diff --git a/CHANGELOG.md b/CHANGELOG.md index 7a0a72835f9ed..f8f6aec305888 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,12 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [1.90.1](https://github.com/aws/aws-cdk/compare/v1.90.0...v1.90.1) (2021-02-19) + +### Bug Fixes + +* **core:** ENOTDIR invalid cwd on "cdk deploy" ([#13145](https://github.com/aws/aws-cdk/issues/13145)) ([a735b52](https://github.com/aws/aws-cdk/commit/a735b52e4a33803b9ce1911bc0e2cc7b78ef581a)), closes [#12258](https://github.com/aws/aws-cdk/issues/12258) [#13076](https://github.com/aws/aws-cdk/issues/13076) [#13131](https://github.com/aws/aws-cdk/issues/13131) + ## [1.90.0](https://github.com/aws/aws-cdk/compare/v1.89.0...v1.90.0) (2021-02-17) diff --git a/allowed-breaking-changes.txt b/allowed-breaking-changes.txt index 2ca2ca5b6067f..964bb4d5c7712 100644 --- a/allowed-breaking-changes.txt +++ b/allowed-breaking-changes.txt @@ -56,3 +56,10 @@ incompatible-argument:@aws-cdk/aws-ecs.TaskDefinition.addVolume # We made properties optional and it's really fine but our differ doesn't think so. weakened:@aws-cdk/cloud-assembly-schema.DockerImageSource weakened:@aws-cdk/cloud-assembly-schema.FileSource + +# https://github.com/aws/aws-cdk/pull/13145 +removed:@aws-cdk/core.AssetStaging.isArchive +removed:@aws-cdk/core.AssetStaging.packaging +removed:@aws-cdk/core.BundlingOutput +removed:@aws-cdk/core.BundlingOptions.outputType + diff --git a/packages/@aws-cdk/aws-appsync/README.md b/packages/@aws-cdk/aws-appsync/README.md index 61c4e797f5bb4..1d217960b79ed 100644 --- a/packages/@aws-cdk/aws-appsync/README.md +++ b/packages/@aws-cdk/aws-appsync/README.md @@ -89,7 +89,7 @@ demoDS.createResolver({ fieldName: 'addDemo', requestMappingTemplate: appsync.MappingTemplate.dynamoDbPutItem( appsync.PrimaryKey.partition('id').auto(), - appsync.Values.projecting('demo') + appsync.Values.projecting('input') ), responseMappingTemplate: appsync.MappingTemplate.dynamoDbResultItem(), }); @@ -116,7 +116,7 @@ const cluster = new rds.DatabaseCluster(stack, 'AuroraCluster', { }); // Build a data source for AppSync to access the database. -const rdsDS = api.addRdsDataSource('rds', 'The rds data source', cluster, secret); +const rdsDS = api.addRdsDataSource('rds', cluster, secret, 'demos'); // Set up a resolver for an RDS query. rdsDS.createResolver({ diff --git a/packages/@aws-cdk/aws-appsync/lib/data-source.ts b/packages/@aws-cdk/aws-appsync/lib/data-source.ts index 21646e8573193..00895965a23a3 100644 --- a/packages/@aws-cdk/aws-appsync/lib/data-source.ts +++ b/packages/@aws-cdk/aws-appsync/lib/data-source.ts @@ -306,6 +306,12 @@ export interface RdsDataSourceProps extends BackedDataSourceProps { * The secret containing the credentials for the database */ readonly secretStore: ISecret; + /** + * The name of the database to use within the cluster + * + * @default - None + */ + readonly databaseName?: string; } /** @@ -327,6 +333,7 @@ export class RdsDataSource extends BackedDataSource { }, }), awsSecretStoreArn: props.secretStore.secretArn, + databaseName: props.databaseName, }, relationalDatabaseSourceType: 'RDS_HTTP_ENDPOINT', }, diff --git a/packages/@aws-cdk/aws-appsync/lib/graphqlapi-base.ts b/packages/@aws-cdk/aws-appsync/lib/graphqlapi-base.ts index 3b037101e97ee..4e28e337fd1c5 100644 --- a/packages/@aws-cdk/aws-appsync/lib/graphqlapi-base.ts +++ b/packages/@aws-cdk/aws-appsync/lib/graphqlapi-base.ts @@ -99,12 +99,14 @@ export interface IGraphqlApi extends IResource { * @param id The data source's id * @param databaseCluster The database cluster to interact with this data source * @param secretStore The secret store that contains the username and password for the database cluster + * @param databaseName The optional name of the database to use within the cluster * @param options The optional configuration for this data source */ addRdsDataSource( id: string, databaseCluster: IDatabaseCluster, secretStore: ISecret, + databaseName?: string, options?: DataSourceOptions ): RdsDataSource; @@ -206,12 +208,14 @@ export abstract class GraphqlApiBase extends Resource implements IGraphqlApi { * @param id The data source's id * @param databaseCluster The database cluster to interact with this data source * @param secretStore The secret store that contains the username and password for the database cluster + * @param databaseName The optional name of the database to use within the cluster * @param options The optional configuration for this data source */ public addRdsDataSource( id: string, databaseCluster: IDatabaseCluster, secretStore: ISecret, + databaseName?: string, options?: DataSourceOptions, ): RdsDataSource { return new RdsDataSource(this, id, { @@ -220,6 +224,7 @@ export abstract class GraphqlApiBase extends Resource implements IGraphqlApi { description: options?.description, databaseCluster, secretStore, + databaseName, }); } diff --git a/packages/@aws-cdk/aws-appsync/test/appsync-rds.test.ts b/packages/@aws-cdk/aws-appsync/test/appsync-rds.test.ts index 97cea819de8f3..12c2f5d91cf8c 100644 --- a/packages/@aws-cdk/aws-appsync/test/appsync-rds.test.ts +++ b/packages/@aws-cdk/aws-appsync/test/appsync-rds.test.ts @@ -123,6 +123,34 @@ describe('Rds Data Source configuration', () => { }); }); + test('databaseName saved to RdsHttpEndpointConfig', () => { + // WHEN + const testDatabaseName = 'testDatabaseName'; + api.addRdsDataSource('ds', cluster, secret, testDatabaseName); + + // THEN + expect(stack).toHaveResourceLike('AWS::AppSync::DataSource', { + Type: 'RELATIONAL_DATABASE', + RelationalDatabaseConfig: { + RdsHttpEndpointConfig: { + AwsRegion: { Ref: 'AWS::Region' }, + AwsSecretStoreArn: { Ref: 'AuroraSecret41E6E877' }, + DbClusterIdentifier: { + 'Fn::Join': ['', ['arn:', + { Ref: 'AWS::Partition' }, + ':rds:', + { Ref: 'AWS::Region' }, + ':', + { Ref: 'AWS::AccountId' }, + ':cluster:', + { Ref: 'AuroraCluster23D869C0' }]], + }, + DatabaseName: testDatabaseName, + }, + }, + }); + }); + test('default configuration produces name identical to the id', () => { // WHEN api.addRdsDataSource('ds', cluster, secret); @@ -136,7 +164,7 @@ describe('Rds Data Source configuration', () => { test('appsync configures name correctly', () => { // WHEN - api.addRdsDataSource('ds', cluster, secret, { + api.addRdsDataSource('ds', cluster, secret, undefined, { name: 'custom', }); @@ -149,7 +177,7 @@ describe('Rds Data Source configuration', () => { test('appsync configures name and description correctly', () => { // WHEN - api.addRdsDataSource('ds', cluster, secret, { + api.addRdsDataSource('ds', cluster, secret, undefined, { name: 'custom', description: 'custom description', }); diff --git a/packages/@aws-cdk/aws-cloudfront-origins/package.json b/packages/@aws-cdk/aws-cloudfront-origins/package.json index 9aec76906166c..d90ce2d097315 100644 --- a/packages/@aws-cdk/aws-cloudfront-origins/package.json +++ b/packages/@aws-cdk/aws-cloudfront-origins/package.json @@ -71,7 +71,7 @@ "devDependencies": { "@aws-cdk/assert": "0.0.0", "@aws-cdk/aws-ec2": "0.0.0", - "aws-sdk": "^2.847.0", + "aws-sdk": "^2.848.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "pkglint": "0.0.0" diff --git a/packages/@aws-cdk/aws-cloudfront/package.json b/packages/@aws-cdk/aws-cloudfront/package.json index 2622e5725b975..75b18c5b95444 100644 --- a/packages/@aws-cdk/aws-cloudfront/package.json +++ b/packages/@aws-cdk/aws-cloudfront/package.json @@ -72,7 +72,7 @@ "license": "Apache-2.0", "devDependencies": { "@aws-cdk/assert": "0.0.0", - "aws-sdk": "^2.847.0", + "aws-sdk": "^2.848.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", diff --git a/packages/@aws-cdk/aws-cloudtrail/package.json b/packages/@aws-cdk/aws-cloudtrail/package.json index 91aad28759e59..ce2c1f2e647ed 100644 --- a/packages/@aws-cdk/aws-cloudtrail/package.json +++ b/packages/@aws-cdk/aws-cloudtrail/package.json @@ -72,7 +72,7 @@ "license": "Apache-2.0", "devDependencies": { "@aws-cdk/assert": "0.0.0", - "aws-sdk": "^2.847.0", + "aws-sdk": "^2.848.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", diff --git a/packages/@aws-cdk/aws-codebuild/package.json b/packages/@aws-cdk/aws-codebuild/package.json index 0e823f1ec55aa..7b268062d474f 100644 --- a/packages/@aws-cdk/aws-codebuild/package.json +++ b/packages/@aws-cdk/aws-codebuild/package.json @@ -78,7 +78,7 @@ "@aws-cdk/aws-sns": "0.0.0", "@aws-cdk/aws-sqs": "0.0.0", "@types/nodeunit": "^0.0.31", - "aws-sdk": "^2.847.0", + "aws-sdk": "^2.848.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", diff --git a/packages/@aws-cdk/aws-codecommit/package.json b/packages/@aws-cdk/aws-codecommit/package.json index f3d0694b4ad92..0580fab198c85 100644 --- a/packages/@aws-cdk/aws-codecommit/package.json +++ b/packages/@aws-cdk/aws-codecommit/package.json @@ -78,7 +78,7 @@ "@aws-cdk/assert": "0.0.0", "@aws-cdk/aws-sns": "0.0.0", "@types/nodeunit": "^0.0.31", - "aws-sdk": "^2.847.0", + "aws-sdk": "^2.848.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", diff --git a/packages/@aws-cdk/aws-codepipeline-actions/package.json b/packages/@aws-cdk/aws-codepipeline-actions/package.json index c5b2115f2d944..76381cfdbbb47 100644 --- a/packages/@aws-cdk/aws-codepipeline-actions/package.json +++ b/packages/@aws-cdk/aws-codepipeline-actions/package.json @@ -72,7 +72,7 @@ "@types/nodeunit": "^0.0.31", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", - "lodash": "^4.17.20", + "lodash": "^4.17.21", "nodeunit": "^0.11.3", "pkglint": "0.0.0" }, diff --git a/packages/@aws-cdk/aws-dynamodb/package.json b/packages/@aws-cdk/aws-dynamodb/package.json index 1f65b2516e790..6ca3616c33ac8 100644 --- a/packages/@aws-cdk/aws-dynamodb/package.json +++ b/packages/@aws-cdk/aws-dynamodb/package.json @@ -73,7 +73,7 @@ "devDependencies": { "@aws-cdk/assert": "0.0.0", "@types/jest": "^26.0.20", - "aws-sdk": "^2.847.0", + "aws-sdk": "^2.848.0", "aws-sdk-mock": "^5.1.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", diff --git a/packages/@aws-cdk/aws-eks/lib/kubectl-provider.ts b/packages/@aws-cdk/aws-eks/lib/kubectl-provider.ts index e4c71cfda381c..b5bd8ed51b876 100644 --- a/packages/@aws-cdk/aws-eks/lib/kubectl-provider.ts +++ b/packages/@aws-cdk/aws-eks/lib/kubectl-provider.ts @@ -106,6 +106,7 @@ export class KubectlProvider extends NestedStack { onEventHandler: handler, vpc: cluster.kubectlPrivateSubnets ? cluster.vpc : undefined, vpcSubnets: cluster.kubectlPrivateSubnets ? { subnets: cluster.kubectlPrivateSubnets } : undefined, + securityGroups: cluster.kubectlSecurityGroup ? [cluster.kubectlSecurityGroup] : undefined, }); this.serviceToken = provider.serviceToken; diff --git a/packages/@aws-cdk/aws-eks/package.json b/packages/@aws-cdk/aws-eks/package.json index 9684cd38148c1..4d27cbfaac281 100644 --- a/packages/@aws-cdk/aws-eks/package.json +++ b/packages/@aws-cdk/aws-eks/package.json @@ -73,7 +73,7 @@ "@aws-cdk/assert": "0.0.0", "@types/nodeunit": "^0.0.31", "@types/yaml": "1.9.6", - "aws-sdk": "^2.847.0", + "aws-sdk": "^2.848.