Skip to content
/ aws-cdk Public
forked from aws/aws-cdk

Commit

Permalink
fix: all aws-cdk-lib custom resources now use Node18 (aws#26212)
Browse files Browse the repository at this point in the history 
Migrates all of the custom resources within aws-cdk-lib to use Node18 runtime. Also changes all handler code for these CRs to use aws-sdk v3 instead of v2 since Node18 lambda runtime ships sdk v3 in the environment.


----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
  • Loading branch information
@MrArnoldPalmer
MrArnoldPalmer authored Jul 6, 2023
1 parent 1520d77 commit 399b6bb
Show file tree
Hide file tree
Showing 1,580 changed files with 454,175 additions and 62,895 deletions.
61 changes: 26 additions & 35 deletions ...3605a928622ebc466f4d0de6a0f3b672/index.js → ...0a81fd83fdc20eb2e4e1cb01961a8774/index.js
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
'use strict';

const aws = require('aws-sdk');
const { ACM, waitUntilCertificateValidated } = require('@aws-sdk/client-acm');
const { Route53, waitUntilResourceRecordSetsChanged } = require('@aws-sdk/client-route-53');

const defaultSleep = function (ms) {
return new Promise(resolve => setTimeout(resolve, ms));
Expand Down Expand Up @@ -74,12 +75,12 @@ let report = function (event, context, responseStatus, physicalResourceId, respo
*/
const addTags = async function(certificateArn, region, tags) {
const result = Array.from(Object.entries(tags)).map(([Key, Value]) => ({ Key, Value }))
const acm = new aws.ACM({ region });
const acm = new ACM({ region });

await acm.addTagsToCertificate({
CertificateArn: certificateArn,
Tags: result,
}).promise();
});
}

/**
Expand All @@ -96,12 +97,8 @@ const addTags = async function(certificateArn, region, tags) {
*/
const requestCertificate = async function (requestId, domainName, subjectAlternativeNames, certificateTransparencyLoggingPreference, hostedZoneId, region, route53Endpoint) {
const crypto = require('crypto');
const acm = new aws.ACM({ region });
const route53 = route53Endpoint ? new aws.Route53({ endpoint: route53Endpoint }) : new aws.Route53();
if (waiter) {
// Used by the test suite, since waiters aren't mockable yet
route53.waitFor = acm.waitFor = waiter;
}
const acm = new ACM({ region });
const route53 = route53Endpoint ? new Route53({ endpoint: route53Endpoint }) : new Route53();

console.log(`Requesting certificate for ${domainName}`);

Expand All @@ -113,7 +110,7 @@ const requestCertificate = async function (requestId, domainName, subjectAlterna
},
IdempotencyToken: crypto.createHash('sha256').update(requestId).digest('hex').slice(0, 32),
ValidationMethod: 'DNS'
}).promise();
});

console.log(`Certificate ARN: ${reqCertResponse.CertificateArn}`);

Expand All @@ -123,7 +120,7 @@ const requestCertificate = async function (requestId, domainName, subjectAlterna
for (let attempt = 0; attempt < maxAttempts && !records.length; attempt++) {
const { Certificate } = await acm.describeCertificate({
CertificateArn: reqCertResponse.CertificateArn
}).promise();
});

records = getDomainValidationRecords(Certificate);
if (!records.length) {
Expand All @@ -143,14 +140,13 @@ const requestCertificate = async function (requestId, domainName, subjectAlterna
await commitRoute53Records(route53, records, hostedZoneId);

console.log('Waiting for validation...');
await acm.waitFor('certificateValidated', {
// Wait up to 9 minutes and 30 seconds
$waiter: {
delay: 30,
maxAttempts: 19
},
await waitUntilCertificateValidated({
client: acm,
maxAttempts: 19,
delay: 30,
}, {
CertificateArn: reqCertResponse.CertificateArn
}).promise();
})

return reqCertResponse.CertificateArn;
};
Expand All @@ -162,12 +158,8 @@ const requestCertificate = async function (requestId, domainName, subjectAlterna
* @param {string} arn The certificate ARN
*/
const deleteCertificate = async function (arn, region, hostedZoneId, route53Endpoint, cleanupRecords) {
const acm = new aws.ACM({ region });
const route53 = route53Endpoint ? new aws.Route53({ endpoint: route53Endpoint }) : new aws.Route53();
if (waiter) {
// Used by the test suite, since waiters aren't mockable yet
route53.waitFor = acm.waitFor = waiter;
}
const acm = new ACM({ region });
const route53 = route53Endpoint ? new Route53({ endpoint: route53Endpoint }) : new Route53();

