixtures(); + + // WHEN + const userData = stack.resolve(renderAmazonLinuxUserData('my-cluster-name', asg, { + dnsClusterIp: '192.0.2.53', + })); + + // THEN + test.deepEqual(userData[1], '/etc/eks/bootstrap.sh my-cluster-name --kubelet-extra-args "--node-labels lifecycle=OnDemand" --use-max-pods true --dns-cluster-ip 192.0.2.53'); + test.done(); + }, + '--docker-config-json'(test: Test) { // GIVEN const { asg } = newFixtures(); From 40ecc844c0751e2b949b6734fb44c6f85b25623d Mon Sep 17 00:00:00 2001 From: Eli Polonsky Date: Thu, 1 Apr 2021 15:56:15 +0300 Subject: [PATCH 072/260] Fix dynamo issue link corruption --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0aabd7d2f2719..e3e43af30f2ff 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -45,7 +45,7 @@ changed from `BundlingDockerImage` to `DockerImage`. * **codedeploy:** script installing CodeDeploy agent fails ([#13758](https://github.com/aws/aws-cdk/issues/13758)) ([25e8d04](https://github.com/aws/aws-cdk/commit/25e8d04d7266a2642f11154750bef49a31b1892e)), closes [#13755](https://github.com/aws/aws-cdk/issues/13755) * **cognito:** imported userpool not retaining environment from arn ([#13715](https://github.com/aws/aws-cdk/issues/13715)) ([aa9fd9c](https://github.com/aws/aws-cdk/commit/aa9fd9cd9bbaea4149927e08d57d29e547933f49)), closes [#13691](https://github.com/aws/aws-cdk/issues/13691) * **core:** BundlingDockerImage.fromAsset() does not return a BundlingDockerImage ([#13846](https://github.com/aws/aws-cdk/issues/13846)) ([7176a5d](https://github.com/aws/aws-cdk/commit/7176a5d5208da7d727bbf5112bc12533983380ea)) -* **dynamodb:** table with replicas fails to deploy with "Unresolved resource dependencies" error ([#13889](https://github.com/aws/aws-cdk/issues/13889)) ([5c99d0d](https://github.com/aws/aws-cdk/commit/5c99d0d0e0fde00582e469b667265ebc9f5ef330)), closes [/github.com/aws/aws-cdk/issues/13671#issuecomment-810538273](https://github.com/aws//github.com/aws/aws-cdk/issues/13671/issues/issuecomment-810538273) +* **dynamodb:** table with replicas fails to deploy with "Unresolved resource dependencies" error ([#13889](https://github.com/aws/aws-cdk/issues/13889)) ([5c99d0d](https://github.com/aws/aws-cdk/commit/5c99d0d0e0fde00582e469b667265ebc9f5ef330)), closes [#13671](https://github.com/aws/aws-cdk/issues/13671) * **iam:** Role import doesn't fail when forgetting the region in the ARN ([#13821](https://github.com/aws/aws-cdk/issues/13821)) ([560a853](https://github.com/aws/aws-cdk/commit/560a8536ffc31f74fe2366b1365681c1e56e33da)), closes [#13812](https://github.com/aws/aws-cdk/issues/13812) * **rds:** fail with a descriptive error if Cluster's instance count is a deploy-time value ([#13765](https://github.com/aws/aws-cdk/issues/13765)) ([dd22e8f](https://github.com/aws/aws-cdk/commit/dd22e8fc29f1fc33d391d1bb9ae93963bfd82563)), closes [#13558](https://github.com/aws/aws-cdk/issues/13558) * **yaml-cfn:** do not deserialize year-month-date as strings ([#13745](https://github.com/aws/aws-cdk/issues/13745)) ([ffea818](https://github.com/aws/aws-cdk/commit/ffea818f26a383e7f314dac3505c46f3b4b4348d)), closes [#13709](https://github.com/aws/aws-cdk/issues/13709) From 1908f352dcf0fe93781ac1a49e20a418db1dec1a Mon Sep 17 00:00:00 2001 From: Eli Polonsky Date: Thu, 1 Apr 2021 16:00:07 +0300 Subject: [PATCH 073/260] Remove close relationship as it was only referenced an issue comment --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e3e43af30f2ff..c7330acf70017 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -45,7 +45,7 @@ changed from `BundlingDockerImage` to `DockerImage`. * **codedeploy:** script installing CodeDeploy agent fails ([#13758](https://github.com/aws/aws-cdk/issues/13758)) ([25e8d04](https://github.com/aws/aws-cdk/commit/25e8d04d7266a2642f11154750bef49a31b1892e)), closes [#13755](https://github.com/aws/aws-cdk/issues/13755) * **cognito:** imported userpool not retaining environment from arn ([#13715](https://github.com/aws/aws-cdk/issues/13715)) ([aa9fd9c](https://github.com/aws/aws-cdk/commit/aa9fd9cd9bbaea4149927e08d57d29e547933f49)), closes [#13691](https://github.com/aws/aws-cdk/issues/13691) * **core:** BundlingDockerImage.fromAsset() does not return a BundlingDockerImage ([#13846](https://github.com/aws/aws-cdk/issues/13846)) ([7176a5d](https://github.com/aws/aws-cdk/commit/7176a5d5208da7d727bbf5112bc12533983380ea)) -* **dynamodb:** table with replicas fails to deploy with "Unresolved resource dependencies" error ([#13889](https://github.com/aws/aws-cdk/issues/13889)) ([5c99d0d](https://github.com/aws/aws-cdk/commit/5c99d0d0e0fde00582e469b667265ebc9f5ef330)), closes [#13671](https://github.com/aws/aws-cdk/issues/13671) +* **dynamodb:** table with replicas fails to deploy with "Unresolved resource dependencies" error ([#13889](https://github.com/aws/aws-cdk/issues/13889)) ([5c99d0d](https://github.com/aws/aws-cdk/commit/5c99d0d0e0fde00582e469b667265ebc9f5ef330)) * **iam:** Role import doesn't fail when forgetting the region in the ARN ([#13821](https://github.com/aws/aws-cdk/issues/13821)) ([560a853](https://github.com/aws/aws-cdk/commit/560a8536ffc31f74fe2366b1365681c1e56e33da)), closes [#13812](https://github.com/aws/aws-cdk/issues/13812) * **rds:** fail with a descriptive error if Cluster's instance count is a deploy-time value ([#13765](https://github.com/aws/aws-cdk/issues/13765)) ([dd22e8f](https://github.com/aws/aws-cdk/commit/dd22e8fc29f1fc33d391d1bb9ae93963bfd82563)), closes [#13558](https://github.com/aws/aws-cdk/issues/13558) * **yaml-cfn:** do not deserialize year-month-date as strings ([#13745](https://github.com/aws/aws-cdk/issues/13745)) ([ffea818](https://github.com/aws/aws-cdk/commit/ffea818f26a383e7f314dac3505c46f3b4b4348d)), closes [#13709](https://github.com/aws/aws-cdk/issues/13709) From 4f9a7151b99e8455eeb8b0cd364dfd29624da8c5 Mon Sep 17 00:00:00 2001 From: Eli Polonsky Date: Thu, 1 Apr 2021 18:15:43 +0300 Subject: [PATCH 074/260] =?UTF-8?q?feat(ses):=20graduate=20to=20stable=20?= =?UTF-8?q?=F0=9F=9A=80=20(#13913)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Removed the usage of `Cfn*` interfaces in public API by duplicating them in the package. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-ses/README.md | 12 +- .../aws-ses/lib/receipt-rule-action.ts | 203 +++++++++++++++++- packages/@aws-cdk/aws-ses/package.json | 4 +- 3 files changed, 198 insertions(+), 21 deletions(-) diff --git a/packages/@aws-cdk/aws-ses/README.md b/packages/@aws-cdk/aws-ses/README.md index b8543970796ad..c1368b094c93d 100644 --- a/packages/@aws-cdk/aws-ses/README.md +++ b/packages/@aws-cdk/aws-ses/README.md @@ -5,17 +5,7 @@ ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. -> -> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib - -![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) - -> The APIs of higher level constructs in this module are experimental and under active development. -> They are subject to non-backward compatible changes or removal in any future version. These are -> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be -> announced in the release notes. This means that while you may use them, you may need to update -> your source code when upgrading to a newer version of this package. +![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- diff --git a/packages/@aws-cdk/aws-ses/lib/receipt-rule-action.ts b/packages/@aws-cdk/aws-ses/lib/receipt-rule-action.ts index 38f08a03ee425..33b29627c8f5f 100644 --- a/packages/@aws-cdk/aws-ses/lib/receipt-rule-action.ts +++ b/packages/@aws-cdk/aws-ses/lib/receipt-rule-action.ts @@ -1,5 +1,4 @@ import { IReceiptRule } from './receipt-rule'; -import { CfnReceiptRule } from './ses.generated'; /** * An abstract action for a receipt rule. @@ -11,6 +10,194 @@ export interface IReceiptRuleAction { bind(receiptRule: IReceiptRule): ReceiptRuleActionConfig; } +/** + * AddHeaderAction configuration. + */ +export interface AddHeaderActionConfig { + /** + * The name of the header that you want to add to the incoming message + * + * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-receiptrule-addheaderaction.html#cfn-ses-receiptrule-addheaderaction-headername + */ + readonly headerName: string; + /** + * The content that you want to include in the header. + * + * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-receiptrule-addheaderaction.html#cfn-ses-receiptrule-addheaderaction-headervalue + */ + readonly headerValue: string; +} + +/** + * BoundAction configuration. + */ +export interface BounceActionConfig { + /** + * Human-readable text to include in the bounce message. + * + * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-receiptrule-bounceaction.html#cfn-ses-receiptrule-bounceaction-message + */ + readonly message: string; + /** + * The email address of the sender of the bounced email. + * This is the address that the bounce message is sent from. + * + * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-receiptrule-bounceaction.html#cfn-ses-receiptrule-bounceaction-sender + */ + readonly sender: string; + /** + * The SMTP reply code, as defined by RFC 5321 + * + * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-receiptrule-bounceaction.html#cfn-ses-receiptrule-bounceaction-smtpreplycode + */ + readonly smtpReplyCode: string; + /** + * The SMTP enhanced status code, as defined by RFC 3463 + * + * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-receiptrule-bounceaction.html#cfn-ses-receiptrule-bounceaction-statuscode + * + * @default - No status code. + */ + readonly statusCode?: string; + /** + * The Amazon Resource Name (ARN) of the Amazon SNS topic to + * notify when the bounce action is taken. + * + * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-receiptrule-bounceaction.html#cfn-ses-receiptrule-bounceaction-topicarn + * + * @default - No notification is sent to SNS. + */ + readonly topicArn?: string; +} + +/** + * LambdaAction configuration. + */ +export interface LambdaActionConfig { + /** + * The Amazon Resource Name (ARN) of the AWS Lambda function. + * + * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-receiptrule-lambdaaction.html#cfn-ses-receiptrule-lambdaaction-functionarn + */ + readonly functionArn: string; + /** + * The invocation type of the AWS Lambda function + * + * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-receiptrule-lambdaaction.html#cfn-ses-receiptrule-lambdaaction-invocationtype + * + * @default 'Event' + */ + readonly invocationType?: string; + /** + * The Amazon Resource Name (ARN) of the Amazon SNS topic to + * notify when the Lambda action is executed. + * + * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-receiptrule-lambdaaction.html#cfn-ses-receiptrule-lambdaaction-topicarn + * + * @default - No notification is sent to SNS. + */ + readonly topicArn?: string; +} + +/** + * S3Action configuration. + */ +export interface S3ActionConfig { + /** + * The name of the Amazon S3 bucket that you want to send incoming mail to. + * + * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-receiptrule-s3action.html#cfn-ses-receiptrule-s3action-bucketname + */ + readonly bucketName: string; + /** + * The customer master key that Amazon SES should use to encrypt your emails before saving + * them to the Amazon S3 bucket. + * + * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-receiptrule-s3action.html#cfn-ses-receiptrule-s3action-kmskeyarn + * + * @default - Emails are not encrypted. + */ + readonly kmsKeyArn?: string; + /** + * The key prefix of the Amazon S3 bucket. + * + * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-receiptrule-s3action.html#cfn-ses-receiptrule-s3action-objectkeyprefix + * + * @default - No prefix. + */ + readonly objectKeyPrefix?: string; + /** + * The ARN of the Amazon SNS topic to notify when the message is saved to the Amazon S3 bucket. + * + * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-receiptrule-s3action.html#cfn-ses-receiptrule-s3action-topicarn + * + * @default - No notification is sent to SNS. + */ + readonly topicArn?: string; +} + +/** + * SNSAction configuration. + */ +export interface SNSActionConfig { + /** + * The encoding to use for the email within the Amazon SNS notification. + * + * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-receiptrule-snsaction.html#cfn-ses-receiptrule-snsaction-encoding + * + * @default 'UTF-8' + */ + readonly encoding?: string; + /** + * The Amazon Resource Name (ARN) of the Amazon SNS topic to notify. + * + * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-receiptrule-snsaction.html#cfn-ses-receiptrule-snsaction-topicarn + * + * @default - No notification is sent to SNS. + */ + readonly topicArn?: string; +} + +/** + * StopAction configuration. + */ +export interface StopActionConfig { + /** + * The scope of the StopAction. The only acceptable value is RuleSet. + * + * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-receiptrule-stopaction.html#cfn-ses-receiptrule-stopaction-scope + */ + readonly scope: string; + /** + * The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the stop action is taken. + * + * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-receiptrule-stopaction.html#cfn-ses-receiptrule-stopaction-topicarn + * + * @default - No notification is sent to SNS. + */ + readonly topicArn?: string; +} + +/** + * WorkmailAction configuration. + */ +export interface WorkmailActionConfig { + /** + * The Amazon Resource Name (ARN) of the Amazon WorkMail organization. + * + * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-receiptrule-workmailaction.html#cfn-ses-receiptrule-workmailaction-organizationarn + */ + readonly organizationArn: string; + /** + * The Amazon Resource Name (ARN) of the Amazon SNS topic to notify when the WorkMail action is called. + * + * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ses-receiptrule-workmailaction.html#cfn-ses-receiptrule-workmailaction-topicarn + * + * @default - No notification is sent to SNS. + */ + readonly topicArn?: string; +} + /** * Properties for a receipt rule action. */ @@ -18,39 +205,39 @@ export interface ReceiptRuleActionConfig { /** * Adds a header to the received email. */ - readonly addHeaderAction?: CfnReceiptRule.AddHeaderActionProperty + readonly addHeaderAction?: AddHeaderActionConfig /** * Rejects the received email by returning a bounce response to the sender and, * optionally, publishes a notification to Amazon SNS. */ - readonly bounceAction?: CfnReceiptRule.BounceActionProperty; + readonly bounceAction?: BounceActionConfig; /** * Calls an AWS Lambda function, and optionally, publishes a notification to * Amazon SNS. */ - readonly lambdaAction?: CfnReceiptRule.LambdaActionProperty; + readonly lambdaAction?: LambdaActionConfig; /** * Saves the received message to an Amazon S3 bucket and, optionally, publishes * a notification to Amazon SNS. */ - readonly s3Action?: CfnReceiptRule.S3ActionProperty; + readonly s3Action?: S3ActionConfig; /** * Publishes the email content within a notification to Amazon SNS. */ - readonly snsAction?: CfnReceiptRule.SNSActionProperty; + readonly snsAction?: SNSActionConfig; /** * Terminates the evaluation of the receipt rule set and optionally publishes a * notification to Amazon SNS. */ - readonly stopAction?: CfnReceiptRule.StopActionProperty; + readonly stopAction?: StopActionConfig; /** * Calls Amazon WorkMail and, optionally, publishes a notification to Amazon SNS. */ - readonly workmailAction?: CfnReceiptRule.WorkmailActionProperty; + readonly workmailAction?: WorkmailActionConfig; } diff --git a/packages/@aws-cdk/aws-ses/package.json b/packages/@aws-cdk/aws-ses/package.json index b8e12dca280f2..5219441321df1 100644 --- a/packages/@aws-cdk/aws-ses/package.json +++ b/packages/@aws-cdk/aws-ses/package.json @@ -94,8 +94,8 @@ "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" }, - "stability": "experimental", - "maturity": "experimental", + "stability": "stable", + "maturity": "stable", "awslint": { "exclude": [ "props-default-doc:@aws-cdk/aws-ses.ReceiptRuleActionConfig.addHeaderAction", From 56c6f98dbcfc98740446f699a8985d7d6b44c503 Mon Sep 17 00:00:00 2001 From: alex-vance <50587352+alex-vance@users.noreply.github.com> Date: Thu, 1 Apr 2021 13:24:27 -0500 Subject: [PATCH 075/260] feat(eks): Support `secretsEncryptionKey` in FargateCluster (#13866) This PR adds a secretEncryptionKey to the FargateClusterProps to allow generating an EKS Fargate cluster with a KMS key to encrypt Kubernetes Secrets. The existing EKS Cluster contruct already exposes this prop by default so this allows it to pass through to work with the existing functionality. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-eks/README.md | 9 ++++++ packages/@aws-cdk/aws-eks/lib/cluster.ts | 32 +++++++++---------- .../@aws-cdk/aws-eks/test/test.fargate.ts | 32 +++++++++++++++++++ 3 files changed, 57 insertions(+), 16 deletions(-) diff --git a/packages/@aws-cdk/aws-eks/README.md b/packages/@aws-cdk/aws-eks/README.md index 1cc2ce685070b..43e765b337fd9 100644 --- a/packages/@aws-cdk/aws-eks/README.md +++ b/packages/@aws-cdk/aws-eks/README.md @@ -654,6 +654,15 @@ const cluster = new eks.Cluster(this, 'MyCluster', { }); ``` +You can also use a similiar configuration for running a cluster built using the FargateCluster construct. + +```ts +const secretsKey = new kms.Key(this, 'SecretsKey'); +const cluster = new eks.FargateCluster(this, 'MyFargateCluster', { + secretsEncryptionKey: secretsKey +}); +``` + The Amazon Resource Name (ARN) for that CMK can be retrieved. ```ts diff --git a/packages/@aws-cdk/aws-eks/lib/cluster.ts b/packages/@aws-cdk/aws-eks/lib/cluster.ts index 3b6f6fa9be348..9feac854438cb 100644 --- a/packages/@aws-cdk/aws-eks/lib/cluster.ts +++ b/packages/@aws-cdk/aws-eks/lib/cluster.ts @@ -467,6 +467,15 @@ export interface ClusterOptions extends CommonClusterOptions { * @default false */ readonly placeClusterHandlerInVpc?: boolean; + + /** + * KMS secret for envelope encryption for Kubernetes secrets. + * + * @default - By default, Kubernetes stores all secret object data within etcd and + * all etcd volumes used by Amazon EKS are encrypted at the disk-level + * using AWS-Managed encryption keys. + */ + readonly secretsEncryptionKey?: kms.IKey; } /** @@ -594,15 +603,6 @@ export interface ClusterProps extends ClusterOptions { * @default NODEGROUP */ readonly defaultCapacityType?: DefaultCapacityType; - - /** - * KMS secret for envelope encryption for Kubernetes secrets. - * - * @default - By default, Kubernetes stores all secret object data within etcd and - * all etcd volumes used by Amazon EKS are encrypted at the disk-level - * using AWS-Managed encryption keys. - */ - readonly secretsEncryptionKey?: kms.IKey; } /** @@ -983,8 +983,8 @@ export class Cluster extends ClusterBase { const privateSubents = this.selectPrivateSubnets().slice(0, 16); const publicAccessDisabled = !this.endpointAccess._config.publicAccess; const publicAccessRestricted = !publicAccessDisabled - && this.endpointAccess._config.publicCidrs - && this.endpointAccess._config.publicCidrs.length !== 0; + && this.endpointAccess._config.publicCidrs + && this.endpointAccess._config.publicCidrs.length !== 0; // validate endpoint access configuration @@ -1020,7 +1020,7 @@ export class Cluster extends ClusterBase { }, resources: ['secrets'], }], - } : {} ), + } : {}), endpointPrivateAccess: this.endpointAccess._config.privateAccess, endpointPublicAccess: this.endpointAccess._config.publicAccess, publicAccessCidrs: this.endpointAccess._config.publicCidrs, @@ -1167,7 +1167,7 @@ export class Cluster extends ClusterBase { * [EC2 Spot Instance Termination Notices](https://aws.amazon.com/blogs/aws/new-ec2-spot-instance-termination-notices/). */ public addAutoScalingGroupCapacity(id: string, options: AutoScalingGroupCapacityOptions): autoscaling.AutoScalingGroup { - if (options.machineImageType === MachineImageType.BOTTLEROCKET && options.bootstrapOptions !== undefined ) { + if (options.machineImageType === MachineImageType.BOTTLEROCKET && options.bootstrapOptions !== undefined) { throw new Error('bootstrapOptions is not supported for Bottlerocket'); } const asg = new autoscaling.AutoScalingGroup(this, id, { @@ -1852,9 +1852,9 @@ export class EksOptimizedImage implements ec2.IMachineImage { // set the SSM parameter name this.amiParameterName = `/aws/service/eks/optimized-ami/${this.kubernetesVersion}/` - + ( this.nodeType === NodeType.STANDARD ? this.cpuArch === CpuArch.X86_64 ? - 'amazon-linux-2/' : 'amazon-linux-2-arm64/' :'' ) - + ( this.nodeType === NodeType.GPU ? 'amazon-linux-2-gpu/' : '' ) + + (this.nodeType === NodeType.STANDARD ? this.cpuArch === CpuArch.X86_64 ? + 'amazon-linux-2/' : 'amazon-linux-2-arm64/' : '') + + (this.nodeType === NodeType.GPU ? 'amazon-linux-2-gpu/' : '') + (this.nodeType === NodeType.INFERENTIA ? 'amazon-linux-2-gpu/' : '') + 'recommended/image_id'; } diff --git a/packages/@aws-cdk/aws-eks/test/test.fargate.ts b/packages/@aws-cdk/aws-eks/test/test.fargate.ts index ee17950915e9d..053279d7d076d 100644 --- a/packages/@aws-cdk/aws-eks/test/test.fargate.ts +++ b/packages/@aws-cdk/aws-eks/test/test.fargate.ts @@ -1,10 +1,12 @@ import { expect, haveResource, haveResourceLike, ResourcePart } from '@aws-cdk/assert'; import * as ec2 from '@aws-cdk/aws-ec2'; import * as iam from '@aws-cdk/aws-iam'; +import * as kms from '@aws-cdk/aws-kms'; import { Stack, Tags } from '@aws-cdk/core'; import { Test } from 'nodeunit'; import * as eks from '../lib'; + const CLUSTER_VERSION = eks.KubernetesVersion.V1_19; export = { @@ -427,4 +429,34 @@ export = { })); test.done(); }, + + 'supports passing secretsEncryptionKey with FargateCluster'(test: Test) { + // GIVEN + const stack = new Stack(); + + // WHEN + + new eks.FargateCluster(stack, 'FargateCluster', { + version: CLUSTER_VERSION, + secretsEncryptionKey: new kms.Key(stack, 'Key'), + }); + + // THEN + expect(stack).to(haveResourceLike('Custom::AWSCDK-EKS-Cluster', { + Config: { + encryptionConfig: [{ + provider: { + keyArn: { + 'Fn::GetAtt': [ + 'Key961B73FD', + 'Arn', + ], + }, + }, + resources: ['secrets'], + }], + }, + })); + test.done(); + }, }; From 767cd31c2b66b48b3b8fed7cd8d408a6846cf1e1 Mon Sep 17 00:00:00 2001 From: Eli Polonsky Date: Thu, 1 Apr 2021 22:46:53 +0300 Subject: [PATCH 076/260] =?UTF-8?q?feat(elasticsearch):=20graduate=20to=20?= =?UTF-8?q?stable=20=F0=9F=9A=80=20(#13900)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR includes a last minute API change that standardizes the way VPC configuration is passed to the domain. It also provides sane defaults, enabling users to simply pass `vpc` in order to connect a domain to a VPC. In addition, I added a missing integration test for VPC enabled domains. Resolves https://github.com/aws/aws-cdk/issues/10965 BREAKING CHANGE: `vpcOptions` was removed. Use `vpc`, `vpcSubnets` and `securityGroups` instead. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-elasticsearch/README.md | 36 +- .../@aws-cdk/aws-elasticsearch/lib/domain.ts | 113 ++-- .../@aws-cdk/aws-elasticsearch/package.json | 6 +- .../aws-elasticsearch/test/domain.test.ts | 125 ++-- .../integ.elasticsearch-vpc.expected.json | 591 ++++++++++++++++++ .../test/integ.elasticsearch-vpc.ts | 28 + 6 files changed, 809 insertions(+), 90 deletions(-) create mode 100644 packages/@aws-cdk/aws-elasticsearch/test/integ.elasticsearch-vpc.expected.json create mode 100644 packages/@aws-cdk/aws-elasticsearch/test/integ.elasticsearch-vpc.ts diff --git a/packages/@aws-cdk/aws-elasticsearch/README.md b/packages/@aws-cdk/aws-elasticsearch/README.md index 359b28dda1b66..683f64fd5c9ea 100644 --- a/packages/@aws-cdk/aws-elasticsearch/README.md +++ b/packages/@aws-cdk/aws-elasticsearch/README.md @@ -6,7 +6,7 @@ Features | Stability -----------------------------------|---------------------------------------------------------------- CFN Resources | ![Stable](https://img.shields.io/badge/stable-success.svg?style=for-the-badge) -Higher level constructs for Domain | ![Experimental](https://img.shields.io/badge/experimental-important.svg?style=for-the-badge) +Higher level constructs for Domain | ![Stable](https://img.shields.io/badge/stable-success.svg?style=for-the-badge) > **CFN Resources:** All classes with the `Cfn` prefix in this module ([CFN Resources]) are always > stable and safe to use. @@ -15,11 +15,8 @@ Higher level constructs for Domain | ![Experimental](https://img.shields.io/badg -> **Experimental:** Higher level constructs in this module that are marked as experimental are -> under active development. They are subject to non-backward compatible changes or removal in any -> future version. These are not subject to the [Semantic Versioning](https://semver.org/) model and -> breaking changes will be announced in the release notes. This means that while you may use them, -> you may need to update your source code when upgrading to a newer version of this package. +> **Stable:** Higher level constructs in this module that are marked stable will not undergo any +> breaking changes. They will strictly follow the [Semantic Versioning](https://semver.org/) model. --- @@ -146,6 +143,33 @@ This sets up the domain with node to node encryption and encryption at rest. You can also choose to supply your own KMS key to use for encryption at rest. +## VPC Support + +Elasticsearch domains can be placed inside a VPC, providing a secure communication between Amazon ES and other services within the VPC without the need for an internet gateway, NAT device, or VPN connection. + +> Visit [VPC Support for Amazon Elasticsearch Service Domains](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-vpc.html) for more details. + +```ts +const vpc = new ec2.Vpc(this, 'Vpc'); +const domainProps: es.DomainProps = { + version: es.ElasticsearchVersion.V7_1, + removalPolicy: RemovalPolicy.DESTROY, + vpc, + // must be enabled since our VPC contains multiple private subnets. + zoneAwareness: { + enabled: true, + }, + capacity: { + // must be an even number since the default az count is 2. + dataNodes: 2, + }, +}; +new es.Domain(this, 'Domain', domainProps); +``` + +In addition, you can use the `vpcSubnets` property to control which specific subnets will be used, and the `securityGroups` property to control +which security groups will be attached to the domain. By default, CDK will select all *private* subnets in the VPC, and create one dedicated security group. + ## Metrics Helper methods exist to access common domain metrics for example: diff --git a/packages/@aws-cdk/aws-elasticsearch/lib/domain.ts b/packages/@aws-cdk/aws-elasticsearch/lib/domain.ts index 74a4dff64f757..a995b7394fe7d 100644 --- a/packages/@aws-cdk/aws-elasticsearch/lib/domain.ts +++ b/packages/@aws-cdk/aws-elasticsearch/lib/domain.ts @@ -331,32 +331,6 @@ export interface CognitoOptions { readonly userPoolId: string; } -/** - * The virtual private cloud (VPC) configuration for the Amazon ES domain. For - * more information, see [VPC Support for Amazon Elasticsearch Service - * Domains](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-vpc.html) - * in the Amazon Elasticsearch Service Developer Guide. - */ -export interface VpcOptions { - /** - * The list of security groups that are associated with the VPC endpoints - * for the domain. If you don't provide a security group ID, Amazon ES uses - * the default security group for the VPC. To learn more, see [Security Groups for your VPC] - * (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the Amazon VPC - * User Guide. - */ - readonly securityGroups: ec2.ISecurityGroup[]; - - /** - * Provide one subnet for each Availability Zone that your domain uses. For - * example, you must specify three subnet IDs for a three Availability Zone - * domain. To learn more, see [VPCs and Subnets] - * (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) in the - * Amazon VPC User Guide. - */ - readonly subnets: ec2.ISubnet[]; -} - /** * The minimum TLS version required for traffic to the domain. */ @@ -513,14 +487,35 @@ export interface DomainProps { readonly automatedSnapshotStartHour?: number; /** - * The virtual private cloud (VPC) configuration for the Amazon ES domain. For - * more information, see [VPC Support for Amazon Elasticsearch Service - * Domains](https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-vpc.html) - * in the Amazon Elasticsearch Service Developer Guide. + * Place the domain inside this VPC. + * + * @see https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-vpc.html + * @default - Domain is not placed in a VPC. + */ + readonly vpc?: ec2.IVpc; + + /** + * The list of security groups that are associated with the VPC endpoints + * for the domain. + * + * Only used if `vpc` is specified. * - * @default - VPC not used + * @see https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html + * @default - One new security group is created. */ - readonly vpcOptions?: VpcOptions; + readonly securityGroups?: ec2.ISecurityGroup[]; + + /** + * The specific vpc subnets the domain will be placed in. You must provide one subnet for each Availability Zone + * that your domain uses. For example, you must specify three subnet IDs for a three Availability Zone + * domain. + * + * Only used if `vpc` is specified. + * + * @see https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html + * @default - All private subnets. + */ + readonly vpcSubnets?: ec2.SubnetSelection[]; /** * True to require that all traffic to the domain arrive over HTTPS. @@ -719,7 +714,7 @@ export interface IDomain extends cdk.IResource { * * @default maximum over 1 minute */ - metricClusterIndexWriteBlocked(props?: MetricOptions): Metric; + metricClusterIndexWritesBlocked(props?: MetricOptions): Metric; /** * Metric for the number of nodes. @@ -1002,8 +997,8 @@ abstract class DomainBase extends cdk.Resource implements IDomain { * * @default maximum over 1 minute */ - public metricClusterIndexWriteBlocked(props?: MetricOptions): Metric { - return this.metric('ClusterIndexWriteBlocked', { + public metricClusterIndexWritesBlocked(props?: MetricOptions): Metric { + return this.metric('ClusterIndexWritesBlocked', { statistic: Statistic.MAXIMUM, period: cdk.Duration.minutes(1), ...props, @@ -1177,7 +1172,7 @@ export interface DomainAttributes { /** * Provides an Elasticsearch domain. */ -export class Domain extends DomainBase implements IDomain { +export class Domain extends DomainBase implements IDomain, ec2.IConnectable { /** * Creates a Domain construct that represents an external domain via domain endpoint. * @@ -1264,6 +1259,8 @@ export class Domain extends DomainBase implements IDomain { private readonly domain: CfnDomain; + private readonly _connections: ec2.Connections | undefined; + constructor(scope: Construct, id: string, props: DomainProps) { super(scope, id, { physicalName: props.domainName, @@ -1300,11 +1297,23 @@ export class Domain extends DomainBase implements IDomain { props.zoneAwareness?.enabled ?? props.zoneAwareness?.availabilityZoneCount != null; + + let securityGroups: ec2.ISecurityGroup[] | undefined; + let subnets: ec2.ISubnet[] | undefined; + + if (props.vpc) { + subnets = selectSubnets(props.vpc, props.vpcSubnets ?? [{ subnetType: ec2.SubnetType.PRIVATE }]); + securityGroups = props.securityGroups ?? [new ec2.SecurityGroup(this, 'SecurityGroup', { + vpc: props.vpc, + description: `Security group for domain ${this.node.id}`, + })]; + this._connections = new ec2.Connections({ securityGroups }); + } + // If VPC options are supplied ensure that the number of subnets matches the number AZ - if (props.vpcOptions != null && zoneAwarenessEnabled && - new Set(props.vpcOptions?.subnets.map((subnet) => subnet.availabilityZone)).size < availabilityZoneCount) { + if (subnets && zoneAwarenessEnabled && new Set(subnets.map((subnet) => subnet.availabilityZone)).size < availabilityZoneCount) { throw new Error('When providing vpc options you need to provide a subnet for each AZ you are using'); - }; + } if ([dedicatedMasterType, instanceType, warmType].some(t => !t.endsWith('.elasticsearch'))) { throw new Error('Master, data and UltraWarm node instance types must end with ".elasticsearch".'); @@ -1491,10 +1500,11 @@ export class Domain extends DomainBase implements IDomain { } let cfnVpcOptions: CfnDomain.VPCOptionsProperty | undefined; - if (props.vpcOptions) { + + if (securityGroups && subnets) { cfnVpcOptions = { - securityGroupIds: props.vpcOptions.securityGroups.map((sg) => sg.securityGroupId), - subnetIds: props.vpcOptions.subnets.map((subnet) => subnet.subnetId), + securityGroupIds: securityGroups.map((sg) => sg.securityGroupId), + subnetIds: subnets.map((subnet) => subnet.subnetId), }; } @@ -1730,6 +1740,17 @@ export class Domain extends DomainBase implements IDomain { accessPolicy.node.addDependency(this.domain); } } + + /** + * Manages network connections to the domain. This will throw an error in case the domain + * is not placed inside a VPC. + */ + public get connections(): ec2.Connections { + if (!this._connections) { + throw new Error("Connections are only available on VPC enabled domains. Use the 'vpc' property to place a domain inside a VPC"); + } + return this._connections; + } } /** @@ -1778,3 +1799,11 @@ function parseVersion(version: ElasticsearchVersion): number { throw new Error(`Invalid Elasticsearch version: ${versionStr}. Version string needs to start with major and minor version (x.y).`); } } + +function selectSubnets(vpc: ec2.IVpc, vpcSubnets: ec2.SubnetSelection[]): ec2.ISubnet[] { + const selected = []; + for (const selection of vpcSubnets) { + selected.push(...vpc.selectSubnets(selection).subnets); + } + return selected; +} diff --git a/packages/@aws-cdk/aws-elasticsearch/package.json b/packages/@aws-cdk/aws-elasticsearch/package.json index eff2725fb8d1e..755bba611d3d0 100644 --- a/packages/@aws-cdk/aws-elasticsearch/package.json +++ b/packages/@aws-cdk/aws-elasticsearch/package.json @@ -107,12 +107,12 @@ "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" }, - "stability": "experimental", - "maturity": "experimental", + "stability": "stable", + "maturity": "stable", "features": [ { "name": "Higher level constructs for Domain", - "stability": "Experimental" + "stability": "Stable" } ], "awscdkio": { diff --git a/packages/@aws-cdk/aws-elasticsearch/test/domain.test.ts b/packages/@aws-cdk/aws-elasticsearch/test/domain.test.ts index 12810832c0da8..205f73aee7e1b 100644 --- a/packages/@aws-cdk/aws-elasticsearch/test/domain.test.ts +++ b/packages/@aws-cdk/aws-elasticsearch/test/domain.test.ts @@ -3,7 +3,7 @@ import '@aws-cdk/assert/jest'; import * as assert from '@aws-cdk/assert'; import * as acm from '@aws-cdk/aws-certificatemanager'; import { Metric, Statistic } from '@aws-cdk/aws-cloudwatch'; -import { Subnet, Vpc, EbsDeviceVolumeType } from '@aws-cdk/aws-ec2'; +import { Vpc, EbsDeviceVolumeType, SecurityGroup } from '@aws-cdk/aws-ec2'; import * as iam from '@aws-cdk/aws-iam'; import * as kms from '@aws-cdk/aws-kms'; import * as logs from '@aws-cdk/aws-logs'; @@ -30,6 +30,84 @@ const readWriteActions = [ ...writeActions, ]; +test('connections throws if domain is placed inside a vpc', () => { + + expect(() => { + new Domain(stack, 'Domain', { + version: ElasticsearchVersion.V7_1, + }).connections; + }).toThrowError("Connections are only available on VPC enabled domains. Use the 'vpc' property to place a domain inside a VPC"); +}); + +test('subnets and security groups can be provided when vpc is used', () => { + + const vpc = new Vpc(stack, 'Vpc'); + const securityGroup = new SecurityGroup(stack, 'CustomSecurityGroup', { + vpc, + }); + const domain = new Domain(stack, 'Domain', { + version: ElasticsearchVersion.V7_9, + vpc, + vpcSubnets: [{ subnets: [vpc.privateSubnets[0]] }], + securityGroups: [securityGroup], + }); + + expect(domain.connections.securityGroups[0].securityGroupId).toEqual(securityGroup.securityGroupId); + expect(stack).toHaveResource('AWS::Elasticsearch::Domain', { + VPCOptions: { + SecurityGroupIds: [ + { + 'Fn::GetAtt': [ + 'CustomSecurityGroupE5E500E5', + 'GroupId', + ], + }, + ], + SubnetIds: [ + { + Ref: 'VpcPrivateSubnet1Subnet536B997A', + }, + ], + }, + }); + +}); + +test('default subnets and security group when vpc is used', () => { + + const vpc = new Vpc(stack, 'Vpc'); + const domain = new Domain(stack, 'Domain', { + version: ElasticsearchVersion.V7_9, + vpc, + }); + + expect(stack.resolve(domain.connections.securityGroups[0].securityGroupId)).toEqual({ 'Fn::GetAtt': ['DomainSecurityGroup48AA5FD6', 'GroupId'] }); + expect(stack).toHaveResource('AWS::Elasticsearch::Domain', { + VPCOptions: { + SecurityGroupIds: [ + { + 'Fn::GetAtt': [ + 'DomainSecurityGroup48AA5FD6', + 'GroupId', + ], + }, + ], + SubnetIds: [ + { + Ref: 'VpcPrivateSubnet1Subnet536B997A', + }, + { + Ref: 'VpcPrivateSubnet2Subnet3788AAA1', + }, + { + Ref: 'VpcPrivateSubnet3SubnetF258B56E', + }, + ], + }, + }); + +}); + test('default removalpolicy is retain', () => { new Domain(stack, 'Domain', { version: ElasticsearchVersion.V7_1, @@ -709,8 +787,8 @@ describe('metrics', () => { test('Can use metricClusterIndexWriteBlocked on an Elasticsearch Domain', () => { testMetric( - (domain) => domain.metricClusterIndexWriteBlocked(), - 'ClusterIndexWriteBlocked', + (domain) => domain.metricClusterIndexWritesBlocked(), + 'ClusterIndexWritesBlocked', Statistic.MAXIMUM, Duration.minutes(1), ); @@ -1150,7 +1228,9 @@ describe('custom endpoints', () => { describe('custom error responses', () => { test('error when availabilityZoneCount does not match vpcOptions.subnets length', () => { - const vpc = new Vpc(stack, 'Vpc'); + const vpc = new Vpc(stack, 'Vpc', { + maxAzs: 1, + }); expect(() => new Domain(stack, 'Domain', { version: ElasticsearchVersion.V7_4, @@ -1158,16 +1238,7 @@ describe('custom error responses', () => { enabled: true, availabilityZoneCount: 2, }, - vpcOptions: { - subnets: [ - new Subnet(stack, 'Subnet', { - availabilityZone: 'testaz', - cidrBlock: vpc.vpcCidrBlock, - vpcId: vpc.vpcId, - }), - ], - securityGroups: [], - }, + vpc, })).toThrow(/you need to provide a subnet for each AZ you are using/); }); @@ -1357,31 +1428,7 @@ describe('custom error responses', () => { expect(() => new Domain(stack, 'Domain1', { version: ElasticsearchVersion.V7_4, - vpcOptions: { - subnets: [ - new Subnet(stack, 'Subnet1', { - availabilityZone: 'testaz1', - cidrBlock: vpc.vpcCidrBlock, - vpcId: vpc.vpcId, - }), - new Subnet(stack, 'Subnet2', { - availabilityZone: 'testaz2', - cidrBlock: vpc.vpcCidrBlock, - vpcId: vpc.vpcId, - }), - new Subnet(stack, 'Subnet3', { - availabilityZone: 'testaz3', - cidrBlock: vpc.vpcCidrBlock, - vpcId: vpc.vpcId, - }), - new Subnet(stack, 'Subnet4', { - availabilityZone: 'testaz4', - cidrBlock: vpc.vpcCidrBlock, - vpcId: vpc.vpcId, - }), - ], - securityGroups: [], - }, + vpc, zoneAwareness: { availabilityZoneCount: 4, }, diff --git a/packages/@aws-cdk/aws-elasticsearch/test/integ.elasticsearch-vpc.expected.json b/packages/@aws-cdk/aws-elasticsearch/test/integ.elasticsearch-vpc.expected.json new file mode 100644 index 0000000000000..fc046ff8065b2 --- /dev/null +++ b/packages/@aws-cdk/aws-elasticsearch/test/integ.elasticsearch-vpc.expected.json @@ -0,0 +1,591 @@ +{ + "Resources": { + "Vpc8378EB38": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": "10.0.0.0/16", + "EnableDnsHostnames": true, + "EnableDnsSupport": true, + "InstanceTenancy": "default", + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-elasticsearch-vpc/Vpc" + } + ] + } + }, + "VpcPublicSubnet1Subnet5C2D37C4": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "CidrBlock": "10.0.0.0/19", + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": "test-region-1a", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "cdk-integ-elasticsearch-vpc/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1RouteTable6C95E38E": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-elasticsearch-vpc/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1RouteTableAssociation97140677": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + } + } + }, + "VpcPublicSubnet1DefaultRoute3DA9E72A": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet1RouteTable6C95E38E" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet1EIPD7E02669": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-elasticsearch-vpc/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet1NATGateway4D7517AA": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet1EIPD7E02669", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "VpcPublicSubnet1Subnet5C2D37C4" + }, + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-elasticsearch-vpc/Vpc/PublicSubnet1" + } + ] + } + }, + "VpcPublicSubnet2Subnet691E08A3": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "CidrBlock": "10.0.32.0/19", + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": "test-region-1b", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "cdk-integ-elasticsearch-vpc/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2RouteTable94F7E489": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-elasticsearch-vpc/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2RouteTableAssociationDD5762D8": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + } + } + }, + "VpcPublicSubnet2DefaultRoute97F91067": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet2RouteTable94F7E489" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet2EIP3C605A87": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-elasticsearch-vpc/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet2NATGateway9182C01D": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet2EIP3C605A87", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "VpcPublicSubnet2Subnet691E08A3" + }, + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-elasticsearch-vpc/Vpc/PublicSubnet2" + } + ] + } + }, + "VpcPublicSubnet3SubnetBE12F0B6": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "CidrBlock": "10.0.64.0/19", + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": "test-region-1c", + "MapPublicIpOnLaunch": true, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Public" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Public" + }, + { + "Key": "Name", + "Value": "cdk-integ-elasticsearch-vpc/Vpc/PublicSubnet3" + } + ] + } + }, + "VpcPublicSubnet3RouteTable93458DBB": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-elasticsearch-vpc/Vpc/PublicSubnet3" + } + ] + } + }, + "VpcPublicSubnet3RouteTableAssociation1F1EDF02": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet3RouteTable93458DBB" + }, + "SubnetId": { + "Ref": "VpcPublicSubnet3SubnetBE12F0B6" + } + } + }, + "VpcPublicSubnet3DefaultRoute4697774F": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPublicSubnet3RouteTable93458DBB" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "VpcIGWD7BA715C" + } + }, + "DependsOn": [ + "VpcVPCGWBF912B6E" + ] + }, + "VpcPublicSubnet3EIP3A666A23": { + "Type": "AWS::EC2::EIP", + "Properties": { + "Domain": "vpc", + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-elasticsearch-vpc/Vpc/PublicSubnet3" + } + ] + } + }, + "VpcPublicSubnet3NATGateway7640CD1D": { + "Type": "AWS::EC2::NatGateway", + "Properties": { + "AllocationId": { + "Fn::GetAtt": [ + "VpcPublicSubnet3EIP3A666A23", + "AllocationId" + ] + }, + "SubnetId": { + "Ref": "VpcPublicSubnet3SubnetBE12F0B6" + }, + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-elasticsearch-vpc/Vpc/PublicSubnet3" + } + ] + } + }, + "VpcPrivateSubnet1Subnet536B997A": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "CidrBlock": "10.0.96.0/19", + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": "test-region-1a", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "cdk-integ-elasticsearch-vpc/Vpc/PrivateSubnet1" + } + ] + } + }, + "VpcPrivateSubnet1RouteTableB2C5B500": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-elasticsearch-vpc/Vpc/PrivateSubnet1" + } + ] + } + }, + "VpcPrivateSubnet1RouteTableAssociation70C59FA6": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + } + } + }, + "VpcPrivateSubnet1DefaultRouteBE02A9ED": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet1RouteTableB2C5B500" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet1NATGateway4D7517AA" + } + } + }, + "VpcPrivateSubnet2Subnet3788AAA1": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "CidrBlock": "10.0.128.0/19", + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": "test-region-1b", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "cdk-integ-elasticsearch-vpc/Vpc/PrivateSubnet2" + } + ] + } + }, + "VpcPrivateSubnet2RouteTableA678073B": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-elasticsearch-vpc/Vpc/PrivateSubnet2" + } + ] + } + }, + "VpcPrivateSubnet2RouteTableAssociationA89CAD56": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + } + } + }, + "VpcPrivateSubnet2DefaultRoute060D2087": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet2RouteTableA678073B" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet2NATGateway9182C01D" + } + } + }, + "VpcPrivateSubnet3SubnetF258B56E": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "CidrBlock": "10.0.160.0/19", + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "AvailabilityZone": "test-region-1c", + "MapPublicIpOnLaunch": false, + "Tags": [ + { + "Key": "aws-cdk:subnet-name", + "Value": "Private" + }, + { + "Key": "aws-cdk:subnet-type", + "Value": "Private" + }, + { + "Key": "Name", + "Value": "cdk-integ-elasticsearch-vpc/Vpc/PrivateSubnet3" + } + ] + } + }, + "VpcPrivateSubnet3RouteTableD98824C7": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-elasticsearch-vpc/Vpc/PrivateSubnet3" + } + ] + } + }, + "VpcPrivateSubnet3RouteTableAssociation16BDDC43": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet3RouteTableD98824C7" + }, + "SubnetId": { + "Ref": "VpcPrivateSubnet3SubnetF258B56E" + } + } + }, + "VpcPrivateSubnet3DefaultRoute94B74F0D": { + "Type": "AWS::EC2::Route", + "Properties": { + "RouteTableId": { + "Ref": "VpcPrivateSubnet3RouteTableD98824C7" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "NatGatewayId": { + "Ref": "VpcPublicSubnet3NATGateway7640CD1D" + } + } + }, + "VpcIGWD7BA715C": { + "Type": "AWS::EC2::InternetGateway", + "Properties": { + "Tags": [ + { + "Key": "Name", + "Value": "cdk-integ-elasticsearch-vpc/Vpc" + } + ] + } + }, + "VpcVPCGWBF912B6E": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "VpcId": { + "Ref": "Vpc8378EB38" + }, + "InternetGatewayId": { + "Ref": "VpcIGWD7BA715C" + } + } + }, + "DomainSecurityGroup48AA5FD6": { + "Type": "AWS::EC2::SecurityGroup", + "Properties": { + "GroupDescription": "Security group for domain Domain", + "SecurityGroupEgress": [ + { + "CidrIp": "0.0.0.0/0", + "Description": "Allow all outbound traffic by default", + "IpProtocol": "-1" + } + ], + "VpcId": { + "Ref": "Vpc8378EB38" + } + } + }, + "Domain66AC69E0": { + "Type": "AWS::Elasticsearch::Domain", + "Properties": { + "CognitoOptions": { + "Enabled": false + }, + "DomainEndpointOptions": { + "EnforceHTTPS": false, + "TLSSecurityPolicy": "Policy-Min-TLS-1-0-2019-07" + }, + "EBSOptions": { + "EBSEnabled": true, + "VolumeSize": 10, + "VolumeType": "gp2" + }, + "ElasticsearchClusterConfig": { + "DedicatedMasterEnabled": false, + "InstanceCount": 2, + "InstanceType": "r5.large.elasticsearch", + "ZoneAwarenessConfig": { + "AvailabilityZoneCount": 2 + }, + "ZoneAwarenessEnabled": true + }, + "ElasticsearchVersion": "7.1", + "EncryptionAtRestOptions": { + "Enabled": false + }, + "LogPublishingOptions": {}, + "NodeToNodeEncryptionOptions": { + "Enabled": false + }, + "VPCOptions": { + "SecurityGroupIds": [ + { + "Fn::GetAtt": [ + "DomainSecurityGroup48AA5FD6", + "GroupId" + ] + } + ], + "SubnetIds": [ + { + "Ref": "VpcPrivateSubnet1Subnet536B997A" + }, + { + "Ref": "VpcPrivateSubnet2Subnet3788AAA1" + }, + { + "Ref": "VpcPrivateSubnet3SubnetF258B56E" + } + ] + } + }, + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" + } + } +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-elasticsearch/test/integ.elasticsearch-vpc.ts b/packages/@aws-cdk/aws-elasticsearch/test/integ.elasticsearch-vpc.ts new file mode 100644 index 0000000000000..b1049270c6250 --- /dev/null +++ b/packages/@aws-cdk/aws-elasticsearch/test/integ.elasticsearch-vpc.ts @@ -0,0 +1,28 @@ +import * as ec2 from '@aws-cdk/aws-ec2'; +import { App, Stack, StackProps, RemovalPolicy } from '@aws-cdk/core'; +import { Construct } from 'constructs'; +import * as es from '../lib'; + +class TestStack extends Stack { + constructor(scope: Construct, id: string, props?: StackProps) { + super(scope, id, props); + + const vpc = new ec2.Vpc(this, 'Vpc'); + const domainProps: es.DomainProps = { + version: es.ElasticsearchVersion.V7_1, + removalPolicy: RemovalPolicy.DESTROY, + vpc, + zoneAwareness: { + enabled: true, + }, + capacity: { + dataNodes: 2, + }, + }; + new es.Domain(this, 'Domain', domainProps); + } +} + +const app = new App(); +new TestStack(app, 'cdk-integ-elasticsearch-vpc'); +app.synth(); From b2d4548c247568ce6f247c1eb3feb9e9d1c81474 Mon Sep 17 00:00:00 2001 From: Shumail Mohyuddin Date: Fri, 2 Apr 2021 01:44:01 +0200 Subject: [PATCH 077/260] chore(sqs): fix typo (#13883) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-sqs/lib/validate-props.ts | 2 +- packages/@aws-cdk/aws-sqs/test/test.sqs.ts | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/@aws-cdk/aws-sqs/lib/validate-props.ts b/packages/@aws-cdk/aws-sqs/lib/validate-props.ts index 8a1204e21f858..b988e6e7fdf9a 100644 --- a/packages/@aws-cdk/aws-sqs/lib/validate-props.ts +++ b/packages/@aws-cdk/aws-sqs/lib/validate-props.ts @@ -14,5 +14,5 @@ function validateRange(label: string, value: number | undefined, minValue: numbe if (value === undefined || Token.isUnresolved(value)) { return; } const unitSuffix = unit ? ` ${unit}` : ''; if (value < minValue) { throw new Error(`${label} must be ${minValue}${unitSuffix} or more, but ${value} was provided`); } - if (value > maxValue) { throw new Error(`${label} must be ${maxValue}${unitSuffix} of less, but ${value} was provided`); } + if (value > maxValue) { throw new Error(`${label} must be ${maxValue}${unitSuffix} or less, but ${value} was provided`); } } diff --git a/packages/@aws-cdk/aws-sqs/test/test.sqs.ts b/packages/@aws-cdk/aws-sqs/test/test.sqs.ts index ea0233578c5a6..21266a4ce03db 100644 --- a/packages/@aws-cdk/aws-sqs/test/test.sqs.ts +++ b/packages/@aws-cdk/aws-sqs/test/test.sqs.ts @@ -75,7 +75,7 @@ export = { test.throws(() => new sqs.Queue(stack, 'AnotherQueue', { retentionPeriod: Duration.days(15), - }), /message retention period must be 1209600 seconds of less/); + }), /message retention period must be 1209600 seconds or less/); test.done(); }, From a8f5b6c54371fe966172a9fb36135bfdc4a01b11 Mon Sep 17 00:00:00 2001 From: Masaharu Komuro Date: Fri, 2 Apr 2021 10:57:09 +0900 Subject: [PATCH 078/260] fix(aws-rds): ServerlessCluster.clusterArn is not correct when clusterIdentifier includes upper cases string. (#13710) Close #12795 The problem is that, according to the cloudformation specification, even if the clusterIdentifier contains uppercase letters, the actual generated cluster identifier will be set to a lowercase string. But the resource ref remain the original string (that maybe contain uppercase letters). https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#cfn-rds-dbcluster-dbclusteridentifier ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-rds/lib/cluster.ts | 9 +++- packages/@aws-cdk/aws-rds/lib/instance.ts | 18 ++++++- .../aws-rds/lib/serverless-cluster.ts | 9 +++- packages/@aws-cdk/aws-rds/package.json | 2 + .../@aws-cdk/aws-rds/test/cluster.test.ts | 42 +++++++++++++++ .../@aws-cdk/aws-rds/test/instance.test.ts | 48 ++++++++++++++++- .../aws-rds/test/serverless-cluster.test.ts | 52 +++++++++++++++++-- packages/@aws-cdk/cx-api/lib/features.ts | 17 ++++++ 8 files changed, 187 insertions(+), 10 deletions(-) diff --git a/packages/@aws-cdk/aws-rds/lib/cluster.ts b/packages/@aws-cdk/aws-rds/lib/cluster.ts index 4e4e86f6a4d7f..6b62a02fdb19b 100644 --- a/packages/@aws-cdk/aws-rds/lib/cluster.ts +++ b/packages/@aws-cdk/aws-rds/lib/cluster.ts @@ -4,7 +4,8 @@ import * as kms from '@aws-cdk/aws-kms'; import * as logs from '@aws-cdk/aws-logs'; import * as s3 from '@aws-cdk/aws-s3'; import * as secretsmanager from '@aws-cdk/aws-secretsmanager'; -import { Annotations, Duration, RemovalPolicy, Resource, Token } from '@aws-cdk/core'; +import { Annotations, Duration, FeatureFlags, RemovalPolicy, Resource, Token } from '@aws-cdk/core'; +import * as cxapi from '@aws-cdk/cx-api'; import { Construct } from 'constructs'; import { IClusterEngine } from './cluster-engine'; import { DatabaseClusterAttributes, IDatabaseCluster } from './cluster-ref'; @@ -340,11 +341,15 @@ abstract class DatabaseClusterNew extends DatabaseClusterBase { const clusterParameterGroupConfig = clusterParameterGroup?.bindToCluster({}); this.engine = props.engine; + const clusterIdentifier = FeatureFlags.of(this).isEnabled(cxapi.RDS_LOWERCASE_DB_IDENTIFIER) + ? props.clusterIdentifier?.toLowerCase() + : props.clusterIdentifier; + this.newCfnProps = { // Basic engine: props.engine.engineType, engineVersion: props.engine.engineVersion?.fullVersion, - dbClusterIdentifier: props.clusterIdentifier, + dbClusterIdentifier: clusterIdentifier, dbSubnetGroupName: this.subnetGroup.subnetGroupName, vpcSecurityGroupIds: this.securityGroups.map(sg => sg.securityGroupId), port: props.port ?? clusterEngineBindConfig.port, diff --git a/packages/@aws-cdk/aws-rds/lib/instance.ts b/packages/@aws-cdk/aws-rds/lib/instance.ts index f6bbe5481a112..5ce8eca7bdf81 100644 --- a/packages/@aws-cdk/aws-rds/lib/instance.ts +++ b/packages/@aws-cdk/aws-rds/lib/instance.ts @@ -5,7 +5,17 @@ import * as kms from '@aws-cdk/aws-kms'; import * as logs from '@aws-cdk/aws-logs'; import * as s3 from '@aws-cdk/aws-s3'; import * as secretsmanager from '@aws-cdk/aws-secretsmanager'; -import { Duration, IResource, Lazy, RemovalPolicy, Resource, Stack, Token } from '@aws-cdk/core'; +import { + Duration, + FeatureFlags, + IResource, + Lazy, + RemovalPolicy, + Resource, + Stack, + Token, +} from '@aws-cdk/core'; +import * as cxapi from '@aws-cdk/cx-api'; import { Construct } from 'constructs'; import { DatabaseSecret } from './database-secret'; import { Endpoint } from './endpoint'; @@ -687,13 +697,17 @@ abstract class DatabaseInstanceNew extends DatabaseInstanceBase implements IData }); } + const instanceIdentifier = FeatureFlags.of(this).isEnabled(cxapi.RDS_LOWERCASE_DB_IDENTIFIER) + ? props.instanceIdentifier?.toLowerCase() + : props.instanceIdentifier; + this.newCfnProps = { autoMinorVersionUpgrade: props.autoMinorVersionUpgrade, availabilityZone: props.multiAz ? undefined : props.availabilityZone, backupRetentionPeriod: props.backupRetention?.toDays(), copyTagsToSnapshot: props.copyTagsToSnapshot ?? true, dbInstanceClass: Lazy.string({ produce: () => `db.${this.instanceType}` }), - dbInstanceIdentifier: props.instanceIdentifier, + dbInstanceIdentifier: instanceIdentifier, dbSubnetGroupName: subnetGroup.subnetGroupName, deleteAutomatedBackups: props.deleteAutomatedBackups, deletionProtection: defaultDeletionProtection(props.deletionProtection, props.removalPolicy), diff --git a/packages/@aws-cdk/aws-rds/lib/serverless-cluster.ts b/packages/@aws-cdk/aws-rds/lib/serverless-cluster.ts index 90438cbaa1c79..5d3868a5bd90c 100644 --- a/packages/@aws-cdk/aws-rds/lib/serverless-cluster.ts +++ b/packages/@aws-cdk/aws-rds/lib/serverless-cluster.ts @@ -2,7 +2,8 @@ import * as ec2 from '@aws-cdk/aws-ec2'; import * as iam from '@aws-cdk/aws-iam'; import * as kms from '@aws-cdk/aws-kms'; import * as secretsmanager from '@aws-cdk/aws-secretsmanager'; -import { Resource, Duration, Token, Annotations, RemovalPolicy, IResource, Stack, Lazy } from '@aws-cdk/core'; +import { Resource, Duration, Token, Annotations, RemovalPolicy, IResource, Stack, Lazy, FeatureFlags } from '@aws-cdk/core'; +import * as cxapi from '@aws-cdk/cx-api'; import { Construct } from 'constructs'; import { IClusterEngine } from './cluster-engine'; import { Endpoint } from './endpoint'; @@ -438,10 +439,14 @@ export class ServerlessCluster extends ServerlessClusterBase { }), ]; + const clusterIdentifier = FeatureFlags.of(this).isEnabled(cxapi.RDS_LOWERCASE_DB_IDENTIFIER) + ? props.clusterIdentifier?.toLowerCase() + : props.clusterIdentifier; + const cluster = new CfnDBCluster(this, 'Resource', { backupRetentionPeriod: props.backupRetention?.toDays(), databaseName: props.defaultDatabaseName, - dbClusterIdentifier: props.clusterIdentifier, + dbClusterIdentifier: clusterIdentifier, dbClusterParameterGroupName: clusterParameterGroupConfig?.parameterGroupName, dbSubnetGroupName: this.subnetGroup.subnetGroupName, deletionProtection: defaultDeletionProtection(props.deletionProtection, props.removalPolicy), diff --git a/packages/@aws-cdk/aws-rds/package.json b/packages/@aws-cdk/aws-rds/package.json index 24a5e32d86853..85933211fee0e 100644 --- a/packages/@aws-cdk/aws-rds/package.json +++ b/packages/@aws-cdk/aws-rds/package.json @@ -91,6 +91,7 @@ "@aws-cdk/aws-s3": "0.0.0", "@aws-cdk/aws-secretsmanager": "0.0.0", "@aws-cdk/core": "0.0.0", + "@aws-cdk/cx-api": "0.0.0", "constructs": "^3.3.69" }, "homepage": "https://github.com/aws/aws-cdk", @@ -104,6 +105,7 @@ "@aws-cdk/aws-secretsmanager": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/aws-s3": "0.0.0", + "@aws-cdk/cx-api": "0.0.0", "constructs": "^3.3.69" }, "engines": { diff --git a/packages/@aws-cdk/aws-rds/test/cluster.test.ts b/packages/@aws-cdk/aws-rds/test/cluster.test.ts index de7c5900de836..3f10a359d6ae9 100644 --- a/packages/@aws-cdk/aws-rds/test/cluster.test.ts +++ b/packages/@aws-cdk/aws-rds/test/cluster.test.ts @@ -1860,6 +1860,48 @@ describe('cluster', () => { }); + + test('changes the case of the cluster identifier if the lowercaseDbIdentifier feature flag is enabled', () => { + // GIVEN + const app = new cdk.App({ + context: { [cxapi.RDS_LOWERCASE_DB_IDENTIFIER]: true }, + }); + const stack = testStack(app); + const vpc = new ec2.Vpc(stack, 'VPC'); + + // WHEN + const clusterIdentifier = 'TestClusterIdentifier'; + new DatabaseCluster(stack, 'Database', { + engine: DatabaseClusterEngine.AURORA, + instanceProps: { vpc }, + clusterIdentifier, + }); + + // THEN + expect(stack).toHaveResourceLike('AWS::RDS::DBCluster', { + DBClusterIdentifier: clusterIdentifier.toLowerCase(), + }); + }); + + test('does not changes the case of the cluster identifier if the lowercaseDbIdentifier feature flag is disabled', () => { + // GIVEN + const app = new cdk.App(); + const stack = testStack(app); + const vpc = new ec2.Vpc(stack, 'VPC'); + + // WHEN + const clusterIdentifier = 'TestClusterIdentifier'; + new DatabaseCluster(stack, 'Database', { + engine: DatabaseClusterEngine.AURORA, + instanceProps: { vpc }, + clusterIdentifier, + }); + + // THEN + expect(stack).toHaveResourceLike('AWS::RDS::DBCluster', { + DBClusterIdentifier: clusterIdentifier, + }); + }); }); test.each([ diff --git a/packages/@aws-cdk/aws-rds/test/instance.test.ts b/packages/@aws-cdk/aws-rds/test/instance.test.ts index 49e57e630f55c..838b35731b733 100644 --- a/packages/@aws-cdk/aws-rds/test/instance.test.ts +++ b/packages/@aws-cdk/aws-rds/test/instance.test.ts @@ -9,7 +9,7 @@ import * as logs from '@aws-cdk/aws-logs'; import * as s3 from '@aws-cdk/aws-s3'; import * as cdk from '@aws-cdk/core'; import * as cxapi from '@aws-cdk/cx-api'; -import { testFutureBehavior } from 'cdk-build-tools/lib/feature-flag'; +import { testFutureBehavior, testLegacyBehavior } from 'cdk-build-tools/lib/feature-flag'; import * as rds from '../lib'; let stack: cdk.Stack; @@ -1279,6 +1279,52 @@ describe('instance', () => { PubliclyAccessible: true, }); }); + + testFutureBehavior( + 'changes the case of the cluster identifier if the lowercaseDbIdentifier feature flag is enabled', + { [cxapi.RDS_LOWERCASE_DB_IDENTIFIER]: true }, cdk.App, (app, + ) => { + // GIVEN + stack = new cdk.Stack( app ); + vpc = new ec2.Vpc( stack, 'VPC' ); + + // WHEN + const instanceIdentifier = 'TestInstanceIdentifier'; + new rds.DatabaseInstance( stack, 'DB', { + engine: rds.DatabaseInstanceEngine.mysql({ + version: rds.MysqlEngineVersion.VER_8_0_19, + }), + vpc, + instanceIdentifier, + } ); + + // THEN + expect(stack).toHaveResource('AWS::RDS::DBInstance', { + DBInstanceIdentifier: instanceIdentifier.toLowerCase(), + }); + }); + + testLegacyBehavior( 'does not changes the case of the cluster identifier if the lowercaseDbIdentifier feature flag is disabled', cdk.App, (app ) => { + // GIVEN + stack = new cdk.Stack( app ); + vpc = new ec2.Vpc( stack, 'VPC' ); + + // WHEN + const instanceIdentifier = 'TestInstanceIdentifier'; + new rds.DatabaseInstance( stack, 'DB', { + engine: rds.DatabaseInstanceEngine.mysql({ + version: rds.MysqlEngineVersion.VER_8_0_19, + }), + vpc, + instanceIdentifier, + } ); + + // THEN + expect(stack).toHaveResource('AWS::RDS::DBInstance', { + DBInstanceIdentifier: instanceIdentifier, + }); + }); + }); test.each([ diff --git a/packages/@aws-cdk/aws-rds/test/serverless-cluster.test.ts b/packages/@aws-cdk/aws-rds/test/serverless-cluster.test.ts index e370ff915cb6c..595c480b5b318 100644 --- a/packages/@aws-cdk/aws-rds/test/serverless-cluster.test.ts +++ b/packages/@aws-cdk/aws-rds/test/serverless-cluster.test.ts @@ -3,6 +3,7 @@ import * as ec2 from '@aws-cdk/aws-ec2'; import * as iam from '@aws-cdk/aws-iam'; import * as kms from '@aws-cdk/aws-kms'; import * as cdk from '@aws-cdk/core'; +import * as cxapi from '@aws-cdk/cx-api'; import { nodeunitShim, Test } from 'nodeunit-shim'; import { AuroraPostgresEngineVersion, ServerlessCluster, DatabaseClusterEngine, ParameterGroup, AuroraCapacityUnit, DatabaseSecret } from '../lib'; @@ -818,11 +819,56 @@ nodeunitShim({ test.done(); }, -}); + 'changes the case of the cluster identifier if the lowercaseDbIdentifier feature flag is enabled'(test: Test) { + // GIVEN + const app = new cdk.App({ + context: { [cxapi.RDS_LOWERCASE_DB_IDENTIFIER]: true }, + }); + const stack = testStack(app); + const clusterIdentifier = 'TestClusterIdentifier'; + const vpc = ec2.Vpc.fromLookup(stack, 'VPC', { isDefault: true }); + + // WHEN + new ServerlessCluster(stack, 'Database', { + engine: DatabaseClusterEngine.AURORA_MYSQL, + vpc, + clusterIdentifier, + }); + + // THEN + expect(stack).to(haveResourceLike('AWS::RDS::DBCluster', { + DBClusterIdentifier: clusterIdentifier.toLowerCase(), + })); + + test.done(); + }, + + 'does not change the case of the cluster identifier if the lowercaseDbIdentifier feature flag is disabled'(test: Test) { + // GIVEN + const app = new cdk.App(); + const stack = testStack(app); + const clusterIdentifier = 'TestClusterIdentifier'; + const vpc = ec2.Vpc.fromLookup(stack, 'VPC', { isDefault: true }); + + // WHEN + new ServerlessCluster(stack, 'Database', { + engine: DatabaseClusterEngine.AURORA_MYSQL, + vpc, + clusterIdentifier, + }); + + // THEN + expect(stack).to(haveResourceLike('AWS::RDS::DBCluster', { + DBClusterIdentifier: clusterIdentifier, + })); + + test.done(); + }, +}); -function testStack() { - const stack = new cdk.Stack(undefined, undefined, { env: { account: '12345', region: 'us-test-1' } }); +function testStack(app?: cdk.App, id?: string): cdk.Stack { + const stack = new cdk.Stack(app, id, { env: { account: '12345', region: 'us-test-1' } }); stack.node.setContext('availability-zones:12345:us-test-1', ['us-test-1a', 'us-test-1b']); return stack; } diff --git a/packages/@aws-cdk/cx-api/lib/features.ts b/packages/@aws-cdk/cx-api/lib/features.ts index 162ec0de9d7f4..91f6039625a1b 100644 --- a/packages/@aws-cdk/cx-api/lib/features.ts +++ b/packages/@aws-cdk/cx-api/lib/features.ts @@ -104,6 +104,21 @@ export const S3_GRANT_WRITE_WITHOUT_ACL = '@aws-cdk/aws-s3:grantWriteWithoutAcl' */ export const ECS_REMOVE_DEFAULT_DESIRED_COUNT = '@aws-cdk/aws-ecs-patterns:removeDefaultDesiredCount'; +/** + * ServerlessCluster.clusterIdentifier currently can has uppercase letters, + * and ServerlessCluster pass it through to CfnDBCluster.dbClusterIdentifier. + * The identifier is saved as lowercase string in AWS and is resolved as original string in CloudFormation. + * + * If this flag is not set, original value that one set to ServerlessCluster.clusterIdentifier + * is passed to CfnDBCluster.dbClusterIdentifier. + * If this flag is true, ServerlessCluster.clusterIdentifier is converted into a string containing + * only lowercase characters by the `toLowerCase` function and passed to CfnDBCluster.dbClusterIdentifier. + * + * This feature flag make correct the ServerlessCluster.clusterArn when + * clusterIdentifier contains a Upper case letters. + */ +export const RDS_LOWERCASE_DB_IDENTIFIER = '@aws-cdk/aws-rds:lowercaseDbIdentifier'; + /** * This map includes context keys and values for feature flags that enable * capabilities "from the future", which we could not introduce as the default @@ -126,6 +141,7 @@ export const FUTURE_FLAGS: { [key: string]: any } = { [KMS_DEFAULT_KEY_POLICIES]: true, [S3_GRANT_WRITE_WITHOUT_ACL]: true, [ECS_REMOVE_DEFAULT_DESIRED_COUNT]: true, + [RDS_LOWERCASE_DB_IDENTIFIER]: true, // We will advertise this flag when the feature is complete // [NEW_STYLE_STACK_SYNTHESIS_CONTEXT]: 'true', @@ -152,6 +168,7 @@ const FUTURE_FLAGS_DEFAULTS: { [key: string]: boolean } = { [KMS_DEFAULT_KEY_POLICIES]: false, [S3_GRANT_WRITE_WITHOUT_ACL]: false, [ECS_REMOVE_DEFAULT_DESIRED_COUNT]: false, + [RDS_LOWERCASE_DB_IDENTIFIER]: false, }; export function futureFlagDefault(flag: string): boolean { From 7cb1b33c7b0a03d8a353349da5a543c595809993 Mon Sep 17 00:00:00 2001 From: Robert Djurasaj Date: Thu, 1 Apr 2021 23:17:35 -0600 Subject: [PATCH 079/260] docs(ecs): typo fix (#13736) Minor typo fix in `aws-ecs` docs. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-ecs/lib/container-definition.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/@aws-cdk/aws-ecs/lib/container-definition.ts b/packages/@aws-cdk/aws-ecs/lib/container-definition.ts index 9911a49a039cf..dfe041afd2d99 100644 --- a/packages/@aws-cdk/aws-ecs/lib/container-definition.ts +++ b/packages/@aws-cdk/aws-ecs/lib/container-definition.ts @@ -351,7 +351,7 @@ export class ContainerDefinition extends CoreConstruct { * stopped. If the essential parameter of a container is marked as false, then its * failure does not affect the rest of the containers in a task. * - * If this parameter isomitted, a container is assumed to be essential. + * If this parameter is omitted, a container is assumed to be essential. */ public readonly essential: boolean; From ddbe968afdfb27b3adcd9461ece97f602e2859c9 Mon Sep 17 00:00:00 2001 From: Benjamin Genz Date: Fri, 2 Apr 2021 08:10:35 +0200 Subject: [PATCH 080/260] revert: fix(aws-ecs): "broken splunk-logging `tag`-option in fargate platform version 1.4 (#13882)" (#13892) This reverts commit e9d9299. Unfortunately the above commit leads to broken deployments that are caused by behaviors upstream (i.e. in the ECS backend): > Resource handler returned message: "Invalid request provided: Create TaskDefinition: Log driver splunk disallows options: splunk-tag (Service: AmazonECS; Status Code: 400; Error Code: ClientException; Request ID: d13abe56-36fa-4e81-b980-bf83789d4d0d; Proxy : null)" (RequestToken: 546a74e2-a2eb-ef75-43e7-231fe8927096, HandlerErrorCode: InvalidRequest) This means however, that the buggy behavior mentioned in #13881 persists. I am in communication with AWS support on this issue and will keep you posted. Sorry to have caused that mess. I should have marked the PR #13882 as draft before everything was clear. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../lib/log-drivers/splunk-log-driver.ts | 1 - .../aws-ecs/test/splunk-log-driver.test.ts | 31 ------------------- 2 files changed, 32 deletions(-) diff --git a/packages/@aws-cdk/aws-ecs/lib/log-drivers/splunk-log-driver.ts b/packages/@aws-cdk/aws-ecs/lib/log-drivers/splunk-log-driver.ts index b536db6003ec3..ecb4d9f0dd9c1 100644 --- a/packages/@aws-cdk/aws-ecs/lib/log-drivers/splunk-log-driver.ts +++ b/packages/@aws-cdk/aws-ecs/lib/log-drivers/splunk-log-driver.ts @@ -145,7 +145,6 @@ export class SplunkLogDriver extends LogDriver { 'splunk-verify-connection': this.props.verifyConnection, 'splunk-gzip': this.props.gzip, 'splunk-gzip-level': this.props.gzipLevel, - 'splunk-tag': this.props.tag, ...renderCommonLogDriverOptions(this.props), }), }; diff --git a/packages/@aws-cdk/aws-ecs/test/splunk-log-driver.test.ts b/packages/@aws-cdk/aws-ecs/test/splunk-log-driver.test.ts index fb1091a3ae027..c8afd01daade1 100644 --- a/packages/@aws-cdk/aws-ecs/test/splunk-log-driver.test.ts +++ b/packages/@aws-cdk/aws-ecs/test/splunk-log-driver.test.ts @@ -103,35 +103,4 @@ nodeunitShim({ test.done(); }, - - 'create a splunk log driver using splunk-tag property when tag is defined'(test: Test) { - // WHEN - td.addContainer('Container', { - image, - logging: ecs.LogDrivers.splunk({ - token: cdk.SecretValue.secretsManager('my-splunk-token'), - url: 'my-splunk-url', - tag: 'abc', - }), - memoryLimitMiB: 128, - }); - - // THEN - expect(stack).to(haveResourceLike('AWS::ECS::TaskDefinition', { - ContainerDefinitions: [ - { - LogConfiguration: { - LogDriver: 'splunk', - Options: { - 'splunk-token': '{{resolve:secretsmanager:my-splunk-token:SecretString:::}}', - 'splunk-url': 'my-splunk-url', - 'splunk-tag': 'abc', - }, - }, - }, - ], - })); - - test.done(); - }, }); From 38df2f217ee0cb29c213b3c336971f92151dfcf5 Mon Sep 17 00:00:00 2001 From: Mitchell Valine Date: Fri, 2 Apr 2021 00:12:17 -0700 Subject: [PATCH 081/260] chore(backup): graduate to stable (#13951) Graduate aws-backup L2 constructs to stable. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-backup/README.md | 12 +----------- packages/@aws-cdk/aws-backup/package.json | 4 ++-- 2 files changed, 3 insertions(+), 13 deletions(-) diff --git a/packages/@aws-cdk/aws-backup/README.md b/packages/@aws-cdk/aws-backup/README.md index 47b54313a8fc9..3d1e81615fc37 100644 --- a/packages/@aws-cdk/aws-backup/README.md +++ b/packages/@aws-cdk/aws-backup/README.md @@ -5,17 +5,7 @@ ![cfn-resources: Stable](https://img.shields.io/badge/cfn--resources-stable-success.svg?style=for-the-badge) -> All classes with the `Cfn` prefix in this module ([CFN Resources]) are always stable and safe to use. -> -> [CFN Resources]: https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib - -![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) - -> The APIs of higher level constructs in this module are experimental and under active development. -> They are subject to non-backward compatible changes or removal in any future version. These are -> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be -> announced in the release notes. This means that while you may use them, you may need to update -> your source code when upgrading to a newer version of this package. +![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- diff --git a/packages/@aws-cdk/aws-backup/package.json b/packages/@aws-cdk/aws-backup/package.json index 4ac39c84433d5..813c8dd286eea 100644 --- a/packages/@aws-cdk/aws-backup/package.json +++ b/packages/@aws-cdk/aws-backup/package.json @@ -111,8 +111,8 @@ "resource-attribute:@aws-cdk/aws-backup.BackupSelection.backupSelectionId" ] }, - "stability": "experimental", - "maturity": "experimental", + "stability": "stable", + "maturity": "stable", "awscdkio": { "announce": false }, From 567d64d70f92adbba9ff9981184d88b46fb95652 Mon Sep 17 00:00:00 2001 From: Eli Polonsky Date: Fri, 2 Apr 2021 13:02:11 +0300 Subject: [PATCH 082/260] =?UTF-8?q?feat(s3-deployment):=20graduate=20to=20?= =?UTF-8?q?stable=20=F0=9F=9A=80=20(#13906)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Also fixed up some lint violations just for fun. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-s3-deployment/README.md | 39 +++++-- .../lib/bucket-deployment.ts | 106 +++++++++++++++++- .../@aws-cdk/aws-s3-deployment/lib/source.ts | 3 + .../@aws-cdk/aws-s3-deployment/package.json | 33 +----- 4 files changed, 137 insertions(+), 44 deletions(-) diff --git a/packages/@aws-cdk/aws-s3-deployment/README.md b/packages/@aws-cdk/aws-s3-deployment/README.md index b0bb1e2d9ebd5..64c3872c59f74 100644 --- a/packages/@aws-cdk/aws-s3-deployment/README.md +++ b/packages/@aws-cdk/aws-s3-deployment/README.md @@ -3,13 +3,7 @@ --- -![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) - -> The APIs of higher level constructs in this module are experimental and under active development. -> They are subject to non-backward compatible changes or removal in any future version. These are -> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be -> announced in the release notes. This means that while you may use them, you may need to update -> your source code when upgrading to a newer version of this package. +![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- @@ -70,6 +64,37 @@ By default, the contents of the destination bucket will **not** be deleted when changed. You can use the option `retainOnDelete: false` to disable this behavior, in which case the contents will be deleted. +Configuring this has a few implications you should be aware of: + +- **Logical ID Changes** + + Changing the logical ID of the `BucketDeployment` construct, without changing the destination + (for example due to refactoring, or intentional ID change) **will result in the deletion of the objects**. + This is because CloudFormation will first create the new resource, which will have no affect, + followed by a deletion of the old resource, which will cause a deletion of the objects, + since the destination hasn't changed, and `retainOnDelete` is `false`. + +- **Destination Changes** + + When the destination bucket or prefix is changed, all files in the previous destination will **first** be + deleted and then uploaded to the new destination location. This could have availablity implications + on your users. + +### General Recommendations + +#### Shared Bucket + +If the destination bucket **is not** dedicated to the specific `BucketDeployment` construct (i.e shared by other entities), +we recommend to always configure the `destinationKeyPrefix` property. This will prevent the deployment from +accidentally deleting data that wasn't uploaded by it. + +#### Dedicated Bucket + +If the destination bucket **is** dedicated, it might be reasonable to skip the prefix configuration, +in which case, we recommend to remove `retainOnDelete: false`, and instead, configure the +[`autoDeleteObjects`](https://docs.aws.amazon.com/cdk/api/latest/docs/aws-s3-readme.html#bucket-deletion) +property on the destination bucket. This will avoid the logical ID problem mentioned above. + ## Prune By default, files in the destination bucket that don't exist in the source will be deleted diff --git a/packages/@aws-cdk/aws-s3-deployment/lib/bucket-deployment.ts b/packages/@aws-cdk/aws-s3-deployment/lib/bucket-deployment.ts index 4ca33864952f3..ca91f036dc5ed 100644 --- a/packages/@aws-cdk/aws-s3-deployment/lib/bucket-deployment.ts +++ b/packages/@aws-cdk/aws-s3-deployment/lib/bucket-deployment.ts @@ -13,6 +13,9 @@ import { ISource, SourceConfig } from './source'; // eslint-disable-next-line no-duplicate-imports, import/order import { Construct as CoreConstruct } from '@aws-cdk/core'; +/** + * Properties for `BucketDeployment`. + */ export interface BucketDeploymentProps { /** * The sources from which to deploy the contents of this bucket. @@ -45,11 +48,10 @@ export interface BucketDeploymentProps { * If this is set to "false", the destination files will be deleted when the * resource is deleted or the destination is updated. * - * NOTICE: if this is set to "false" and destination bucket/prefix is updated, - * all files in the previous destination will first be deleted and then - * uploaded to the new destination location. This could have availablity - * implications on your users. + * NOTICE: Configuring this to "false" might have operational implications. Please + * visit to the package documentation referred below to make sure you fully understand those implications. * + * @see https://github.com/aws/aws-cdk/tree/master/packages/%40aws-cdk/aws-s3-deployment#retain-on-delete * @default true - when resource is deleted/updated, files are retained */ readonly retainOnDelete?: boolean; @@ -179,6 +181,10 @@ export interface BucketDeploymentProps { readonly vpcSubnets?: ec2.SubnetSelection; } +/** + * `BucketDeployment` populates an S3 bucket with the contents of .zip files from + * other S3 buckets or from local disk + */ export class BucketDeployment extends CoreConstruct { constructor(scope: Construct, id: string, props: BucketDeploymentProps) { super(scope, id); @@ -285,17 +291,58 @@ function mapSystemMetadata(metadata: BucketDeploymentProps) { * @see https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html#SysMetadata */ export class CacheControl { + + /** + * Sets 'must-revalidate'. + */ public static mustRevalidate() { return new CacheControl('must-revalidate'); } + + /** + * Sets 'no-cache'. + */ public static noCache() { return new CacheControl('no-cache'); } + + /** + * Sets 'no-transform'. + */ public static noTransform() { return new CacheControl('no-transform'); } + + /** + * Sets 'public'. + */ public static setPublic() { return new CacheControl('public'); } + + /** + * Sets 'private'. + */ public static setPrivate() { return new CacheControl('private'); } + + /** + * Sets 'proxy-revalidate'. + */ public static proxyRevalidate() { return new CacheControl('proxy-revalidate'); } + + /** + * Sets 'max-age='. + */ public static maxAge(t: cdk.Duration) { return new CacheControl(`max-age=${t.toSeconds()}`); } + + /** + * Sets 's-maxage='. + */ public static sMaxAge(t: cdk.Duration) { return new CacheControl(`s-maxage=${t.toSeconds()}`); } + + /** + * Constructs a custom cache control key from the literal value. + */ public static fromString(s: string) { return new CacheControl(s); } - private constructor(public readonly value: any) {} + private constructor( + /** + * The raw cache control setting. + */ + public readonly value: any, + ) {} } /** @@ -304,7 +351,15 @@ export class CacheControl { * @see https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html#SysMetadata */ export enum ServerSideEncryption { + + /** + * 'AES256' + */ AES_256 = 'AES256', + + /** + * 'aws:kms' + */ AWS_KMS = 'aws:kms' } @@ -313,12 +368,40 @@ export enum ServerSideEncryption { * @see https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html#SysMetadata */ export enum StorageClass { + + /** + * 'STANDARD' + */ STANDARD = 'STANDARD', + + /** + * 'REDUCED_REDUNDANCY' + */ REDUCED_REDUNDANCY = 'REDUCED_REDUNDANCY', + + /** + * 'STANDARD_IA' + */ STANDARD_IA = 'STANDARD_IA', + + /** + * 'ONEZONE_IA' + */ ONEZONE_IA = 'ONEZONE_IA', + + /** + * 'INTELLIGENT_TIERING' + */ INTELLIGENT_TIERING = 'INTELLIGENT_TIERING', + + /** + * 'GLACIER' + */ GLACIER = 'GLACIER', + + /** + * 'DEEP_ARCHIVE' + */ DEEP_ARCHIVE = 'DEEP_ARCHIVE' } @@ -347,11 +430,22 @@ export class Expires { */ public static after(t: cdk.Duration) { return Expires.atDate(new Date(Date.now() + t.toMilliseconds())); } + /** + * Create an expiration date from a raw date string. + */ public static fromString(s: string) { return new Expires(s); } - private constructor(public readonly value: any) {} + private constructor( + /** + * The raw expiration date expression. + */ + public readonly value: any, + ) {} } +/** + * Custom user defined metadata. + */ export interface UserDefinedObjectMetadata { /** * Arbitrary metadata key-values diff --git a/packages/@aws-cdk/aws-s3-deployment/lib/source.ts b/packages/@aws-cdk/aws-s3-deployment/lib/source.ts index 558c32556c25c..4eaea3fdc0060 100644 --- a/packages/@aws-cdk/aws-s3-deployment/lib/source.ts +++ b/packages/@aws-cdk/aws-s3-deployment/lib/source.ts @@ -6,6 +6,9 @@ import * as s3_assets from '@aws-cdk/aws-s3-assets'; // eslint-disable-next-line no-duplicate-imports, import/order import { Construct } from '@aws-cdk/core'; +/** + * Source information. + */ export interface SourceConfig { /** * The source bucket to deploy from. diff --git a/packages/@aws-cdk/aws-s3-deployment/package.json b/packages/@aws-cdk/aws-s3-deployment/package.json index 71dabe9caf6e0..2709a5baac677 100644 --- a/packages/@aws-cdk/aws-s3-deployment/package.json +++ b/packages/@aws-cdk/aws-s3-deployment/package.json @@ -111,37 +111,8 @@ "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" }, - "stability": "experimental", - "maturity": "experimental", - "awslint": { - "exclude": [ - "docs-public-apis:@aws-cdk/aws-s3-deployment.Expires.fromString", - "docs-public-apis:@aws-cdk/aws-s3-deployment.BucketDeployment", - "docs-public-apis:@aws-cdk/aws-s3-deployment.CacheControl.fromString", - "docs-public-apis:@aws-cdk/aws-s3-deployment.CacheControl.maxAge", - "docs-public-apis:@aws-cdk/aws-s3-deployment.CacheControl.mustRevalidate", - "docs-public-apis:@aws-cdk/aws-s3-deployment.CacheControl.noCache", - "docs-public-apis:@aws-cdk/aws-s3-deployment.CacheControl.noTransform", - "docs-public-apis:@aws-cdk/aws-s3-deployment.CacheControl.proxyRevalidate", - "docs-public-apis:@aws-cdk/aws-s3-deployment.CacheControl.setPrivate", - "docs-public-apis:@aws-cdk/aws-s3-deployment.CacheControl.setPublic", - "docs-public-apis:@aws-cdk/aws-s3-deployment.CacheControl.sMaxAge", - "docs-public-apis:@aws-cdk/aws-s3-deployment.Expires.value", - "docs-public-apis:@aws-cdk/aws-s3-deployment.CacheControl.value", - "docs-public-apis:@aws-cdk/aws-s3-deployment.BucketDeploymentProps", - "docs-public-apis:@aws-cdk/aws-s3-deployment.SourceConfig", - "docs-public-apis:@aws-cdk/aws-s3-deployment.UserDefinedObjectMetadata", - "docs-public-apis:@aws-cdk/aws-s3-deployment.ServerSideEncryption.AES_256", - "docs-public-apis:@aws-cdk/aws-s3-deployment.ServerSideEncryption.AWS_KMS", - "docs-public-apis:@aws-cdk/aws-s3-deployment.StorageClass.STANDARD", - "docs-public-apis:@aws-cdk/aws-s3-deployment.StorageClass.REDUCED_REDUNDANCY", - "docs-public-apis:@aws-cdk/aws-s3-deployment.StorageClass.STANDARD_IA", - "docs-public-apis:@aws-cdk/aws-s3-deployment.StorageClass.ONEZONE_IA", - "docs-public-apis:@aws-cdk/aws-s3-deployment.StorageClass.INTELLIGENT_TIERING", - "docs-public-apis:@aws-cdk/aws-s3-deployment.StorageClass.GLACIER", - "docs-public-apis:@aws-cdk/aws-s3-deployment.StorageClass.DEEP_ARCHIVE" - ] - }, + "stability": "stable", + "maturity": "stable", "awscdkio": { "announce": false }, From d99e13d523ddacf9e13f6b5169d86d5a20569475 Mon Sep 17 00:00:00 2001 From: Neta Nir Date: Fri, 2 Apr 2021 05:15:36 -0700 Subject: [PATCH 083/260] =?UTF-8?q?feat(cx-api):=20graduate=20to=20stable?= =?UTF-8?q?=20=F0=9F=9A=80=20=20(#13859)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/cx-api/README.md | 8 +------- packages/@aws-cdk/cx-api/package.json | 4 ++-- 2 files changed, 3 insertions(+), 9 deletions(-) diff --git a/packages/@aws-cdk/cx-api/README.md b/packages/@aws-cdk/cx-api/README.md index e0983d9d8e092..49dee59c9dd85 100644 --- a/packages/@aws-cdk/cx-api/README.md +++ b/packages/@aws-cdk/cx-api/README.md @@ -3,13 +3,7 @@ --- -![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) - -> The APIs of higher level constructs in this module are experimental and under active development. -> They are subject to non-backward compatible changes or removal in any future version. These are -> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be -> announced in the release notes. This means that while you may use them, you may need to update -> your source code when upgrading to a newer version of this package. +![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- diff --git a/packages/@aws-cdk/cx-api/package.json b/packages/@aws-cdk/cx-api/package.json index 5b3f241e06afe..56804a3a1dc38 100644 --- a/packages/@aws-cdk/cx-api/package.json +++ b/packages/@aws-cdk/cx-api/package.json @@ -88,8 +88,8 @@ "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" }, - "stability": "experimental", - "maturity": "experimental", + "stability": "stable", + "maturity": "stable", "awslint": { "exclude": [ "props-default-doc:@aws-cdk/cx-api.MetadataEntry.data", From 875d2cd99aa697c2173c618f4a4c7b952cda3462 Mon Sep 17 00:00:00 2001 From: Jonathan Goldwasser Date: Fri, 2 Apr 2021 15:19:55 +0200 Subject: [PATCH 084/260] chore(lambda-nodejs): make tests pass on Node.js 14 (#13854) Mock bundling to return S3 code and not inline code because inline code is not yet supported for Node.js 14 and throws. Closes #13853 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../@aws-cdk/aws-lambda-nodejs/test/function.test.ts | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/packages/@aws-cdk/aws-lambda-nodejs/test/function.test.ts b/packages/@aws-cdk/aws-lambda-nodejs/test/function.test.ts index ce47a718b9e35..5d07e25c1bac4 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/test/function.test.ts +++ b/packages/@aws-cdk/aws-lambda-nodejs/test/function.test.ts @@ -3,7 +3,7 @@ import * as fs from 'fs'; import * as path from 'path'; import { ABSENT } from '@aws-cdk/assert'; import { Vpc } from '@aws-cdk/aws-ec2'; -import { Runtime } from '@aws-cdk/aws-lambda'; +import { CodeConfig, Runtime } from '@aws-cdk/aws-lambda'; import { Stack } from '@aws-cdk/core'; import { NodejsFunction } from '../lib'; import { Bundling } from '../lib/bundling'; @@ -13,8 +13,13 @@ jest.mock('../lib/bundling', () => { return { Bundling: { bundle: jest.fn().mockReturnValue({ - bind: () => { - return { inlineCode: 'code' }; + bind: (): CodeConfig => { + return { + s3Location: { + bucketName: 'my-bucket', + objectKey: 'my-key', + }, + }; }, bindToResource: () => { return; }, }), From 8a6624477854af17f5ad163fac9be1fd6168cfc4 Mon Sep 17 00:00:00 2001 From: Nick Lynch Date: Fri, 2 Apr 2021 15:01:14 +0100 Subject: [PATCH 085/260] fix(cloudfront): Cache Policy headers enforce soft limit of 10 (#13904) Validation was added in #13425 to enforce a limit of the number of headers allowed in the allow list for a Cache Policy; that limit is a soft limit and should not be hard-enforced in code. fixes #13903 This reverts commit e08213fd2b5c27ce8b5dd2d22ebbff1dc1b48a1c. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-cloudfront/lib/cache-policy.ts | 3 --- .../@aws-cdk/aws-cloudfront/test/cache-policy.test.ts | 11 ----------- 2 files changed, 14 deletions(-) diff --git a/packages/@aws-cdk/aws-cloudfront/lib/cache-policy.ts b/packages/@aws-cdk/aws-cloudfront/lib/cache-policy.ts index a71569e89f02d..0d851e8a886ef 100644 --- a/packages/@aws-cdk/aws-cloudfront/lib/cache-policy.ts +++ b/packages/@aws-cdk/aws-cloudfront/lib/cache-policy.ts @@ -231,9 +231,6 @@ export class CacheHeaderBehavior { if (headers.length === 0) { throw new Error('At least one header to allow must be provided'); } - if (headers.length > 10) { - throw new Error(`Maximum allowed headers in Cache Policy is 10; got ${headers.length}.`); - } return new CacheHeaderBehavior('whitelist', headers); } diff --git a/packages/@aws-cdk/aws-cloudfront/test/cache-policy.test.ts b/packages/@aws-cdk/aws-cloudfront/test/cache-policy.test.ts index 07d2752de4e2c..7216d798a7e75 100644 --- a/packages/@aws-cdk/aws-cloudfront/test/cache-policy.test.ts +++ b/packages/@aws-cdk/aws-cloudfront/test/cache-policy.test.ts @@ -96,17 +96,6 @@ describe('CachePolicy', () => { expect(() => new CachePolicy(stack, 'CachePolicy6', { cachePolicyName: 'My_Policy' })).not.toThrow(); }); - test('throws if more than 10 CacheHeaderBehavior headers are being passed', () => { - const errorMessage = /Maximum allowed headers in Cache Policy is 10; got (.*?)/; - expect(() => new CachePolicy(stack, 'CachePolicy1', { - headerBehavior: CacheHeaderBehavior.allowList('Lorem', 'ipsum', 'dolor', 'sit', 'amet', 'consectetur', 'adipiscing', 'elit', 'sed', 'do', 'eiusmod'), - })).toThrow(errorMessage); - - expect(() => new CachePolicy(stack, 'CachePolicy2', { - headerBehavior: CacheHeaderBehavior.allowList('Lorem', 'ipsum', 'dolor', 'sit', 'amet', 'consectetur', 'adipiscing', 'elit', 'sed', 'do'), - })).not.toThrow(); - }); - test('does not throw if cachePolicyName is a token', () => { expect(() => new CachePolicy(stack, 'CachePolicy', { cachePolicyName: Aws.STACK_NAME, From 890aae556b0744667b91f90a71971edeb045fc61 Mon Sep 17 00:00:00 2001 From: OksanaH <34384274+OksanaH@users.noreply.github.com> Date: Fri, 2 Apr 2021 18:40:18 +0100 Subject: [PATCH 086/260] chore(aws-ecs/aws-ecs-scheduled-ecs-task-construct): capitalize AWS (#13690) chore(aws-ecs-scheduled-ecs-task-construct): capitalize AWS in the description of Ec2EventRuleTarget ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- design/aws-ecs/aws-ecs-scheduled-ecs-task-construct.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/design/aws-ecs/aws-ecs-scheduled-ecs-task-construct.md b/design/aws-ecs/aws-ecs-scheduled-ecs-task-construct.md index 921196c3c1bf7..dad04821f9742 100644 --- a/design/aws-ecs/aws-ecs-scheduled-ecs-task-construct.md +++ b/design/aws-ecs/aws-ecs-scheduled-ecs-task-construct.md @@ -112,7 +112,7 @@ export interface ScheduledEc2TaskProps { The `ScheduledEc2Task` construct will use the following existing constructs: * Ec2TaskDefinition - To create a Task Definition for the container to start -* Ec2EventRuleTarget - The target of the aws event +* Ec2EventRuleTarget - The target of the AWS event * EventRule - To describe the event trigger (in this case, a scheduled run) An example use case to create a task that is scheduled to run every minute: From 24f8307b7f9013c5ba909cab8c4a3a3bcdf0041c Mon Sep 17 00:00:00 2001 From: Neta Nir Date: Fri, 2 Apr 2021 13:29:30 -0700 Subject: [PATCH 087/260] =?UTF-8?q?feat(ses-actions):=20graduate=20to=20st?= =?UTF-8?q?able=20=F0=9F=9A=80=20=20(#13864)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-ses-actions/README.md | 8 +------- packages/@aws-cdk/aws-ses-actions/package.json | 4 ++-- 2 files changed, 3 insertions(+), 9 deletions(-) diff --git a/packages/@aws-cdk/aws-ses-actions/README.md b/packages/@aws-cdk/aws-ses-actions/README.md index 37d4ff339145a..62ad3d397fb26 100644 --- a/packages/@aws-cdk/aws-ses-actions/README.md +++ b/packages/@aws-cdk/aws-ses-actions/README.md @@ -3,13 +3,7 @@ --- -![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) - -> The APIs of higher level constructs in this module are experimental and under active development. -> They are subject to non-backward compatible changes or removal in any future version. These are -> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be -> announced in the release notes. This means that while you may use them, you may need to update -> your source code when upgrading to a newer version of this package. +![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- diff --git a/packages/@aws-cdk/aws-ses-actions/package.json b/packages/@aws-cdk/aws-ses-actions/package.json index 94109fb910b1b..cb1ac023088d0 100644 --- a/packages/@aws-cdk/aws-ses-actions/package.json +++ b/packages/@aws-cdk/aws-ses-actions/package.json @@ -94,8 +94,8 @@ "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" }, - "stability": "experimental", - "maturity": "experimental", + "stability": "stable", + "maturity": "stable", "awslint": { "exclude": [ "docs-public-apis:@aws-cdk/aws-ses-actions.BounceTemplate.MAILBOX_DOES_NOT_EXIST", From c5a2addcd87ebb810dcac54c659fa60786f9d345 Mon Sep 17 00:00:00 2001 From: Adam Ruka Date: Fri, 2 Apr 2021 15:35:13 -0700 Subject: [PATCH 088/260] fix(codepipeline-actions): EcrSourceAction triggers on a push to every tag (#13822) The EcrSourceAction was incorrectly being triggered on a push of every tag if the `imageTag` property was not provided, instead of defaulting to 'latest', like its documentation suggested. Correct the error by passing 'latest' to the created CloudWatch Event if `imageTag` was not set. Fixes #13818 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../aws-codepipeline-actions/lib/ecr/source-action.ts | 2 +- .../test/integ.pipeline-ecr-source.expected.json | 9 ++++++--- .../test/integ.pipeline-ecr-source.ts | 4 +++- 3 files changed, 10 insertions(+), 5 deletions(-) diff --git a/packages/@aws-cdk/aws-codepipeline-actions/lib/ecr/source-action.ts b/packages/@aws-cdk/aws-codepipeline-actions/lib/ecr/source-action.ts index 6042d701017a5..eb40c994ccd98 100644 --- a/packages/@aws-cdk/aws-codepipeline-actions/lib/ecr/source-action.ts +++ b/packages/@aws-cdk/aws-codepipeline-actions/lib/ecr/source-action.ts @@ -95,7 +95,7 @@ export class EcrSourceAction extends Action { this.props.repository.onCloudTrailImagePushed(Names.nodeUniqueId(stage.pipeline.node) + 'SourceEventRule', { target: new targets.CodePipeline(stage.pipeline), - imageTag: this.props.imageTag, + imageTag: this.props.imageTag ?? 'latest', }); // the Action Role also needs to write to the Pipeline's bucket diff --git a/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-ecr-source.expected.json b/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-ecr-source.expected.json index 384e784a5ca76..c200ab454d71a 100644 --- a/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-ecr-source.expected.json +++ b/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-ecr-source.expected.json @@ -348,8 +348,8 @@ }, "MyEcrRepo767466D0": { "Type": "AWS::ECR::Repository", - "UpdateReplacePolicy": "Retain", - "DeletionPolicy": "Retain" + "UpdateReplacePolicy": "Delete", + "DeletionPolicy": "Delete" }, "MyEcrRepoawscdkcodepipelineecrsourceMyPipeline63CF3194SourceEventRule911FDB6D": { "Type": "AWS::Events::Rule", @@ -367,6 +367,9 @@ { "Ref": "MyEcrRepo767466D0" } + ], + "imageTag": [ + "latest" ] }, "eventName": [ @@ -412,4 +415,4 @@ } } } -} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-ecr-source.ts b/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-ecr-source.ts index 8aadd0b5e29a7..9e6e4b497a7a7 100644 --- a/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-ecr-source.ts +++ b/packages/@aws-cdk/aws-codepipeline-actions/test/integ.pipeline-ecr-source.ts @@ -15,7 +15,9 @@ const pipeline = new codepipeline.Pipeline(stack, 'MyPipeline', { artifactBucket: bucket, }); -const repository = new ecr.Repository(stack, 'MyEcrRepo'); +const repository = new ecr.Repository(stack, 'MyEcrRepo', { + removalPolicy: cdk.RemovalPolicy.DESTROY, +}); const sourceStage = pipeline.addStage({ stageName: 'Source' }); sourceStage.addAction(new cpactions.EcrSourceAction({ actionName: 'ECR_Source', From 965f130dbfc4e1943d384b9fbf5acdf3b547fd57 Mon Sep 17 00:00:00 2001 From: Alex Johnson Date: Mon, 5 Apr 2021 15:27:44 -0700 Subject: [PATCH 089/260] feat(appmesh): Implement Outlier Detection for Virtual Nodes (#13952) This is a pretty short PR adding outlier detection to Virtual Node listeners. See below for usage. ```ts const node = mesh.addVirtualNode('virtual-node', { serviceDiscovery: appmesh.ServiceDiscovery.cloudMap({ service: service, }), outlierDetection: { baseEjectionDuration: cdk.Duration.seconds(10), interval: cdk.Duration.seconds(30), maxEjectionPercent: 50, maxServerErrors: 5, }, }); ``` Note: * All the parameters are required and there aren't any combinations of features that get special treatment, so there's only one unit test. * We don't do any min/max time evaluation for other features so I followed precedent for that. issue https://github.com/aws/aws-cdk/issues/11648 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-appmesh/README.md | 27 +++++++++ .../aws-appmesh/lib/shared-interfaces.ts | 26 +++++++++ .../aws-appmesh/lib/virtual-node-listener.ts | 36 ++++++++++-- .../aws-appmesh/test/test.virtual-node.ts | 55 +++++++++++++++++++ 4 files changed, 138 insertions(+), 6 deletions(-) diff --git a/packages/@aws-cdk/aws-appmesh/README.md b/packages/@aws-cdk/aws-appmesh/README.md index 678bbe22a2c20..fe3973e71149e 100644 --- a/packages/@aws-cdk/aws-appmesh/README.md +++ b/packages/@aws-cdk/aws-appmesh/README.md @@ -279,6 +279,33 @@ const gateway = new appmesh.VirtualGateway(this, 'gateway', { }); ``` +## Adding outlier detection to a Virtual Node listener + +The `outlierDetection` property can be added to a Virtual Node listener to add outlier detection. The 4 parameters +(`baseEjectionDuration`, `interval`, `maxEjectionPercent`, `maxServerErrors`) are required. + +```typescript +// Cloud Map service discovery is currently required for host ejection by outlier detection +const vpc = new ec2.Vpc(stack, 'vpc'); +const namespace = new servicediscovery.PrivateDnsNamespace(this, 'test-namespace', { + vpc, + name: 'domain.local', +}); +const service = namespace.createService('Svc'); + +const node = mesh.addVirtualNode('virtual-node', { + serviceDiscovery: appmesh.ServiceDiscovery.cloudMap({ + service: service, + }), + outlierDetection: { + baseEjectionDuration: cdk.Duration.seconds(10), + interval: cdk.Duration.seconds(30), + maxEjectionPercent: 50, + maxServerErrors: 5, + }, +}); +``` + ## Adding a Route A `route` is associated with a virtual router, and it's used to match requests for a virtual router and distribute traffic accordingly to its associated virtual nodes. diff --git a/packages/@aws-cdk/aws-appmesh/lib/shared-interfaces.ts b/packages/@aws-cdk/aws-appmesh/lib/shared-interfaces.ts index 007f67c4a7a9b..c06a0f40e5a28 100644 --- a/packages/@aws-cdk/aws-appmesh/lib/shared-interfaces.ts +++ b/packages/@aws-cdk/aws-appmesh/lib/shared-interfaces.ts @@ -124,6 +124,32 @@ export interface HealthCheck { readonly unhealthyThreshold?: number; } +/** + * Represents the outlier detection for a listener. + */ +export interface OutlierDetection { + /** + * The base amount of time for which a host is ejected. + */ + readonly baseEjectionDuration: cdk.Duration; + + /** + * The time interval between ejection sweep analysis. + */ + readonly interval: cdk.Duration; + + /** + * Maximum percentage of hosts in load balancing pool for upstream service that can be ejected. Will eject at + * least one host regardless of the value. + */ + readonly maxEjectionPercent: number; + + /** + * Number of consecutive 5xx errors required for ejection. + */ + readonly maxServerErrors: number; +} + /** * All Properties for Envoy Access logs for mesh endpoints */ diff --git a/packages/@aws-cdk/aws-appmesh/lib/virtual-node-listener.ts b/packages/@aws-cdk/aws-appmesh/lib/virtual-node-listener.ts index 883d05583d5c7..9ff768d07294c 100644 --- a/packages/@aws-cdk/aws-appmesh/lib/virtual-node-listener.ts +++ b/packages/@aws-cdk/aws-appmesh/lib/virtual-node-listener.ts @@ -1,7 +1,7 @@ import * as cdk from '@aws-cdk/core'; import { CfnVirtualNode } from './appmesh.generated'; import { validateHealthChecks } from './private/utils'; -import { HealthCheck, Protocol, HttpTimeout, GrpcTimeout, TcpTimeout } from './shared-interfaces'; +import { HealthCheck, Protocol, HttpTimeout, GrpcTimeout, TcpTimeout, OutlierDetection } from './shared-interfaces'; import { TlsCertificate, TlsCertificateConfig } from './tls-certificate'; // keep this import separate from other imports to reduce chance for merge conflicts with v2-main @@ -42,6 +42,13 @@ interface VirtualNodeListenerCommonOptions { * @default - none */ readonly tlsCertificate?: TlsCertificate; + + /** + * Represents the configuration for enabling outlier detection + * + * @default - none + */ + readonly outlierDetection?: OutlierDetection; } /** @@ -88,28 +95,28 @@ export abstract class VirtualNodeListener { * Returns an HTTP Listener for a VirtualNode */ public static http(props: HttpVirtualNodeListenerOptions = {}): VirtualNodeListener { - return new VirtualNodeListenerImpl(Protocol.HTTP, props.healthCheck, props.timeout, props.port, props.tlsCertificate); + return new VirtualNodeListenerImpl(Protocol.HTTP, props.healthCheck, props.timeout, props.port, props.tlsCertificate, props.outlierDetection); } /** * Returns an HTTP2 Listener for a VirtualNode */ public static http2(props: HttpVirtualNodeListenerOptions = {}): VirtualNodeListener { - return new VirtualNodeListenerImpl(Protocol.HTTP2, props.healthCheck, props.timeout, props.port, props.tlsCertificate); + return new VirtualNodeListenerImpl(Protocol.HTTP2, props.healthCheck, props.timeout, props.port, props.tlsCertificate, props.outlierDetection); } /** * Returns an GRPC Listener for a VirtualNode */ public static grpc(props: GrpcVirtualNodeListenerOptions = {}): VirtualNodeListener { - return new VirtualNodeListenerImpl(Protocol.GRPC, props.healthCheck, props.timeout, props.port, props.tlsCertificate); + return new VirtualNodeListenerImpl(Protocol.GRPC, props.healthCheck, props.timeout, props.port, props.tlsCertificate, props.outlierDetection); } /** * Returns an TCP Listener for a VirtualNode */ public static tcp(props: TcpVirtualNodeListenerOptions = {}): VirtualNodeListener { - return new VirtualNodeListenerImpl(Protocol.TCP, props.healthCheck, props.timeout, props.port, props.tlsCertificate); + return new VirtualNodeListenerImpl(Protocol.TCP, props.healthCheck, props.timeout, props.port, props.tlsCertificate, props.outlierDetection); } /** @@ -124,7 +131,8 @@ class VirtualNodeListenerImpl extends VirtualNodeListener { private readonly healthCheck: HealthCheck | undefined, private readonly timeout: HttpTimeout | undefined, private readonly port: number = 8080, - private readonly tlsCertificate: TlsCertificate | undefined) { super(); } + private readonly tlsCertificate: TlsCertificate | undefined, + private readonly outlierDetection: OutlierDetection | undefined) { super(); } public bind(scope: Construct): VirtualNodeListenerConfig { const tlsConfig = this.tlsCertificate?.bind(scope); @@ -137,6 +145,7 @@ class VirtualNodeListenerImpl extends VirtualNodeListener { healthCheck: this.healthCheck ? this.renderHealthCheck(this.healthCheck) : undefined, timeout: this.timeout ? this.renderTimeout(this.timeout) : undefined, tls: tlsConfig ? this.renderTls(tlsConfig) : undefined, + outlierDetection: this.outlierDetection ? this.renderOutlierDetection(this.outlierDetection) : undefined, }, }; } @@ -191,5 +200,20 @@ class VirtualNodeListenerImpl extends VirtualNodeListener { }, }); } + + private renderOutlierDetection(outlierDetection: OutlierDetection): CfnVirtualNode.OutlierDetectionProperty { + return { + baseEjectionDuration: { + unit: 'ms', + value: outlierDetection.baseEjectionDuration.toMilliseconds(), + }, + interval: { + unit: 'ms', + value: outlierDetection.interval.toMilliseconds(), + }, + maxEjectionPercent: outlierDetection.maxEjectionPercent, + maxServerErrors: outlierDetection.maxServerErrors, + }; + } } diff --git a/packages/@aws-cdk/aws-appmesh/test/test.virtual-node.ts b/packages/@aws-cdk/aws-appmesh/test/test.virtual-node.ts index c09bdef5badbd..c6992ff9cc065 100644 --- a/packages/@aws-cdk/aws-appmesh/test/test.virtual-node.ts +++ b/packages/@aws-cdk/aws-appmesh/test/test.virtual-node.ts @@ -257,6 +257,61 @@ export = { }, }, + 'when a listener is added with outlier detection with user defined props': { + 'should add a listener outlier detection to the resource'(test: Test) { + // GIVEN + const stack = new cdk.Stack(); + + // WHEN + const mesh = new appmesh.Mesh(stack, 'mesh', { + meshName: 'test-mesh', + }); + + const node = new appmesh.VirtualNode(stack, 'test-node', { + mesh, + serviceDiscovery: appmesh.ServiceDiscovery.dns('test'), + }); + + node.addListener(appmesh.VirtualNodeListener.tcp({ + port: 80, + outlierDetection: { + baseEjectionDuration: cdk.Duration.seconds(10), + interval: cdk.Duration.seconds(30), + maxEjectionPercent: 50, + maxServerErrors: 5, + }, + })); + + // THEN + expect(stack).to(haveResourceLike('AWS::AppMesh::VirtualNode', { + Spec: { + Listeners: [ + { + OutlierDetection: { + BaseEjectionDuration: { + Unit: 'ms', + Value: 10000, + }, + Interval: { + Unit: 'ms', + Value: 30000, + }, + MaxEjectionPercent: 50, + MaxServerErrors: 5, + }, + PortMapping: { + Port: 80, + Protocol: 'tcp', + }, + }, + ], + }, + })); + + test.done(); + }, + }, + 'when a default backend is added': { 'should add a backend default to the resource'(test: Test) { // GIVEN From c6ca2aba915ea4f89e3044b7f388acda231e295d Mon Sep 17 00:00:00 2001 From: Mitchell Valine Date: Mon, 5 Apr 2021 19:38:26 -0700 Subject: [PATCH 090/260] fix(cli): broken java init template (#13988) Change the java init templates to not call the stack builder classes and instead call the generated stack class constructor. Change the structure of the comments to correctly allow uncommenting in order to pass env config if needed. fix: #13964 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../myorg/%name.PascalCased%App.template.java | 34 ++++++++++-------- .../myorg/%name.PascalCased%App.template.java | 35 +++++++++++-------- 2 files changed, 40 insertions(+), 29 deletions(-) diff --git a/packages/aws-cdk/lib/init-templates/v1/app/java/src/main/java/com/myorg/%name.PascalCased%App.template.java b/packages/aws-cdk/lib/init-templates/v1/app/java/src/main/java/com/myorg/%name.PascalCased%App.template.java index b9a43e4549097..ba81d115702f8 100644 --- a/packages/aws-cdk/lib/init-templates/v1/app/java/src/main/java/com/myorg/%name.PascalCased%App.template.java +++ b/packages/aws-cdk/lib/init-templates/v1/app/java/src/main/java/com/myorg/%name.PascalCased%App.template.java @@ -2,6 +2,7 @@ import software.amazon.awscdk.core.App; import software.amazon.awscdk.core.Environment; +import software.amazon.awscdk.core.StackProps; import java.util.Arrays; @@ -9,31 +10,36 @@ public class %name.PascalCased%App { public static void main(final String[] args) { App app = new App(); - %name.PascalCased%Stack.Builder.create(app, "%name.PascalCased%Stack") - // If you don't specify 'env', this stack will be environment-agnostic. - // Account/Region-dependent features and context lookups will not work, - // but a single synthesized template can be deployed anywhere. + // If you don't specify 'env', this stack will be environment-agnostic. + // Account/Region-dependent features and context lookups will not work, + // but a single synthesized template can be deployed anywhere. + new %name.PascalCased%Stack(app, "%name.PascalCased%Stack"); - // Uncomment the next block to specialize this stack for the AWS Account - // and Region that are implied by the current CLI configuration. - /* + // Replace the above stack intialization with the following to specialize + // this stack for the AWS Account and Region that are implied by the current + // CLI configuration. + /* + new %name.PascalCased%Stack(app, "%name.PascalCased%Stack", StackProps.builder() .env(Environment.builder() .account(System.getenv("CDK_DEFAULT_ACCOUNT")) .region(System.getenv("CDK_DEFAULT_REGION")) .build()) - */ + .build()); + */ - // Uncomment the next block if you know exactly what Account and Region you - // want to deploy the stack to. - /* + // Replace the above stack initialization with the following if you know exactly + // what Account and Region you want to deploy the stack to. + /* + new %name.PascalCased%Stack(app, "%name.PascalCased%Stack", StackProps.builder() .env(Environment.builder() .account("123456789012") .region("us-east-1") .build()) - */ - // For more information, see https://docs.aws.amazon.com/cdk/latest/guide/environments.html - .build(); + .build()); + */ + + // For more information, see https://docs.aws.amazon.com/cdk/latest/guide/environments.html app.synth(); } diff --git a/packages/aws-cdk/lib/init-templates/v2/app/java/src/main/java/com/myorg/%name.PascalCased%App.template.java b/packages/aws-cdk/lib/init-templates/v2/app/java/src/main/java/com/myorg/%name.PascalCased%App.template.java index d68e49440506b..fb0d9b89350fa 100644 --- a/packages/aws-cdk/lib/init-templates/v2/app/java/src/main/java/com/myorg/%name.PascalCased%App.template.java +++ b/packages/aws-cdk/lib/init-templates/v2/app/java/src/main/java/com/myorg/%name.PascalCased%App.template.java @@ -9,31 +9,36 @@ public class %name.PascalCased%App { public static void main(final String[] args) { App app = new App(); - %name.PascalCased%Stack.Builder.create(app, "%name.PascalCased%Stack") - // If you don't specify 'env', this stack will be environment-agnostic. - // Account/Region-dependent features and context lookups will not work, - // but a single synthesized template can be deployed anywhere. - - // Uncomment the next block to specialize this stack for the AWS Account - // and Region that are implied by the current CLI configuration. - /* + // If you don't specify 'env', this stack will be environment-agnostic. + // Account/Region-dependent features and context lookups will not work, + // but a single synthesized template can be deployed anywhere. + new %name.PascalCased%Stack(app, "%name.PascalCased%Stack"); + + // Replace the above stack intialization with the following to specialize + // this stack for the AWS Account and Region that are implied by the current + // CLI configuration. + /* + new %name.PascalCased%Stack(app, "%name.PascalCased%Stack", StackProps.builder() .env(Environment.builder() .account(System.getenv("CDK_DEFAULT_ACCOUNT")) .region(System.getenv("CDK_DEFAULT_REGION")) .build()) - */ + .build()); + */ - // Uncomment the next block if you know exactly what Account and Region you - // want to deploy the stack to. - /* + // Replace the above stack initialization with the following if you know exactly + // what Account and Region you want to deploy the stack to. + /* + new %name.PascalCased%Stack(app, "%name.PascalCased%Stack", StackProps.builder() .env(Environment.builder() .account("123456789012") .region("us-east-1") .build()) - */ - // For more information, see https://docs.aws.amazon.com/cdk/latest/guide/environments.html - .build(); + .build()); + */ + + // For more information, see https://docs.aws.amazon.com/cdk/latest/guide/environments.html app.synth(); } From 1cd175ddf44f0129dbac4e9ef4ce0187fdbc4a0e Mon Sep 17 00:00:00 2001 From: Rico Huijbers Date: Tue, 6 Apr 2021 10:08:55 +0200 Subject: [PATCH 091/260] chore: un-jsii and bundle `@aws-cdk/yaml-cfn` (#13933) The `yaml-cfn` library is used as an implementation detail of `cloudformation-include`, `aws-cdk`, `decdk`, and the monopackages. Un-jsii it and bundle it into the framework packages that need it. Does not need to be accessed over jsii and does not need to be exposed in the monopackages. ---- The previous version of this PR (#13699) had to be reverted (https://github.com/aws/aws-cdk/commit/b1ffd335b6c41a26c1f88db2fc5a739c4c18c7fe), because of a bug in NPM that causes `.npmignore` files in symlinked, bundled dependencies to be ignored. This in turn caused undesired `.ts` files to be bundled, which caused `ts-node` to exit with an error. Introduce a new `cdk-postpack` tool which will strip files that NPM *should* have ignored from the generated tarball, and add some verification to the `pack.sh` script to make sure we don't accidentally bundle `.ts` files. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- pack.sh | 13 ++ package.json | 12 ++ packages/@aws-cdk/aws-codebuild/package.json | 5 +- .../cloudformation-include/package.json | 7 +- packages/@aws-cdk/yaml-cfn/.gitignore | 3 +- packages/@aws-cdk/yaml-cfn/package.json | 26 --- packages/@aws-cdk/yaml-cfn/tsconfig.json | 24 +++ packages/aws-cdk-lib/package.json | 5 +- packages/awslint/.npmignore | 5 +- packages/decdk/test/schema.test.ts | 2 +- packages/monocdk/package.json | 5 +- tools/cdk-build-tools/bin/cdk-postpack | 2 + tools/cdk-build-tools/bin/cdk-postpack.ts | 179 ++++++++++++++++++ tools/cdk-build-tools/package.json | 7 +- tools/nodeunit-shim/index.ts | 2 +- tools/pkglint/bin/pkglint.ts | 12 +- tools/pkglint/lib/packagejson.ts | 2 +- tools/pkglint/lib/rules.ts | 83 +++++++- tools/pkglint/lib/util.ts | 36 ++++ 19 files changed, 381 insertions(+), 49 deletions(-) create mode 100644 packages/@aws-cdk/yaml-cfn/tsconfig.json create mode 100755 tools/cdk-build-tools/bin/cdk-postpack create mode 100644 tools/cdk-build-tools/bin/cdk-postpack.ts diff --git a/pack.sh b/pack.sh index b85c92f3e68a5..128d8e3fd8a90 100755 --- a/pack.sh +++ b/pack.sh @@ -63,6 +63,19 @@ for dir in $(find packages -name dist | grep -v node_modules | grep -v run-wrapp rsync -a $dir/ ${distdir}/ done +# Make sure that none of the NPM tarballs have stray `.ts` files in them. +# This is necessary because the presence of .ts files without a matching tsconfig will +# make `ts-node` fail to load the files with a "Cannot use import statement outside a module" error. +for tarball in ${distdir}/js/*.tgz; do + # Ignore init-templates, we purposely ship .ts files in there. + ts_files=$(tar tzf ${tarball} | (set +e; grep '\.ts$' | grep -v '\.d\.ts$' | grep -v init-templates)) + if [[ "$ts_files" != "" ]]; then + echo "Found TypeScript source files in $tarball. This will confuse ts-node:" >&2 + echo "$ts_files" >&2 + exit 1 + fi +done + # Record the dependency order of NPM packages into a file # (This file will be opportunistically used during publishing) # diff --git a/package.json b/package.json index d284a9710ee61..0995b296d13bf 100644 --- a/package.json +++ b/package.json @@ -51,6 +51,9 @@ "nohoist": [ "**/jszip", "**/jszip/**", + "@aws-cdk/aws-codebuild/@aws-cdk/yaml-cfn", + "@aws-cdk/aws-codebuild/@aws-cdk/yaml-cfn/yaml", + "@aws-cdk/aws-codebuild/@aws-cdk/yaml-cfn/yaml/**", "@aws-cdk/aws-codepipeline-actions/case", "@aws-cdk/aws-codepipeline-actions/case/**", "@aws-cdk/aws-cognito/punycode", @@ -63,6 +66,9 @@ "@aws-cdk/cloud-assembly-schema/jsonschema/**", "@aws-cdk/cloud-assembly-schema/semver", "@aws-cdk/cloud-assembly-schema/semver/**", + "@aws-cdk/cloudformation-include/@aws-cdk/yaml-cfn", + "@aws-cdk/cloudformation-include/@aws-cdk/yaml-cfn/yaml", + "@aws-cdk/cloudformation-include/@aws-cdk/yaml-cfn/yaml/**", "@aws-cdk/core/@balena/dockerignore", "@aws-cdk/core/@balena/dockerignore/**", "@aws-cdk/core/fs-extra", @@ -75,6 +81,9 @@ "@aws-cdk/cx-api/semver/**", "@aws-cdk/yaml-cfn/yaml", "@aws-cdk/yaml-cfn/yaml/**", + "aws-cdk-lib/@aws-cdk/yaml-cfn", + "aws-cdk-lib/@aws-cdk/yaml-cfn/yaml", + "aws-cdk-lib/@aws-cdk/yaml-cfn/yaml/**", "aws-cdk-lib/@balena/dockerignore", "aws-cdk-lib/@balena/dockerignore/**", "aws-cdk-lib/case", @@ -93,6 +102,9 @@ "aws-cdk-lib/semver/**", "aws-cdk-lib/yaml", "aws-cdk-lib/yaml/**", + "monocdk/@aws-cdk/yaml-cfn", + "monocdk/@aws-cdk/yaml-cfn/yaml", + "monocdk/@aws-cdk/yaml-cfn/yaml/**", "monocdk/@balena/dockerignore", "monocdk/@balena/dockerignore/**", "monocdk/case", diff --git a/packages/@aws-cdk/aws-codebuild/package.json b/packages/@aws-cdk/aws-codebuild/package.json index e5a9a34ecd807..e07695b75ba31 100644 --- a/packages/@aws-cdk/aws-codebuild/package.json +++ b/packages/@aws-cdk/aws-codebuild/package.json @@ -49,6 +49,7 @@ "build+test": "yarn build && yarn test", "compat": "cdk-compat", "gen": "cfn2ts", + "postpack": "cdk-postpack", "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { @@ -103,6 +104,9 @@ "@aws-cdk/yaml-cfn": "0.0.0", "constructs": "^3.3.69" }, + "bundledDependencies": [ + "@aws-cdk/yaml-cfn" + ], "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/aws-cloudwatch": "0.0.0", @@ -119,7 +123,6 @@ "@aws-cdk/aws-secretsmanager": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/region-info": "0.0.0", - "@aws-cdk/yaml-cfn": "0.0.0", "constructs": "^3.3.69" }, "engines": { diff --git a/packages/@aws-cdk/cloudformation-include/package.json b/packages/@aws-cdk/cloudformation-include/package.json index b9b82e67f55a3..ac7261b681d34 100644 --- a/packages/@aws-cdk/cloudformation-include/package.json +++ b/packages/@aws-cdk/cloudformation-include/package.json @@ -47,7 +47,8 @@ "build+test": "yarn build && yarn test", "build+test+package": "yarn build+test && yarn package", "compat": "cdk-compat", - "rosetta:extract": "yarn --silent jsii-rosetta extract" + "rosetta:extract": "yarn --silent jsii-rosetta extract", + "postpack": "cdk-postpack" }, "cdk-build": { "pre": [ @@ -363,7 +364,6 @@ "@aws-cdk/aws-wafv2": "0.0.0", "@aws-cdk/aws-workspaces": "0.0.0", "@aws-cdk/core": "0.0.0", - "@aws-cdk/yaml-cfn": "0.0.0", "constructs": "^3.3.69" }, "devDependencies": { @@ -375,6 +375,9 @@ "pkglint": "0.0.0", "ts-jest": "^26.5.4" }, + "bundledDependencies": [ + "@aws-cdk/yaml-cfn" + ], "keywords": [ "aws", "cdk", diff --git a/packages/@aws-cdk/yaml-cfn/.gitignore b/packages/@aws-cdk/yaml-cfn/.gitignore index bb785cfb74f08..8b9c845e5d12a 100644 --- a/packages/@aws-cdk/yaml-cfn/.gitignore +++ b/packages/@aws-cdk/yaml-cfn/.gitignore @@ -3,7 +3,6 @@ *.d.ts node_modules dist -tsconfig.json .jsii .LAST_BUILD @@ -15,4 +14,4 @@ nyc.config.js !.eslintrc.js !jest.config.js -junit.xml \ No newline at end of file +junit.xml diff --git a/packages/@aws-cdk/yaml-cfn/package.json b/packages/@aws-cdk/yaml-cfn/package.json index f10beb171366c..a50d4ab10eece 100644 --- a/packages/@aws-cdk/yaml-cfn/package.json +++ b/packages/@aws-cdk/yaml-cfn/package.json @@ -23,32 +23,6 @@ "cloudformation", "yaml" ], - "jsii": { - "outdir": "dist", - "targets": { - "java": { - "package": "software.amazon.awscdk.yaml.cfn", - "maven": { - "groupId": "software.amazon.awscdk", - "artifactId": "cdk-yaml-cfn" - } - }, - "dotnet": { - "namespace": "Amazon.CDK.Yaml.Cfn", - "packageId": "Amazon.CDK.Yaml.Cfn", - "iconUrl": "https://raw.githubusercontent.com/aws/aws-cdk/master/logo/default-256-dark.png" - }, - "python": { - "distName": "aws-cdk.yaml-cfn", - "module": "aws_cdk.yaml_cfn", - "classifiers": [ - "Framework :: AWS CDK", - "Framework :: AWS CDK :: 1" - ] - } - }, - "projectReferences": true - }, "scripts": { "build": "cdk-build", "watch": "cdk-watch", diff --git a/packages/@aws-cdk/yaml-cfn/tsconfig.json b/packages/@aws-cdk/yaml-cfn/tsconfig.json new file mode 100644 index 0000000000000..5e75173fa8734 --- /dev/null +++ b/packages/@aws-cdk/yaml-cfn/tsconfig.json @@ -0,0 +1,24 @@ +{ + "compilerOptions": { + "target":"ES2018", + "module": "commonjs", + "lib": ["es2016", "es2017.object", "es2017.string"], + "declaration": true, + "composite": true, + "strict": true, + "noImplicitAny": true, + "strictNullChecks": true, + "noImplicitThis": true, + "alwaysStrict": true, + "noUnusedLocals": true, + "noUnusedParameters": true, + "noImplicitReturns": true, + "noFallthroughCasesInSwitch": false, + "inlineSourceMap": true, + "inlineSources": true, + "experimentalDecorators": true, + "strictPropertyInitialization":false + }, + "include": ["**/*.ts" ], + "exclude": ["node_modules"] +} diff --git a/packages/aws-cdk-lib/package.json b/packages/aws-cdk-lib/package.json index cef21953bf34a..9c3057ec1e728 100644 --- a/packages/aws-cdk-lib/package.json +++ b/packages/aws-cdk-lib/package.json @@ -23,7 +23,8 @@ "build+test+package": "yarn build+test && yarn package", "watch": "cdk-watch", "compat": "cdk-compat", - "rosetta:extract": "yarn --silent jsii-rosetta extract" + "rosetta:extract": "yarn --silent jsii-rosetta extract", + "postpack": "cdk-postpack" }, "awslint": { "exclude": [ @@ -82,6 +83,7 @@ }, "license": "Apache-2.0", "bundledDependencies": [ + "@aws-cdk/yaml-cfn", "@balena/dockerignore", "case", "fs-extra", @@ -93,6 +95,7 @@ "yaml" ], "dependencies": { + "@aws-cdk/yaml-cfn": "0.0.0", "@balena/dockerignore": "^1.0.2", "case": "1.6.3", "fs-extra": "^9.1.0", diff --git a/packages/awslint/.npmignore b/packages/awslint/.npmignore index 7cb354bd2b155..d3305e57c78c2 100644 --- a/packages/awslint/.npmignore +++ b/packages/awslint/.npmignore @@ -1,4 +1,5 @@ - +*.ts +!*.d.ts dist .LAST_PACKAGE .LAST_BUILD @@ -9,4 +10,4 @@ dist tsconfig.json .eslintrc.js junit.xml -test/ \ No newline at end of file +test/ diff --git a/packages/decdk/test/schema.test.ts b/packages/decdk/test/schema.test.ts index 7b097dcc9fcbe..84888d94b365b 100644 --- a/packages/decdk/test/schema.test.ts +++ b/packages/decdk/test/schema.test.ts @@ -79,7 +79,7 @@ test('schemaForInterface: interface with primitives', async () => { * are propagated outwards. */ function spawn(command: string, options: SpawnOptions | undefined) { - return new Promise((resolve, reject) => { + return new Promise((resolve, reject) => { const cp = spawnAsync(command, [], { stdio: 'inherit', ...options }); cp.on('error', reject); diff --git a/packages/monocdk/package.json b/packages/monocdk/package.json index ce9057690ff00..c2fa7b0bbbf5a 100644 --- a/packages/monocdk/package.json +++ b/packages/monocdk/package.json @@ -22,7 +22,8 @@ "build+test+package": "yarn build+test && yarn package", "watch": "cdk-watch", "compat": "cdk-compat", - "rosetta:extract": "yarn --silent jsii-rosetta extract" + "rosetta:extract": "yarn --silent jsii-rosetta extract", + "postpack": "cdk-postpack" }, "awslint": { "exclude": [ @@ -87,6 +88,7 @@ }, "license": "Apache-2.0", "bundledDependencies": [ + "@aws-cdk/yaml-cfn", "@balena/dockerignore", "case", "fs-extra", @@ -98,6 +100,7 @@ "yaml" ], "dependencies": { + "@aws-cdk/yaml-cfn": "0.0.0", "@balena/dockerignore": "^1.0.2", "case": "1.6.3", "fs-extra": "^9.1.0", diff --git a/tools/cdk-build-tools/bin/cdk-postpack b/tools/cdk-build-tools/bin/cdk-postpack new file mode 100755 index 0000000000000..0805422de11c8 --- /dev/null +++ b/tools/cdk-build-tools/bin/cdk-postpack @@ -0,0 +1,2 @@ +#!/usr/bin/env node +require('./cdk-postpack.js'); diff --git a/tools/cdk-build-tools/bin/cdk-postpack.ts b/tools/cdk-build-tools/bin/cdk-postpack.ts new file mode 100644 index 0000000000000..02b486b290512 --- /dev/null +++ b/tools/cdk-build-tools/bin/cdk-postpack.ts @@ -0,0 +1,179 @@ +import { promises as fs, createReadStream, createWriteStream } from 'fs'; +import * as path from 'path'; +import * as zlib from 'zlib'; +import * as npmPacklist from 'npm-packlist'; +import * as tar from 'tar-stream'; + +/** + * This script has literally ONE job: + * + * To massage the tarball that `npm pack` produces if we have bundled monorepo dependencies. + * + * The reason is that `npm pack` will SKIP the `.npmignore` files from + * `bundledDependencies`[0]. Not a problem for dependencies that were themselves + * downloaded from NPM, but definitely a problem for dependencies that are symlinked + * to source locations (such as those by `npm link` or by a monorepo setup). + * + * This leads to all the `.ts` files from the bundledDependency being included, + * which in turn leads `ts-node` to read those files (in preference over `.js` + * files with the same name), and then subsequently getting confused because + * there is no `tsconfig.json` file that tells it how to compile them them (and + * the defaults don't work out). + * + * (Shitty) solution: postprocess the tarball that `npm pack` produces, to + * remove the files that should have been excluded by NPM in the first place. + * + * [0]: https://github.com/npm/cli/issues/718 + */ +async function main() { + const tarball = await findTarballFile(); + const rewritten = `${tarball}.tmp`; + + await transformTarball(tarball, rewritten); + + await fs.rename(rewritten, tarball); +} + +async function transformTarball(oldPath: string, newPath: string) { + const cache = new NpmListCache(); + + const { input, output } = createTarballFilterStream(async (headers) => { + // Paths in a NPM tarball always start with 'package/', strip it off to get to a real relative path + const relativePath = headers.name.replace(/^package\//, ''); + + // We only have to care about files that are in bundled dependencies (which means their + // path starts with 'node_modules/') + if (!relativePath.startsWith('node_modules/')) { return true; } + + // Resolve symlinks. Only do special things if the symlink does NOT have /node_modules/ in the path, which + // is when we're dealing with a symlinked package that NPM will have misprocessed. + // Otherwise just include the file. + const absPath = await fs.realpath(relativePath); + if (absPath.includes('/node_modules/')) { return true; } + + return cache.shouldPublish(absPath); + }); + + await new Promise((ok, ko) => { + // Thanks Node. This is a really thoughtful API and really much better! [1] + createReadStream(oldPath) + .on('error', () => ko()) + .pipe(zlib.createGunzip()) + .on('error', () => ko()) + .pipe(input) + .on('error', () => ko()); + + const outputStream = createWriteStream(newPath); + + output + .on('error', () => ko()) + .pipe(zlib.createGzip()) + .on('error', () => ko()) + .pipe(outputStream) + .on('error', () => ko()); + + outputStream.on('close', () => ok()); + }); +} + +/** + * Create a stream that will retain/remove entries from a tarball based on a predicate + * + * Returns the input and output ends of the stream. + */ +function createTarballFilterStream(include: (headers: tar.Headers) => Promise) { + const input = tar.extract(); + const output = tar.pack(); + + input.on('entry', (headers, stream, next) => { + include(headers).then(doInclude => { + if (doInclude) { + // Pipe body to output + stream.pipe(output.entry(headers, next)); + } else { + // eslint-disable-next-line no-console + console.error(`[cdk-postpack] Belatedly npmignored: ${headers.name}`); + // Consume the stream without writing it anywhere + stream.on('end', next); + stream.resume(); + } + }).catch(e => { + input.destroy(e); + output.destroy(e); + }); + }); + + input.on('finish', () => { + output.finalize(); + }); + + return { input, output }; +} + +/** + * Expect one .tgz file in the current directory and return its name + */ +async function findTarballFile() { + const entries = await fs.readdir('.'); + const tgzs = entries.filter(e => e.endsWith('.tgz')); + if (tgzs.length !