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", diff --git a/packages/@aws-cdk/aws-eks/test/integ.eks-cluster-handlers-vpc.expected.json b/packages/@aws-cdk/aws-eks/test/integ.eks-cluster-handlers-vpc.expected.json index e15fc8ae19bea..2d90ac82055dc 100644 --- a/packages/@aws-cdk/aws-eks/test/integ.eks-cluster-handlers-vpc.expected.json +++ b/packages/@aws-cdk/aws-eks/test/integ.eks-cluster-handlers-vpc.expected.json @@ -1194,7 +1194,7 @@ }, "/", { - "Ref": "AssetParameters3a065cef8968eb7f7e62ccb379c68400a56c31aceb97265d4e8f5f4620452db9S3Bucket7930790A" + "Ref": "AssetParameters93bb4c1c6bbced2c1adce602d7643d5475c6e463f4f57f4cd863e064d82a3d82S3Bucket8670C328" }, "/", { @@ -1204,7 +1204,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters3a065cef8968eb7f7e62ccb379c68400a56c31aceb97265d4e8f5f4620452db9S3VersionKey648E56F4" + "Ref": "AssetParameters93bb4c1c6bbced2c1adce602d7643d5475c6e463f4f57f4cd863e064d82a3d82S3VersionKeyCEFB3AF5" } ] } @@ -1217,7 +1217,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters3a065cef8968eb7f7e62ccb379c68400a56c31aceb97265d4e8f5f4620452db9S3VersionKey648E56F4" + "Ref": "AssetParameters93bb4c1c6bbced2c1adce602d7643d5475c6e463f4f57f4cd863e064d82a3d82S3VersionKeyCEFB3AF5" } ] } @@ -1272,9 +1272,6 @@ "referencetoawscdkekshandlersinvpctestAssetParameters844c1a4b13479b359ea0e607dccb4a04b73e22cf88cf9b64feed2c5f0de213c0S3VersionKeyCE91E7FDRef": { "Ref": "AssetParameters844c1a4b13479b359ea0e607dccb4a04b73e22cf88cf9b64feed2c5f0de213c0S3VersionKeyF55A2EA9" }, - "referencetoawscdkekshandlersinvpctestEksAllHandlersInVpcStackDefaultVpcE40EA7ACRef": { - "Ref": "EksAllHandlersInVpcStackDefaultVpcBE11D4AE" - }, "referencetoawscdkekshandlersinvpctestAssetParametersdaeb79e3cee39c9b902dc0d5c780223e227ed573ea60976252947adab5fb2be1S3Bucket9D7E9998Ref": { "Ref": "AssetParametersdaeb79e3cee39c9b902dc0d5c780223e227ed573ea60976252947adab5fb2be1S3BucketDC4B98B1" }, @@ -1400,17 +1397,17 @@ "Type": "String", "Description": "Artifact hash for asset \"70396475d85a52e5c6ccad77894979d07433a207ea3c2668b929f3e70ffde081\"" }, - "AssetParameters3a065cef8968eb7f7e62ccb379c68400a56c31aceb97265d4e8f5f4620452db9S3Bucket7930790A": { + "AssetParameters93bb4c1c6bbced2c1adce602d7643d5475c6e463f4f57f4cd863e064d82a3d82S3Bucket8670C328": { "Type": "String", - "Description": "S3 bucket for asset \"3a065cef8968eb7f7e62ccb379c68400a56c31aceb97265d4e8f5f4620452db9\"" + "Description": "S3 bucket for asset \"93bb4c1c6bbced2c1adce602d7643d5475c6e463f4f57f4cd863e064d82a3d82\"" }, - "AssetParameters3a065cef8968eb7f7e62ccb379c68400a56c31aceb97265d4e8f5f4620452db9S3VersionKey648E56F4": { + "AssetParameters93bb4c1c6bbced2c1adce602d7643d5475c6e463f4f57f4cd863e064d82a3d82S3VersionKeyCEFB3AF5": { "Type": "String", - "Description": "S3 key for asset version \"3a065cef8968eb7f7e62ccb379c68400a56c31aceb97265d4e8f5f4620452db9\"" + "Description": "S3 key for asset version \"93bb4c1c6bbced2c1adce602d7643d5475c6e463f4f57f4cd863e064d82a3d82\"" }, - "AssetParameters3a065cef8968eb7f7e62ccb379c68400a56c31aceb97265d4e8f5f4620452db9ArtifactHash66195F00": { + "AssetParameters93bb4c1c6bbced2c1adce602d7643d5475c6e463f4f57f4cd863e064d82a3d82ArtifactHashBEC324DA": { "Type": "String", - "Description": "Artifact hash for asset \"3a065cef8968eb7f7e62ccb379c68400a56c31aceb97265d4e8f5f4620452db9\"" + "Description": "Artifact hash for asset \"93bb4c1c6bbced2c1adce602d7643d5475c6e463f4f57f4cd863e064d82a3d82\"" } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-eks/test/integ.eks-cluster-private-endpoint.expected.json b/packages/@aws-cdk/aws-eks/test/integ.eks-cluster-private-endpoint.expected.json index 61915b6442bd0..0cecf1650fa62 100644 --- a/packages/@aws-cdk/aws-eks/test/integ.eks-cluster-private-endpoint.expected.json +++ b/packages/@aws-cdk/aws-eks/test/integ.eks-cluster-private-endpoint.expected.json @@ -1115,7 +1115,7 @@ }, "/", { - "Ref": "AssetParameterseb49ce353c5ff251ebe2c3225fe00fb3e9a68fcd8b10207e63a36bfc6e981519S3Bucket686DCA97" + "Ref": "AssetParameters8d4ffe9194a1ca97e2e9377049ddbeb3adbdaa984c8a90c08a5d8d6b328bdf7cS3BucketFEA5F85E" }, "/", { @@ -1125,7 +1125,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameterseb49ce353c5ff251ebe2c3225fe00fb3e9a68fcd8b10207e63a36bfc6e981519S3VersionKey7EDC0140" + "Ref": "AssetParameters8d4ffe9194a1ca97e2e9377049ddbeb3adbdaa984c8a90c08a5d8d6b328bdf7cS3VersionKey226CF52C" } ] } @@ -1138,7 +1138,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameterseb49ce353c5ff251ebe2c3225fe00fb3e9a68fcd8b10207e63a36bfc6e981519S3VersionKey7EDC0140" + "Ref": "AssetParameters8d4ffe9194a1ca97e2e9377049ddbeb3adbdaa984c8a90c08a5d8d6b328bdf7cS3VersionKey226CF52C" } ] } @@ -1193,9 +1193,6 @@ "referencetoawscdkeksclusterprivateendpointtestAssetParameters844c1a4b13479b359ea0e607dccb4a04b73e22cf88cf9b64feed2c5f0de213c0S3VersionKey548D79B4Ref": { "Ref": "AssetParameters844c1a4b13479b359ea0e607dccb4a04b73e22cf88cf9b64feed2c5f0de213c0S3VersionKeyF55A2EA9" }, - "referencetoawscdkeksclusterprivateendpointtestVpcFCD064BFRef": { - "Ref": "Vpc8378EB38" - }, "referencetoawscdkeksclusterprivateendpointtestAssetParametersdaeb79e3cee39c9b902dc0d5c780223e227ed573ea60976252947adab5fb2be1S3Bucket7DDAFC04Ref": { "Ref": "AssetParametersdaeb79e3cee39c9b902dc0d5c780223e227ed573ea60976252947adab5fb2be1S3BucketDC4B98B1" }, @@ -1321,17 +1318,17 @@ "Type": "String", "Description": "Artifact hash for asset \"75667ab2bbef2c8efc57fb73bf352f345af1d471fb09cb11f5b7bc27d009b609\"" }, - "AssetParameterseb49ce353c5ff251ebe2c3225fe00fb3e9a68fcd8b10207e63a36bfc6e981519S3Bucket686DCA97": { + "AssetParameters8d4ffe9194a1ca97e2e9377049ddbeb3adbdaa984c8a90c08a5d8d6b328bdf7cS3BucketFEA5F85E": { "Type": "String", - "Description": "S3 bucket for asset \"eb49ce353c5ff251ebe2c3225fe00fb3e9a68fcd8b10207e63a36bfc6e981519\"" + "Description": "S3 bucket for asset \"8d4ffe9194a1ca97e2e9377049ddbeb3adbdaa984c8a90c08a5d8d6b328bdf7c\"" }, - "AssetParameterseb49ce353c5ff251ebe2c3225fe00fb3e9a68fcd8b10207e63a36bfc6e981519S3VersionKey7EDC0140": { + "AssetParameters8d4ffe9194a1ca97e2e9377049ddbeb3adbdaa984c8a90c08a5d8d6b328bdf7cS3VersionKey226CF52C": { "Type": "String", - "Description": "S3 key for asset version \"eb49ce353c5ff251ebe2c3225fe00fb3e9a68fcd8b10207e63a36bfc6e981519\"" + "Description": "S3 key for asset version \"8d4ffe9194a1ca97e2e9377049ddbeb3adbdaa984c8a90c08a5d8d6b328bdf7c\"" }, - "AssetParameterseb49ce353c5ff251ebe2c3225fe00fb3e9a68fcd8b10207e63a36bfc6e981519ArtifactHashE5817DEB": { + "AssetParameters8d4ffe9194a1ca97e2e9377049ddbeb3adbdaa984c8a90c08a5d8d6b328bdf7cArtifactHashA6BF0EB3": { "Type": "String", - "Description": "Artifact hash for asset \"eb49ce353c5ff251ebe2c3225fe00fb3e9a68fcd8b10207e63a36bfc6e981519\"" + "Description": "Artifact hash for asset \"8d4ffe9194a1ca97e2e9377049ddbeb3adbdaa984c8a90c08a5d8d6b328bdf7c\"" } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.expected.json b/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.expected.json index 45306f411eb84..ff6320f31e568 100644 --- a/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.expected.json +++ b/packages/@aws-cdk/aws-eks/test/integ.eks-cluster.expected.json @@ -3877,7 +3877,7 @@ }, "/", { - "Ref": "AssetParameters9f954a0baf5cb008231906c33569617ace43f4b2c804d16d0d4bae15fe9dfabcS3BucketF9C7C3C5" + "Ref": "AssetParameterse00474136b86298d67c0ad626f1dafe622c51168233097531c5ba6791d43aba3S3Bucket5829AD66" }, "/", { @@ -3887,7 +3887,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters9f954a0baf5cb008231906c33569617ace43f4b2c804d16d0d4bae15fe9dfabcS3VersionKey950894D5" + "Ref": "AssetParameterse00474136b86298d67c0ad626f1dafe622c51168233097531c5ba6791d43aba3S3VersionKey44FDB4A8" } ] } @@ -3900,7 +3900,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters9f954a0baf5cb008231906c33569617ace43f4b2c804d16d0d4bae15fe9dfabcS3VersionKey950894D5" + "Ref": "AssetParameterse00474136b86298d67c0ad626f1dafe622c51168233097531c5ba6791d43aba3S3VersionKey44FDB4A8" } ] } @@ -3955,9 +3955,6 @@ "referencetoawscdkeksclustertestAssetParameters844c1a4b13479b359ea0e607dccb4a04b73e22cf88cf9b64feed2c5f0de213c0S3VersionKey1CADE360Ref": { "Ref": "AssetParameters844c1a4b13479b359ea0e607dccb4a04b73e22cf88cf9b64feed2c5f0de213c0S3VersionKeyF55A2EA9" }, - "referencetoawscdkeksclustertestVpc9A302ADDRef": { - "Ref": "Vpc8378EB38" - }, "referencetoawscdkeksclustertestAssetParametersdaeb79e3cee39c9b902dc0d5c780223e227ed573ea60976252947adab5fb2be1S3Bucket0815E7B5Ref": { "Ref": "AssetParametersdaeb79e3cee39c9b902dc0d5c780223e227ed573ea60976252947adab5fb2be1S3BucketDC4B98B1" }, @@ -4709,17 +4706,17 @@ "Type": "String", "Description": "Artifact hash for asset \"264acf17cbf0c643f47bec1f4dbaed805e3bd1bad3f018c093d16fb936227daa\"" }, - "AssetParameters9f954a0baf5cb008231906c33569617ace43f4b2c804d16d0d4bae15fe9dfabcS3BucketF9C7C3C5": { + "AssetParameterse00474136b86298d67c0ad626f1dafe622c51168233097531c5ba6791d43aba3S3Bucket5829AD66": { "Type": "String", - "Description": "S3 bucket for asset \"9f954a0baf5cb008231906c33569617ace43f4b2c804d16d0d4bae15fe9dfabc\"" + "Description": "S3 bucket for asset \"e00474136b86298d67c0ad626f1dafe622c51168233097531c5ba6791d43aba3\"" }, - "AssetParameters9f954a0baf5cb008231906c33569617ace43f4b2c804d16d0d4bae15fe9dfabcS3VersionKey950894D5": { + "AssetParameterse00474136b86298d67c0ad626f1dafe622c51168233097531c5ba6791d43aba3S3VersionKey44FDB4A8": { "Type": "String", - "Description": "S3 key for asset version \"9f954a0baf5cb008231906c33569617ace43f4b2c804d16d0d4bae15fe9dfabc\"" + "Description": "S3 key for asset version \"e00474136b86298d67c0ad626f1dafe622c51168233097531c5ba6791d43aba3\"" }, - "AssetParameters9f954a0baf5cb008231906c33569617ace43f4b2c804d16d0d4bae15fe9dfabcArtifactHash5984E3CE": { + "AssetParameterse00474136b86298d67c0ad626f1dafe622c51168233097531c5ba6791d43aba3ArtifactHashB6A3908A": { "Type": "String", - "Description": "Artifact hash for asset \"9f954a0baf5cb008231906c33569617ace43f4b2c804d16d0d4bae15fe9dfabc\"" + "Description": "Artifact hash for asset \"e00474136b86298d67c0ad626f1dafe622c51168233097531c5ba6791d43aba3\"" }, "SsmParameterValueawsserviceeksoptimizedami119amazonlinux2recommendedimageidC96584B6F00A464EAD1953AFF4B05118Parameter": { "Type": "AWS::SSM::Parameter::Value", @@ -4738,4 +4735,4 @@ "Default": "/aws/service/eks/optimized-ami/1.19/amazon-linux-2-gpu/recommended/image_id" } } -} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-eks/test/integ.fargate-cluster.expected.json b/packages/@aws-cdk/aws-eks/test/integ.fargate-cluster.expected.json index bae69481f9ded..b9836869c1ba6 100644 --- a/packages/@aws-cdk/aws-eks/test/integ.fargate-cluster.expected.json +++ b/packages/@aws-cdk/aws-eks/test/integ.fargate-cluster.expected.json @@ -1192,7 +1192,7 @@ }, "/", { - "Ref": "AssetParameters37d93b8a35af568f83ecce5e05c6f06adaa06c68b84dfad9c3d82f57cd54ff13S3BucketDCD73A4E" + "Ref": "AssetParametersedcd50bb250cf7cf664a737720e623ad66ada9b9e609205686c476e516cf2f23S3Bucket586F6135" }, "/", { @@ -1202,7 +1202,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters37d93b8a35af568f83ecce5e05c6f06adaa06c68b84dfad9c3d82f57cd54ff13S3VersionKey796F5C1B" + "Ref": "AssetParametersedcd50bb250cf7cf664a737720e623ad66ada9b9e609205686c476e516cf2f23S3VersionKey6EFBFC1D" } ] } @@ -1215,7 +1215,7 @@ "Fn::Split": [ "||", { - "Ref": "AssetParameters37d93b8a35af568f83ecce5e05c6f06adaa06c68b84dfad9c3d82f57cd54ff13S3VersionKey796F5C1B" + "Ref": "AssetParametersedcd50bb250cf7cf664a737720e623ad66ada9b9e609205686c476e516cf2f23S3VersionKey6EFBFC1D" } ] } @@ -1270,9 +1270,6 @@ "referencetoawscdkeksfargateclustertestAssetParameters844c1a4b13479b359ea0e607dccb4a04b73e22cf88cf9b64feed2c5f0de213c0S3VersionKeyFE6D1F78Ref": { "Ref": "AssetParameters844c1a4b13479b359ea0e607dccb4a04b73e22cf88cf9b64feed2c5f0de213c0S3VersionKeyF55A2EA9" }, - "referencetoawscdkeksfargateclustertestFargateClusterDefaultVpcBD3C976FRef": { - "Ref": "FargateClusterDefaultVpcE69D3A13" - }, "referencetoawscdkeksfargateclustertestAssetParametersdaeb79e3cee39c9b902dc0d5c780223e227ed573ea60976252947adab5fb2be1S3Bucket8EEF0922Ref": { "Ref": "AssetParametersdaeb79e3cee39c9b902dc0d5c780223e227ed573ea60976252947adab5fb2be1S3BucketDC4B98B1" }, @@ -1398,17 +1395,17 @@ "Type": "String", "Description": "Artifact hash for asset \"3d252d05ccf0ae2934dd20707e8a709b466b2b8ea00c04ee8735667f90b17ac1\"" }, - "AssetParameters37d93b8a35af568f83ecce5e05c6f06adaa06c68b84dfad9c3d82f57cd54ff13S3BucketDCD73A4E": { + "AssetParametersedcd50bb250cf7cf664a737720e623ad66ada9b9e609205686c476e516cf2f23S3Bucket586F6135": { "Type": "String", - "Description": "S3 bucket for asset \"37d93b8a35af568f83ecce5e05c6f06adaa06c68b84dfad9c3d82f57cd54ff13\"" + "Description": "S3 bucket for asset \"edcd50bb250cf7cf664a737720e623ad66ada9b9e609205686c476e516cf2f23\"" }, - "AssetParameters37d93b8a35af568f83ecce5e05c6f06adaa06c68b84dfad9c3d82f57cd54ff13S3VersionKey796F5C1B": { + "AssetParametersedcd50bb250cf7cf664a737720e623ad66ada9b9e609205686c476e516cf2f23S3VersionKey6EFBFC1D": { "Type": "String", - "Description": "S3 key for asset version \"37d93b8a35af568f83ecce5e05c6f06adaa06c68b84dfad9c3d82f57cd54ff13\"" + "Description": "S3 key for asset version \"edcd50bb250cf7cf664a737720e623ad66ada9b9e609205686c476e516cf2f23\"" }, - "AssetParameters37d93b8a35af568f83ecce5e05c6f06adaa06c68b84dfad9c3d82f57cd54ff13ArtifactHash8F2277C1": { + "AssetParametersedcd50bb250cf7cf664a737720e623ad66ada9b9e609205686c476e516cf2f23ArtifactHashB34EB8FE": { "Type": "String", - "Description": "Artifact hash for asset \"37d93b8a35af568f83ecce5e05c6f06adaa06c68b84dfad9c3d82f57cd54ff13\"" + "Description": "Artifact hash for asset \"edcd50bb250cf7cf664a737720e623ad66ada9b9e609205686c476e516cf2f23\"" } } } \ No newline at end of file diff --git a/packages/@aws-cdk/aws-eks/test/test.cluster.ts b/packages/@aws-cdk/aws-eks/test/test.cluster.ts index 97d5e287e25bb..46554d34dceb0 100644 --- a/packages/@aws-cdk/aws-eks/test/test.cluster.ts +++ b/packages/@aws-cdk/aws-eks/test/test.cluster.ts @@ -2083,6 +2083,27 @@ export = { }, + 'kubectl provider passes security group to provider'(test: Test) { + + const { stack } = testFixture(); + + new eks.Cluster(stack, 'Cluster1', { + version: CLUSTER_VERSION, + prune: false, + endpointAccess: eks.EndpointAccess.PRIVATE, + kubectlEnvironment: { + Foo: 'Bar', + }, + }); + + // the kubectl provider is inside a nested stack. + const nested = stack.node.tryFindChild('@aws-cdk/aws-eks.KubectlProvider') as cdk.NestedStack; + test.deepEqual(expect(nested).value.Resources.ProviderframeworkonEvent83C1D0A7.Properties.VpcConfig.SecurityGroupIds, + [{ Ref: 'referencetoStackCluster18DFEAC17ClusterSecurityGroupId' }]); + + test.done(); + }, + 'kubectl provider passes environment to lambda'(test: Test) { const { stack } = testFixture(); diff --git a/packages/@aws-cdk/aws-events-targets/package.json b/packages/@aws-cdk/aws-events-targets/package.json index c345833b3edd9..a4eee23c9a028 100644 --- a/packages/@aws-cdk/aws-events-targets/package.json +++ b/packages/@aws-cdk/aws-events-targets/package.json @@ -74,7 +74,7 @@ "@aws-cdk/assert": "0.0.0", "@aws-cdk/aws-codecommit": "0.0.0", "@aws-cdk/aws-s3": "0.0.0", - "aws-sdk": "^2.847.0", + "aws-sdk": "^2.848.0", "aws-sdk-mock": "^5.1.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", diff --git a/packages/@aws-cdk/aws-lambda-nodejs/README.md b/packages/@aws-cdk/aws-lambda-nodejs/README.md index 6e99c84835046..bfaa99eb0b243 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/README.md +++ b/packages/@aws-cdk/aws-lambda-nodejs/README.md @@ -148,7 +148,7 @@ new lambda.NodejsFunction(this, 'my-handler', { }, logLevel: LogLevel.SILENT, // defaults to LogLevel.WARNING keepNames: true, // defaults to false - tsconfig: 'custom-tsconfig.json' // use custom-tsconfig.json instead of default, + tsconfig: 'custom-tsconfig.json' // use custom-tsconfig.json instead of default, metafile: true, // include meta file, defaults to false banner : '/* comments */', // by default no comments are passed footer : '/* comments */', // by default no comments are passed @@ -216,7 +216,7 @@ Use `bundling.dockerImage` to use a custom Docker bundling image: ```ts new lambda.NodejsFunction(this, 'my-handler', { bundling: { - dockerImage: cdk.DockerImage.fromBuild('/path/to/Dockerfile'), + dockerImage: cdk.BundlingDockerImage.fromAsset('/path/to/Dockerfile'), }, }); ``` diff --git a/packages/@aws-cdk/aws-lambda-nodejs/package.json b/packages/@aws-cdk/aws-lambda-nodejs/package.json index b570dd5ee75da..ba3c210cc7663 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/package.json +++ b/packages/@aws-cdk/aws-lambda-nodejs/package.json @@ -67,7 +67,7 @@ "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "delay": "5.0.0", - "esbuild": "^0.8.48", + "esbuild": "^0.8.49", "pkglint": "0.0.0" }, "dependencies": { diff --git a/packages/@aws-cdk/aws-lambda-nodejs/test/bundling.test.ts b/packages/@aws-cdk/aws-lambda-nodejs/test/bundling.test.ts index 51da3b8575400..bd69394ae757c 100644 --- a/packages/@aws-cdk/aws-lambda-nodejs/test/bundling.test.ts +++ b/packages/@aws-cdk/aws-lambda-nodejs/test/bundling.test.ts @@ -20,7 +20,7 @@ beforeEach(() => { getEsBuildVersionMock.mockReturnValue('0.8.8'); fromAssetMock.mockReturnValue({ image: 'built-image', - cp: () => 'dest-path', + cp: () => {}, run: () => {}, toJSON: () => 'built-image', }); diff --git a/packages/@aws-cdk/aws-lambda/README.md b/packages/@aws-cdk/aws-lambda/README.md index 1f4ee7e5aaa46..98994962ec129 100644 --- a/packages/@aws-cdk/aws-lambda/README.md +++ b/packages/@aws-cdk/aws-lambda/README.md @@ -36,9 +36,6 @@ runtime code. * `lambda.Code.fromAsset(path)` - specify a directory or a .zip file in the local filesystem which will be zipped and uploaded to S3 before deployment. See also [bundling asset code](#bundling-asset-code). - * `lambda.Code.fromDockerBuild(path, options)` - use the result of a Docker - build as code. The runtime code is expected to be located at `/asset` in the - image and will be zipped and uploaded to S3 as an asset. The following example shows how to define a Python function and deploy the code from the local directory `my-lambda-handler` to it: @@ -453,7 +450,7 @@ new lambda.Function(this, 'Function', { bundling: { image: lambda.Runtime.PYTHON_3_6.bundlingDockerImage, command: [ - 'bash', '-c', + 'bash', '-c', 'pip install -r requirements.txt -t /asset-output && cp -au . /asset-output' ], }, @@ -465,8 +462,8 @@ new lambda.Function(this, 'Function', { Runtimes expose a `bundlingDockerImage` property that points to the [AWS SAM](https://github.com/awslabs/aws-sam-cli) build image. -Use `cdk.DockerImage.fromRegistry(image)` to use an existing image or -`cdk.DockerImage.fromBuild(path)` to build a specific image: +Use `cdk.BundlingDockerImage.fromRegistry(image)` to use an existing image or +`cdk.BundlingDockerImage.fromAsset(path)` to build a specific image: ```ts import * as cdk from '@aws-cdk/core'; @@ -474,7 +471,7 @@ import * as cdk from '@aws-cdk/core'; new lambda.Function(this, 'Function', { code: lambda.Code.fromAsset('/path/to/handler', { bundling: { - image: cdk.DockerImage.fromBuild('/path/to/dir/with/DockerFile', { + image: cdk.BundlingDockerImage.fromAsset('/path/to/dir/with/DockerFile', { buildArgs: { ARG1: 'value1', }, diff --git a/packages/@aws-cdk/aws-lambda/lib/code.ts b/packages/@aws-cdk/aws-lambda/lib/code.ts index b4f41b2804257..29cd3d02ae4de 100644 --- a/packages/@aws-cdk/aws-lambda/lib/code.ts +++ b/packages/@aws-cdk/aws-lambda/lib/code.ts @@ -57,22 +57,6 @@ export abstract class Code { return new AssetCode(path, options); } - /** - * Loads the function code from an asset created by a Docker build. - * - * By defaut, the asset is expected to be located at `/asset` in the - * image. - * - * @param path The path to the directory containing the Docker file - * @param options Docker build options - */ - public static fromDockerBuild(path: string, options: DockerBuildAssetOptions = {}): AssetCode { - const assetPath = cdk.DockerImage - .fromBuild(path, options) - .cp(options.imagePath ?? '/asset', options.outputPath); - return new AssetCode(assetPath); - } - /** * DEPRECATED * @deprecated use `fromAsset` @@ -504,24 +488,3 @@ export class AssetImageCode extends Code { }; } } - -/** - * Options when creating an asset from a Docker build. - */ -export interface DockerBuildAssetOptions extends cdk.DockerBuildOptions { - /** - * The path in the Docker image where the asset is located after the build - * operation. - * - * @default /asset - */ - readonly imagePath?: string; - - /** - * The path on the local filesystem where the asset will be copied - * using `docker cp`. - * - * @default - a unique temporary directory in the system temp directory - */ - readonly outputPath?: string; -} diff --git a/packages/@aws-cdk/aws-lambda/package.json b/packages/@aws-cdk/aws-lambda/package.json index d9e2c556cf146..de51f290aa4f5 100644 --- a/packages/@aws-cdk/aws-lambda/package.json +++ b/packages/@aws-cdk/aws-lambda/package.json @@ -82,7 +82,7 @@ "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", "jest": "^26.6.3", - "lodash": "^4.17.20", + "lodash": "^4.17.21", "pkglint": "0.0.0" }, "dependencies": { diff --git a/packages/@aws-cdk/aws-lambda/test/code.test.ts b/packages/@aws-cdk/aws-lambda/test/code.test.ts index 7de7998b19c85..9b99c095c2467 100644 --- a/packages/@aws-cdk/aws-lambda/test/code.test.ts +++ b/packages/@aws-cdk/aws-lambda/test/code.test.ts @@ -327,29 +327,6 @@ describe('code', () => { }); }); }); - - describe('lambda.Code.fromDockerBuild', () => { - test('can use the result of a Docker build as an asset', () => { - // given - const stack = new cdk.Stack(); - stack.node.setContext(cxapi.ASSET_RESOURCE_METADATA_ENABLED_CONTEXT, true); - - // when - new lambda.Function(stack, 'Fn', { - code: lambda.Code.fromDockerBuild(path.join(__dirname, 'docker-build-lambda')), - handler: 'index.handler', - runtime: lambda.Runtime.NODEJS_12_X, - }); - - // then - expect(stack).toHaveResource('AWS::Lambda::Function', { - Metadata: { - [cxapi.ASSET_RESOURCE_METADATA_PATH_KEY]: 'asset.38cd320fa97b348accac88e48d9cede4923f7cab270ce794c95a665be83681a8', - [cxapi.ASSET_RESOURCE_METADATA_PROPERTY_KEY]: 'Code', - }, - }, ResourcePart.CompleteDefinition); - }); - }); }); function defineFunction(code: lambda.Code, runtime: lambda.Runtime = lambda.Runtime.NODEJS_10_X) { diff --git a/packages/@aws-cdk/aws-lambda/test/docker-build-lambda/Dockerfile b/packages/@aws-cdk/aws-lambda/test/docker-build-lambda/Dockerfile deleted file mode 100644 index 4643fde141850..0000000000000 --- a/packages/@aws-cdk/aws-lambda/test/docker-build-lambda/Dockerfile +++ /dev/null @@ -1,3 +0,0 @@ -FROM public.ecr.aws/amazonlinux/amazonlinux:latest - -COPY index.js /asset diff --git a/packages/@aws-cdk/aws-lambda/test/docker-build-lambda/index.ts b/packages/@aws-cdk/aws-lambda/test/docker-build-lambda/index.ts deleted file mode 100644 index cc867895b4efc..0000000000000 --- a/packages/@aws-cdk/aws-lambda/test/docker-build-lambda/index.ts +++ /dev/null @@ -1,5 +0,0 @@ -/* eslint-disable no-console */ -export async function handler(event: any) { - console.log('Event: %j', event); - return event; -} diff --git a/packages/@aws-cdk/aws-logs/package.json b/packages/@aws-cdk/aws-logs/package.json index 1b86f59deaef2..f5a004e27bb1f 100644 --- a/packages/@aws-cdk/aws-logs/package.json +++ b/packages/@aws-cdk/aws-logs/package.json @@ -72,7 +72,7 @@ "devDependencies": { "@aws-cdk/assert": "0.0.0", "@types/nodeunit": "^0.0.31", - "aws-sdk": "^2.847.0", + "aws-sdk": "^2.848.0", "aws-sdk-mock": "^5.1.