From dec8e07e41564abf20b554809df210b3777bbfeb Mon Sep 17 00:00:00 2001 From: Karthik NS Date: Wed, 14 Oct 2020 12:51:07 -0700 Subject: [PATCH 1/3] fix(codebuild): add BatchPutCodeCoverages permission to Project by default (#10835) ---- Issues: Indicate issues fixed via: "Fixes https://github.com/aws/aws-cdk/issues/10750" *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-codebuild/lib/project.ts | 1 + ...deep-learning-container-build-image.expected.json | 3 ++- .../test/integ.defaults.lit.expected.json | 3 ++- .../@aws-cdk/aws-codebuild/test/test.codebuild.ts | 3 +++ ...a-deployed-through-codepipeline.lit.expected.json | 6 ++++-- .../codebuild/integ.project-events.expected.json | 3 ++- .../test/codebuild/integ.start-build.expected.json | 3 ++- packages/@aws-cdk/pipelines/lib/pipeline.ts | 1 + .../test/integ.pipeline-with-assets.expected.json | 12 ++++++++---- .../pipelines/test/integ.pipeline.expected.json | 9 ++++++--- .../@aws-cdk/pipelines/test/pipeline-assets.test.ts | 2 +- packages/decdk/test/__snapshots__/synth.test.js.snap | 1 + 12 files changed, 33 insertions(+), 14 deletions(-) diff --git a/packages/@aws-cdk/aws-codebuild/lib/project.ts b/packages/@aws-cdk/aws-codebuild/lib/project.ts index 754213cc15099..bcbb85a9ba588 100644 --- a/packages/@aws-cdk/aws-codebuild/lib/project.ts +++ b/packages/@aws-cdk/aws-codebuild/lib/project.ts @@ -793,6 +793,7 @@ export class Project extends ProjectBase { 'codebuild:CreateReport', 'codebuild:UpdateReport', 'codebuild:BatchPutTestCases', + 'codebuild:BatchPutCodeCoverages', ], resources: [renderReportGroupArn(this, `${this.projectName}-*`)], })); diff --git a/packages/@aws-cdk/aws-codebuild/test/integ.aws-deep-learning-container-build-image.expected.json b/packages/@aws-cdk/aws-codebuild/test/integ.aws-deep-learning-container-build-image.expected.json index 6eb429e6cb569..3551f01dadd54 100644 --- a/packages/@aws-cdk/aws-codebuild/test/integ.aws-deep-learning-container-build-image.expected.json +++ b/packages/@aws-cdk/aws-codebuild/test/integ.aws-deep-learning-container-build-image.expected.json @@ -84,7 +84,8 @@ "codebuild:CreateReportGroup", "codebuild:CreateReport", "codebuild:UpdateReport", - "codebuild:BatchPutTestCases" + "codebuild:BatchPutTestCases", + "codebuild:BatchPutCodeCoverages" ], "Effect": "Allow", "Resource": { diff --git a/packages/@aws-cdk/aws-codebuild/test/integ.defaults.lit.expected.json b/packages/@aws-cdk/aws-codebuild/test/integ.defaults.lit.expected.json index c7162f3219c85..75491ab8fa653 100644 --- a/packages/@aws-cdk/aws-codebuild/test/integ.defaults.lit.expected.json +++ b/packages/@aws-cdk/aws-codebuild/test/integ.defaults.lit.expected.json @@ -84,7 +84,8 @@ "codebuild:CreateReportGroup", "codebuild:CreateReport", "codebuild:UpdateReport", - "codebuild:BatchPutTestCases" + "codebuild:BatchPutTestCases", + "codebuild:BatchPutCodeCoverages" ], "Effect": "Allow", "Resource": { diff --git a/packages/@aws-cdk/aws-codebuild/test/test.codebuild.ts b/packages/@aws-cdk/aws-codebuild/test/test.codebuild.ts index 558dd072c7f3f..893cb2836245c 100644 --- a/packages/@aws-cdk/aws-codebuild/test/test.codebuild.ts +++ b/packages/@aws-cdk/aws-codebuild/test/test.codebuild.ts @@ -105,6 +105,7 @@ export = { 'codebuild:CreateReport', 'codebuild:UpdateReport', 'codebuild:BatchPutTestCases', + 'codebuild:BatchPutCodeCoverages', ], 'Effect': 'Allow', 'Resource': { @@ -277,6 +278,7 @@ export = { 'codebuild:CreateReport', 'codebuild:UpdateReport', 'codebuild:BatchPutTestCases', + 'codebuild:BatchPutCodeCoverages', ], 