Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(bootstrap): bootstrap doesn't work in non-aws partitions anymore (revert security hub finding fix) #25540

Merged
merged 2 commits into from
May 11, 2023

Conversation

kaizencc
Copy link
Contributor

NOTE: This PR bumps the version of the bootstrap stack to 18, but there is no need to update your bootstrap stacks as this PR changes no functionality.

We are reverting #24588 because it includes hardcoded partitions in the bootstrap causing the p0 in #25272. Including intrinsics ${AWS::Partition} here is impossible. In addition, #24588 was reported to not actually fix the Security Hub finding: #19380 (comment).

Although this is a revert, I am rolling forward the bootstrap version to 18.

reverts #24588. fixes #25272. see #25273 & #25507.


By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@gitpod-io
Copy link

gitpod-io bot commented May 11, 2023

@github-actions github-actions bot added bug This issue is a bug. effort/small Small work item – less than a day of effort p0 labels May 11, 2023
@kaizencc kaizencc requested a review from rix0rrr May 11, 2023 16:02
@aws-cdk-automation aws-cdk-automation requested a review from a team May 11, 2023 16:02
@mergify mergify bot added the contribution/core This is a PR that came from AWS. label May 11, 2023
@aws-cdk-automation aws-cdk-automation added the pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member. label May 11, 2023
@rix0rrr rix0rrr changed the title revert(bootstrap): revert #24588 "remove Security Hub finding KMS.2" fix(bootstrap): bootstrap doesn't work in non-aws partitions anymore (revert security hub finding fix) May 11, 2023
Copy link
Collaborator

@aws-cdk-automation aws-cdk-automation left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.

A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed add Clarification Request to a comment.

@aws-cdk-automation aws-cdk-automation removed the pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member. label May 11, 2023
@kaizencc kaizencc added pr-linter/exempt-test The PR linter will not require test changes pr-linter/exempt-integ-test The PR linter will not require integ test changes labels May 11, 2023
@aws-cdk-automation aws-cdk-automation dismissed their stale review May 11, 2023 16:18

✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.

@mergify
Copy link
Contributor

mergify bot commented May 11, 2023

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
  • Commit ID: 2a6ee74
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@mergify mergify bot merged commit 8854739 into main May 11, 2023
@mergify mergify bot deleted the conroy/revert-24588 branch May 11, 2023 16:51
@mergify
Copy link
Contributor

mergify bot commented May 11, 2023

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

corymhall pushed a commit that referenced this pull request May 11, 2023
…(revert security hub finding fix) (#25540)

**NOTE**: This PR bumps the version of the bootstrap stack to 18, but there is no need to update your bootstrap stacks as this PR changes no functionality.

We are reverting #24588 because it includes hardcoded partitions in the bootstrap causing the `p0` in #25272. Including intrinsics `${AWS::Partition}` here is impossible. In addition, #24588 was reported to not actually fix the Security Hub finding: #19380 (comment).

Although this is a revert, I am rolling forward the bootstrap version to 18.

reverts #24588. fixes #25272. see #25273 & #25507.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug This issue is a bug. contribution/core This is a PR that came from AWS. effort/small Small work item – less than a day of effort p0 pr-linter/exempt-integ-test The PR linter will not require integ test changes pr-linter/exempt-test The PR linter will not require test changes
Projects
None yet
Development

Successfully merging this pull request may close these issues.

bootstrap: Template can currently only be deployed into Commercial Cloud when TrustedAccounts set
3 participants