chore: forward merge 'master' into 'v2-main' #13592
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Co-authored-by: AWS CDK Team <aws-cdk@amazon.com>
…13423) See CDK RFC 253 (aws/aws-cdk-rfcs#254) for background and details. Currently -- if a user has not opted out -- an AWS::CDK::Metadata resource is added to each generated stack template with details about each loaded module and version that matches an Amazon-specific allow list. This modules list is used to: - Track what library versions customers are using so they can be contacted in the event of a severe (security) issue with a library. - Get business metrics on the adoption of CDK and its libraries. This modules list is sometimes inaccurate (a module may be loaded into memory without actually being used) and too braod to support CDK v2. This feature (mostly) implements the specification proposed in RFC 253 to include metadata about what constructs are present in each stack, rather than modules loaded into memory. The allow-list is still used to ensure only CDK/AWS constructs are reported on. Implementation notes: - The format of the Analytics property has changed slightly since the RFC. See the service-side code for justification and latest spec. - How to handle the jsii runtime information was left un-spec'd. I've chosen to create a psuedo-Construct to add to the list as the simplest solution. - `runtime-info.test.ts` leaps through some serious hoops to work equally well for both v1 and v2, and to fail somewhat gracefully locally if `tsc` was used to compile the module instead of `jsii`. Critques of this approach welcome! - I removed an annoyance from `resolve-version-lib.js` that produced error messages when running unit tests. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Our previous implementation of `toJSON()` was quite hacky. It replaced values inside the structure with objects that had a custom `toJSON()` serializer, and then called `JSON.stringify()` on the result. The resulting JSON would have special markers in it where the Token values would be string-substituted back in. It's actually easier and gives us more control to just implement JSONification ourselves in a Token-aware recursive function. This change has been split off from a larger, upcoming PR in order to make the individual reviews smaller. Incidentally also fixes #13465, as the type of encoded tokens is assumed to match the type of the encoded value (e.g., a `string[]`-encoded token is assumed to produce a list at deploy-time and so will not be quoted). ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
The parameter currently used for `find` in `link-all.sh`, `-perm /111`, fails on my Mac. Switch to using `-perm +111`, which works fine, and that's also what JSII uses in [its `link-all.sh` script](https://github.com/aws/jsii/blob/f8bde4a01bf7c707c87ab00748eeeb7632e7c820/scripts/link-all.sh#L26-L26). ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Looking for guidance on error messaging and/or docs to update Fixes #13479 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
#13494) Changes: * .NET: Namespace changed from `Amazon.CDK.Lib` -> `Amazon.CDK` (so `Stack` has the same FQN, same namespace as in Monocdk) * Java: Package name changed from `software.amazon.awscdk.lib` -> `software.amazon.awscdk.core` (so `Stack` has the same FQN, same namespace as in Monocdk) * Java: Changed artifact ID to match what's written in [RFC 6] * Python: Changed dist name to match what's written in [RFC 6] * Python: Change namespace to `aws_cdk` instead of `aws_cdk_lib` for minimal interference. Still need to test whether it's okay to change this to `aws_cdk.core` (like for Java) so `Stack` will keep the same FQN. Monocdk does something different for Python. [RFC 6]: https://github.com/aws/aws-cdk-rfcs/blob/master/text/0006-monolothic-packaging.md ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…PIs (#13033) feat(stepfunctions-tasks): Support calling APIGW REST and HTTP APIs Taking ownership of the original PR #11565 by @Sumeet-Badyal API as per documentation here: https://docs.aws.amazon.com/step-functions/latest/dg/connect-api-gateway.html https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-control-access-using-iam-policies-to-invoke-api.html closes #11566 closes #11565 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Adds route retry policies for http/http2 and gRPC routes. Closes #11642 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
The prefix-encoded trie could occasionally encode the tested resource name in a way that prevents the test to match. Using a "fake" version number ensures a unique prefix is always present, and hence the tested entry will never be encoded in unexpected ways. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Ensure `imagePath` ends with `/.` so that the content at that location is copied. See https://docs.docker.com/engine/reference/commandline/cp/ Closes #13439 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Adds route priority, header matching and matching by scheme and method. Closes #11645 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…cture (#12943) @sshver: > Client Policies are inherently not related to the Virtual Service. It should be thought of as the client (the VN) telling envoy what connections they want to allow to the server (the Virtual Service). The server shouldn't be the one to define what policies are used to enforce connections with itself. ## Description of changes I refactored the client policy from Virtual Service to a separate backend structure. This mirrors how our API is designed. Also ran `npm run lint -- --fix` and removed some comments to fix lint warnings. ```ts /* Old backend defaults */ backendsDefaultClientPolicy: appmesh.ClientPolicy.fileTrust({ certificateChain: 'path-to-certificate', }), /* result of this PR */ backendDefaults: { clientPolicy: appmesh.ClientPolicy.fileTrust({ certificateChain: 'path-to-certificate', }), }, ``` ```ts /* Old Virtual Service with client policy */ const service1 = new appmesh.VirtualService(stack, 'service-1', { virtualServiceName: 'service1.domain.local', virtualServiceProvider: appmesh.VirtualServiceProvider.none(mesh), clientPolicy: appmesh.ClientPolicy.fileTrust({ certificateChain: 'path-to-certificate', ports: [8080, 8081], }), }); /* result of this PR; client policy is defined in the Virtual Node */ const service1 = new appmesh.VirtualService(stack, 'service-1', { virtualServiceName: 'service1.domain.local', virtualServiceProvider: appmesh.VirtualServiceProvider.none(mesh), }); const node = new appmesh.VirtualNode(stack, 'test-node', { mesh, serviceDiscovery: appmesh.ServiceDiscovery.dns('test'), }); node.addBackend({ virtualService: service1, clientPolicy: appmesh.ClientPolicy.fileTrust({ certificateChain: 'path-to-certificate', ports: [8080, 8081], }), }); ``` BREAKING CHANGE: Backend, backend default and Virtual Service client policies structures are being altered * **appmesh**: you must use the backend default interface to define backend defaults in `VirtualGateway`. The property name also changed from `backendsDefaultClientPolicy` to `backendDefaults` * **appmesh**: you must use the backend default interface to define backend defaults in `VirtualNode`, (the property name also changed from `backendsDefaultClientPolicy` to `backendDefaults`), and the `Backend` class to define a backend * **appmesh**: you can no longer attach a client policy to a `VirtualService` Resolves #11996 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…README.md (#13521) Currently addLambdaInvokeCommandPermissions method used to get the permissions, which is a deprecated method now. Use addToPolicy method to get necessary permissions fix: #13444 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
) AutoScaling on percentile metrics did not work because the `MetricAggregationType` was trying to be derived from the metric, and it can only be MIN, MAX or AVG. Figure out what the metric aggregation type does, default it to AVERAGE if no other suitable value can be determined, and also make it and the evaluation periods configurable while we're at it. Fixes #13144. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Fix bunch of docstring, docs and param typos. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
The region information for ap-northeast-3 was not correctly registered as the region was missing from the `AWS_REGIONS` list in the `aws-entities.ts` file. This addresses the gap, and adds a validation at the beginning of `generate-static-data.ts` to ensure no "new" region is introduced here without also being introduced in the `AWS_REGIONS` list. Fixes #13561 Credits to @robertd who had a draft PR with similar changes, which I only saw once it was too late. I've retro-fitted all the good ideas they had which I did not have on first intention - so thank you @robertd. Co-Authored-By: @robertd ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
aws-cdk-automation
added
pr/auto-approve
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
|
Superseded by #13631 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Automated action from aws/cdk-ops