'Effect': 'Allow', 'Resource': { @@ -475,6 +477,7 @@ export = { 'codebuild:CreateReport', 'codebuild:UpdateReport', 'codebuild:BatchPutTestCases', + 'codebuild:BatchPutCodeCoverages', ], 'Effect': 'Allow', 'Resource': { diff --git a/packages/@aws-cdk/aws-codepipeline-actions/test/integ.lambda-deployed-through-codepipeline.lit.expected.json b/packages/@aws-cdk/aws-codepipeline-actions/test/integ.lambda-deployed-through-codepipeline.lit.expected.json index 437b7116f5501..2e48bb1667495 100644 --- a/packages/@aws-cdk/aws-codepipeline-actions/test/integ.lambda-deployed-through-codepipeline.lit.expected.json +++ b/packages/@aws-cdk/aws-codepipeline-actions/test/integ.lambda-deployed-through-codepipeline.lit.expected.json @@ -1446,7 +1446,8 @@ "codebuild:CreateReportGroup", "codebuild:CreateReport", "codebuild:UpdateReport", - "codebuild:BatchPutTestCases" + "codebuild:BatchPutTestCases", + "codebuild:BatchPutCodeCoverages" ], "Effect": "Allow", "Resource": { @@ -1663,7 +1664,8 @@ "codebuild:CreateReportGroup", "codebuild:CreateReport", "codebuild:UpdateReport", - "codebuild:BatchPutTestCases" + "codebuild:BatchPutTestCases", + "codebuild:BatchPutCodeCoverages" ], "Effect": "Allow", "Resource": { diff --git a/packages/@aws-cdk/aws-events-targets/test/codebuild/integ.project-events.expected.json b/packages/@aws-cdk/aws-events-targets/test/codebuild/integ.project-events.expected.json index ed269b2e7b524..472583a9f36ca 100644 --- a/packages/@aws-cdk/aws-events-targets/test/codebuild/integ.project-events.expected.json +++ b/packages/@aws-cdk/aws-events-targets/test/codebuild/integ.project-events.expected.json @@ -161,7 +161,8 @@ "codebuild:CreateReportGroup", "codebuild:CreateReport", "codebuild:UpdateReport", - "codebuild:BatchPutTestCases" + "codebuild:BatchPutTestCases", + "codebuild:BatchPutCodeCoverages" ], "Effect": "Allow", "Resource": { diff --git a/packages/@aws-cdk/aws-stepfunctions-tasks/test/codebuild/integ.start-build.expected.json b/packages/@aws-cdk/aws-stepfunctions-tasks/test/codebuild/integ.start-build.expected.json index 360eadea837cb..326a551cf89bd 100644 --- a/packages/@aws-cdk/aws-stepfunctions-tasks/test/codebuild/integ.start-build.expected.json +++ b/packages/@aws-cdk/aws-stepfunctions-tasks/test/codebuild/integ.start-build.expected.json @@ -84,7 +84,8 @@ "codebuild:CreateReportGroup", "codebuild:CreateReport", "codebuild:UpdateReport", - "codebuild:BatchPutTestCases" + "codebuild:BatchPutTestCases", + "codebuild:BatchPutCodeCoverages" ], "Effect": "Allow", "Resource": { diff --git a/packages/@aws-cdk/pipelines/lib/pipeline.ts b/packages/@aws-cdk/pipelines/lib/pipeline.ts index 28358928ecc35..bc9342af543c4 100644 --- a/packages/@aws-cdk/pipelines/lib/pipeline.ts +++ b/packages/@aws-cdk/pipelines/lib/pipeline.ts @@ -475,6 +475,7 @@ class AssetPublishing extends CoreConstruct { 'codebuild:CreateReport', 'codebuild:UpdateReport', 'codebuild:BatchPutTestCases', + 'codebuild:BatchPutCodeCoverages', ], resources: [codeBuildArn], })); diff --git a/packages/@aws-cdk/pipelines/test/integ.pipeline-with-assets.expected.json b/packages/@aws-cdk/pipelines/test/integ.pipeline-with-assets.expected.json index b23bccdd40701..80159b7a0e368 100644 --- a/packages/@aws-cdk/pipelines/test/integ.pipeline-with-assets.expected.json +++ b/packages/@aws-cdk/pipelines/test/integ.pipeline-with-assets.expected.json @@ -857,7 +857,8 @@ "codebuild:CreateReportGroup", "codebuild:CreateReport", "codebuild:UpdateReport", - "codebuild:BatchPutTestCases" + "codebuild:BatchPutTestCases", + "codebuild:BatchPutCodeCoverages" ], "Effect": "Allow", "Resource": { @@ -1167,7 +1168,8 @@ "codebuild:CreateReportGroup", "codebuild:CreateReport", "codebuild:UpdateReport", - "codebuild:BatchPutTestCases" + "codebuild:BatchPutTestCases", + "codebuild:BatchPutCodeCoverages" ], "Effect": "Allow", "Resource": { @@ -1354,7 +1356,8 @@ "codebuild:CreateReportGroup", "codebuild:CreateReport", "codebuild:UpdateReport", - "codebuild:BatchPutTestCases" + "codebuild:BatchPutTestCases", + "codebuild:BatchPutCodeCoverages" ], "Effect": "Allow", "Resource": { @@ -1550,7 +1553,8 @@ "codebuild:CreateReportGroup", "codebuild:CreateReport", "codebuild:UpdateReport", - "codebuild:BatchPutTestCases" + "codebuild:BatchPutTestCases", + "codebuild:BatchPutCodeCoverages" ], "Effect": "Allow", "Resource": { diff --git a/packages/@aws-cdk/pipelines/test/integ.pipeline.expected.json b/packages/@aws-cdk/pipelines/test/integ.pipeline.expected.json index c9cf293e1c173..2531bf13bc642 100644 --- a/packages/@aws-cdk/pipelines/test/integ.pipeline.expected.json +++ b/packages/@aws-cdk/pipelines/test/integ.pipeline.expected.json @@ -756,7 +756,8 @@ "codebuild:CreateReportGroup", "codebuild:CreateReport", "codebuild:UpdateReport", - "codebuild:BatchPutTestCases" + "codebuild:BatchPutTestCases", + "codebuild:BatchPutCodeCoverages" ], "Effect": "Allow", "Resource": { @@ -1066,7 +1067,8 @@ "codebuild:CreateReportGroup", "codebuild:CreateReport", "codebuild:UpdateReport", - "codebuild:BatchPutTestCases" + "codebuild:BatchPutTestCases", + "codebuild:BatchPutCodeCoverages" ], "Effect": "Allow", "Resource": { @@ -1253,7 +1255,8 @@ "codebuild:CreateReportGroup", "codebuild:CreateReport", "codebuild:UpdateReport", - "codebuild:BatchPutTestCases" + "codebuild:BatchPutTestCases", + "codebuild:BatchPutCodeCoverages" ], "Effect": "Allow", "Resource": { diff --git a/packages/@aws-cdk/pipelines/test/pipeline-assets.test.ts b/packages/@aws-cdk/pipelines/test/pipeline-assets.test.ts index 3605c830529a5..2b4facf654fc6 100644 --- a/packages/@aws-cdk/pipelines/test/pipeline-assets.test.ts +++ b/packages/@aws-cdk/pipelines/test/pipeline-assets.test.ts @@ -328,7 +328,7 @@ function expectedAssetRolePolicy(assumeRolePattern: string, attachedRole: string }, }, { - Action: ['codebuild:CreateReportGroup', 'codebuild:CreateReport', 'codebuild:UpdateReport', 'codebuild:BatchPutTestCases'], + Action: ['codebuild:CreateReportGroup', 'codebuild:CreateReport', 'codebuild:UpdateReport', 'codebuild:BatchPutTestCases', 'codebuild:BatchPutCodeCoverages'], Effect: 'Allow', Resource: { 'Fn::Join': ['', [ diff --git a/packages/decdk/test/__snapshots__/synth.test.js.snap b/packages/decdk/test/__snapshots__/synth.test.js.snap index 69a486c67530d..b6ae37d4f94d0 100644 --- a/packages/decdk/test/__snapshots__/synth.test.js.snap +++ b/packages/decdk/test/__snapshots__/synth.test.js.snap @@ -1750,6 +1750,7 @@ Object { "codebuild:CreateReport", "codebuild:UpdateReport", "codebuild:BatchPutTestCases", + "codebuild:BatchPutCodeCoverages", ], "Effect": "Allow", "Resource": Object { From 88e1cd96e92fe9d1b0b230eca1b7c3c7ae3d9501 Mon Sep 17 00:00:00 2001 From: Shiv Lakshminarayan Date: Wed, 14 Oct 2020 14:00:14 -0700 Subject: [PATCH 2/3] feat(config): the AWS Config Construct Library is now Generally Available (stable) (#10875) constructs for config rules are stable. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-config/README.md | 4 ++-- packages/@aws-cdk/aws-config/package.json | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/packages/@aws-cdk/aws-config/README.md b/packages/@aws-cdk/aws-config/README.md index 6931522c46eb5..50aec9900ce8a 100644 --- a/packages/@aws-cdk/aws-config/README.md +++ b/packages/@aws-cdk/aws-config/README.md @@ -5,12 +5,12 @@ | Features | Stability | | --- | --- | | CFN Resources | ![Stable](https://img.shields.io/badge/stable-success.svg?style=for-the-badge) | -| Higher level constructs for Config Rules | ![Developer Preview](https://img.shields.io/badge/developer--preview-informational.svg?style=for-the-badge) | +| Higher level constructs for Config Rules | ![Stable](https://img.shields.io/badge/stable-success.svg?style=for-the-badge) | | Higher level constructs for initial set-up (delivery channel & configuration recorder) | ![Not Implemented](https://img.shields.io/badge/not--implemented-black.svg?style=for-the-badge) | > **CFN Resources:** All classes with the `Cfn` prefix in this module ([CFN Resources](https://docs.aws.amazon.com/cdk/latest/guide/constructs.html#constructs_lib)) are always stable and safe to use. -> **Developer Preview:** Higher level constructs in this module that are marked as developer preview have completed their phase of active development and are looking for adoption and feedback. While the same caveats around non-backward compatible as Experimental constructs apply, they will undergo fewer breaking changes. Just as with Experimental constructs, these are not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be announced in the release notes. +> **Stable:** Higher level constructs in this module that are marked stable will not undergo any breaking changes. They will strictly follow the [Semantic Versioning](https://semver.org/) model. --- diff --git a/packages/@aws-cdk/aws-config/package.json b/packages/@aws-cdk/aws-config/package.json index 3d3e033d053a2..8f23ddbcc604a 100644 --- a/packages/@aws-cdk/aws-config/package.json +++ b/packages/@aws-cdk/aws-config/package.json @@ -99,12 +99,12 @@ "engines": { "node": ">= 10.13.0 <13 || >=13.7.0" }, - "stability": "experimental", - "maturity": "developer-preview", + "stability": "stable", + "maturity": "stable", "features": [ { "name": "Higher level constructs for Config Rules", - "stability": "Developer Preview" + "stability": "Stable" }, { "name": "Higher level constructs for initial set-up (delivery channel & configuration recorder)", From fee5b39a510660a056973b8c1972a3976c9d28f7 Mon Sep 17 00:00:00 2001 From: Shiv Lakshminarayan Date: Wed, 14 Oct 2020 14:29:24 -0700 Subject: [PATCH 3/3] chore(cfnspec): update npmignore to include '**/cdk.out' when creating missing libraries (#10876) this change was introduced in #8803 but the script to create missing construct libraries was not updated. As a follow-up, will look into creating a test that exercises creation of a new construct library and the subsequent validation against pkglint. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../@aws-cdk/cfnspec/build-tools/create-missing-libraries.ts | 3 +++ 1 file changed, 3 insertions(+) diff --git a/packages/@aws-cdk/cfnspec/build-tools/create-missing-libraries.ts b/packages/@aws-cdk/cfnspec/build-tools/create-missing-libraries.ts index 444a51f739515..8b0e00fa15582 100644 --- a/packages/@aws-cdk/cfnspec/build-tools/create-missing-libraries.ts +++ b/packages/@aws-cdk/cfnspec/build-tools/create-missing-libraries.ts @@ -241,6 +241,9 @@ async function main() { '', '.eslintrc.js', 'jest.config.js', + '', + '# exclude cdk artifacts', + '**/cdk.out', 'junit.xml', 'test/', ]);