From 7f3e5a87d3eed53ececbc9a0e98d71087770d57c Mon Sep 17 00:00:00 2001 From: AWS CDK Team Date: Tue, 7 Apr 2020 06:39:37 +0000 Subject: [PATCH 01/15] chore(release): 1.32.0 --- CHANGELOG.md | 79 ++++++++++++++++++++++++++++++++++++++++++++++++++++ lerna.json | 2 +- 2 files changed, 80 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d34f1d024c14d..b0aa7d94558b0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,85 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [1.32.0](https://github.com/aws/aws-cdk/compare/v1.31.0...v1.32.0) (2020-04-07) + + +### ⚠ BREAKING CHANGES + +* **cognito:** `UserPoolClient` construct no longer has the property +`userPoolClientClientSecret`. The functionality to retrieve the client +secret never existed in CloudFormation, so this property was not +working in the first place. +* **cognito:** The `userPoolClientName` property on the `UserPoolClient` +construct will throw an error if client name was not configured on the +`UserPoolClient` during initialization. This property was previously +incorrectly configured and was returning a not-implemented message from +CloudFormation every time. +* **amplify:** use the `sourceCodeProvider` prop to connect your app to a source +code provider. The props `repository`, `accessToken` and `oauthToken` do not exist +anymore in `AppProps`. +* **kinesis:** `retentionPeriodHours` is now `retentionPeriod` and of type `Duration` +* **eks:** `Cluster` now creates a default managed nodegroup as its default capacity. Set the new cluster property `defaultCapacityType` to `DefaultCapacityType.EC2` to preserve `EC2` as its default capacity. +* **cognito:** `add*Trigger()` methods to configure +lambda triggers has now been replaced by a single +`addTrigger()` method. +* **cognito:** `addTrigger()` method will fail if a trigger +was already configured for that user pool operation. + +### Features + +* **amplify:** source code providers ([#6921](https://github.com/aws/aws-cdk/issues/6921)) ([3dc3d75](https://github.com/aws/aws-cdk/commit/3dc3d75b17855d344b45a1dc48eb6b422237bff6)), closes [#6818](https://github.com/aws/aws-cdk/issues/6818) +* **apigateway:** access logging ([#6559](https://github.com/aws/aws-cdk/issues/6559)) ([7484935](https://github.com/aws/aws-cdk/commit/7484935fb3935997638e22241df7614f76097733)), closes [#6501](https://github.com/aws/aws-cdk/issues/6501) +* **apigateway:** auto-create RequestValidator from options to addMethod() ([#6780](https://github.com/aws/aws-cdk/issues/6780)) ([573464d](https://github.com/aws/aws-cdk/commit/573464d0b214f943fa31fdfa5af0091adc593de6)), closes [#6193](https://github.com/aws/aws-cdk/issues/6193) +* **applicationautoscaling:** add PredefinedMetric for Lambda provisioned concurrency autoscaling ([#6394](https://github.com/aws/aws-cdk/issues/6394)) ([45b68d5](https://github.com/aws/aws-cdk/commit/45b68d5c7905559b70ef41867060ea42f03a3015)), closes [#6369](https://github.com/aws/aws-cdk/issues/6369) +* **aws-codebuild:** add from codebuild image option ([#7117](https://github.com/aws/aws-cdk/issues/7117)) ([de8e670](https://github.com/aws/aws-cdk/commit/de8e670159065e1c1fe6d69a51c1596755dcbcc6)), closes [/github.com/aws/aws-cdk/issues/2606#issuecomment-606114708](https://github.com/aws//github.com/aws/aws-cdk/issues/2606/issues/issuecomment-606114708) +* **aws-codebuild:** add ProjectFileSystemLocation property to codebuild ([#6539](https://github.com/aws/aws-cdk/issues/6539)) ([2195cc2](https://github.com/aws/aws-cdk/commit/2195cc20840138eb29836e3b38f9950d42eef008)), closes [/github.com/aws/aws-cdk/pull/6539#pullrequestreview-379923995](https://github.com/aws//github.com/aws/aws-cdk/pull/6539/issues/pullrequestreview-379923995) [/github.com/aws/aws-cdk/pull/6539#pullrequestreview-380706328](https://github.com/aws//github.com/aws/aws-cdk/pull/6539/issues/pullrequestreview-380706328) [/github.com/aws/aws-cdk/pull/6539/files/1f7972d2567abd1eeb55334c7a8f5d6968daf4b6#pullrequestreview-380798922](https://github.com/aws//github.com/aws/aws-cdk/pull/6539/files/1f7972d2567abd1eeb55334c7a8f5d6968daf4b6/issues/pullrequestreview-380798922) [/github.com/aws/aws-cdk/pull/6539/files/1f7972d2567abd1eeb55334c7a8f5d6968daf4b6#pullrequestreview-380798922](https://github.com/aws//github.com/aws/aws-cdk/pull/6539/files/1f7972d2567abd1eeb55334c7a8f5d6968daf4b6/issues/pullrequestreview-380798922) +* **bootstrap:** require `aws:SecureTransport` for staging bucket ([#7192](https://github.com/aws/aws-cdk/issues/7192)) ([ed106ea](https://github.com/aws/aws-cdk/commit/ed106eab36835fa7cb0140cc1c6971932ede5f5e)) +* **cfnspec:** cloudformation spec v11.6.0 ([#6995](https://github.com/aws/aws-cdk/issues/6995)) ([9a552c2](https://github.com/aws/aws-cdk/commit/9a552c275ee011fd794b27735503d139f538f70a)) +* **cli:** regression tests ([#7060](https://github.com/aws/aws-cdk/issues/7060)) ([f18f3f1](https://github.com/aws/aws-cdk/commit/f18f3f17bc7c6832e4839aada5261e292aed9489)) +* **cli:** write stack outputs to a file ([#7020](https://github.com/aws/aws-cdk/issues/7020)) ([75d5ee9](https://github.com/aws/aws-cdk/commit/75d5ee9e41935a9525fa6cfe5a059398d0a799cd)), closes [#1773](https://github.com/aws/aws-cdk/issues/1773) +* **codebuild:** expose aws/windows/base:2.0 image ([#7004](https://github.com/aws/aws-cdk/issues/7004)) ([9374642](https://github.com/aws/aws-cdk/commit/937464272d5c11033b67b970fea039bfc35f2d12)) +* **codebuild:** support AL2 3.0 & Standard 4.0 ([#6968](https://github.com/aws/aws-cdk/issues/6968)) ([3254c5d](https://github.com/aws/aws-cdk/commit/3254c5d09c3708a904cc1f1a0344c32d807d6a74)) +* **cognito:** import an existing user pool client ([#7091](https://github.com/aws/aws-cdk/issues/7091)) ([abc2144](https://github.com/aws/aws-cdk/commit/abc2144a5e1ed3e18c1b6d1631f26ab7e29d1760)) +* **cognito:** user pool - OAuth2.0 authentication ([#7141](https://github.com/aws/aws-cdk/issues/7141)) ([09852d0](https://github.com/aws/aws-cdk/commit/09852d05242fff9ba9080df9121537f81af9d131)) +* **core:** `Size` unit representing digital information quantity ([#6940](https://github.com/aws/aws-cdk/issues/6940)) ([22a560d](https://github.com/aws/aws-cdk/commit/22a560dd4a49d74a9ff217c27c77a7e03d7b38de)), closes [40aws-cdk/aws-lambda/lib/function.ts#L75-L83](https://github.com/40aws-cdk/aws-lambda/lib/function.ts/issues/L75-L83) [40aws-cdk/aws-rds/lib/instance.ts#L625-L630](https://github.com/40aws-cdk/aws-rds/lib/instance.ts/issues/L625-L630) [40aws-cdk/aws-autoscaling/lib/volume.ts#L89-L96](https://github.com/40aws-cdk/aws-autoscaling/lib/volume.ts/issues/L89-L96) +* **ec2:** EFS interface VPC endpoint ([#6961](https://github.com/aws/aws-cdk/issues/6961)) ([6e61889](https://github.com/aws/aws-cdk/commit/6e618898a3d742d7d47da78dd6cbf2ec21b24f92)), closes [#6960](https://github.com/aws/aws-cdk/issues/6960) +* **ecs:** secret JSON key for environment variables ([#6435](https://github.com/aws/aws-cdk/issues/6435)) ([97959f6](https://github.com/aws/aws-cdk/commit/97959f6ba40a4a576fc914772206623900d72add)), closes [#5665](https://github.com/aws/aws-cdk/issues/5665) +* **eks:** managed nodegroup support ([#6759](https://github.com/aws/aws-cdk/issues/6759)) ([74169bf](https://github.com/aws/aws-cdk/commit/74169bf57c7c21aabb1f9b4a6cfac260b77d4b5a)), closes [#5086](https://github.com/aws/aws-cdk/issues/5086) +* **elbv2:** health checks for Lambda targets ([#7023](https://github.com/aws/aws-cdk/issues/7023)) ([cf8c831](https://github.com/aws/aws-cdk/commit/cf8c83126cbcc0e6f14ba59a3ee32e8567bc5ac2)) +* **iam:** add arbitrary conditions to existing principals ([#7015](https://github.com/aws/aws-cdk/issues/7015)) ([64bad91](https://github.com/aws/aws-cdk/commit/64bad91736da5576f212dae08bd1aa3f9414741c)), closes [#5855](https://github.com/aws/aws-cdk/issues/5855) +* **kinesis:** stream encryption with the Kinesis master key ([#7057](https://github.com/aws/aws-cdk/issues/7057)) ([bded683](https://github.com/aws/aws-cdk/commit/bded68336265a4c77804726208d3638fc5cbd260)), closes [#751](https://github.com/aws/aws-cdk/issues/751) +* **kinesis:** streams are encrypted by default ([#7102](https://github.com/aws/aws-cdk/issues/7102)) ([d6ecf44](https://github.com/aws/aws-cdk/commit/d6ecf44e84cb326bcbfe48583fdae66829a86adb)) +* **lambda:** .net core 3.1 runtime ([#7105](https://github.com/aws/aws-cdk/issues/7105)) ([ca2585c](https://github.com/aws/aws-cdk/commit/ca2585c99e1f81d45b8bf835638f65a311fbbf9a)) +* **lambda:** currentVersion, version.addAlias() ([#6771](https://github.com/aws/aws-cdk/issues/6771)) ([c94ce62](https://github.com/aws/aws-cdk/commit/c94ce62bc71387d031cf291dbce40243feb50e83)), closes [#6750](https://github.com/aws/aws-cdk/issues/6750) [#5334](https://github.com/aws/aws-cdk/issues/5334) +* **lambda:** ruby 2.7 runtime ([#7024](https://github.com/aws/aws-cdk/issues/7024)) ([4994e0d](https://github.com/aws/aws-cdk/commit/4994e0de8f4681eb49a174b903236d15d32372ba)), closes [#6979](https://github.com/aws/aws-cdk/issues/6979) +* cloudformation spec v12.0.0 ([#7113](https://github.com/aws/aws-cdk/issues/7113)) ([1956ded](https://github.com/aws/aws-cdk/commit/1956ded4eb75613d46a3ea163c3041f402d98fa5)) +* Support passing AssetOptions ([#7099](https://github.com/aws/aws-cdk/issues/7099)) ([3925d9a](https://github.com/aws/aws-cdk/commit/3925d9aee3b408a3b2160bff5306cb80a0a9a3ab)) +* **rds:** aurora - iam role to import and export data from s3 ([#6611](https://github.com/aws/aws-cdk/issues/6611)) ([aa60f89](https://github.com/aws/aws-cdk/commit/aa60f8901257bcf7de4db0d8207661ce70d6c42a)), closes [#6610](https://github.com/aws/aws-cdk/issues/6610) +* **rds:** database instance - auto scale allocated storage ([#6788](https://github.com/aws/aws-cdk/issues/6788)) ([22ffae3](https://github.com/aws/aws-cdk/commit/22ffae337b15476b4aad32c6e4f6d1c14c0eb347)), closes [#6666](https://github.com/aws/aws-cdk/issues/6666) +* **stepfunctions:** execution history logging options ([#6933](https://github.com/aws/aws-cdk/issues/6933)) ([adb6954](https://github.com/aws/aws-cdk/commit/adb69542ec726288aee477642747d060a9965842)), closes [#5754](https://github.com/aws/aws-cdk/issues/5754) +* **stepfunctions-tasks:** dynamodb tasks ([#6654](https://github.com/aws/aws-cdk/issues/6654)) ([435b66f](https://github.com/aws/aws-cdk/commit/435b66f2c4421193590e3fdf2e13d87445e25044)), closes [#6468](https://github.com/aws/aws-cdk/issues/6468) + + +### Bug Fixes + +* **acm-certificatemanager:** DnsValidatedCertificateHandler support for `SubjectAlternativeNames` ([#7050](https://github.com/aws/aws-cdk/issues/7050)) ([a711c01](https://github.com/aws/aws-cdk/commit/a711c0167de8c41796ee20a0b85b763bdfa4a643)), closes [#4659](https://github.com/aws/aws-cdk/issues/4659) +* **aws-ecs-patterns:** revert commit f31f4e1 ([#6987](https://github.com/aws/aws-cdk/issues/6987)) ([0af2d2e](https://github.com/aws/aws-cdk/commit/0af2d2eac4be3a6af5e327e79624a5a46af24ebd)) +* **aws-kinesis:** test assume order between stacks ([#7065](https://github.com/aws/aws-cdk/issues/7065)) ([17aab37](https://github.com/aws/aws-cdk/commit/17aab3723f5e4ae8b06dac832774d457909722f8)) +* **cli:** can't use credential providers for stacks with assets ([#7022](https://github.com/aws/aws-cdk/issues/7022)) ([afd7045](https://github.com/aws/aws-cdk/commit/afd70453de70e8e54bfd941404efda74d594e0e6)), closes [#7005](https://github.com/aws/aws-cdk/issues/7005) +* **cloudtrail:** include s3KeyPrefix in bucket policy resource ([#7053](https://github.com/aws/aws-cdk/issues/7053)) ([b49881f](https://github.com/aws/aws-cdk/commit/b49881f4a21e02491088961860ea853428f49000)), closes [#6741](https://github.com/aws/aws-cdk/issues/6741) +* **cognito:** user pool - `passwordPolicy.minLength` is not optional in all cases ([#6971](https://github.com/aws/aws-cdk/issues/6971)) ([49cdd8f](https://github.com/aws/aws-cdk/commit/49cdd8f198f6d797130bde0c15783fc77e6084f5)) +* **dynamodb:** cannot use attribute as key in a GSI, non-key in another ([#7075](https://github.com/aws/aws-cdk/issues/7075)) ([a6bd34f](https://github.com/aws/aws-cdk/commit/a6bd34fe6ef0831fdca89063348a6965848c7555)), closes [#4398](https://github.com/aws/aws-cdk/issues/4398) +* **ecs:** default Service throws in a VPC without private subnets ([#7188](https://github.com/aws/aws-cdk/issues/7188)) ([0ef6a95](https://github.com/aws/aws-cdk/commit/0ef6a95b19e6001c62bbefbdf867dadcc4ab1f89)), closes [#7062](https://github.com/aws/aws-cdk/issues/7062) +* **events:** Batch target does not work ([#7191](https://github.com/aws/aws-cdk/issues/7191)) ([6f00783](https://github.com/aws/aws-cdk/commit/6f00783c4ffafe7a74609a76544232689b9cca1b)), closes [#7137](https://github.com/aws/aws-cdk/issues/7137) +* **kinesis:** retention period does not use Duration type ([#7037](https://github.com/aws/aws-cdk/issues/7037)) ([1186227](https://github.com/aws/aws-cdk/commit/1186227b01e73cb05425549aeac88630c9a5ff58)), closes [#7036](https://github.com/aws/aws-cdk/issues/7036) +* **rewrite-imports:** incorrect main in package.json ([#7021](https://github.com/aws/aws-cdk/issues/7021)) ([2bf85b3](https://github.com/aws/aws-cdk/commit/2bf85b3e24be27a1f3fe5772b9a8646277615be5)) +* **stepfunctions-tasks:** batch job - can not use task input as array size ([#7008](https://github.com/aws/aws-cdk/issues/7008)) ([923d2a1](https://github.com/aws/aws-cdk/commit/923d2a145e9090658fba5e922f99340f0f94347b)), closes [#6922](https://github.com/aws/aws-cdk/issues/6922) +* **stepfunctions-tasks:** confusion between multiple ways to run a Lambda ([#6796](https://github.com/aws/aws-cdk/issues/6796)) ([7485448](https://github.com/aws/aws-cdk/commit/74854488f1c5d9a479bd18aceda2c1817a5e201c)), closes [#4801](https://github.com/aws/aws-cdk/issues/4801) + + +* **cognito:** clean up and document triggers ([#6816](https://github.com/aws/aws-cdk/issues/6816)) ([32834cb](https://github.com/aws/aws-cdk/commit/32834cb9a33ec053cf3efb7a54efba9b2c0b5131)) + ## [1.31.0](https://github.com/aws/aws-cdk/compare/v1.30.0...v1.31.0) (2020-03-24) diff --git a/lerna.json b/lerna.json index 84f8a4fabb7f1..fdb47e5b64fcd 100644 --- a/lerna.json +++ b/lerna.json @@ -10,5 +10,5 @@ "tools/*" ], "rejectCycles": "true", - "version": "1.31.0" + "version": "1.32.0" } From 356737f86705bc27ce4794d41f231f5ce486ee8f Mon Sep 17 00:00:00 2001 From: netanir Date: Mon, 6 Apr 2020 23:41:50 -0700 Subject: [PATCH 02/15] Update CHANGELOG.md removed regression tests from features section --- CHANGELOG.md | 1 - 1 file changed, 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b0aa7d94558b0..4ea14cd2eaee0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -37,7 +37,6 @@ was already configured for that user pool operation. * **aws-codebuild:** add ProjectFileSystemLocation property to codebuild ([#6539](https://github.com/aws/aws-cdk/issues/6539)) ([2195cc2](https://github.com/aws/aws-cdk/commit/2195cc20840138eb29836e3b38f9950d42eef008)), closes [/github.com/aws/aws-cdk/pull/6539#pullrequestreview-379923995](https://github.com/aws//github.com/aws/aws-cdk/pull/6539/issues/pullrequestreview-379923995) [/github.com/aws/aws-cdk/pull/6539#pullrequestreview-380706328](https://github.com/aws//github.com/aws/aws-cdk/pull/6539/issues/pullrequestreview-380706328) [/github.com/aws/aws-cdk/pull/6539/files/1f7972d2567abd1eeb55334c7a8f5d6968daf4b6#pullrequestreview-380798922](https://github.com/aws//github.com/aws/aws-cdk/pull/6539/files/1f7972d2567abd1eeb55334c7a8f5d6968daf4b6/issues/pullrequestreview-380798922) [/github.com/aws/aws-cdk/pull/6539/files/1f7972d2567abd1eeb55334c7a8f5d6968daf4b6#pullrequestreview-380798922](https://github.com/aws//github.com/aws/aws-cdk/pull/6539/files/1f7972d2567abd1eeb55334c7a8f5d6968daf4b6/issues/pullrequestreview-380798922) * **bootstrap:** require `aws:SecureTransport` for staging bucket ([#7192](https://github.com/aws/aws-cdk/issues/7192)) ([ed106ea](https://github.com/aws/aws-cdk/commit/ed106eab36835fa7cb0140cc1c6971932ede5f5e)) * **cfnspec:** cloudformation spec v11.6.0 ([#6995](https://github.com/aws/aws-cdk/issues/6995)) ([9a552c2](https://github.com/aws/aws-cdk/commit/9a552c275ee011fd794b27735503d139f538f70a)) -* **cli:** regression tests ([#7060](https://github.com/aws/aws-cdk/issues/7060)) ([f18f3f1](https://github.com/aws/aws-cdk/commit/f18f3f17bc7c6832e4839aada5261e292aed9489)) * **cli:** write stack outputs to a file ([#7020](https://github.com/aws/aws-cdk/issues/7020)) ([75d5ee9](https://github.com/aws/aws-cdk/commit/75d5ee9e41935a9525fa6cfe5a059398d0a799cd)), closes [#1773](https://github.com/aws/aws-cdk/issues/1773) * **codebuild:** expose aws/windows/base:2.0 image ([#7004](https://github.com/aws/aws-cdk/issues/7004)) ([9374642](https://github.com/aws/aws-cdk/commit/937464272d5c11033b67b970fea039bfc35f2d12)) * **codebuild:** support AL2 3.0 & Standard 4.0 ([#6968](https://github.com/aws/aws-cdk/issues/6968)) ([3254c5d](https://github.com/aws/aws-cdk/commit/3254c5d09c3708a904cc1f1a0344c32d807d6a74)) From 44743b743867fea7760ea02e4377bb6e1d976918 Mon Sep 17 00:00:00 2001 From: Eli Polonsky Date: Tue, 7 Apr 2020 12:07:15 +0300 Subject: [PATCH 03/15] added cdk-assets to CLI dep in run-against-dist for regression testing (#7222) --- packages/aws-cdk/test/integ/run-against-dist.bash | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/packages/aws-cdk/test/integ/run-against-dist.bash b/packages/aws-cdk/test/integ/run-against-dist.bash index 3e2253e145edf..dc4cd03add2ce 100644 --- a/packages/aws-cdk/test/integ/run-against-dist.bash +++ b/packages/aws-cdk/test/integ/run-against-dist.bash @@ -34,7 +34,7 @@ function serve_npm_packages() { version=$(node -p "require('${cli_root}/package.json').version") # good lord - echo "Fetching CLI dependencies" + echo "Fetching @aws-cdk CLI dependencies from package.json" cli_deps=$(node -p "Object.entries(require('${cli_root}/package.json').dependencies).filter(x => x[0].includes('@aws-cdk')).map(x => x[0].replace('@aws-cdk/', '')).join(' ')") tarballs=$dist_root/js/aws-cdk-${version}.tgz @@ -52,6 +52,12 @@ function serve_npm_packages() { package_names="${package_names} ${package}" done + # manually add cdk-assets since its not prefixed with @aws-cdk and + # hence isn't picked up from package.json + echo "Adding cdk-assets to CLI dependencies" + tarballs="${tarballs} cdk-assets-${version}.tgz" + package_names="${package_names} cdk-assets" + else echo "Testing against local versions of the framework" From 329f02e036833e1a0610cf47c83a6adb04efbb1c Mon Sep 17 00:00:00 2001 From: Eli Polonsky Date: Tue, 7 Apr 2020 12:48:00 +0300 Subject: [PATCH 04/15] chore(cli): fix cdk assets dep path (#7223) --- packages/aws-cdk/test/integ/run-against-dist.bash | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/aws-cdk/test/integ/run-against-dist.bash b/packages/aws-cdk/test/integ/run-against-dist.bash index dc4cd03add2ce..2538e4d4ac2a0 100644 --- a/packages/aws-cdk/test/integ/run-against-dist.bash +++ b/packages/aws-cdk/test/integ/run-against-dist.bash @@ -55,7 +55,7 @@ function serve_npm_packages() { # manually add cdk-assets since its not prefixed with @aws-cdk and # hence isn't picked up from package.json echo "Adding cdk-assets to CLI dependencies" - tarballs="${tarballs} cdk-assets-${version}.tgz" + tarballs="${tarballs} $dist_root/js/cdk-assets-${version}.tgz" package_names="${package_names} cdk-assets" else From 92fb853ea7d31e7bf3d60bd50ce18b95c4189da6 Mon Sep 17 00:00:00 2001 From: Alex Vandiver Date: Tue, 7 Apr 2020 02:59:07 -0700 Subject: [PATCH 05/15] fix(cloudwatch): Alarm annotation ignores datapointsToAlarm (#7202) fix(cloudwatch): respect datapointsToAlarm in alarm annotation `datapointsToAlarm` defaults to `evaluationPeriods`, but may be overridden. Respect the more precise of the two variables in generated annotations about the alarm. Fixes #7152. --- packages/@aws-cdk/aws-cloudwatch/lib/alarm.ts | 3 ++- .../test/integ.alarm-and-dashboard.expected.json | 4 ++-- packages/@aws-cdk/aws-cloudwatch/test/test.graphs.ts | 5 +++-- 3 files changed, 7 insertions(+), 5 deletions(-) diff --git a/packages/@aws-cdk/aws-cloudwatch/lib/alarm.ts b/packages/@aws-cdk/aws-cloudwatch/lib/alarm.ts index 41f9ecafc04e6..bd6dc9fc811f5 100644 --- a/packages/@aws-cdk/aws-cloudwatch/lib/alarm.ts +++ b/packages/@aws-cdk/aws-cloudwatch/lib/alarm.ts @@ -163,9 +163,10 @@ export class Alarm extends Resource implements IAlarm { this.alarmName = this.getResourceNameAttribute(alarm.ref); this.metric = props.metric; + const datapoints = props.datapointsToAlarm || props.evaluationPeriods; this.annotation = { // tslint:disable-next-line:max-line-length - label: `${this.metric} ${OPERATOR_SYMBOLS[comparisonOperator]} ${props.threshold} for ${props.evaluationPeriods} datapoints within ${describePeriod(props.evaluationPeriods * metricPeriod(props.metric).toSeconds())}`, + label: `${this.metric} ${OPERATOR_SYMBOLS[comparisonOperator]} ${props.threshold} for ${datapoints} datapoints within ${describePeriod(props.evaluationPeriods * metricPeriod(props.metric).toSeconds())}`, value: props.threshold, }; } diff --git a/packages/@aws-cdk/aws-cloudwatch/test/integ.alarm-and-dashboard.expected.json b/packages/@aws-cdk/aws-cloudwatch/test/integ.alarm-and-dashboard.expected.json index ae3e4a31cd67d..71f0e459655ec 100644 --- a/packages/@aws-cdk/aws-cloudwatch/test/integ.alarm-and-dashboard.expected.json +++ b/packages/@aws-cdk/aws-cloudwatch/test/integ.alarm-and-dashboard.expected.json @@ -56,7 +56,7 @@ "QueueName" ] }, - "\"]],\"annotations\":{\"horizontal\":[{\"label\":\"ApproximateNumberOfMessagesVisible >= 100 for 3 datapoints within 15 minutes\",\"value\":100,\"yAxis\":\"left\"}]},\"yAxis\":{}}},{\"type\":\"metric\",\"width\":6,\"height\":3,\"x\":0,\"y\":14,\"properties\":{\"view\":\"singleValue\",\"title\":\"Current messages in queue\",\"region\":\"", + "\"]],\"annotations\":{\"horizontal\":[{\"label\":\"ApproximateNumberOfMessagesVisible >= 100 for 2 datapoints within 15 minutes\",\"value\":100,\"yAxis\":\"left\"}]},\"yAxis\":{}}},{\"type\":\"metric\",\"width\":6,\"height\":3,\"x\":0,\"y\":14,\"properties\":{\"view\":\"singleValue\",\"title\":\"Current messages in queue\",\"region\":\"", { "Ref": "AWS::Region" }, @@ -75,4 +75,4 @@ } } } -} \ No newline at end of file +} diff --git a/packages/@aws-cdk/aws-cloudwatch/test/test.graphs.ts b/packages/@aws-cdk/aws-cloudwatch/test/test.graphs.ts index 8e9e6ef78c472..537423e0cff8b 100644 --- a/packages/@aws-cdk/aws-cloudwatch/test/test.graphs.ts +++ b/packages/@aws-cdk/aws-cloudwatch/test/test.graphs.ts @@ -194,7 +194,8 @@ export = { const metric = new Metric({ namespace: 'CDK', metricName: 'Test' }); const alarm = metric.createAlarm(stack, 'Alarm', { - evaluationPeriods: 2, + evaluationPeriods: 7, + datapointsToAlarm: 2, threshold: 1000 }); @@ -219,7 +220,7 @@ export = { horizontal: [{ yAxis: 'right', value: 1000, - label: 'Test >= 1000 for 2 datapoints within 10 minutes', + label: 'Test >= 1000 for 2 datapoints within 35 minutes', }] }, yAxis: {} From 060d4550ee8be48e9845c3c4c69f1444765b7dd4 Mon Sep 17 00:00:00 2001 From: Eli Polonsky Date: Tue, 7 Apr 2020 14:11:18 +0300 Subject: [PATCH 06/15] chore(cli): manually added cfnspec to deps since its transitive (#7227) --- packages/aws-cdk/test/integ/run-against-dist.bash | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/packages/aws-cdk/test/integ/run-against-dist.bash b/packages/aws-cdk/test/integ/run-against-dist.bash index 2538e4d4ac2a0..1d0573ed688e1 100644 --- a/packages/aws-cdk/test/integ/run-against-dist.bash +++ b/packages/aws-cdk/test/integ/run-against-dist.bash @@ -58,6 +58,12 @@ function serve_npm_packages() { tarballs="${tarballs} $dist_root/js/cdk-assets-${version}.tgz" package_names="${package_names} cdk-assets" + # manually add @aws-cdk/cfnspec since its a transitive dependency via @aws-cdk/cloudformation-diff + # hence isn't picked up from package.json + echo "Adding @aws-cdk/cfnspec to CLI dependencies" + tarballs="${tarballs} $dist_root/js/aws-cdk-cfnspec-${version}.tgz" + package_names="${package_names} @aws-cdk/cfnspec" + else echo "Testing against local versions of the framework" From 9766ad65b5ff9a998563b3305bfa34b09913b513 Mon Sep 17 00:00:00 2001 From: Eli Polonsky Date: Tue, 7 Apr 2020 15:12:07 +0300 Subject: [PATCH 07/15] chore(cli): disable regression tests for now (#7229) --- .../test/integ/test-cli-regression-against-current-code.sh | 3 +++ .../test/integ/test-cli-regression-against-latest-release.sh | 3 +++ 2 files changed, 6 insertions(+) diff --git a/packages/aws-cdk/test/integ/test-cli-regression-against-current-code.sh b/packages/aws-cdk/test/integ/test-cli-regression-against-current-code.sh index 8ac522c91f48e..11ca5469d98a0 100755 --- a/packages/aws-cdk/test/integ/test-cli-regression-against-current-code.sh +++ b/packages/aws-cdk/test/integ/test-cli-regression-against-current-code.sh @@ -10,6 +10,9 @@ set -euo pipefail integdir=$(cd $(dirname $0) && pwd) +echo "Regression tests are currently disabled. We will re-enable after investigation" +exit 0 + temp_dir=$(mktemp -d) function cleanup { diff --git a/packages/aws-cdk/test/integ/test-cli-regression-against-latest-release.sh b/packages/aws-cdk/test/integ/test-cli-regression-against-latest-release.sh index fc3e4e3b9a859..8e877a808b3df 100755 --- a/packages/aws-cdk/test/integ/test-cli-regression-against-latest-release.sh +++ b/packages/aws-cdk/test/integ/test-cli-regression-against-latest-release.sh @@ -2,6 +2,9 @@ set -euo pipefail integdir=$(cd $(dirname $0) && pwd) +echo "Regression tests are currently disabled. We will re-enable after investigation" +exit 0 + # run the regular regression test but pass the env variable that will # eventually instruct our runners and wrappers to install the framework # from npmjs.org rather then using the local code. From 0e4ef7b2d0e84a418ab8a9ff10f13273b9183363 Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Tue, 7 Apr 2020 19:05:43 +0000 Subject: [PATCH 08/15] chore(deps): bump aws-sdk from 2.654.0 to 2.655.0 (#7238) Bumps [aws-sdk](https://github.com/aws/aws-sdk-js) from 2.654.0 to 2.655.0. - [Release notes](https://github.com/aws/aws-sdk-js/releases) - [Changelog](https://github.com/aws/aws-sdk-js/blob/master/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-js/compare/v2.654.0...v2.655.0) Signed-off-by: dependabot-preview[bot] Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> --- packages/@aws-cdk/aws-cloudfront/package.json | 2 +- packages/@aws-cdk/aws-cloudtrail/package.json | 2 +- packages/@aws-cdk/aws-codebuild/package.json | 2 +- packages/@aws-cdk/aws-codecommit/package.json | 2 +- packages/@aws-cdk/aws-dynamodb/package.json | 2 +- packages/@aws-cdk/aws-eks/package.json | 2 +- packages/@aws-cdk/aws-events-targets/package.json | 2 +- packages/@aws-cdk/aws-lambda/package.json | 2 +- packages/@aws-cdk/aws-route53/package.json | 2 +- packages/@aws-cdk/aws-sqs/package.json | 2 +- packages/@aws-cdk/custom-resources/package.json | 2 +- packages/aws-cdk/package.json | 2 +- packages/cdk-assets/package.json | 2 +- yarn.lock | 8 ++++---- 14 files changed, 17 insertions(+), 17 deletions(-) diff --git a/packages/@aws-cdk/aws-cloudfront/package.json b/packages/@aws-cdk/aws-cloudfront/package.json index e70c08610ebba..eec89d1b2b1ad 100644 --- a/packages/@aws-cdk/aws-cloudfront/package.json +++ b/packages/@aws-cdk/aws-cloudfront/package.json @@ -64,7 +64,7 @@ "devDependencies": { "@aws-cdk/assert": "0.0.0", "@types/nodeunit": "^0.0.30", - "aws-sdk": "^2.654.0", + "aws-sdk": "^2.655.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", diff --git a/packages/@aws-cdk/aws-cloudtrail/package.json b/packages/@aws-cdk/aws-cloudtrail/package.json index 728f53155e164..32297a43eaadf 100644 --- a/packages/@aws-cdk/aws-cloudtrail/package.json +++ b/packages/@aws-cdk/aws-cloudtrail/package.json @@ -64,7 +64,7 @@ "devDependencies": { "@aws-cdk/assert": "0.0.0", "@types/nodeunit": "^0.0.30", - "aws-sdk": "^2.654.0", + "aws-sdk": "^2.655.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", diff --git a/packages/@aws-cdk/aws-codebuild/package.json b/packages/@aws-cdk/aws-codebuild/package.json index 168c407bfe147..090e3936f856a 100644 --- a/packages/@aws-cdk/aws-codebuild/package.json +++ b/packages/@aws-cdk/aws-codebuild/package.json @@ -70,7 +70,7 @@ "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/aws-sqs": "0.0.0", "@types/nodeunit": "^0.0.30", - "aws-sdk": "^2.654.0", + "aws-sdk": "^2.655.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", diff --git a/packages/@aws-cdk/aws-codecommit/package.json b/packages/@aws-cdk/aws-codecommit/package.json index 445fbc10276cd..d06772e1b566a 100644 --- a/packages/@aws-cdk/aws-codecommit/package.json +++ b/packages/@aws-cdk/aws-codecommit/package.json @@ -70,7 +70,7 @@ "@aws-cdk/assert": "0.0.0", "@aws-cdk/aws-sns": "0.0.0", "@types/nodeunit": "^0.0.30", - "aws-sdk": "^2.654.0", + "aws-sdk": "^2.655.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", diff --git a/packages/@aws-cdk/aws-dynamodb/package.json b/packages/@aws-cdk/aws-dynamodb/package.json index 5bea47e1bfd70..b2c8d7c3423e1 100644 --- a/packages/@aws-cdk/aws-dynamodb/package.json +++ b/packages/@aws-cdk/aws-dynamodb/package.json @@ -64,7 +64,7 @@ "devDependencies": { "@aws-cdk/assert": "0.0.0", "@types/jest": "^25.2.1", - "aws-sdk": "^2.654.0", + "aws-sdk": "^2.655.0", "aws-sdk-mock": "^5.1.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", diff --git a/packages/@aws-cdk/aws-eks/package.json b/packages/@aws-cdk/aws-eks/package.json index 84095694db7be..625f454593167 100644 --- a/packages/@aws-cdk/aws-eks/package.json +++ b/packages/@aws-cdk/aws-eks/package.json @@ -64,7 +64,7 @@ "devDependencies": { "@aws-cdk/assert": "0.0.0", "@types/nodeunit": "^0.0.30", - "aws-sdk": "^2.654.0", + "aws-sdk": "^2.655.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", diff --git a/packages/@aws-cdk/aws-events-targets/package.json b/packages/@aws-cdk/aws-events-targets/package.json index de2eda1fc5129..07ffa58079b53 100644 --- a/packages/@aws-cdk/aws-events-targets/package.json +++ b/packages/@aws-cdk/aws-events-targets/package.json @@ -86,7 +86,7 @@ "devDependencies": { "@aws-cdk/assert": "0.0.0", "@aws-cdk/aws-codecommit": "0.0.0", - "aws-sdk": "^2.654.0", + "aws-sdk": "^2.655.0", "aws-sdk-mock": "^5.1.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", diff --git a/packages/@aws-cdk/aws-lambda/package.json b/packages/@aws-cdk/aws-lambda/package.json index 1dca1a6e01118..e7a501b50e648 100644 --- a/packages/@aws-cdk/aws-lambda/package.json +++ b/packages/@aws-cdk/aws-lambda/package.json @@ -71,7 +71,7 @@ "@types/lodash": "^4.14.149", "@types/nodeunit": "^0.0.30", "@types/sinon": "^9.0.0", - "aws-sdk": "^2.654.0", + "aws-sdk": "^2.655.0", "aws-sdk-mock": "^5.1.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", diff --git a/packages/@aws-cdk/aws-route53/package.json b/packages/@aws-cdk/aws-route53/package.json index 93cf85f43d075..cc101f87b9d86 100644 --- a/packages/@aws-cdk/aws-route53/package.json +++ b/packages/@aws-cdk/aws-route53/package.json @@ -64,7 +64,7 @@ "devDependencies": { "@aws-cdk/assert": "0.0.0", "@types/nodeunit": "^0.0.30", - "aws-sdk": "^2.654.0", + "aws-sdk": "^2.655.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", diff --git a/packages/@aws-cdk/aws-sqs/package.json b/packages/@aws-cdk/aws-sqs/package.json index fad1269088ca4..b2855fe799620 100644 --- a/packages/@aws-cdk/aws-sqs/package.json +++ b/packages/@aws-cdk/aws-sqs/package.json @@ -65,7 +65,7 @@ "@aws-cdk/assert": "0.0.0", "@aws-cdk/aws-s3": "0.0.0", "@types/nodeunit": "^0.0.30", - "aws-sdk": "^2.654.0", + "aws-sdk": "^2.655.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", diff --git a/packages/@aws-cdk/custom-resources/package.json b/packages/@aws-cdk/custom-resources/package.json index df7ef183452d3..d857d9200d98b 100644 --- a/packages/@aws-cdk/custom-resources/package.json +++ b/packages/@aws-cdk/custom-resources/package.json @@ -73,7 +73,7 @@ "@types/aws-lambda": "^8.10.39", "@types/fs-extra": "^8.1.0", "@types/sinon": "^9.0.0", - "aws-sdk": "^2.654.0", + "aws-sdk": "^2.655.0", "aws-sdk-mock": "^5.1.