== 1) { + throw new Error(`Expecting extactly one .tgz file, got: ${tgzs}`); + } + return tgzs[0]; +} + +class NpmListCache { + private listCache: Record = {}; + + public async shouldPublish(absPath: string) { + const pjDir = path.dirname(await findUp('package.json', path.dirname(absPath))); + const files = await this.obtainNpmPackList(pjDir); + + const relativePath = path.relative(pjDir, absPath); + return files.includes(relativePath); + } + + /** + * Use 'npm-packlist' (official NPM package) to get the list of files that NPM would publish from the given directory + * + * This will take into account the .npmignore files. + */ + private async obtainNpmPackList(dir: string) { + if (this.listCache[dir]) { return this.listCache[dir]; } + + const files = await npmPacklist({ path: dir }); + this.listCache[dir] = files; + return files; + } +} + +async function findUp(fileName: string, start: string) { + let dir = start; + while (!await fileExists(path.join(dir, fileName))) { + const parent = path.dirname(dir); + if (parent === dir) { + throw new Error(`No ${fileName} found upwards from ${start}`); + } + dir = parent; + } + return path.join(dir, fileName); +} + +async function fileExists(fullPath: string): Promise { + try { + await fs.stat(fullPath); + return true; + } catch (e) { + if (e.code === 'ENOENT' || e.code === 'ENOTDIR') { return false; } + throw e; + } +} + +main().catch(e => { + // eslint-disable-next-line no-console + console.log('Error', e); + process.exitCode = 1; +}); + + +// [1] /s \ No newline at end of file diff --git a/tools/cdk-build-tools/package.json b/tools/cdk-build-tools/package.json index f061a6249a738..e1d1798b7ff80 100644 --- a/tools/cdk-build-tools/package.json +++ b/tools/cdk-build-tools/package.json @@ -16,7 +16,8 @@ "cdk-test": "bin/cdk-test", "cdk-package": "bin/cdk-package", "cdk-awslint": "bin/cdk-awslint", - "cdk-lint": "bin/cdk-lint" + "cdk-lint": "bin/cdk-lint", + "cdk-postpack": "bin/cdk-postpack" }, "scripts": { "build": "tsc -b && chmod +x bin/cdk-build && chmod +x bin/cdk-test && chmod +x bin/cdk-watch && chmod +x bin/cdk-awslint && chmod +x bin/cdk-lint && pkglint && eslint . --ext=.ts", @@ -35,7 +36,9 @@ "devDependencies": { "@types/fs-extra": "^8.1.1", "@types/jest": "^26.0.22", + "@types/tar-stream": "^2.2.0", "@types/yargs": "^15.0.13", + "@types/npm-packlist": "^1.1.1", "pkglint": "0.0.0" }, "dependencies": { @@ -55,8 +58,10 @@ "jsii-pacmak": "^1.26.0", "markdownlint-cli": "^0.27.1", "nodeunit": "^0.11.3", + "npm-packlist": "2.1.5", "nyc": "^15.1.0", "semver": "^7.3.5", + "tar-stream": "^2.2.0", "ts-jest": "^26.5.4", "typescript": "~3.9.9", "yargs": "^16.2.0", diff --git a/tools/nodeunit-shim/index.ts b/tools/nodeunit-shim/index.ts index 8ba50bedefefd..1c4ee174ff229 100644 --- a/tools/nodeunit-shim/index.ts +++ b/tools/nodeunit-shim/index.ts @@ -81,7 +81,7 @@ export function nodeunitShim(exports: Record) { }); } else { // It's a test - test(testName, () => new Promise(ok => { + test(testName, () => new Promise(ok => { testObj(new Test(ok)); })); } diff --git a/tools/pkglint/bin/pkglint.ts b/tools/pkglint/bin/pkglint.ts index 0b5cd61ef1649..31cf7f5d2c74d 100644 --- a/tools/pkglint/bin/pkglint.ts +++ b/tools/pkglint/bin/pkglint.ts @@ -24,8 +24,16 @@ async function main(): Promise { const pkgs = findPackageJsons(argv.directory as string); - rules.forEach(rule => pkgs.filter(pkg => pkg.shouldApply(rule)).forEach(pkg => rule.prepare(pkg))); - rules.forEach(rule => pkgs.filter(pkg => pkg.shouldApply(rule)).forEach(pkg => rule.validate(pkg))); + for (const rule of rules) { + for (const pkg of pkgs.filter(pkg => pkg.shouldApply(rule))) { + rule.prepare(pkg); + } + } + for (const rule of rules) { + for (const pkg of pkgs.filter(pkg => pkg.shouldApply(rule))) { + await rule.validate(pkg); + } + } if (argv.fix) { pkgs.forEach(pkg => pkg.applyFixes()); diff --git a/tools/pkglint/lib/packagejson.ts b/tools/pkglint/lib/packagejson.ts index a59e8f1c6e307..7a7375fbe6fab 100644 --- a/tools/pkglint/lib/packagejson.ts +++ b/tools/pkglint/lib/packagejson.ts @@ -361,5 +361,5 @@ export abstract class ValidationRule { /** * Will be executed for every package definition once, should mutate the package object */ - public abstract validate(pkg: PackageJson): void; + public abstract validate(pkg: PackageJson): void | Promise; } diff --git a/tools/pkglint/lib/rules.ts b/tools/pkglint/lib/rules.ts index f7929a353035a..6b32110ad99d6 100644 --- a/tools/pkglint/lib/rules.ts +++ b/tools/pkglint/lib/rules.ts @@ -1,6 +1,7 @@ import * as fs from 'fs'; import * as path from 'path'; import * as caseUtils from 'case'; +import * as fse from 'fs-extra'; import * as glob from 'glob'; import * as semver from 'semver'; import { LICENSE, NOTICE } from './licensing'; @@ -11,6 +12,7 @@ import { fileShouldBe, fileShouldBeginWith, fileShouldContain, fileShouldNotContain, findInnerPackages, + findPackageDir, monoRepoRoot, } from './util'; @@ -1371,25 +1373,42 @@ export class FastFailingBuildScripts extends ValidationRule { } } +/** + * For every bundled dependency, we need to make sure that package and all of its transitive dependencies are nohoisted + * + * Bundling literally works by including `/node_modules/` into + * the tarball when `npm pack` is run, and if that directory does not exist at + * that exact location (because it has been hoisted) then NPM shrugs its + * shoulders and the dependency will be missing from the distribution. + * + * -- + * + * We also must not forget to nohoist transitive dependencies. Strictly + * speaking, we need to only hoist transitive *runtime* dependencies (`dependencies`, not + * `devDependencies`). + * + * For 3rd party deps, there is no difference and we short-circuit by adding a + * catch-all glob (`/node_modules//**`), but for in-repo bundled + * dependencies, we DO need the `devDependencies` installed as per normal and + * only the transitive runtime dependencies nohoisted (recursively). + */ export class YarnNohoistBundledDependencies extends ValidationRule { public readonly name = 'yarn/nohoist-bundled-dependencies'; - public validate(pkg: PackageJson) { + public async validate(pkg: PackageJson) { const bundled: string[] = pkg.json.bundleDependencies || pkg.json.bundledDependencies || []; - if (bundled.length === 0) { return; } const repoPackageJson = path.resolve(__dirname, '../../../package.json'); + const nohoist = new Set(require(repoPackageJson).workspaces.nohoist); // eslint-disable-line @typescript-eslint/no-require-imports - const nohoist: string[] = require(repoPackageJson).workspaces.nohoist; // eslint-disable-line @typescript-eslint/no-require-imports + const expectedNoHoistEntries = new Array(); - const missing = new Array(); for (const dep of bundled) { - for (const entry of [`${pkg.packageName}/${dep}`, `${pkg.packageName}/${dep}/**`]) { - if (nohoist.indexOf(entry) >= 0) { continue; } - missing.push(entry); - } + await noHoistDependency(pkg.packageName, dep, pkg.packageRoot); } + const missing = expectedNoHoistEntries.filter(entry => !nohoist.has(entry)); + if (missing.length > 0) { pkg.report({ ruleName: this.name, @@ -1401,6 +1420,43 @@ export class YarnNohoistBundledDependencies extends ValidationRule { }, }); } + + async function noHoistDependency(parentPackageHierarchy: string, depName: string, parentPackageDir: string) { + expectedNoHoistEntries.push(`${parentPackageHierarchy}/${depName}`); + + const dependencyDir = await findPackageDir(depName, parentPackageDir); + if (!isMonoRepoPackageDir(dependencyDir)) { + // Not one of ours, so we can just ignore everything underneath as well + expectedNoHoistEntries.push(`${parentPackageHierarchy}/${depName}/**`); + return; + } + + // A monorepo package, recurse into dependencies (but not devDependencies) + const packageJson = await fse.readJson(path.join(dependencyDir, 'package.json')); + for (const dep of Object.keys(packageJson.dependencies ?? {})) { + await noHoistDependency(`${parentPackageHierarchy}/${depName}`, dep, dependencyDir); + } + } + } +} + +/** + * If this package has bundled dependencies that come from the monorepo, it MUST use `cdk-postpack` as postpack script + */ +export class BundledMonorepoDependencies extends ValidationRule { + public readonly name = 'monorepo/monorepo-bundled-dependencies'; + + public async validate(pkg: PackageJson) { + const bundled: string[] = pkg.json.bundleDependencies || pkg.json.bundledDependencies || []; + + const bundledDepsMonoRepo = await Promise.all(bundled.map(async (dep) => { + const dependencyDir = await findPackageDir(dep, pkg.packageRoot); + return isMonoRepoPackageDir(dependencyDir); + })); + + if (bundledDepsMonoRepo.some(x => x)) { + expectJSON(this.name, pkg, 'scripts.postpack', 'cdk-postpack'); + } } } @@ -1670,3 +1726,14 @@ function cdkMajorVersion() { const releaseJson = require(`${__dirname}/../../../release.json`); return releaseJson.majorVersion as number; } + +/** + * Whether this is a package in the monorepo or not + * + * We're going to be cheeky and not do too much analysis, and say that + * a package that has `/node_modules/` in the directory name is NOT in the + * monorepo, otherwise it is. + */ +function isMonoRepoPackageDir(packageDir: string) { + return path.resolve(packageDir).indexOf(`${path.sep}node_modules${path.sep}`) === -1; +} \ No newline at end of file diff --git a/tools/pkglint/lib/util.ts b/tools/pkglint/lib/util.ts index 10b4415a6c3ca..fe56512113ec2 100644 --- a/tools/pkglint/lib/util.ts +++ b/tools/pkglint/lib/util.ts @@ -190,3 +190,39 @@ export function* findInnerPackages(dir: string): IterableIterator { yield* findInnerPackages(path.join(dir, fname)); } } + +/** + * Find package directory + * + * Do this by walking upwards in the directory tree until we find + * `/node_modules//package.json`. + * + * ------- + * + * Things that we tried but don't work: + * + * 1. require.resolve(`${depName}/package.json`, { paths: [rootDir] }); + * + * Breaks with ES Modules if `package.json` has not been exported, which is + * being enforced starting Node12. + * + * 2. findPackageJsonUpwardFrom(require.resolve(depName, { paths: [rootDir] })) + * + * Breaks if a built-in NodeJS package name conflicts with an NPM package name + * (in Node15 `string_decoder` is introduced...) + */ +export async function findPackageDir(depName: string, rootDir: string) { + let prevDir; + let dir = rootDir; + while (dir !== prevDir) { + const candidateDir = path.join(dir, 'node_modules', depName); + if (await new Promise(ok => fs.exists(path.join(candidateDir, 'package.json'), ok))) { + return new Promise((ok, ko) => fs.realpath(candidateDir, (err, result) => err ? ko(err) : ok(result))); + } + + prevDir = dir; + dir = path.dirname(dir); // dirname('/') -> '/', dirname('c:\\') -> 'c:\\' + } + + throw new Error(`Did not find '${depName}' upwards of '${rootDir}'`); +} \ No newline at end of file From ffc0de4a77a966958adfe3cb8b0b7fb250298126 Mon Sep 17 00:00:00 2001 From: AWS CDK Automation <43080478+aws-cdk-automation@users.noreply.github.com> Date: Tue, 6 Apr 2021 13:07:37 +0200 Subject: [PATCH 092/260] chore: npm-check-updates && yarn upgrade (#13996) Ran npm-check-updates and yarn upgrade to keep the `yarn.lock` file up-to-date. --- package.json | 6 +- .../@aws-cdk/aws-lambda-nodejs/package.json | 2 +- packages/awslint/package.json | 4 +- packages/cdk-dasm/package.json | 2 +- packages/decdk/package.json | 4 +- tools/cdk-build-tools/package.json | 10 +- tools/cfn2ts/package.json | 2 +- tools/eslint-plugin-cdk/package.json | 2 +- yarn.lock | 208 ++++++++++-------- 9 files changed, 131 insertions(+), 109 deletions(-) diff --git a/package.json b/package.json index 0995b296d13bf..d3c9a5569ce0c 100644 --- a/package.json +++ b/package.json @@ -18,9 +18,9 @@ "fs-extra": "^9.1.0", "graceful-fs": "^4.2.6", "jest-junit": "^12.0.0", - "jsii-diff": "^1.26.0", - "jsii-pacmak": "^1.26.0", - "jsii-rosetta": "^1.26.0", + "jsii-diff": "^1.27.0", + "jsii-pacmak": "^1.27.0", + "jsii-rosetta": "^1.27.0", "lerna": "^4.0.0", "standard-version": "^9.1.1", "typescript": "~3.9.9" diff --git a/packages/@aws-cdk/aws-lambda-nodejs/package.json b/packages/@aws-cdk/aws-lambda-nodejs/package.json index 4fc08212d2961..552ad123fec1f 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/package.json +++ b/packages/@aws-cdk/aws-lambda-nodejs/package.json @@ -67,7 +67,7 @@ "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "delay": "5.0.0", - "esbuild": "^0.11.2", + "esbuild": "^0.11.5", "pkglint": "0.0.0" }, "dependencies": { diff --git a/packages/awslint/package.json b/packages/awslint/package.json index d8b9737cf41a6..0160949c63e04 100644 --- a/packages/awslint/package.json +++ b/packages/awslint/package.json @@ -16,11 +16,11 @@ "awslint": "bin/awslint" }, "dependencies": { - "@jsii/spec": "^1.26.0", + "@jsii/spec": "^1.27.0", "camelcase": "^6.2.0", "colors": "^1.4.0", "fs-extra": "^9.1.0", - "jsii-reflect": "^1.26.0", + "jsii-reflect": "^1.27.0", "yargs": "^16.2.0" }, "devDependencies": { diff --git a/packages/cdk-dasm/package.json b/packages/cdk-dasm/package.json index 2d0a216158e44..6ca3c52326c49 100644 --- a/packages/cdk-dasm/package.json +++ b/packages/cdk-dasm/package.json @@ -26,7 +26,7 @@ }, "license": "Apache-2.0", "dependencies": { - "codemaker": "^1.26.0", + "codemaker": "^1.27.0", "yaml": "1.10.2" }, "devDependencies": { diff --git a/packages/decdk/package.json b/packages/decdk/package.json index 055a1e1af08b2..652e203761c4b 100644 --- a/packages/decdk/package.json +++ b/packages/decdk/package.json @@ -214,7 +214,7 @@ "@aws-cdk/yaml-cfn": "0.0.0", "constructs": "^3.3.69", "fs-extra": "^9.1.0", - "jsii-reflect": "^1.26.0", + "jsii-reflect": "^1.27.0", "jsonschema": "^1.4.0", "yaml": "1.10.2", "yargs": "^16.2.0" @@ -225,7 +225,7 @@ "@types/yaml": "1.9.7", "@types/yargs": "^15.0.13", "jest": "^26.6.3", - "jsii": "^1.26.0" + "jsii": "^1.27.0" }, "keywords": [ "aws", diff --git a/tools/cdk-build-tools/package.json b/tools/cdk-build-tools/package.json index e1d1798b7ff80..3d896f5b38229 100644 --- a/tools/cdk-build-tools/package.json +++ b/tools/cdk-build-tools/package.json @@ -42,8 +42,8 @@ "pkglint": "0.0.0" }, "dependencies": { - "@typescript-eslint/eslint-plugin": "^4.20.0", - "@typescript-eslint/parser": "^4.20.0", + "@typescript-eslint/eslint-plugin": "^4.21.0", + "@typescript-eslint/parser": "^4.21.0", "awslint": "0.0.0", "colors": "^1.4.0", "eslint": "^7.23.0", @@ -51,11 +51,11 @@ "eslint-import-resolver-typescript": "^2.4.0", "eslint-plugin-cdk": "0.0.0", "eslint-plugin-import": "^2.22.1", - "eslint-plugin-jest": "^24.3.2", + "eslint-plugin-jest": "^24.3.4", "fs-extra": "^9.1.0", "jest": "^26.6.3", - "jsii": "^1.26.0", - "jsii-pacmak": "^1.26.0", + "jsii": "^1.27.0", + "jsii-pacmak": "^1.27.0", "markdownlint-cli": "^0.27.1", "nodeunit": "^0.11.3", "npm-packlist": "2.1.5", diff --git a/tools/cfn2ts/package.json b/tools/cfn2ts/package.json index 847f25acebeb5..3a799b44659c6 100644 --- a/tools/cfn2ts/package.json +++ b/tools/cfn2ts/package.json @@ -30,7 +30,7 @@ "license": "Apache-2.0", "dependencies": { "@aws-cdk/cfnspec": "0.0.0", - "codemaker": "^1.26.0", + "codemaker": "^1.27.0", "fast-json-patch": "^3.0.0-1", "fs-extra": "^9.1.0", "yargs": "^16.2.0" diff --git a/tools/eslint-plugin-cdk/package.json b/tools/eslint-plugin-cdk/package.json index 78b9364bebf39..83f238eb4f1f2 100644 --- a/tools/eslint-plugin-cdk/package.json +++ b/tools/eslint-plugin-cdk/package.json @@ -21,7 +21,7 @@ "typescript": "~3.9.9" }, "dependencies": { - "@typescript-eslint/parser": "^4.20.0", + "@typescript-eslint/parser": "^4.21.0", "eslint": "^7.23.0", "fs-extra": "^9.1.0" }, diff --git a/yarn.lock b/yarn.lock index 925d810fe1e4e..9c47449528cf3 100644 --- a/yarn.lock +++ b/yarn.lock @@ -513,10 +513,10 @@ "@types/yargs" "^15.0.0" chalk "^4.0.0" -"@jsii/spec@^1.26.0": - version "1.26.0" - resolved "https://registry.yarnpkg.com/@jsii/spec/-/spec-1.26.0.tgz#fcf0ceae1eaa486c504fdb6d2d02897870e43ab4" - integrity sha512-wh9Z/wfQYcWE5IgUfKNBYQ9Lhye9Xh/lsRsxMQluqEsgObNqb/8JreenWviqzHzBBcvTcHHyl+G30mpmyO1PWQ== +"@jsii/spec@^1.27.0": + version "1.27.0" + resolved "https://registry.yarnpkg.com/@jsii/spec/-/spec-1.27.0.tgz#fd3a9c3c5074a79f91e80317c0d99d8f0db67a21" + integrity sha512-mdfSlcYY9qI3kI0rK1dAN13BkHtOffhFXzOwtuZvxjhz2+8hx6DpW5nqHAWCrq+ZQuPAPxiMOVXBsA58PZ9Ycg== dependencies: jsonschema "^1.4.0" @@ -1625,6 +1625,11 @@ resolved "https://registry.yarnpkg.com/@types/normalize-package-data/-/normalize-package-data-2.4.0.tgz#e486d0d97396d79beedd0a6e33f4534ff6b4973e" integrity sha512-f5j5b/Gf71L+dbqxIpQ4Z2WlmI/mPJ0fOkGGmFgtb6sAu97EPczzbS3/tJKxmcYDj55OX6ssqwDAWOHIYDRDGA== +"@types/npm-packlist@^1.1.1": + version "1.1.1" + resolved "https://registry.yarnpkg.com/@types/npm-packlist/-/npm-packlist-1.1.1.tgz#b8bdb1e2910aa693ab9bf8339361b09c8d512ecd" + integrity sha512-+0ZRUpPOs4Mvvwj/pftWb14fnPN/yS6nOp6HZFyIMDuUmyPtKXcO4/SPhyRGR6dUCAn1B3hHJozD/UCrU+Mmew== + "@types/parse-json@^4.0.0": version "4.0.0" resolved "https://registry.yarnpkg.com/@types/parse-json/-/parse-json-4.0.0.tgz#2f8bb441434d163b35fb8ffdccd7138927ffb8c0" @@ -1686,6 +1691,13 @@ resolved "https://registry.yarnpkg.com/@types/table/-/table-6.0.0.tgz#c3e8f1e0d80525036a7655fd650409e0230f1ead" integrity sha512-RSmRiYetRzpcZcgNo4x6C1VSsPGBHCGGDO7Rbnz5esVLbGONxBP1CUcn8JhAkVzUVLO+AY8yOSkb27jvfauLyg== +"@types/tar-stream@^2.2.0": + version "2.2.0" + resolved "https://registry.yarnpkg.com/@types/tar-stream/-/tar-stream-2.2.0.tgz#2778ef8e328a520959a39681c15c83c53553426f" + integrity sha512-sRTpT180sVigzD4SiCWJQQrqcdkWnmscWvx+cXvAoPtXbLFC5+QmKi2xwRcPe4iRu0GcVl1qTeJKUTS5hULfrw== + dependencies: + "@types/node" "*" + "@types/uuid@^8.3.0": version "8.3.0" resolved "https://registry.yarnpkg.com/@types/uuid/-/uuid-8.3.0.tgz#215c231dff736d5ba92410e6d602050cce7e273f" @@ -1727,13 +1739,13 @@ resolved "https://registry.yarnpkg.com/@types/yarnpkg__lockfile/-/yarnpkg__lockfile-1.1.4.tgz#445251eb00bd9c1e751f82c7c6bf4f714edfd464" integrity sha512-/emrKCfQMQmFCqRqqBJ0JueHBT06jBRM3e8OgnvDUcvuExONujIk2hFA5dNsN9Nt41ljGVDdChvCydATZ+KOZw== -"@typescript-eslint/eslint-plugin@^4.20.0": - version "4.20.0" - resolved "https://registry.yarnpkg.com/@typescript-eslint/eslint-plugin/-/eslint-plugin-4.20.0.tgz#9d8794bd99aad9153092ad13c96164e3082e9a92" - integrity sha512-sw+3HO5aehYqn5w177z2D82ZQlqHCwcKSMboueo7oE4KU9QiC0SAgfS/D4z9xXvpTc8Bt41Raa9fBR8T2tIhoQ== +"@typescript-eslint/eslint-plugin@^4.21.0": + version "4.21.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/eslint-plugin/-/eslint-plugin-4.21.0.tgz#3fce2bfa76d95c00ac4f33dff369cb593aab8878" + integrity sha512-FPUyCPKZbVGexmbCFI3EQHzCZdy2/5f+jv6k2EDljGdXSRc0cKvbndd2nHZkSLqCNOPk0jB6lGzwIkglXcYVsQ== dependencies: - "@typescript-eslint/experimental-utils" "4.20.0" - "@typescript-eslint/scope-manager" "4.20.0" + "@typescript-eslint/experimental-utils" "4.21.0" + "@typescript-eslint/scope-manager" "4.21.0" debug "^4.1.1" functional-red-black-tree "^1.0.1" lodash "^4.17.15" @@ -1741,15 +1753,15 @@ semver "^7.3.2" tsutils "^3.17.1" -"@typescript-eslint/experimental-utils@4.20.0": - version "4.20.0" - resolved "https://registry.yarnpkg.com/@typescript-eslint/experimental-utils/-/experimental-utils-4.20.0.tgz#a8ab2d7b61924f99042b7d77372996d5f41dc44b" - integrity sha512-sQNlf6rjLq2yB5lELl3gOE7OuoA/6IVXJUJ+Vs7emrQMva14CkOwyQwD7CW+TkmOJ4Q/YGmoDLmbfFrpGmbKng== +"@typescript-eslint/experimental-utils@4.21.0": + version "4.21.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/experimental-utils/-/experimental-utils-4.21.0.tgz#0b0bb7c15d379140a660c003bdbafa71ae9134b6" + integrity sha512-cEbgosW/tUFvKmkg3cU7LBoZhvUs+ZPVM9alb25XvR0dal4qHL3SiUqHNrzoWSxaXA9gsifrYrS1xdDV6w/gIA== dependencies: "@types/json-schema" "^7.0.3" - "@typescript-eslint/scope-manager" "4.20.0" - "@typescript-eslint/types" "4.20.0" - "@typescript-eslint/typescript-estree" "4.20.0" + "@typescript-eslint/scope-manager" "4.21.0" + "@typescript-eslint/types" "4.21.0" + "@typescript-eslint/typescript-estree" "4.21.0" eslint-scope "^5.0.0" eslint-utils "^2.0.0" @@ -1765,14 +1777,14 @@ eslint-scope "^5.0.0" eslint-utils "^2.0.0" -"@typescript-eslint/parser@^4.20.0": - version "4.20.0" - resolved "https://registry.yarnpkg.com/@typescript-eslint/parser/-/parser-4.20.0.tgz#8dd403c8b4258b99194972d9799e201b8d083bdd" - integrity sha512-m6vDtgL9EABdjMtKVw5rr6DdeMCH3OA1vFb0dAyuZSa3e5yw1YRzlwFnm9knma9Lz6b2GPvoNSa8vOXrqsaglA== +"@typescript-eslint/parser@^4.21.0": + version "4.21.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/parser/-/parser-4.21.0.tgz#a227fc2af4001668c3e3f7415d4feee5093894c1" + integrity sha512-eyNf7QmE5O/l1smaQgN0Lj2M/1jOuNg2NrBm1dqqQN0sVngTLyw8tdCbih96ixlhbF1oINoN8fDCyEH9SjLeIA== dependencies: - "@typescript-eslint/scope-manager" "4.20.0" - "@typescript-eslint/types" "4.20.0" - "@typescript-eslint/typescript-estree" "4.20.0" + "@typescript-eslint/scope-manager" "4.21.0" + "@typescript-eslint/types" "4.21.0" + "@typescript-eslint/typescript-estree" "4.21.0" debug "^4.1.1" "@typescript-eslint/scope-manager@4.18.0": @@ -1783,23 +1795,23 @@ "@typescript-eslint/types" "4.18.0" "@typescript-eslint/visitor-keys" "4.18.0" -"@typescript-eslint/scope-manager@4.20.0": - version "4.20.0" - resolved "https://registry.yarnpkg.com/@typescript-eslint/scope-manager/-/scope-manager-4.20.0.tgz#953ecbf3b00845ece7be66246608be9d126d05ca" - integrity sha512-/zm6WR6iclD5HhGpcwl/GOYDTzrTHmvf8LLLkwKqqPKG6+KZt/CfSgPCiybshmck66M2L5fWSF/MKNuCwtKQSQ== +"@typescript-eslint/scope-manager@4.21.0": + version "4.21.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/scope-manager/-/scope-manager-4.21.0.tgz#c81b661c4b8af1ec0c010d847a8f9ab76ab95b4d" + integrity sha512-kfOjF0w1Ix7+a5T1knOw00f7uAP9Gx44+OEsNQi0PvvTPLYeXJlsCJ4tYnDj5PQEYfpcgOH5yBlw7K+UEI9Agw== dependencies: - "@typescript-eslint/types" "4.20.0" - "@typescript-eslint/visitor-keys" "4.20.0" + "@typescript-eslint/types" "4.21.0" + "@typescript-eslint/visitor-keys" "4.21.0" "@typescript-eslint/types@4.18.0": version "4.18.0" resolved "https://registry.yarnpkg.com/@typescript-eslint/types/-/types-4.18.0.tgz#bebe323f81f2a7e2e320fac9415e60856267584a" integrity sha512-/BRociARpj5E+9yQ7cwCF/SNOWwXJ3qhjurMuK2hIFUbr9vTuDeu476Zpu+ptxY2kSxUHDGLLKy+qGq2sOg37A== -"@typescript-eslint/types@4.20.0": - version "4.20.0" - resolved "https://registry.yarnpkg.com/@typescript-eslint/types/-/types-4.20.0.tgz#c6cf5ef3c9b1c8f699a9bbdafb7a1da1ca781225" - integrity sha512-cYY+1PIjei1nk49JAPnH1VEnu7OYdWRdJhYI5wiKOUMhLTG1qsx5cQxCUTuwWCmQoyriadz3Ni8HZmGSofeC+w== +"@typescript-eslint/types@4.21.0": + version "4.21.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/types/-/types-4.21.0.tgz#abdc3463bda5d31156984fa5bc316789c960edef" + integrity sha512-+OQaupjGVVc8iXbt6M1oZMwyKQNehAfLYJJ3SdvnofK2qcjfor9pEM62rVjBknhowTkh+2HF+/KdRAc/wGBN2w== "@typescript-eslint/typescript-estree@4.18.0": version "4.18.0" @@ -1814,13 +1826,13 @@ semver "^7.3.2" tsutils "^3.17.1" -"@typescript-eslint/typescript-estree@4.20.0": - version "4.20.0" - resolved "https://registry.yarnpkg.com/@typescript-eslint/typescript-estree/-/typescript-estree-4.20.0.tgz#8b3b08f85f18a8da5d88f65cb400f013e88ab7be" - integrity sha512-Knpp0reOd4ZsyoEJdW8i/sK3mtZ47Ls7ZHvD8WVABNx5Xnn7KhenMTRGegoyMTx6TiXlOVgMz9r0pDgXTEEIHA== +"@typescript-eslint/typescript-estree@4.21.0": + version "4.21.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/typescript-estree/-/typescript-estree-4.21.0.tgz#3817bd91857beeaeff90f69f1f112ea58d350b0a" + integrity sha512-ZD3M7yLaVGVYLw4nkkoGKumb7Rog7QID9YOWobFDMQKNl+vPxqVIW/uDk+MDeGc+OHcoG2nJ2HphwiPNajKw3w== dependencies: - "@typescript-eslint/types" "4.20.0" - "@typescript-eslint/visitor-keys" "4.20.0" + "@typescript-eslint/types" "4.21.0" + "@typescript-eslint/visitor-keys" "4.21.0" debug "^4.1.1" globby "^11.0.1" is-glob "^4.0.1" @@ -1835,12 +1847,12 @@ "@typescript-eslint/types" "4.18.0" eslint-visitor-keys "^2.0.0" -"@typescript-eslint/visitor-keys@4.20.0": - version "4.20.0" - resolved "https://registry.yarnpkg.com/@typescript-eslint/visitor-keys/-/visitor-keys-4.20.0.tgz#1e84db034da13f208325e6bfc995c3b75f7dbd62" - integrity sha512-NXKRM3oOVQL8yNFDNCZuieRIwZ5UtjNLYtmMx2PacEAGmbaEYtGgVHUHVyZvU/0rYZcizdrWjDo+WBtRPSgq+A== +"@typescript-eslint/visitor-keys@4.21.0": + version "4.21.0" + resolved "https://registry.yarnpkg.com/@typescript-eslint/visitor-keys/-/visitor-keys-4.21.0.tgz#990a9acdc124331f5863c2cf21c88ba65233cd8d" + integrity sha512-dH22dROWGi5Z6p+Igc8bLVLmwy7vEe8r+8c+raPQU0LxgogPUrRAtRGtvBWmlr9waTu3n+QLt/qrS/hWzk1x5w== dependencies: - "@typescript-eslint/types" "4.20.0" + "@typescript-eslint/types" "4.21.0" eslint-visitor-keys "^2.0.0" "@yarnpkg/lockfile@^1.1.0": @@ -2798,10 +2810,10 @@ code-point-at@^1.0.0: resolved "https://registry.yarnpkg.com/code-point-at/-/code-point-at-1.1.0.tgz#0d070b4d043a5bea33a2f1a40e2edb3d9a4ccf77" integrity sha1-DQcLTQQ6W+ozovGkDi7bPZpMz3c= -codemaker@^1.26.0: - version "1.26.0" - resolved "https://registry.yarnpkg.com/codemaker/-/codemaker-1.26.0.tgz#31560f44d597afbb366c015267327394e18efbdf" - integrity sha512-oK0SdWi3CUHL7hVcDpXVBQc2xm31RCJSqg7I1wviMifD89zbvu3boAz/s5aoXbcVDKKxLOZn2w55WlGCih9HOw== +codemaker@^1.27.0: + version "1.27.0" + resolved "https://registry.yarnpkg.com/codemaker/-/codemaker-1.27.0.tgz#1bbe2b05ddc9d927f5fb8f286611885600d9198e" + integrity sha512-W5r3XLxBG2a33M3g3Sg9mOU5wPbw6hz14GfmeQsKlWoSCx8Y3CCxY8ogbh77/K34epqYh43ydybI8e7UVgD/tQ== dependencies: camelcase "^6.2.0" decamelize "^5.0.0" @@ -3742,10 +3754,10 @@ es6-error@^4.0.1: resolved "https://registry.yarnpkg.com/es6-error/-/es6-error-4.1.1.tgz#9e3af407459deed47e9a91f9b885a84eb05c561d" integrity sha512-Um/+FxMr9CISWh0bi5Zv0iOD+4cFh5qLeks1qhAopKVAJw3drgKbKySikp7wGhDL0HPeaja0P5ULZrxLkniUVg== -esbuild@^0.11.2: - version "0.11.2" - resolved "https://registry.yarnpkg.com/esbuild/-/esbuild-0.11.2.tgz#3b995e107f2054d9090402b98a3b79ceffd05eb6" - integrity sha512-8d5FCQrR+juXC2u9zjTQ3+IYiuFuaWyKYwmApFJLquTrYNbk36H/+MkRQeTuOJg7IjUchRX2Ulwo1zRYXZ1pUg== +esbuild@^0.11.5: + version "0.11.5" + resolved "https://registry.yarnpkg.com/esbuild/-/esbuild-0.11.5.tgz#25b18a2ff2fb9580683edce26a48f64c08c2f2df" + integrity sha512-aRs6jAE+bVRp1tyfzUugAw1T/Y0Fwzp4Z2ROikF3h+UifoD5QlEbEYQGc6orNnnSIRhWR5VWBH7LozlAumaLHg== escalade@^3.1.1: version "3.1.1" @@ -3838,10 +3850,10 @@ eslint-plugin-import@^2.22.1: resolve "^1.17.0" tsconfig-paths "^3.9.0" -eslint-plugin-jest@^24.3.2: - version "24.3.2" - resolved "https://registry.yarnpkg.com/eslint-plugin-jest/-/eslint-plugin-jest-24.3.2.tgz#30a8b2dea6278d0da1d6fb9d6cd530aaf58050a1" - integrity sha512-cicWDr+RvTAOKS3Q/k03+Z3odt3VCiWamNUHWd6QWbVQWcYJyYgUTu8x0mx9GfeDEimawU5kQC+nQ3MFxIM6bw== +eslint-plugin-jest@^24.3.4: + version "24.3.4" + resolved "https://registry.yarnpkg.com/eslint-plugin-jest/-/eslint-plugin-jest-24.3.4.tgz#6d90c3554de0302e879603dd6405474c98849f19" + integrity sha512-3n5oY1+fictanuFkTWPwSlehugBTAgwLnYLFsCllzE3Pl1BwywHl5fL0HFxmMjoQY8xhUDk8uAWc3S4JOHGh3A== dependencies: "@typescript-eslint/experimental-utils" "^4.0.1" @@ -5967,71 +5979,71 @@ jsesc@^2.5.1: resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-2.5.2.tgz#80564d2e483dacf6e8ef209650a67df3f0c283a4" integrity sha512-OYu7XEzjkCQ3C5Ps3QIZsQfNpqoJyZZA99wd9aWd05NCtC5pWOkShK2mkL6HXQR6/Cy2lbNdPlZBpuQHXE63gA== -jsii-diff@^1.26.0: - version "1.26.0" - resolved "https://registry.yarnpkg.com/jsii-diff/-/jsii-diff-1.26.0.tgz#41ba434b298771b7542a3a2eb18241ba6cf82a73" - integrity sha512-RWu1AFYE8+U+75yZMSKrn5JFj6G21yiKR2Won+XbggD+DveHDGNbopWi9lDHuB5ec04kfiUB7og0yXkanIO4wg== +jsii-diff@^1.27.0: + version "1.27.0" + resolved "https://registry.yarnpkg.com/jsii-diff/-/jsii-diff-1.27.0.tgz#48da3594e784a6badb26e01ae3be017883653465" + integrity sha512-CBg3ZwT63iPLdfy8nNY++tc8xuBm+Zs1dDjnK2/0z3yApOAmYIfi/5BplPOoSfzCNAejtvIxLEgScl9BZktXXA== dependencies: - "@jsii/spec" "^1.26.0" + "@jsii/spec" "^1.27.0" fs-extra "^9.1.0" - jsii-reflect "^1.26.0" + jsii-reflect "^1.27.0" log4js "^6.3.0" typescript "~3.9.9" yargs "^16.2.0" -jsii-pacmak@^1.26.0: - version "1.26.0" - resolved "https://registry.yarnpkg.com/jsii-pacmak/-/jsii-pacmak-1.26.0.tgz#c600cb190255e080944c906d885e9b436edd2cd9" - integrity sha512-KOKOIazxddh8CuyuLMoBURW2bj3prhzyT0qF5ojUhHrbZeuH3eulF/Sn5PaIAadmQdmCiu69DYJe2JIwY/zwjw== +jsii-pacmak@^1.27.0: + version "1.27.0" + resolved "https://registry.yarnpkg.com/jsii-pacmak/-/jsii-pacmak-1.27.0.tgz#d6d28f5e9208d7ca338edfeba95ba25d8f552bde" + integrity sha512-K19kyUvFKpg6l5VaTkwFz4pgnrOR/vH69iqE6YWSJVY1i3S7dTA2mhG+dVbeB96MMnx7IUno0iKT3br/aWCtew== dependencies: - "@jsii/spec" "^1.26.0" + "@jsii/spec" "^1.27.0" clone "^2.1.2" - codemaker "^1.26.0" + codemaker "^1.27.0" commonmark "^0.29.3" escape-string-regexp "^4.0.0" fs-extra "^9.1.0" - jsii-reflect "^1.26.0" - jsii-rosetta "^1.26.0" - semver "^7.3.4" + jsii-reflect "^1.27.0" + jsii-rosetta "^1.27.0" + semver "^7.3.5" spdx-license-list "^6.4.0" xmlbuilder "^15.1.1" yargs "^16.2.0" -jsii-reflect@^1.26.0: - version "1.26.0" - resolved "https://registry.yarnpkg.com/jsii-reflect/-/jsii-reflect-1.26.0.tgz#6efa0e8058ff8547b02b3b688263ad933feb646b" - integrity sha512-mlu97Xs2M+YCq3Z8z2vzLYOe3XVC3T0YBabvJjkKoNYdH6F/S5zQMVdGwfHEXv1asFv7PrrVu46Zf/dKnqULcw== +jsii-reflect@^1.27.0: + version "1.27.0" + resolved "https://registry.yarnpkg.com/jsii-reflect/-/jsii-reflect-1.27.0.tgz#481edae2cbc497d4125207c37b964ba64c290dbc" + integrity sha512-+E2VhlDxvEcsBj8LdBaJ0OFS6+mDaWbDNmUSZ7UPIJxDPQzRFMGlMUyymz8J0f3Y2UWKiXgLvBhzEvF9UA4fCQ== dependencies: - "@jsii/spec" "^1.26.0" + "@jsii/spec" "^1.27.0" colors "^1.4.0" fs-extra "^9.1.0" - oo-ascii-tree "^1.26.0" + oo-ascii-tree "^1.27.0" yargs "^16.2.0" -jsii-rosetta@^1.26.0: - version "1.26.0" - resolved "https://registry.yarnpkg.com/jsii-rosetta/-/jsii-rosetta-1.26.0.tgz#f2107981b769f10f0b2ebf497702c3e6d9d3a2c1" - integrity sha512-J/VQR8j/mD4Q5qGF0JmfvOJeNWIx0I158nvo6FsnC8aYmHyIpBPmlpKWZzUGC8fHxoD3mC8oeiFLp2Yv8BNtvQ== +jsii-rosetta@^1.27.0: + version "1.27.0" + resolved "https://registry.yarnpkg.com/jsii-rosetta/-/jsii-rosetta-1.27.0.tgz#13ff711cff331b1d62081d8015ea24f730d6bbf7" + integrity sha512-swQz1lsB5k2v2euJfxYOtRy+SHnYS9WJ2XRkstY8/j0xMFOLNNXoWwSDrK97h3qis+yUuCHZlI6DNQzQh1NutA== dependencies: - "@jsii/spec" "^1.26.0" + "@jsii/spec" "^1.27.0" commonmark "^0.29.3" fs-extra "^9.1.0" typescript "~3.9.9" xmldom "^0.5.0" yargs "^16.2.0" -jsii@^1.26.0: - version "1.26.0" - resolved "https://registry.yarnpkg.com/jsii/-/jsii-1.26.0.tgz#8994498b69a616be7c255285dc6d8142b5032b61" - integrity sha512-ZUu5N8+u12VyNkPgSgvVzIhZ+aEAd531zDZK4qkth7UsGNhSy4zBz9BJMSSKnaVV0oR6Pvehhg5DJ3dCu8qJrw== +jsii@^1.27.0: + version "1.27.0" + resolved "https://registry.yarnpkg.com/jsii/-/jsii-1.27.0.tgz#7dc6716ad5c68d6a0c0ff913ff656cf2bbe56ec7" + integrity sha512-EP1NIeheeUw4WpGESkOK7Kb/bT9bBlOunlQuQb+KSMKYq+Zh8uWuFxzTYbt3pg/UdaVis5YD0jsdVgQFVU7ufA== dependencies: - "@jsii/spec" "^1.26.0" + "@jsii/spec" "^1.27.0" case "^1.6.3" colors "^1.4.0" deep-equal "^2.0.5" fs-extra "^9.1.0" log4js "^6.3.0" - semver "^7.3.4" + semver "^7.3.5" semver-intersect "^1.4.0" sort-json "^2.0.0" spdx-license-list "^6.4.0" @@ -7169,6 +7181,16 @@ npm-package-arg@^8.0.0, npm-package-arg@^8.0.1, npm-package-arg@^8.1.0, npm-pack semver "^7.3.4" validate-npm-package-name "^3.0.0" +npm-packlist@2.1.5: + version "2.1.5" + resolved "https://registry.yarnpkg.com/npm-packlist/-/npm-packlist-2.1.5.tgz#43ef5bbb9f59b7c0ef91e0905f1dd707b4cfb33c" + integrity sha512-KCfK3Vi2F+PH1klYauoQzg81GQ8/GGjQRKYY6tRnpQUPKTs/1gBZSRWtTEd7jGdSn1LZL7gpAmJT+BcS55k2XQ== + dependencies: + glob "^7.1.6" + ignore-walk "^3.0.3" + npm-bundled "^1.1.1" + npm-normalize-package-bin "^1.0.1" + npm-packlist@^2.1.4: version "2.1.4" resolved "https://registry.yarnpkg.com/npm-packlist/-/npm-packlist-2.1.4.tgz#40e96b2b43787d0546a574542d01e066640d09da" @@ -7400,10 +7422,10 @@ onetime@^5.1.0, onetime@^5.1.2: dependencies: mimic-fn "^2.1.0" -oo-ascii-tree@^1.26.0: - version "1.26.0" - resolved "https://registry.yarnpkg.com/oo-ascii-tree/-/oo-ascii-tree-1.26.0.tgz#c282175f2e620615d385e613ef451e9ffb6ad9a5" - integrity sha512-JcRUxvHG+QAheXnxx9cwtgDJY6aXc70UAvgoFxKtRz+KfWEU47z/X2HHb81O/aZ3mN4fRnnnnwQhaTUuQRw2Ag== +oo-ascii-tree@^1.27.0: + version "1.27.0" + resolved "https://registry.yarnpkg.com/oo-ascii-tree/-/oo-ascii-tree-1.27.0.tgz#d806ed771026abc3a113f823408914486e48401a" + integrity sha512-3hqwUDNTJC2YLzSRye8Fh35AC4fSHl2FZhFF/hyQtO8C9lV1PEXIPWGIRZ0zwQSHFutnriEvK8AHJgbbMrLxqg== opener@^1.5.1: version "1.5.2" From 3d15c246b9af3ae3d1b51d7c6cb3ffa316c05dd6 Mon Sep 17 00:00:00 2001 From: Elad Ben-Israel Date: Tue, 6 Apr 2021 14:36:23 +0300 Subject: [PATCH 093/260] chore: Revert "chore: un-jsii and bundle `@aws-cdk/yaml-cfn` (#13933)" (#13997) This reverts commit 1cd175ddf44f0129dbac4e9ef4ce0187fdbc4a0e. Due to build break. --- pack.sh | 13 -- package.json | 12 -- packages/@aws-cdk/aws-codebuild/package.json | 5 +- .../cloudformation-include/package.json | 7 +- packages/@aws-cdk/yaml-cfn/.gitignore | 3 +- packages/@aws-cdk/yaml-cfn/package.json | 26 +++ packages/@aws-cdk/yaml-cfn/tsconfig.json | 24 --- packages/aws-cdk-lib/package.json | 5 +- packages/awslint/.npmignore | 5 +- packages/decdk/test/schema.test.ts | 2 +- packages/monocdk/package.json | 5 +- tools/cdk-build-tools/bin/cdk-postpack | 2 - tools/cdk-build-tools/bin/cdk-postpack.ts | 179 ------------------ tools/cdk-build-tools/package.json | 7 +- tools/nodeunit-shim/index.ts | 2 +- tools/pkglint/bin/pkglint.ts | 12 +- tools/pkglint/lib/packagejson.ts | 2 +- tools/pkglint/lib/rules.ts | 83 +------- tools/pkglint/lib/util.ts | 36 ---- 19 files changed, 49 insertions(+), 381 deletions(-) delete mode 100644 packages/@aws-cdk/yaml-cfn/tsconfig.json delete mode 100755 tools/cdk-build-tools/bin/cdk-postpack delete mode 100644 tools/cdk-build-tools/bin/cdk-postpack.ts diff --git a/pack.sh b/pack.sh index 128d8e3fd8a90..b85c92f3e68a5 100755 --- a/pack.sh +++ b/pack.sh @@ -63,19 +63,6 @@ for dir in $(find packages -name dist | grep -v node_modules | grep -v run-wrapp rsync -a $dir/ ${distdir}/ done -# Make sure that none of the NPM tarballs have stray `.ts` files in them. -# This is necessary because the presence of .ts files without a matching tsconfig will -# make `ts-node` fail to load the files with a "Cannot use import statement outside a module" error. -for tarball in ${distdir}/js/*.tgz; do - # Ignore init-templates, we purposely ship .ts files in there. - ts_files=$(tar tzf ${tarball} | (set +e; grep '\.ts$' | grep -v '\.d\.ts$' | grep -v init-templates)) - if [[ "$ts_files" != "" ]]; then - echo "Found TypeScript source files in $tarball. This will confuse ts-node:" >&2 - echo "$ts_files" >&2 - exit 1 - fi -done - # Record the dependency order of NPM packages into a file # (This file will be opportunistically used during publishing) # diff --git a/package.json b/package.json index d3c9a5569ce0c..8420edf113ed3 100644 --- a/package.json +++ b/package.json @@ -51,9 +51,6 @@ "nohoist": [ "**/jszip", "**/jszip/**", - "@aws-cdk/aws-codebuild/@aws-cdk/yaml-cfn", - "@aws-cdk/aws-codebuild/@aws-cdk/yaml-cfn/yaml", - "@aws-cdk/aws-codebuild/@aws-cdk/yaml-cfn/yaml/**", "@aws-cdk/aws-codepipeline-actions/case", "@aws-cdk/aws-codepipeline-actions/case/**", "@aws-cdk/aws-cognito/punycode", @@ -66,9 +63,6 @@ "@aws-cdk/cloud-assembly-schema/jsonschema/**", "@aws-cdk/cloud-assembly-schema/semver", "@aws-cdk/cloud-assembly-schema/semver/**", - "@aws-cdk/cloudformation-include/@aws-cdk/yaml-cfn", - "@aws-cdk/cloudformation-include/@aws-cdk/yaml-cfn/yaml", - "@aws-cdk/cloudformation-include/@aws-cdk/yaml-cfn/yaml/**", "@aws-cdk/core/@balena/dockerignore", "@aws-cdk/core/@balena/dockerignore/**", "@aws-cdk/core/fs-extra", @@ -81,9 +75,6 @@ "@aws-cdk/cx-api/semver/**", "@aws-cdk/yaml-cfn/yaml", "@aws-cdk/yaml-cfn/yaml/**", - "aws-cdk-lib/@aws-cdk/yaml-cfn", - "aws-cdk-lib/@aws-cdk/yaml-cfn/yaml", - "aws-cdk-lib/@aws-cdk/yaml-cfn/yaml/**", "aws-cdk-lib/@balena/dockerignore", "aws-cdk-lib/@balena/dockerignore/**", "aws-cdk-lib/case", @@ -102,9 +93,6 @@ "aws-cdk-lib/semver/**", "aws-cdk-lib/yaml", "aws-cdk-lib/yaml/**", - "monocdk/@aws-cdk/yaml-cfn", - "monocdk/@aws-cdk/yaml-cfn/yaml", - "monocdk/@aws-cdk/yaml-cfn/yaml/**", "monocdk/@balena/dockerignore", "monocdk/@balena/dockerignore/**", "monocdk/case", diff --git a/packages/@aws-cdk/aws-codebuild/package.json b/packages/@aws-cdk/aws-codebuild/package.json index e07695b75ba31..e5a9a34ecd807 100644 --- a/packages/@aws-cdk/aws-codebuild/package.json +++ b/packages/@aws-cdk/aws-codebuild/package.json @@ -49,7 +49,6 @@ "build+test": "yarn build && yarn test", "compat": "cdk-compat", "gen": "cfn2ts", - "postpack": "cdk-postpack", "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { @@ -104,9 +103,6 @@ "@aws-cdk/yaml-cfn": "0.0.0", "constructs": "^3.3.69" }, - "bundledDependencies": [ - "@aws-cdk/yaml-cfn" - ], "homepage": "https://github.com/aws/aws-cdk", "peerDependencies": { "@aws-cdk/aws-cloudwatch": "0.0.0", @@ -123,6 +119,7 @@ "@aws-cdk/aws-secretsmanager": "0.0.0", "@aws-cdk/core": "0.0.0", "@aws-cdk/region-info": "0.0.0", + "@aws-cdk/yaml-cfn": "0.0.0", "constructs": "^3.3.69" }, "engines": { diff --git a/packages/@aws-cdk/cloudformation-include/package.json b/packages/@aws-cdk/cloudformation-include/package.json index ac7261b681d34..b9b82e67f55a3 100644 --- a/packages/@aws-cdk/cloudformation-include/package.json +++ b/packages/@aws-cdk/cloudformation-include/package.json @@ -47,8 +47,7 @@ "build+test": "yarn build && yarn test", "build+test+package": "yarn build+test && yarn package", "compat": "cdk-compat", - "rosetta:extract": "yarn --silent jsii-rosetta extract", - "postpack": "cdk-postpack" + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "cdk-build": { "pre": [ @@ -364,6 +363,7 @@ "@aws-cdk/aws-wafv2": "0.0.0", "@aws-cdk/aws-workspaces": "0.0.0", "@aws-cdk/core": "0.0.0", + "@aws-cdk/yaml-cfn": "0.0.0", "constructs": "^3.3.69" }, "devDependencies": { @@ -375,9 +375,6 @@ "pkglint": "0.0.0", "ts-jest": "^26.5.4" }, - "bundledDependencies": [ - "@aws-cdk/yaml-cfn" - ], "keywords": [ "aws", "cdk", diff --git a/packages/@aws-cdk/yaml-cfn/.gitignore b/packages/@aws-cdk/yaml-cfn/.gitignore index 8b9c845e5d12a..bb785cfb74f08 100644 --- a/packages/@aws-cdk/yaml-cfn/.gitignore +++ b/packages/@aws-cdk/yaml-cfn/.gitignore @@ -3,6 +3,7 @@ *.d.ts node_modules dist +tsconfig.json .jsii .LAST_BUILD @@ -14,4 +15,4 @@ nyc.config.js !.eslintrc.js !jest.config.js -junit.xml +junit.xml \ No newline at end of file diff --git a/packages/@aws-cdk/yaml-cfn/package.json b/packages/@aws-cdk/yaml-cfn/package.json index a50d4ab10eece..f10beb171366c 100644 --- a/packages/@aws-cdk/yaml-cfn/package.json +++ b/packages/@aws-cdk/yaml-cfn/package.json @@ -23,6 +23,32 @@ "cloudformation", "yaml" ], + "jsii": { + "outdir": "dist", + "targets": { + "java": { + "package": "software.amazon.awscdk.yaml.cfn", + "maven": { + "groupId": "software.amazon.awscdk", + "artifactId": "cdk-yaml-cfn" + } + }, + "dotnet": { + "namespace": "Amazon.CDK.Yaml.Cfn", + "packageId": "Amazon.CDK.Yaml.Cfn", + "iconUrl": "https://raw.githubusercontent.com/aws/aws-cdk/master/logo/default-256-dark.png" + }, + "python": { + "distName": "aws-cdk.yaml-cfn", + "module": "aws_cdk.yaml_cfn", + "classifiers": [ + "Framework :: AWS CDK", + "Framework :: AWS CDK :: 1" + ] + } + }, + "projectReferences": true + }, "scripts": { "build": "cdk-build", "watch": "cdk-watch", diff --git a/packages/@aws-cdk/yaml-cfn/tsconfig.json b/packages/@aws-cdk/yaml-cfn/tsconfig.json deleted file mode 100644 index 5e75173fa8734..0000000000000 --- a/packages/@aws-cdk/yaml-cfn/tsconfig.json +++ /dev/null @@ -1,24 +0,0 @@ -{ - "compilerOptions": { - "target":"ES2018", - "module": "commonjs", - "lib": ["es2016", "es2017.object", "es2017.string"], - "declaration": true, - "composite": true, - "strict": true, - "noImplicitAny": true, - "strictNullChecks": true, - "noImplicitThis": true, - "alwaysStrict": true, - "noUnusedLocals": true, - "noUnusedParameters": true, - "noImplicitReturns": true, - "noFallthroughCasesInSwitch": false, - "inlineSourceMap": true, - "inlineSources": true, - "experimentalDecorators": true, - "strictPropertyInitialization":false - }, - "include": ["**/*.ts" ], - "exclude": ["node_modules"] -} diff --git a/packages/aws-cdk-lib/package.json b/packages/aws-cdk-lib/package.json index 9c3057ec1e728..cef21953bf34a 100644 --- a/packages/aws-cdk-lib/package.json +++ b/packages/aws-cdk-lib/package.json @@ -23,8 +23,7 @@ "build+test+package": "yarn build+test && yarn package", "watch": "cdk-watch", "compat": "cdk-compat", - "rosetta:extract": "yarn --silent jsii-rosetta extract", - "postpack": "cdk-postpack" + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "awslint": { "exclude": [ @@ -83,7 +82,6 @@ }, "license": "Apache-2.0", "bundledDependencies": [ - "@aws-cdk/yaml-cfn", "@balena/dockerignore", "case", "fs-extra", @@ -95,7 +93,6 @@ "yaml" ], "dependencies": { - "@aws-cdk/yaml-cfn": "0.0.0", "@balena/dockerignore": "^1.0.2", "case": "1.6.3", "fs-extra": "^9.1.0", diff --git a/packages/awslint/.npmignore b/packages/awslint/.npmignore index d3305e57c78c2..7cb354bd2b155 100644 --- a/packages/awslint/.npmignore +++ b/packages/awslint/.npmignore @@ -1,5 +1,4 @@ -*.ts -!*.d.ts + dist .LAST_PACKAGE .LAST_BUILD @@ -10,4 +9,4 @@ dist tsconfig.json .eslintrc.js junit.xml -test/ +test/ \ No newline at end of file diff --git a/packages/decdk/test/schema.test.ts b/packages/decdk/test/schema.test.ts index 84888d94b365b..7b097dcc9fcbe 100644 --- a/packages/decdk/test/schema.test.ts +++ b/packages/decdk/test/schema.test.ts @@ -79,7 +79,7 @@ test('schemaForInterface: interface with primitives', async () => { * are propagated outwards. */ function spawn(command: string, options: SpawnOptions | undefined) { - return new Promise((resolve, reject) => { + return new Promise((resolve, reject) => { const cp = spawnAsync(command, [], { stdio: 'inherit', ...options }); cp.on('error', reject); diff --git a/packages/monocdk/package.json b/packages/monocdk/package.json index c2fa7b0bbbf5a..ce9057690ff00 100644 --- a/packages/monocdk/package.json +++ b/packages/monocdk/package.json @@ -22,8 +22,7 @@ "build+test+package": "yarn build+test && yarn package", "watch": "cdk-watch", "compat": "cdk-compat", - "rosetta:extract": "yarn --silent jsii-rosetta extract", - "postpack": "cdk-postpack" + "rosetta:extract": "yarn --silent jsii-rosetta extract" }, "awslint": { "exclude": [ @@ -88,7 +87,6 @@ }, "license": "Apache-2.0", "bundledDependencies": [ - "@aws-cdk/yaml-cfn", "@balena/dockerignore", "case", "fs-extra", @@ -100,7 +98,6 @@ "yaml" ], "dependencies": { - "@aws-cdk/yaml-cfn": "0.0.0", "@balena/dockerignore": "^1.0.2", "case": "1.6.3", "fs-extra": "^9.1.0", diff --git a/tools/cdk-build-tools/bin/cdk-postpack b/tools/cdk-build-tools/bin/cdk-postpack deleted file mode 100755 index 0805422de11c8..0000000000000 --- a/tools/cdk-build-tools/bin/cdk-postpack +++ /dev/null @@ -1,2 +0,0 @@ -#!/usr/bin/env node -require('./cdk-postpack.js'); diff --git a/tools/cdk-build-tools/bin/cdk-postpack.ts b/tools/cdk-build-tools/bin/cdk-postpack.ts deleted file mode 100644 index 02b486b290512..0000000000000 --- a/tools/cdk-build-tools/bin/cdk-postpack.ts +++ /dev/null @@ -1,179 +0,0 @@ -import { promises as fs, createReadStream, createWriteStream } from 'fs'; -import * as path from 'path'; -import * as zlib from 'zlib'; -import * as npmPacklist from 'npm-packlist'; -import * as tar from 'tar-stream'; - -/** - * This script has literally ONE job: - * - * To massage the tarball that `npm pack` produces if we have bundled monorepo dependencies. - * - * The reason is that `npm pack` will SKIP the `.npmignore` files from - * `bundledDependencies`[0]. Not a problem for dependencies that were themselves - * downloaded from NPM, but definitely a problem for dependencies that are symlinked - * to source locations (such as those by `npm link` or by a monorepo setup). - * - * This leads to all the `.ts` files from the bundledDependency being included, - * which in turn leads `ts-node` to read those files (in preference over `.js` - * files with the same name), and then subsequently getting confused because - * there is no `tsconfig.json` file that tells it how to compile them them (and - * the defaults don't work out). - * - * (Shitty) solution: postprocess the tarball that `npm pack` produces, to - * remove the files that should have been excluded by NPM in the first place. - * - * [0]: https://github.com/npm/cli/issues/718 - */ -async function main() { - const tarball = await findTarballFile(); - const rewritten = `${tarball}.tmp`; - - await transformTarball(tarball, rewritten); - - await fs.rename(rewritten, tarball); -} - -async function transformTarball(oldPath: string, newPath: string) { - const cache = new NpmListCache(); - - const { input, output } = createTarballFilterStream(async (headers) => { - // Paths in a NPM tarball always start with 'package/', strip it off to get to a real relative path - const relativePath = headers.name.replace(/^package\//, ''); - - // We only have to care about files that are in bundled dependencies (which means their - // path starts with 'node_modules/') - if (!relativePath.startsWith('node_modules/')) { return true; } - - // Resolve symlinks. Only do special things if the symlink does NOT have /node_modules/ in the path, which - // is when we're dealing with a symlinked package that NPM will have misprocessed. - // Otherwise just include the file. - const absPath = await fs.realpath(relativePath); - if (absPath.includes('/node_modules/')) { return true; } - - return cache.shouldPublish(absPath); - }); - - await new Promise((ok, ko) => { - // Thanks Node. This is a really thoughtful API and really much better! [1] - createReadStream(oldPath) - .on('error', () => ko()) - .pipe(zlib.createGunzip()) - .on('error', () => ko()) - .pipe(input) - .on('error', () => ko()); - - const outputStream = createWriteStream(newPath); - - output - .on('error', () => ko()) - .pipe(zlib.createGzip()) - .on('error', () => ko()) - .pipe(outputStream) - .on('error', () => ko()); - - outputStream.on('close', () => ok()); - }); -} - -/** - * Create a stream that will retain/remove entries from a tarball based on a predicate - * - * Returns the input and output ends of the stream. - */ -function createTarballFilterStream(include: (headers: tar.Headers) => Promise) { - const input = tar.extract(); - const output = tar.pack(); - - input.on('entry', (headers, stream, next) => { - include(headers).then(doInclude => { - if (doInclude) { - // Pipe body to output - stream.pipe(output.entry(headers, next)); - } else { - // eslint-disable-next-line no-console - console.error(`[cdk-postpack] Belatedly npmignored: ${headers.name}`); - // Consume the stream without writing it anywhere - stream.on('end', next); - stream.resume(); - } - }).catch(e => { - input.destroy(e); - output.destroy(e); - }); - }); - - input.on('finish', () => { - output.finalize(); - }); - - return { input, output }; -} - -/** - * Expect one .tgz file in the current directory and return its name - */ -async function findTarballFile() { - const entries = await fs.readdir('.'); - const tgzs = entries.filter(e => e.endsWith('.tgz')); - if (tgzs.length !