Merge #23
Merged
Merge #23
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Using `nodeunit-shim` to run the tests under jest. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Bumps [bl](https://github.com/rvagg/bl) from 4.0.2 to 4.0.3. - [Release notes](https://github.com/rvagg/bl/releases) - [Commits](rvagg/bl@v4.0.2...v4.0.3) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Adds the EnablePerformanceInsights and related props to `InstanceProps` for instances within a cluster. _Note:_ I opted not to try to coalesce `InstanceProps`, `DatabaseInstanceNewProps`, and `DatabaseInstanceSourceProps` in this PR; there are a ton of overlapping properties, but it's not immediately clear which fields are relevant for cluster instances vs standalone instances. I think investigating and validiting how to combine these is a significantly larger task. fixes #7957 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…10100) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
The qualifier has a quite restricted length. Validate the length (and character set) of the qualifier that the user supplies. Fixes #9255. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
feat(ecs): bottlerocket support Closes: #10085 - `machineImageType` to select the bottlerocket machine image type - SSM session manager enabled by default - [x] update README - [x] integ test - [x] unit test ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
fixes: #10055 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
We introduced constraints on the bootstrap qualifier and updated the tests to pass a shorter qualifier--but the old integretion tests obviously still pass the long qualifier so now the old tests fail against the new CLI. Skip the offending tests. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…n to properly update when set to false (#9986) Fixes #9975 ## Notes - Changed load balancer deletion protection to also set the attribute to `false`, instead of omitting the attribute when `deletionProtection` is false. - Added unit test to verify the attribute is set with `false` in this case - Fixed other load balancer unit tests that were broken due to adding this attribute when `deletionProtection` is false - Updated `expected.json` files for integ tests to include this attribute when `deletionProtection` is false ### Main changes - packages/@aws-cdk/aws-elasticloadbalancingv2/lib/shared/base-load-balancer.ts - packages/@aws-cdk/aws-elasticloadbalancingv2/test/alb/load-balancer.test.ts - packages/@aws-cdk/aws-elasticloadbalancingv2/test/nlb/load-balancer.test.ts ### Changes for `expected.json` files - Everything else ## Testing - Ran unit tests and ensured they succeeded - Deploy a load balancer with deletion protection on, set it to `false` in CDK code, then redeploy and ensure it gets turned off ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…10152) Change the single-string versions of `buildCommand` and `installCommand`, and turn them into arrays. People don't have to do `'command1 && command2'` anymore but can now simply supply an array of `['command1', 'command2']` which is more natural. Fixes #9357. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
For people with specific requirements:
* Allow supplying an existing (preconfigured) CodePipeline object,
via the `codePipeline` argument. This pipeline may already have
Source and Build stages, in which case `sourceAction` and
`synthAction` are no longer required.
* Allow access to the underlying CodePipeline object via the
`.codePipeline` property, and allow modifying it via
`pipeline.stage("Source").addAction(...)`.
Fixes #9021.
----
*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
CDK supports auth directives for appsync. CDK has a class `appsync.Directive` that has static functions like `.iam()`, `.apiKey()`, etc. to give a field or type specific auth permissions. **BREAKING CHANGE**: remove `statement` property for directives, instead use `toString` - **AppSync**: removed `appsync.Directive.statement` property, use the `appsync.Directive.toString()` function instead Fixes: #9879 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Currently, we attach the VPC to the `KubectlProvider` only when public access is not enabled. The idea was that if public access is enabled, the provider could always connect to the cluster via the internet. The problem is that public access can be restricted to specific CIDR's via the `onlyFrom` method. Solution is to switch up the logic and attach the VPC to the provider when private access is enabled. This would enable configuring `PUBLIC_AND_PRIVATE.onlyFrom(...)