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", diff --git a/packages/aws-cdk/package.json b/packages/aws-cdk/package.json index e9df8825f3c47..e3009e500e868 100644 --- a/packages/aws-cdk/package.json +++ b/packages/aws-cdk/package.json @@ -71,7 +71,7 @@ "@aws-cdk/cx-api": "0.0.0", "@aws-cdk/region-info": "0.0.0", "archiver": "^3.1.1", - "aws-sdk": "^2.654.0", + "aws-sdk": "^2.655.0", "camelcase": "^6.0.0", "cdk-assets": "0.0.0", "colors": "^1.4.0", diff --git a/packages/cdk-assets/package.json b/packages/cdk-assets/package.json index 6115b08ec6912..dfa3c204ca808 100644 --- a/packages/cdk-assets/package.json +++ b/packages/cdk-assets/package.json @@ -44,7 +44,7 @@ "dependencies": { "@aws-cdk/cdk-assets-schema": "0.0.0", "archiver": "^3.1.1", - "aws-sdk": "^2.654.0", + "aws-sdk": "^2.655.0", "glob": "^7.1.6", "yargs": "^15.3.1" }, diff --git a/yarn.lock b/yarn.lock index dcbbbe388ac78..f4a236cbea06c 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2808,10 +2808,10 @@ aws-sdk-mock@^5.1.0: sinon "^9.0.1" traverse "^0.6.6" -aws-sdk@^2.637.0, aws-sdk@^2.654.0: - version "2.654.0" - resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.654.0.tgz#71fd99a2699d802f92e924bd40fde22a8a401e25" - integrity sha512-RAx/SJ74zAqBW1wyRxiHNflmrv50i35pu8kPxfMIJ418TJzIMt+LKgn55rTJgyUdUzKi+MC9XMY4n7IDtwj3HA== +aws-sdk@^2.637.0, aws-sdk@^2.655.0: + version "2.655.0" + resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.655.0.tgz#e95da28e66f02a4bfc0eab46731e2140364b3ea2" + integrity sha512-ywXbaPSwQ+YGo7ZGx7KnmoMO0O7fiEL+rttZIsx6AymLZUohfZ7GlRjG8z93jHa+22qWPMEJ+5UC05/PXWbf7Q== dependencies: buffer "4.9.1" events "1.1.1" From 5788ebf76ea907177e8415f4900f3f0baf077463 Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Wed, 8 Apr 2020 14:07:12 +0000 Subject: [PATCH 09/15] chore(deps-dev): bump sinon from 9.0.1 to 9.0.2 (#7252) Bumps [sinon](https://github.com/sinonjs/sinon) from 9.0.1 to 9.0.2. - [Release notes](https://github.com/sinonjs/sinon/releases) - [Changelog](https://github.com/sinonjs/sinon/blob/master/CHANGELOG.md) - [Commits](https://github.com/sinonjs/sinon/commits) Signed-off-by: dependabot-preview[bot] Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> --- packages/@aws-cdk/assets/package.json | 2 +- packages/@aws-cdk/aws-dynamodb/package.json | 2 +- packages/@aws-cdk/aws-eks/package.json | 2 +- packages/@aws-cdk/aws-lambda/package.json | 2 +- packages/@aws-cdk/aws-s3-assets/package.json | 2 +- .../@aws-cdk/custom-resources/package.json | 2 +- packages/aws-cdk/package.json | 2 +- yarn.lock | 28 +++++++++---------- 8 files changed, 21 insertions(+), 21 deletions(-) diff --git a/packages/@aws-cdk/assets/package.json b/packages/@aws-cdk/assets/package.json index 4ca2f0ef605ff..a1d1886e9e71d 100644 --- a/packages/@aws-cdk/assets/package.json +++ b/packages/@aws-cdk/assets/package.json @@ -72,7 +72,7 @@ "cdk-integ-tools": "0.0.0", "nodeunit": "^0.11.3", "pkglint": "0.0.0", - "sinon": "^9.0.1", + "sinon": "^9.0.2", "ts-mock-imports": "^1.3.0" }, "dependencies": { diff --git a/packages/@aws-cdk/aws-dynamodb/package.json b/packages/@aws-cdk/aws-dynamodb/package.json index b2c8d7c3423e1..db4aef2eaaaf1 100644 --- a/packages/@aws-cdk/aws-dynamodb/package.json +++ b/packages/@aws-cdk/aws-dynamodb/package.json @@ -71,7 +71,7 @@ "cfn2ts": "0.0.0", "jest": "^25.2.4", "pkglint": "0.0.0", - "sinon": "^9.0.1", + "sinon": "^9.0.2", "ts-jest": "^25.3.1" }, "dependencies": { diff --git a/packages/@aws-cdk/aws-eks/package.json b/packages/@aws-cdk/aws-eks/package.json index 625f454593167..4263eae8eeeb5 100644 --- a/packages/@aws-cdk/aws-eks/package.json +++ b/packages/@aws-cdk/aws-eks/package.json @@ -70,7 +70,7 @@ "cfn2ts": "0.0.0", "nodeunit": "^0.11.3", "pkglint": "0.0.0", - "sinon": "^9.0.1" + "sinon": "^9.0.2" }, "dependencies": { "@aws-cdk/aws-autoscaling": "0.0.0", diff --git a/packages/@aws-cdk/aws-lambda/package.json b/packages/@aws-cdk/aws-lambda/package.json index e7a501b50e648..b7845efcc9273 100644 --- a/packages/@aws-cdk/aws-lambda/package.json +++ b/packages/@aws-cdk/aws-lambda/package.json @@ -80,7 +80,7 @@ "nock": "^12.0.3", "nodeunit": "^0.11.3", "pkglint": "0.0.0", - "sinon": "^9.0.1" + "sinon": "^9.0.2" }, "dependencies": { "@aws-cdk/aws-cloudwatch": "0.0.0", diff --git a/packages/@aws-cdk/aws-s3-assets/package.json b/packages/@aws-cdk/aws-s3-assets/package.json index 9cbdeb80ad144..2733cc8f3ddbe 100644 --- a/packages/@aws-cdk/aws-s3-assets/package.json +++ b/packages/@aws-cdk/aws-s3-assets/package.json @@ -67,7 +67,7 @@ "cdk-integ-tools": "0.0.0", "nodeunit": "^0.11.3", "pkglint": "0.0.0", - "sinon": "^9.0.1", + "sinon": "^9.0.2", "ts-mock-imports": "^1.3.0" }, "dependencies": { diff --git a/packages/@aws-cdk/custom-resources/package.json b/packages/@aws-cdk/custom-resources/package.json index d857d9200d98b..1344338c70b5e 100644 --- a/packages/@aws-cdk/custom-resources/package.json +++ b/packages/@aws-cdk/custom-resources/package.json @@ -81,7 +81,7 @@ "fs-extra": "^8.1.0", "nock": "^12.0.3", "pkglint": "0.0.0", - "sinon": "^9.0.1" + "sinon": "^9.0.2" }, "dependencies": { "@aws-cdk/aws-cloudformation": "0.0.0", diff --git a/packages/aws-cdk/package.json b/packages/aws-cdk/package.json index e3009e500e868..7515d57c29e96 100644 --- a/packages/aws-cdk/package.json +++ b/packages/aws-cdk/package.json @@ -62,7 +62,7 @@ "jest": "^24.9.0", "mockery": "^2.1.0", "pkglint": "0.0.0", - "sinon": "^9.0.1", + "sinon": "^9.0.2", "ts-jest": "^25.3.1" }, "dependencies": { diff --git a/yarn.lock b/yarn.lock index f4a236cbea06c..ea1c478e9f440 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2024,17 +2024,17 @@ "@parcel/utils" "^1.11.0" physical-cpu-count "^2.0.0" -"@sinonjs/commons@^1", "@sinonjs/commons@^1.6.0", "@sinonjs/commons@^1.7.0": - version "1.7.1" - resolved "https://registry.yarnpkg.com/@sinonjs/commons/-/commons-1.7.1.tgz#da5fd19a5f71177a53778073978873964f49acf1" - integrity sha512-Debi3Baff1Qu1Unc3mjJ96MgpbwTn43S1+9yJ0llWygPwDNu2aaWBD6yc9y/Z8XDRNhx7U+u2UDg2OGQXkclUQ== +"@sinonjs/commons@^1", "@sinonjs/commons@^1.6.0", "@sinonjs/commons@^1.7.0", "@sinonjs/commons@^1.7.2": + version "1.7.2" + resolved "https://registry.yarnpkg.com/@sinonjs/commons/-/commons-1.7.2.tgz#505f55c74e0272b43f6c52d81946bed7058fc0e2" + integrity sha512-+DUO6pnp3udV/v2VfUWgaY5BIE1IfT7lLfeDzPVeMT1XKkaAp9LgSI9x5RtrFQoZ9Oi0PgXQQHPaoKu7dCjVxw== dependencies: type-detect "4.0.8" -"@sinonjs/fake-timers@^6.0.0": - version "6.0.0" - resolved "https://registry.yarnpkg.com/@sinonjs/fake-timers/-/fake-timers-6.0.0.tgz#b64b0faadfdd01a6dcf0c4dcdb78438d86fa7dbf" - integrity sha512-atR1J/jRXvQAb47gfzSK8zavXy7BcpnYq21ALon0U99etu99vsir0trzIO3wpeLtW+LLVY6X7EkfVTbjGSH8Ww== +"@sinonjs/fake-timers@^6.0.0", "@sinonjs/fake-timers@^6.0.1": + version "6.0.1" + resolved "https://registry.yarnpkg.com/@sinonjs/fake-timers/-/fake-timers-6.0.1.tgz#293674fccb3262ac782c7aadfdeca86b10c75c40" + integrity sha512-MZPUxrmFubI36XS1DI3qmI0YdN1gks62JtFZvxR67ljjSNCeK6U08Zx4msEWOXuofgqUt6zPHSi1H9fbjR/NRA== dependencies: "@sinonjs/commons" "^1.7.0" @@ -11126,13 +11126,13 @@ simple-swizzle@^0.2.2: dependencies: is-arrayish "^0.3.1" -sinon@^9.0.1: - version "9.0.1" - resolved "https://registry.yarnpkg.com/sinon/-/sinon-9.0.1.tgz#dbb18f7d8f5835bcf91578089c0a97b2fffdd73b" - integrity sha512-iTTyiQo5T94jrOx7X7QLBZyucUJ2WvL9J13+96HMfm2CGoJYbIPqRfl6wgNcqmzk0DI28jeGx5bUTXizkrqBmg== +sinon@^9.0.1, sinon@^9.0.2: + version "9.0.2" + resolved "https://registry.yarnpkg.com/sinon/-/sinon-9.0.2.tgz#b9017e24633f4b1c98dfb6e784a5f0509f5fd85d" + integrity sha512-0uF8Q/QHkizNUmbK3LRFqx5cpTttEVXudywY9Uwzy8bTfZUhljZ7ARzSxnRHWYWtVTeh4Cw+tTb3iU21FQVO9A== dependencies: - "@sinonjs/commons" "^1.7.0" - "@sinonjs/fake-timers" "^6.0.0" + "@sinonjs/commons" "^1.7.2" + "@sinonjs/fake-timers" "^6.0.1" "@sinonjs/formatio" "^5.0.1" "@sinonjs/samsam" "^5.0.3" diff "^4.0.2" From 563fba4e067269662f4f922ace1679ac467d5043 Mon Sep 17 00:00:00 2001 From: reillykw Date: Wed, 8 Apr 2020 11:34:49 -0600 Subject: [PATCH 10/15] feat(kinesis): `grantRead` now allows the `ListShards` action and `grant` is now public (#6141) `grant()` method on the class is private, preventing custom actions on attached policy. This makes that public. `grantRead()` API now has `ListShards`, `DescribeStreamSummary`, or `SubscribeToShard` permissions `grantWrite()` API no longer has `DescribeStream` permissions as it has been replaced by `ListShards` for shard discovery. Rationale: Align with the [Kinesis Producer Library](https://aws.amazon.com/about-aws/whats-new/2019/11/amazon-kinesis-producer-library-now-supports-listshards-api-for-efficient-scaling-of-producer-applications/) Closes #3357 BREAKING CHANGE: `grantWrite()` API no longer has `DescribeStream` permissions as it has been replaced by `ListShards` for shard discovery --- packages/@aws-cdk/aws-kinesis/README.md | 66 +++++++++++++++++++ packages/@aws-cdk/aws-kinesis/lib/stream.ts | 32 ++++++--- .../test/integ.stream.expected.json | 3 + .../@aws-cdk/aws-kinesis/test/test.stream.ts | 45 +++++++++++-- .../test/integ.kinesis.expected.json | 5 +- .../test/integ.kinesiswithdlq.expected.json | 5 +- .../test/test.kinesis.ts | 5 +- .../test/kinesis.test.ts | 4 +- 8 files changed, 143 insertions(+), 22 deletions(-) diff --git a/packages/@aws-cdk/aws-kinesis/README.md b/packages/@aws-cdk/aws-kinesis/README.md index e04c868643231..7b3c36bacfa7a 100644 --- a/packages/@aws-cdk/aws-kinesis/README.md +++ b/packages/@aws-cdk/aws-kinesis/README.md @@ -26,6 +26,9 @@ intake and aggregation. - [Streams](#streams) - [Encryption](#encryption) - [Import](#import) + - [Permission Grants](#permission-grants) + - [Read Permissions](#read-permissions) + - [Write Permissions](#write-permissions) ## Streams @@ -119,3 +122,66 @@ const importedStream = Stream.fromStreamAttributes( } ); ``` + +### Permission Grants + +IAM roles, users or groups which need to be able to work with Amazon Kinesis streams at runtime should be granted IAM permissions. + +Any object that implements the `IGrantable` interface (has an associated principal) can be granted permissions by calling: + +- `grantRead(principal)` - grants the principal read access +- `grantWrite(principal)` - grants the principal write permissions to a Stream +- `grantReadWrite(principal)` - grants principal read and write permissions + +#### Read Permissions + +Grant `read` access to a stream by calling the `grantRead()` API. +If the stream has an encryption key, read permissions will also be granted to the key. + +```ts +const