== 1) { - throw new Error(`Expecting extactly one .tgz file, got: ${tgzs}`); - } - return tgzs[0]; -} - -class NpmListCache { - private listCache: Record = {}; - - public async shouldPublish(absPath: string) { - const pjDir = path.dirname(await findUp('package.json', path.dirname(absPath))); - const files = await this.obtainNpmPackList(pjDir); - - const relativePath = path.relative(pjDir, absPath); - return files.includes(relativePath); - } - - /** - * Use 'npm-packlist' (official NPM package) to get the list of files that NPM would publish from the given directory - * - * This will take into account the .npmignore files. - */ - private async obtainNpmPackList(dir: string) { - if (this.listCache[dir]) { return this.listCache[dir]; } - - const files = await npmPacklist({ path: dir }); - this.listCache[dir] = files; - return files; - } -} - -async function findUp(fileName: string, start: string) { - let dir = start; - while (!await fileExists(path.join(dir, fileName))) { - const parent = path.dirname(dir); - if (parent === dir) { - throw new Error(`No ${fileName} found upwards from ${start}`); - } - dir = parent; - } - return path.join(dir, fileName); -} - -async function fileExists(fullPath: string): Promise { - try { - await fs.stat(fullPath); - return true; - } catch (e) { - if (e.code === 'ENOENT' || e.code === 'ENOTDIR') { return false; } - throw e; - } -} - -main().catch(e => { - // eslint-disable-next-line no-console - console.log('Error', e); - process.exitCode = 1; -}); - - -// [1] /s \ No newline at end of file diff --git a/tools/cdk-build-tools/package.json b/tools/cdk-build-tools/package.json index 3d896f5b38229..dd6523d47e2df 100644 --- a/tools/cdk-build-tools/package.json +++ b/tools/cdk-build-tools/package.json @@ -16,8 +16,7 @@ "cdk-test": "bin/cdk-test", "cdk-package": "bin/cdk-package", "cdk-awslint": "bin/cdk-awslint", - "cdk-lint": "bin/cdk-lint", - "cdk-postpack": "bin/cdk-postpack" + "cdk-lint": "bin/cdk-lint" }, "scripts": { "build": "tsc -b && chmod +x bin/cdk-build && chmod +x bin/cdk-test && chmod +x bin/cdk-watch && chmod +x bin/cdk-awslint && chmod +x bin/cdk-lint && pkglint && eslint . --ext=.ts", @@ -36,9 +35,7 @@ "devDependencies": { "@types/fs-extra": "^8.1.1", "@types/jest": "^26.0.22", - "@types/tar-stream": "^2.2.0", "@types/yargs": "^15.0.13", - "@types/npm-packlist": "^1.1.1", "pkglint": "0.0.0" }, "dependencies": { @@ -58,10 +55,8 @@ "jsii-pacmak": "^1.27.0", "markdownlint-cli": "^0.27.1", "nodeunit": "^0.11.3", - "npm-packlist": "2.1.5", "nyc": "^15.1.0", "semver": "^7.3.5", - "tar-stream": "^2.2.0", "ts-jest": "^26.5.4", "typescript": "~3.9.9", "yargs": "^16.2.0", diff --git a/tools/nodeunit-shim/index.ts b/tools/nodeunit-shim/index.ts index 1c4ee174ff229..8ba50bedefefd 100644 --- a/tools/nodeunit-shim/index.ts +++ b/tools/nodeunit-shim/index.ts @@ -81,7 +81,7 @@ export function nodeunitShim(exports: Record) { }); } else { // It's a test - test(testName, () => new Promise(ok => { + test(testName, () => new Promise(ok => { testObj(new Test(ok)); })); } diff --git a/tools/pkglint/bin/pkglint.ts b/tools/pkglint/bin/pkglint.ts index 31cf7f5d2c74d..0b5cd61ef1649 100644 --- a/tools/pkglint/bin/pkglint.ts +++ b/tools/pkglint/bin/pkglint.ts @@ -24,16 +24,8 @@ async function main(): Promise { const pkgs = findPackageJsons(argv.directory as string); - for (const rule of rules) { - for (const pkg of pkgs.filter(pkg => pkg.shouldApply(rule))) { - rule.prepare(pkg); - } - } - for (const rule of rules) { - for (const pkg of pkgs.filter(pkg => pkg.shouldApply(rule))) { - await rule.validate(pkg); - } - } + rules.forEach(rule => pkgs.filter(pkg => pkg.shouldApply(rule)).forEach(pkg => rule.prepare(pkg))); + rules.forEach(rule => pkgs.filter(pkg => pkg.shouldApply(rule)).forEach(pkg => rule.validate(pkg))); if (argv.fix) { pkgs.forEach(pkg => pkg.applyFixes()); diff --git a/tools/pkglint/lib/packagejson.ts b/tools/pkglint/lib/packagejson.ts index 7a7375fbe6fab..a59e8f1c6e307 100644 --- a/tools/pkglint/lib/packagejson.ts +++ b/tools/pkglint/lib/packagejson.ts @@ -361,5 +361,5 @@ export abstract class ValidationRule { /** * Will be executed for every package definition once, should mutate the package object */ - public abstract validate(pkg: PackageJson): void | Promise; + public abstract validate(pkg: PackageJson): void; } diff --git a/tools/pkglint/lib/rules.ts b/tools/pkglint/lib/rules.ts index 6b32110ad99d6..f7929a353035a 100644 --- a/tools/pkglint/lib/rules.ts +++ b/tools/pkglint/lib/rules.ts @@ -1,7 +1,6 @@ import * as fs from 'fs'; import * as path from 'path'; import * as caseUtils from 'case'; -import * as fse from 'fs-extra'; import * as glob from 'glob'; import * as semver from 'semver'; import { LICENSE, NOTICE } from './licensing'; @@ -12,7 +11,6 @@ import { fileShouldBe, fileShouldBeginWith, fileShouldContain, fileShouldNotContain, findInnerPackages, - findPackageDir, monoRepoRoot, } from './util'; @@ -1373,42 +1371,25 @@ export class FastFailingBuildScripts extends ValidationRule { } } -/** - * For every bundled dependency, we need to make sure that package and all of its transitive dependencies are nohoisted - * - * Bundling literally works by including `/node_modules/` into - * the tarball when `npm pack` is run, and if that directory does not exist at - * that exact location (because it has been hoisted) then NPM shrugs its - * shoulders and the dependency will be missing from the distribution. - * - * -- - * - * We also must not forget to nohoist transitive dependencies. Strictly - * speaking, we need to only hoist transitive *runtime* dependencies (`dependencies`, not - * `devDependencies`). - * - * For 3rd party deps, there is no difference and we short-circuit by adding a - * catch-all glob (`/node_modules//**`), but for in-repo bundled - * dependencies, we DO need the `devDependencies` installed as per normal and - * only the transitive runtime dependencies nohoisted (recursively). - */ export class YarnNohoistBundledDependencies extends ValidationRule { public readonly name = 'yarn/nohoist-bundled-dependencies'; - public async validate(pkg: PackageJson) { + public validate(pkg: PackageJson) { const bundled: string[] = pkg.json.bundleDependencies || pkg.json.bundledDependencies || []; + if (bundled.length === 0) { return; } const repoPackageJson = path.resolve(__dirname, '../../../package.json'); - const nohoist = new Set(require(repoPackageJson).workspaces.nohoist); // eslint-disable-line @typescript-eslint/no-require-imports - const expectedNoHoistEntries = new Array(); + const nohoist: string[] = require(repoPackageJson).workspaces.nohoist; // eslint-disable-line @typescript-eslint/no-require-imports + const missing = new Array(); for (const dep of bundled) { - await noHoistDependency(pkg.packageName, dep, pkg.packageRoot); + for (const entry of [`${pkg.packageName}/${dep}`, `${pkg.packageName}/${dep}/**`]) { + if (nohoist.indexOf(entry) >= 0) { continue; } + missing.push(entry); + } } - const missing = expectedNoHoistEntries.filter(entry => !nohoist.has(entry)); - if (missing.length > 0) { pkg.report({ ruleName: this.name, @@ -1420,43 +1401,6 @@ export class YarnNohoistBundledDependencies extends ValidationRule { }, }); } - - async function noHoistDependency(parentPackageHierarchy: string, depName: string, parentPackageDir: string) { - expectedNoHoistEntries.push(`${parentPackageHierarchy}/${depName}`); - - const dependencyDir = await findPackageDir(depName, parentPackageDir); - if (!isMonoRepoPackageDir(dependencyDir)) { - // Not one of ours, so we can just ignore everything underneath as well - expectedNoHoistEntries.push(`${parentPackageHierarchy}/${depName}/**`); - return; - } - - // A monorepo package, recurse into dependencies (but not devDependencies) - const packageJson = await fse.readJson(path.join(dependencyDir, 'package.json')); - for (const dep of Object.keys(packageJson.dependencies ?? {})) { - await noHoistDependency(`${parentPackageHierarchy}/${depName}`, dep, dependencyDir); - } - } - } -} - -/** - * If this package has bundled dependencies that come from the monorepo, it MUST use `cdk-postpack` as postpack script - */ -export class BundledMonorepoDependencies extends ValidationRule { - public readonly name = 'monorepo/monorepo-bundled-dependencies'; - - public async validate(pkg: PackageJson) { - const bundled: string[] = pkg.json.bundleDependencies || pkg.json.bundledDependencies || []; - - const bundledDepsMonoRepo = await Promise.all(bundled.map(async (dep) => { - const dependencyDir = await findPackageDir(dep, pkg.packageRoot); - return isMonoRepoPackageDir(dependencyDir); - })); - - if (bundledDepsMonoRepo.some(x => x)) { - expectJSON(this.name, pkg, 'scripts.postpack', 'cdk-postpack'); - } } } @@ -1726,14 +1670,3 @@ function cdkMajorVersion() { const releaseJson = require(`${__dirname}/../../../release.json`); return releaseJson.majorVersion as number; } - -/** - * Whether this is a package in the monorepo or not - * - * We're going to be cheeky and not do too much analysis, and say that - * a package that has `/node_modules/` in the directory name is NOT in the - * monorepo, otherwise it is. - */ -function isMonoRepoPackageDir(packageDir: string) { - return path.resolve(packageDir).indexOf(`${path.sep}node_modules${path.sep}`) === -1; -} \ No newline at end of file diff --git a/tools/pkglint/lib/util.ts b/tools/pkglint/lib/util.ts index fe56512113ec2..10b4415a6c3ca 100644 --- a/tools/pkglint/lib/util.ts +++ b/tools/pkglint/lib/util.ts @@ -190,39 +190,3 @@ export function* findInnerPackages(dir: string): IterableIterator { yield* findInnerPackages(path.join(dir, fname)); } } - -/** - * Find package directory - * - * Do this by walking upwards in the directory tree until we find - * `/node_modules//package.json`. - * - * ------- - * - * Things that we tried but don't work: - * - * 1. require.resolve(`${depName}/package.json`, { paths: [rootDir] }); - * - * Breaks with ES Modules if `package.json` has not been exported, which is - * being enforced starting Node12. - * - * 2. findPackageJsonUpwardFrom(require.resolve(depName, { paths: [rootDir] })) - * - * Breaks if a built-in NodeJS package name conflicts with an NPM package name - * (in Node15 `string_decoder` is introduced...) - */ -export async function findPackageDir(depName: string, rootDir: string) { - let prevDir; - let dir = rootDir; - while (dir !== prevDir) { - const candidateDir = path.join(dir, 'node_modules', depName); - if (await new Promise(ok => fs.exists(path.join(candidateDir, 'package.json'), ok))) { - return new Promise((ok, ko) => fs.realpath(candidateDir, (err, result) => err ? ko(err) : ok(result))); - } - - prevDir = dir; - dir = path.dirname(dir); // dirname('/') -> '/', dirname('c:\\') -> 'c:\\' - } - - throw new Error(`Did not find '${depName}' upwards of '${rootDir}'`); -} \ No newline at end of file From b2755eb5b5da31b7826eda1d726d0c146b60f4a5 Mon Sep 17 00:00:00 2001 From: AWS CDK Team Date: Tue, 6 Apr 2021 12:34:33 +0000 Subject: [PATCH 094/260] chore(release): 1.97.0 --- CHANGELOG.md | 26 ++++++++++++++++++++++++++ version.v1.json | 2 +- 2 files changed, 27 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c7330acf70017..f641643650a6b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,32 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [1.97.0](https://github.com/aws/aws-cdk/compare/v1.96.0...v1.97.0) (2021-04-06) + + +### ⚠ BREAKING CHANGES TO EXPERIMENTAL FEATURES + +* **elasticsearch:** `vpcOptions` was removed. Use `vpc`, `vpcSubnets` and `securityGroups` instead. + +### Features + +* **appmesh:** Implement Outlier Detection for Virtual Nodes ([#13952](https://github.com/aws/aws-cdk/issues/13952)) ([965f130](https://github.com/aws/aws-cdk/commit/965f130dbfc4e1943d384b9fbf5acdf3b547fd57)) +* **cx-api:** graduate to stable 🚀 ([#13859](https://github.com/aws/aws-cdk/issues/13859)) ([d99e13d](https://github.com/aws/aws-cdk/commit/d99e13d523ddacf9e13f6b5169d86d5a20569475)) +* **eks:** Support `secretsEncryptionKey` in FargateCluster ([#13866](https://github.com/aws/aws-cdk/issues/13866)) ([56c6f98](https://github.com/aws/aws-cdk/commit/56c6f98dbcfc98740446f699a8985d7d6b44c503)) +* **eks:** Support bootstrap.sh --dns-cluster-ip arg ([#13890](https://github.com/aws/aws-cdk/issues/13890)) ([56cd863](https://github.com/aws/aws-cdk/commit/56cd8635f77d6a5aefb32c6e1224e1f0a6ca3540)) +* **elasticsearch:** graduate to stable 🚀 ([#13900](https://github.com/aws/aws-cdk/issues/13900)) ([767cd31](https://github.com/aws/aws-cdk/commit/767cd31c2b66b48b3b8fed7cd8d408a6846cf1e1)) +* **s3-deployment:** graduate to stable 🚀 ([#13906](https://github.com/aws/aws-cdk/issues/13906)) ([567d64d](https://github.com/aws/aws-cdk/commit/567d64d70f92adbba9ff9981184d88b46fb95652)) +* **ses:** graduate to stable 🚀 ([#13913](https://github.com/aws/aws-cdk/issues/13913)) ([4f9a715](https://github.com/aws/aws-cdk/commit/4f9a7151b99e8455eeb8b0cd364dfd29624da8c5)) +* **ses-actions:** graduate to stable 🚀 ([#13864](https://github.com/aws/aws-cdk/issues/13864)) ([24f8307](https://github.com/aws/aws-cdk/commit/24f8307b7f9013c5ba909cab8c4a3a3bcdf0041c)) + + +### Bug Fixes + +* **aws-rds:** ServerlessCluster.clusterArn is not correct when clusterIdentifier includes upper cases string. ([#13710](https://github.com/aws/aws-cdk/issues/13710)) ([a8f5b6c](https://github.com/aws/aws-cdk/commit/a8f5b6c54371fe966172a9fb36135bfdc4a01b11)), closes [#12795](https://github.com/aws/aws-cdk/issues/12795) +* **cli:** broken java init template ([#13988](https://github.com/aws/aws-cdk/issues/13988)) ([c6ca2ab](https://github.com/aws/aws-cdk/commit/c6ca2aba915ea4f89e3044b7f388acda231e295d)), closes [#13964](https://github.com/aws/aws-cdk/issues/13964) +* **cloudfront:** Cache Policy headers enforce soft limit of 10 ([#13904](https://github.com/aws/aws-cdk/issues/13904)) ([8a66244](https://github.com/aws/aws-cdk/commit/8a6624477854af17f5ad163fac9be1fd6168cfc4)), closes [#13425](https://github.com/aws/aws-cdk/issues/13425) [#13903](https://github.com/aws/aws-cdk/issues/13903) +* **codepipeline-actions:** EcrSourceAction triggers on a push to every tag ([#13822](https://github.com/aws/aws-cdk/issues/13822)) ([c5a2add](https://github.com/aws/aws-cdk/commit/c5a2addcd87ebb810dcac54c659fa60786f9d345)), closes [#13818](https://github.com/aws/aws-cdk/issues/13818) + ## [1.96.0](https://github.com/aws/aws-cdk/compare/v1.95.2...v1.96.0) (2021-04-01) diff --git a/version.v1.json b/version.v1.json index 708b23a0d165c..3a294301784a6 100644 --- a/version.v1.json +++ b/version.v1.json @@ -1,3 +1,3 @@ { - "version": "1.96.0" + "version": "1.97.0" } From 8e2325cfb7dc5377755b561532b6c81caebc688f Mon Sep 17 00:00:00 2001 From: Jonathan Goldwasser Date: Tue, 6 Apr 2021 14:52:09 +0200 Subject: [PATCH 095/260] fix(cloudfront): cannot use same EdgeFunction in multiple stacks (#13790) Using the same `EdgeFunction` in multiple stacks correctly created multiple stacks in `us-east-1` but with the same SSM parameter name. As a consquence, only one stack could be deployed. Fix it by including the stack unique address in the SSM parameter name. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../lib/experimental/edge-function.ts | 14 ++++----- .../test/experimental/edge-function.test.ts | 31 ++++++++++++++++--- ...ribution-lambda-cross-region.expected.json | 10 +++--- 3 files changed, 39 insertions(+), 16 deletions(-) diff --git a/packages/@aws-cdk/aws-cloudfront/lib/experimental/edge-function.ts b/packages/@aws-cdk/aws-cloudfront/lib/experimental/edge-function.ts index b12a56fe67e80..ab8d94e79baa1 100644 --- a/packages/@aws-cdk/aws-cloudfront/lib/experimental/edge-function.ts +++ b/packages/@aws-cdk/aws-cloudfront/lib/experimental/edge-function.ts @@ -148,8 +148,11 @@ export class EdgeFunction extends Resource implements lambda.IVersion { /** Create a support stack and function in us-east-1, and a SSM reader in-region */ private createCrossRegionFunction(id: string, props: EdgeFunctionProps): FunctionConfig { - const parameterNamePrefix = 'EdgeFunctionArn'; - const parameterName = `${parameterNamePrefix}${id}`; + const parameterNamePrefix = '/cdk/EdgeFunctionArn'; + if (Token.isUnresolved(this.env.region)) { + throw new Error('stacks which use EdgeFunctions must have an explicitly set region'); + } + const parameterName = `${parameterNamePrefix}/${this.env.region}/${this.node.path}`; const functionStack = this.edgeStack(props.stackId); const edgeFunction = new lambda.Function(functionStack, id, props); @@ -174,7 +177,8 @@ export class EdgeFunction extends Resource implements lambda.IVersion { service: 'ssm', region: EdgeFunction.EDGE_REGION, resource: 'parameter', - resourceName: parameterNamePrefix + '*', + resourceName: parameterNamePrefix + '/*', + sep: '', }); const resourceType = 'Custom::CrossRegionStringParameterReader'; @@ -206,10 +210,6 @@ export class EdgeFunction extends Resource implements lambda.IVersion { if (!stage) { throw new Error('stacks which use EdgeFunctions must be part of a CDK app or stage'); } - const region = this.env.region; - if (Token.isUnresolved(region)) { - throw new Error('stacks which use EdgeFunctions must have an explicitly set region'); - } const edgeStackId = stackId ?? `edge-lambda-stack-${this.stack.node.addr}`; let edgeStack = stage.node.tryFindChild(edgeStackId) as Stack; diff --git a/packages/@aws-cdk/aws-cloudfront/test/experimental/edge-function.test.ts b/packages/@aws-cdk/aws-cloudfront/test/experimental/edge-function.test.ts index 55b0c2f4aeaac..36edf19a39056 100644 --- a/packages/@aws-cdk/aws-cloudfront/test/experimental/edge-function.test.ts +++ b/packages/@aws-cdk/aws-cloudfront/test/experimental/edge-function.test.ts @@ -39,7 +39,7 @@ describe('stacks', () => { Statement: [{ Effect: 'Allow', Resource: { - 'Fn::Join': ['', ['arn:', { Ref: 'AWS::Partition' }, ':ssm:us-east-1:111111111111:parameter/EdgeFunctionArn*']], + 'Fn::Join': ['', ['arn:', { Ref: 'AWS::Partition' }, ':ssm:us-east-1:111111111111:parameter/cdk/EdgeFunctionArn/*']], }, Action: ['ssm:GetParameter'], }], @@ -57,7 +57,7 @@ describe('stacks', () => { 'Fn::GetAtt': ['CustomCrossRegionStringParameterReaderCustomResourceProviderHandler65B5F33A', 'Arn'], }, Region: 'us-east-1', - ParameterName: 'EdgeFunctionArnMyFn', + ParameterName: '/cdk/EdgeFunctionArn/testregion/Stack/MyFn', }); }); @@ -98,7 +98,7 @@ describe('stacks', () => { expect(fnStack).toHaveResource('AWS::SSM::Parameter', { Type: 'String', Value: { Ref: 'MyFnCurrentVersion309B29FC29686ce94039b6e08d1645be854b3ac9' }, - Name: 'EdgeFunctionArnMyFn', + Name: '/cdk/EdgeFunctionArn/testregion/Stack/MyFn', }); }); @@ -201,7 +201,30 @@ describe('stacks', () => { 'Fn::GetAtt': ['CustomCrossRegionStringParameterReaderCustomResourceProviderHandler65B5F33A', 'Arn'], }, Region: 'us-east-1', - ParameterName: 'EdgeFunctionArnMyFn', + ParameterName: '/cdk/EdgeFunctionArn/testregion/Stage/Stack/MyFn', + }); + }); + + test('a single EdgeFunction used in multiple stacks creates mutiple stacks in us-east-1', () => { + const firstStack = new cdk.Stack(app, 'FirstStack', { + env: { account: '111111111111', region: 'testregion' }, + }); + const secondStack = new cdk.Stack(app, 'SecondStack', { + env: { account: '111111111111', region: 'testregion' }, + }); + new cloudfront.experimental.EdgeFunction(firstStack, 'MyFn', defaultEdgeFunctionProps()); + new cloudfront.experimental.EdgeFunction(secondStack, 'MyFn', defaultEdgeFunctionProps()); + + // Two stacks in us-east-1 + const firstFnStack = app.node.findChild(`edge-lambda-stack-${firstStack.node.addr}`) as cdk.Stack; + const secondFnStack = app.node.findChild(`edge-lambda-stack-${secondStack.node.addr}`) as cdk.Stack; + + // Two SSM parameters + expect(firstFnStack).toHaveResourceLike('AWS::SSM::Parameter', { + Name: '/cdk/EdgeFunctionArn/testregion/FirstStack/MyFn', + }); + expect(secondFnStack).toHaveResourceLike('AWS::SSM::Parameter', { + Name: '/cdk/EdgeFunctionArn/testregion/SecondStack/MyFn', }); }); }); diff --git a/packages/@aws-cdk/aws-cloudfront/test/integ.distribution-lambda-cross-region.expected.json b/packages/@aws-cdk/aws-cloudfront/test/integ.distribution-lambda-cross-region.expected.json index c251765b20980..6da7e8717d61f 100644 --- a/packages/@aws-cdk/aws-cloudfront/test/integ.distribution-lambda-cross-region.expected.json +++ b/packages/@aws-cdk/aws-cloudfront/test/integ.distribution-lambda-cross-region.expected.json @@ -11,7 +11,7 @@ ] }, "Region": "us-east-1", - "ParameterName": "EdgeFunctionArnLambda", + "ParameterName": "/cdk/EdgeFunctionArn/eu-west-1/integ-distribution-lambda-cross-region/Lambda", "RefreshToken": "4412ddb0ae449da20173ca211c51fddc" }, "UpdateReplacePolicy": "Delete", @@ -57,7 +57,7 @@ { "Ref": "AWS::AccountId" }, - ":parameter/EdgeFunctionArn*" + ":parameter/cdk/EdgeFunctionArn/*" ] ] }, @@ -137,7 +137,7 @@ ] }, "Region": "us-east-1", - "ParameterName": "EdgeFunctionArnLambda2", + "ParameterName": "/cdk/EdgeFunctionArn/eu-west-1/integ-distribution-lambda-cross-region/Lambda2", "RefreshToken": "8f81ceb404ac454f09648e62822d9ca9" }, "UpdateReplacePolicy": "Delete", @@ -278,7 +278,7 @@ "Value": { "Ref": "LambdaCurrentVersionDF706F6A97fb843e9bd06fcd2bb15eeace80e13e" }, - "Name": "EdgeFunctionArnLambda" + "Name": "/cdk/EdgeFunctionArn/eu-west-1/integ-distribution-lambda-cross-region/Lambda" } }, "LambdaAliaslive79C8A712": { @@ -372,7 +372,7 @@ "Value": { "Ref": "Lambda2CurrentVersion72012B74b9eef8becb98501bc795baca3c6169c4" }, - "Name": "EdgeFunctionArnLambda2" + "Name": "/cdk/EdgeFunctionArn/eu-west-1/integ-distribution-lambda-cross-region/Lambda2" } }, "Lambda2Aliaslive77F6085F": { From 02c7c1d9aab6ed8f806052d3102a037e112b8786 Mon Sep 17 00:00:00 2001 From: Stijn Brouwers Date: Tue, 6 Apr 2021 15:41:01 +0200 Subject: [PATCH 096/260] feat(route-53): add ability to create NS Records (#13895) Adds feature as requested in issue #13816 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-route53/README.md | 16 ++++++++++ .../@aws-cdk/aws-route53/lib/record-set.ts | 25 +++++++++++++++ packages/@aws-cdk/aws-route53/package.json | 1 + .../aws-route53/test/record-set.test.ts | 31 +++++++++++++++++++ 4 files changed, 73 insertions(+) diff --git a/packages/@aws-cdk/aws-route53/README.md b/packages/@aws-cdk/aws-route53/README.md index 9f36aa7f58765..0213665ff2b65 100644 --- a/packages/@aws-cdk/aws-route53/README.md +++ b/packages/@aws-cdk/aws-route53/README.md @@ -60,6 +60,22 @@ new route53.TxtRecord(this, 'TXTRecord', { }); ``` +To add a NS record to your zone: + +```ts +import * as route53 from '@aws-cdk/aws-route53'; + +new route53.NsRecord(this, 'NSRecord', { + zone: myZone, + recordName: 'foo', + values: [ + 'ns-1.awsdns.co.uk.', + 'ns-2.awsdns.com.' + ], + ttl: Duration.minutes(90), // Optional - default is 30 minutes +}); +``` + To add an A record to your zone: ```ts diff --git a/packages/@aws-cdk/aws-route53/lib/record-set.ts b/packages/@aws-cdk/aws-route53/lib/record-set.ts index a86195f1d0055..566aea6d97a70 100644 --- a/packages/@aws-cdk/aws-route53/lib/record-set.ts +++ b/packages/@aws-cdk/aws-route53/lib/record-set.ts @@ -541,6 +541,31 @@ export class MxRecord extends RecordSet { } } +/** + * Construction properties for a NSRecord. + */ +export interface NsRecordProps extends RecordSetOptions { + /** + * The NS values. + */ + readonly values: string[]; +} + +/** + * A DNS NS record + * + * @resource AWS::Route53::RecordSet + */ +export class NsRecord extends RecordSet { + constructor(scope: Construct, id: string, props: NsRecordProps) { + super(scope, id, { + ...props, + recordType: RecordType.NS, + target: RecordTarget.fromValues(...props.values), + }); + } +} + /** * Construction properties for a ZoneDelegationRecord */ diff --git a/packages/@aws-cdk/aws-route53/package.json b/packages/@aws-cdk/aws-route53/package.json index 4693e9d5c2d19..5fc7ed278b89e 100644 --- a/packages/@aws-cdk/aws-route53/package.json +++ b/packages/@aws-cdk/aws-route53/package.json @@ -112,6 +112,7 @@ "props-physical-name:@aws-cdk/aws-route53.CnameRecordProps", "props-physical-name:@aws-cdk/aws-route53.HostedZoneProps", "props-physical-name:@aws-cdk/aws-route53.MxRecordProps", + "props-physical-name:@aws-cdk/aws-route53.NsRecordProps", "props-physical-name:@aws-cdk/aws-route53.PrivateHostedZoneProps", "props-physical-name:@aws-cdk/aws-route53.PublicHostedZoneProps", "props-physical-name:@aws-cdk/aws-route53.RecordSetProps", diff --git a/packages/@aws-cdk/aws-route53/test/record-set.test.ts b/packages/@aws-cdk/aws-route53/test/record-set.test.ts index 373464f455992..e1a8d177b52d6 100644 --- a/packages/@aws-cdk/aws-route53/test/record-set.test.ts +++ b/packages/@aws-cdk/aws-route53/test/record-set.test.ts @@ -485,6 +485,37 @@ nodeunitShim({ test.done(); }, + 'NS record'(test: Test) { + // GIVEN + const stack = new Stack(); + + const zone = new route53.HostedZone(stack, 'HostedZone', { + zoneName: 'myzone', + }); + + // WHEN + new route53.NsRecord(stack, 'NS', { + zone, + recordName: 'www', + values: ['ns-1.awsdns.co.uk.', 'ns-2.awsdns.com.'], + }); + + // THEN + expect(stack).to(haveResource('AWS::Route53::RecordSet', { + Name: 'www.myzone.', + Type: 'NS', + HostedZoneId: { + Ref: 'HostedZoneDB99F866', + }, + ResourceRecords: [ + 'ns-1.awsdns.co.uk.', + 'ns-2.awsdns.com.', + ], + TTL: '1800', + })); + test.done(); + }, + 'Zone delegation record'(test: Test) { // GIVEN const stack = new Stack(); From 4a342c811bac1173ecb164384d4c1b4ee001d454 Mon Sep 17 00:00:00 2001 From: Rico Huijbers Date: Tue, 6 Apr 2021 17:54:26 +0200 Subject: [PATCH 097/260] chore(cli): change Java init templates to be less repetitive (#13995) The Java init templates were recently fixed to use `new` instead of the builder, because the builder would instantiate the wrong class (`Stack` instead of `MyStack`) (#13988). However, the structure was changed to have 3 different `new` calls in 3 different comment blocks. Change it back to the old structure: there is one instantiation, and uncommenting just passes or doesn't pass the `env` property. Except this time we use `new` instead of the builder. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../myorg/%name.PascalCased%App.template.java | 31 ++++++++--------- .../myorg/%name.PascalCased%App.template.java | 33 +++++++++---------- 2 files changed, 28 insertions(+), 36 deletions(-) diff --git a/packages/aws-cdk/lib/init-templates/v1/app/java/src/main/java/com/myorg/%name.PascalCased%App.template.java b/packages/aws-cdk/lib/init-templates/v1/app/java/src/main/java/com/myorg/%name.PascalCased%App.template.java index ba81d115702f8..f3eb72f9dfe0c 100644 --- a/packages/aws-cdk/lib/init-templates/v1/app/java/src/main/java/com/myorg/%name.PascalCased%App.template.java +++ b/packages/aws-cdk/lib/init-templates/v1/app/java/src/main/java/com/myorg/%name.PascalCased%App.template.java @@ -10,36 +10,31 @@ public class %name.PascalCased%App { public static void main(final String[] args) { App app = new App(); - // If you don't specify 'env', this stack will be environment-agnostic. - // Account/Region-dependent features and context lookups will not work, - // but a single synthesized template can be deployed anywhere. - new %name.PascalCased%Stack(app, "%name.PascalCased%Stack"); - - // Replace the above stack intialization with the following to specialize - // this stack for the AWS Account and Region that are implied by the current - // CLI configuration. - /* new %name.PascalCased%Stack(app, "%name.PascalCased%Stack", StackProps.builder() + // If you don't specify 'env', this stack will be environment-agnostic. + // Account/Region-dependent features and context lookups will not work, + // but a single synthesized template can be deployed anywhere. + + // Uncomment the next block to specialize this stack for the AWS Account + // and Region that are implied by the current CLI configuration. + /* .env(Environment.builder() .account(System.getenv("CDK_DEFAULT_ACCOUNT")) .region(System.getenv("CDK_DEFAULT_REGION")) .build()) - .build()); - */ + */ - // Replace the above stack initialization with the following if you know exactly - // what Account and Region you want to deploy the stack to. - /* - new %name.PascalCased%Stack(app, "%name.PascalCased%Stack", StackProps.builder() + // Uncomment the next block if you know exactly what Account and Region you + // want to deploy the stack to. + /* .env(Environment.builder() .account("123456789012") .region("us-east-1") .build()) + */ + // For more information, see https://docs.aws.amazon.com/cdk/latest/guide/environments.html .build()); - */ - - // For more information, see https://docs.aws.amazon.com/cdk/latest/guide/environments.html app.synth(); } diff --git a/packages/aws-cdk/lib/init-templates/v2/app/java/src/main/java/com/myorg/%name.PascalCased%App.template.java b/packages/aws-cdk/lib/init-templates/v2/app/java/src/main/java/com/myorg/%name.PascalCased%App.template.java index fb0d9b89350fa..08bccaddc2695 100644 --- a/packages/aws-cdk/lib/init-templates/v2/app/java/src/main/java/com/myorg/%name.PascalCased%App.template.java +++ b/packages/aws-cdk/lib/init-templates/v2/app/java/src/main/java/com/myorg/%name.PascalCased%App.template.java @@ -2,6 +2,7 @@ import software.amazon.awscdk.lib.App; import software.amazon.awscdk.lib.Environment; +import software.amazon.awscdk.lib.StackProps; import java.util.Arrays; @@ -9,37 +10,33 @@ public class %name.PascalCased%App { public static void main(final String[] args) { App app = new App(); - // If you don't specify 'env', this stack will be environment-agnostic. - // Account/Region-dependent features and context lookups will not work, - // but a single synthesized template can be deployed anywhere. - new %name.PascalCased%Stack(app, "%name.PascalCased%Stack"); - - // Replace the above stack intialization with the following to specialize - // this stack for the AWS Account and Region that are implied by the current - // CLI configuration. - /* new %name.PascalCased%Stack(app, "%name.PascalCased%Stack", StackProps.builder() + // If you don't specify 'env', this stack will be environment-agnostic. + // Account/Region-dependent features and context lookups will not work, + // but a single synthesized template can be deployed anywhere. + + // Uncomment the next block to specialize this stack for the AWS Account + // and Region that are implied by the current CLI configuration. + /* .env(Environment.builder() .account(System.getenv("CDK_DEFAULT_ACCOUNT")) .region(System.getenv("CDK_DEFAULT_REGION")) .build()) - .build()); - */ + */ - // Replace the above stack initialization with the following if you know exactly - // what Account and Region you want to deploy the stack to. - /* - new %name.PascalCased%Stack(app, "%name.PascalCased%Stack", StackProps.builder() + // Uncomment the next block if you know exactly what Account and Region you + // want to deploy the stack to. + /* .env(Environment.builder() .account("123456789012") .region("us-east-1") .build()) + */ + // For more information, see https://docs.aws.amazon.com/cdk/latest/guide/environments.html .build()); - */ - - // For more information, see https://docs.aws.amazon.com/cdk/latest/guide/environments.html app.synth(); } } + From 036d869dc1382d3fb2d8541f5adf534ea3424667 Mon Sep 17 00:00:00 2001 From: Niranjan Jayakar Date: Tue, 6 Apr 2021 18:07:37 +0100 Subject: [PATCH 098/260] fix(apigateway): cannot remove first api key from usage plan (#13817) The UsagePlanKey resource connects an ApiKey with a UsagePlan. The API Gateway service does not allow more than one UsagePlanKey for any given UsagePlan and ApiKey combination. For this reason, CloudFormation cannot replace this resource without either the UsagePlan or ApiKey changing. A feature was added back in Nov 2019 - 142bd0e2 - that allows multiple UsagePlanKey resources. The above limitation was recognized and logical id of the existing UsagePlanKey was retained. However, this unintentionally caused the logical id of the UsagePlanKey to be sensitive to order. That is, when the 'first' UsagePlanKey resource is removed, the logical id of the what was the 'second' UsagePlanKey is changed to be the logical id of what was the 'first'. This change to the logical id is, again, disallowed. To get out of this mess, we do two things - 1. introduce a feature flag that changes the default behaviour for all new CDK apps. 2. for customers with existing CDK apps who are would want to remove UsagePlanKey resource, introduce a 'overrideLogicalId' option that they can manually configure with the existing logical id. fixes #11876 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-apigateway/README.md | 65 ++++---- .../@aws-cdk/aws-apigateway/lib/usage-plan.ts | 34 +++- .../test/integ.restapi.expected.json | 2 +- .../integ.usage-plan.multikey.expected.json | 2 +- .../aws-apigateway/test/usage-plan.test.ts | 148 ++++++++++++------ packages/@aws-cdk/cx-api/lib/features.ts | 18 +++ 6 files changed, 187 insertions(+), 82 deletions(-) diff --git a/packages/@aws-cdk/aws-apigateway/README.md b/packages/@aws-cdk/aws-apigateway/README.md index 926f45daf1436..4607442308138 100644 --- a/packages/@aws-cdk/aws-apigateway/README.md +++ b/packages/@aws-cdk/aws-apigateway/README.md @@ -24,7 +24,7 @@ running on AWS Lambda, or any web application. - [Breaking up Methods and Resources across Stacks](#breaking-up-methods-and-resources-across-stacks) - [AWS Lambda-backed APIs](#aws-lambda-backed-apis) - [Integration Targets](#integration-targets) -- [API Keys](#api-keys) +- [Usage Plan & API Keys](#usage-plan--api-keys) - [Working with models](#working-with-models) - [Default Integration and Method Options](#default-integration-and-method-options) - [Proxy Routes](#proxy-routes) @@ -168,34 +168,36 @@ const getMessageIntegration = new apigateway.AwsIntegration({ }); ``` -## API Keys +## Usage Plan & API Keys -The following example shows how to use an API Key with a usage plan: +A usage plan specifies who can access one or more deployed API stages and methods, and the rate at which they can be +accessed. The plan uses API keys to identify API clients and meters access to the associated API stages for each key. +Usage plans also allow configuring throttling limits and quota limits that are enforced on individual client API keys. -```ts -const hello = new lambda.Function(this, 'hello', { - runtime: lambda.Runtime.NODEJS_12_X, - handler: 'hello.handler', - code: lambda.Code.fromAsset('lambda') -}); +The following example shows how to create and asscociate a usage plan and an API key: -const api = new apigateway.RestApi(this, 'hello-api', { }); -const integration = new apigateway.LambdaIntegration(hello); +```ts +const api = new apigateway.RestApi(this, 'hello-api'); const v1 = api.root.addResource('v1'); const echo = v1.addResource('echo'); const echoMethod = echo.addMethod('GET', integration, { apiKeyRequired: true }); -const key = api.addApiKey('ApiKey'); const plan = api.addUsagePlan('UsagePlan', { name: 'Easy', - apiKey: key, throttle: { rateLimit: 10, burstLimit: 2 } }); +const key = api.addApiKey('ApiKey'); +plan.addApiKey(key); +``` + +To associate a plan to a given RestAPI stage: + +```ts plan.addApiStage({ stage: api.deploymentStage, throttle: [ @@ -233,26 +235,36 @@ following code provides read permission to an API key. importedKey.grantRead(lambda); ``` -In scenarios where you need to create a single api key and configure rate limiting for it, you can use `RateLimitedApiKey`. -This construct lets you specify rate limiting properties which should be applied only to the api key being created. -The API key created has the specified rate limits, such as quota and throttles, applied. +### ⚠️ Multiple API Keys -The following example shows how to use a rate limited api key : +It is possible to specify multiple API keys for a given Usage Plan, by calling `usagePlan.addApiKey()`. + +When using multiple API keys, a past bug of the CDK prevents API key associations to a Usage Plan to be deleted. +If the CDK app had the [feature flag] - `@aws-cdk/aws-apigateway:usagePlanKeyOrderInsensitiveId` - enabled when the API +keys were created, then the app will not be affected by this bug. + +If this is not the case, you will need to ensure that the CloudFormation [logical ids] of the API keys that are not +being deleted remain unchanged. +Make note of the logical ids of these API keys before removing any, and set it as part of the `addApiKey()` method: ```ts -const hello = new lambda.Function(this, 'hello', { - runtime: lambda.Runtime.NODEJS_12_X, - handler: 'hello.handler', - code: lambda.Code.fromAsset('lambda') +usageplan.addApiKey(apiKey, { + overrideLogicalId: '...', }); +``` -const api = new apigateway.RestApi(this, 'hello-api', { }); -const integration = new apigateway.LambdaIntegration(hello); +[feature flag]: https://docs.aws.amazon.com/cdk/latest/guide/featureflags.html +[logical ids]: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/resources-section-structure.html -const v1 = api.root.addResource('v1'); -const echo = v1.addResource('echo'); -const echoMethod = echo.addMethod('GET', integration, { apiKeyRequired: true }); +### Rate Limited API Key + +In scenarios where you need to create a single api key and configure rate limiting for it, you can use `RateLimitedApiKey`. +This construct lets you specify rate limiting properties which should be applied only to the api key being created. +The API key created has the specified rate limits, such as quota and throttles, applied. +The following example shows how to use a rate limited api key : + +```ts const key = new apigateway.RateLimitedApiKey(this, 'rate-limited-api-key', { customerId: 'hello-customer', resources: [api], @@ -261,7 +273,6 @@ const key = new apigateway.RateLimitedApiKey(this, 'rate-limited-api-key', { period: apigateway.Period.MONTH } }); - ``` ## Working with models diff --git a/packages/@aws-cdk/aws-apigateway/lib/usage-plan.ts b/packages/@aws-cdk/aws-apigateway/lib/usage-plan.ts index 49b3ee19cd017..82f45bc538db6 100644 --- a/packages/@aws-cdk/aws-apigateway/lib/usage-plan.ts +++ b/packages/@aws-cdk/aws-apigateway/lib/usage-plan.ts @@ -1,4 +1,5 @@ -import { Lazy, Names, Resource, Token } from '@aws-cdk/core'; +import { FeatureFlags, Lazy, Names, Resource, Token } from '@aws-cdk/core'; +import { APIGATEWAY_USAGEPLANKEY_ORDERINSENSITIVE_ID } from '@aws-cdk/cx-api'; import { Construct } from 'constructs'; import { IApiKey } from './api-key'; import { CfnUsagePlan, CfnUsagePlanKey } from './apigateway.generated'; @@ -139,10 +140,22 @@ export interface UsagePlanProps { /** * ApiKey to be associated with the usage plan. * @default none + * @deprecated use `addApiKey()` */ readonly apiKey?: IApiKey; } +/** + * Options to the UsagePlan.addApiKey() method + */ +export interface AddApiKeyOptions { + /** + * Override the CloudFormation logical id of the AWS::ApiGateway::UsagePlanKey resource + * @default - autogenerated by the CDK + */ + readonly overrideLogicalId?: string; +} + export class UsagePlan extends Resource { /** * @attribute @@ -176,19 +189,28 @@ export class UsagePlan extends Resource { /** * Adds an ApiKey. * - * @param apiKey + * @param apiKey the api key to associate with this usage plan + * @param options options that control the behaviour of this method */ - public addApiKey(apiKey: IApiKey): void { + public addApiKey(apiKey: IApiKey, options?: AddApiKeyOptions): void { + let id: string; const prefix = 'UsagePlanKeyResource'; - // Postfixing apikey id only from the 2nd child, to keep physicalIds of UsagePlanKey for existing CDK apps unmodified. - const id = this.node.tryFindChild(prefix) ? `${prefix}:${Names.nodeUniqueId(apiKey.node)}` : prefix; + if (FeatureFlags.of(this).isEnabled(APIGATEWAY_USAGEPLANKEY_ORDERINSENSITIVE_ID)) { + id = `${prefix}:${Names.nodeUniqueId(apiKey.node)}`; + } else { + // Postfixing apikey id only from the 2nd child, to keep physicalIds of UsagePlanKey for existing CDK apps unmodified. + id = this.node.tryFindChild(prefix) ? `${prefix}:${Names.nodeUniqueId(apiKey.node)}` : prefix; + } - new CfnUsagePlanKey(this, id, { + const resource = new CfnUsagePlanKey(this, id, { keyId: apiKey.keyId, keyType: UsagePlanKeyType.API_KEY, usagePlanId: this.usagePlanId, }); + if (options?.overrideLogicalId) { + resource.overrideLogicalId(options?.overrideLogicalId); + } } /** diff --git a/packages/@aws-cdk/aws-apigateway/test/integ.restapi.expected.json b/packages/@aws-cdk/aws-apigateway/test/integ.restapi.expected.json index 91af3471593eb..a0fb6357db3c7 100644 --- a/packages/@aws-cdk/aws-apigateway/test/integ.restapi.expected.json +++ b/packages/@aws-cdk/aws-apigateway/test/integ.restapi.expected.json @@ -602,7 +602,7 @@ "UsagePlanName": "Basic" } }, - "myapiUsagePlanUsagePlanKeyResource050D133F": { + "myapiUsagePlanUsagePlanKeyResourcetestapigatewayrestapimyapiApiKeyC43601CB600D112D": { "Type": "AWS::ApiGateway::UsagePlanKey", "Properties": { "KeyId": { diff --git a/packages/@aws-cdk/aws-apigateway/test/integ.usage-plan.multikey.expected.json b/packages/@aws-cdk/aws-apigateway/test/integ.usage-plan.multikey.expected.json index 8e761f40e2a26..9dee2e7aa07b0 100644 --- a/packages/@aws-cdk/aws-apigateway/test/integ.usage-plan.multikey.expected.json +++ b/packages/@aws-cdk/aws-apigateway/test/integ.usage-plan.multikey.expected.json @@ -3,7 +3,7 @@ "myusageplan4B391740": { "Type": "AWS::ApiGateway::UsagePlan" }, - "myusageplanUsagePlanKeyResource095B4EA9": { + "myusageplanUsagePlanKeyResourcetestapigatewayusageplanmultikeymyapikey1DDABC389A2809A73": { "Type": "AWS::ApiGateway::UsagePlanKey", "Properties": { "KeyId": { diff --git a/packages/@aws-cdk/aws-apigateway/test/usage-plan.test.ts b/packages/@aws-cdk/aws-apigateway/test/usage-plan.test.ts index f183d08796388..cef19db1e9789 100644 --- a/packages/@aws-cdk/aws-apigateway/test/usage-plan.test.ts +++ b/packages/@aws-cdk/aws-apigateway/test/usage-plan.test.ts @@ -1,6 +1,8 @@ import '@aws-cdk/assert/jest'; import { ResourcePart } from '@aws-cdk/assert'; import * as cdk from '@aws-cdk/core'; +import * as cxapi from '@aws-cdk/cx-api'; +import { testFutureBehavior } from 'cdk-build-tools/lib/feature-flag'; import * as apigateway from '../lib'; const RESOURCE_TYPE = 'AWS::ApiGateway::UsagePlan'; @@ -149,60 +151,112 @@ describe('usage plan', () => { }, ResourcePart.Properties); }); - test('UsagePlanKey', () => { - // GIVEN - const stack = new cdk.Stack(); - const usagePlan: apigateway.UsagePlan = new apigateway.UsagePlan(stack, 'my-usage-plan', { - name: 'Basic', + describe('UsagePlanKey', () => { + + test('default', () => { + // GIVEN + const stack = new cdk.Stack(); + const usagePlan: apigateway.UsagePlan = new apigateway.UsagePlan(stack, 'my-usage-plan', { + name: 'Basic', + }); + const apiKey: apigateway.ApiKey = new apigateway.ApiKey(stack, 'my-api-key'); + + // WHEN + usagePlan.addApiKey(apiKey); + + // THEN + expect(stack).toHaveResource('AWS::ApiGateway::UsagePlanKey', { + KeyId: { + Ref: 'myapikey1B052F70', + }, + KeyType: 'API_KEY', + UsagePlanId: { + Ref: 'myusageplan23AA1E32', + }, + }, ResourcePart.Properties); }); - const apiKey: apigateway.ApiKey = new apigateway.ApiKey(stack, 'my-api-key'); - // WHEN - usagePlan.addApiKey(apiKey); + test('multiple keys', () => { + // GIVEN + const stack = new cdk.Stack(); + const usagePlan = new apigateway.UsagePlan(stack, 'my-usage-plan'); + const apiKey1 = new apigateway.ApiKey(stack, 'my-api-key-1', { + apiKeyName: 'my-api-key-1', + }); + const apiKey2 = new apigateway.ApiKey(stack, 'my-api-key-2', { + apiKeyName: 'my-api-key-2', + }); - // THEN - expect(stack).toHaveResource('AWS::ApiGateway::UsagePlanKey', { - KeyId: { - Ref: 'myapikey1B052F70', - }, - KeyType: 'API_KEY', - UsagePlanId: { - Ref: 'myusageplan23AA1E32', - }, - }, ResourcePart.Properties); - }); + // WHEN + usagePlan.addApiKey(apiKey1); + usagePlan.addApiKey(apiKey2); - test('UsagePlan can have multiple keys', () => { - // GIVEN - const stack = new cdk.Stack(); - const usagePlan = new apigateway.UsagePlan(stack, 'my-usage-plan'); - const apiKey1 = new apigateway.ApiKey(stack, 'my-api-key-1', { - apiKeyName: 'my-api-key-1', + // THEN + expect(stack).toHaveResource('AWS::ApiGateway::ApiKey', { + Name: 'my-api-key-1', + }, ResourcePart.Properties); + expect(stack).toHaveResource('AWS::ApiGateway::ApiKey', { + Name: 'my-api-key-2', + }, ResourcePart.Properties); + expect(stack).toHaveResource('AWS::ApiGateway::UsagePlanKey', { + KeyId: { + Ref: 'myapikey11F723FC7', + }, + }, ResourcePart.Properties); + expect(stack).toHaveResource('AWS::ApiGateway::UsagePlanKey', { + KeyId: { + Ref: 'myapikey2ABDEF012', + }, + }, ResourcePart.Properties); }); - const apiKey2 = new apigateway.ApiKey(stack, 'my-api-key-2', { - apiKeyName: 'my-api-key-2', + + test('overrideLogicalId', () => { + // GIVEN + const app = new cdk.App(); + const stack = new cdk.Stack(app); + const usagePlan: apigateway.UsagePlan = new apigateway.UsagePlan(stack, 'my-usage-plan', { name: 'Basic' }); + const apiKey: apigateway.ApiKey = new apigateway.ApiKey(stack, 'my-api-key'); + + // WHEN + usagePlan.addApiKey(apiKey, { overrideLogicalId: 'mylogicalid' }); + + // THEN + const template = app.synth().getStackByName(stack.stackName).template; + const logicalIds = Object.entries(template.Resources) + .filter(([_, v]) => (v as any).Type === 'AWS::ApiGateway::UsagePlanKey') + .map(([k, _]) => k); + expect(logicalIds).toEqual(['mylogicalid']); }); - // WHEN - usagePlan.addApiKey(apiKey1); - usagePlan.addApiKey(apiKey2); + describe('future flag: @aws-cdk/aws-apigateway:usagePlanKeyOrderInsensitiveId', () => { + const flags = { [cxapi.APIGATEWAY_USAGEPLANKEY_ORDERINSENSITIVE_ID]: true }; - // THEN - expect(stack).toHaveResource('AWS::ApiGateway::ApiKey', { - Name: 'my-api-key-1', - }, ResourcePart.Properties); - expect(stack).toHaveResource('AWS::ApiGateway::ApiKey', { - Name: 'my-api-key-2', - }, ResourcePart.Properties); - expect(stack).toHaveResource('AWS::ApiGateway::UsagePlanKey', { - KeyId: { - Ref: 'myapikey11F723FC7', - }, - }, ResourcePart.Properties); - expect(stack).toHaveResource('AWS::ApiGateway::UsagePlanKey', { - KeyId: { - Ref: 'myapikey2ABDEF012', - }, - }, ResourcePart.Properties); + testFutureBehavior('UsagePlanKeys have unique logical ids', flags, cdk.App, (app) => { + // GIVEN + const stack = new cdk.Stack(app, 'my-stack'); + const usagePlan = new apigateway.UsagePlan(stack, 'my-usage-plan'); + const apiKey1 = new apigateway.ApiKey(stack, 'my-api-key-1', { + apiKeyName: 'my-api-key-1', + }); + const apiKey2 = new apigateway.ApiKey(stack, 'my-api-key-2', { + apiKeyName: 'my-api-key-2', + }); + + // WHEN + usagePlan.addApiKey(apiKey1); + usagePlan.addApiKey(apiKey2); + + // THEN + const template = app.synth().getStackByName(stack.stackName).template; + const logicalIds = Object.entries(template.Resources) + .filter(([_, v]) => (v as any).Type === 'AWS::ApiGateway::UsagePlanKey') + .map(([k, _]) => k); + + expect(logicalIds).toEqual([ + 'myusageplanUsagePlanKeyResourcemystackmyapikey1EE9AA1B359121274', + 'myusageplanUsagePlanKeyResourcemystackmyapikey2B4E8EB1456DC88E9', + ]); + }); + }); }); }); diff --git a/packages/@aws-cdk/cx-api/lib/features.ts b/packages/@aws-cdk/cx-api/lib/features.ts index 91f6039625a1b..cdb2217a16b4e 100644 --- a/packages/@aws-cdk/cx-api/lib/features.ts +++ b/packages/@aws-cdk/cx-api/lib/features.ts @@ -119,6 +119,22 @@ export const ECS_REMOVE_DEFAULT_DESIRED_COUNT = '@aws-cdk/aws-ecs-patterns:remov */ export const RDS_LOWERCASE_DB_IDENTIFIER = '@aws-cdk/aws-rds:lowercaseDbIdentifier'; +/** + * The UsagePlanKey resource connects an ApiKey with a UsagePlan. API Gateway does not allow more than one UsagePlanKey + * for any given UsagePlan and ApiKey combination. For this reason, CloudFormation cannot replace this resource without + * either the UsagePlan or ApiKey changing. + * + * The feature addition to support multiple UsagePlanKey resources - 142bd0e2 - recognized this and attempted to keep + * existing UsagePlanKey logical ids unchanged. + * However, this intentionally caused the logical id of the UsagePlanKey to be sensitive to order. That is, when + * the 'first' UsagePlanKey resource is removed, the logical id of the 'second' assumes what was originally the 'first', + * which again is disallowed. + * + * In effect, there is no way to get out of this mess in a backwards compatible way, while supporting existing stacks. + * This flag changes the logical id layout of UsagePlanKey to not be sensitive to order. + */ +export const APIGATEWAY_USAGEPLANKEY_ORDERINSENSITIVE_ID = '@aws-cdk/aws-apigateway:usagePlanKeyOrderInsensitiveId'; + /** * This map includes context keys and values for feature flags that enable * capabilities "from the future", which we could not introduce as the default @@ -133,6 +149,7 @@ export const RDS_LOWERCASE_DB_IDENTIFIER = '@aws-cdk/aws-rds:lowercaseDbIdentifi * Tests must cover the default (disabled) case and the future (enabled) case. */ export const FUTURE_FLAGS: { [key: string]: any } = { + [APIGATEWAY_USAGEPLANKEY_ORDERINSENSITIVE_ID]: true, [ENABLE_STACK_NAME_DUPLICATES_CONTEXT]: 'true', [ENABLE_DIFF_NO_FAIL_CONTEXT]: 'true', [STACK_RELATIVE_EXPORTS_CONTEXT]: 'true', @@ -159,6 +176,7 @@ export const FUTURE_FLAGS_EXPIRED: string[] = [ * explicitly configured. */ const FUTURE_FLAGS_DEFAULTS: { [key: string]: boolean } = { + [APIGATEWAY_USAGEPLANKEY_ORDERINSENSITIVE_ID]: false, [ENABLE_STACK_NAME_DUPLICATES_CONTEXT]: false, [ENABLE_DIFF_NO_FAIL_CONTEXT]: false, [STACK_RELATIVE_EXPORTS_CONTEXT]: false, From a37f178b52a91d43b237013d7cb42c44c1774307 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christophe=20Boug=C3=A8re?= Date: Tue, 6 Apr 2021 20:36:01 +0200 Subject: [PATCH 099/260] feat(elasticloadbalancingv2): add grpc code matcher for alb (#13948) With #13570, it is now possible to set the protocol version for ALB target groups, and thus make it working for GRPC. However, it is not yet possible to define a GrpcCode for the matcher (see [CloudFormation doc](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-elasticloadbalancingv2-targetgroup-matcher.html)). I added a `healthyGrpcCodes` working the same way as `healthyHttpCodes`. closes #13947 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../aws-elasticloadbalancingv2/README.md | 4 ++++ .../lib/shared/base-target-group.ts | 13 ++++++++++++- .../test/alb/target-group.test.ts | 18 ++++++++++++++++++ 3 files changed, 34 insertions(+), 1 deletion(-) diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/README.md b/packages/@aws-cdk/aws-elasticloadbalancingv2/README.md index b04d39e1862d7..76a6b7e1ddd5c 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/README.md +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/README.md @@ -283,6 +283,10 @@ const tg = new elbv2.ApplicationTargetGroup(stack, 'TG', { port: 50051, protocol: elbv2.ApplicationProtocol.HTTP, protocolVersion: elbv2.ApplicationProtocolVersion.GRPC, + healthCheck: { + enabled: true, + healthyGrpcCodes: '0-99', + }, vpc, }); ``` diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/shared/base-target-group.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/shared/base-target-group.ts index 5e569fd8213ca..175f63ddc4d3d 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/shared/base-target-group.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/lib/shared/base-target-group.ts @@ -136,6 +136,16 @@ export interface HealthCheck { */ readonly unhealthyThresholdCount?: number; + /** + * GRPC code to use when checking for a successful response from a target. + * + * You can specify values between 0 and 99. You can specify multiple values + * (for example, "0,1") or a range of values (for example, "0-5"). + * + * @default - 12 + */ + readonly healthyGrpcCodes?: string; + /** * HTTP code to use when checking for a successful response from a target. * @@ -259,7 +269,8 @@ export abstract class TargetGroupBase extends CoreConstruct implements ITargetGr healthyThresholdCount: cdk.Lazy.number({ produce: () => this.healthCheck?.healthyThresholdCount }), unhealthyThresholdCount: cdk.Lazy.number({ produce: () => this.healthCheck?.unhealthyThresholdCount }), matcher: cdk.Lazy.any({ - produce: () => this.healthCheck?.healthyHttpCodes !== undefined ? { + produce: () => this.healthCheck?.healthyHttpCodes !== undefined || this.healthCheck?.healthyGrpcCodes !== undefined ? { + grpcCode: this.healthCheck.healthyGrpcCodes, httpCode: this.healthCheck.healthyHttpCodes, } : undefined, }), diff --git a/packages/@aws-cdk/aws-elasticloadbalancingv2/test/alb/target-group.test.ts b/packages/@aws-cdk/aws-elasticloadbalancingv2/test/alb/target-group.test.ts index ea028b543096f..f4b1212942dd6 100644 --- a/packages/@aws-cdk/aws-elasticloadbalancingv2/test/alb/target-group.test.ts +++ b/packages/@aws-cdk/aws-elasticloadbalancingv2/test/alb/target-group.test.ts @@ -166,11 +166,29 @@ describe('tests', () => { new elbv2.ApplicationTargetGroup(stack, 'TargetGroup', { vpc, protocolVersion: elbv2.ApplicationProtocolVersion.GRPC, + healthCheck: { + enabled: true, + healthyGrpcCodes: '0-99', + interval: cdk.Duration.seconds(255), + timeout: cdk.Duration.seconds(192), + healthyThresholdCount: 29, + unhealthyThresholdCount: 27, + path: '/arbitrary', + }, }); // THEN expect(stack).toHaveResource('AWS::ElasticLoadBalancingV2::TargetGroup', { ProtocolVersion: 'GRPC', + HealthCheckEnabled: true, + HealthCheckIntervalSeconds: 255, + HealthCheckPath: '/arbitrary', + HealthCheckTimeoutSeconds: 192, + HealthyThresholdCount: 29, + Matcher: { + GrpcCode: '0-99', + }, + UnhealthyThresholdCount: 27, }); }); From c62fd6b50c2d0dcddb279d4235775c9997b9cdbd Mon Sep 17 00:00:00 2001 From: Neta Nir Date: Wed, 7 Apr 2021 01:14:08 -0700 Subject: [PATCH 100/260] chore(lambda-layer-kubctl): graduate to stable (#14010) Intentionally using `chore` so it won't show up in the CHANGELOG ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/lambda-layer-kubectl/README.md | 9 +-------- packages/@aws-cdk/lambda-layer-kubectl/package.json | 4 ++-- 2 files changed, 3 insertions(+), 10 deletions(-) diff --git a/packages/@aws-cdk/lambda-layer-kubectl/README.md b/packages/@aws-cdk/lambda-layer-kubectl/README.md index d2c0343807369..3782174b1aa72 100644 --- a/packages/@aws-cdk/lambda-layer-kubectl/README.md +++ b/packages/@aws-cdk/lambda-layer-kubectl/README.md @@ -3,19 +3,12 @@ --- -![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) - -> The APIs of higher level constructs in this module are experimental and under active development. -> They are subject to non-backward compatible changes or removal in any future version. These are -> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be -> announced in the release notes. This means that while you may use them, you may need to update -> your source code when upgrading to a newer version of this package. +![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- - This module exports a single class called `KubectlLayer` which is a `lambda.Layer` that bundles the [`kubectl`](https://kubernetes.io/docs/reference/kubectl/kubectl/) and the [`helm`](https://helm.sh/) command line. > - Helm Version: 1.20.0 diff --git a/packages/@aws-cdk/lambda-layer-kubectl/package.json b/packages/@aws-cdk/lambda-layer-kubectl/package.json index fd2f129bb6999..be1e90d54d39c 100644 --- a/packages/@aws-cdk/lambda-layer-kubectl/package.json +++ b/packages/@aws-cdk/lambda-layer-kubectl/package.json @@ -90,8 +90,8 @@ "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" }, - "stability": "experimental", - "maturity": "experimental", + "stability": "stable", + "maturity": "stable", "awscdkio": { "announce": false }, From 1f99e52b92bff56204785de6805afed868657472 Mon Sep 17 00:00:00 2001 From: Neta Nir Date: Wed, 7 Apr 2021 01:56:59 -0700 Subject: [PATCH 101/260] chore(lambda-layer-awscli): graduate to stable (#14012) Intentionally setting to `chore` so it will not show up in the CHANGELOG ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/lambda-layer-awscli/README.md | 8 +------- packages/@aws-cdk/lambda-layer-awscli/package.json | 4 ++-- 2 files changed, 3 insertions(+), 9 deletions(-) diff --git a/packages/@aws-cdk/lambda-layer-awscli/README.md b/packages/@aws-cdk/lambda-layer-awscli/README.md index ae6460fae09d3..baad6362f5e21 100644 --- a/packages/@aws-cdk/lambda-layer-awscli/README.md +++ b/packages/@aws-cdk/lambda-layer-awscli/README.md @@ -3,13 +3,7 @@ --- -![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) - -> The APIs of higher level constructs in this module are experimental and under active development. -> They are subject to non-backward compatible changes or removal in any future version. These are -> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be -> announced in the release notes. This means that while you may use them, you may need to update -> your source code when upgrading to a newer version of this package. +![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- diff --git a/packages/@aws-cdk/lambda-layer-awscli/package.json b/packages/@aws-cdk/lambda-layer-awscli/package.json index 46262f6008feb..501fbf68d68b0 100644 --- a/packages/@aws-cdk/lambda-layer-awscli/package.json +++ b/packages/@aws-cdk/lambda-layer-awscli/package.json @@ -84,8 +84,8 @@ "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" }, - "stability": "experimental", - "maturity": "experimental", + "stability": "stable", + "maturity": "stable", "awscdkio": { "announce": false }, From 0d2755b97486e4222d1f3b020b8126fefeda20d0 Mon Sep 17 00:00:00 2001 From: Neta Nir Date: Wed, 7 Apr 2021 02:36:56 -0700 Subject: [PATCH 102/260] =?UTF-8?q?feat(region-info):=20graduate=20to=20st?= =?UTF-8?q?able=20=F0=9F=9A=80=20=20(#14013)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/region-info/README.md | 8 +------- packages/@aws-cdk/region-info/package.json | 4 ++-- 2 files changed, 3 insertions(+), 9 deletions(-) diff --git a/packages/@aws-cdk/region-info/README.md b/packages/@aws-cdk/region-info/README.md index 07119849babb4..0f1186318ee49 100644 --- a/packages/@aws-cdk/region-info/README.md +++ b/packages/@aws-cdk/region-info/README.md @@ -3,13 +3,7 @@ --- -![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) - -> The APIs of higher level constructs in this module are experimental and under active development. -> They are subject to non-backward compatible changes or removal in any future version. These are -> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be -> announced in the release notes. This means that while you may use them, you may need to update -> your source code when upgrading to a newer version of this package. +![cdk-constructs: Stable](https://img.shields.io/badge/cdk--constructs-stable-success.svg?style=for-the-badge) --- diff --git a/packages/@aws-cdk/region-info/package.json b/packages/@aws-cdk/region-info/package.json index fe5a7e1acf1ec..1bbd1367662b1 100644 --- a/packages/@aws-cdk/region-info/package.json +++ b/packages/@aws-cdk/region-info/package.json @@ -72,8 +72,8 @@ "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" }, - "stability": "experimental", - "maturity": "experimental", + "stability": "stable", + "maturity": "stable", "awslint": { "exclude": [ "docs-public-apis:@aws-cdk/region-info.Fact.regions", From b1ecd3d49d7ebf97a54a80d06779ef0f0b113c16 Mon Sep 17 00:00:00 2001 From: Rico Huijbers Date: Wed, 7 Apr 2021 12:20:55 +0200 Subject: [PATCH 103/260] chore: introduce `@aws-cdk/assert-internal`, `aws-cdk-migration` (#13700) `@aws-cdk/assert` will be a publish-only package: we no longer use it to test our own packages. Instead, our own packages are tested using `@aws-cdk/assert-internal`. `@aws-cdk/assert` will be built by cloning the `assert-internal` package, and made to depend on either `@aws-cdk/core` on the v1 branch, and `aws-cdk-lib` on the v2 branch. ---- The `rewrite-imports` script has been moved to a top-level tools package, `aws-cdk-migration`. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../ecs-service-extensions/package.json | 4 +- .../test/test.appmesh.ts | 2 +- .../test/test.assign-public-ip.ts | 2 +- .../test/test.cloudwatch-agent.ts | 2 +- .../test/test.environment.ts | 2 +- .../test/test.firelens.ts | 2 +- .../test/test.http-load-balancer.ts | 2 +- .../test/test.scale-on-cpu-utilization.ts | 2 +- .../test/test.service.ts | 2 +- .../ecs-service-extensions/test/test.xray.ts | 2 +- packages/@aws-cdk/alexa-ask/package.json | 4 +- packages/@aws-cdk/alexa-ask/test/ask.test.ts | 2 +- packages/@aws-cdk/app-delivery/package.json | 4 +- .../test/test.pipeline-deploy-stack-action.ts | 2 +- .../@aws-cdk/assert-internal/.eslintrc.js | 3 + packages/@aws-cdk/assert-internal/.gitignore | 16 + packages/@aws-cdk/assert-internal/.npmignore | 22 + packages/@aws-cdk/assert-internal/LICENSE | 201 ++++++++ packages/@aws-cdk/assert-internal/NOTICE | 2 + packages/@aws-cdk/assert-internal/README.md | 227 +++++++++ .../@aws-cdk/assert-internal/jest.config.js | 10 + packages/@aws-cdk/assert-internal/jest.ts | 107 +++++ .../@aws-cdk/assert-internal/lib/assertion.ts | 40 ++ .../lib/assertions/and-assertion.ts | 19 + .../lib/assertions/count-resources.ts | 58 +++ .../assert-internal/lib/assertions/exist.ts | 18 + .../lib/assertions/have-output.ts | 116 +++++ .../lib/assertions/have-resource-matchers.ts | 430 ++++++++++++++++++ .../lib/assertions/have-resource.ts | 163 +++++++ .../lib/assertions/have-type.ts | 21 + .../lib/assertions/match-template.ts | 96 ++++ .../lib/assertions/negated-assertion.ts | 16 + .../lib/canonicalize-assets.ts | 71 +++ .../@aws-cdk/assert-internal/lib/expect.ts | 12 + .../@aws-cdk/assert-internal/lib/index.ts | 15 + .../@aws-cdk/assert-internal/lib/inspector.ts | 74 +++ .../assert-internal/lib/synth-utils.ts | 87 ++++ .../@aws-cdk/assert-internal/package.json | 67 +++ .../assert-internal/test/assertions.test.ts | 349 ++++++++++++++ .../test/canonicalize-assets.test.ts | 135 ++++++ .../assert-internal/test/have-output.test.ts | 202 ++++++++ .../test/have-resource.test.ts | 279 ++++++++++++ .../assert-internal/test/synth-utils.test.ts | 14 + .../@aws-cdk/assert-internal/tsconfig.json | 30 ++ packages/@aws-cdk/assert/.gitignore | 17 +- packages/@aws-cdk/assert/BUILD.md | 15 + packages/@aws-cdk/assert/clone.sh | 20 + packages/@aws-cdk/assert/jest.config.js | 2 +- packages/@aws-cdk/assert/package.json | 24 +- packages/@aws-cdk/assert/tsconfig.json | 16 +- packages/@aws-cdk/assets/package.json | 4 +- .../@aws-cdk/aws-accessanalyzer/package.json | 4 +- .../test/accessanalyzer.test.ts | 2 +- packages/@aws-cdk/aws-acmpca/package.json | 4 +- .../@aws-cdk/aws-acmpca/test/acmpca.test.ts | 2 +- packages/@aws-cdk/aws-amazonmq/package.json | 4 +- .../aws-amazonmq/test/amazonmq.test.ts | 2 +- packages/@aws-cdk/aws-amplify/package.json | 4 +- .../@aws-cdk/aws-amplify/test/app.test.ts | 2 +- .../@aws-cdk/aws-amplify/test/branch.test.ts | 2 +- .../@aws-cdk/aws-amplify/test/domain.test.ts | 2 +- packages/@aws-cdk/aws-apigateway/package.json | 4 +- .../aws-apigateway/test/access-log.test.ts | 2 +- .../test/api-definition.test.ts | 2 +- .../aws-apigateway/test/api-key.test.ts | 4 +- .../test/authorizers/cognito.test.ts | 2 +- .../test/authorizers/lambda.test.ts | 4 +- .../test/base-path-mapping.test.ts | 2 +- .../@aws-cdk/aws-apigateway/test/cors.test.ts | 2 +- .../aws-apigateway/test/deployment.test.ts | 4 +- .../aws-apigateway/test/domains.test.ts | 4 +- .../test/gateway-response.test.ts | 4 +- .../@aws-cdk/aws-apigateway/test/http.test.ts | 2 +- .../aws-apigateway/test/integration.test.ts | 4 +- .../test/integrations/lambda.test.ts | 2 +- .../aws-apigateway/test/lambda-api.test.ts | 2 +- .../aws-apigateway/test/method.test.ts | 4 +- .../aws-apigateway/test/model.test.ts | 2 +- .../test/requestvalidator.test.ts | 2 +- .../aws-apigateway/test/resource.test.ts | 2 +- .../aws-apigateway/test/restapi.test.ts | 4 +- .../aws-apigateway/test/stage.test.ts | 2 +- .../aws-apigateway/test/usage-plan.test.ts | 4 +- .../@aws-cdk/aws-apigateway/test/util.test.ts | 2 +- .../aws-apigateway/test/vpc-link.test.ts | 2 +- .../aws-apigatewayv2-authorizers/package.json | 4 +- .../test/http/jwt.test.ts | 2 +- .../test/http/user-pool.test.ts | 2 +- .../package.json | 4 +- .../test/http/alb.test.ts | 2 +- .../test/http/http-proxy.test.ts | 2 +- .../test/http/lambda.test.ts | 2 +- .../test/http/nlb.test.ts | 2 +- .../test/http/private/integration.test.ts | 2 +- .../test/http/service-discovery.test.ts | 2 +- .../test/websocket/lambda.test.ts | 2 +- .../@aws-cdk/aws-apigatewayv2/package.json | 4 +- .../test/common/api-mapping.test.ts | 2 +- .../aws-apigatewayv2/test/http/api.test.ts | 4 +- .../test/http/authorizer.test.ts | 2 +- .../test/http/domain-name.test.ts | 4 +- .../aws-apigatewayv2/test/http/route.test.ts | 2 +- .../aws-apigatewayv2/test/http/stage.test.ts | 2 +- .../test/http/vpc-link.test.ts | 2 +- .../test/websocket/api.test.ts | 2 +- .../test/websocket/route.test.ts | 2 +- .../test/websocket/stage.test.ts | 2 +- packages/@aws-cdk/aws-appconfig/package.json | 4 +- .../aws-appconfig/test/appconfig.test.ts | 2 +- packages/@aws-cdk/aws-appflow/package.json | 4 +- .../@aws-cdk/aws-appflow/test/appflow.test.ts | 2 +- .../aws-applicationautoscaling/package.json | 4 +- .../test/test.scalable-target.ts | 2 +- .../test/test.step-scaling-policy.ts | 2 +- .../test/test.target-tracking.ts | 2 +- .../aws-applicationinsights/package.json | 4 +- .../test/applicationinsights.test.ts | 2 +- packages/@aws-cdk/aws-appmesh/package.json | 4 +- .../aws-appmesh/test/test.gateway-route.ts | 2 +- .../@aws-cdk/aws-appmesh/test/test.mesh.ts | 2 +- .../@aws-cdk/aws-appmesh/test/test.route.ts | 2 +- .../aws-appmesh/test/test.virtual-gateway.ts | 2 +- .../aws-appmesh/test/test.virtual-node.ts | 2 +- .../aws-appmesh/test/test.virtual-router.ts | 2 +- .../aws-appmesh/test/test.virtual-service.ts | 2 +- packages/@aws-cdk/aws-appstream/package.json | 4 +- .../aws-appstream/test/appstream.test.ts | 2 +- packages/@aws-cdk/aws-appsync/package.json | 4 +- .../aws-appsync/test/appsync-auth.test.ts | 2 +- .../test/appsync-code-first.test.ts | 2 +- .../test/appsync-directives.test.ts | 2 +- .../aws-appsync/test/appsync-dynamodb.test.ts | 2 +- .../test/appsync-enum-type.test.ts | 2 +- .../aws-appsync/test/appsync-grant.test.ts | 2 +- .../aws-appsync/test/appsync-http.test.ts | 2 +- .../test/appsync-input-types.test.ts | 2 +- .../test/appsync-interface-type.test.ts | 2 +- .../aws-appsync/test/appsync-lambda.test.ts | 2 +- .../aws-appsync/test/appsync-none.test.ts | 2 +- .../test/appsync-object-type.test.ts | 2 +- .../aws-appsync/test/appsync-rds.test.ts | 2 +- .../test/appsync-scalar-type.test.ts | 2 +- .../aws-appsync/test/appsync-schema.test.ts | 2 +- .../test/appsync-union-types.test.ts | 2 +- .../@aws-cdk/aws-appsync/test/appsync.test.ts | 2 +- packages/@aws-cdk/aws-athena/package.json | 4 +- .../@aws-cdk/aws-athena/test/athena.test.ts | 4 +- .../@aws-cdk/aws-auditmanager/package.json | 4 +- .../test/auditmanager.test.ts | 2 +- .../aws-autoscaling-common/package.json | 4 +- .../aws-autoscaling-hooktargets/package.json | 4 +- .../test/hooks.test.ts | 4 +- .../@aws-cdk/aws-autoscaling/package.json | 4 +- .../test/auto-scaling-group.test.ts | 2 +- .../aws-autoscaling/test/cfn-init.test.ts | 2 +- .../test/lifecyclehooks.test.ts | 2 +- .../aws-autoscaling/test/scaling.test.ts | 2 +- .../test/scheduled-action.test.ts | 2 +- .../aws-autoscalingplans/package.json | 4 +- .../test/autoscalingplans.test.ts | 2 +- packages/@aws-cdk/aws-backup/package.json | 4 +- .../@aws-cdk/aws-backup/test/plan.test.ts | 2 +- .../aws-backup/test/selection.test.ts | 2 +- .../@aws-cdk/aws-backup/test/vault.test.ts | 2 +- packages/@aws-cdk/aws-batch/package.json | 4 +- .../@aws-cdk/aws-batch/test/batch.test.ts | 2 +- .../test/compute-environment.test.ts | 4 +- .../aws-batch/test/job-definition.test.ts | 4 +- .../@aws-cdk/aws-batch/test/job-queue.test.ts | 4 +- packages/@aws-cdk/aws-budgets/package.json | 4 +- .../@aws-cdk/aws-budgets/test/budgets.test.ts | 2 +- packages/@aws-cdk/aws-cassandra/package.json | 4 +- .../aws-cassandra/test/cassandra.test.ts | 2 +- packages/@aws-cdk/aws-ce/package.json | 4 +- packages/@aws-cdk/aws-ce/test/ce.test.ts | 2 +- .../aws-certificatemanager/package.json | 4 +- .../test/certificate.test.ts | 2 +- .../test/dns-validated-certificate.test.ts | 4 +- .../aws-certificatemanager/test/util.test.ts | 2 +- packages/@aws-cdk/aws-chatbot/package.json | 4 +- .../test/slack-channel-configuration.test.ts | 4 +- packages/@aws-cdk/aws-cloud9/package.json | 4 +- .../test/cloud9.environment.test.ts | 2 +- .../@aws-cdk/aws-cloud9/test/cloud9.test.ts | 2 +- .../@aws-cdk/aws-cloudformation/package.json | 4 +- .../aws-cloudformation/test/test.deps.ts | 2 +- .../test/test.nested-stack.ts | 2 +- .../aws-cloudformation/test/test.resource.ts | 2 +- .../aws-cloudfront-origins/package.json | 4 +- .../test/http-origin.test.ts | 2 +- .../test/load-balancer-origin.test.ts | 2 +- .../test/origin-group.test.ts | 2 +- .../test/s3-origin.test.ts | 2 +- packages/@aws-cdk/aws-cloudfront/package.json | 4 +- .../aws-cloudfront/test/cache-policy.test.ts | 2 +- .../aws-cloudfront/test/distribution.test.ts | 4 +- .../test/experimental/edge-function.test.ts | 2 +- .../test/geo-restriction.test.ts | 2 +- .../aws-cloudfront/test/key-group.test.ts | 4 +- .../@aws-cdk/aws-cloudfront/test/oai.test.ts | 2 +- .../aws-cloudfront/test/origin-groups.test.ts | 2 +- .../test/origin-request-policy.test.ts | 2 +- .../aws-cloudfront/test/origin.test.ts | 2 +- .../test/private/cache-behavior.test.ts | 2 +- .../aws-cloudfront/test/public-key.test.ts | 4 +- .../test/web-distribution.test.ts | 2 +- packages/@aws-cdk/aws-cloudtrail/package.json | 4 +- .../aws-cloudtrail/test/cloudtrail.test.ts | 4 +- .../aws-cloudwatch-actions/package.json | 4 +- .../test/appscaling.test.ts | 2 +- .../aws-cloudwatch-actions/test/ec2.test.ts | 2 +- .../test/scaling.test.ts | 2 +- .../aws-cloudwatch-actions/test/sns.test.ts | 2 +- packages/@aws-cdk/aws-cloudwatch/package.json | 4 +- .../aws-cloudwatch/test/test.alarm.ts | 2 +- .../test/test.composite-alarm.ts | 2 +- .../test/test.cross-environment.ts | 2 +- .../aws-cloudwatch/test/test.dashboard.ts | 2 +- .../aws-cloudwatch/test/test.metric-math.ts | 2 +- .../aws-cloudwatch/test/test.metrics.ts | 2 +- .../@aws-cdk/aws-codeartifact/package.json | 4 +- .../test/codeartifact.test.ts | 2 +- packages/@aws-cdk/aws-codebuild/package.json | 4 +- .../aws-codebuild/test/test.codebuild.ts | 2 +- .../test/test.linux-gpu-build-image.ts | 2 +- .../aws-codebuild/test/test.project.ts | 2 +- .../aws-codebuild/test/test.report-group.ts | 2 +- .../test/test.untrusted-code-boundary.ts | 2 +- packages/@aws-cdk/aws-codecommit/package.json | 4 +- .../aws-codecommit/test/test.codecommit.ts | 2 +- packages/@aws-cdk/aws-codedeploy/package.json | 4 +- .../test/ecs/test.application.ts | 2 +- .../test/lambda/test.application.ts | 2 +- .../lambda/test.custom-deployment-config.ts | 2 +- .../test/lambda/test.deployment-group.ts | 2 +- .../test/server/test.deployment-config.ts | 2 +- .../test/server/test.deployment-group.ts | 2 +- .../aws-codeguruprofiler/package.json | 4 +- .../test/codeguruprofiler.test.ts | 2 +- .../test/profiling-group.test.ts | 2 +- .../aws-codegurureviewer/package.json | 4 +- .../test/codegurureviewer.test.ts | 2 +- .../aws-codepipeline-actions/package.json | 4 +- .../bitbucket/bitbucket-source-action.test.ts | 2 +- .../cloudformation-pipeline-actions.test.ts | 2 +- .../test/codebuild/codebuild-action.test.ts | 2 +- .../codecommit-source-action.test.ts | 2 +- .../test/codedeploy/ecs-deploy-action.test.ts | 2 +- .../test/ecr/ecr-source-action.test.ts | 2 +- .../test/ecs/ecs-deploy-action.test.ts | 2 +- .../test/github/github-source-action.test.ts | 2 +- .../test/lambda/lambda-invoke-action.test.ts | 2 +- .../test/manual-approval.test.ts | 2 +- .../test/pipeline.test.ts | 2 +- .../test/s3/s3-deploy-action.test.ts | 2 +- .../test/s3/s3-source-action.test.ts | 2 +- .../servicecatalog-action.test.ts | 2 +- .../stepfunctions-invoke-actions.test.ts | 2 +- .../@aws-cdk/aws-codepipeline/package.json | 4 +- .../aws-codepipeline/test/action.test.ts | 2 +- .../aws-codepipeline/test/artifacts.test.ts | 2 +- .../aws-codepipeline/test/cross-env.test.ts | 2 +- .../aws-codepipeline/test/pipeline.test.ts | 4 +- .../aws-codepipeline/test/stages.test.ts | 2 +- .../aws-codepipeline/test/variables.test.ts | 2 +- packages/@aws-cdk/aws-codestar/package.json | 4 +- .../aws-codestar/test/codestar.test.ts | 2 +- .../aws-codestarconnections/package.json | 4 +- .../test/codestarconnections.test.ts | 2 +- .../aws-codestarnotifications/package.json | 4 +- .../test/codestarnotifications.test.ts | 2 +- packages/@aws-cdk/aws-cognito/package.json | 4 +- .../aws-cognito/test/user-pool-attr.test.ts | 2 +- .../aws-cognito/test/user-pool-client.test.ts | 4 +- .../aws-cognito/test/user-pool-domain.test.ts | 2 +- .../test/user-pool-idps/amazon.test.ts | 2 +- .../aws-cognito/test/user-pool-idps/apple.ts | 2 +- .../test/user-pool-idps/base.test.ts | 2 +- .../test/user-pool-idps/facebook.test.ts | 2 +- .../test/user-pool-idps/google.test.ts | 2 +- .../test/user-pool-resource-server.test.ts | 2 +- .../aws-cognito/test/user-pool.test.ts | 4 +- packages/@aws-cdk/aws-config/package.json | 4 +- .../aws-config/test/test.managed-rules.ts | 2 +- .../@aws-cdk/aws-config/test/test.rule.ts | 2 +- packages/@aws-cdk/aws-databrew/package.json | 4 +- .../aws-databrew/test/databrew.test.ts | 2 +- .../@aws-cdk/aws-datapipeline/package.json | 4 +- .../test/datapipeline.test.ts | 2 +- packages/@aws-cdk/aws-datasync/package.json | 4 +- .../aws-datasync/test/datasync.test.ts | 2 +- packages/@aws-cdk/aws-dax/package.json | 4 +- packages/@aws-cdk/aws-dax/test/dax.test.ts | 2 +- packages/@aws-cdk/aws-detective/package.json | 4 +- .../aws-detective/test/detective.test.ts | 2 +- packages/@aws-cdk/aws-devopsguru/package.json | 4 +- .../aws-devopsguru/test/devopsguru.test.ts | 2 +- .../aws-directoryservice/package.json | 4 +- .../test/directoryservice.test.ts | 2 +- packages/@aws-cdk/aws-dlm/package.json | 4 +- packages/@aws-cdk/aws-dlm/test/dlm.test.ts | 2 +- packages/@aws-cdk/aws-dms/package.json | 4 +- packages/@aws-cdk/aws-dms/test/dms.test.ts | 2 +- packages/@aws-cdk/aws-docdb/package.json | 4 +- .../@aws-cdk/aws-docdb/test/cluster.test.ts | 2 +- .../@aws-cdk/aws-docdb/test/instance.test.ts | 2 +- .../aws-docdb/test/parameter-group.test.ts | 2 +- .../@aws-cdk/aws-dynamodb-global/package.json | 4 +- .../test/test.dynamodb.global.ts | 2 +- packages/@aws-cdk/aws-dynamodb/package.json | 4 +- .../aws-dynamodb/test/dynamodb.test.ts | 4 +- packages/@aws-cdk/aws-ec2/package.json | 4 +- .../aws-ec2/test/bastion-host.test.ts | 2 +- .../@aws-cdk/aws-ec2/test/cfn-init.test.ts | 4 +- .../aws-ec2/test/client-vpn-endpoint.test.ts | 4 +- .../@aws-cdk/aws-ec2/test/connections.test.ts | 2 +- .../@aws-cdk/aws-ec2/test/instance.test.ts | 4 +- .../aws-ec2/test/launch-template.test.ts | 2 +- .../aws-ec2/test/machine-image.test.ts | 2 +- .../aws-ec2/test/security-group.test.ts | 2 +- packages/@aws-cdk/aws-ec2/test/volume.test.ts | 2 +- .../aws-ec2/test/vpc-endpoint-service.test.ts | 2 +- .../aws-ec2/test/vpc-endpoint.test.ts | 2 +- .../aws-ec2/test/vpc-flow-logs.test.ts | 2 +- packages/@aws-cdk/aws-ec2/test/vpc.test.ts | 2 +- packages/@aws-cdk/aws-ec2/test/vpn.test.ts | 2 +- packages/@aws-cdk/aws-ecr-assets/package.json | 4 +- .../aws-ecr-assets/test/image-asset.test.ts | 2 +- packages/@aws-cdk/aws-ecr/package.json | 4 +- .../@aws-cdk/aws-ecr/test/test.auth-token.ts | 2 +- .../@aws-cdk/aws-ecr/test/test.repository.ts | 2 +- .../@aws-cdk/aws-ecs-patterns/package.json | 4 +- .../aws-ecs-patterns/test/ec2/test.l3s-v2.ts | 2 +- .../aws-ecs-patterns/test/ec2/test.l3s.ts | 2 +- .../ec2/test.queue-processing-ecs-service.ts | 2 +- .../test/ec2/test.scheduled-ecs-task.ts | 2 +- .../test.load-balanced-fargate-service-v2.ts | 2 +- .../test.load-balanced-fargate-service.ts | 2 +- .../test.queue-processing-fargate-service.ts | 2 +- .../fargate/test.scheduled-fargate-task.ts | 2 +- packages/@aws-cdk/aws-ecs/package.json | 4 +- .../test/app-mesh-proxy-configuration.test.ts | 2 +- .../aws-ecs/test/aws-log-driver.test.ts | 2 +- .../aws-ecs/test/container-definition.test.ts | 4 +- .../aws-ecs/test/ec2/cross-stack.test.ts | 2 +- .../aws-ecs/test/ec2/ec2-service.test.ts | 2 +- .../test/ec2/ec2-task-definition.test.ts | 2 +- .../@aws-cdk/aws-ecs/test/ecs-cluster.test.ts | 2 +- .../test/fargate/fargate-service.test.ts | 2 +- .../fargate/fargate-task-definition.test.ts | 2 +- .../aws-ecs/test/firelens-log-driver.test.ts | 2 +- .../aws-ecs/test/fluentd-log-driver.test.ts | 2 +- .../aws-ecs/test/gelf-log-driver.test.ts | 2 +- .../tag-parameter-container-image.test.ts | 2 +- .../aws-ecs/test/journald-log-driver.test.ts | 2 +- .../aws-ecs/test/json-file-log-driver.test.ts | 2 +- .../aws-ecs/test/splunk-log-driver.test.ts | 2 +- .../aws-ecs/test/syslog-log-driver.test.ts | 2 +- .../aws-ecs/test/task-definition.test.ts | 2 +- packages/@aws-cdk/aws-efs/package.json | 4 +- .../aws-efs/test/access-point.test.ts | 2 +- .../aws-efs/test/efs-file-system.test.ts | 2 +- packages/@aws-cdk/aws-eks-legacy/package.json | 4 +- .../aws-eks-legacy/test/test.awsauth.ts | 2 +- .../aws-eks-legacy/test/test.cluster.ts | 2 +- .../aws-eks-legacy/test/test.helm-chart.ts | 2 +- .../aws-eks-legacy/test/test.manifest.ts | 2 +- packages/@aws-cdk/aws-eks/package.json | 4 +- .../@aws-cdk/aws-eks/test/test.awsauth.ts | 2 +- .../@aws-cdk/aws-eks/test/test.cluster.ts | 2 +- .../@aws-cdk/aws-eks/test/test.fargate.ts | 2 +- .../@aws-cdk/aws-eks/test/test.helm-chart.ts | 2 +- .../aws-eks/test/test.k8s-manifest.ts | 2 +- .../aws-eks/test/test.k8s-object-value.ts | 2 +- .../@aws-cdk/aws-eks/test/test.k8s-patch.ts | 2 +- .../@aws-cdk/aws-eks/test/test.nodegroup.ts | 2 +- .../aws-eks/test/test.service-account.ts | 2 +- .../@aws-cdk/aws-elasticache/package.json | 4 +- .../aws-elasticache/test/elasticache.test.ts | 2 +- .../aws-elasticbeanstalk/package.json | 4 +- .../test/elasticbeanstalk.test.ts | 2 +- .../aws-elasticloadbalancing/package.json | 4 +- .../test/loadbalancer.test.ts | 2 +- .../package.json | 4 +- .../test/cognito.test.ts | 2 +- .../package.json | 4 +- .../test/instance-target.test.ts | 2 +- .../test/ip-target.test.ts | 2 +- .../test/lambda-target.test.ts | 2 +- .../aws-elasticloadbalancingv2/package.json | 4 +- .../test/alb/actions.test.ts | 2 +- .../test/alb/conditions.test.ts | 2 +- .../test/alb/listener.test.ts | 4 +- .../test/alb/load-balancer.test.ts | 4 +- .../test/alb/security-group.test.ts | 2 +- .../test/alb/target-group.test.ts | 2 +- .../test/nlb/actions.test.ts | 2 +- .../test/nlb/listener.test.ts | 4 +- .../test/nlb/load-balancer.test.ts | 4 +- .../test/nlb/target-group.test.ts | 2 +- .../@aws-cdk/aws-elasticsearch/package.json | 4 +- .../aws-elasticsearch/test/domain.test.ts | 4 +- .../test/elasticsearch-access-policy.test.ts | 2 +- .../test/log-group-resource-policy.test.ts | 2 +- packages/@aws-cdk/aws-emr/package.json | 4 +- packages/@aws-cdk/aws-emr/test/emr.test.ts | 2 +- .../@aws-cdk/aws-emrcontainers/package.json | 4 +- .../test/emrcontainers.test.ts | 2 +- .../@aws-cdk/aws-events-targets/package.json | 4 +- .../test/aws-api/aws-api.test.ts | 2 +- .../test/batch/batch.test.ts | 2 +- .../test/codebuild/codebuild.test.ts | 2 +- .../test/codepipeline/pipeline.test.ts | 2 +- .../test/ecs/event-rule-target.test.ts | 2 +- .../test/event-bus/event-rule-target.test.ts | 2 +- .../kinesis-firehose-stream.test.ts | 2 +- .../test/kinesis/kinesis-stream.test.ts | 2 +- .../test/lambda/lambda.test.ts | 2 +- .../logs/log-group-resource-policy.test.ts | 2 +- .../test/logs/log-group.test.ts | 2 +- .../aws-events-targets/test/sns/sns.test.ts | 2 +- .../aws-events-targets/test/sqs/sqs.test.ts | 2 +- .../test/stepfunctions/statemachine.test.ts | 2 +- packages/@aws-cdk/aws-events/package.json | 4 +- .../@aws-cdk/aws-events/test/test.archive.ts | 2 +- .../aws-events/test/test.event-bus.ts | 2 +- .../@aws-cdk/aws-events/test/test.input.ts | 2 +- .../@aws-cdk/aws-events/test/test.rule.ts | 2 +- .../@aws-cdk/aws-eventschemas/package.json | 4 +- .../test/eventschemas.test.ts | 2 +- packages/@aws-cdk/aws-fis/package.json | 4 +- packages/@aws-cdk/aws-fis/test/fis.test.ts | 2 +- packages/@aws-cdk/aws-fms/package.json | 4 +- packages/@aws-cdk/aws-fms/test/fms.test.ts | 2 +- packages/@aws-cdk/aws-fsx/package.json | 4 +- .../aws-fsx/test/lustre-file-system.test.ts | 2 +- packages/@aws-cdk/aws-gamelift/package.json | 4 +- .../aws-gamelift/test/gamelift.test.ts | 2 +- .../package.json | 2 +- .../test/endpoints.test.ts | 4 +- .../aws-globalaccelerator/package.json | 5 +- .../globalaccelerator-security-group.test.ts | 2 +- .../test/globalaccelerator.test.ts | 2 +- packages/@aws-cdk/aws-glue/package.json | 4 +- .../@aws-cdk/aws-glue/test/connection.test.ts | 4 +- .../@aws-cdk/aws-glue/test/database.test.ts | 4 +- .../@aws-cdk/aws-glue/test/schema.test.ts | 2 +- .../test/security-configuration.test.ts | 4 +- packages/@aws-cdk/aws-glue/test/table.test.ts | 4 +- packages/@aws-cdk/aws-greengrass/package.json | 4 +- .../aws-greengrass/test/greengrass.test.ts | 2 +- .../@aws-cdk/aws-greengrassv2/package.json | 4 +- .../aws-greengrassv2/test/greengrass.test.ts | 2 +- packages/@aws-cdk/aws-guardduty/package.json | 4 +- .../aws-guardduty/test/guardduty.test.ts | 2 +- packages/@aws-cdk/aws-iam/package.json | 4 +- .../test/auto-cross-stack-refs.test.ts | 4 +- .../aws-iam/test/cross-account.test.ts | 2 +- .../aws-iam/test/escape-hatch.test.ts | 2 +- packages/@aws-cdk/aws-iam/test/grant.test.ts | 4 +- packages/@aws-cdk/aws-iam/test/group.test.ts | 2 +- .../aws-iam/test/immutable-role.test.ts | 2 +- .../@aws-cdk/aws-iam/test/lazy-role.test.ts | 2 +- .../aws-iam/test/managed-policy.test.ts | 2 +- .../aws-iam/test/oidc-provider.test.ts | 2 +- .../aws-iam/test/permissions-boundary.test.ts | 4 +- .../aws-iam/test/policy-document.test.ts | 2 +- .../aws-iam/test/policy-statement.test.ts | 2 +- packages/@aws-cdk/aws-iam/test/policy.test.ts | 4 +- .../@aws-cdk/aws-iam/test/principals.test.ts | 2 +- .../aws-iam/test/role.from-role-arn.test.ts | 2 +- packages/@aws-cdk/aws-iam/test/role.test.ts | 2 +- .../aws-iam/test/saml-provider.test.ts | 2 +- packages/@aws-cdk/aws-iam/test/user.test.ts | 2 +- .../@aws-cdk/aws-imagebuilder/package.json | 4 +- .../test/imagebuilder.test.ts | 2 +- packages/@aws-cdk/aws-inspector/package.json | 4 +- .../aws-inspector/test/inspector.test.ts | 2 +- packages/@aws-cdk/aws-iot/package.json | 4 +- packages/@aws-cdk/aws-iot/test/iot.test.ts | 2 +- packages/@aws-cdk/aws-iot1click/package.json | 4 +- .../aws-iot1click/test/iot1click.test.ts | 2 +- .../@aws-cdk/aws-iotanalytics/package.json | 4 +- .../test/iotanalytics.test.ts | 2 +- packages/@aws-cdk/aws-iotevents/package.json | 4 +- .../aws-iotevents/test/iotevents.test.ts | 2 +- .../@aws-cdk/aws-iotsitewise/package.json | 4 +- .../aws-iotsitewise/test/iotsitewise.test.ts | 2 +- .../@aws-cdk/aws-iotthingsgraph/package.json | 4 +- .../test/iotthingsgraph.test.ts | 2 +- .../@aws-cdk/aws-iotwireless/package.json | 4 +- .../aws-iotwireless/test/iotwireless.test.ts | 2 +- packages/@aws-cdk/aws-ivs/package.json | 4 +- packages/@aws-cdk/aws-ivs/test/ivs.test.ts | 4 +- packages/@aws-cdk/aws-kendra/package.json | 4 +- .../@aws-cdk/aws-kendra/test/kendra.test.ts | 2 +- packages/@aws-cdk/aws-kinesis/package.json | 4 +- .../@aws-cdk/aws-kinesis/test/stream.test.ts | 4 +- .../aws-kinesisanalytics-flink/package.json | 4 +- .../test/application.test.ts | 4 +- .../aws-kinesisanalytics/package.json | 4 +- .../test/kinesisanalytics.test.ts | 2 +- .../@aws-cdk/aws-kinesisfirehose/package.json | 4 +- .../test/kinesisfirehose.test.ts | 2 +- packages/@aws-cdk/aws-kms/package.json | 4 +- packages/@aws-cdk/aws-kms/test/alias.test.ts | 2 +- packages/@aws-cdk/aws-kms/test/key.test.ts | 4 +- .../test/via-service-principal.test.ts | 2 +- .../@aws-cdk/aws-lakeformation/package.json | 4 +- .../test/lakeformation.test.ts | 2 +- .../aws-lambda-destinations/package.json | 4 +- .../test/destinations.test.ts | 2 +- .../aws-lambda-event-sources/package.json | 4 +- .../aws-lambda-event-sources/test/test.api.ts | 2 +- .../test/test.dynamo.ts | 2 +- .../test/test.kafka.ts | 2 +- .../test/test.kinesis.ts | 2 +- .../aws-lambda-event-sources/test/test.s3.ts | 2 +- .../aws-lambda-event-sources/test/test.sns.ts | 2 +- .../aws-lambda-event-sources/test/test.sqs.ts | 2 +- .../@aws-cdk/aws-lambda-nodejs/package.json | 4 +- .../aws-lambda-nodejs/test/function.test.ts | 4 +- .../@aws-cdk/aws-lambda-python/package.json | 4 +- .../aws-lambda-python/test/function.test.ts | 2 +- .../aws-lambda-python/test/layer.test.ts | 2 +- packages/@aws-cdk/aws-lambda/package.json | 4 +- .../@aws-cdk/aws-lambda/test/alias.test.ts | 4 +- .../test/code-signing-config.test.ts | 2 +- .../@aws-cdk/aws-lambda/test/code.test.ts | 4 +- .../test/event-source-mapping.test.ts | 2 +- .../aws-lambda/test/function-hash.test.ts | 2 +- .../@aws-cdk/aws-lambda/test/function.test.ts | 4 +- .../aws-lambda/test/lambda-version.test.ts | 2 +- .../@aws-cdk/aws-lambda/test/layers.test.ts | 4 +- .../@aws-cdk/aws-lambda/test/runtime.test.ts | 2 +- .../aws-lambda/test/singleton-lambda.test.ts | 4 +- .../aws-lambda/test/vpc-lambda.test.ts | 2 +- .../@aws-cdk/aws-licensemanager/package.json | 4 +- .../test/licensemanager.test.ts | 2 +- .../aws-logs-destinations/package.json | 4 +- .../test/kinesis.test.ts | 2 +- .../aws-logs-destinations/test/lambda.test.ts | 2 +- packages/@aws-cdk/aws-logs/package.json | 4 +- .../aws-logs/test/test.destination.ts | 2 +- .../aws-logs/test/test.log-retention.ts | 2 +- .../@aws-cdk/aws-logs/test/test.loggroup.ts | 2 +- .../@aws-cdk/aws-logs/test/test.logstream.ts | 2 +- .../aws-logs/test/test.metricfilter.ts | 2 +- .../aws-logs/test/test.subscriptionfilter.ts | 2 +- .../@aws-cdk/aws-lookoutvision/package.json | 4 +- .../test/lookoutvision.test.ts | 2 +- packages/@aws-cdk/aws-macie/package.json | 4 +- .../@aws-cdk/aws-macie/test/macie.test.ts | 2 +- .../aws-managedblockchain/package.json | 4 +- .../test/managedblockchain.test.ts | 2 +- .../@aws-cdk/aws-mediaconnect/package.json | 4 +- .../test/mediaconnect.test.ts | 2 +- .../@aws-cdk/aws-mediaconvert/package.json | 4 +- .../test/mediaconvert.test.ts | 2 +- packages/@aws-cdk/aws-medialive/package.json | 4 +- .../aws-medialive/test/medialive.test.ts | 2 +- .../@aws-cdk/aws-mediapackage/package.json | 4 +- .../test/mediapackage.test.ts | 2 +- packages/@aws-cdk/aws-mediastore/package.json | 4 +- .../aws-mediastore/test/mediastore.test.ts | 2 +- packages/@aws-cdk/aws-msk/package.json | 4 +- packages/@aws-cdk/aws-msk/test/msk.test.ts | 2 +- packages/@aws-cdk/aws-mwaa/package.json | 4 +- packages/@aws-cdk/aws-mwaa/test/mwaa.test.ts | 2 +- packages/@aws-cdk/aws-neptune/package.json | 4 +- .../@aws-cdk/aws-neptune/test/cluster.test.ts | 4 +- .../aws-neptune/test/instance.test.ts | 2 +- .../aws-neptune/test/parameter-group.test.ts | 2 +- .../aws-neptune/test/subnet-group.test.ts | 2 +- .../@aws-cdk/aws-networkfirewall/package.json | 4 +- .../test/networkfirewall.test.ts | 2 +- .../@aws-cdk/aws-networkmanager/package.json | 4 +- .../test/networkmanager.test.ts | 2 +- packages/@aws-cdk/aws-opsworks/package.json | 4 +- .../aws-opsworks/test/opsworks.test.ts | 2 +- packages/@aws-cdk/aws-opsworkscm/package.json | 4 +- .../aws-opsworkscm/test/opsworkscm.test.ts | 2 +- packages/@aws-cdk/aws-pinpoint/package.json | 4 +- .../aws-pinpoint/test/pinpoint.test.ts | 2 +- .../@aws-cdk/aws-pinpointemail/package.json | 4 +- .../test/pinpointemail.test.ts | 2 +- packages/@aws-cdk/aws-qldb/package.json | 4 +- packages/@aws-cdk/aws-qldb/test/qldb.test.ts | 2 +- packages/@aws-cdk/aws-quicksight/package.json | 4 +- .../aws-quicksight/test/quicksight.test.ts | 2 +- packages/@aws-cdk/aws-ram/package.json | 4 +- packages/@aws-cdk/aws-ram/test/ram.test.ts | 2 +- packages/@aws-cdk/aws-rds/package.json | 4 +- .../@aws-cdk/aws-rds/test/cluster.test.ts | 4 +- .../aws-rds/test/database-secret.test.ts | 2 +- .../test/database-secretmanager.test.ts | 2 +- .../aws-rds/test/instance-engine.test.ts | 2 +- .../@aws-cdk/aws-rds/test/instance.test.ts | 4 +- .../aws-rds/test/option-group.test.ts | 2 +- .../aws-rds/test/parameter-group.test.ts | 2 +- packages/@aws-cdk/aws-rds/test/proxy.test.ts | 2 +- .../aws-rds/test/serverless-cluster.test.ts | 2 +- .../sql-server.instance-engine.test.ts | 2 +- .../aws-rds/test/subnet-group.test.ts | 2 +- packages/@aws-cdk/aws-redshift/package.json | 4 +- .../aws-redshift/test/cluster.test.ts | 4 +- .../aws-redshift/test/parameter-group.test.ts | 2 +- .../aws-redshift/test/subnet-group.test.ts | 2 +- .../@aws-cdk/aws-resourcegroups/package.json | 4 +- .../test/resourcegroups.test.ts | 2 +- packages/@aws-cdk/aws-robomaker/package.json | 4 +- .../aws-robomaker/test/robomaker.test.ts | 2 +- .../aws-route53-patterns/package.json | 4 +- .../test/bucket-website-target.test.ts | 2 +- .../@aws-cdk/aws-route53-targets/package.json | 4 +- .../test/apigateway-target.test.ts | 2 +- .../test/apigatewayv2-target.test.ts | 2 +- .../test/bucket-website-target.test.ts | 2 +- .../test/classic-load-balancer-target.test.ts | 2 +- .../test/cloudfront-target.test.ts | 4 +- .../test/global-accelerator-target.test.ts | 2 +- .../interface-vpc-endpoint-target.test.ts | 2 +- .../test/load-balancer-target.test.ts | 2 +- .../test/userpool-domain.test.ts | 2 +- packages/@aws-cdk/aws-route53/package.json | 4 +- .../test/hosted-zone-provider.test.ts | 2 +- .../aws-route53/test/hosted-zone.test.ts | 2 +- .../aws-route53/test/record-set.test.ts | 2 +- .../@aws-cdk/aws-route53/test/route53.test.ts | 2 +- .../vpc-endpoint-service-domain-name.test.ts | 4 +- .../@aws-cdk/aws-route53resolver/package.json | 4 +- .../test/route53resolver.test.ts | 2 +- packages/@aws-cdk/aws-s3-assets/package.json | 4 +- .../@aws-cdk/aws-s3-assets/test/asset.test.ts | 4 +- .../@aws-cdk/aws-s3-deployment/package.json | 4 +- .../test/bucket-deployment.test.ts | 2 +- .../aws-s3-notifications/package.json | 4 +- .../test/lambda/lambda.test.ts | 6 +- .../test/notifications.test.ts | 4 +- .../aws-s3-notifications/test/queue.test.ts | 4 +- .../aws-s3-notifications/test/sns.test.ts | 2 +- packages/@aws-cdk/aws-s3/package.json | 4 +- packages/@aws-cdk/aws-s3/test/aspect.test.ts | 4 +- .../aws-s3/test/bucket-policy.test.ts | 2 +- packages/@aws-cdk/aws-s3/test/bucket.test.ts | 4 +- packages/@aws-cdk/aws-s3/test/cors.test.ts | 2 +- packages/@aws-cdk/aws-s3/test/metrics.test.ts | 2 +- .../@aws-cdk/aws-s3/test/notification.test.ts | 2 +- packages/@aws-cdk/aws-s3/test/rules.test.ts | 2 +- .../@aws-cdk/aws-s3objectlambda/package.json | 4 +- .../test/s3objectlambda.test.ts | 2 +- packages/@aws-cdk/aws-s3outposts/package.json | 4 +- .../aws-s3outposts/test/s3outposts.test.ts | 2 +- packages/@aws-cdk/aws-sagemaker/package.json | 4 +- .../aws-sagemaker/test/sagemaker.test.ts | 2 +- packages/@aws-cdk/aws-sam/package.json | 4 +- .../@aws-cdk/aws-sam/test/application.test.ts | 2 +- .../@aws-cdk/aws-sam/test/function.test.ts | 2 +- packages/@aws-cdk/aws-sdb/package.json | 4 +- packages/@aws-cdk/aws-sdb/test/sdb.test.ts | 2 +- .../@aws-cdk/aws-secretsmanager/package.json | 4 +- .../test/rotation-schedule.test.ts | 2 +- .../test/secret-rotation.test.ts | 2 +- .../aws-secretsmanager/test/secret.test.ts | 4 +- .../@aws-cdk/aws-securityhub/package.json | 4 +- .../aws-securityhub/test/securityhub.test.ts | 2 +- .../@aws-cdk/aws-servicecatalog/package.json | 4 +- .../test/servicecatalog.test.ts | 2 +- .../package.json | 4 +- .../test/servicecatalogappregistry.test.ts | 2 +- .../aws-servicediscovery/package.json | 4 +- .../test/test.instance.ts | 2 +- .../test/test.namespace.ts | 2 +- .../aws-servicediscovery/test/test.service.ts | 2 +- .../@aws-cdk/aws-ses-actions/package.json | 4 +- .../aws-ses-actions/test/actions.test.ts | 4 +- packages/@aws-cdk/aws-ses/package.json | 4 +- .../aws-ses/test/test.receipt-filter.ts | 2 +- .../aws-ses/test/test.receipt-rule-set.ts | 2 +- .../aws-ses/test/test.receipt-rule.ts | 2 +- packages/@aws-cdk/aws-signer/package.json | 4 +- .../aws-signer/test/signing-profile.test.ts | 2 +- .../aws-sns-subscriptions/package.json | 4 +- .../aws-sns-subscriptions/test/subs.test.ts | 2 +- packages/@aws-cdk/aws-sns/package.json | 4 +- packages/@aws-cdk/aws-sns/test/test.sns.ts | 2 +- .../aws-sns/test/test.subscription.ts | 2 +- packages/@aws-cdk/aws-sqs/package.json | 4 +- packages/@aws-cdk/aws-sqs/test/test.sqs.ts | 2 +- packages/@aws-cdk/aws-ssm/package.json | 4 +- .../test/test.parameter-store-string.ts | 2 +- .../@aws-cdk/aws-ssm/test/test.parameter.ts | 2 +- .../aws-ssm/test/test.ssm-document.ts | 2 +- packages/@aws-cdk/aws-sso/package.json | 4 +- packages/@aws-cdk/aws-sso/test/sso.test.ts | 2 +- .../aws-stepfunctions-tasks/package.json | 4 +- .../test/ecs/ecs-tasks.test.ts | 2 +- .../test/ecs/run-tasks.test.ts | 2 +- .../test/emr/emr-add-step.test.ts | 2 +- .../test/emr/emr-cancel-step.test.ts | 2 +- .../test/emr/emr-create-cluster.test.ts | 2 +- .../emr-modify-instance-fleet-by-name.test.ts | 2 +- .../emr-modify-instance-group-by-name.test.ts | 2 +- ...set-cluster-termination-protection.test.ts | 2 +- .../test/emr/emr-terminate-cluster.test.ts | 2 +- .../test/evaluate-expression.test.ts | 2 +- .../test/glue/run-glue-job-task.test.ts | 2 +- .../test/glue/start-job-run.test.ts | 2 +- .../test/invoke-activity.test.ts | 2 +- .../test/lambda/invoke-function.test.ts | 2 +- .../test/lambda/invoke.test.ts | 2 +- .../test/lambda/run-lambda-task.test.ts | 2 +- .../sagemaker/create-endpoint-config.test.ts | 2 +- .../test/sagemaker/create-endpoint.test.ts | 2 +- .../test/sagemaker/create-model.test.ts | 2 +- .../sagemaker/create-training-job.test.ts | 2 +- .../sagemaker/create-transform-job.test.ts | 2 +- .../test/sagemaker/update-endpoint.test.ts | 2 +- .../test/start-execution.test.ts | 2 +- .../test/stepfunctions/invoke-activity.ts | 2 +- .../stepfunctions/start-execution.test.ts | 2 +- .../@aws-cdk/aws-stepfunctions/package.json | 4 +- .../aws-stepfunctions/test/activity.test.ts | 4 +- .../aws-stepfunctions/test/condition.test.ts | 2 +- .../test/custom-state.test.ts | 2 +- .../aws-stepfunctions/test/fail.test.ts | 2 +- .../aws-stepfunctions/test/fields.test.ts | 2 +- .../aws-stepfunctions/test/map.test.ts | 2 +- .../aws-stepfunctions/test/parallel.test.ts | 2 +- .../aws-stepfunctions/test/pass.test.ts | 2 +- .../test/state-machine-resources.test.ts | 4 +- .../test/state-machine.test.ts | 2 +- .../test/states-language.test.ts | 2 +- .../aws-stepfunctions/test/task-base.test.ts | 2 +- .../aws-stepfunctions/test/wait.test.ts | 2 +- packages/@aws-cdk/aws-synthetics/package.json | 4 +- .../aws-synthetics/test/canary.test.ts | 4 +- .../@aws-cdk/aws-synthetics/test/code.test.ts | 2 +- .../aws-synthetics/test/metric.test.ts | 2 +- packages/@aws-cdk/aws-timestream/package.json | 4 +- .../aws-timestream/test/timestream.test.ts | 2 +- packages/@aws-cdk/aws-transfer/package.json | 4 +- .../aws-transfer/test/transfer.test.ts | 2 +- packages/@aws-cdk/aws-waf/package.json | 4 +- packages/@aws-cdk/aws-waf/test/waf.test.ts | 2 +- .../@aws-cdk/aws-wafregional/package.json | 4 +- .../aws-wafregional/test/wafregional.test.ts | 2 +- packages/@aws-cdk/aws-wafv2/package.json | 4 +- .../@aws-cdk/aws-wafv2/test/wafv2.test.ts | 2 +- packages/@aws-cdk/aws-workspaces/package.json | 4 +- .../aws-workspaces/test/workspaces.test.ts | 2 +- .../build-tools/create-missing-libraries.ts | 4 +- .../cloudformation-include/package.json | 4 +- .../test/invalid-templates.test.ts | 4 +- .../test/nested-stacks.test.ts | 4 +- .../test/serverless-transform.test.ts | 2 +- .../test/valid-templates.test.ts | 4 +- .../test/yaml-templates.test.ts | 2 +- .../@aws-cdk/core/lib/private/synthesis.ts | 2 +- .../stack-synthesizers/default-synthesizer.ts | 2 +- .../@aws-cdk/custom-resources/package.json | 4 +- .../aws-custom-resource.test.ts | 2 +- .../test/provider-framework/provider.test.ts | 2 +- .../waiter-state-machine.test.ts | 2 +- .../example-construct-library/package.json | 4 +- .../test/example-resource.test.ts | 4 +- .../@aws-cdk/lambda-layer-awscli/package.json | 4 +- .../test/awscli-layer.test.ts | 2 +- .../lambda-layer-kubectl/package.json | 4 +- .../test/kubectl-layer.test.ts | 2 +- packages/@aws-cdk/pipelines/package.json | 4 +- .../test/build-role-policy-statements.test.ts | 4 +- .../@aws-cdk/pipelines/test/builds.test.ts | 4 +- .../test/cross-environment-infra.test.ts | 4 +- .../pipelines/test/existing-pipeline.test.ts | 4 +- .../pipelines/test/pipeline-assets.test.ts | 4 +- .../@aws-cdk/pipelines/test/pipeline.test.ts | 4 +- .../pipelines/test/stack-ordering.test.ts | 4 +- .../@aws-cdk/pipelines/test/testmatchers.ts | 2 +- .../pipelines/test/validation.test.ts | 4 +- packages/@aws-cdk/yaml-cfn/package.json | 4 +- .../yaml-cfn/test/deserialization.test.ts | 2 +- .../yaml-cfn/test/serialization.test.ts | 2 +- packages/@monocdk-experiment/assert/clone.sh | 2 +- .../@monocdk-experiment/assert/package.json | 2 +- packages/aws-cdk-migration/.eslintrc.js | 3 + packages/aws-cdk-migration/.gitignore | 15 + packages/aws-cdk-migration/.npmignore | 17 + packages/aws-cdk-migration/LICENSE | 201 ++++++++ packages/aws-cdk-migration/NOTICE | 2 + packages/aws-cdk-migration/README.md | 26 ++ .../aws-cdk-migration/bin/rewrite-imports-v2 | 2 + .../bin/rewrite-imports-v2.ts | 37 ++ packages/aws-cdk-migration/jest.config.js | 10 + packages/aws-cdk-migration/lib/rewrite.ts | 114 +++++ packages/aws-cdk-migration/package.json | 59 +++ .../aws-cdk-migration/test/rewrite.test.ts | 91 ++++ packages/aws-cdk-migration/tsconfig.json | 27 ++ .../typescript/test/%name%.test.template.ts | 2 +- tools/pkglint/lib/rules.ts | 24 +- 800 files changed, 4622 insertions(+), 1041 deletions(-) create mode 100644 packages/@aws-cdk/assert-internal/.eslintrc.js create mode 100644 packages/@aws-cdk/assert-internal/.gitignore create mode 100644 packages/@aws-cdk/assert-internal/.npmignore create mode 100644 packages/@aws-cdk/assert-internal/LICENSE create mode 100644 packages/@aws-cdk/assert-internal/NOTICE create mode 100644 packages/@aws-cdk/assert-internal/README.md create mode 100644 packages/@aws-cdk/assert-internal/jest.config.js create mode 100644 packages/@aws-cdk/assert-internal/jest.ts create mode 100644 packages/@aws-cdk/assert-internal/lib/assertion.ts create mode 100644 packages/@aws-cdk/assert-internal/lib/assertions/and-assertion.ts create mode 100644 packages/@aws-cdk/assert-internal/lib/assertions/count-resources.ts create mode 100644 packages/@aws-cdk/assert-internal/lib/assertions/exist.ts create mode 100644 packages/@aws-cdk/assert-internal/lib/assertions/have-output.ts create mode 100644 packages/@aws-cdk/assert-internal/lib/assertions/have-resource-matchers.ts create mode 100644 packages/@aws-cdk/assert-internal/lib/assertions/have-resource.ts create mode 100644 packages/@aws-cdk/assert-internal/lib/assertions/have-type.ts create mode 100644 packages/@aws-cdk/assert-internal/lib/assertions/match-template.ts create mode 100644 packages/@aws-cdk/assert-internal/lib/assertions/negated-assertion.ts create mode 100644 packages/@aws-cdk/assert-internal/lib/canonicalize-assets.ts create mode 100644 packages/@aws-cdk/assert-internal/lib/expect.ts create mode 100644 packages/@aws-cdk/assert-internal/lib/index.ts create mode 100644 packages/@aws-cdk/assert-internal/lib/inspector.ts create mode 100644 packages/@aws-cdk/assert-internal/lib/synth-utils.ts create mode 100644 packages/@aws-cdk/assert-internal/package.json create mode 100644 packages/@aws-cdk/assert-internal/test/assertions.test.ts create mode 100644 packages/@aws-cdk/assert-internal/test/canonicalize-assets.test.ts create mode 100644 packages/@aws-cdk/assert-internal/test/have-output.test.ts create mode 100644 packages/@aws-cdk/assert-internal/test/have-resource.test.ts create mode 100644 packages/@aws-cdk/assert-internal/test/synth-utils.test.ts create mode 100644 packages/@aws-cdk/assert-internal/tsconfig.json create mode 100644 packages/@aws-cdk/assert/BUILD.md create mode 100755 packages/@aws-cdk/assert/clone.sh create mode 100644 packages/aws-cdk-migration/.eslintrc.js create mode 100644 packages/aws-cdk-migration/.gitignore create mode 100644 packages/aws-cdk-migration/.npmignore create mode 100644 packages/aws-cdk-migration/LICENSE create mode 100644 packages/aws-cdk-migration/NOTICE create mode 100644 packages/aws-cdk-migration/README.md create mode 100755 packages/aws-cdk-migration/bin/rewrite-imports-v2 create mode 100644 packages/aws-cdk-migration/bin/rewrite-imports-v2.ts create mode 100644 packages/aws-cdk-migration/jest.config.js create mode 100644 packages/aws-cdk-migration/lib/rewrite.ts create mode 100644 packages/aws-cdk-migration/package.json create mode 100644 packages/aws-cdk-migration/test/rewrite.test.ts create mode 100644 packages/aws-cdk-migration/tsconfig.json diff --git a/packages/@aws-cdk-containers/ecs-service-extensions/package.json b/packages/@aws-cdk-containers/ecs-service-extensions/package.json index 4b75bbbd568f4..5f4683eb92881 100644 --- a/packages/@aws-cdk-containers/ecs-service-extensions/package.json +++ b/packages/@aws-cdk-containers/ecs-service-extensions/package.json @@ -35,14 +35,14 @@ }, "license": "Apache-2.0", "devDependencies": { - "@aws-cdk/assert": "0.0.0", "@types/nodeunit": "^0.0.31", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", "jest": "^26.6.3", "nodeunit": "^0.11.3", - "pkglint": "0.0.0" + "pkglint": "0.0.0", + "@aws-cdk/assert-internal": "0.0.0" }, "dependencies": { "@aws-cdk/aws-applicationautoscaling": "0.0.0", diff --git a/packages/@aws-cdk-containers/ecs-service-extensions/test/test.appmesh.ts b/packages/@aws-cdk-containers/ecs-service-extensions/test/test.appmesh.ts index a221b9d31933e..c38447ac912bb 100644 --- a/packages/@aws-cdk-containers/ecs-service-extensions/test/test.appmesh.ts +++ b/packages/@aws-cdk-containers/ecs-service-extensions/test/test.appmesh.ts @@ -1,4 +1,4 @@ -import { expect, haveResource, haveResourceLike } from '@aws-cdk/assert'; +import { expect, haveResource, haveResourceLike } from '@aws-cdk/assert-internal'; import * as appmesh from '@aws-cdk/aws-appmesh'; import * as ecs from '@aws-cdk/aws-ecs'; import * as cdk from '@aws-cdk/core'; diff --git a/packages/@aws-cdk-containers/ecs-service-extensions/test/test.assign-public-ip.ts b/packages/@aws-cdk-containers/ecs-service-extensions/test/test.assign-public-ip.ts index 92a36dd1d788b..2f4f926e1746b 100644 --- a/packages/@aws-cdk-containers/ecs-service-extensions/test/test.assign-public-ip.ts +++ b/packages/@aws-cdk-containers/ecs-service-extensions/test/test.assign-public-ip.ts @@ -1,4 +1,4 @@ -import { expect, haveResourceLike } from '@aws-cdk/assert'; +import { expect, haveResourceLike } from '@aws-cdk/assert-internal'; import * as ec2 from '@aws-cdk/aws-ec2'; import * as ecs from '@aws-cdk/aws-ecs'; import * as route53 from '@aws-cdk/aws-route53'; diff --git a/packages/@aws-cdk-containers/ecs-service-extensions/test/test.cloudwatch-agent.ts b/packages/@aws-cdk-containers/ecs-service-extensions/test/test.cloudwatch-agent.ts index a8d94c3dc8e25..0b9ad5a09e647 100644 --- a/packages/@aws-cdk-containers/ecs-service-extensions/test/test.cloudwatch-agent.ts +++ b/packages/@aws-cdk-containers/ecs-service-extensions/test/test.cloudwatch-agent.ts @@ -1,4 +1,4 @@ -import { expect, haveResource } from '@aws-cdk/assert'; +import { expect, haveResource } from '@aws-cdk/assert-internal'; import * as ecs from '@aws-cdk/aws-ecs'; import * as cdk from '@aws-cdk/core'; import { Test } from 'nodeunit'; diff --git a/packages/@aws-cdk-containers/ecs-service-extensions/test/test.environment.ts b/packages/@aws-cdk-containers/ecs-service-extensions/test/test.environment.ts index d029f81e34bc6..f1362695ac535 100644 --- a/packages/@aws-cdk-containers/ecs-service-extensions/test/test.environment.ts +++ b/packages/@aws-cdk-containers/ecs-service-extensions/test/test.environment.ts @@ -1,4 +1,4 @@ -import { countResources, expect, haveResource } from '@aws-cdk/assert'; +import { countResources, expect, haveResource } from '@aws-cdk/assert-internal'; import * as ec2 from '@aws-cdk/aws-ec2'; import * as ecs from '@aws-cdk/aws-ecs'; import * as cdk from '@aws-cdk/core'; diff --git a/packages/@aws-cdk-containers/ecs-service-extensions/test/test.firelens.ts b/packages/@aws-cdk-containers/ecs-service-extensions/test/test.firelens.ts index e4ceb68444dd7..a6011a2caabf6 100644 --- a/packages/@aws-cdk-containers/ecs-service-extensions/test/test.firelens.ts +++ b/packages/@aws-cdk-containers/ecs-service-extensions/test/test.firelens.ts @@ -1,4 +1,4 @@ -import { expect, haveResource } from '@aws-cdk/assert'; +import { expect, haveResource } from '@aws-cdk/assert-internal'; import * as ecs from '@aws-cdk/aws-ecs'; import * as cdk from '@aws-cdk/core'; import { Test } from 'nodeunit'; diff --git a/packages/@aws-cdk-containers/ecs-service-extensions/test/test.http-load-balancer.ts b/packages/@aws-cdk-containers/ecs-service-extensions/test/test.http-load-balancer.ts index 2cc26be97ddcf..2e977e19ee889 100644 --- a/packages/@aws-cdk-containers/ecs-service-extensions/test/test.http-load-balancer.ts +++ b/packages/@aws-cdk-containers/ecs-service-extensions/test/test.http-load-balancer.ts @@ -1,4 +1,4 @@ -import { expect, haveResource } from '@aws-cdk/assert'; +import { expect, haveResource } from '@aws-cdk/assert-internal'; import * as ecs from '@aws-cdk/aws-ecs'; import * as cdk from '@aws-cdk/core'; import { Test } from 'nodeunit'; diff --git a/packages/@aws-cdk-containers/ecs-service-extensions/test/test.scale-on-cpu-utilization.ts b/packages/@aws-cdk-containers/ecs-service-extensions/test/test.scale-on-cpu-utilization.ts index 305655129eb1a..6d3e6ce715b1d 100644 --- a/packages/@aws-cdk-containers/ecs-service-extensions/test/test.scale-on-cpu-utilization.ts +++ b/packages/@aws-cdk-containers/ecs-service-extensions/test/test.scale-on-cpu-utilization.ts @@ -1,4 +1,4 @@ -import { expect, haveResource, haveResourceLike } from '@aws-cdk/assert'; +import { expect, haveResource, haveResourceLike } from '@aws-cdk/assert-internal'; import * as ecs from '@aws-cdk/aws-ecs'; import * as cdk from '@aws-cdk/core'; import { Test } from 'nodeunit'; diff --git a/packages/@aws-cdk-containers/ecs-service-extensions/test/test.service.ts b/packages/@aws-cdk-containers/ecs-service-extensions/test/test.service.ts index 23b30f59afe3d..4fa8c80657cd0 100644 --- a/packages/@aws-cdk-containers/ecs-service-extensions/test/test.service.ts +++ b/packages/@aws-cdk-containers/ecs-service-extensions/test/test.service.ts @@ -1,4 +1,4 @@ -import { countResources, expect, haveResource } from '@aws-cdk/assert'; +import { countResources, expect, haveResource } from '@aws-cdk/assert-internal'; import * as ec2 from '@aws-cdk/aws-ec2'; import * as ecs from '@aws-cdk/aws-ecs'; import * as cdk from '@aws-cdk/core'; diff --git a/packages/@aws-cdk-containers/ecs-service-extensions/test/test.xray.ts b/packages/@aws-cdk-containers/ecs-service-extensions/test/test.xray.ts index 36443123e8719..c591b5c6dd012 100644 --- a/packages/@aws-cdk-containers/ecs-service-extensions/test/test.xray.ts +++ b/packages/@aws-cdk-containers/ecs-service-extensions/test/test.xray.ts @@ -1,4 +1,4 @@ -import { expect, haveResource } from '@aws-cdk/assert'; +import { expect, haveResource } from '@aws-cdk/assert-internal'; import * as ecs from '@aws-cdk/aws-ecs'; import * as cdk from '@aws-cdk/core'; import { Test } from 'nodeunit'; diff --git a/packages/@aws-cdk/alexa-ask/package.json b/packages/@aws-cdk/alexa-ask/package.json index 97bad8c492ebc..767c2013c8398 100644 --- a/packages/@aws-cdk/alexa-ask/package.json +++ b/packages/@aws-cdk/alexa-ask/package.json @@ -72,10 +72,10 @@ }, "license": "Apache-2.0", "devDependencies": { - "@aws-cdk/assert": "0.0.0", "cdk-build-tools": "0.0.0", "cfn2ts": "0.0.0", - "pkglint": "0.0.0" + "pkglint": "0.0.0", + "@aws-cdk/assert-internal": "0.0.0" }, "dependencies": { "@aws-cdk/core": "0.0.0", diff --git a/packages/@aws-cdk/alexa-ask/test/ask.test.ts b/packages/@aws-cdk/alexa-ask/test/ask.test.ts index e394ef336bfb4..c4505ad966984 100644 --- a/packages/@aws-cdk/alexa-ask/test/ask.test.ts +++ b/packages/@aws-cdk/alexa-ask/test/ask.test.ts @@ -1,4 +1,4 @@ -import '@aws-cdk/assert/jest'; +import '@aws-cdk/assert-internal/jest'; import {} from '../lib'; test('No tests are specified for this package', () => { diff --git a/packages/@aws-cdk/app-delivery/package.json b/packages/@aws-cdk/app-delivery/package.json index 7569a0e07a1cc..990a4dd376c50 100644 --- a/packages/@aws-cdk/app-delivery/package.json +++ b/packages/@aws-cdk/app-delivery/package.json @@ -58,14 +58,14 @@ "constructs": "^3.3.69" }, "devDependencies": { - "@aws-cdk/assert": "0.0.0", "@aws-cdk/aws-s3": "0.0.0", "@types/nodeunit": "^0.0.31", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "fast-check": "^2.14.0", "nodeunit": "^0.11.3", - "pkglint": "0.0.0" + "pkglint": "0.0.0", + "@aws-cdk/assert-internal": "0.0.0" }, "repository": { "type": "git", diff --git a/packages/@aws-cdk/app-delivery/test/test.pipeline-deploy-stack-action.ts b/packages/@aws-cdk/app-delivery/test/test.pipeline-deploy-stack-action.ts index d63ddbf6acb50..e4611adf570f6 100644 --- a/packages/@aws-cdk/app-delivery/test/test.pipeline-deploy-stack-action.ts +++ b/packages/@aws-cdk/app-delivery/test/test.pipeline-deploy-stack-action.ts @@ -1,4 +1,4 @@ -import { expect, haveResource, haveResourceLike, isSuperObject } from '@aws-cdk/assert'; +import { expect, haveResource, haveResourceLike, isSuperObject } from '@aws-cdk/assert-internal'; import * as cfn from '@aws-cdk/aws-cloudformation'; import * as codebuild from '@aws-cdk/aws-codebuild'; import * as codepipeline from '@aws-cdk/aws-codepipeline'; diff --git a/packages/@aws-cdk/assert-internal/.eslintrc.js b/packages/@aws-cdk/assert-internal/.eslintrc.js new file mode 100644 index 0000000000000..61dd8dd001f63 --- /dev/null +++ b/packages/@aws-cdk/assert-internal/.eslintrc.js @@ -0,0 +1,3 @@ +const baseConfig = require('cdk-build-tools/config/eslintrc'); +baseConfig.parserOptions.project = __dirname + '/tsconfig.json'; +module.exports = baseConfig; diff --git a/packages/@aws-cdk/assert-internal/.gitignore b/packages/@aws-cdk/assert-internal/.gitignore new file mode 100644 index 0000000000000..c9b9bcc8658a1 --- /dev/null +++ b/packages/@aws-cdk/assert-internal/.gitignore @@ -0,0 +1,16 @@ +*.js +*.js.map +*.d.ts +node_modules +dist + +.LAST_BUILD +.nyc_output +coverage +nyc.config.js +.LAST_PACKAGE +*.snk +!.eslintrc.js +!jest.config.js + +junit.xml \ No newline at end of file diff --git a/packages/@aws-cdk/assert-internal/.npmignore b/packages/@aws-cdk/assert-internal/.npmignore new file mode 100644 index 0000000000000..6f149ce45fddd --- /dev/null +++ b/packages/@aws-cdk/assert-internal/.npmignore @@ -0,0 +1,22 @@ +# Don't include original .ts files when doing `npm pack` +*.ts +!*.d.ts +coverage +.nyc_output +*.tgz + +dist +.LAST_PACKAGE +.LAST_BUILD +*.snk + +*.tsbuildinfo + +tsconfig.json +.eslintrc.js +jest.config.js + +# exclude cdk artifacts +**/cdk.out +junit.xml +test/ \ No newline at end of file diff --git a/packages/@aws-cdk/assert-internal/LICENSE b/packages/@aws-cdk/assert-internal/LICENSE new file mode 100644 index 0000000000000..28e4bdcec77ec --- /dev/null +++ b/packages/@aws-cdk/assert-internal/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright 2018-2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/packages/@aws-cdk/assert-internal/NOTICE b/packages/@aws-cdk/assert-internal/NOTICE new file mode 100644 index 0000000000000..5fc3826926b5b --- /dev/null +++ b/packages/@aws-cdk/assert-internal/NOTICE @@ -0,0 +1,2 @@ +AWS Cloud Development Kit (AWS CDK) +Copyright 2018-2021 Amazon.com, Inc. or its affiliates. All Rights Reserved. diff --git a/packages/@aws-cdk/assert-internal/README.md b/packages/@aws-cdk/assert-internal/README.md new file mode 100644 index 0000000000000..9256b46d2b154 --- /dev/null +++ b/packages/@aws-cdk/assert-internal/README.md @@ -0,0 +1,227 @@ +# Testing utilities and assertions for CDK libraries + + +--- + +![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge) + +> The APIs of higher level constructs in this module are experimental and under active development. +> They are subject to non-backward compatible changes or removal in any future version. These are +> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be +> announced in the release notes. This means that while you may use them, you may need to update +> your source code when upgrading to a newer version of this package. + +--- + + + +This library contains helpers for writing unit tests and integration tests for CDK libraries + +## Unit tests + +Write your unit tests like this: + +```ts +const stack = new Stack(); + +new MyConstruct(stack, 'MyConstruct', { + ... +}); + +expect(stack).to(someExpectation(...)); +``` + +Here are the expectations you can use: + +## Verify (parts of) a template + +Check that the synthesized stack template looks like the given template, or is a superset of it. These functions match logical IDs and all properties of a resource. + +```ts +matchTemplate(template, matchStyle) +exactlyMatchTemplate(template) +beASupersetOfTemplate(template) +``` + +Example: + +```ts +expect(stack).to(beASupersetOfTemplate({ + Resources: { + HostedZone674DD2B7: { + Type: "AWS::Route53::HostedZone", + Properties: { + Name: "test.private.", + VPCs: [{ + VPCId: { Ref: 'VPC06C5F037' }, + VPCRegion: { Ref: 'AWS::Region' } + }] + } + } + } +})); +``` + + +## Check existence of a resource + +If you only care that a resource of a particular type exists (regardless of its logical identifier), and that *some* of its properties are set to specific values: + +```ts +haveResource(type, subsetOfProperties) +haveResourceLike(type, subsetOfProperties) +``` + +Example: + +```ts +expect(stack).to(haveResource('AWS::CertificateManager::Certificate', { + DomainName: 'test.example.com', + // Note: some properties omitted here + + ShouldNotExist: ABSENT +})); +``` + +The object you give to `haveResource`/`haveResourceLike` like can contain the +following values: + +- **Literal values**: the given property in the resource must match the given value *exactly*. +- `ABSENT`: a magic value to assert that a particular key in an object is *not* set (or set to `undefined`). +- special matchers for inexact matching. You can use these to match values based on more lenient conditions + than the default (such as an array containing at least one element, ignoring the rest, or an inexact string + match). + +The following matchers exist: + +- `objectLike(O)` - the value has to be an object matching at least the keys in `O` (but may contain + more). The nested values must match exactly. +- `deepObjectLike(O)` - as `objectLike`, but nested objects are also treated as partial specifications. +- `exactValue(X)` - must match exactly the given value. Use this to escape from `deepObjectLike`'s leniency + back to exact value matching. +- `arrayWith(E, [F, ...])` - value must be an array containing the given elements (or matchers) in any order. +- `stringLike(S)` - value must be a string matching `S`. `S` may contain `*` as wildcard to match any number + of characters. +- `anything()` - matches any value. +- `notMatching(M)` - any value that does NOT match the given matcher (or exact value) given. +- `encodedJson(M)` - value must be a string which, when decoded as JSON, matches the given matcher or + exact value. + +Slightly more complex example with array matchers: + +```ts +expect(stack).to(haveResourceLike('AWS::IAM::Policy', { + PolicyDocument: { + Statement: arrayWith(objectLike({ + Action: ['s3:GetObject'], + Resource: ['arn:my:arn'], + }}) + } +})); +``` + +## Capturing values from a match + +Special `Capture` matchers exist to capture values encountered during a match. These can be +used for two typical purposes: + +- Apply additional assertions to the values found during a matching operation. +- Use the value found during a matching operation in a new matching operation. + +`Capture` matchers take an inner matcher as an argument, and will only capture the value +if the inner matcher succeeds in matching the given value. + +Here's an example which asserts that a policy for `RoleA` contains two statements +with *different* ARNs (without caring what those ARNs might be), and that +a policy for `RoleB` *also* has a statement for one of those ARNs (again, without +caring what the ARN might be): + +```ts +const arn1 = Capture.aString(); +const arn2 = Capture.aString(); + +expect(stack).to(haveResourceLike('AWS::IAM::Policy', { + Roles: ['RoleA'], + PolicyDocument: { + Statement: [ + objectLike({ + Resource: [arn1.capture()], + }), + objectLike({ + Resource: [arn2.capture()], + }), + ], + }, +})); + +// Don't care about the values as long as they are not the same +expect(arn1.capturedValue).not.toEqual(arn2.capturedValue); + +expect(stack).to(haveResourceLike('AWS::IAM::Policy', { + Roles: ['RoleB'], + PolicyDocument: { + Statement: [ + objectLike({ + // This ARN must be the same as ARN1 above. + Resource: [arn1.capturedValue] + }), + ], + }, +})); +``` + +NOTE: `Capture` look somewhat like *bindings* in other pattern matching +libraries you might be used to, but they are far simpler and very +deterministic. In particular, they don't do unification: if the same Capture +is either used multiple times in the same structure expression or matches +multiple times, no restarting of the match is done to make them all match the +same value: the last value encountered by the `Capture` (as determined by the +behavior of the matchers around it) is stored into it and will be the one +available after the match has completed. + +## Check number of resources + +If you want to assert that `n` number of resources of a particular type exist, with or without specific properties: + +```ts +countResources(type, count) +countResourcesLike(type, count, props) +``` + +Example: + +```ts +expect(stack).to(countResources('AWS::ApiGateway::Method', 3)); +expect(stack).to(countResourcesLike('AWS::ApiGateway::Method', 1, { + HttpMethod: 'GET', + ResourceId: { + "Ref": "MyResource01234" + } +})); +``` + +## Check existence of an output + +`haveOutput` assertion can be used to check that a stack contains specific output. +Parameters to check against can be: + +- `outputName` +- `outputValue` +- `exportName` + +If `outputValue` is provided, at least one of `outputName`, `exportName` should be provided as well + +Example + +```ts +expect(synthStack).to(haveOutput({ + outputName: 'TestOutputName', + exportName: 'TestOutputExportName', + outputValue: { + 'Fn::GetAtt': [ + 'TestResource', + 'Arn' + ] + } +})); +``` diff --git a/packages/@aws-cdk/assert-internal/jest.config.js b/packages/@aws-cdk/assert-internal/jest.config.js new file mode 100644 index 0000000000000..ac8c47076506a --- /dev/null +++ b/packages/@aws-cdk/assert-internal/jest.config.js @@ -0,0 +1,10 @@ +const baseConfig = require('cdk-build-tools/config/jest.config'); +module.exports = { + ...baseConfig, + coverageThreshold: { + global: { + statements: 75, + branches: 65, + }, + }, +}; diff --git a/packages/@aws-cdk/assert-internal/jest.ts b/packages/@aws-cdk/assert-internal/jest.ts new file mode 100644 index 0000000000000..5c6db5727ed8d --- /dev/null +++ b/packages/@aws-cdk/assert-internal/jest.ts @@ -0,0 +1,107 @@ +import * as core from '@aws-cdk/core'; +import * as cxapi from '@aws-cdk/cx-api'; +import { countResources } from './lib'; +import { JestFriendlyAssertion } from './lib/assertion'; +import { haveOutput, HaveOutputProperties } from './lib/assertions/have-output'; +import { HaveResourceAssertion, ResourcePart } from './lib/assertions/have-resource'; +import { MatchStyle, matchTemplate } from './lib/assertions/match-template'; +import { expect as ourExpect } from './lib/expect'; +import { StackInspector } from './lib/inspector'; + +declare global { + namespace jest { + interface Matchers { + toMatchTemplate( + template: any, + matchStyle?: MatchStyle): R; + + toHaveResource( + resourceType: string, + properties?: any, + comparison?: ResourcePart): R; + + toHaveResourceLike( + resourceType: string, + properties?: any, + comparison?: ResourcePart): R; + + toHaveOutput(props: HaveOutputProperties): R; + + toCountResources(resourceType: string, count: number): R; + } + } +} + +expect.extend({ + toMatchTemplate( + actual: cxapi.CloudFormationStackArtifact | core.Stack, + template: any, + matchStyle?: MatchStyle) { + + const assertion = matchTemplate(template, matchStyle); + const inspector = ourExpect(actual); + const pass = assertion.assertUsing(inspector); + if (pass) { + return { + pass, + message: () => 'Not ' + assertion.description, + }; + } else { + return { + pass, + message: () => assertion.description, + }; + } + }, + + toHaveResource( + actual: cxapi.CloudFormationStackArtifact | core.Stack, + resourceType: string, + properties?: any, + comparison?: ResourcePart) { + + const assertion = new HaveResourceAssertion(resourceType, properties, comparison, false); + return applyAssertion(assertion, actual); + }, + + toHaveResourceLike( + actual: cxapi.CloudFormationStackArtifact | core.Stack, + resourceType: string, + properties?: any, + comparison?: ResourcePart) { + + const assertion = new HaveResourceAssertion(resourceType, properties, comparison, true); + return applyAssertion(assertion, actual); + }, + + toHaveOutput( + actual: cxapi.CloudFormationStackArtifact | core.Stack, + props: HaveOutputProperties) { + + return applyAssertion(haveOutput(props), actual); + }, + + toCountResources( + actual: cxapi.CloudFormationStackArtifact | core.Stack, + resourceType: string, + count = 1) { + + return applyAssertion(countResources(resourceType, count), actual); + }, +}); + +function applyAssertion(assertion: JestFriendlyAssertion, actual: cxapi.CloudFormationStackArtifact | core.Stack) { + const inspector = ourExpect(actual); + const pass = assertion.assertUsing(inspector); + if (pass) { + return { + pass, + message: () => 'Not ' + assertion.generateErrorMessage(), + }; + } else { + return { + pass, + message: () => assertion.generateErrorMessage(), + }; + } +} diff --git a/packages/@aws-cdk/assert-internal/lib/assertion.ts b/packages/@aws-cdk/assert-internal/lib/assertion.ts new file mode 100644 index 0000000000000..376b099f8433f --- /dev/null +++ b/packages/@aws-cdk/assert-internal/lib/assertion.ts @@ -0,0 +1,40 @@ +import { Inspector } from './inspector'; + +export abstract class Assertion { + public abstract readonly description: string; + + public abstract assertUsing(inspector: InspectorClass): boolean; + + /** + * Assert this thing and another thing + */ + public and(assertion: Assertion): Assertion { + // Needs to delegate to a function so that we can import mutually dependent classes in the right order + return and(this, assertion); + } + + public assertOrThrow(inspector: InspectorClass) { + if (!this.assertUsing(inspector)) { + throw new Error(`${JSON.stringify(inspector.value, null, 2)} does not match ${this.description}`); + } + } +} + +export abstract class JestFriendlyAssertion extends Assertion { + /** + * Generates an error message that can be used by Jest. + */ + public abstract generateErrorMessage(): string; +} + +import { AndAssertion } from './assertions/and-assertion'; + +function and(left: Assertion, right: Assertion): Assertion { + return new AndAssertion(left, right); +} + +import { NegatedAssertion } from './assertions/negated-assertion'; + +export function not(assertion: Assertion): Assertion { + return new NegatedAssertion(assertion); +} diff --git a/packages/@aws-cdk/assert-internal/lib/assertions/and-assertion.ts b/packages/@aws-cdk/assert-internal/lib/assertions/and-assertion.ts new file mode 100644 index 0000000000000..737dbaca67e5e --- /dev/null +++ b/packages/@aws-cdk/assert-internal/lib/assertions/and-assertion.ts @@ -0,0 +1,19 @@ +import { Assertion } from '../assertion'; +import { Inspector } from '../inspector'; + +export class AndAssertion extends Assertion { + public description: string = 'Combined assertion'; + + constructor(private readonly first: Assertion, private readonly second: Assertion) { + super(); + } + + public assertUsing(_inspector: InspectorClass): boolean { + throw new Error('This is never called'); + } + + public assertOrThrow(inspector: InspectorClass) { + this.first.assertOrThrow(inspector); + this.second.assertOrThrow(inspector); + } +} diff --git a/packages/@aws-cdk/assert-internal/lib/assertions/count-resources.ts b/packages/@aws-cdk/assert-internal/lib/assertions/count-resources.ts new file mode 100644 index 0000000000000..0827ba1f18306 --- /dev/null +++ b/packages/@aws-cdk/assert-internal/lib/assertions/count-resources.ts @@ -0,0 +1,58 @@ +import { Assertion, JestFriendlyAssertion } from '../assertion'; +import { StackInspector } from '../inspector'; +import { isSuperObject } from './have-resource'; + +/** + * An assertion to check whether a resource of a given type and with the given properties exists, disregarding properties + */ +export function countResources(resourceType: string, count = 1): JestFriendlyAssertion { + return new CountResourcesAssertion(resourceType, count); +} + +/** + * An assertion to check whether a resource of a given type and with the given properties exists, considering properties + */ +export function countResourcesLike(resourceType: string, count = 1, props: any): Assertion { + return new CountResourcesAssertion(resourceType, count, props); +} + +class CountResourcesAssertion extends JestFriendlyAssertion { + private inspected: number = 0; + private readonly props: any; + + constructor( + private readonly resourceType: string, + private readonly count: number, + props: any = null) { + super(); + this.props = props; + } + + public assertUsing(inspector: StackInspector): boolean { + let counted = 0; + for (const logicalId of Object.keys(inspector.value.Resources || {})) { + const resource = inspector.value.Resources[logicalId]; + if (resource.Type === this.resourceType) { + if (this.props) { + if (isSuperObject(resource.Properties, this.props, [], true)) { + counted++; + this.inspected += 1; + } + } else { + counted++; + this.inspected += 1; + } + } + } + + return counted === this.count; + } + + public generateErrorMessage(): string { + return this.description; + } + + public get description(): string { + return `stack only has ${this.inspected} resource of type ${this.resourceType}${this.props ? ' with specified properties' : ''} but we expected to find ${this.count}`; + } +} diff --git a/packages/@aws-cdk/assert-internal/lib/assertions/exist.ts b/packages/@aws-cdk/assert-internal/lib/assertions/exist.ts new file mode 100644 index 0000000000000..3cc62f0444de4 --- /dev/null +++ b/packages/@aws-cdk/assert-internal/lib/assertions/exist.ts @@ -0,0 +1,18 @@ +import { Assertion } from '../assertion'; +import { StackPathInspector } from '../inspector'; + +class ExistingResourceAssertion extends Assertion { + public description: string = 'an existing resource'; + + constructor() { + super(); + } + + public assertUsing(inspector: StackPathInspector): boolean { + return inspector.value !