try {
console.log(`Waiting for certificate ${arn} to become unused`);
Expand All @@ -177,7 +169,7 @@ const deleteCertificate = async function (arn, region, hostedZoneId, route53Endp
for (let attempt = 0; attempt < maxAttempts; attempt++) {
const { Certificate } = await acm.describeCertificate({
CertificateArn: arn
}).promise();
});

if (cleanupRecords) {
records = getDomainValidationRecords(Certificate);
Expand Down Expand Up @@ -206,7 +198,7 @@ const deleteCertificate = async function (arn, region, hostedZoneId, route53Endp

await acm.deleteCertificate({
CertificateArn: arn
}).promise();
});

if (cleanupRecords) {
console.log(`Deleting ${records.length} DNS records from zone ${hostedZoneId}:`);
Expand Down Expand Up @@ -268,17 +260,16 @@ async function commitRoute53Records(route53, records, hostedZoneId, action = 'UP
}),
},
HostedZoneId: hostedZoneId
}).promise();
});

console.log('Waiting for DNS records to commit...');
await route53.waitFor('resourceRecordSetsChanged', {
// Wait up to 5 minutes
$waiter: {
delay: 30,
maxAttempts: 10
},
Id: changeBatch.ChangeInfo.Id
}).promise();
await waitUntilResourceRecordSetsChanged({
client: route53,
delay: 30,
maxAttempts: 10,
}, {
Id: changeBatch.ChangeInfo.Id,
});
}