lambdaRole = new iam.Role(this, 'Role', { + assumedBy: new iam.ServicePrincipal('lambda.amazonaws.com'), + description: 'Example role...', +} + +const stream = new Stream(this, 'MyEncryptedStream', { + encryption: StreamEncryption.KMS +}); + +// give lambda permissions to read stream +stream.grantRead(lambdaRole); +``` + +The following read permissions are provided to a service principal by the `grantRead()` API: + +- `kinesis:DescribeStream` +- `kinesis:DescribeStreamSummary` +- `kinesis:GetRecords` +- `kinesis:GetShardIterator` +- `kinesis:ListShards` +- `kinesis:SubscribeToShard` + +#### Write Permissions + +Grant `write` permissions to a stream is provided by calling the `grantWrite()` API. +If the stream has an encryption key, write permissions will also be granted to the key. + +```ts +const lambdaRole = new iam.Role(this, 'Role', { + assumedBy: new iam.ServicePrincipal('lambda.amazonaws.com'), + description: 'Example role...', +} + +const stream = new Stream(this, 'MyEncryptedStream', { + encryption: StreamEncryption.KMS +}); + +// give lambda permissions to write to stream +stream.grantWrite(lambdaRole); +``` + +The following write permissions are provided to a service principal by the `grantWrite()` API: + +- `kinesis:ListShards` +- `kinesis:PutRecord` +- `kinesis:PutRecords` diff --git a/packages/@aws-cdk/aws-kinesis/lib/stream.ts b/packages/@aws-cdk/aws-kinesis/lib/stream.ts index 480446a1ab969..2c755aacef81c 100644 --- a/packages/@aws-cdk/aws-kinesis/lib/stream.ts +++ b/packages/@aws-cdk/aws-kinesis/lib/stream.ts @@ -4,6 +4,21 @@ import { Aws, CfnCondition, Construct, Duration, Fn, IResource, Resource, Stack import { IResolvable } from 'constructs'; import { CfnStream } from './kinesis.generated'; +const READ_OPERATIONS = [ + 'kinesis:DescribeStream', + 'kinesis:DescribeStreamSummary', + 'kinesis:GetRecords', + 'kinesis:GetShardIterator', + 'kinesis:ListShards', + 'kinesis:SubscribeToShard' +]; + +const WRITE_OPERATIONS = [ + 'kinesis:ListShards', + 'kinesis:PutRecord', + 'kinesis:PutRecords' +]; + /** * A Kinesis Stream */ @@ -115,7 +130,7 @@ abstract class StreamBase extends Resource implements IStream { * contents of the stream will also be granted. */ public grantRead(grantee: iam.IGrantable) { - const ret = this.grant(grantee, 'kinesis:DescribeStream', 'kinesis:GetRecords', 'kinesis:GetShardIterator'); + const ret = this.grant(grantee, ...READ_OPERATIONS); if (this.encryptionKey) { this.encryptionKey.grantDecrypt(grantee); @@ -132,7 +147,7 @@ abstract class StreamBase extends Resource implements IStream { * contents of the stream will also be granted. */ public grantWrite(grantee: iam.IGrantable) { - const ret = this.grant(grantee, 'kinesis:DescribeStream', 'kinesis:PutRecord', 'kinesis:PutRecords'); + const ret = this.grant(grantee, ...WRITE_OPERATIONS); if (this.encryptionKey) { this.encryptionKey.grantEncrypt(grantee); @@ -149,13 +164,7 @@ abstract class StreamBase extends Resource implements IStream { * encrypt/decrypt will also be granted. */ public grantReadWrite(grantee: iam.IGrantable) { - const ret = this.grant( - grantee, - 'kinesis:DescribeStream', - 'kinesis:GetRecords', - 'kinesis:GetShardIterator', - 'kinesis:PutRecord', - 'kinesis:PutRecords'); + const ret = this.grant(grantee, ...Array.from(new Set([...READ_OPERATIONS, ...WRITE_OPERATIONS]))); if (this.encryptionKey) { this.encryptionKey.grantEncryptDecrypt(grantee); @@ -164,7 +173,10 @@ abstract class StreamBase extends Resource implements IStream { return ret; } - private grant(grantee: iam.IGrantable, ...actions: string[]) { + /** + * Grant the indicated permissions on this stream to the given IAM principal (Role/Group/User). + */ + public grant(grantee: iam.IGrantable, ...actions: string[]) { return iam.Grant.addToPrincipal({ grantee, actions, diff --git a/packages/@aws-cdk/aws-kinesis/test/integ.stream.expected.json b/packages/@aws-cdk/aws-kinesis/test/integ.stream.expected.json index 1489ca5e34000..9a9921057f295 100644 --- a/packages/@aws-cdk/aws-kinesis/test/integ.stream.expected.json +++ b/packages/@aws-cdk/aws-kinesis/test/integ.stream.expected.json @@ -40,8 +40,11 @@ { "Action": [ "kinesis:DescribeStream", + "kinesis:DescribeStreamSummary", "kinesis:GetRecords", "kinesis:GetShardIterator", + "kinesis:ListShards", + "kinesis:SubscribeToShard", "kinesis:PutRecord", "kinesis:PutRecords" ], diff --git a/packages/@aws-cdk/aws-kinesis/test/test.stream.ts b/packages/@aws-cdk/aws-kinesis/test/test.stream.ts index 12ac660be6774..081e1c98fea6a 100644 --- a/packages/@aws-cdk/aws-kinesis/test/test.stream.ts +++ b/packages/@aws-cdk/aws-kinesis/test/test.stream.ts @@ -305,7 +305,6 @@ export = { }, 'encryption key cannot be supplied with UNENCRYPTED as the encryption type'(test: Test) { - const stack = new Stack(); const key = new kms.Key(stack, 'myKey'); @@ -608,7 +607,14 @@ export = { PolicyDocument: { Statement: [ { - Action: ['kinesis:DescribeStream', 'kinesis:GetRecords', 'kinesis:GetShardIterator'], + Action: [ + 'kinesis:DescribeStream', + 'kinesis:DescribeStreamSummary', + 'kinesis:GetRecords', + 'kinesis:GetShardIterator', + 'kinesis:ListShards', + 'kinesis:SubscribeToShard' + ], Effect: 'Allow', Resource: { 'Fn::GetAtt': ['MyStream5C050E93', 'Arn'] @@ -732,7 +738,7 @@ export = { PolicyDocument: { Statement: [ { - Action: ['kinesis:DescribeStream', 'kinesis:PutRecord', 'kinesis:PutRecords'], + Action: ['kinesis:ListShards', 'kinesis:PutRecord', 'kinesis:PutRecords'], Effect: 'Allow', Resource: { 'Fn::GetAtt': ['MyStream5C050E93', 'Arn'] @@ -856,7 +862,16 @@ export = { PolicyDocument: { Statement: [ { - Action: ['kinesis:DescribeStream', 'kinesis:GetRecords', 'kinesis:GetShardIterator', 'kinesis:PutRecord', 'kinesis:PutRecords'], + Action: [ + 'kinesis:DescribeStream', + 'kinesis:DescribeStreamSummary', + 'kinesis:GetRecords', + 'kinesis:GetShardIterator', + 'kinesis:ListShards', + 'kinesis:SubscribeToShard', + 'kinesis:PutRecord', + 'kinesis:PutRecords' + ], Effect: 'Allow', Resource: { 'Fn::GetAtt': ['MyStream5C050E93', 'Arn'] @@ -924,7 +939,14 @@ export = { PolicyDocument: { Statement: [ { - Action: ['kinesis:DescribeStream', 'kinesis:GetRecords', 'kinesis:GetShardIterator'], + Action: [ + 'kinesis:DescribeStream', + 'kinesis:DescribeStreamSummary', + 'kinesis:GetRecords', + 'kinesis:GetShardIterator', + 'kinesis:ListShards', + 'kinesis:SubscribeToShard' + ], Effect: 'Allow', Resource: { 'Fn::GetAtt': ['MyStream5C050E93', 'Arn'] @@ -1005,7 +1027,7 @@ export = { PolicyDocument: { Statement: [ { - Action: ['kinesis:DescribeStream', 'kinesis:PutRecord', 'kinesis:PutRecords'], + Action: ['kinesis:ListShards', 'kinesis:PutRecord', 'kinesis:PutRecords'], Effect: 'Allow', Resource: { 'Fn::GetAtt': ['MyStream5C050E93', 'Arn'] @@ -1086,7 +1108,16 @@ export = { PolicyDocument: { Statement: [ { - Action: ['kinesis:DescribeStream', 'kinesis:GetRecords', 'kinesis:GetShardIterator', 'kinesis:PutRecord', 'kinesis:PutRecords'], + Action: [ + 'kinesis:DescribeStream', + 'kinesis:DescribeStreamSummary', + 'kinesis:GetRecords', + 'kinesis:GetShardIterator', + 'kinesis:ListShards', + 'kinesis:SubscribeToShard', + 'kinesis:PutRecord', + 'kinesis:PutRecords' + ], Effect: 'Allow', Resource: { 'Fn::GetAtt': ['MyStream5C050E93', 'Arn'] diff --git a/packages/@aws-cdk/aws-lambda-event-sources/test/integ.kinesis.expected.json b/packages/@aws-cdk/aws-lambda-event-sources/test/integ.kinesis.expected.json index d95daaa759c3d..80e11a45e9dea 100644 --- a/packages/@aws-cdk/aws-lambda-event-sources/test/integ.kinesis.expected.json +++ b/packages/@aws-cdk/aws-lambda-event-sources/test/integ.kinesis.expected.json @@ -39,8 +39,11 @@ { "Action": [ "kinesis:DescribeStream", + "kinesis:DescribeStreamSummary", "kinesis:GetRecords", - "kinesis:GetShardIterator" + "kinesis:GetShardIterator", + "kinesis:ListShards", + "kinesis:SubscribeToShard" ], "Effect": "Allow", "Resource": { diff --git a/packages/@aws-cdk/aws-lambda-event-sources/test/integ.kinesiswithdlq.expected.json b/packages/@aws-cdk/aws-lambda-event-sources/test/integ.kinesiswithdlq.expected.json index f524c95bd7f22..00fedc03e9077 100644 --- a/packages/@aws-cdk/aws-lambda-event-sources/test/integ.kinesiswithdlq.expected.json +++ b/packages/@aws-cdk/aws-lambda-event-sources/test/integ.kinesiswithdlq.expected.json @@ -53,8 +53,11 @@ { "Action": [ "kinesis:DescribeStream", + "kinesis:DescribeStreamSummary", "kinesis:GetRecords", - "kinesis:GetShardIterator" + "kinesis:GetShardIterator", + "kinesis:ListShards", + "kinesis:SubscribeToShard" ], "Effect": "Allow", "Resource": { diff --git a/packages/@aws-cdk/aws-lambda-event-sources/test/test.kinesis.ts b/packages/@aws-cdk/aws-lambda-event-sources/test/test.kinesis.ts index a7d7c101d2765..c62af36d09249 100644 --- a/packages/@aws-cdk/aws-lambda-event-sources/test/test.kinesis.ts +++ b/packages/@aws-cdk/aws-lambda-event-sources/test/test.kinesis.ts @@ -27,8 +27,11 @@ export = { { 'Action': [ 'kinesis:DescribeStream', + 'kinesis:DescribeStreamSummary', 'kinesis:GetRecords', - 'kinesis:GetShardIterator' + 'kinesis:GetShardIterator', + 'kinesis:ListShards', + 'kinesis:SubscribeToShard' ], 'Effect': 'Allow', 'Resource': { diff --git a/packages/@aws-cdk/aws-logs-destinations/test/kinesis.test.ts b/packages/@aws-cdk/aws-logs-destinations/test/kinesis.test.ts index ac7e97a07afd3..08c09563aff38 100644 --- a/packages/@aws-cdk/aws-logs-destinations/test/kinesis.test.ts +++ b/packages/@aws-cdk/aws-logs-destinations/test/kinesis.test.ts @@ -51,7 +51,7 @@ test('stream can be subscription destination', () => { Statement: [ { Action: [ - 'kinesis:DescribeStream', + 'kinesis:ListShards', 'kinesis:PutRecord', 'kinesis:PutRecords', ], @@ -122,7 +122,7 @@ test('stream can be subscription destination twice, without duplicating permissi Statement: [ { Action: [ - 'kinesis:DescribeStream', + 'kinesis:ListShards', 'kinesis:PutRecord', 'kinesis:PutRecords', ], From 23279fadebfaac625b2d846be6b1bbedfe873981 Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Wed, 8 Apr 2020 19:18:22 +0000 Subject: [PATCH 11/15] chore(deps): bump aws-sdk from 2.655.0 to 2.656.0 (#7261) Bumps [aws-sdk](https://github.com/aws/aws-sdk-js) from 2.655.0 to 2.656.0. - [Release notes](https://github.com/aws/aws-sdk-js/releases) - [Changelog](https://github.com/aws/aws-sdk-js/blob/master/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-js/compare/v2.655.0...v2.656.0) Signed-off-by: dependabot-preview[bot] Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com> --- packages/@aws-cdk/aws-cloudfront/package.json | 2 +- packages/@aws-cdk/aws-cloudtrail/package.json | 2 +- packages/@aws-cdk/aws-codebuild/package.json | 2 +- packages/@aws-cdk/aws-codecommit/package.json | 2 +- packages/@aws-cdk/aws-dynamodb/package.json | 2 +- packages/@aws-cdk/aws-eks/package.json | 2 +- packages/@aws-cdk/aws-events-targets/package.json | 2 +- packages/@aws-cdk/aws-lambda/package.json | 2 +- packages/@aws-cdk/aws-route53/package.json | 2 +- packages/@aws-cdk/aws-sqs/package.json | 2 +- packages/@aws-cdk/custom-resources/package.json | 2 +- packages/aws-cdk/package.json | 2 +- packages/cdk-assets/package.json | 2 +- yarn.lock | 8 ++++---- 14 files changed, 17 insertions(+), 17 deletions(-) diff --git a/packages/@aws-cdk/aws-cloudfront/package.json b/packages/@aws-cdk/aws-cloudfront/package.json index eec89d1b2b1ad..fff89d2403c61 100644 --- a/packages/@aws-cdk/aws-cloudfront/package.json +++ b/packages/@aws-cdk/aws-cloudfront/package.json @@ -64,7 +64,7 @@ "devDependencies": { "@aws-cdk/assert": "0.0.0", "@types/nodeunit": "^0.0.30", - "aws-sdk": "^2.655.0", + "aws-sdk": "^2.656.