From 5f7c58bc9b4acc36a197e6ebebceda9923a50ec3 Mon Sep 17 00:00:00 2001 From: Kyle Wiest Date: Thu, 21 Oct 2021 21:56:08 -0700 Subject: [PATCH 1/7] docs: fix README - change Construct to Stage (#17079) A Stage is meant to hold collections of Stacks as a unit of deployment. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/core/README.md | 2 +- packages/aws-cdk-lib/README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/@aws-cdk/core/README.md b/packages/@aws-cdk/core/README.md index 1090d893c508d..79ac6e6bb3e4d 100644 --- a/packages/@aws-cdk/core/README.md +++ b/packages/@aws-cdk/core/README.md @@ -48,7 +48,7 @@ logical application. You can then treat that new unit the same way you used to be able to treat a single stack: by instantiating it multiple times for different instances of your application. -You can define a custom subclass of `Construct`, holding one or more +You can define a custom subclass of `Stage`, holding one or more `Stack`s, to represent a single logical instance of your application. As a final note: `Stack`s are not a unit of reuse. They describe physical diff --git a/packages/aws-cdk-lib/README.md b/packages/aws-cdk-lib/README.md index 5d225ce542aa5..40fc7c0d880af 100644 --- a/packages/aws-cdk-lib/README.md +++ b/packages/aws-cdk-lib/README.md @@ -81,7 +81,7 @@ logical application. You can then treat that new unit the same way you used to be able to treat a single stack: by instantiating it multiple times for different instances of your application. -You can define a custom subclass of `Construct`, holding one or more +You can define a custom subclass of `Stage`, holding one or more `Stack`s, to represent a single logical instance of your application. As a final note: `Stack`s are not a unit of reuse. They describe physical From d7aceec9fe2cad0f13f012000a60c06c06e0705c Mon Sep 17 00:00:00 2001 From: Mattia <5013654+mattiamatrix@users.noreply.github.com> Date: Fri, 22 Oct 2021 06:49:50 +0100 Subject: [PATCH 2/7] chore(aws-kinesisanalytics-flink): add support to Flink 1.13 (#17019) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Add support to Flink 1.13 in construct `@aws-cdk/aws-kinesisanalytics-flink ยป Application` This fixes #16985 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-kinesisanalytics-flink/README.md | 2 +- packages/@aws-cdk/aws-kinesisanalytics-flink/lib/types.ts | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/packages/@aws-cdk/aws-kinesisanalytics-flink/README.md b/packages/@aws-cdk/aws-kinesisanalytics-flink/README.md index 5322ff28027f7..830b59a2c7053 100644 --- a/packages/@aws-cdk/aws-kinesisanalytics-flink/README.md +++ b/packages/@aws-cdk/aws-kinesisanalytics-flink/README.md @@ -59,7 +59,7 @@ import * as logs from '@aws-cdk/aws-logs'; const flinkApp = new flink.Application(this, 'Application', { code: flink.ApplicationCode.fromBucket(bucket, 'my-app.jar'), - runtime: file.Runtime.FLINK_1_11, + runtime: file.Runtime.FLINK_1_13, checkpointingEnabled: true, // default is true checkpointInterval: cdk.Duration.seconds(30), // default is 1 minute minPauseBetweenCheckpoints: cdk.Duration.seconds(10), // default is 5 seconds diff --git a/packages/@aws-cdk/aws-kinesisanalytics-flink/lib/types.ts b/packages/@aws-cdk/aws-kinesisanalytics-flink/lib/types.ts index b92d55cb48518..02e56eee10966 100644 --- a/packages/@aws-cdk/aws-kinesisanalytics-flink/lib/types.ts +++ b/packages/@aws-cdk/aws-kinesisanalytics-flink/lib/types.ts @@ -37,7 +37,7 @@ export enum MetricsLevel { * configuration. */ export interface PropertyGroups { - readonly [propertyId: string]: {[mapKey: string]: string}; + readonly [propertyId: string]: { [mapKey: string]: string }; } /** @@ -53,6 +53,9 @@ export class Runtime { /** Flink Version 1.11 */ public static readonly FLINK_1_11 = Runtime.of('FLINK-1_11'); + /** Flink Version 1.13 */ + public static readonly FLINK_1_13 = Runtime.of('FLINK-1_13'); + /** Create a new Runtime with with an arbitrary Flink version string */ public static of(value: string) { return new Runtime(value); From 0520ca2a7ac695115df7cb43e1c0aececd6802ed Mon Sep 17 00:00:00 2001 From: Almas Sapargali Date: Fri, 22 Oct 2021 12:41:57 +0600 Subject: [PATCH 3/7] docs(amplify): fix files example in BuildSpec.fromObjectToYaml (#16701) passing `files: '**/*'` to artifacts doesn't work. It needs to be an array. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-amplify/README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/packages/@aws-cdk/aws-amplify/README.md b/packages/@aws-cdk/aws-amplify/README.md index a706cb73bb39b..472846ea276b6 100644 --- a/packages/@aws-cdk/aws-amplify/README.md +++ b/packages/@aws-cdk/aws-amplify/README.md @@ -55,7 +55,8 @@ const amplifyApp = new amplify.App(this, 'MyApp', { }, artifacts: { baseDirectory: 'public', - files: '**/*' + files: + - '**/*' } } }) From a0d4ee75ff6cdd0f1e4dba1273b9ff754da777db Mon Sep 17 00:00:00 2001 From: Calvin Combs <66279577+comcalvi@users.noreply.github.com> Date: Fri, 22 Oct 2021 00:39:25 -0700 Subject: [PATCH 4/7] chore(cli): stop hard-coding partition to 'aws' in hotswapping (#17085) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/aws-cdk/lib/api/hotswap-deployments.ts | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/packages/aws-cdk/lib/api/hotswap-deployments.ts b/packages/aws-cdk/lib/api/hotswap-deployments.ts index 138adf904c992..19b8405a7de19 100644 --- a/packages/aws-cdk/lib/api/hotswap-deployments.ts +++ b/packages/aws-cdk/lib/api/hotswap-deployments.ts @@ -35,8 +35,7 @@ export async function tryHotswapDeployment( parameters: assetParams, account: resolvedEnv.account, region: resolvedEnv.region, - // ToDo make this better: - partition: 'aws', + partition: (await sdk.currentAccount()).partition, // ToDo make this better: urlSuffix: 'amazonaws.com', listStackResources, From c74b0127af95f8e86b95a0be2f2c6cb30fab1103 Mon Sep 17 00:00:00 2001 From: Rico Huijbers Date: Fri, 22 Oct 2021 11:56:08 +0200 Subject: [PATCH 5/7] fix(core): `DefaultSynthesizer` deployments are never skipped (#17099) The `DefaultSynthesizer` always adds an SSM parameter with the bootstrap stack version, so that it can check that the bootstrap stack has a recent enough version. Unfortunately, the CDK CLI will refuse to short-circuit any deployment that uses SSM parameters, because it can't tell if the parameter has changed, and so it has to pessimize. Adding a magic marker to the description of the parameter will now exempt it from the check. Fixes #16959. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../stack-synthesizers/default-synthesizer.ts | 2 +- .../new-style-synthesis.test.ts | 1 + packages/@aws-cdk/cx-api/lib/cxapi.ts | 11 +++++++- .../test/blueprint/stack-deployment.test.ts | 4 +-- .../integ.newpipeline-with-vpc.expected.json | 2 +- .../test/integ.newpipeline.expected.json | 2 +- .../integ.pipeline-security.expected.json | 2 +- ...ne-with-assets-single-upload.expected.json | 2 +- .../integ.pipeline-with-assets.expected.json | 2 +- .../test/integ.pipeline.expected.json | 2 +- packages/aws-cdk/lib/api/deploy-stack.ts | 10 ++++--- .../aws-cdk/lib/api/util/cloudformation.ts | 13 ++++++--- .../aws-cdk/test/util/cloudformation.test.ts | 27 +++++++++++++++++-- 13 files changed, 61 insertions(+), 19 deletions(-) diff --git a/packages/@aws-cdk/core/lib/stack-synthesizers/default-synthesizer.ts b/packages/@aws-cdk/core/lib/stack-synthesizers/default-synthesizer.ts index 5c4072c3efc5c..aae69e36ef24e 100644 --- a/packages/@aws-cdk/core/lib/stack-synthesizers/default-synthesizer.ts +++ b/packages/@aws-cdk/core/lib/stack-synthesizers/default-synthesizer.ts @@ -600,7 +600,7 @@ function addBootstrapVersionRule(stack: Stack, requiredVersion: number, bootstra const param = new CfnParameter(stack, 'BootstrapVersion', { type: 'AWS::SSM::Parameter::Value', - description: 'Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store.', + description: `Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. ${cxapi.SSMPARAM_NO_INVALIDATE}`, default: bootstrapStackVersionSsmParameter, }); diff --git a/packages/@aws-cdk/core/test/stack-synthesis/new-style-synthesis.test.ts b/packages/@aws-cdk/core/test/stack-synthesis/new-style-synthesis.test.ts index 1528e91205f80..3a8d8c1e60b31 100644 --- a/packages/@aws-cdk/core/test/stack-synthesis/new-style-synthesis.test.ts +++ b/packages/@aws-cdk/core/test/stack-synthesis/new-style-synthesis.test.ts @@ -70,6 +70,7 @@ describe('new style synthesis', () => { const template = app.synth().getStackByName('Stack').template; expect(template?.Parameters?.BootstrapVersion?.Type).toEqual('AWS::SSM::Parameter::Value'); expect(template?.Parameters?.BootstrapVersion?.Default).toEqual('/cdk-bootstrap/hnb659fds/version'); + expect(template?.Parameters?.BootstrapVersion?.Description).toContain(cxapi.SSMPARAM_NO_INVALIDATE); const assertions = template?.Rules?.CheckBootstrapVersion?.Assertions ?? []; expect(assertions.length).toEqual(1); diff --git a/packages/@aws-cdk/cx-api/lib/cxapi.ts b/packages/@aws-cdk/cx-api/lib/cxapi.ts index 33d83e74ea45c..9b179e9a71b5f 100644 --- a/packages/@aws-cdk/cx-api/lib/cxapi.ts +++ b/packages/@aws-cdk/cx-api/lib/cxapi.ts @@ -31,4 +31,13 @@ export const CLI_VERSION_ENV = 'CDK_CLI_VERSION'; /** * If a context value is an object with this key, it indicates an error */ -export const PROVIDER_ERROR_KEY = '$providerError'; \ No newline at end of file +export const PROVIDER_ERROR_KEY = '$providerError'; + + +/** + * This SSM parameter does not invalidate the template + * + * If this string occurs in the description of an SSM parameter, the CLI + * will not assume that the stack must always be redeployed. + */ +export const SSMPARAM_NO_INVALIDATE = '[cdk:skip]'; \ No newline at end of file diff --git a/packages/@aws-cdk/pipelines/test/blueprint/stack-deployment.test.ts b/packages/@aws-cdk/pipelines/test/blueprint/stack-deployment.test.ts index ee9d5b29240ce..68ca1f20a20b6 100644 --- a/packages/@aws-cdk/pipelines/test/blueprint/stack-deployment.test.ts +++ b/packages/@aws-cdk/pipelines/test/blueprint/stack-deployment.test.ts @@ -31,7 +31,7 @@ describe('templateUrl', () => { const sd = StageDeployment.fromStage(stage); // THEN - expect(sd.stacks[0].templateUrl).toBe('https://cdk-hnb659fds-assets-111-us-east-1.s3.us-east-1.amazonaws.com/4ef627170a212f66f5d1d9240d967ef306f4820ff9cb05b3a7ec703df6af6c3e.json'); + expect(sd.stacks[0].templateUrl).toBe('https://cdk-hnb659fds-assets-111-us-east-1.s3.us-east-1.amazonaws.com/93ae4de94f81d0905c37db64b7304f5d65233ca4d9581d3a32215743c9bb92dd.json'); }); test('without region', () => { @@ -43,7 +43,7 @@ describe('templateUrl', () => { const sd = StageDeployment.fromStage(stage); // THEN - expect(sd.stacks[0].templateUrl).toBe('https://cdk-hnb659fds-assets-111-.s3.amazonaws.com/$%7BAWS::Region%7D/4ef627170a212f66f5d1d9240d967ef306f4820ff9cb05b3a7ec703df6af6c3e.json'); + expect(sd.stacks[0].templateUrl).toBe('https://cdk-hnb659fds-assets-111-.s3.amazonaws.com/$%7BAWS::Region%7D/93ae4de94f81d0905c37db64b7304f5d65233ca4d9581d3a32215743c9bb92dd.json'); }); }); diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-vpc.expected.