/**
Expand Down
2 changes: 1 addition & 1 deletion ...nteg/test/aws-certificatemanager/test/integ.dns-validated-certificate.js.snapshot/cdk.out
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
{"version":"31.0.0"}
{"version":"32.0.0"}
12 changes: 6 additions & 6 deletions ...t/integ.dns-validated-certificate.js.snapshot/integ-dns-validated-certificate.assets.json
View file
Original file line number Diff line number Diff line change
@@ -1,28 +1,28 @@
{
"version": "31.0.0",
"version": "32.0.0",
"files": {
"ef671dfd26b6dde1f73a4325587504813605a928622ebc466f4d0de6a0f3b672": {
"fb83c347f6a5e3099f787c17ce0845a70a81fd83fdc20eb2e4e1cb01961a8774": {
"source": {
"path": "asset.ef671dfd26b6dde1f73a4325587504813605a928622ebc466f4d0de6a0f3b672",
"path": "asset.fb83c347f6a5e3099f787c17ce0845a70a81fd83fdc20eb2e4e1cb01961a8774",
"packaging": "zip"
},
"destinations": {
"current_account-current_region": {
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
"objectKey": "ef671dfd26b6dde1f73a4325587504813605a928622ebc466f4d0de6a0f3b672.zip",
"objectKey": "fb83c347f6a5e3099f787c17ce0845a70a81fd83fdc20eb2e4e1cb01961a8774.zip",
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
}
}
},
"1827f8b3dae882f9c01e1f56ed8c5cecc88fee8a12a8fd410bc83dd7835622bd": {
"14e61dd74326fa816025a92898ba02959dd7100dccf670dec73afb2e3b13b29c": {
"source": {
"path": "integ-dns-validated-certificate.template.json",
"packaging": "file"
},
"destinations": {
"current_account-current_region": {
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
"objectKey": "1827f8b3dae882f9c01e1f56ed8c5cecc88fee8a12a8fd410bc83dd7835622bd.json",
"objectKey": "14e61dd74326fa816025a92898ba02959dd7100dccf670dec73afb2e3b13b29c.json",
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
}
}
Expand Down
115 changes: 2 additions & 113 deletions ...integ.dns-validated-certificate.js.snapshot/integ-dns-validated-certificate.template.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -96,7 +96,7 @@
"S3Bucket": {
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
},
"S3Key": "ef671dfd26b6dde1f73a4325587504813605a928622ebc466f4d0de6a0f3b672.zip"
"S3Key": "fb83c347f6a5e3099f787c17ce0845a70a81fd83fdc20eb2e4e1cb01961a8774.zip"
},
"Role": {
"Fn::GetAtt": [
Expand All @@ -105,15 +105,7 @@
]
},
"Handler": "index.certificateRequestHandler",
"Runtime": {
"Fn::FindInMap": [
"DefaultCrNodeVersionMap",
{
"Ref": "AWS::Region"
},
"value"
]
},
"Runtime": "nodejs18.x",
"Timeout": 900
},
"DependsOn": [
Expand All @@ -138,109 +130,6 @@
"DeletionPolicy": "Delete"
}
},
"Mappings": {
"DefaultCrNodeVersionMap": {
"af-south-1": {
"value": "nodejs16.x"
},
"ap-east-1": {
"value": "nodejs16.x"
},
"ap-northeast-1": {
"value": "nodejs16.x"
},
"ap-northeast-2": {
"value": "nodejs16.x"
},
"ap-northeast-3": {
"value": "nodejs16.x"
},
"ap-south-1": {
"value": "nodejs16.x"
},
"ap-south-2": {
"value": "nodejs16.x"
},
"ap-southeast-1": {
"value": "nodejs16.x"
},
"ap-southeast-2": {
"value": "nodejs16.x"
},
"ap-southeast-3": {
"value": "nodejs16.x"
},
"ca-central-1": {
"value": "nodejs16.x"
},
"cn-north-1": {
"value": "nodejs16.x"
},
"cn-northwest-1": {
"value": "nodejs16.x"
},
"eu-central-1": {
"value": "nodejs16.x"
},
"eu-central-2": {
"value": "nodejs16.x"
},
"eu-north-1": {
"value": "nodejs16.x"
},
"eu-south-1": {
"value": "nodejs16.x"
},
"eu-south-2": {
"value": "nodejs16.x"
},
"eu-west-1": {
"value": "nodejs16.x"
},
"eu-west-2": {
"value": "nodejs16.x"
},
"eu-west-3": {
"value": "nodejs16.x"
},
"me-central-1": {
"value": "nodejs16.x"
},
"me-south-1": {
"value": "nodejs16.x"
},
"sa-east-1": {
"value": "nodejs16.x"
},
"us-east-1": {
"value": "nodejs16.x"
},
"us-east-2": {
"value": "nodejs16.x"
},
"us-gov-east-1": {
"value": "nodejs16.x"
},
"us-gov-west-1": {
"value": "nodejs16.x"
},
"us-iso-east-1": {
"value": "nodejs14.x"
},
"us-iso-west-1": {
"value": "nodejs14.x"
},
"us-isob-east-1": {
"value": "nodejs14.x"
},
"us-west-1": {
"value": "nodejs16.x"
},
"us-west-2": {
"value": "nodejs16.x"
}
}
},
"Outputs": {
"CertificateArn": {
"Value": {
Expand Down
2 changes: 1 addition & 1 deletion ...g/test/aws-certificatemanager/test/integ.dns-validated-certificate.js.snapshot/integ.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"enableLookups": true,
"version": "31.0.0",
"version": "32.0.0",
"testCases": {
"integ-test/DefaultTest": {
"stacks": [
Expand Down
2 changes: 1 addition & 1 deletion ...ns-validated-certificate.js.snapshot/integtestDefaultTestDeployAssert24D5C536.assets.json
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{
"version": "31.0.0",
"version": "32.0.0",
"files": {
"21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": {
"source": {
Expand Down
10 changes: 2 additions & 8 deletions ...est/aws-certificatemanager/test/integ.dns-validated-certificate.js.snapshot/manifest.json
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{
"version": "31.0.0",
"version": "32.0.0",
"artifacts": {
"integ-dns-validated-certificate.assets": {
"type": "cdk:asset-manifest",
Expand All @@ -17,7 +17,7 @@
"validateOnSynth": false,
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}",
"cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}",
"stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/1827f8b3dae882f9c01e1f56ed8c5cecc88fee8a12a8fd410bc83dd7835622bd.json",
"stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/14e61dd74326fa816025a92898ba02959dd7100dccf670dec73afb2e3b13b29c.json",
"requiresBootstrapStackVersion": 6,
"bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version",
"additionalDependencies": [
Expand Down Expand Up @@ -57,12 +57,6 @@
"data": "CertificateCertificateRequestorResource2890C6B7"
}
],
"/integ-dns-validated-certificate/DefaultCrNodeVersionMap": [
{
"type": "aws:cdk:logicalId",
"data": "DefaultCrNodeVersionMap"
}
],
"/integ-dns-validated-certificate/CertificateArn": [
{
"type": "aws:cdk:logicalId",
Expand Down
Loading

0 comments on commit 399b6bb

Please sign in to comment.