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", diff --git a/packages/@aws-cdk/aws-cloudtrail/package.json b/packages/@aws-cdk/aws-cloudtrail/package.json index 32297a43eaadf..2c50300cb6335 100644 --- a/packages/@aws-cdk/aws-cloudtrail/package.json +++ b/packages/@aws-cdk/aws-cloudtrail/package.json @@ -64,7 +64,7 @@ "devDependencies": { "@aws-cdk/assert": "0.0.0", "@types/nodeunit": "^0.0.30", - "aws-sdk": "^2.655.0", + "aws-sdk": "^2.656.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", diff --git a/packages/@aws-cdk/aws-codebuild/package.json b/packages/@aws-cdk/aws-codebuild/package.json index 090e3936f856a..ccf1149a7dbd7 100644 --- a/packages/@aws-cdk/aws-codebuild/package.json +++ b/packages/@aws-cdk/aws-codebuild/package.json @@ -70,7 +70,7 @@ "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/aws-sqs": "0.0.0", "@types/nodeunit": "^0.0.30", - "aws-sdk": "^2.655.0", + "aws-sdk": "^2.656.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", diff --git a/packages/@aws-cdk/aws-codecommit/package.json b/packages/@aws-cdk/aws-codecommit/package.json index d06772e1b566a..62cf6bcfd952c 100644 --- a/packages/@aws-cdk/aws-codecommit/package.json +++ b/packages/@aws-cdk/aws-codecommit/package.json @@ -70,7 +70,7 @@ "@aws-cdk/assert": "0.0.0", "@aws-cdk/aws-sns": "0.0.0", "@types/nodeunit": "^0.0.30", - "aws-sdk": "^2.655.0", + "aws-sdk": "^2.656.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", diff --git a/packages/@aws-cdk/aws-dynamodb/package.json b/packages/@aws-cdk/aws-dynamodb/package.json index db4aef2eaaaf1..246f5740adcb4 100644 --- a/packages/@aws-cdk/aws-dynamodb/package.json +++ b/packages/@aws-cdk/aws-dynamodb/package.json @@ -64,7 +64,7 @@ "devDependencies": { "@aws-cdk/assert": "0.0.0", "@types/jest": "^25.2.1", - "aws-sdk": "^2.655.0", + "aws-sdk": "^2.656.0", "aws-sdk-mock": "^5.1.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", diff --git a/packages/@aws-cdk/aws-eks/package.json b/packages/@aws-cdk/aws-eks/package.json index 4263eae8eeeb5..08cdecb40f7f1 100644 --- a/packages/@aws-cdk/aws-eks/package.json +++ b/packages/@aws-cdk/aws-eks/package.json @@ -64,7 +64,7 @@ "devDependencies": { "@aws-cdk/assert": "0.0.0", "@types/nodeunit": "^0.0.30", - "aws-sdk": "^2.655.0", + "aws-sdk": "^2.656.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", diff --git a/packages/@aws-cdk/aws-events-targets/package.json b/packages/@aws-cdk/aws-events-targets/package.json index 07ffa58079b53..0333d8a905019 100644 --- a/packages/@aws-cdk/aws-events-targets/package.json +++ b/packages/@aws-cdk/aws-events-targets/package.json @@ -86,7 +86,7 @@ "devDependencies": { "@aws-cdk/assert": "0.0.0", "@aws-cdk/aws-codecommit": "0.0.0", - "aws-sdk": "^2.655.0", + "aws-sdk": "^2.656.0", "aws-sdk-mock": "^5.1.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", diff --git a/packages/@aws-cdk/aws-lambda/package.json b/packages/@aws-cdk/aws-lambda/package.json index b7845efcc9273..50b560a2aceab 100644 --- a/packages/@aws-cdk/aws-lambda/package.json +++ b/packages/@aws-cdk/aws-lambda/package.json @@ -71,7 +71,7 @@ "@types/lodash": "^4.14.149", "@types/nodeunit": "^0.0.30", "@types/sinon": "^9.0.0", - "aws-sdk": "^2.655.0", + "aws-sdk": "^2.656.0", "aws-sdk-mock": "^5.1.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", diff --git a/packages/@aws-cdk/aws-route53/package.json b/packages/@aws-cdk/aws-route53/package.json index cc101f87b9d86..75495b477d0c2 100644 --- a/packages/@aws-cdk/aws-route53/package.json +++ b/packages/@aws-cdk/aws-route53/package.json @@ -64,7 +64,7 @@ "devDependencies": { "@aws-cdk/assert": "0.0.0", "@types/nodeunit": "^0.0.30", - "aws-sdk": "^2.655.0", + "aws-sdk": "^2.656.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", diff --git a/packages/@aws-cdk/aws-sqs/package.json b/packages/@aws-cdk/aws-sqs/package.json index b2855fe799620..4e93e7fa86b85 100644 --- a/packages/@aws-cdk/aws-sqs/package.json +++ b/packages/@aws-cdk/aws-sqs/package.json @@ -65,7 +65,7 @@ "@aws-cdk/assert": "0.0.0", "@aws-cdk/aws-s3": "0.0.0", "@types/nodeunit": "^0.0.30", - "aws-sdk": "^2.655.0", + "aws-sdk": "^2.656.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", diff --git a/packages/@aws-cdk/custom-resources/package.json b/packages/@aws-cdk/custom-resources/package.json index 1344338c70b5e..e79c05c7eac89 100644 --- a/packages/@aws-cdk/custom-resources/package.json +++ b/packages/@aws-cdk/custom-resources/package.json @@ -73,7 +73,7 @@ "@types/aws-lambda": "^8.10.39", "@types/fs-extra": "^8.1.0", "@types/sinon": "^9.0.0", - "aws-sdk": "^2.655.0", + "aws-sdk": "^2.656.0", "aws-sdk-mock": "^5.1.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", diff --git a/packages/aws-cdk/package.json b/packages/aws-cdk/package.json index 7515d57c29e96..cc57b4d880004 100644 --- a/packages/aws-cdk/package.json +++ b/packages/aws-cdk/package.json @@ -71,7 +71,7 @@ "@aws-cdk/cx-api": "0.0.0", "@aws-cdk/region-info": "0.0.0", "archiver": "^3.1.1", - "aws-sdk": "^2.655.0", + "aws-sdk": "^2.656.0", "camelcase": "^6.0.0", "cdk-assets": "0.0.0", "colors": "^1.4.0", diff --git a/packages/cdk-assets/package.json b/packages/cdk-assets/package.json index dfa3c204ca808..77b36660bdfd6 100644 --- a/packages/cdk-assets/package.json +++ b/packages/cdk-assets/package.json @@ -44,7 +44,7 @@ "dependencies": { "@aws-cdk/cdk-assets-schema": "0.0.0", "archiver": "^3.1.1", - "aws-sdk": "^2.655.0", + "aws-sdk": "^2.656.0", "glob": "^7.1.6", "yargs": "^15.3.1" }, diff --git a/yarn.lock b/yarn.lock index ea1c478e9f440..b4d01e5a69c8e 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2808,10 +2808,10 @@ aws-sdk-mock@^5.1.0: sinon "^9.0.1" traverse "^0.6.6" -aws-sdk@^2.637.0, aws-sdk@^2.655.0: - version "2.655.0" - resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.655.0.tgz#e95da28e66f02a4bfc0eab46731e2140364b3ea2" - integrity sha512-ywXbaPSwQ+YGo7ZGx7KnmoMO0O7fiEL+rttZIsx6AymLZUohfZ7GlRjG8z93jHa+22qWPMEJ+5UC05/PXWbf7Q== +aws-sdk@^2.637.0, aws-sdk@^2.656.0: + version "2.656.0" + resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.656.0.tgz#0d74664ddbf30701073be9f9913ee7266afef3b4" + integrity sha512-UzqDvvt6i7gpuzEdK0GT/JOfBJcsCPranzZWdQ9HR4+5E0m5kf5gybZ6OX+UseIAE2/WND6Dv0aHgiI21AKenw== dependencies: buffer "4.9.1" events "1.1.1" From 2de8cf60ca8a6e232e405fb902a6e5c384a6d69a Mon Sep 17 00:00:00 2001 From: Shiv Lakshminarayan Date: Thu, 9 Apr 2020 01:27:20 -0700 Subject: [PATCH 12/15] chore(kinesis): remove outdated comments (#7269) remove comments referencing methods we no longer have. most of this is covered in the README already. Also a couple of small changes to use optional chaining to get rid of some `if` blocks --- packages/@aws-cdk/aws-kinesis/lib/stream.ts | 24 ++------------------- 1 file changed, 2 insertions(+), 22 deletions(-) diff --git a/packages/@aws-cdk/aws-kinesis/lib/stream.ts b/packages/@aws-cdk/aws-kinesis/lib/stream.ts index 2c755aacef81c..197f09e0aa4a8 100644 --- a/packages/@aws-cdk/aws-kinesis/lib/stream.ts +++ b/packages/@aws-cdk/aws-kinesis/lib/stream.ts @@ -91,20 +91,6 @@ export interface StreamAttributes { /** * Represents a Kinesis Stream. - * - * Streams can be either defined within this stack: - * - * new Stream(this, 'MyStream', { props }); - * - * Or imported from an existing stream: - * - * Stream.import(this, 'MyImportedStream', { streamArn: ... }); - * - * You can also export a stream and import it into another stack: - * - * const ref = myStream.export(); - * Stream.import(this, 'MyImportedStream', ref); - * */ abstract class StreamBase extends Resource implements IStream { /** @@ -148,10 +134,7 @@ abstract class StreamBase extends Resource implements IStream { */ public grantWrite(grantee: iam.IGrantable) { const ret = this.grant(grantee, ...WRITE_OPERATIONS); - - if (this.encryptionKey) { - this.encryptionKey.grantEncrypt(grantee); - } + this.encryptionKey?.grantEncrypt(grantee); return ret; } @@ -165,10 +148,7 @@ abstract class StreamBase extends Resource implements IStream { */ public grantReadWrite(grantee: iam.IGrantable) { const ret = this.grant(grantee, ...Array.from(new Set([...READ_OPERATIONS, ...WRITE_OPERATIONS]))); - - if (this.encryptionKey) { - this.encryptionKey.grantEncryptDecrypt(grantee); - } + this.encryptionKey?.grantEncryptDecrypt(grantee); return ret; } From ffb2e1e8830d8345171552b4f420e65c47dae7b8 Mon Sep 17 00:00:00 2001 From: Rico Huijbers Date: Thu, 9 Apr 2020 11:14:53 +0200 Subject: [PATCH 13/15] fix: new IAM Condition type is unusable in Java (#7270) The changing of the type of `Condition` from `any` to `Record` broke common code in Java. Many users would be passing a `Map` in that location, which WOULD be assignable to the old type `Object`, but not to the new type `Map`. Revert for now and turn this into a feature request to jsii team. --- allowed-breaking-changes.txt | 3 +++ packages/@aws-cdk/aws-iam/lib/policy-statement.ts | 14 +++++++++++++- 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/allowed-breaking-changes.txt b/allowed-breaking-changes.txt index 1f78ca52d6422..790b59b6edc5f 100644 --- a/allowed-breaking-changes.txt +++ b/allowed-breaking-changes.txt @@ -46,3 +46,6 @@ incompatible-argument:@aws-cdk/aws-iam.PolicyStatement.addCondition incompatible-argument:@aws-cdk/aws-iam.PolicyStatement.addConditions incompatible-argument:@aws-cdk/aws-iam.PolicyStatement.addFederatedPrincipal incompatible-argument:@aws-cdk/aws-iam.PrincipalPolicyFragment. +changed-type:@aws-cdk/aws-iam.FederatedPrincipal.conditions +changed-type:@aws-cdk/aws-iam.PrincipalPolicyFragment.conditions +changed-type:@aws-cdk/aws-iam.PrincipalWithConditions.conditions diff --git a/packages/@aws-cdk/aws-iam/lib/policy-statement.ts b/packages/@aws-cdk/aws-iam/lib/policy-statement.ts index 5bba3ff6b824c..3a3c10d2488a5 100644 --- a/packages/@aws-cdk/aws-iam/lib/policy-statement.ts +++ b/packages/@aws-cdk/aws-iam/lib/policy-statement.ts @@ -307,7 +307,19 @@ export enum Effect { * Condition for when an IAM policy is in effect. Maps from the keys in a request's context to * a string value or array of string values. See the Conditions interface for more details. */ -export type Condition = Record; +export type Condition = any; + +// NOTE! We'd ideally like to type this as `Record`, because the +// API expects a map which can take either strings or lists of strings. +// +// However, if we were to change this right now, the Java bindings for CDK would +// emit a type of `Map`, but the most common types people would +// instantiate would be an `ImmutableMap` which would not be +// assignable to `Map`. The types don't have a built-in notion +// of co-contravariance, you have to indicate that on the type. So jsii would first +// need to emit the type as `Map`. +// +// Feature request in https://github.com/aws/jsii/issues/1517 /** * Conditions for when an IAM Policy is in effect, specified in the following structure: From 7a892cc9a70c5ba41e08284ccaea5bab292b5ebf Mon Sep 17 00:00:00 2001 From: Eli Polonsky Date: Thu, 9 Apr 2020 13:54:35 +0300 Subject: [PATCH 14/15] chore(changelog): fix changelog corruption (#7275) --- CHANGELOG.