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", diff --git a/packages/@aws-cdk/aws-route53/package.json b/packages/@aws-cdk/aws-route53/package.json index b75b7b3c5e18c..9a22737d55347 100644 --- a/packages/@aws-cdk/aws-route53/package.json +++ b/packages/@aws-cdk/aws-route53/package.json @@ -73,7 +73,7 @@ "devDependencies": { "@aws-cdk/assert": "0.0.0", "@types/nodeunit": "^0.0.31", - "aws-sdk": "^2.847.0", + "aws-sdk": "^2.848.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", diff --git a/packages/@aws-cdk/aws-s3-assets/README.md b/packages/@aws-cdk/aws-s3-assets/README.md index 7a751410a2b22..aab4c46d9c44d 100644 --- a/packages/@aws-cdk/aws-s3-assets/README.md +++ b/packages/@aws-cdk/aws-s3-assets/README.md @@ -88,8 +88,8 @@ The following example uses custom asset bundling to convert a markdown file to h [Example of using asset bundling](./test/integ.assets.bundling.lit.ts). -The bundling docker image (`image`) can either come from a registry (`DockerImage.fromRegistry`) -or it can be built from a `Dockerfile` located inside your project (`DockerImage.fromBuild`). +The bundling docker image (`image`) can either come from a registry (`BundlingDockerImage.fromRegistry`) +or it can be built from a `Dockerfile` located inside your project (`BundlingDockerImage.fromAsset`). You can set the `CDK_DOCKER` environment variable in order to provide a custom docker program to execute. This may sometime be needed when building in @@ -114,7 +114,7 @@ new assets.Asset(this, 'BundledAsset', { }, }, // Docker bundling fallback - image: DockerImage.fromRegistry('alpine'), + image: BundlingDockerImage.fromRegistry('alpine'), entrypoint: ['/bin/sh', '-c'], command: ['bundle'], }, @@ -124,27 +124,6 @@ new assets.Asset(this, 'BundledAsset', { Although optional, it's recommended to provide a local bundling method which can greatly improve performance. -If the bundling output contains a single archive file (zip or jar) it will be -uploaded to S3 as-is and will not be zipped. Otherwise the contents of the -output directory will be zipped and the zip file will be uploaded to S3. This -is the default behavior for `bundling.outputType` (`BundlingOutput.AUTO_DISCOVER`). - -Use `BundlingOutput.NOT_ARCHIVED` if the bundling output must always be zipped: - -```ts -const asset = new assets.Asset(this, 'BundledAsset', { - path: '/path/to/asset', - bundling: { - image: DockerImage.fromRegistry('alpine'), - command: ['command-that-produces-an-archive.sh'], - outputType: BundlingOutput.NOT_ARCHIVED, // Bundling output will be zipped even though it produces a single archive file. - }, -}); -``` - -Use `BundlingOutput.ARCHIVED` if the bundling output contains a single archive file and -you don't want it to be zippped. - ## CloudFormation Resource Metadata > NOTE: This section is relevant for authors of AWS Resource Constructs. diff --git a/packages/@aws-cdk/aws-s3-assets/lib/asset.ts b/packages/@aws-cdk/aws-s3-assets/lib/asset.ts index 510834a61c634..938778d1381f4 100644 --- a/packages/@aws-cdk/aws-s3-assets/lib/asset.ts +++ b/packages/@aws-cdk/aws-s3-assets/lib/asset.ts @@ -1,3 +1,4 @@ +import * as fs from 'fs'; import * as path from 'path'; import * as assets from '@aws-cdk/assets'; import * as iam from '@aws-cdk/aws-iam'; @@ -12,6 +13,8 @@ import { toSymlinkFollow } from './compat'; // eslint-disable-next-line no-duplicate-imports, import/order import { Construct as CoreConstruct } from '@aws-cdk/core'; +const ARCHIVE_EXTENSIONS = ['.zip', '.jar']; + export interface AssetOptions extends assets.CopyOptions, cdk.AssetOptions { /** * A list of principals that should be able to read this asset from S3. @@ -136,12 +139,17 @@ export class Asset extends CoreConstruct implements cdk.IAsset { this.assetPath = staging.relativeStagedPath(stack); - this.isFile = staging.packaging === cdk.FileAssetPackaging.FILE; + const packaging = determinePackaging(staging.sourcePath); + + this.isFile = packaging === cdk.FileAssetPackaging.FILE; - this.isZipArchive = staging.isArchive; + // sets isZipArchive based on the type of packaging and file extension + this.isZipArchive = packaging === cdk.FileAssetPackaging.ZIP_DIRECTORY + ? true + : ARCHIVE_EXTENSIONS.some(ext => staging.sourcePath.toLowerCase().endsWith(ext)); const location = stack.synthesizer.addFileAsset({ - packaging: staging.packaging, + packaging, sourceHash: this.sourceHash, fileName: this.assetPath, }); @@ -202,3 +210,19 @@ export class Asset extends CoreConstruct implements cdk.IAsset { this.bucket.grantRead(grantee); } } + +function determinePackaging(assetPath: string): cdk.FileAssetPackaging { + if (!fs.existsSync(assetPath)) { + throw new Error(`Cannot find asset at ${assetPath}`); + } + + if (fs.statSync(assetPath).isDirectory()) { + return cdk.FileAssetPackaging.ZIP_DIRECTORY; + } + + if (fs.statSync(assetPath).isFile()) { + return cdk.FileAssetPackaging.FILE; + } + + throw new Error(`Asset ${assetPath} is expected to be either a directory or a regular file`); +} diff --git a/packages/@aws-cdk/aws-sqs/package.json b/packages/@aws-cdk/aws-sqs/package.json index 5bb6304ee52dd..7b610c64bb71c 100644 --- a/packages/@aws-cdk/aws-sqs/package.json +++ b/packages/@aws-cdk/aws-sqs/package.json @@ -73,7 +73,7 @@ "@aws-cdk/assert": "0.0.0", "@aws-cdk/aws-s3": "0.0.0", "@types/nodeunit": "^0.0.31", - "aws-sdk": "^2.847.0", + "aws-sdk": "^2.848.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", "cfn2ts": "0.0.0", diff --git a/packages/@aws-cdk/cloudformation-diff/lib/diffable.ts b/packages/@aws-cdk/cloudformation-diff/lib/diffable.ts index 7bc87b51144ef..445f6adcef7c3 100644 --- a/packages/@aws-cdk/cloudformation-diff/lib/diffable.ts +++ b/packages/@aws-cdk/cloudformation-diff/lib/diffable.ts @@ -44,13 +44,13 @@ interface Eq { /** * Whether a collection contains some element (by value) */ -function contains>(element: T, xs: T[]) { +function contains>(element: T, xs: T[]): boolean { return xs.some(x => x.equal(element)); } /** * Return collection except for elements */ -function difference>(collection: T[], elements: T[]) { +function difference>(collection: T[], elements: T[]): T[] { return collection.filter(x => !contains(x, elements)); } diff --git a/packages/@aws-cdk/cloudformation-diff/lib/iam/iam-changes.ts b/packages/@aws-cdk/cloudformation-diff/lib/iam/iam-changes.ts index 824e9403c95d4..291ab9803f4c9 100644 --- a/packages/@aws-cdk/cloudformation-diff/lib/iam/iam-changes.ts +++ b/packages/@aws-cdk/cloudformation-diff/lib/iam/iam-changes.ts @@ -4,8 +4,8 @@ import { PropertyChange, PropertyMap, ResourceChange } from '../diff/types'; import { DiffableCollection } from '../diffable'; import { renderIntrinsics } from '../render-intrinsics'; import { deepRemoveUndefined, dropIfEmpty, flatMap, makeComparator } from '../util'; -import { ManagedPolicyAttachment, ManagedPolicyJson, parseManagedPolicies } from './managed-policy'; -import { parseLambdaPermission, parseStatements, renderCondition, Statement, StatementJson, Targets } from './statement'; +import { ManagedPolicyAttachment, ManagedPolicyJson } from './managed-policy'; +import { parseLambdaPermission, parseStatements, Statement, StatementJson } from './statement'; export interface IamChangesProps { propertyChanges: PropertyChange[]; @@ -69,23 +69,25 @@ export class IamChanges { // First generate all lines, then sort on Resource so that similar resources are together for (const statement of this.statements.additions) { + const renderedStatement = statement.render(); ret.push([ '+', - renderTargets(statement.resources), - statement.effect, - renderTargets(statement.actions), - renderTargets(statement.principals), - renderCondition(statement.condition), + renderedStatement.resource, + renderedStatement.effect, + renderedStatement.action, + renderedStatement.principal, + renderedStatement.condition, ].map(s => colors.green(s))); } for (const statement of this.statements.removals) { + const renderedStatement = statement.render(); ret.push([ colors.red('-'), - renderTargets(statement.resources), - statement.effect, - renderTargets(statement.actions), - renderTargets(statement.principals), - renderCondition(statement.condition), + renderedStatement.resource, + renderedStatement.effect, + renderedStatement.action, + renderedStatement.principal, + renderedStatement.condition, ].map(s => colors.red(s))); } @@ -125,14 +127,17 @@ export class IamChanges { } /** - * Return a machine-readable version of the changes + * Return a machine-readable version of the changes. + * This is only used in tests. + * + * @internal */ - public toJson(): IamChangesJson { + public _toJson(): IamChangesJson { return deepRemoveUndefined({ - statementAdditions: dropIfEmpty(this.statements.additions.map(s => s.toJson())), - statementRemovals: dropIfEmpty(this.statements.removals.map(s => s.toJson())), - managedPolicyAdditions: dropIfEmpty(this.managedPolicies.additions.map(s => s.toJson())), - managedPolicyRemovals: dropIfEmpty(this.managedPolicies.removals.map(s => s.toJson())), + statementAdditions: dropIfEmpty(this.statements.additions.map(s => s._toJson())), + statementRemovals: dropIfEmpty(this.statements.removals.map(s => s._toJson())), + managedPolicyAdditions: dropIfEmpty(this.managedPolicies.additions.map(s => s._toJson())), + managedPolicyRemovals: dropIfEmpty(this.managedPolicies.removals.map(s => s._toJson())), }); } @@ -184,7 +189,11 @@ export class IamChanges { const appliesToPrincipal = 'AWS:${' + logicalId + '}'; return flatMap(policies, (policy: any) => { - return defaultPrincipal(appliesToPrincipal, parseStatements(renderIntrinsics(policy.PolicyDocument.Statement))); + // check if the Policy itself is not an intrinsic, like an Fn::If + const unparsedStatement = policy.PolicyDocument?.Statement + ? policy.PolicyDocument.Statement + : policy; + return defaultPrincipal(appliesToPrincipal, parseStatements(renderIntrinsics(unparsedStatement))); }); } @@ -234,11 +243,11 @@ export class IamChanges { }); } - private readManagedPolicies(policyArns: string[] | undefined, logicalId: string): ManagedPolicyAttachment[] { + private readManagedPolicies(policyArns: any, logicalId: string): ManagedPolicyAttachment[] { if (!policyArns) { return []; } const rep = '${' + logicalId + '}'; - return parseManagedPolicies(rep, renderIntrinsics(policyArns)); + return ManagedPolicyAttachment.parseManagedPolicies(rep, renderIntrinsics(policyArns)); } private readLambdaStatements(properties?: PropertyMap): Statement[] { @@ -266,16 +275,6 @@ function defaultResource(resource: string, statements: Statement[]) { return statements; } -/** - * Render into a summary table cell - */ -function renderTargets(targets: Targets): string { - if (targets.not) { - return targets.values.map(s => `NOT ${s}`).join('\n'); - } - return targets.values.join('\n'); -} - export interface IamChangesJson { statementAdditions?: StatementJson[]; statementRemovals?: StatementJson[]; diff --git a/packages/@aws-cdk/cloudformation-diff/lib/iam/managed-policy.ts b/packages/@aws-cdk/cloudformation-diff/lib/iam/managed-policy.ts index 121b2eae1efd3..f0d54140398bc 100644 --- a/packages/@aws-cdk/cloudformation-diff/lib/iam/managed-policy.ts +++ b/packages/@aws-cdk/cloudformation-diff/lib/iam/managed-policy.ts @@ -1,13 +1,25 @@ export class ManagedPolicyAttachment { + public static parseManagedPolicies(identityArn: string, arns: string | string[]): ManagedPolicyAttachment[] { + return typeof arns === 'string' + ? [new ManagedPolicyAttachment(identityArn, arns)] + : arns.map((arn: string) => new ManagedPolicyAttachment(identityArn, arn)); + } + constructor(public readonly identityArn: string, public readonly managedPolicyArn: string) { } - public equal(other: ManagedPolicyAttachment) { + public equal(other: ManagedPolicyAttachment): boolean { return this.identityArn === other.identityArn && this.managedPolicyArn === other.managedPolicyArn; } - public toJson() { + /** + * Return a machine-readable version of the changes. + * This is only used in tests. + * + * @internal + */ + public _toJson(): ManagedPolicyJson { return { identityArn: this.identityArn, managedPolicyArn: this.managedPolicyArn }; } } @@ -16,7 +28,3 @@ export interface ManagedPolicyJson { identityArn: string; managedPolicyArn: string; } - -export function parseManagedPolicies(identityArn: string, arns: string[]): ManagedPolicyAttachment[] { - return arns.map((arn: string) => new ManagedPolicyAttachment(identityArn, arn)); -} \ No newline at end of file diff --git a/packages/@aws-cdk/cloudformation-diff/lib/iam/statement.ts b/packages/@aws-cdk/cloudformation-diff/lib/iam/statement.ts index c9c950875e8bc..ea89ad4e597ee 100644 --- a/packages/@aws-cdk/cloudformation-diff/lib/iam/statement.ts +++ b/packages/@aws-cdk/cloudformation-diff/lib/iam/statement.ts @@ -32,36 +32,76 @@ export class Statement { */ public readonly condition?: any; - constructor(statement: UnknownMap) { - this.sid = expectString(statement.Sid); - this.effect = expectEffect(statement.Effect); - this.resources = new Targets(statement, 'Resource', 'NotResource'); - this.actions = new Targets(statement, 'Action', 'NotAction'); - this.principals = new Targets(statement, 'Principal', 'NotPrincipal'); - this.condition = statement.Condition; + private readonly serializedIntrinsic: string | undefined; + + constructor(statement: UnknownMap | string) { + if (typeof statement === 'string') { + this.sid = undefined; + this.effect = Effect.Unknown; + this.resources = new Targets({}, '', ''); + this.actions = new Targets({}, '', ''); + this.principals = new Targets({}, '', ''); + this.condition = undefined; + this.serializedIntrinsic = statement; + } else { + this.sid = expectString(statement.Sid); + this.effect = expectEffect(statement.Effect); + this.resources = new Targets(statement, 'Resource', 'NotResource'); + this.actions = new Targets(statement, 'Action', 'NotAction'); + this.principals = new Targets(statement, 'Principal', 'NotPrincipal'); + this.condition = statement.Condition; + this.serializedIntrinsic = undefined; + } } /** * Whether this statement is equal to the other statement */ - public equal(other: Statement) { + public equal(other: Statement): boolean { return (this.sid === other.sid && this.effect === other.effect + && this.serializedIntrinsic === other.serializedIntrinsic && this.resources.equal(other.resources) && this.actions.equal(other.actions) && this.principals.equal(other.principals) && deepEqual(this.condition, other.condition)); } - public toJson(): StatementJson { - return deepRemoveUndefined({ - sid: this.sid, - effect: this.effect, - resources: this.resources.toJson(), - principals: this.principals.toJson(), - actions: this.actions.toJson(), - condition: this.condition, - }); + public render(): RenderedStatement { + return this.serializedIntrinsic + ? { + resource: this.serializedIntrinsic, + effect: '', + action: '', + principal: this.principals.render(), // these will be replaced by the call to replaceEmpty() from IamChanges + condition: '', + } + : { + resource: this.resources.render(), + effect: this.effect, + action: this.actions.render(), + principal: this.principals.render(), + condition: renderCondition(this.condition), + }; + } + + /** + * Return a machine-readable version of the changes. + * This is only used in tests. + * + * @internal + */ + public _toJson(): StatementJson { + return this.serializedIntrinsic + ? this.serializedIntrinsic + : deepRemoveUndefined({ + sid: this.sid, + effect: this.effect, + resources: this.resources._toJson(), + principals: this.principals._toJson(), + actions: this.actions._toJson(), + condition: this.condition, + }); } /** @@ -76,6 +116,14 @@ export class Statement { } } +export interface RenderedStatement { + readonly resource: string; + readonly effect: string; + readonly action: string; + readonly principal: string; + readonly condition: string; +} + export interface StatementJson { sid?: string; effect: string; @@ -199,7 +247,22 @@ export class Targets { this.values.sort(); } - public toJson(): TargetsJson { + /** + * Render into a summary table cell + */ + public render(): string { + return this.not + ? this.values.map(s => `NOT ${s}`).join('\n') + : this.values.join('\n'); + } + + /** + * Return a machine-readable version of the changes. + * This is only used in tests. + * + * @internal + */ + public _toJson(): TargetsJson { return { not: this.not, values: this.values }; } } @@ -243,7 +306,7 @@ function forceListOfStrings(x: unknown): string[] { /** * Render the Condition column */ -export function renderCondition(condition: any) { +export function renderCondition(condition: any): string { if (!condition || Object.keys(condition).length === 0) { return ''; } const jsonRepresentation = JSON.stringify(condition, undefined, 2); diff --git a/packages/@aws-cdk/cloudformation-diff/test/iam/detect-changes.test.ts b/packages/@aws-cdk/cloudformation-diff/test/iam/detect-changes.test.ts index 1cf62c8d5286b..fd457cd701b66 100644 --- a/packages/@aws-cdk/cloudformation-diff/test/iam/detect-changes.test.ts +++ b/packages/@aws-cdk/cloudformation-diff/test/iam/detect-changes.test.ts @@ -14,7 +14,7 @@ test('shows new AssumeRolePolicyDocument', () => { })); // THEN - expect(diff.iamChanges.toJson()).toEqual({ + expect(diff.iamChanges._toJson()).toEqual({ statementAdditions: [ { effect: 'Allow', @@ -41,7 +41,7 @@ test('implicitly knows principal of identity policy for all resource types', () })); // THEN - expect(diff.iamChanges.toJson()).toEqual({ + expect(diff.iamChanges._toJson()).toEqual({ statementAdditions: [ { effect: 'Allow', @@ -73,7 +73,7 @@ test('policies on an identity object', () => { })); // THEN - expect(diff.iamChanges.toJson()).toEqual({ + expect(diff.iamChanges._toJson()).toEqual({ statementAdditions: [ { effect: 'Allow', @@ -100,7 +100,7 @@ test('if policy is attached to multiple roles all are shown', () => { })); // THEN - expect(diff.iamChanges.toJson()).toEqual({ + expect(diff.iamChanges._toJson()).toEqual({ statementAdditions: [ { effect: 'Allow', @@ -131,7 +131,7 @@ test('correctly parses Lambda permissions', () => { })); // THEN - expect(diff.iamChanges.toJson()).toEqual({ + expect(diff.iamChanges._toJson()).toEqual({ statementAdditions: [ { effect: 'Allow', @@ -162,7 +162,7 @@ test('implicitly knows resource of (queue) resource policy even if * given', () })); // THEN - expect(diff.iamChanges.toJson()).toEqual({ + expect(diff.iamChanges._toJson()).toEqual({ statementAdditions: [ { effect: 'Allow', @@ -189,7 +189,7 @@ test('finds sole statement removals', () => { }), {}); // THEN - expect(diff.iamChanges.toJson()).toEqual({ + expect(diff.iamChanges._toJson()).toEqual({ statementRemovals: [ { effect: 'Allow', @@ -233,7 +233,7 @@ test('finds one of many statement removals', () => { })); // THEN - expect(diff.iamChanges.toJson()).toEqual({ + expect(diff.iamChanges._toJson()).toEqual({ statementRemovals: [ { effect: 'Allow', @@ -254,7 +254,7 @@ test('finds policy attachments', () => { })); // THEN - expect(diff.iamChanges.toJson()).toEqual({ + expect(diff.iamChanges._toJson()).toEqual({ managedPolicyAdditions: [ { identityArn: '${SomeRole}', @@ -279,7 +279,7 @@ test('finds policy removals', () => { })); // THEN - expect(diff.iamChanges.toJson()).toEqual({ + expect(diff.iamChanges._toJson()).toEqual({ managedPolicyRemovals: [ { identityArn: '${SomeRole}', @@ -314,7 +314,7 @@ test('queuepolicy queue change counts as removal+addition', () => { })); // THEN - expect(diff.iamChanges.toJson()).toEqual({ + expect(diff.iamChanges._toJson()).toEqual({ statementAdditions: [ { effect: 'Allow', @@ -333,3 +333,90 @@ test('queuepolicy queue change counts as removal+addition', () => { ], }); }); + +test('supports Fn::If in the top-level property value of Role', () => { + // WHEN + const diff = diffTemplate({}, template({ + MyRole: role({ + AssumeRolePolicyDocument: poldoc({ + Action: 'sts:AssumeRole', + Effect: 'Allow', + Principal: { Service: 'lambda.amazonaws.com' }, + }), + ManagedPolicyArns: { + 'Fn::If': [ + 'SomeCondition', + ['then-managed-policy-arn'], + ['else-managed-policy-arn'], + ], + }, + }), + })); + + // THEN + expect(diff.iamChanges._toJson()).toEqual({ + managedPolicyAdditions: [ + { + identityArn: '${MyRole}', + managedPolicyArn: '{"Fn::If":["SomeCondition",["then-managed-policy-arn"],["else-managed-policy-arn"]]}', + }, + ], + statementAdditions: [ + { + effect: 'Allow', + principals: { not: false, values: ['Service:lambda.amazonaws.com'] }, + actions: { not: false, values: ['sts:AssumeRole'] }, + resources: { + not: false, + values: ['${MyRole.Arn}'], + }, + }, + ], + }); +}); + +test('supports Fn::If in the elements of an array-typed property of Role', () => { + // WHEN + const diff = diffTemplate({}, template({ + MyRole: role({ + AssumeRolePolicyDocument: poldoc({ + Action: 'sts:AssumeRole', + Effect: 'Allow', + Principal: { Service: 'lambda.amazonaws.com' }, + }), + Policies: [ + { + 'Fn::If': [ + 'SomeCondition', + { + PolicyName: 'S3', + PolicyDocument: poldoc({ + Effect: 'Allow', + Action: 's3:GetObject', + Resource: '*', + }), + }, + { + Ref: 'AWS::NoValue', + }, + ], + }, + ], + }), + })); + + // THEN + const changedStatements = diff.iamChanges.summarizeStatements(); + + // there are 2 rows of changes + // (one for the AssumeRolePolicyDocument, + // one for the Policies), + // plus a row of headers + expect(changedStatements.length).toBe(3); + + const changedPolicies = changedStatements[2]; + const resourceColumn = 1, principalColumn = 4; + + expect(changedPolicies[resourceColumn]).toContain('{"Fn::If":["SomeCondition",{"PolicyName":"S3","PolicyDocument":{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Action":"s3:GetObject","Resource":"*"}]}}]}'); + expect(changedPolicies[principalColumn]).toContain('AWS:${MyRole}'); +}); diff --git a/packages/@aws-cdk/core/lib/asset-staging.ts b/packages/@aws-cdk/core/lib/asset-staging.ts index 17fd89781004a..66c65e3d14864 100644 --- a/packages/@aws-cdk/core/lib/asset-staging.ts +++ b/packages/@aws-cdk/core/lib/asset-staging.ts @@ -5,8 +5,8 @@ import * as cxapi from '@aws-cdk/cx-api'; import { Construct } from 'constructs'; import * as fs from 'fs-extra'; import * as minimatch from 'minimatch'; -import { AssetHashType, AssetOptions, FileAssetPackaging } from './assets'; -import { BundlingOptions, BundlingOutput } from './bundling'; +import { AssetHashType, AssetOptions } from './assets'; +import { BundlingOptions } from './bundling'; import { FileSystem, FingerprintOptions } from './fs'; import { Names } from './names'; import { Cache } from './private/cache'; @@ -17,8 +17,6 @@ import { Stage } from './stage'; // eslint-disable-next-line import { Construct as CoreConstruct } from './construct-compat'; -const ARCHIVE_EXTENSIONS = ['.zip', '.jar']; - /** * A previously staged asset */ @@ -140,9 +138,6 @@ export class AssetStaging extends CoreConstruct { private readonly cacheKey: string; - private _packaging = FileAssetPackaging.ZIP_DIRECTORY; - private _isArchive = true; - constructor(scope: Construct, id: string, props: AssetStagingProps) { super(scope, id); @@ -208,20 +203,6 @@ export class AssetStaging extends CoreConstruct { return this.assetHash; } - /** - * How this asset should be packaged. - */ - public get packaging(): FileAssetPackaging { - return this._packaging; - } - - /** - * Whether this asset is an archive (zip or jar). - */ - public get isArchive(): boolean { - return this._isArchive; - } - /** * Return the path to the staged asset, relative to the Cloud Assembly (manifest) directory of the given stack * @@ -300,16 +281,11 @@ export class AssetStaging extends CoreConstruct { const bundleDir = this.determineBundleDir(this.assetOutdir, assetHash); this.bundle(bundling, bundleDir); - // Check bundling output content and determine if we will need to archive - const bundlingOutputType = bundling.outputType ?? BundlingOutput.AUTO_DISCOVER; - const bundledAsset = determineBundledAsset(bundleDir, bundlingOutputType); - this._packaging = bundledAsset.packaging; - // Calculate assetHash afterwards if we still must - assetHash = assetHash ?? this.calculateHash(this.hashType, bundling, bundledAsset.path); - const stagedPath = path.resolve(this.assetOutdir, renderAssetFilename(assetHash, bundledAsset.extension)); + assetHash = assetHash ?? this.calculateHash(this.hashType, bundling, bundleDir); + const stagedPath = path.resolve(this.assetOutdir, renderAssetFilename(assetHash)); - this.stageAsset(bundledAsset.path, stagedPath, 'move'); + this.stageAsset(bundleDir, stagedPath, 'move'); return { assetHash, stagedPath }; } @@ -347,8 +323,6 @@ export class AssetStaging extends CoreConstruct { const stat = fs.statSync(sourcePath); if (stat.isFile()) { fs.copyFileSync(sourcePath, targetPath); - this._packaging = FileAssetPackaging.FILE; - this._isArchive = ARCHIVE_EXTENSIONS.includes(path.extname(sourcePath).toLowerCase()); } else if (stat.isDirectory()) { fs.mkdirSync(targetPath); FileSystem.copyDirectory(sourcePath, targetPath, this.fingerprintOptions); @@ -528,57 +502,3 @@ function sortObject(object: { [key: string]: any }): { [key: string]: any } { } return ret; } - -/** - * Returns the single archive file of a directory or undefined - */ -function singleArchiveFile(directory: string): string | undefined { - if (!fs.existsSync(directory)) { - throw new Error(`Directory ${directory} does not exist.`); - } - - if (!fs.statSync(directory).isDirectory()) { - throw new Error(`${directory} is not a directory.`); - } - - const content = fs.readdirSync(directory); - if (content.length === 1) { - const file = path.join(directory, content[0]); - const extension = path.extname(content[0]).toLowerCase(); - if (fs.statSync(file).isFile() && ARCHIVE_EXTENSIONS.includes(extension)) { - return file; - } - } - - return undefined; -} - -interface BundledAsset { - path: string, - packaging: FileAssetPackaging, - extension?: string -} - -/** - * Returns the bundled asset to use based on the content of the bundle directory - * and the type of output. - */ -function determineBundledAsset(bundleDir: string, outputType: BundlingOutput): BundledAsset { - const archiveFile = singleArchiveFile(bundleDir); - - // auto-discover means that if there is an archive file, we take it as the - // bundle, otherwise, we will archive here. - if (outputType === BundlingOutput.AUTO_DISCOVER) { - outputType = archiveFile ? BundlingOutput.ARCHIVED : BundlingOutput.NOT_ARCHIVED; - } - - switch (outputType) { - case BundlingOutput.NOT_ARCHIVED: - return { path: bundleDir, packaging: FileAssetPackaging.ZIP_DIRECTORY }; - case BundlingOutput.ARCHIVED: - if (!archiveFile) { - throw new Error('Bundling output directory is expected to include only a single .zip or .jar file when `output` is set to `ARCHIVED`'); - } - return { path: archiveFile, packaging: FileAssetPackaging.FILE, extension: path.extname(archiveFile) }; - } -} diff --git a/packages/@aws-cdk/core/lib/bundling.ts b/packages/@aws-cdk/core/lib/bundling.ts index 059f2260c967b..b1247fd913ea0 100644 --- a/packages/@aws-cdk/core/lib/bundling.ts +++ b/packages/@aws-cdk/core/lib/bundling.ts @@ -79,41 +79,6 @@ export interface BundlingOptions { * @experimental */ readonly local?: ILocalBundling; - - /** - * The type of output that this bundling operation is producing. - * - * @default BundlingOutput.AUTO_DISCOVER - * - * @experimental - */ - readonly outputType?: BundlingOutput; -} - -/** - * The type of output that a bundling operation is producing. - * - * @experimental - */ -export enum BundlingOutput { - /** - * The bundling output directory includes a single .zip or .jar file which - * will be used as the final bundle. If the output directory does not - * include exactly a single archive, bundling will fail. - */ - ARCHIVED = 'archived', - - /** - * The bundling output directory contains one or more files which will be - * archived and uploaded as a .zip file to S3. - */ - NOT_ARCHIVED = 'not-archived', - - /** - * If the bundling output directory contains a single archive file (zip or jar) - * it will not be zipped. Otherwise the bundling output will be zipped. - */ - AUTO_DISCOVER = 'auto-discover', } /** @@ -135,8 +100,6 @@ export interface ILocalBundling { /** * A Docker image used for asset bundling - * - * @deprecated use DockerImage */ export class BundlingDockerImage { /** @@ -153,8 +116,6 @@ export class BundlingDockerImage { * * @param path The path to the directory containing the Docker file * @param options Docker build options - * - * @deprecated use DockerImage.fromBuild() */ public static fromAsset(path: string, options: DockerBuildOptions = {}) { const buildArgs = options.buildArgs || {}; @@ -185,7 +146,7 @@ export class BundlingDockerImage { } /** @param image The Docker image */ - protected constructor(public readonly image: string, private readonly _imageHash?: string) {} + private constructor(public readonly image: string, private readonly _imageHash?: string) {} /** * Provides a stable representation of this image for JSON serialization. @@ -233,16 +194,10 @@ export class BundlingDockerImage { } /** - * Copies a file or directory out of the Docker image to the local filesystem. - * - * If `outputPath` is omitted the destination path is a temporary directory. - * - * @param imagePath the path in the Docker image - * @param outputPath the destination path for the copy operation - * @returns the destination path + * Copies a file or directory out of the Docker image to the local filesystem */ - public cp(imagePath: string, outputPath?: string): string { - const { stdout } = dockerExec(['create', this.image], {}); // Empty options to avoid stdout redirect here + public cp(imagePath: string, outputPath: string) { + const { stdout } = dockerExec(['create', this.image]); const match = stdout.toString().match(/([0-9a-f]{16,})/); if (!match) { throw new Error('Failed to extract container ID from Docker create output'); @@ -250,33 +205,16 @@ export class BundlingDockerImage { const containerId = match[1]; const containerPath = `${containerId}:${imagePath}`; - const destPath = outputPath ?? FileSystem.mkdtemp('cdk-docker-cp-'); try { - dockerExec(['cp', containerPath, destPath]); - return destPath; + dockerExec(['cp', containerPath, outputPath]); } catch (err) { - throw new Error(`Failed to copy files from ${containerPath} to ${destPath}: ${err}`); + throw new Error(`Failed to copy files from ${containerPath} to ${outputPath}: ${err}`); } finally { dockerExec(['rm', '-v', containerId]); } } } -/** - * A Docker image - */ -export class DockerImage extends BundlingDockerImage { - /** - * Builds a Docker image - * - * @param path The path to the directory containing the Docker file - * @param options Docker build options - */ - public static fromBuild(path: string, options: DockerBuildOptions = {}) { - return BundlingDockerImage.fromAsset(path, options); - } -} - /** * A Docker volume */ diff --git a/packages/@aws-cdk/core/package.json b/packages/@aws-cdk/core/package.json index 03885ddb164ac..643f809bca142 100644 --- a/packages/@aws-cdk/core/package.json +++ b/packages/@aws-cdk/core/package.json @@ -176,12 +176,12 @@ "devDependencies": { "@types/lodash": "^4.14.168", "@types/minimatch": "^3.0.3", - "@types/node": "^10.17.53", + "@types/node": "^10.17.54", "@types/sinon": "^9.0.10", "cdk-build-tools": "0.0.0", "cfn2ts": "0.0.0", "fast-check": "^2.13.0", - "lodash": "^4.17.20", + "lodash": "^4.17.21", "nodeunit-shim": "0.0.0", "pkglint": "0.0.0", "sinon": "^9.2.4", diff --git a/packages/@aws-cdk/core/test/archive/archive.zip b/packages/@aws-cdk/core/test/archive/archive.zip deleted file mode 100644 index e69de29bb2d1d..0000000000000 diff --git a/packages/@aws-cdk/core/test/bundling.test.ts b/packages/@aws-cdk/core/test/bundling.test.ts index 8b03dce3da0d3..258860d65585c 100644 --- a/packages/@aws-cdk/core/test/bundling.test.ts +++ b/packages/@aws-cdk/core/test/bundling.test.ts @@ -3,7 +3,7 @@ import * as crypto from 'crypto'; import * as path from 'path'; import { nodeunitShim, Test } from 'nodeunit-shim'; import * as sinon from 'sinon'; -import { BundlingDockerImage, DockerImage, FileSystem } from '../lib'; +import { BundlingDockerImage, FileSystem } from '../lib'; nodeunitShim({ 'tearDown'(callback: any) { @@ -263,25 +263,4 @@ nodeunitShim({ test.ok(spawnSyncStub.calledWith(sinon.match.any, ['rm', '-v', containerId])); test.done(); }, - - 'cp utility copies to a temp dir of outputPath is omitted'(test: Test) { - // GIVEN - const containerId = '1234567890abcdef1234567890abcdef'; - sinon.stub(child_process, 'spawnSync').returns({ - status: 0, - stderr: Buffer.from('stderr'), - stdout: Buffer.from(`${containerId}\n`), - pid: 123, - output: ['stdout', 'stderr'], - signal: null, - }); - - // WHEN - const tempPath = DockerImage.fromRegistry('alpine').cp('/foo/bar'); - - // THEN - test.ok(/cdk-docker-cp-/.test(tempPath)); - - test.done(); - }, }); diff --git a/packages/@aws-cdk/core/test/docker-stub.sh b/packages/@aws-cdk/core/test/docker-stub.sh index 94f806f69a120..fe48e93d4a207 100755 --- a/packages/@aws-cdk/core/test/docker-stub.sh +++ b/packages/@aws-cdk/core/test/docker-stub.sh @@ -24,18 +24,5 @@ if echo "$@" | grep "DOCKER_STUB_SUCCESS"; then exit 0 fi -if echo "$@" | grep "DOCKER_STUB_MULTIPLE_FILES"; then - outdir=$(echo "$@" | xargs -n1 | grep "/asset-output" | head -n1 | cut -d":" -f1) - touch ${outdir}/test1.txt - touch ${outdir}/test2.txt - exit 0 -fi - -if echo "$@" | grep "DOCKER_STUB_SINGLE_ARCHIVE"; then - outdir=$(echo "$@" | xargs -n1 | grep "/asset-output" | head -n1 | cut -d":" -f1) - touch ${outdir}/test.zip - exit 0 -fi - -echo "Docker mock only supports one of the following commands: DOCKER_STUB_SUCCESS_NO_OUTPUT,DOCKER_STUB_FAIL,DOCKER_STUB_SUCCESS,DOCKER_STUB_MULTIPLE_FILES,DOCKER_SINGLE_ARCHIVE" +echo "Docker mock only supports one of the following commands: DOCKER_STUB_SUCCESS_NO_OUTPUT,DOCKER_STUB_FAIL,DOCKER_STUB_SUCCESS" exit 1 diff --git a/packages/@aws-cdk/core/test/staging.test.ts b/packages/@aws-cdk/core/test/staging.test.ts index 76bf74f9cffd7..347c5fcea3b63 100644 --- a/packages/@aws-cdk/core/test/staging.test.ts +++ b/packages/@aws-cdk/core/test/staging.test.ts @@ -1,11 +1,10 @@ import * as os from 'os'; import * as path from 'path'; -import { FileAssetPackaging } from '@aws-cdk/cloud-assembly-schema'; import * as cxapi from '@aws-cdk/cx-api'; import * as fs from 'fs-extra'; import { nodeunitShim, Test } from 'nodeunit-shim'; import * as sinon from 'sinon'; -import { App, AssetHashType, AssetStaging, BundlingDockerImage, BundlingOptions, BundlingOutput, FileSystem, Stack, Stage } from '../lib'; +import { App, AssetHashType, AssetStaging, BundlingDockerImage, BundlingOptions, FileSystem, Stack, Stage } from '../lib'; const STUB_INPUT_FILE = '/tmp/docker-stub.input'; const STUB_INPUT_CONCAT_FILE = '/tmp/docker-stub.input.concat'; @@ -13,9 +12,7 @@ const STUB_INPUT_CONCAT_FILE = '/tmp/docker-stub.input.concat'; enum DockerStubCommand { SUCCESS = 'DOCKER_STUB_SUCCESS', FAIL = 'DOCKER_STUB_FAIL', - SUCCESS_NO_OUTPUT = 'DOCKER_STUB_SUCCESS_NO_OUTPUT', - MULTIPLE_FILES = 'DOCKER_STUB_MULTIPLE_FILES', - SINGLE_ARCHIVE = 'DOCKER_STUB_SINGLE_ARCHIVE', + SUCCESS_NO_OUTPUT = 'DOCKER_STUB_SUCCESS_NO_OUTPUT' } const FIXTURE_TEST1_DIR = path.join(__dirname, 'fs', 'fixtures', 'test1'); @@ -53,34 +50,6 @@ nodeunitShim({ test.deepEqual(staging.sourcePath, sourcePath); test.deepEqual(path.basename(staging.stagedPath), 'asset.2f37f937c51e2c191af66acf9b09f548926008ec68c575bd2ee54b6e997c0e00'); test.deepEqual(path.basename(staging.relativeStagedPath(stack)), 'asset.2f37f937c51e2c191af66acf9b09f548926008ec68c575bd2ee54b6e997c0e00'); - test.deepEqual(staging.packaging, FileAssetPackaging.ZIP_DIRECTORY); - test.deepEqual(staging.isArchive, true); - test.done(); - }, - - 'staging of an archive file correctly sets packaging and isArchive'(test: Test) { - // GIVEN - const stack = new Stack(); - const sourcePath = path.join(__dirname, 'archive', 'archive.zip'); - - // WHEN - const staging = new AssetStaging(stack, 's1', { sourcePath }); - - test.deepEqual(staging.packaging, FileAssetPackaging.FILE); - test.deepEqual(staging.isArchive, true); - test.done(); - }, - - 'staging of a non-archive file correctly sets packaging and isArchive'(test: Test) { - // GIVEN - const stack = new Stack(); - const sourcePath = __filename; - - // WHEN - const staging = new AssetStaging(stack, 's1', { sourcePath }); - - test.deepEqual(staging.packaging, FileAssetPackaging.FILE); - test.deepEqual(staging.isArchive, false); test.done(); }, @@ -816,89 +785,6 @@ nodeunitShim({ ); test.equal(asset.assetHash, '33cbf2cae5432438e0f046bc45ba8c3cef7b6afcf47b59d1c183775c1918fb1f'); // hash of MyStack/Asset - test.done(); - }, - - 'bundling that produces a single archive file is autodiscovered'(test: Test) { - // GIVEN - const app = new App(); - const stack = new Stack(app, 'stack'); - const directory = path.join(__dirname, 'fs', 'fixtures', 'test1'); - - // WHEN - const staging = new AssetStaging(stack, 'Asset', { - sourcePath: directory, - bundling: { - image: BundlingDockerImage.fromRegistry('alpine'), - command: [DockerStubCommand.SINGLE_ARCHIVE], - }, - }); - - // THEN - const assembly = app.synth(); - test.deepEqual(fs.readdirSync(assembly.directory), [ - 'asset.f43148c61174f444925231b5849b468f21e93b5d1469cd07c53625ffd039ef48', // this is the bundle dir but it's empty - 'asset.f43148c61174f444925231b5849b468f21e93b5d1469cd07c53625ffd039ef48.zip', - 'cdk.out', - 'manifest.json', - 'stack.template.json', - 'tree.json', - ]); - test.equal(fs.readdirSync(path.join(assembly.directory, 'asset.f43148c61174f444925231b5849b468f21e93b5d1469cd07c53625ffd039ef48')).length, 0); // empty bundle dir - test.deepEqual(staging.packaging, FileAssetPackaging.FILE); - test.deepEqual(staging.isArchive, true); - - test.done(); - }, - - 'bundling that produces a single archive file with NOT_ARCHIVED'(test: Test) { - // GIVEN - const app = new App(); - const stack = new Stack(app, 'stack'); - const directory = path.join(__dirname, 'fs', 'fixtures', 'test1'); - - // WHEN - const staging = new AssetStaging(stack, 'Asset', { - sourcePath: directory, - bundling: { - image: BundlingDockerImage.fromRegistry('alpine'), - command: [DockerStubCommand.SINGLE_ARCHIVE], - outputType: BundlingOutput.NOT_ARCHIVED, - }, - }); - - // THEN - const assembly = app.synth(); - test.deepEqual(fs.readdirSync(assembly.directory), [ - 'asset.86ec07746e1d859290cfd8b9c648e581555649c75f51f741f11e22cab6775abc', - 'cdk.out', - 'manifest.json', - 'stack.template.json', - 'tree.json', - ]); - test.deepEqual(staging.packaging, FileAssetPackaging.ZIP_DIRECTORY); - test.deepEqual(staging.isArchive, true); - - test.done(); - }, - - 'throws with ARCHIVED and bundling that does not produce a single archive file'(test: Test) { - // GIVEN - const app = new App(); - const stack = new Stack(app, 'stack'); - const directory = path.join(__dirname, 'fs', 'fixtures', 'test1'); - - // WHEN - test.throws(() => new AssetStaging(stack, 'Asset', { - sourcePath: directory, - bundling: { - image: BundlingDockerImage.fromRegistry('alpine'), - command: [DockerStubCommand.MULTIPLE_FILES], - outputType: BundlingOutput.ARCHIVED, - }, - }), /Bundling output directory is expected to include only a single .zip or .jar file when `output` is set to `ARCHIVED`/); - - test.done(); }, }); diff --git a/packages/@aws-cdk/custom-resources/lib/provider-framework/provider.ts b/packages/@aws-cdk/custom-resources/lib/provider-framework/provider.ts index 9da696f268b92..2139866ae3d06 100644 --- a/packages/@aws-cdk/custom-resources/lib/provider-framework/provider.ts +++ b/packages/@aws-cdk/custom-resources/lib/provider-framework/provider.ts @@ -93,6 +93,16 @@ export interface ProviderProps { */ readonly vpcSubnets?: ec2.SubnetSelection; + /** + * Security groups to attach to the provider functions. + * + * Only used if 'vpc' is supplied + * + * @default - If `vpc` is not supplied, no security groups are attached. Otherwise, a dedicated security + * group is created for each function. + */ + readonly securityGroups?: ec2.ISecurityGroup[]; + } /** @@ -122,6 +132,7 @@ export class Provider extends CoreConstruct implements cfn.ICustomResourceProvid private readonly logRetention?: logs.RetentionDays; private readonly vpc?: ec2.IVpc; private readonly vpcSubnets?: ec2.SubnetSelection; + private readonly securityGroups?: ec2.ISecurityGroup[]; constructor(scope: Construct, id: string, props: ProviderProps) { super(scope, id); @@ -137,6 +148,7 @@ export class Provider extends CoreConstruct implements cfn.ICustomResourceProvid this.logRetention = props.logRetention; this.vpc = props.vpc; this.vpcSubnets = props.vpcSubnets; + this.securityGroups = props.securityGroups; const onEventFunction = this.createFunction(consts.FRAMEWORK_ON_EVENT_HANDLER_NAME); @@ -182,6 +194,7 @@ export class Provider extends CoreConstruct implements cfn.ICustomResourceProvid logRetention: this.logRetention, vpc: this.vpc, vpcSubnets: this.vpcSubnets, + securityGroups: this.securityGroups, }); fn.addEnvironment(consts.USER_ON_EVENT_FUNCTION_ARN_ENV, this.onEventHandler.functionArn); diff --git a/packages/@aws-cdk/custom-resources/package.json b/packages/@aws-cdk/custom-resources/package.json index c4a1fd8e2fedf..aed86e63bdb0f 100644 --- a/packages/@aws-cdk/custom-resources/package.json +++ b/packages/@aws-cdk/custom-resources/package.json @@ -78,7 +78,7 @@ "@types/aws-lambda": "^8.10.72", "@types/fs-extra": "^8.1.1", "@types/sinon": "^9.0.10", - "aws-sdk": "^2.847.0", + "aws-sdk": "^2.848.0", "aws-sdk-mock": "^5.1.0", "cdk-build-tools": "0.0.0", "cdk-integ-tools": "0.0.0", diff --git a/packages/@aws-cdk/custom-resources/test/provider-framework/provider.test.ts b/packages/@aws-cdk/custom-resources/test/provider-framework/provider.test.ts index deed031d8909f..b60ef1a602431 100644 --- a/packages/@aws-cdk/custom-resources/test/provider-framework/provider.test.ts +++ b/packages/@aws-cdk/custom-resources/test/provider-framework/provider.test.ts @@ -8,6 +8,75 @@ import * as util from '../../lib/provider-framework/util'; import '@aws-cdk/assert/jest'; +test('security groups are applied to all framework functions', () => { + + // GIVEN + const stack = new Stack(); + + const vpc = new ec2.Vpc(stack, 'Vpc'); + const securityGroup = new ec2.SecurityGroup(stack, 'SecurityGroup', { vpc }); + + // WHEN + new cr.Provider(stack, 'MyProvider', { + onEventHandler: new