`. Also, using `PUBLIC.onlyFrom` is now unsupported because it will most likely break the provider since private access is disabled, and public access is restricted. Bottom line, these are the configurations that should work: - Public (with or without private subnets) - Private (with private subnets) - Private and **unrestricted** public (with or without private subents) - Private and **restricted** public (with private subnets) I also moved the `KubectlSecurityGroup` to be created only if needed. Fixes #9866 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…#10167) jsii bug that's preventing packaging <details> <summary> bug output </summary> ```shell #STDOUT> Amazon/CDK/AWS/AppSync/Directive.cs(88,32): error CS0115: 'Directive.ToString(AuthorizationType[]?)': no suitable method found to override [/tmp/npm-packqZC1CO/Amazon.CDK.MonoCDK.Experiment/Amazon.CDK.MonoCDK.Experiment.csproj] #STDOUT> Amazon/CDK/AWS/AppSync/InputType.cs(66,32): error CS0115: 'InputType.ToString(AuthorizationType[]?)': no suitable method found to override [/tmp/npm-packqZC1CO/Amazon.CDK.MonoCDK.Experiment/Amazon.CDK.MonoCDK.Experiment.csproj] #STDOUT> Amazon/CDK/AWS/AppSync/InterfaceType.cs(64,32): error CS0115: 'InterfaceType.ToString(AuthorizationType[]?)': no suitable method found to override [/tmp/npm-packqZC1CO/Amazon.CDK.MonoCDK.Experiment/Amazon.CDK.MonoCDK.Experiment.csproj] #STDOUT> Amazon/CDK/AWS/AppSync/InputType.cs(66,32): error CS0115: 'InputType.ToString(AuthorizationType[]?)': no suitable method found to override [/tmp/npm-packqZC1CO/Amazon.CDK.AWS.AppSync/Amazon.CDK.AWS.AppSync.csproj] #STDOUT> Amazon/CDK/AWS/AppSync/Directive.cs(88,32): error CS0115: 'Directive.ToString(AuthorizationType[]?)': no suitable method found to override [/tmp/npm-packqZC1CO/Amazon.CDK.AWS.AppSync/Amazon.CDK.AWS.AppSync.csproj] #STDOUT> Amazon/CDK/AWS/AppSync/InterfaceType.cs(64,32): error CS0115: 'InterfaceType.ToString(AuthorizationType[]?)': no suitable method found to override [/tmp/npm-packqZC1CO/Amazon.CDK.AWS.AppSync/Amazon.CDK.AWS.AppSync.csproj] ``` </details> **Cause** C# `Object.toString()` does not have parameters in its function. When IIntermediateType functions inherited the `Object.toString()` function, it would override the `toString()` function with parameters causing an error. **Fix** Create `bind` methods called `bindToAuthModes` and `bindToGraphqlApi` to alleviate the need for parameterized `toString()` function. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
This is in preparation for v2.0 in which future flags will be turned on by default. For a period of few months, two active branches `master` and `v2-master` will be present with continuous merges from former to latter. This change will reduce the number of merge conflicts between the branches after the defaults have been flipped. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
) Closes #10135 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Created the `DatabaseClusterFromSnapshot` to support creating database clusters from snapshots. I made some intentional decisions here to avoid exposing as much of the underlying "base" classes and interfaces as possible, to support future refactoring as necessary. fixes #4379 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…10169) To facilitate using CfnInclude for vending CloudFormation templates as CDK Constructs, add a new `preserveLogicalIds` parameter to `CfnInclude` that re-names all logical IDs of all elements (including references to them) with the standard CDK logical ID generation algorithm. Closes #9714 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
At least two users have run into a deployment error that must have been caused by them passing an empty Stage object. Head this failure mode off at the pass by explicitly checking for it. Fixes #9559. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Allow more control over the IAM permissions for the execution role of a `ShellScriptAction`. Statements can be added at construction time, the object can also be used as a Grantable. Fixes #9600. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
When the project root (=`/asset-input` in the container) doesn't contain a lock file (npm or yarn), Parcel thinks that `/asset-input` is part of a monorepo with the root at `/` because the image installs Parcel at `/`. It will then try to create the cache at `/`. Ensure no lock file is created during installation of Parcel in the Docker image. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…10216) We fingerprint the cfn-init configuration to insert into the user data so changes to the cfn-init config can trigger an instance replacement; however, the fingerprint was being calculated on the raw config, including tokens, so the asset hash was not being considered in the fingerprint. This fix resolves the tokens so the fingerprint takes asset hashes into consideration. fixes #10206 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Introduces metrics for clusters, with both common metrics getting `metricXxx` methods and the general `metric()` method for custom metrics. I opted for covering all metrics that are available for both Aurora MySQL and Aurora PostgreSQL by default. See https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Monitoring.html This change also required tweaking the augmentation generation in two ways: 1. Supporting the interface and base class being in separate files. 2. Supporting multiple augmentated classes in the same module. fixes #5212 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