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4ea14cd2eaee0..594324d510122 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -26,6 +26,7 @@ lambda triggers has now been replaced by a single `addTrigger()` method. * **cognito:** `addTrigger()` method will fail if a trigger was already configured for that user pool operation. +* **iam:** methods accepting iam conditions now requires passing `{[key: string]: any}` instead of plain `any`. You were always supposed to pass a map/dictionary in these locations, but the type system didn't enforce it. It now does. ### Features @@ -33,8 +34,8 @@ was already configured for that user pool operation. * **apigateway:** access logging ([#6559](https://github.com/aws/aws-cdk/issues/6559)) ([7484935](https://github.com/aws/aws-cdk/commit/7484935fb3935997638e22241df7614f76097733)), closes [#6501](https://github.com/aws/aws-cdk/issues/6501) * **apigateway:** auto-create RequestValidator from options to addMethod() ([#6780](https://github.com/aws/aws-cdk/issues/6780)) ([573464d](https://github.com/aws/aws-cdk/commit/573464d0b214f943fa31fdfa5af0091adc593de6)), closes [#6193](https://github.com/aws/aws-cdk/issues/6193) * **applicationautoscaling:** add PredefinedMetric for Lambda provisioned concurrency autoscaling ([#6394](https://github.com/aws/aws-cdk/issues/6394)) ([45b68d5](https://github.com/aws/aws-cdk/commit/45b68d5c7905559b70ef41867060ea42f03a3015)), closes [#6369](https://github.com/aws/aws-cdk/issues/6369) -* **aws-codebuild:** add from codebuild image option ([#7117](https://github.com/aws/aws-cdk/issues/7117)) ([de8e670](https://github.com/aws/aws-cdk/commit/de8e670159065e1c1fe6d69a51c1596755dcbcc6)), closes [/github.com/aws/aws-cdk/issues/2606#issuecomment-606114708](https://github.com/aws//github.com/aws/aws-cdk/issues/2606/issues/issuecomment-606114708) -* **aws-codebuild:** add ProjectFileSystemLocation property to codebuild ([#6539](https://github.com/aws/aws-cdk/issues/6539)) ([2195cc2](https://github.com/aws/aws-cdk/commit/2195cc20840138eb29836e3b38f9950d42eef008)), closes [/github.com/aws/aws-cdk/pull/6539#pullrequestreview-379923995](https://github.com/aws//github.com/aws/aws-cdk/pull/6539/issues/pullrequestreview-379923995) [/github.com/aws/aws-cdk/pull/6539#pullrequestreview-380706328](https://github.com/aws//github.com/aws/aws-cdk/pull/6539/issues/pullrequestreview-380706328) [/github.com/aws/aws-cdk/pull/6539/files/1f7972d2567abd1eeb55334c7a8f5d6968daf4b6#pullrequestreview-380798922](https://github.com/aws//github.com/aws/aws-cdk/pull/6539/files/1f7972d2567abd1eeb55334c7a8f5d6968daf4b6/issues/pullrequestreview-380798922) [/github.com/aws/aws-cdk/pull/6539/files/1f7972d2567abd1eeb55334c7a8f5d6968daf4b6#pullrequestreview-380798922](https://github.com/aws//github.com/aws/aws-cdk/pull/6539/files/1f7972d2567abd1eeb55334c7a8f5d6968daf4b6/issues/pullrequestreview-380798922) +* **aws-codebuild:** add from codebuild image option ([#7117](https://github.com/aws/aws-cdk/issues/7117)) ([de8e670](https://github.com/aws/aws-cdk/commit/de8e670159065e1c1fe6d69a51c1596755dcbcc6)), closes [#2606](https://github.com/aws/aws-cdk/issues/2606) +* **aws-codebuild:** add ProjectFileSystemLocation property to codebuild ([#6539](https://github.com/aws/aws-cdk/issues/6539)) ([2195cc2](https://github.com/aws/aws-cdk/commit/2195cc20840138eb29836e3b38f9950d42eef008)), closes [#6533](https://github.com/aws/aws-cdk/issues/6533) * **bootstrap:** require `aws:SecureTransport` for staging bucket ([#7192](https://github.com/aws/aws-cdk/issues/7192)) ([ed106ea](https://github.com/aws/aws-cdk/commit/ed106eab36835fa7cb0140cc1c6971932ede5f5e)) * **cfnspec:** cloudformation spec v11.6.0 ([#6995](https://github.com/aws/aws-cdk/issues/6995)) ([9a552c2](https://github.com/aws/aws-cdk/commit/9a552c275ee011fd794b27735503d139f538f70a)) * **cli:** write stack outputs to a file ([#7020](https://github.com/aws/aws-cdk/issues/7020)) ([75d5ee9](https://github.com/aws/aws-cdk/commit/75d5ee9e41935a9525fa6cfe5a059398d0a799cd)), closes [#1773](https://github.com/aws/aws-cdk/issues/1773) @@ -42,7 +43,7 @@ was already configured for that user pool operation. * **codebuild:** support AL2 3.0 & Standard 4.0 ([#6968](https://github.com/aws/aws-cdk/issues/6968)) ([3254c5d](https://github.com/aws/aws-cdk/commit/3254c5d09c3708a904cc1f1a0344c32d807d6a74)) * **cognito:** import an existing user pool client ([#7091](https://github.com/aws/aws-cdk/issues/7091)) ([abc2144](https://github.com/aws/aws-cdk/commit/abc2144a5e1ed3e18c1b6d1631f26ab7e29d1760)) * **cognito:** user pool - OAuth2.0 authentication ([#7141](https://github.com/aws/aws-cdk/issues/7141)) ([09852d0](https://github.com/aws/aws-cdk/commit/09852d05242fff9ba9080df9121537f81af9d131)) -* **core:** `Size` unit representing digital information quantity ([#6940](https://github.com/aws/aws-cdk/issues/6940)) ([22a560d](https://github.com/aws/aws-cdk/commit/22a560dd4a49d74a9ff217c27c77a7e03d7b38de)), closes [40aws-cdk/aws-lambda/lib/function.ts#L75-L83](https://github.com/40aws-cdk/aws-lambda/lib/function.ts/issues/L75-L83) [40aws-cdk/aws-rds/lib/instance.ts#L625-L630](https://github.com/40aws-cdk/aws-rds/lib/instance.ts/issues/L625-L630) [40aws-cdk/aws-autoscaling/lib/volume.ts#L89-L96](https://github.com/40aws-cdk/aws-autoscaling/lib/volume.ts/issues/L89-L96) +* **core:** `Size` unit representing digital information quantity ([#6940](https://github.com/aws/aws-cdk/issues/6940)) ([22a560d](https://github.com/aws/aws-cdk/commit/22a560dd4a49d74a9ff217c27c77a7e03d7b38de)) * **ec2:** EFS interface VPC endpoint ([#6961](https://github.com/aws/aws-cdk/issues/6961)) ([6e61889](https://github.com/aws/aws-cdk/commit/6e618898a3d742d7d47da78dd6cbf2ec21b24f92)), closes [#6960](https://github.com/aws/aws-cdk/issues/6960) * **ecs:** secret JSON key for environment variables ([#6435](https://github.com/aws/aws-cdk/issues/6435)) ([97959f6](https://github.com/aws/aws-cdk/commit/97959f6ba40a4a576fc914772206623900d72add)), closes [#5665](https://github.com/aws/aws-cdk/issues/5665) * **eks:** managed nodegroup support ([#6759](https://github.com/aws/aws-cdk/issues/6759)) ([74169bf](https://github.com/aws/aws-cdk/commit/74169bf57c7c21aabb1f9b4a6cfac260b77d4b5a)), closes [#5086](https://github.com/aws/aws-cdk/issues/5086) From 994414ce36483659cede0b66ad91d897a2415c8d Mon Sep 17 00:00:00 2001 From: Shiv Lakshminarayan Date: Thu, 9 Apr 2020 04:59:38 -0700 Subject: [PATCH 15/15] fix(cli): --app command does not work when executing a command without arguments (#7249) If the application passed with the `--app` parameter is executable, we were failing on a `fs.stat` call as it was not a file that was provided. This change swallows up that error and returns the provided command without modification. Also added some tests (thank you rix0rrr@ for getting this started) and some other minor improvements. Closes #6930 --- packages/aws-cdk/lib/api/cxapp/exec.ts | 41 +++--- packages/aws-cdk/test/api/exec.test.ts | 122 ++++++++++++++++++ packages/aws-cdk/test/bockfs.ts | 37 +++++- packages/aws-cdk/test/util.ts | 2 +- .../aws-cdk/test/util/mock-child_process.ts | 75 +++++++++++ 5 files changed, 249 insertions(+), 28 deletions(-) create mode 100644 packages/aws-cdk/test/api/exec.test.ts create mode 100644 packages/aws-cdk/test/util/mock-child_process.ts diff --git a/packages/aws-cdk/lib/api/cxapp/exec.ts b/packages/aws-cdk/lib/api/cxapp/exec.ts index c83e217e7ac5c..f7d6cfb6b7862 100644 --- a/packages/aws-cdk/lib/api/cxapp/exec.ts +++ b/packages/aws-cdk/lib/api/cxapp/exec.ts @@ -14,37 +14,26 @@ export async function execProgram(aws: SdkProvider, config: Configuration): Prom const context = config.context.all; await populateDefaultEnvironmentIfNeeded(aws, env); - let pathMetadata: boolean = config.settings.get(['pathMetadata']); - if (pathMetadata === undefined) { - pathMetadata = true; // defaults to true - } + const pathMetadata: boolean = config.settings.get(['pathMetadata']) ?? true; if (pathMetadata) { context[cxapi.PATH_METADATA_ENABLE_CONTEXT] = true; } - let assetMetadata: boolean = config.settings.get(['assetMetadata']); - if (assetMetadata === undefined) { - assetMetadata = true; // defaults to true - } + const assetMetadata: boolean = config.settings.get(['assetMetadata']) ?? true; if (assetMetadata) { context[cxapi.ASSET_RESOURCE_METADATA_ENABLED_CONTEXT] = true; } - let versionReporting: boolean = config.settings.get(['versionReporting']); - if (versionReporting === undefined) { - versionReporting = true; // defaults to true - } + const versionReporting: boolean = config.settings.get(['versionReporting']) ?? true; if (!versionReporting) { context[cxapi.DISABLE_VERSION_REPORTING] = true; } - let stagingEnabled = config.settings.get(['staging']); - if (stagingEnabled === undefined) { - stagingEnabled = true; - } + const stagingEnabled = config.settings.get(['staging']) ?? true; + if (!stagingEnabled) { context[cxapi.DISABLE_ASSET_STAGING_CONTEXT] = true; } @@ -57,9 +46,9 @@ export async function execProgram(aws: SdkProvider, config: Configuration): Prom throw new Error(`--app is required either in command-line, in ${PROJECT_CONFIG} or in ${USER_DEFAULTS}`); } - // by pass "synth" if app points to a cloud assembly + // bypass "synth" if app points to a cloud assembly if (await fs.pathExists(app) && (await fs.stat(app)).isDirectory()) { - debug('--app points to a cloud assembly, so we by pass synth'); + debug('--app points to a cloud assembly, so we bypass synth'); return new cxapi.CloudAssembly(app); } @@ -93,7 +82,7 @@ export async function execProgram(aws: SdkProvider, config: Configuration): Prom // (which would be different between Linux and Windows). // // - Inherit stderr from controlling terminal. We don't use the captured value - // anway, and if the subprocess is printing to it for debugging purposes the + // anyway, and if the subprocess is printing to it for debugging purposes the // user gets to see it sooner. Plus, capturing doesn't interact nicely with some // processes like Maven. const proc = childProcess.spawn(commandLine[0], commandLine.slice(1), { @@ -121,10 +110,10 @@ export async function execProgram(aws: SdkProvider, config: Configuration): Prom /** * If we don't have region/account defined in context, we fall back to the default SDK behavior - * where region is retreived from ~/.aws/config and account is based on default credentials provider + * where region is retrieved from ~/.aws/config and account is based on default credentials provider * chain and then STS is queried. * - * This is done opportunistically: for example, if we can't acccess STS for some reason or the region + * This is done opportunistically: for example, if we can't access STS for some reason or the region * is not configured, the context value will be 'null' and there could failures down the line. In * some cases, synthesis does not require region/account information at all, so that might be perfectly * fine in certain scenarios. @@ -179,7 +168,15 @@ const EXTENSION_MAP = new Map([ */ async function guessExecutable(commandLine: string[]) { if (commandLine.length === 1) { - const fstat = await fs.stat(commandLine[0]); + let fstat; + + try { + fstat = await fs.stat(commandLine[0]); + } catch (error) { + debug(`Not a file: '${commandLine[0]}'. Using '${commandLine}' as command-line`); + return commandLine; + } + // tslint:disable-next-line:no-bitwise const isExecutable = (fstat.mode & fs.constants.X_OK) !== 0; const isWindows = process.platform === 'win32'; diff --git a/packages/aws-cdk/test/api/exec.test.ts b/packages/aws-cdk/test/api/exec.test.ts new file mode 100644 index 0000000000000..614b639610321 --- /dev/null +++ b/packages/aws-cdk/test/api/exec.test.ts @@ -0,0 +1,122 @@ +jest.mock('child_process'); +import * as sinon from 'sinon'; +import { execProgram } from '../../lib/api/cxapp/exec'; +import { setVerbose } from '../../lib/logging'; +import { Configuration } from '../../lib/settings'; +import * as bockfs from '../bockfs'; +import { testAssembly } from '../util'; +import { mockSpawn } from '../util/mock-child_process'; +import { MockSdkProvider } from '../util/mock-sdk'; + +setVerbose(true); + +let sdkProvider: MockSdkProvider; +let config: Configuration; +beforeEach(() => { + sdkProvider = new MockSdkProvider(); + config = new Configuration(); + + config.settings.set(['output'], 'cdk.out'); + + // insert contents in fake filesystem + bockfs({ + '/home/project/cloud-executable': 'ARBITRARY', + '/home/project/windows.js': 'ARBITRARY', + 'home/project/executable-app.js': 'ARBITRARY' + }); + bockfs.workingDirectory('/home/project'); + bockfs.executable('/home/project/cloud-executable'); + bockfs.executable('/home/project/executable-app.js'); +}); + +afterEach(() => { + sinon.restore(); + bockfs.restore(); +}); + +test('validates --app key is present', async () => { + // GIVEN no config key for `app` + await expect(execProgram(sdkProvider, config)).rejects.toThrow( + '--app is required either in command-line, in cdk.json or in ~/.cdk.json' + ); + +}); + +test('bypasses synth when app points to a cloud assembly', async () => { + // GIVEN + config.settings.set(['app'], 'cdk.out'); + writeOutputAssembly(); + + // WHEN + const cloudAssembly = await execProgram(sdkProvider, config); + expect(cloudAssembly.artifacts).toEqual([]); + expect(cloudAssembly.directory).toEqual('cdk.out'); +}); + +test('the application set in --app is executed', async () => { + // GIVEN + config.settings.set(['app'], 'cloud-executable'); + mockSpawn({ + commandLine: ['cloud-executable'], + sideEffect: () => writeOutputAssembly(), + }); + + // WHEN + await execProgram(sdkProvider, config); +}); + +test('the application set in --app is executed as-is if it contains a filename that does not exist', async () => { + // GIVEN + config.settings.set(['app'], 'does-not-exist'); + mockSpawn({ + commandLine: ['does-not-exist'], + sideEffect: () => writeOutputAssembly(), + }); + + // WHEN + await execProgram(sdkProvider, config); +}); + +test('the application set in --app is executed with arguments', async () => { + // GIVEN + config.settings.set(['app'], 'cloud-executable an-arg'); + mockSpawn({ + commandLine: ['cloud-executable', 'an-arg'], + sideEffect: () => writeOutputAssembly(), + }); + + // WHEN + await execProgram(sdkProvider, config); +}); + +test('application set in --app as `*.js` always uses handler on windows', async () => { + // GIVEN + sinon.stub(process, 'platform').value('win32'); + config.settings.set(['app'], 'windows.js'); + mockSpawn({ + commandLine: [process.execPath, 'windows.js'], + sideEffect: () => writeOutputAssembly(), + }); + + // WHEN + await execProgram(sdkProvider, config); +}); + +test('application set in --app is `*.js` and executable', async () => { + // GIVEN + config.settings.set(['app'], 'executable-app.js'); + mockSpawn({ + commandLine: ['executable-app.js'], + sideEffect: () => writeOutputAssembly(), + }); + + // WHEN + await execProgram(sdkProvider, config); +}); + +function writeOutputAssembly() { + const asm = testAssembly({ + stacks: [] + }); + bockfs.write('/home/project/cdk.out/manifest.json', JSON.stringify(asm)); +} diff --git a/packages/aws-cdk/test/bockfs.ts b/packages/aws-cdk/test/bockfs.ts index e350255b6fa8e..91f375abd99dd 100644 --- a/packages/aws-cdk/test/bockfs.ts +++ b/packages/aws-cdk/test/bockfs.ts @@ -13,26 +13,53 @@ import * as os from 'os'; import * as path_ from 'path'; const bockFsRoot = path_.join(os.tmpdir(), 'bockfs'); +let oldCwd: string | undefined; function bockfs(files: Record) { + oldCwd = process.cwd(); for (const [fileName, contents] of Object.entries(files)) { bockfs.write(fileName, contents); } } namespace bockfs { - export function write(fileName: string, contents: string) { - const fullPath = path(fileName); + /** + * Write contents to a fake file + */ + export function write(fakeFilename: string, contents: string) { + const fullPath = path(fakeFilename); fs.mkdirSync(path_.dirname(fullPath), { recursive: true }); fs.writeFileSync(fullPath, contents, { encoding: 'utf-8' }); } - export function path(x: string) { - if (x.startsWith('/')) { x = x.substr(1); } // Force path to be non-absolute - return path_.join(bockFsRoot, x); + /** + * Turn a fake path into a real path + */ + export function path(fakePath: string) { + if (fakePath.startsWith('/')) { fakePath = fakePath.substr(1); } // Force path to be non-absolute + return path_.join(bockFsRoot, fakePath); } + /** + * Change to a fake directory + */ + export function workingDirectory(fakePath: string) { + process.chdir(path(fakePath)); + } + + export function executable(...fakePaths: string[]) { + for (const fakepath of fakePaths) { + fs.chmodSync(path(fakepath), '755'); + } + } + + /** + * Remove all files and restore working directory + */ export function restore() { + if (oldCwd) { + process.chdir(oldCwd); + } fs.removeSync(bockFsRoot); } } diff --git a/packages/aws-cdk/test/util.ts b/packages/aws-cdk/test/util.ts index 70eed9cadc592..0490dd0fb5948 100644 --- a/packages/aws-cdk/test/util.ts +++ b/packages/aws-cdk/test/util.ts @@ -38,7 +38,7 @@ export class MockCloudExecutable extends CloudExecutable { } } -function testAssembly(assembly: TestAssembly): cxapi.CloudAssembly { +export function testAssembly(assembly: TestAssembly): cxapi.CloudAssembly { const builder = new cxapi.CloudAssemblyBuilder(); for (const stack of assembly.stacks) { diff --git a/packages/aws-cdk/test/util/mock-child_process.ts b/packages/aws-cdk/test/util/mock-child_process.ts new file mode 100644 index 0000000000000..539fd06273399 --- /dev/null +++ b/packages/aws-cdk/test/util/mock-child_process.ts @@ -0,0 +1,75 @@ +import * as child_process from 'child_process'; +import * as events from 'events'; + +if (!(child_process as any).spawn.mockImplementationOnce) { + throw new Error('Call "jest.mock(\'child_process\');" at the top of the test file!'); +} + +export interface Invocation { + commandLine: string[]; + cwd?: string; + exitCode?: number; + stdout?: string; + + /** + * Only match a prefix of the command (don't care about the details of the arguments) + */ + prefix?: boolean; + + /** + * Run this function as a side effect, if present + */ + sideEffect?: () => void; +} + +export function mockSpawn(...invocations: Invocation[]) { + let mock = (child_process.spawn as any); + for (const _invocation of invocations) { + const invocation = _invocation; // Mirror into variable for closure + mock = mock.mockImplementationOnce((binary: string, args: string[], options: child_process.SpawnOptions) => { + if (invocation.prefix) { + // Match command line prefix + expect([binary, ...args].slice(0, invocation.commandLine.length)).toEqual(invocation.commandLine); + } else { + // Match full command line + expect([binary, ...args]).toEqual(invocation.commandLine); + } + + if (invocation.cwd != null) { + expect(options.cwd).toBe(invocation.cwd); + } + + if (invocation.sideEffect) { + invocation.sideEffect(); + } + + const child: any = new events.EventEmitter(); + child.stdin = new events.EventEmitter(); + child.stdin.write = jest.fn(); + child.stdin.end = jest.fn(); + child.stdout = new events.EventEmitter(); + child.stderr = new events.EventEmitter(); + + if (invocation.stdout) { + mockEmit(child.stdout, 'data', invocation.stdout); + } + mockEmit(child, 'close', invocation.exitCode ?? 0); + mockEmit(child, 'exit', invocation.exitCode ?? 0); + + return child; + }); + } + + mock.mockImplementation((binary: string, args: string[], _options: any) => { + throw new Error(`Did not expect call of ${JSON.stringify([binary, ...args])}`); + }); +} + +/** + * Must do this on the next tick, as emitter.emit() expects all listeners to have been attached already + */ +function mockEmit(emitter: events.EventEmitter, event: string, data: any) { + setImmediate(() => { + emitter.emit(event, data); + }); +}