lambda.Function(stack, 'OnEvent', { + code: lambda.Code.fromInline('foo'), + handler: 'index.onEvent', + runtime: lambda.Runtime.NODEJS_10_X, + }), + isCompleteHandler: new lambda.Function(stack, 'IsComplete', { + code: lambda.Code.fromInline('foo'), + handler: 'index.isComplete', + runtime: lambda.Runtime.NODEJS_10_X, + }), + vpc: vpc, + vpcSubnets: { subnetType: ec2.SubnetType.PRIVATE }, + securityGroups: [securityGroup], + }); + + expect(stack).toHaveResourceLike('AWS::Lambda::Function', { + Handler: 'framework.onEvent', + VpcConfig: { + SecurityGroupIds: [ + { + 'Fn::GetAtt': [ + 'SecurityGroupDD263621', + 'GroupId', + ], + }, + ], + }, + }); + + expect(stack).toHaveResourceLike('AWS::Lambda::Function', { + Handler: 'framework.isComplete', + VpcConfig: { + SecurityGroupIds: [ + { + 'Fn::GetAtt': [ + 'SecurityGroupDD263621', + 'GroupId', + ], + }, + ], + }, + }); + + expect(stack).toHaveResourceLike('AWS::Lambda::Function', { + Handler: 'framework.onTimeout', + VpcConfig: { + SecurityGroupIds: [ + { + 'Fn::GetAtt': [ + 'SecurityGroupDD263621', + 'GroupId', + ], + }, + ], + }, + }); + +}); + test('vpc is applied to all framework functions', () => { // GIVEN diff --git a/packages/@aws-cdk/cx-api/lib/features.ts b/packages/@aws-cdk/cx-api/lib/features.ts index 57c9a5738ee96..24ba471882644 100644 --- a/packages/@aws-cdk/cx-api/lib/features.ts +++ b/packages/@aws-cdk/cx-api/lib/features.ts @@ -102,7 +102,7 @@ export const S3_GRANT_WRITE_WITHOUT_ACL = '@aws-cdk/aws-s3:grantWriteWithoutAcl' * * Tests must cover the default (disabled) case and the future (enabled) case. */ -export const FUTURE_FLAGS = { +export const FUTURE_FLAGS: { [key: string]: any } = { [ENABLE_STACK_NAME_DUPLICATES_CONTEXT]: 'true', [ENABLE_DIFF_NO_FAIL_CONTEXT]: 'true', [STACK_RELATIVE_EXPORTS_CONTEXT]: 'true', diff --git a/packages/@monocdk-experiment/assert/package.json b/packages/@monocdk-experiment/assert/package.json index 4ff01210ff5bd..86806f041880f 100644 --- a/packages/@monocdk-experiment/assert/package.json +++ b/packages/@monocdk-experiment/assert/package.json @@ -35,7 +35,7 @@ "devDependencies": { "@monocdk-experiment/rewrite-imports": "0.0.0", "@types/jest": "^26.0.20", - "@types/node": "^10.17.53", + "@types/node": "^10.17.54", "cdk-build-tools": "0.0.0", "constructs": "^3.2.0", "jest": "^26.6.3", diff --git a/packages/@monocdk-experiment/rewrite-imports/package.json b/packages/@monocdk-experiment/rewrite-imports/package.json index bd5deec25cb98..b824068d0354f 100644 --- a/packages/@monocdk-experiment/rewrite-imports/package.json +++ b/packages/@monocdk-experiment/rewrite-imports/package.json @@ -38,7 +38,7 @@ "devDependencies": { "@types/glob": "^7.1.3", "@types/jest": "^26.0.20", - "@types/node": "^10.17.53", + "@types/node": "^10.17.54", "cdk-build-tools": "0.0.0", "pkglint": "0.0.0" }, diff --git a/packages/aws-cdk-lib/package.json b/packages/aws-cdk-lib/package.json index 2b2a228125d6b..6eadd958185df 100644 --- a/packages/aws-cdk-lib/package.json +++ b/packages/aws-cdk-lib/package.json @@ -283,7 +283,7 @@ "@aws-cdk/region-info": "0.0.0", "@aws-cdk/yaml-cfn": "0.0.0", "@types/fs-extra": "^8.1.1", - "@types/node": "^10.17.53", + "@types/node": "^10.17.54", "cdk-build-tools": "0.0.0", "constructs": "^3.2.0", "fs-extra": "^9.1.0", diff --git a/packages/aws-cdk/lib/init.ts b/packages/aws-cdk/lib/init.ts index 6166736f3e8da..78c844b0a6550 100644 --- a/packages/aws-cdk/lib/init.ts +++ b/packages/aws-cdk/lib/init.ts @@ -179,10 +179,15 @@ export class InitTemplate { return; } + const futureFlags: {[key: string]: any} = {}; + Object.entries(cxapi.FUTURE_FLAGS) + .filter(([k, _]) => !cxapi.FUTURE_FLAGS_EXPIRED.includes(k)) + .forEach(([k, v]) => futureFlags[k] = v); + const config = await fs.readJson(cdkJson); config.context = { ...config.context, - ...cxapi.FUTURE_FLAGS, + ...futureFlags, }; await fs.writeJson(cdkJson, config, { spaces: 2 }); diff --git a/packages/aws-cdk/package.json b/packages/aws-cdk/package.json index 8133859b38ea9..a3f34cdacf9d4 100644 --- a/packages/aws-cdk/package.json +++ b/packages/aws-cdk/package.json @@ -46,7 +46,7 @@ "@types/jest": "^26.0.20", "@types/minimatch": "^3.0.3", "@types/mockery": "^1.4.29", - "@types/node": "^10.17.53", + "@types/node": "^10.17.54", "@types/promptly": "^3.0.1", "@types/semver": "^7.3.4", "@types/sinon": "^9.0.10", @@ -73,7 +73,7 @@ "@aws-cdk/region-info": "0.0.0", "@aws-cdk/yaml-cfn": "0.0.0", "archiver": "^5.2.0", - "aws-sdk": "^2.847.0", + "aws-sdk": "^2.848.0", "camelcase": "^6.2.0", "cdk-assets": "0.0.0", "colors": "^1.4.0", diff --git a/packages/aws-cdk/test/init.test.ts b/packages/aws-cdk/test/init.test.ts index db042d76fc25d..e659161fbb38a 100644 --- a/packages/aws-cdk/test/init.test.ts +++ b/packages/aws-cdk/test/init.test.ts @@ -83,10 +83,15 @@ describe.each(['1', '2'])('v%s tests', (majorVersion) => { const config = await fs.readJson(path.join(tmpDir, 'cdk.json')); const context = config.context || {}; - for (const [key, expected] of Object.entries(cxapi.FUTURE_FLAGS)) { - const actual = context[key]; + for (const [key, expected] of Object.entries(context)) { + const actual = cxapi.FUTURE_FLAGS[key]; expect(actual).toEqual(expected); } + + // assert that expired future flags are not part of the cdk.json + Object.keys(context).forEach(k => { + expect(cxapi.FUTURE_FLAGS_EXPIRED.includes(k)).toEqual(false); + }); }); } } diff --git a/packages/cdk-assets/package.json b/packages/cdk-assets/package.json index 1fd372e22f4d9..16f767306dbdc 100644 --- a/packages/cdk-assets/package.json +++ b/packages/cdk-assets/package.json @@ -35,7 +35,7 @@ "@types/jest": "^26.0.20", "@types/jszip": "^3.4.1", "@types/mock-fs": "^4.13.0", - "@types/node": "^10.17.53", + "@types/node": "^10.17.54", "@types/yargs": "^15.0.13", "cdk-build-tools": "0.0.0", "jest": "^26.6.3", @@ -47,7 +47,7 @@ "@aws-cdk/cloud-assembly-schema": "0.0.0", "@aws-cdk/cx-api": "0.0.0", "archiver": "^5.2.0", - "aws-sdk": "^2.847.0", + "aws-sdk": "^2.848.0", "glob": "^7.1.6", "yargs": "^16.2.0" }, diff --git a/packages/monocdk/package.json b/packages/monocdk/package.json index fb37a46c36839..c71d755b3c2bb 100644 --- a/packages/monocdk/package.json +++ b/packages/monocdk/package.json @@ -288,7 +288,7 @@ "@aws-cdk/region-info": "0.0.0", "@aws-cdk/yaml-cfn": "0.0.0", "@types/fs-extra": "^8.1.1", - "@types/node": "^10.17.53", + "@types/node": "^10.17.54", "cdk-build-tools": "0.0.0", "constructs": "^3.2.0", "fs-extra": "^9.1.0", diff --git a/tools/eslint-plugin-cdk/package.json b/tools/eslint-plugin-cdk/package.json index f8b5e2be07cb5..2c412f30e739e 100644 --- a/tools/eslint-plugin-cdk/package.json +++ b/tools/eslint-plugin-cdk/package.json @@ -15,7 +15,7 @@ "@types/eslint": "^7.2.6", "@types/fs-extra": "^8.1.1", "@types/jest": "^26.0.20", - "@types/node": "^10.17.53", + "@types/node": "^10.17.54", "eslint-plugin-rulesdir": "^0.1.0", "jest": "^26.6.3", "typescript": "~3.9.9" diff --git a/tools/nodeunit-shim/package.json b/tools/nodeunit-shim/package.json index 8b8170f68da93..bc18b8dafe37c 100644 --- a/tools/nodeunit-shim/package.json +++ b/tools/nodeunit-shim/package.json @@ -13,7 +13,7 @@ }, "devDependencies": { "@types/jest": "^26.0.20", - "@types/node": "^10.17.53", + "@types/node": "^10.17.54", "typescript": "~3.9.9" }, "dependencies": { diff --git a/tools/yarn-cling/package.json b/tools/yarn-cling/package.json index ad023b2645918..7a5f00b076fb3 100644 --- a/tools/yarn-cling/package.json +++ b/tools/yarn-cling/package.json @@ -39,7 +39,7 @@ }, "devDependencies": { "@types/jest": "^26.0.20", - "@types/node": "^10.17.53", + "@types/node": "^10.17.54", "@types/yarnpkg__lockfile": "^1.1.4", "jest": "^26.6.3", "pkglint": "0.0.0", diff --git a/version.v1.json b/version.v1.json index b3cba233aa620..eca0b33c11e76 100644 --- a/version.v1.json +++ b/version.v1.json @@ -1,3 +1,3 @@ { - "version": "1.90.0" + "version": "1.90.1" } diff --git a/yarn.lock b/yarn.lock index 76190273b1057..1f1b95216371f 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1661,10 +1661,10 @@ resolved "https://registry.yarnpkg.com/@types/node/-/node-14.14.28.tgz#cade4b64f8438f588951a6b35843ce536853f25b" integrity sha512-lg55ArB+ZiHHbBBttLpzD07akz0QPrZgUODNakeC09i62dnrywr9mFErHuaPlB6I7z+sEbK+IYmplahvplCj2g== -"@types/node@^10.17.53": - version "10.17.53" - resolved "https://registry.yarnpkg.com/@types/node/-/node-10.17.53.tgz#95953f6eaf7e7002ee91762ade945484a4674aac" - integrity sha512-q1igVlMUU+10kzjxNlcLDH7gekuvFK1nevnp7MAyc6sqvK5siWSS37EuvKX9fM8d49SBcoP0iP9tqVHmdAjNhQ== +"@types/node@^10.17.54": + version "10.17.54" + resolved "https://registry.yarnpkg.com/@types/node/-/node-10.17.54.tgz#a737488631aca3ec7bd9f6229d77f1079e444793" + integrity sha512-c8Lm7+hXdSPmWH4B9z/P/xIXhFK3mCQin4yCYMd2p1qpMG5AfgyJuYZ+3q2dT7qLiMMMGMd5dnkFpdqJARlvtQ== "@types/nodeunit@^0.0.31": version "0.0.31" @@ -2271,10 +2271,10 @@ aws-sdk-mock@^5.1.0: sinon "^9.0.1" traverse "^0.6.6" -aws-sdk@^2.637.0, aws-sdk@^2.847.0: - version "2.847.0" - resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.847.0.tgz#099a1087ca6ad5f9a059bf6fbcf9d4dddbd996d1" - integrity sha512-1iWlJiMoiFJVIVPrnUZ+E3h9YqmzgLn/Etv2XsupQY4QvFHWnZHEGXsWS2bEkC9+Ovg8TTwAQIRvqYWlKQjkVg== +aws-sdk@^2.637.0, aws-sdk@^2.848.0: + version "2.848.0" + resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.848.0.tgz#5e7706ddd30a55a2d5a5b64c29682a757607ee64" + integrity sha512-c/e5kaEFl+9aYkrYDkmu5mSZlL+EfP6DnBOMD06fH12gIsaFSMBGtbsDTHABhvSu++LxeI1dJAD148O17MuZvg== dependencies: buffer "4.9.2" events "1.1.1" @@ -3865,10 +3865,10 @@ es6-promisify@^5.0.0: dependencies: es6-promise "^4.0.3" -esbuild@^0.8.48: - version "0.8.48" - resolved "https://registry.yarnpkg.com/esbuild/-/esbuild-0.8.48.tgz#a57e4dde84ec56da1c6ecaefee97e9da6c5b00b5" - integrity sha512-lrH8lA8wWQ6Lpe1z6C7ZZaFSmRsUlcQAqe16nf7ITySQ7MV4+vI7qAqQlT/u+c3+9AL3VXmT4MXTxV2e63pO4A== +esbuild@^0.8.49: + version "0.8.49" + resolved "https://registry.yarnpkg.com/esbuild/-/esbuild-0.8.49.tgz#3d33f71b3966611f822cf4c838115f3fbd16def2" + integrity sha512-itiFVYv5UZz4NooO7/Y0bRGVDGz/M/cxKbl6zyNI5pnKaz1mZjvZXAFhhDVz6rGCmcdTKj5oag6rh8DaaSSmfQ== escalade@^3.1.1: version "3.1.1" @@ -6606,10 +6606,10 @@ lodash.uniq@^4.5.0: resolved "https://registry.yarnpkg.com/lodash.uniq/-/lodash.uniq-4.5.0.tgz#d0225373aeb652adc1bc82e4945339a842754773" integrity sha1-0CJTc662Uq3BvILklFM5qEJ1R3M= -lodash@4.x, lodash@^4.17.12, lodash@^4.17.15, lodash@^4.17.19, lodash@^4.17.20, lodash@^4.2.1: - version "4.17.20" - resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.20.tgz#b44a9b6297bcb698f1c51a3545a2b3b368d59c52" - integrity sha512-PlhdFcillOINfeV7Ni6oF1TAEayyZBoZ8bcshTHqOYJYlrqzRK5hagpagky5o4HfCzzd1TRkXPMFq6cKk9rGmA== +lodash@4.x, lodash@^4.17.12, lodash@^4.17.15, lodash@^4.17.19, lodash@^4.17.20, lodash@^4.17.21, lodash@^4.2.1: + version "4.17.21" + resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.21.tgz#679591c564c3bffaae8454cf0b3df370c3d6911c" + integrity sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg== log-driver@^1.2.7: version "1.2.7"