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-vpc.expected.json index e0075942e6069..80a17d7243cb1 100644 --- a/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-vpc.expected.json +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline-with-vpc.expected.json @@ -2368,7 +2368,7 @@ "BootstrapVersion": { "Type": "AWS::SSM::Parameter::Value", "Default": "/cdk-bootstrap/hnb659fds/version", - "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store." + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" } }, "Rules": { diff --git a/packages/@aws-cdk/pipelines/test/integ.newpipeline.expected.json b/packages/@aws-cdk/pipelines/test/integ.newpipeline.expected.json index 07e65b9bd643f..935ad4ce5136a 100644 --- a/packages/@aws-cdk/pipelines/test/integ.newpipeline.expected.json +++ b/packages/@aws-cdk/pipelines/test/integ.newpipeline.expected.json @@ -2303,7 +2303,7 @@ "BootstrapVersion": { "Type": "AWS::SSM::Parameter::Value", "Default": "/cdk-bootstrap/hnb659fds/version", - "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store." + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" } }, "Rules": { diff --git a/packages/@aws-cdk/pipelines/test/integ.pipeline-security.expected.json b/packages/@aws-cdk/pipelines/test/integ.pipeline-security.expected.json index b72a78754a1d2..3d808a0f31767 100644 --- a/packages/@aws-cdk/pipelines/test/integ.pipeline-security.expected.json +++ b/packages/@aws-cdk/pipelines/test/integ.pipeline-security.expected.json @@ -2366,7 +2366,7 @@ "BootstrapVersion": { "Type": "AWS::SSM::Parameter::Value", "Default": "/cdk-bootstrap/hnb659fds/version", - "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store." + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" } }, "Rules": { diff --git a/packages/@aws-cdk/pipelines/test/integ.pipeline-with-assets-single-upload.expected.json b/packages/@aws-cdk/pipelines/test/integ.pipeline-with-assets-single-upload.expected.json index 8250f113b53e3..85f20ecf8995f 100644 --- a/packages/@aws-cdk/pipelines/test/integ.pipeline-with-assets-single-upload.expected.json +++ b/packages/@aws-cdk/pipelines/test/integ.pipeline-with-assets-single-upload.expected.json @@ -1519,7 +1519,7 @@ "BootstrapVersion": { "Type": "AWS::SSM::Parameter::Value", "Default": "/cdk-bootstrap/hnb659fds/version", - "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store." + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" } }, "Rules": { diff --git a/packages/@aws-cdk/pipelines/test/integ.pipeline-with-assets.expected.json b/packages/@aws-cdk/pipelines/test/integ.pipeline-with-assets.expected.json index c2e4cddc58aef..e236dbdb569ac 100644 --- a/packages/@aws-cdk/pipelines/test/integ.pipeline-with-assets.expected.json +++ b/packages/@aws-cdk/pipelines/test/integ.pipeline-with-assets.expected.json @@ -1576,7 +1576,7 @@ "BootstrapVersion": { "Type": "AWS::SSM::Parameter::Value", "Default": "/cdk-bootstrap/hnb659fds/version", - "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store." + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" } }, "Rules": { diff --git a/packages/@aws-cdk/pipelines/test/integ.pipeline.expected.json b/packages/@aws-cdk/pipelines/test/integ.pipeline.expected.json index 32a0a50bd90d5..0f158a1dffdf5 100644 --- a/packages/@aws-cdk/pipelines/test/integ.pipeline.expected.json +++ b/packages/@aws-cdk/pipelines/test/integ.pipeline.expected.json @@ -1299,7 +1299,7 @@ "BootstrapVersion": { "Type": "AWS::SSM::Parameter::Value", "Default": "/cdk-bootstrap/hnb659fds/version", - "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store." + "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" } }, "Rules": { diff --git a/packages/aws-cdk/lib/api/deploy-stack.ts b/packages/aws-cdk/lib/api/deploy-stack.ts index f58f441560e3e..6b5afe9673ead 100644 --- a/packages/aws-cdk/lib/api/deploy-stack.ts +++ b/packages/aws-cdk/lib/api/deploy-stack.ts @@ -14,7 +14,7 @@ import { CfnEvaluationException } from './hotswap/evaluate-cloudformation-templa import { ToolkitInfo } from './toolkit-info'; import { changeSetHasNoChanges, CloudFormationStack, TemplateParameters, waitForChangeSet, - waitForStackDeploy, waitForStackDelete, ParameterValues, + waitForStackDeploy, waitForStackDelete, ParameterValues, ParameterChanges, } from './util/cloudformation'; import { StackActivityMonitor, StackActivityProgress } from './util/cloudformation/stack-activity-monitor'; @@ -466,7 +466,7 @@ export async function destroyStack(options: DestroyStackOptions) { async function canSkipDeploy( deployStackOptions: DeployStackOptions, cloudFormationStack: CloudFormationStack, - parameterChanges: boolean): Promise { + parameterChanges: ParameterChanges): Promise { const deployName = deployStackOptions.deployName || deployStackOptions.stack.stackName; debug(`${deployName}: checking if we can skip deploy`); @@ -509,7 +509,11 @@ async function canSkipDeploy( // Parameters have changed if (parameterChanges) { - debug(`${deployName}: parameters have changed`); + if (parameterChanges === 'ssm') { + debug(`${deployName}: some parameters come from SSM so we have to assume they may have changed`); + } else { + debug(`${deployName}: parameters have changed`); + } return false; } diff --git a/packages/aws-cdk/lib/api/util/cloudformation.ts b/packages/aws-cdk/lib/api/util/cloudformation.ts index 19db988fdc15e..b3b5660d727c4 100644 --- a/packages/aws-cdk/lib/api/util/cloudformation.ts +++ b/packages/aws-cdk/lib/api/util/cloudformation.ts @@ -1,3 +1,4 @@ +import { SSMPARAM_NO_INVALIDATE } from '@aws-cdk/cx-api'; import { CloudFormation } from 'aws-sdk'; import { debug } from '../../logging'; import { deserializeStructure } from '../../serialize'; @@ -11,6 +12,7 @@ export type Template = { interface TemplateParameter { Type: string; Default?: any; + Description?: string; [key: string]: any; } @@ -424,11 +426,12 @@ export class ParameterValues { /** * Whether this set of parameter updates will change the actual stack values */ - public hasChanges(currentValues: Record): boolean { + public hasChanges(currentValues: Record): ParameterChanges { // If any of the parameters are SSM parameters, deploying must always happen - // because we can't predict what the values will be. - if (Object.values(this.formalParams).some(p => p.Type.startsWith('AWS::SSM::Parameter::'))) { - return true; + // because we can't predict what the values will be. We will allow some + // parameters to opt out of this check by having a magic string in their description. + if (Object.values(this.formalParams).some(p => p.Type.startsWith('AWS::SSM::Parameter::') && !p.Description?.includes(SSMPARAM_NO_INVALIDATE))) { + return 'ssm'; } // Otherwise we're dirty if: @@ -445,3 +448,5 @@ export class ParameterValues { return false; } } + +export type ParameterChanges = boolean | 'ssm'; \ No newline at end of file diff --git a/packages/aws-cdk/test/util/cloudformation.test.ts b/packages/aws-cdk/test/util/cloudformation.test.ts index c8c034ba23f67..40a748d50ea37 100644 --- a/packages/aws-cdk/test/util/cloudformation.test.ts +++ b/packages/aws-cdk/test/util/cloudformation.test.ts @@ -1,3 +1,4 @@ +import { SSMPARAM_NO_INVALIDATE } from '@aws-cdk/cx-api'; import { CloudFormationStack, TemplateParameters } from '../../lib/api/util/cloudformation'; import { MockedObject, MockSdkProvider, SyncHandlerSubsetOf } from './mock-sdk'; @@ -81,10 +82,32 @@ test('if a parameter is retrieved from SSM, the parameters always count as chang const oldValues = { Foo: '/Some/Key' }; // If we don't pass a new value - expect(params.updateExisting({}, oldValues).hasChanges(oldValues)).toEqual(true); + expect(params.updateExisting({}, oldValues).hasChanges(oldValues)).toEqual('ssm'); // If we do pass a new value but it's the same as the old one - expect(params.updateExisting({ Foo: '/Some/Key' }, oldValues).hasChanges(oldValues)).toEqual(true); + expect(params.updateExisting({ Foo: '/Some/Key' }, oldValues).hasChanges(oldValues)).toEqual('ssm'); +}); + +test('if a parameter is retrieved from SSM, the parameters doesnt count as changed if it has the magic marker', () => { + const params = TemplateParameters.fromTemplate({ + Parameters: { + Foo: { + Type: 'AWS::SSM::Parameter::Name', + Default: '/Some/Key', + Description: `blabla ${SSMPARAM_NO_INVALIDATE}`, + }, + }, + }); + const oldValues = { Foo: '/Some/Key' }; + + // If we don't pass a new value + expect(params.updateExisting({}, oldValues).hasChanges(oldValues)).toEqual(false); + + // If we do pass a new value but it's the same as the old one + expect(params.updateExisting({ Foo: '/Some/Key' }, oldValues).hasChanges(oldValues)).toEqual(false); + + // If we do pass a new value and it's different + expect(params.updateExisting({ Foo: '/OTHER/Key' }, oldValues).hasChanges(oldValues)).toEqual(true); }); test('empty string is a valid update value', () => { From 260df31c1117f60a7a92f7845e4e15386225b5c6 Mon Sep 17 00:00:00 2001 From: Nick Lynch Date: Fri, 22 Oct 2021 15:58:15 +0100 Subject: [PATCH 6/7] chore: include RELEASE_NOTES in packed distribution (#17118) We now create and generate a `RELEASE_NOTES.md` file as part of our build, with the intent to use it for our GitHub release publishing. See (#16942) and https://github.com/cdklabs/aws-delivlib/pull/1044. What I missed is that after the build, we pack, and then only include what ends up in `./dist` in the final build artifact that goes to publishing. This fix includes the release notes in the dist folder so it will be picked up and used by the release process. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- pack.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pack.sh b/pack.sh index d270fb28271c5..86c29bacbd48c 100755 --- a/pack.sh +++ b/pack.sh @@ -92,8 +92,9 @@ cat > ${distdir}/build.json < Date: Fri, 22 Oct 2021 19:18:45 +0200 Subject: [PATCH 7/7] chore(codebuild): make examples compile (#17123) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/@aws-cdk/aws-codebuild/README.md | 81 ++++++++++++------- .../lib/untrusted-code-boundary-policy.ts | 3 +- 2 files changed, 52 insertions(+), 32 deletions(-) diff --git a/packages/@aws-cdk/aws-codebuild/README.md b/packages/@aws-cdk/aws-codebuild/README.md index d4b31c1bf91db..ff73599bca8e4 100644 --- a/packages/@aws-cdk/aws-codebuild/README.md +++ b/packages/@aws-cdk/aws-codebuild/README.md @@ -30,7 +30,7 @@ $ npm i @aws-cdk/aws-codebuild Import it into your code: -```ts +```ts nofixture import * as codebuild from '@aws-cdk/aws-codebuild'; ``` @@ -56,7 +56,6 @@ CodeBuild!`: Use an AWS CodeCommit repository as the source of this build: ```ts -import * as codebuild from '@aws-cdk/aws-codebuild'; import * as codecommit from '@aws-cdk/aws-codecommit'; const repository = new codecommit.Repository(this, 'MyRepo', { repositoryName: 'foo' }); @@ -70,10 +69,8 @@ new codebuild.Project(this, 'MyFirstCodeCommitProject', { Create a CodeBuild project with an S3 bucket as the source: ```ts -import * as codebuild from '@aws-cdk/aws-codebuild'; -import * as s3 from '@aws-cdk/aws-s3'; - const bucket = new s3.Bucket(this, 'MyBucket'); + new codebuild.Project(this, 'MyProject', { source: codebuild.Source.s3({ bucket: bucket, @@ -140,7 +137,9 @@ const gitHubSource = codebuild.Source.gitHub({ CodeBuild Projects can produce Artifacts and upload them to S3. For example: ```ts -const project = codebuild.Project(stack, 'MyProject', { +declare const bucket: s3.Bucket; + +const project = new codebuild.Project(this, 'MyProject', { buildSpec: codebuild.BuildSpec.fromObject({ version: '0.2', }), @@ -193,7 +192,7 @@ new codebuild.Project(this, 'Project', { owner: 'awslabs', repo: 'aws-cdk', }), - cache: codebuild.Cache.bucket(new Bucket(this, 'Bucket')) + cache: codebuild.Cache.bucket(new s3.Bucket(this, 'Bucket')) }); ``` @@ -214,7 +213,7 @@ new codebuild.Project(this, 'Project', { }), // Enable Docker AND custom caching - cache: codebuild.Cache.local(LocalCacheMode.DOCKER_LAYER, LocalCacheMode.CUSTOM) + cache: codebuild.Cache.local(codebuild.LocalCacheMode.DOCKER_LAYER, codebuild.LocalCacheMode.CUSTOM) }); ``` @@ -260,6 +259,8 @@ Note that the `WindowsBuildImage` version of the static methods accepts an optio which can be either `WindowsImageType.STANDARD`, the default, or `WindowsImageType.SERVER_2019`: ```ts +declare const ecrRepository: ecr.Repository; + new codebuild.Project(this, 'Project', { environment: { buildImage: codebuild.WindowsBuildImage.fromEcrRepository(ecrRepository, 'v1.0', codebuild.WindowsImageType.SERVER_2019), @@ -269,7 +270,7 @@ new codebuild.Project(this, 'Project', { objectKey: 'path/to/cert.pem', }, }, - ... + // ... }) ``` @@ -296,7 +297,7 @@ new codebuild.Project(this, 'Project', { environment: { buildImage: codebuild.LinuxGpuBuildImage.DLC_TENSORFLOW_2_1_0_INFERENCE, }, - ... + // ... }) ``` @@ -315,7 +316,7 @@ new codebuild.Project(this, 'Project', { buildImage: codebuild.LinuxGpuBuildImage.awsDeepLearningContainersImage( 'tensorflow-inference', '2.1.0-gpu-py36-cu101-ubuntu18.04', '123456789012'), }, - ... + // ... }) ``` @@ -331,10 +332,9 @@ By default, logs will go to cloudwatch. new codebuild.Project(this, 'Project', { logging: { cloudWatch: { - logGroup: new cloudwatch.LogGroup(this, `MyLogGroup`), + logGroup: new logs.LogGroup(this, `MyLogGroup`), } }, - ... }) ``` @@ -347,7 +347,6 @@ new codebuild.Project(this, 'Project', { bucket: new s3.Bucket(this, `LogBucket`) } }, - ... }) ``` @@ -358,7 +357,7 @@ like GitHub: ```ts new codebuild.GitHubSourceCredentials(this, 'CodeBuildGitHubCreds', { - accessToken: cdk.SecretValue.secretsManager('my-token'), + accessToken: SecretValue.secretsManager('my-token'), }); // GitHub Enterprise is almost the same, // except the class is called GitHubEnterpriseSourceCredentials @@ -368,8 +367,8 @@ and BitBucket: ```ts new codebuild.BitBucketSourceCredentials(this, 'CodeBuildBitBucketCreds', { - username: cdk.SecretValue.secretsManager('my-bitbucket-creds', { jsonField: 'username' }), - password: cdk.SecretValue.secretsManager('my-bitbucket-creds', { jsonField: 'password' }), + username: SecretValue.secretsManager('my-bitbucket-creds', { jsonField: 'username' }), + password: SecretValue.secretsManager('my-bitbucket-creds', { jsonField: 'password' }), }); ``` @@ -409,8 +408,10 @@ if you'd rather not have those permissions added, you can opt out of it when creating the project: ```ts +declare const source: codebuild.Source; + const project = new codebuild.Project(this, 'Project', { - // ... + source, grantReportGroupPermissions: false, }); ``` @@ -419,10 +420,13 @@ Alternatively, you can specify an ARN of an existing resource group, instead of a simple name, in your buildspec: ```ts +declare const source: codebuild.Source; + // create a new ReportGroup const reportGroup = new codebuild.ReportGroup(this, 'ReportGroup'); const project = new codebuild.Project(this, 'Project', { + source, buildSpec: codebuild.BuildSpec.fromObject({ // ... reports: { @@ -438,6 +442,9 @@ const project = new codebuild.Project(this, 'Project', { If you do that, you need to grant the project's role permissions to write reports to that report group: ```ts +declare const project: codebuild.Project; +declare const reportGroup: codebuild.ReportGroup; + reportGroup.grantWrite(project); ``` @@ -456,8 +463,12 @@ project as a AWS CloudWatch event rule target: ```ts // start build when a commit is pushed +import * as codecommit from '@aws-cdk/aws-codecommit'; import * as targets from '@aws-cdk/aws-events-targets'; +declare const codeCommitRepository: codecommit.Repository; +declare const project: codebuild.Project; + codeCommitRepository.onCommit('OnCommit', { target: new targets.CodeBuildProject(project), }); @@ -469,6 +480,10 @@ To define Amazon CloudWatch event rules for build projects, use one of the `onXx methods: ```ts +import * as targets from '@aws-cdk/aws-events-targets'; +declare const fn: lambda.Function; +declare const project: codebuild.Project; + const rule = project.onStateChange('BuildStateChange', { target: new targets.LambdaFunction(fn) }); @@ -480,7 +495,11 @@ To define CodeStar Notification rules for Projects, use one of the `notifyOnXxx( They are very similar to `onXxx()` methods for CloudWatch events: ```ts -const target = new chatbot.SlackChannelConfiguration(stack, 'MySlackChannel', { +import * as chatbot from '@aws-cdk/aws-chatbot'; + +declare const project: codebuild.Project; + +const target = new chatbot.SlackChannelConfiguration(this, 'MySlackChannel', { slackChannelConfigurationName: 'YOUR_CHANNEL_NAME', slackWorkspaceId: 'YOUR_SLACK_WORKSPACE_ID', slackChannelId: 'YOUR_SLACK_CHANNEL_ID', @@ -495,6 +514,10 @@ CodeBuild Projects can get their sources from multiple places, and produce multiple outputs. For example: ```ts +import * as codecommit from '@aws-cdk/aws-codecommit'; +declare const repo: codecommit.Repository; +declare const bucket: s3.Bucket; + const project = new codebuild.Project(this, 'MyProject', { secondarySources: [ codebuild.Source.codeCommit({ @@ -586,6 +609,8 @@ to access the resources that it needs by using the For example: ```ts +declare const loadBalancer: elbv2.ApplicationLoadBalancer; + const vpc = new ec2.Vpc(this, 'MyVPC'); const project = new codebuild.Project(this, 'MyProject', { vpc: vpc, @@ -608,7 +633,7 @@ The only supported file system type is `EFS`. For example: ```ts -new codebuild.Project(stack, 'MyProject', { +new codebuild.Project(this, 'MyProject', { buildSpec: codebuild.BuildSpec.fromObject({ version: '0.2', }), @@ -635,9 +660,9 @@ It returns an object containing the batch service role that was created, or `undefined` if batch builds could not be enabled, for example if the project was imported. ```ts -import * as codebuild from '@aws-cdk/aws-codebuild'; +declare const source: codebuild.Source; -const project = new codebuild.Project(this, 'MyProject', { ... }); +const project = new codebuild.Project(this, 'MyProject', { source, }); if (project.enableBatchBuilds()) { console.log('Batch builds were enabled'); @@ -652,9 +677,7 @@ The default is 60 minutes. An example of overriding the default follows. ```ts -import * as codebuild from '@aws-cdk/aws-codebuild'; - -new codebuild.Project(stack, 'MyProject', { +new codebuild.Project(this, 'MyProject', { timeout: Duration.minutes(90) }); ``` @@ -665,9 +688,7 @@ As an example, to allow your Project to queue for up to thirty (30) minutes befo use the following code. ```ts -import * as codebuild from '@aws-cdk/aws-codebuild'; - -new codebuild.Project(stack, 'MyProject', { +new codebuild.Project(this, 'MyProject', { queuedTimeout: Duration.minutes(30) }); ``` @@ -679,9 +700,7 @@ It is possible to limit the maximum concurrent builds to value between 1 and the By default there is no explicit limit. ```ts -import * as codebuild from '@aws-cdk/aws-codebuild'; - -new codebuild.Project(stack, 'MyProject', { +new codebuild.Project(this, 'MyProject', { concurrentBuildLimit: 1 }); ``` diff --git a/packages/@aws-cdk/aws-codebuild/lib/untrusted-code-boundary-policy.ts b/packages/@aws-cdk/aws-codebuild/lib/untrusted-code-boundary-policy.ts index 229cb547e7c1f..1a94c521fc08a 100644 --- a/packages/@aws-cdk/aws-codebuild/lib/untrusted-code-boundary-policy.ts +++ b/packages/@aws-cdk/aws-codebuild/lib/untrusted-code-boundary-policy.ts @@ -39,7 +39,8 @@ export interface UntrustedCodeBoundaryPolicyProps { * * @example * - * iam.PermissionsBoundary.of(project).apply(new UntrustedCodeBoundaryPolicy(this, 'Boundary')); + * declare const project: codebuild.Project; + * iam.PermissionsBoundary.of(project).apply(new codebuild.UntrustedCodeBoundaryPolicy(this, 'Boundary')); */ export class UntrustedCodeBoundaryPolicy extends iam.ManagedPolicy { constructor(scope: Construct, id: string, props: UntrustedCodeBoundaryPolicyProps = {}) {