One of the test was modifying the test fixture by removing a file. The tests actually share the fixture for performance reasons, so this would break it for the next test (which we recently added). Instead of removing a file, temporarily rename it. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
A user was reporting an infinite loop in pipeline updating. Couldn't really get to the root cause of why that was happening, but in order to get closer to the root cause, add a sanity check and ask people to report similar issues. Closes #9932, relates to #9766. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Create a private package `aws-cdk-lib` as a replica of `monocdk-experiment`. This private package will not be published. The build logic in `monocdk-experiement` is refactored into a new build tool - `ubergen` - and is shared between `monocdk-experiment` and the new `aws-cdk-lib`. Motivation As we get closer to launch v2, there is going to be a period of several months where there will be two active branches, one tracking v1 and the other tracking v2. The main motivation for this change is merge conflict reduction during this time. During this period, we're going to work on polishing up the experience of `aws-cdk-lib` and may build more tests and monitoring. Without this change, the branch tracking v1 will have several places referring to this package as `monocdk-experiment` while the branch tracking v2 will refer to this as `aws-cdk-lib` leading to increased merge conflicts. Once this change is checked in, the only difference between the two branches should be the `private` field in the `package.json` file. This should significantly reduce conflicts between the two branches. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
`cdk deploy --tags` does a one-time override of tags found in the Cloud Assembly. The tags will be reset on the next deployment. Specifying tags at deploy time is at odds with the desired-state configuration that the CDK promotes, and the 2 sources of tags don't work together well. We should stop supporting this. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…0156) In current recommended CDK Pipelines usage, the construct tree looks like this: ``` App -> Stack1 -> Stage -> Stack2 -> Resource ``` It's an easy mistake to forget `Stack2` (or make it a generic `Construct` instead), in which case the hierachy looks like the one below and `Stack1` will render Resource in its CloudFormation template: ``` App -> Stack1 -> Stage -> Construct -> Resource ``` This case should not have been allowed in the first place: `Stage`s define a new assembly scope and so `Stack1` does not exist from the point of view of `Resource`. Change `Stack.of()` to fail to find `Stack1` in this case, so that it becomes illegal to define `Resource` in this position. Fixes #9792, relates to #9669. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Move `Expires` class from s3-deployments to core. Rename to `Expiration` **BREAKING CHANGE**: s3-deployments property `expires` takes `cdk.Expiration` instead of `Expires` - **s3-deployments**: `BucketDeploymentProps.expires` now takes in type `cdk.Expiration` **Note**: PR separated from #9122 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
We were using a falsy check for the provided parameter values, which meant passing an empty string or 0 there would fail. Correctly change the check to explicitly test for 'undefined'. Fixes #10107 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…10217) The cross-region support stack was intended to not require bootstrapping. The recent "version check" feature added to the default synthesizer did lead to bootstrapping being required (because an SSM parameter needed to be provisioned in the target environment). Make adding that check switchable and switch it off for the support stack (which uses a `BootstraplessSynthesizer`). Fixes #10215. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
chore(cfn-include): fix typos in IncludedNestedStack docs ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
… errors (#10250) The `system metadata is correctly transformed` test fails sporadically due to two separate calls to `core.Expiration`. This causes build errors whenever the first call in `WHEN` occurs a few milliseconds before the second call to `GIVEN. Fixed by making a variable called `Expiration` to hold the expiration. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…10197) We weren't recursively parsing the argument of the short-form `Fn::GetAtt` if the arguments to it where given in the string form; which meant, if they were quoted (which is legal in YAML), we would add the quote to the logical ID of the resource, which is obviously incorrect. Fixes #10177 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…10209) Use key-value map of tags for `ComputeResources.computeResourcesTags`. Previously used type `Tag` disallowed adding multiple tags. Fixes #7350 BREAKING CHANGE: Changed type of `ComputeResources.computeResourcesTags` from `Tag` to map ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Support `Union Types` for code-first approach. `Union Types` are special types of Intermediate Types in CDK.
