Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Added support for Code Signing Configuration #351

Merged
merged 12 commits into from
Oct 22, 2022
Merged

feat: Added support for Code Signing Configuration #351

merged 12 commits into from
Oct 22, 2022

Conversation

tsoe77
Copy link
Contributor

@tsoe77 tsoe77 commented Oct 11, 2022

Description

This PR adds code_signing_config_arn support.

The change doesn't effect any other things except it takes in code_signing_config_arn if user wants to provide one.

@tsoe77 tsoe77 mentioned this pull request Oct 11, 2022
Closed
@tsoe77 tsoe77 changed the title feat/code signing arn support feat: code signing arn support Oct 11, 2022
@tsoe77 tsoe77 changed the title feat: code signing arn support feat: Code signing arn support Oct 11, 2022
@tsoe77
Copy link
Contributor Author

tsoe77 commented Oct 11, 2022

@bryantbiggs I appreciate your review and feedback for #262. I addressed all of those in this PR. Could I get your review for this please?

@tsoe77 tsoe77 force-pushed the feat/code-signing-arn-support branch from d9a373a to dc3930d Compare October 14, 2022 21:24
@tsoe77
added code signing arn support
12d0447 
Signed-off-by: Thiha Soe <tsoe77@gmail.com>
@tsoe77
added code signing arn example
cc6e9e6 
Signed-off-by: Thiha Soe <tsoe77@gmail.com>
@tsoe77 tsoe77 force-pushed the feat/code-signing-arn-support branch from dc3930d to cc6e9e6 Compare October 14, 2022 21:25
@agjmills
Copy link

👍 looks good to me

@bryantbiggs thoughts?

bryantbiggs
bryantbiggs approved these changes Oct 18, 2022
View reviewed changes
Copy link
Member

@bryantbiggs bryantbiggs left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me, @antonbabenko what do you think

@antonbabenko
Copy link
Member

Thanks to everyone! I will review it and merge it later this week. I have some other things to do before.

antonbabenko
antonbabenko requested changes Oct 20, 2022
View reviewed changes
Copy link
Member

@antonbabenko antonbabenko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I tried to run example/code-signing and this was the error:

╷
│ Error: error starting Signing Job: ValidationException: StartSigningJobRequest:source:version should not be empty
│ {
│   RespMetadata: {
│     StatusCode: 400,
│     RequestID: "35c2c96f-8ac7-488d-a2a2-779a9aad584a"
│   },
│   Code_: "InvalidJobParameters",
│   Message_: "StartSigningJobRequest:source:version should not be empty"
│ }
│ 
│   with aws_signer_signing_job.this,
│   on main.tf line 52, in resource "aws_signer_signing_job" "this":
│   52: resource "aws_signer_signing_job" "this" {
│ 
╵

Please take a look and fix it.

examples/code-signing/README.md Show resolved Hide resolved
@tsoe77
Copy link
Contributor Author

tsoe77 commented Oct 20, 2022

taking a look

@tsoe77
Copy link
Contributor Author

tsoe77 commented Oct 22, 2022
edited
Loading

I tried to run example/code-signing and this was the error:

╷
│ Error: error starting Signing Job: ValidationException: StartSigningJobRequest:source:version should not be empty
│ {
│   RespMetadata: {
│     StatusCode: 400,
│     RequestID: "35c2c96f-8ac7-488d-a2a2-779a9aad584a"
│   },
│   Code_: "InvalidJobParameters",
│   Message_: "StartSigningJobRequest:source:version should not be empty"
│ }
│ 
│   with aws_signer_signing_job.this,
│   on main.tf line 52, in resource "aws_signer_signing_job" "this":
│   52: resource "aws_signer_signing_job" "this" {
│ 
╵

Please take a look and fix it.

@antonbabenko

This error occurs if S3 isn't ready to do the versioning yet. S3 object has version id of null when versioning is still propagating for the first time. I can reproduce the error as well but if I re-run the same in 5-10mins, it can pick up the version within the module itself. I will put a sleep 15mins in there.

Note

If you enable versioning on a bucket for the first time, it might take a short amount of time for the change to be fully > propagated. We recommend that you wait for 15 minutes after enabling versioning before issuing write operations (PUT or DELETE) on objects in the bucket.
Enabling versioning on buckets

@tsoe77
added 5mins timer for s3 version config to be populated properly
c281748 
Signed-off-by: Thiha Soe <tsoe77@gmail.com>
@tsoe77
added code signing example to main README
899896b 
Signed-off-by: Thiha Soe <tsoe77@gmail.com>
@tsoe77
added timer resource reference
4e78127 
Signed-off-by: Thiha Soe <tsoe77@gmail.com>
@tsoe77
Copy link
Contributor Author

tsoe77 commented Oct 22, 2022

@antonbabenko I added 5mins timer before uploading the s3 object in the example, example will run fine at first attempt now. Example README is also updated with time_sleep resource information and main README's example section has been updated as well.

@antonbabenko antonbabenko changed the title feat: Code signing arn support feat: Added support for Code Signing Configuration Oct 22, 2022
antonbabenko
antonbabenko approved these changes Oct 22, 2022
View reviewed changes
Copy link
Member

@antonbabenko antonbabenko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good. I have updated the example a bit and verified it.

@antonbabenko antonbabenko merged commit dd40178 into terraform-aws-modules:master Oct 22, 2022
antonbabenko pushed a commit that referenced this pull request Oct 22, 2022
@semantic-release-bot
chore(release): version 4.2.0 [skip ci]
fa92a39 
## [4.2.0](v4.1.4...v4.2.0) (2022-10-22)

### Features

* Added support for Code Signing Configuration ([#351](#351)) ([dd40178](dd40178))
@antonbabenko
Copy link
Member

This PR is included in version 4.2.0 🎉

@tsoe77 tsoe77 deleted the feat/code-signing-arn-support branch October 22, 2022 18:28
@github-actions
Copy link

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Nov 22, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@antonbabenko antonbabenko antonbabenko approved these changes

@bryantbiggs bryantbiggs bryantbiggs approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@tsoe77 @agjmills @antonbabenko @bryantbiggs