chore(release): 1.124.0 #16581
Merged
chore(release): 1.124.0 #16581
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Closes #12443 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
When an ApiMapping resource is deployed using the Domain defined in the DomainName resource, the DomainName resource must be deployed before the ApiMapping resource. Since the current logic uses the CloudFormation Output of DomainName as a fall back, preferring the user provided string first, this dependency is not expressed in the resulting template. Remove the preference for the user provided string, will inform synthesis that the dependency must be declared. fixes #15464 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
This was missed by the auto bump script since the pull request - #16329 - was merged without squash. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Most `MachineImage` implementations look up AMIs from SSM Parameters, and by default they will all look up the Parameters on each deployment. This leads to instance replacement. Since we already know the SSM Parameter Name and CDK already has a cached SSM context lookup, it should be simple to get a stable AMI ID. This is not ideal because the AMI will grow outdated over time, but users should have the option to pick non-updating images in a convenient way. Fixes #12484. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
The `assertions` module now has the ability to capture values during template matching. These captured values can then later be retrieved and used for further processing. This change also adds support for `anyValue()` matcher. This matcher will match any non-nullish targets during template matching. Migrated some tests in `pipelines` module to the `assertions` module, using the new capture and `anyValue()` features. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
When the root directory of an asset is a symlink (such as can happen in CDK Pipelines), the asset hash calculation incorrectly doesn't follow the symlink and hashes the link itself it instead. This leads to the asset hash never changing, even though the files inside the directory do change. Instead, we resolve the asset root dir, and make sure to hash the target directory on disk. Handling of symlinks found *inside* the target dir remains unchanged. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…new value is in format n.n.n (#16050) "cdk diff" in the current version doesn't pick up differences if the old/new value has a number-like format but actually isn't a number (e.g. 0.31.1) Example: two version strings like "0.31.1-prod" and "0.31.2-prod" are both parsed into "0.31" (and hence incorrectly considered equal). Closes #15935. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
This PR adds support for the firehose subscription protocol by extending the protocol enum and by requiring the field "subscriptionRoleArn" if the protocol is set to firehose. This is so that users can take advantage of the new SNS-to-Firehose integration introduced in February 2021 (see [here](https://aws.amazon.com/blogs/compute/introducing-message-archiving-and-analytics-for-amazon-sns/) for the announcement). Here also is a link to the [sample cloudformation](https://docs.aws.amazon.com/sns/latest/dg/firehose-example-cfn.html), documenting the SNS-to-Firehose integration. *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Add AWS Neptune engine versions 1.0.5.0. https://docs.aws.amazon.com/neptune/latest/userguide/engine-releases-1.0.5.0.html Closes #16388. Deployment successfully testet: ```ts new neptune.DatabaseCluster(this, 'Database', { vpc, instanceType: neptune.InstanceType.T3_MEDIUM, engineVersion: neptune.EngineVersion.V1_0_5_0, }); ``` ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Fixes: #15709 When creating a lambda with log retention, CDK actually creates 2 lambda functions. The second lambda function alters log retention of the log group of the first lambda and the retention of its own log group. Because log group creation is asynchronous, the log retention lambda tries to pre-create both log groups to guarantee it has an object to work on. If a normal lambda execution also creates the related log group at the same time, an "OperationAbortedException:... Please retry" error is returned. The existing code handles this situation for log retention lambda but not for the first lambda. This fix adds the retry pattern to the general log group creation code. Also existing code had a bug: if OperationAbortedException is hit, the error is hidden but the retention policy is skipped and not actually applied. This fix addresses this bug as well. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…lication (#16424) Another non-obvious consequence of the self-mutating nature of CDK pipelines that needs to be thoroughly documented. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Improve docs to indicate that the path to a tarball should be absolute and not relative. Fixes #15721 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Added Fargate support for Batch jobs. Note: this is not entirely my work - most of it was done by @kokachev. It is an updated version of Fargate support for batch jobs based on the feedback left in #13591. - Doc fixes - Integration test addition - Network configuration for Fargate - Support `ResourceRequirements` for Fargate jobs - Other minor fixes revealed by integration test closes: #13590, #13591 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
...so that we transitively depend on a newer version of `trim-off-newlines`, which has a CVE filed against it. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Bumps [axios](https://github.com/axios/axios) from 0.21.1 to 0.21.4. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/master/CHANGELOG.md) - [Commits](axios/axios@v0.21.1...v0.21.4) --- updated-dependencies: - dependency-name: axios dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Addresses another vulnerability in `pac-resolver`. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Bumps [tar](https://github.com/npm/node-tar) from 4.4.16 to 4.4.19. - [Release notes](https://github.com/npm/node-tar/releases) - [Changelog](https://github.com/npm/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v4.4.16...v4.4.19) --- updated-dependencies: - dependency-name: tar dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Introduce `Match.serializedJson()` that can parse JSON serialized as a string, and continue matching into the parsed JSON. Migrate the rest of the tests in the `pipelines` module. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…rora Postgres ver 13.3 (#16466) Add new RDS versions: **MariaDbEngineVersion 10.5.12, 10.4.21, 10.3.31, 10.2.40** Announcement: https://aws.amazon.com/about-aws/whats-new/2021/09/amazon-rds-mariadb-new-minor-versions/ **AuroraPostgresEngineVersion 13.3** Announcement: https://aws.amazon.com/about-aws/whats-new/2021/08/amazon-aurora-postgresql-13/ According to AWS CLI and AWS Console, the exact EngineVersion is 13.3. s3Export and s3Import are supported, see command `aws rds describe-db-engine-versions --region us-east-1 --engine aurora-postgresql --engine-version 13`. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