<details>
<summary>Desired GraphQL Union Type</summary>
```gql
union Search = Human | Droid | Starship
```
</details>
The above GraphQL Union Type can be expressed in CDK as the following:
<details>
<summary>CDK Code</summary>
```ts
const human = new appsync.ObjectType('Human', { definition: {} });
const droid = new appsync.ObjectType('Droid', { definition: {} });
const starship = new appsync.ObjectType('Starship', { definition: {} });
const search = new appsync.UnionType('Search', {
definition: [ human, droid, starship ],
});
api.addType(search);
```
</details>
----
*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…9938) Add `cloudformation:UpdateTerminationProtection` permission to the pipeline deployment role so that termination protection can be enabled for pipeline stacks. Currently, creating a pipeline stack with termination protection set to true causes an error: ``` ❌ PipelineStack failed: AccessDenied: User: arn:aws:sts::123456789012:assumed-role/cdk-hnb659fds-deploy-role-123456789012-eu-west-1/aws-cdk-william is not authorized to perform: cloudformation:UpdateTerminationProtection on resource: arn:aws:cloudformation:eu-west-1:123456789012:stack/PipelineStack/dbf8ad70-e5f4-11ea-961d-021e20b443de ``` ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Provide an `addSecurityGroup` method for ALBs for use cases where multiple security groups are needed. I opted for this approach over adding a new (and redundant) `securityGroups` prop to `ApplicationLoadBalancerProps` to keep the props targeted at the most common use case of a single (or default) group. fixes #5138 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Isolate the CLI integ tests from all global state; no shared state via `beforeEach()` statements anymore, no global variables, every test gets a fresh fixture in a unique directory. This is in preparation of making them run in parallel, but right now the behavior is still the same. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…10246) Since the `DefaultSynthesizer` recently started adding constructs into the Stack at construction time, that broke `this.node.setContext()` which requires that no children have been added to a construct yet when its context is being modified. To fix this, add the constructs just-in-time just before the stack is being synthesized. In order to give the `DefaultStackSynthesizer` a chance to modify the stack's construct tree before its template is being written out, the Synthesizer is now in full control of the order in which things happen. Change the call tree from: ``` synthesizeTree - stack._synthesizeTemplate - (write template) - this.synthesizer.synthesizeStackArtifacts - (register artifacts) ``` To: ``` synthesizeTree - stack.synthesizer.synthesize - stack._synthesizeTemplate - (write template) - (register artifacts) ``` All APIs involved in this call tree are either `@experimental` or `@internal`. BREAKING CHANGE: custom implementations of `IStackSynthesizer` must now implement `synthesize()` instead of `synthesizeStackArtifacts()`. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Oracle 11.x and the SE and SE1 engines are no longer supported by Oracle (and RDS). As of Sep 1, 2020, no new instances can be launched with these engines (with the license-included license type). Support for bring-your-own-license instances will be removed Oct 1. Also took the opportunity to remove deprecated usages of version-less engines from the README. See https://forums.aws.amazon.com/ann.jspa?annID=7341 for more details. fixes #9249 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Branches are automatically deleted by GitHub itself, so Mergify doesn't have to do that. In fact, Mergify trying to do it leaves the end result of every closed PR with a failing "cross" icon because the Mergify action to delete the head branch fails.
…ort (#9881) - This PR allows you to: 1. use `LaunchTemplate` for the managed nodegroups 2. specify custom AMI in the `LaunchTemplate` - `prop.vpc` of Pinger is now `ec2.IVpc` - bump cluster k8s version in the integration testing from `1.16` to `1.17` Closes: #9873 Closes: #9924 ## Note At this moment we use the property override to make it work. When cfn spec is updated we can use `CfnNodeGroup` to specify launch template natively, which should be backward-compatible with no breaking changes. Users will need to create `CfnLaunchTemplate` resource and pass the resource as the property to the nodegroup untill we support the LaunchTemplate L2(#6734). ## TODO - [x] integ testing - [x] unit testing - [x] update README ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…#10275) `env` and `output` from `options` should override the default. This fails an integration test that explicitly passes `cwd` ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
**[ISSUE]** `apiKeyConfig` has prop `expires` that has unclear documentation/not strongly typed and is prone to user errors. **[APPROACH]** Force `expires` to take `Expiration` class from `core` and will be able to output api key configurations easily through `Expiration` static functions: `after(...)`, `fromString(...)`, ` atDate(...)`, `atTimeStamp(...)`. Fixes #8698 BREAKING CHANGE: force `apiKeyConfig` require a Expiration class instead of string - **appsync**: Parameter `apiKeyConfig` takes `Expiration` class instead of `string` ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license