== undefined; + } +} + +export function exist(): Assertion { + return new ExistingResourceAssertion(); +} diff --git a/packages/@aws-cdk/assert-internal/lib/assertions/have-output.ts b/packages/@aws-cdk/assert-internal/lib/assertions/have-output.ts new file mode 100644 index 0000000000000..36f76b3e573a0 --- /dev/null +++ b/packages/@aws-cdk/assert-internal/lib/assertions/have-output.ts @@ -0,0 +1,116 @@ +import { JestFriendlyAssertion } from '../assertion'; +import { StackInspector } from '../inspector'; + +class HaveOutputAssertion extends JestFriendlyAssertion { + private readonly inspected: InspectionFailure[] = []; + + constructor(private readonly outputName?: string, private readonly exportName?: any, private outputValue?: any) { + super(); + if (!this.outputName && !this.exportName) { + throw new Error('At least one of [outputName, exportName] should be provided'); + } + } + + public get description(): string { + const descriptionPartsArray = new Array(); + + if (this.outputName) { + descriptionPartsArray.push(`name '${this.outputName}'`); + } + if (this.exportName) { + descriptionPartsArray.push(`export name ${JSON.stringify(this.exportName)}`); + } + if (this.outputValue) { + descriptionPartsArray.push(`value ${JSON.stringify(this.outputValue)}`); + } + + return 'output with ' + descriptionPartsArray.join(', '); + } + + public assertUsing(inspector: StackInspector): boolean { + if (!('Outputs' in inspector.value)) { + return false; + } + + for (const [name, props] of Object.entries(inspector.value.Outputs as Record)) { + const mismatchedFields = new Array(); + + if (this.outputName && name !== this.outputName) { + mismatchedFields.push('name'); + } + + if (this.exportName && JSON.stringify(this.exportName) !== JSON.stringify(props.Export?.Name)) { + mismatchedFields.push('export name'); + } + + if (this.outputValue && JSON.stringify(this.outputValue) !== JSON.stringify(props.Value)) { + mismatchedFields.push('value'); + } + + if (mismatchedFields.length === 0) { + return true; + } + + this.inspected.push({ + output: { [name]: props }, + failureReason: `mismatched ${mismatchedFields.join(', ')}`, + }); + } + + return false; + } + + public generateErrorMessage() { + const lines = new Array(); + + lines.push(`None of ${this.inspected.length} outputs matches ${this.description}.`); + + for (const inspected of this.inspected) { + lines.push(`- ${inspected.failureReason} in:`); + lines.push(indent(4, JSON.stringify(inspected.output, null, 2))); + } + + return lines.join('\n'); + } +} + +/** + * Interface for haveOutput function properties + * NOTE that at least one of [outputName, exportName] should be provided + */ +export interface HaveOutputProperties { + /** + * Logical ID of the output + * @default - the logical ID of the output will not be checked + */ + outputName?: string; + /** + * Export name of the output, when it's exported for cross-stack referencing + * @default - the export name is not required and will not be checked + */ + exportName?: any; + /** + * Value of the output; + * @default - the value will not be checked + */ + outputValue?: any; +} + +interface InspectionFailure { + output: any; + failureReason: string; +} + +/** + * An assertion to check whether Output with particular properties is present in a stack + * @param props properties of the Output that is being asserted against. + * Check ``HaveOutputProperties`` interface to get full list of available parameters + */ +export function haveOutput(props: HaveOutputProperties): JestFriendlyAssertion { + return new HaveOutputAssertion(props.outputName, props.exportName, props.outputValue); +} + +function indent(n: number, s: string) { + const prefix = ' '.repeat(n); + return prefix + s.replace(/\n/g, '\n' + prefix); +} diff --git a/packages/@aws-cdk/assert-internal/lib/assertions/have-resource-matchers.ts b/packages/@aws-cdk/assert-internal/lib/assertions/have-resource-matchers.ts new file mode 100644 index 0000000000000..deb64b769ff16 --- /dev/null +++ b/packages/@aws-cdk/assert-internal/lib/assertions/have-resource-matchers.ts @@ -0,0 +1,430 @@ +import { ABSENT, InspectionFailure, PropertyMatcher } from './have-resource'; + +/** + * A matcher for an object that contains at least the given fields with the given matchers (or literals) + * + * Only does lenient matching one level deep, at the next level all objects must declare the + * exact expected keys again. + */ +export function objectLike(pattern: A): PropertyMatcher { + return _objectContaining(pattern, false); +} + +/** + * A matcher for an object that contains at least the given fields with the given matchers (or literals) + * + * Switches to "deep" lenient matching. Nested objects also only need to contain declared keys. + */ +export function deepObjectLike(pattern: A): PropertyMatcher { + return _objectContaining(pattern, true); +} + +function _objectContaining(pattern: A, deep: boolean): PropertyMatcher { + const anno = { [deep ? '$deepObjectLike' : '$objectLike']: pattern }; + + return annotateMatcher(anno, (value: any, inspection: InspectionFailure): boolean => { + if (typeof value !== 'object' || !value) { + return failMatcher(inspection, `Expect an object but got '${typeof value}'`); + } + + const errors = new Array(); + + for (const [patternKey, patternValue] of Object.entries(pattern)) { + if (patternValue === ABSENT) { + if (value[patternKey] !== undefined) { errors.push(`Field ${patternKey} present, but shouldn't be`); } + continue; + } + + if (!(patternKey in value)) { + errors.push(`Field ${patternKey} missing`); + continue; + } + + // If we are doing DEEP objectLike, translate object literals in the pattern into + // more `deepObjectLike` matchers, even if they occur in lists. + const matchValue = deep ? deepMatcherFromObjectLiteral(patternValue) : patternValue; + + const innerInspection = { ...inspection, failureReason: '' }; + const valueMatches = match(value[patternKey], matchValue, innerInspection); + if (!valueMatches) { + errors.push(`Field ${patternKey} mismatch: ${innerInspection.failureReason}`); + } + } + + /** + * Transform nested object literals into more deep object matchers, if applicable + * + * Object literals in lists are also transformed. + */ + function deepMatcherFromObjectLiteral(nestedPattern: any): any { + if (isObject(nestedPattern)) { + return deepObjectLike(nestedPattern); + } + if (Array.isArray(nestedPattern)) { + return nestedPattern.map(deepMatcherFromObjectLiteral); + } + return nestedPattern; + } + + if (errors.length > 0) { + return failMatcher(inspection, errors.join(', ')); + } + return true; + }); +} + +/** + * Match exactly the given value + * + * This is the default, you only need this to escape from the deep lenient matching + * of `deepObjectLike`. + */ +export function exactValue(expected: any): PropertyMatcher { + const anno = { $exactValue: expected }; + return annotateMatcher(anno, (value: any, inspection: InspectionFailure): boolean => { + return matchLiteral(value, expected, inspection); + }); +} + +/** + * A matcher for a list that contains all of the given elements in any order + */ +export function arrayWith(...elements: any[]): PropertyMatcher { + if (elements.length === 0) { return anything(); } + + const anno = { $arrayContaining: elements.length === 1 ? elements[0] : elements }; + return annotateMatcher(anno, (value: any, inspection: InspectionFailure): boolean => { + if (!Array.isArray(value)) { + return failMatcher(inspection, `Expect an array but got '${typeof value}'`); + } + + for (const element of elements) { + const failure = longestFailure(value, element); + if (failure) { + return failMatcher(inspection, `Array did not contain expected element, closest match at index ${failure[0]}: ${failure[1]}`); + } + } + + return true; + + /** + * Return 'null' if the matcher matches anywhere in the array, otherwise the longest error and its index + */ + function longestFailure(array: any[], matcher: any): [number, string] | null { + let fail: [number, string] | null = null; + for (let i = 0; i < array.length; i++) { + const innerInspection = { ...inspection, failureReason: '' }; + if (match(array[i], matcher, innerInspection)) { + return null; + } + + if (fail === null || innerInspection.failureReason.length > fail[1].length) { + fail = [i, innerInspection.failureReason]; + } + } + return fail; + } + }); +} + +/** + * Whether a value is an object + */ +function isObject(x: any): x is object { + // Because `typeof null === 'object'`. + return x && typeof x === 'object'; +} + +/** + * Helper function to make matcher failure reporting a little easier + * + * Our protocol is weird (change a string on a passed-in object and return 'false'), + * but I don't want to change that right now. + */ +export function failMatcher(inspection: InspectionFailure, error: string): boolean { + inspection.failureReason = error; + return false; +} + +/** + * Match a given literal value against a matcher + * + * If the matcher is a callable, use that to evaluate the value. Otherwise, the values + * must be literally the same. + */ +export function match(value: any, matcher: any, inspection: InspectionFailure) { + if (isCallable(matcher)) { + // Custom matcher (this mostly looks very weird because our `InspectionFailure` signature is weird) + const innerInspection: InspectionFailure = { ...inspection, failureReason: '' }; + const result = matcher(value, innerInspection); + if (typeof result !== 'boolean') { + return failMatcher(inspection, `Predicate returned non-boolean return value: ${result}`); + } + if (!result && !innerInspection.failureReason) { + // Custom matcher neglected to return an error + return failMatcher(inspection, 'Predicate returned false'); + } + // Propagate inner error in case of failure + if (!result) { inspection.failureReason = innerInspection.failureReason; } + return result; + } + + return matchLiteral(value, matcher, inspection); +} + +/** + * Match a literal value at the top level. + * + * When recursing into arrays or objects, the nested values can be either matchers + * or literals. + */ +function matchLiteral(value: any, pattern: any, inspection: InspectionFailure) { + if (pattern == null) { return true; } + + const errors = new Array(); + + if (Array.isArray(value) !== Array.isArray(pattern)) { + return failMatcher(inspection, 'Array type mismatch'); + } + if (Array.isArray(value)) { + if (pattern.length !== value.length) { + return failMatcher(inspection, 'Array length mismatch'); + } + + // Recurse comparison for individual objects + for (let i = 0; i < pattern.length; i++) { + if (!match(value[i], pattern[i], { ...inspection })) { + errors.push(`Array element ${i} mismatch`); + } + } + + if (errors.length > 0) { + return failMatcher(inspection, errors.join(', ')); + } + return true; + } + if ((typeof value === 'object') !== (typeof pattern === 'object')) { + return failMatcher(inspection, 'Object type mismatch'); + } + if (typeof pattern === 'object') { + // Check that all fields in the pattern have the right value + const innerInspection = { ...inspection, failureReason: '' }; + const matcher = objectLike(pattern)(value, innerInspection); + if (!matcher) { + inspection.failureReason = innerInspection.failureReason; + return false; + } + + // Check no fields uncovered + const realFields = new Set(Object.keys(value)); + for (const key of Object.keys(pattern)) { realFields.delete(key); } + if (realFields.size > 0) { + return failMatcher(inspection, `Unexpected keys present in object: ${Array.from(realFields).join(', ')}`); + } + return true; + } + + if (value !== pattern) { + return failMatcher(inspection, 'Different values'); + } + + return true; +} + +/** + * Whether a value is a callable + */ +function isCallable(x: any): x is ((...args: any[]) => any) { + return x && {}.toString.call(x) === '[object Function]'; +} + +/** + * Do a glob-like pattern match (which only supports *s) + */ +export function stringLike(pattern: string): PropertyMatcher { + // Replace * with .* in the string, escape the rest and brace with ^...$ + const regex = new RegExp(`^${pattern.split('*').map(escapeRegex).join('.*')}$`); + + return annotateMatcher({ $stringContaining: pattern }, (value: any, failure: InspectionFailure) => { + if (typeof value !== 'string') { + failure.failureReason = `Expected a string, but got '${typeof value}'`; + return false; + } + + if (!regex.test(value)) { + failure.failureReason = 'String did not match pattern'; + return false; + } + + return true; + }); +} + +/** + * Matches any value + */ +export function anything(): PropertyMatcher { + return annotateMatcher({ $anything: true }, () => true); +} + +/** + * Negate an inner matcher + */ +export function notMatching(matcher: any): PropertyMatcher { + return annotateMatcher({ $notMatching: matcher }, (value: any, failure: InspectionFailure) => { + const result = matcherFrom(matcher)(value, failure); + if (result) { + failure.failureReason = 'Should not have matched, but did'; + return false; + } + return true; + }); +} + +export type TypeValidator = (x: any) => x is T; + +/** + * Captures a value onto an object if it matches a given inner matcher + * + * @example + * + * const someValue = Capture.aString(); + * expect(stack).toHaveResource({ + * // ... + * Value: someValue.capture(stringMatching('*a*')), + * }); + * console.log(someValue.capturedValue); + */ +export class Capture { + /** + * A Capture object that captures any type + */ + public static anyType(): Capture { + return new Capture(); + } + + /** + * A Capture object that captures a string type + */ + public static aString(): Capture { + return new Capture((x: any): x is string => { + if (typeof x !== 'string') { + throw new Error(`Expected to capture a string, got '${x}'`); + } + return true; + }); + } + + /** + * A Capture object that captures a custom type + */ + // eslint-disable-next-line @typescript-eslint/no-shadow + public static a(validator: TypeValidator): Capture { + return new Capture(validator); + } + + private _value?: T; + private _didCapture = false; + private _wasInvoked = false; + + protected constructor(private readonly typeValidator?: TypeValidator) { + } + + /** + * Capture the value if the inner matcher successfully matches it + * + * If no matcher is given, `anything()` is assumed. + * + * And exception will be thrown if the inner matcher returns `true` and + * the value turns out to be of a different type than the `Capture` object + * is expecting. + */ + public capture(matcher?: any): PropertyMatcher { + if (matcher === undefined) { + matcher = anything(); + } + + return annotateMatcher({ $capture: matcher }, (value: any, failure: InspectionFailure) => { + this._wasInvoked = true; + const result = matcherFrom(matcher)(value, failure); + if (result) { + if (this.typeValidator && !this.typeValidator(value)) { + throw new Error(`Value not of the expected type: ${value}`); + } + this._didCapture = true; + this._value = value; + } + return result; + }); + } + + /** + * Whether a value was successfully captured + */ + public get didCapture() { + return this._didCapture; + } + + /** + * Return the value that was captured + * + * Throws an exception if now value was captured + */ + public get capturedValue(): T { + // When this module is ported to jsii, the type parameter will obviously + // have to be dropped and this will have to turn into an `any`. + if (!this.didCapture) { + throw new Error(`Did not capture a value: ${this._wasInvoked ? 'inner matcher failed' : 'never invoked'}`); + } + return this._value!; + } +} + +/** + * Match on the innards of a JSON string, instead of the complete string + */ +export function encodedJson(matcher: any): PropertyMatcher { + return annotateMatcher({ $encodedJson: matcher }, (value: any, failure: InspectionFailure) => { + if (typeof value !== 'string') { + failure.failureReason = `Expected a string, but got '${typeof value}'`; + return false; + } + + let decoded; + try { + decoded = JSON.parse(value); + } catch (e) { + failure.failureReason = `String is not JSON: ${e}`; + return false; + } + + return matcherFrom(matcher)(decoded, failure); + }); +} + +function escapeRegex(s: string) { + return s.replace(/[.*+?^${}()|[\]\\]/g, '\\$&'); // $& means the whole matched string +} + +/** + * Make a matcher out of the given argument if it's not a matcher already + * + * If it's not a matcher, it will be treated as a literal. + */ +export function matcherFrom(matcher: any): PropertyMatcher { + return isCallable(matcher) ? matcher : exactValue(matcher); +} + +/** + * Annotate a matcher with toJSON + * + * We will JSON.stringify() values if we have a match failure, but for matchers this + * would show (in traditional JS fashion) something like '[function Function]', or more + * accurately nothing at all since functions cannot be JSONified. + * + * We override to JSON() in order to produce a readadable version of the matcher. + */ +export function annotateMatcher(how: A, matcher: PropertyMatcher): PropertyMatcher { + (matcher as any).toJSON = () => how; + return matcher; +} diff --git a/packages/@aws-cdk/assert-internal/lib/assertions/have-resource.ts b/packages/@aws-cdk/assert-internal/lib/assertions/have-resource.ts new file mode 100644 index 0000000000000..5a977d8252fd4 --- /dev/null +++ b/packages/@aws-cdk/assert-internal/lib/assertions/have-resource.ts @@ -0,0 +1,163 @@ +import { Assertion, JestFriendlyAssertion } from '../assertion'; +import { StackInspector } from '../inspector'; +import { anything, deepObjectLike, match, objectLike } from './have-resource-matchers'; + +/** + * Magic value to signify that a certain key should be absent from the property bag. + * + * The property is either not present or set to `undefined. + * + * NOTE: `ABSENT` only works with the `haveResource()` and `haveResourceLike()` + * assertions. + */ +export const ABSENT = '{{ABSENT}}'; + +/** + * An assertion to check whether a resource of a given type and with the given properties exists, disregarding properties + * + * @param resourceType the type of the resource that is expected to be present. + * @param properties the properties that the resource is expected to have. A function may be provided, in which case + * it will be called with the properties of candidate resources and an ``InspectionFailure`` + * instance on which errors should be appended, and should return a truthy value to denote a match. + * @param comparison the entity that is being asserted against. + * @param allowValueExtension if properties is an object, tells whether values must match exactly, or if they are + * allowed to be supersets of the reference values. Meaningless if properties is a function. + */ +export function haveResource( + resourceType: string, + properties?: any, + comparison?: ResourcePart, + allowValueExtension: boolean = false): Assertion { + return new HaveResourceAssertion(resourceType, properties, comparison, allowValueExtension); +} + +/** + * Sugar for calling ``haveResource`` with ``allowValueExtension`` set to ``true``. + */ +export function haveResourceLike( + resourceType: string, + properties?: any, + comparison?: ResourcePart) { + return haveResource(resourceType, properties, comparison, true); +} + +export type PropertyMatcher = (props: any, inspection: InspectionFailure) => boolean; + +export class HaveResourceAssertion extends JestFriendlyAssertion { + private readonly inspected: InspectionFailure[] = []; + private readonly part: ResourcePart; + private readonly matcher: any; + + constructor( + private readonly resourceType: string, + properties?: any, + part?: ResourcePart, + allowValueExtension: boolean = false) { + super(); + + this.matcher = isCallable(properties) ? properties : + properties === undefined ? anything() : + allowValueExtension ? deepObjectLike(properties) : + objectLike(properties); + this.part = part ?? ResourcePart.Properties; + } + + public assertUsing(inspector: StackInspector): boolean { + for (const logicalId of Object.keys(inspector.value.Resources || {})) { + const resource = inspector.value.Resources[logicalId]; + if (resource.Type === this.resourceType) { + const propsToCheck = this.part === ResourcePart.Properties ? (resource.Properties ?? {}) : resource; + + // Pass inspection object as 2nd argument, initialize failure with default string, + // to maintain backwards compatibility with old predicate API. + const inspection = { resource, failureReason: 'Object did not match predicate' }; + + if (match(propsToCheck, this.matcher, inspection)) { + return true; + } + + this.inspected.push(inspection); + } + } + + return false; + } + + public generateErrorMessage() { + const lines: string[] = []; + lines.push(`None of ${this.inspected.length} resources matches ${this.description}.`); + + for (const inspected of this.inspected) { + lines.push(`- ${inspected.failureReason} in:`); + lines.push(indent(4, JSON.stringify(inspected.resource, null, 2))); + } + + return lines.join('\n'); + } + + public assertOrThrow(inspector: StackInspector) { + if (!this.assertUsing(inspector)) { + throw new Error(this.generateErrorMessage()); + } + } + + public get description(): string { + // eslint-disable-next-line max-len + return `resource '${this.resourceType}' with ${JSON.stringify(this.matcher, undefined, 2)}`; + } +} + +function indent(n: number, s: string) { + const prefix = ' '.repeat(n); + return prefix + s.replace(/\n/g, '\n' + prefix); +} + +export interface InspectionFailure { + resource: any; + failureReason: string; +} + +/** + * What part of the resource to compare + */ +export enum ResourcePart { + /** + * Only compare the resource's properties + */ + Properties, + + /** + * Check the entire CloudFormation config + * + * (including UpdateConfig, DependsOn, etc.) + */ + CompleteDefinition +} + +/** + * Whether a value is a callable + */ +function isCallable(x: any): x is ((...args: any[]) => any) { + return x && {}.toString.call(x) === '[object Function]'; +} + +/** + * Return whether `superObj` is a super-object of `obj`. + * + * A super-object has the same or more property values, recursing into sub properties if ``allowValueExtension`` is true. + * + * At any point in the object, a value may be replaced with a function which will be used to check that particular field. + * The type of a matcher function is expected to be of type PropertyMatcher. + * + * @deprecated - Use `objectLike` or a literal object instead. + */ +export function isSuperObject(superObj: any, pattern: any, errors: string[] = [], allowValueExtension: boolean = false): boolean { + const matcher = allowValueExtension ? deepObjectLike(pattern) : objectLike(pattern); + + const inspection: InspectionFailure = { resource: superObj, failureReason: '' }; + const ret = match(superObj, matcher, inspection); + if (!ret) { + errors.push(inspection.failureReason); + } + return ret; +} diff --git a/packages/@aws-cdk/assert-internal/lib/assertions/have-type.ts b/packages/@aws-cdk/assert-internal/lib/assertions/have-type.ts new file mode 100644 index 0000000000000..a04d8a450a338 --- /dev/null +++ b/packages/@aws-cdk/assert-internal/lib/assertions/have-type.ts @@ -0,0 +1,21 @@ +import { Assertion } from '../assertion'; +import { StackPathInspector } from '../inspector'; + +export function haveType(type: string): Assertion { + return new StackPathHasTypeAssertion(type); +} + +class StackPathHasTypeAssertion extends Assertion { + constructor(private readonly type: string) { + super(); + } + + public assertUsing(inspector: StackPathInspector): boolean { + const resource = inspector.value; + return resource !== undefined && resource.Type === this.type; + } + + public get description(): string { + return `resource of type ${this.type}`; + } +} diff --git a/packages/@aws-cdk/assert-internal/lib/assertions/match-template.ts b/packages/@aws-cdk/assert-internal/lib/assertions/match-template.ts new file mode 100644 index 0000000000000..e668466d12416 --- /dev/null +++ b/packages/@aws-cdk/assert-internal/lib/assertions/match-template.ts @@ -0,0 +1,96 @@ +import * as cfnDiff from '@aws-cdk/cloudformation-diff'; +import { Assertion } from '../assertion'; +import { StackInspector } from '../inspector'; + +export enum MatchStyle { + /** Requires an exact match */ + EXACT = 'exactly', + /** Allows any change that does not cause a resource replacement */ + NO_REPLACES = 'no replaces', + /** Allows additions, but no updates */ + SUPERSET = 'superset' +} + +export function exactlyMatchTemplate(template: { [key: string]: any }) { + return matchTemplate(template, MatchStyle.EXACT); +} + +export function beASupersetOfTemplate(template: { [key: string]: any }) { + return matchTemplate(template, MatchStyle.SUPERSET); +} + +export function matchTemplate( + template: { [key: string]: any }, + matchStyle: MatchStyle = MatchStyle.EXACT): Assertion { + return new StackMatchesTemplateAssertion(template, matchStyle); +} + +class StackMatchesTemplateAssertion extends Assertion { + constructor( + private readonly template: { [key: string]: any }, + private readonly matchStyle: MatchStyle) { + super(); + } + + public assertOrThrow(inspector: StackInspector) { + if (!this.assertUsing(inspector)) { + // The details have already been printed, so don't generate a huge error message + throw new Error('Template comparison produced unacceptable match'); + } + } + + public assertUsing(inspector: StackInspector): boolean { + const diff = cfnDiff.diffTemplate(this.template, inspector.value); + const acceptable = this.isDiffAcceptable(diff); + if (!acceptable) { + // Print the diff + cfnDiff.formatDifferences(process.stderr, diff); + + // Print the actual template + process.stdout.write('--------------------------------------------------------------------------------------\n'); + process.stdout.write(JSON.stringify(inspector.value, undefined, 2) + '\n'); + } + + return acceptable; + } + + private isDiffAcceptable(diff: cfnDiff.TemplateDiff): boolean { + switch (this.matchStyle) { + case MatchStyle.EXACT: + return diff.differenceCount === 0; + case MatchStyle.NO_REPLACES: + for (const change of Object.values(diff.resources.changes)) { + if (change.changeImpact === cfnDiff.ResourceImpact.MAY_REPLACE) { return false; } + if (change.changeImpact === cfnDiff.ResourceImpact.WILL_REPLACE) { return false; } + } + + for (const change of Object.values(diff.parameters.changes)) { + if (change.isUpdate) { return false; } + } + + for (const change of Object.values(diff.outputs.changes)) { + if (change.isUpdate) { return false; } + } + return true; + case MatchStyle.SUPERSET: + for (const change of Object.values(diff.resources.changes)) { + if (change.changeImpact !== cfnDiff.ResourceImpact.WILL_CREATE) { return false; } + } + + for (const change of Object.values(diff.parameters.changes)) { + if (change.isAddition) { return false; } + } + + for (const change of Object.values(diff.outputs.changes)) { + if (change.isAddition || change.isUpdate) { return false; } + } + + return true; + } + throw new Error(`Unsupported match style: ${this.matchStyle}`); + } + + public get description(): string { + return `template (${this.matchStyle}): ${JSON.stringify(this.template, null, 2)}`; + } +} diff --git a/packages/@aws-cdk/assert-internal/lib/assertions/negated-assertion.ts b/packages/@aws-cdk/assert-internal/lib/assertions/negated-assertion.ts new file mode 100644 index 0000000000000..4c62225ee48a9 --- /dev/null +++ b/packages/@aws-cdk/assert-internal/lib/assertions/negated-assertion.ts @@ -0,0 +1,16 @@ +import { Assertion } from '../assertion'; +import { Inspector } from '../inspector'; + +export class NegatedAssertion extends Assertion { + constructor(private readonly negated: Assertion) { + super(); + } + + public assertUsing(inspector: I): boolean { + return !this.negated.assertUsing(inspector); + } + + public get description(): string { + return `not ${this.negated.description}`; + } +} diff --git a/packages/@aws-cdk/assert-internal/lib/canonicalize-assets.ts b/packages/@aws-cdk/assert-internal/lib/canonicalize-assets.ts new file mode 100644 index 0000000000000..9cee3d4742b3c --- /dev/null +++ b/packages/@aws-cdk/assert-internal/lib/canonicalize-assets.ts @@ -0,0 +1,71 @@ +/** + * Reduce template to a normal form where asset references have been normalized + * + * This makes it possible to compare templates if all that's different between + * them is the hashes of the asset values. + * + * Currently only handles parameterized assets, but can (and should) + * be adapted to handle convention-mode assets as well when we start using + * more of those. + */ +export function canonicalizeTemplate(template: any): any { + // For the weird case where we have an array of templates... + if (Array.isArray(template)) { + return template.map(canonicalizeTemplate); + } + + // Find assets via parameters + const stringSubstitutions = new Array<[RegExp, string]>(); + const paramRe = /^AssetParameters([a-zA-Z0-9]{64})(S3Bucket|S3VersionKey|ArtifactHash)([a-zA-Z0-9]{8})$/; + + const assetsSeen = new Set(); + for (const paramName of Object.keys(template?.Parameters || {})) { + const m = paramRe.exec(paramName); + if (!m) { continue; } + if (assetsSeen.has(m[1])) { continue; } + + assetsSeen.add(m[1]); + const ix = assetsSeen.size; + + // Full parameter reference + stringSubstitutions.push([ + new RegExp(`AssetParameters${m[1]}(S3Bucket|S3VersionKey|ArtifactHash)([a-zA-Z0-9]{8})`), + `Asset${ix}$1`, + ]); + // Substring asset hash reference + stringSubstitutions.push([ + new RegExp(`${m[1]}`), + `Asset${ix}Hash`, + ]); + } + + // Substitute them out + return substitute(template); + + function substitute(what: any): any { + if (Array.isArray(what)) { + return what.map(substitute); + } + + if (typeof what === 'object' && what !== null) { + const ret: any = {}; + for (const [k, v] of Object.entries(what)) { + ret[stringSub(k)] = substitute(v); + } + return ret; + } + + if (typeof what === 'string') { + return stringSub(what); + } + + return what; + } + + function stringSub(x: string) { + for (const [re, replacement] of stringSubstitutions) { + x = x.replace(re, replacement); + } + return x; + } +} diff --git a/packages/@aws-cdk/assert-internal/lib/expect.ts b/packages/@aws-cdk/assert-internal/lib/expect.ts new file mode 100644 index 0000000000000..21dd7e011c826 --- /dev/null +++ b/packages/@aws-cdk/assert-internal/lib/expect.ts @@ -0,0 +1,12 @@ +import * as cdk from '@aws-cdk/core'; +import * as api from '@aws-cdk/cx-api'; +import { StackInspector } from './inspector'; +import { SynthUtils } from './synth-utils'; + +export function expect(stack: api.CloudFormationStackArtifact | cdk.Stack | Record, skipValidation = false): StackInspector { + // if this is already a synthesized stack, then just inspect it. + const artifact = stack instanceof api.CloudFormationStackArtifact ? stack + : cdk.Stack.isStack(stack) ? SynthUtils._synthesizeWithNested(stack, { skipValidation }) + : stack; // This is a template already + return new StackInspector(artifact); +} diff --git a/packages/@aws-cdk/assert-internal/lib/index.ts b/packages/@aws-cdk/assert-internal/lib/index.ts new file mode 100644 index 0000000000000..902a5c222f003 --- /dev/null +++ b/packages/@aws-cdk/assert-internal/lib/index.ts @@ -0,0 +1,15 @@ +export * from './assertion'; +export * from './canonicalize-assets'; +export * from './expect'; +export * from './inspector'; +export * from './synth-utils'; + +export * from './assertions/exist'; +export * from './assertions/have-output'; +export * from './assertions/have-resource'; +export * from './assertions/have-resource-matchers'; +export * from './assertions/have-type'; +export * from './assertions/match-template'; +export * from './assertions/and-assertion'; +export * from './assertions/negated-assertion'; +export * from './assertions/count-resources'; diff --git a/packages/@aws-cdk/assert-internal/lib/inspector.ts b/packages/@aws-cdk/assert-internal/lib/inspector.ts new file mode 100644 index 0000000000000..f633de428f4f2 --- /dev/null +++ b/packages/@aws-cdk/assert-internal/lib/inspector.ts @@ -0,0 +1,74 @@ +import * as cxschema from '@aws-cdk/cloud-assembly-schema'; +import * as api from '@aws-cdk/cx-api'; +import { Assertion, not } from './assertion'; +import { MatchStyle, matchTemplate } from './assertions/match-template'; + +export abstract class Inspector { + public aroundAssert?: (cb: () => void) => any; + + constructor() { + this.aroundAssert = undefined; + } + + public to(assertion: Assertion): any { + return this.aroundAssert ? this.aroundAssert(() => this._to(assertion)) + : this._to(assertion); + } + + public notTo(assertion: Assertion): any { + return this.to(not(assertion)); + } + + abstract get value(): any; + + private _to(assertion: Assertion): any { + assertion.assertOrThrow(this); + } +} + +export class StackInspector extends Inspector { + + private readonly template: { [key: string]: any }; + + constructor(public readonly stack: api.CloudFormationStackArtifact | object) { + super(); + + this.template = stack instanceof api.CloudFormationStackArtifact ? stack.template : stack; + } + + public at(path: string | string[]): StackPathInspector { + if (!(this.stack instanceof api.CloudFormationStackArtifact)) { + throw new Error('Cannot use "expect(stack).at(path)" for a raw template, only CloudFormationStackArtifact'); + } + + const strPath = typeof path === 'string' ? path : path.join('/'); + return new StackPathInspector(this.stack, strPath); + } + + public toMatch(template: { [key: string]: any }, matchStyle = MatchStyle.EXACT) { + return this.to(matchTemplate(template, matchStyle)); + } + + public get value(): { [key: string]: any } { + return this.template; + } +} + +export class StackPathInspector extends Inspector { + constructor(public readonly stack: api.CloudFormationStackArtifact, public readonly path: string) { + super(); + } + + public get value(): { [key: string]: any } | undefined { + // The names of paths in metadata in tests are very ill-defined. Try with the full path first, + // then try with the stack name preprended for backwards compat with most tests that happen to give + // their stack an ID that's the same as the stack name. + const metadata = this.stack.manifest.metadata || {}; + const md = metadata[this.path] || metadata[`/${this.stack.id}${this.path}`]; + if (md === undefined) { return undefined; } + const resourceMd = md.find(entry => entry.type === cxschema.ArtifactMetadataEntryType.LOGICAL_ID); + if (resourceMd === undefined) { return undefined; } + const logicalId = resourceMd.data as cxschema.LogMessageMetadataEntry; + return this.stack.template.Resources[logicalId]; + } +} diff --git a/packages/@aws-cdk/assert-internal/lib/synth-utils.ts b/packages/@aws-cdk/assert-internal/lib/synth-utils.ts new file mode 100644 index 0000000000000..bb8d9a437afd9 --- /dev/null +++ b/packages/@aws-cdk/assert-internal/lib/synth-utils.ts @@ -0,0 +1,87 @@ +import * as fs from 'fs'; +import * as path from 'path'; +import * as core from '@aws-cdk/core'; +import * as cxapi from '@aws-cdk/cx-api'; + +export class SynthUtils { + /** + * Returns the cloud assembly template artifact for a stack. + */ + public static synthesize(stack: core.Stack, options: core.SynthesisOptions = { }): cxapi.CloudFormationStackArtifact { + // always synthesize against the root (be it an App or whatever) so all artifacts will be included + const assembly = synthesizeApp(stack, options); + return assembly.getStackArtifact(stack.artifactId); + } + + /** + * Synthesizes the stack and returns the resulting CloudFormation template. + */ + public static toCloudFormation(stack: core.Stack, options: core.SynthesisOptions = { }): any { + const synth = this._synthesizeWithNested(stack, options); + if (synth instanceof cxapi.CloudFormationStackArtifact) { + return synth.template; + } else { + return synth; + } + } + + /** + * @returns Returns a subset of the synthesized CloudFormation template (only specific resource types). + */ + public static subset(stack: core.Stack, options: SubsetOptions): any { + const template = this.toCloudFormation(stack); + if (template.Resources) { + for (const [key, resource] of Object.entries(template.Resources)) { + if (options.resourceTypes && !options.resourceTypes.includes((resource as any).Type)) { + delete template.Resources[key]; + } + } + } + + return template; + } + + /** + * Synthesizes the stack and returns a `CloudFormationStackArtifact` which can be inspected. + * Supports nested stacks as well as normal stacks. + * + * @return CloudFormationStackArtifact for normal stacks or the actual template for nested stacks + * @internal + */ + public static _synthesizeWithNested(stack: core.Stack, options: core.SynthesisOptions = { }): cxapi.CloudFormationStackArtifact | object { + // always synthesize against the root (be it an App or whatever) so all artifacts will be included + const assembly = synthesizeApp(stack, options); + + // if this is a nested stack (it has a parent), then just read the template as a string + if (stack.nestedStackParent) { + return JSON.parse(fs.readFileSync(path.join(assembly.directory, stack.templateFile)).toString('utf-8')); + } + + return assembly.getStackArtifact(stack.artifactId); + } +} + +/** + * Synthesizes the app in which a stack resides and returns the cloud assembly object. + */ +function synthesizeApp(stack: core.Stack, options: core.SynthesisOptions) { + const root = stack.node.root; + if (!core.Stage.isStage(root)) { + throw new Error('unexpected: all stacks must be part of a Stage or an App'); + } + + // to support incremental assertions (i.e. "expect(stack).toNotContainSomething(); doSomething(); expect(stack).toContainSomthing()") + const force = true; + + return root.synth({ + force, + ...options, + }); +} + +export interface SubsetOptions { + /** + * Match all resources of the given type + */ + resourceTypes?: string[]; +} diff --git a/packages/@aws-cdk/assert-internal/package.json b/packages/@aws-cdk/assert-internal/package.json new file mode 100644 index 0000000000000..e707c61d7f13b --- /dev/null +++ b/packages/@aws-cdk/assert-internal/package.json @@ -0,0 +1,67 @@ +{ + "name": "@aws-cdk/assert-internal", + "private": true, + "version": "0.0.0", + "description": "An assertion library for use with CDK Apps", + "main": "lib/index.js", + "types": "lib/index.d.ts", + "scripts": { + "build": "cdk-build", + "watch": "cdk-watch", + "lint": "cdk-lint", + "test": "cdk-test", + "pkglint": "pkglint -f", + "package": "cdk-package", + "build+test+package": "yarn build+test && yarn package", + "build+test": "yarn build && yarn test" + }, + "author": { + "name": "Amazon Web Services", + "url": "https://aws.amazon.com", + "organization": true + }, + "license": "Apache-2.0", + "devDependencies": { + "@types/jest": "^26.0.20", + "cdk-build-tools": "0.0.0", + "jest": "^26.6.3", + "pkglint": "0.0.0", + "ts-jest": "^26.5.3" + }, + "dependencies": { + "@aws-cdk/cloud-assembly-schema": "0.0.0", + "@aws-cdk/cloudformation-diff": "0.0.0", + "@aws-cdk/core": "0.0.0", + "@aws-cdk/cx-api": "0.0.0", + "constructs": "^3.3.69" + }, + "peerDependencies": { + "@aws-cdk/core": "0.0.0", + "constructs": "^3.3.69", + "jest": "^26.6.3" + }, + "repository": { + "url": "https://github.com/aws/aws-cdk.git", + "type": "git", + "directory": "packages/@aws-cdk/assert-internal" + }, + "keywords": [ + "aws", + "cdk" + ], + "homepage": "https://github.com/aws/aws-cdk", + "engines": { + "node": ">= 10.13.0 <13 || >=13.7.0" + }, + "stability": "experimental", + "maturity": "experimental", + "cdk-build": { + "jest": true + }, + "publishConfig": { + "tag": "latest" + }, + "ubergen": { + "exclude": true + } +} diff --git a/packages/@aws-cdk/assert-internal/test/assertions.test.ts b/packages/@aws-cdk/assert-internal/test/assertions.test.ts new file mode 100644 index 0000000000000..bd20d60032d76 --- /dev/null +++ b/packages/@aws-cdk/assert-internal/test/assertions.test.ts @@ -0,0 +1,349 @@ +import * as cdk from '@aws-cdk/core'; +import * as cx from '@aws-cdk/cx-api'; +import * as constructs from 'constructs'; + +import { countResources, countResourcesLike, exist, expect as cdkExpect, haveType, MatchStyle, matchTemplate } from '../lib/index'; + +passingExample('expect at to have ', () => { + const resourceType = 'Test::Resource'; + const synthStack = synthesizedStack(stack => { + new TestResource(stack, 'TestResource', { type: resourceType }); + }); + cdkExpect(synthStack).at('/TestResource').to(haveType(resourceType)); +}); +passingExample('expect non-synthesized stack at to have ', () => { + const resourceType = 'Test::Resource'; + const stack = new cdk.Stack(); + new TestResource(stack, 'TestResource', { type: resourceType }); + cdkExpect(stack).at('/TestResource').to(haveType(resourceType)); +}); +passingExample('expect at *not* to have ', () => { + const resourceType = 'Test::Resource'; + const synthStack = synthesizedStack(stack => { + new TestResource(stack, 'TestResource', { type: resourceType }); + }); + cdkExpect(synthStack).at('/TestResource').notTo(haveType('Foo::Bar')); +}); +passingExample('expect at to exist', () => { + const resourceType = 'Test::Resource'; + const synthStack = synthesizedStack(stack => { + new TestResource(stack, 'TestResource', { type: resourceType }); + }); + cdkExpect(synthStack).at('/TestResource').to(exist()); +}); +passingExample('expect to match (exactly)