This feature allows users to manage Redshift database resources, such as users, tables, and grants, within their CDK application. Because these resources do not have CloudFormation handlers, this feature leverages custom resources and the Amazon Redshift Data API for creation and modification. The generic construct for this type of resource is `DatabaseQuery`. This construct provides the base functionality required for interacting with Redshift database resources, including configuring administrator credentials, creating a custom resource handler, and granting necessary IAM permissions. The custom resource handler code contains utility functions for executing query statements against the Redshift database. Specific resources that use the `DatabaseQuery` construct, such as `User` and `Table` are responsible for providing the following to `DatabaseQuery`: generic database configuration properties, specific configuration properties that will get passed to the custom resource handler (eg., `username` for `User`). Specific resources are also responsible for writing the lifecycle-management code within the handler. In general, this consists of: configuration extraction (eg., pulling `username` from the `AWSLambda.CloudFormationCustomResourceEvent` passed to the handler) and one method for each lifecycle event (create, update, delete) that queries the database using calls to the generic utility function. Users have a fairly simple lifecycle that allows them to be created, deleted, and updated when a secret containing a password is updated (secret rotation has not been implemented yet). Because of #9815, the custom resource provider queries Secrets Manager in order to access the password. Tables have a more complicated lifecycle because we want to allow columns to be added to the table without resource replacement, as well as ensuring that dropped columns do not lose data. For these reasons, we generate a unique name per-deployment when the table name is requested to be generated by the end user. We also notify create a new table (using a new generated name) if a column is to be dropped and let CFN lifecycle rules dictate whether the old table should be removed or kept. User privileges on tables are implemented via the `UserTablePrivileges` construct. This construct is located in the `private` directory to ensure that it is not exported for direct public use. This means that user privileges must be managed through the `Table.grant` method or the `User.addTablePrivileges` method. Thus, each `User` will have at most one `UserTablePrivileges` construct to manage its privileges. This is to avoid a situation where privileges could be erroneously removed when the same privilege is managed from two different CDK applications. For more details, see the README, under "Granting Privileges". ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
) CloudFormation allows setting the [`WorkingDirectory`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-imageconfig.html#cfn-lambda-function-imageconfig-workingdirectory) property in `AWS::Lambda::Function.ImageConfig` to override the docker container's working directory, but this isn't currently exposed through CDK. Not sure if that was intentional. This PR wires that up. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…d go runtimes (#16281) SAM build images are now available in ECR public for go1.x, dotnetcore2.1 and dotnetcore3.1. https://gallery.ecr.aws/sam/build-go1.x https://gallery.ecr.aws/sam/build-dotnetcore2.1 https://gallery.ecr.aws/sam/build-dotnetcore3.1 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
fixes: #16463 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
chore: update autolabeler to fork
Migrate more modules from nodeunit to jest. Migrates `aws-codedeploy`, `aws-config`, `aws-dynamodb-global`, `aws-ssm`, and `assets`. All tests are not modified, purely migrated to jest. I added 1 test in `aws-config` to satisfy the Jest rule that 80% of branches be tested. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Co-authored-by: AWS CDK Team <aws-cdk@amazon.com>
---- This PR adds a new service extension, `PublisherExtension`. This extension can be added to a service to allow it to publish events to SNS Topics. (This PR when paired with #16049 can be used to set up the pub/ sub architecture pattern) It sets up publish permissions for the service to be able to publish events to the topics provided. The user can also provide a list of accounts that will be given permissions to subscribe to the given topics. *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
chore: update autolabeler config
---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Co-authored-by: AWS CDK Team <aws-cdk@amazon.com>
https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/AuroraMySQL.Updates.2100.html ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Add a `replicaRegions` option to `fromGeneratedSecret()` both in `Credentials` and `SnapshotCredentials`. Closes #16480 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Fixes #16512 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…16560) an inconsistency I noticed in the assets package that ECR is referred to as AWS ECR, while the ECR package refers to ECR as Amazon ECR (and as does the product page). a minor README update ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Migrates `aws-ecs-patterns` and `aws-sqs` to `jest`. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
The security group name accessor will (almost) always return the security group ID, rather than the name. This change deprecates the name accessor to make it clearer to users that this is not a supported use case. fixes #13774 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
closes #16501 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…alvi (#16561) - Transfers ownership of Ben's modules to @kaizen3031593 and @comcalvi. - Adds new module `aws-opensearchservice`, following precedent from #11130.
|
|
aws-cdk-automation
added
the
pr/no-squash
rix0rrr
approved these changes
Sep 21, 2021
|
Thank you for contributing! Your pull request will be automatically updated and merged without squashing (do not update manually, and be sure to allow changes to be pushed to your fork). |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See CHANGELOG