Skip to content

Commit

Permalink
Merge branch 'main' into fix-repeated-tarball-invocations
Browse files Browse the repository at this point in the history
  • Loading branch information
@mergify
mergify[bot] committed Feb 28, 2023
2 parents eb45b05 + 4b08e20 commit c7ccff0
Show file tree
Hide file tree
Showing 65 changed files with 2,051 additions and 453 deletions.
1 change: 1 addition & 0 deletions packages/@aws-cdk-testing/cli-integ/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,7 @@
"p-queue": "^6.6.2",
"semver": "^7.3.8",
"ts-mock-imports": "^1.3.8",
"yaml": "1.10.2",
"yargs": "^17.7.0"
},
"repository": {
Expand Down
36 changes: 36 additions & 0 deletions packages/@aws-cdk-testing/cli-integ/tests/cli-integ-tests/bootstrapping.integtest.ts
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
import * as fs from 'fs';
import * as path from 'path';
import * as yaml from 'yaml';
import { integTest, randomString, withoutBootstrap } from '../../lib';

jest.setTimeout(2 * 60 * 60_000); // Includes the time to acquire locks, worst-case single-threaded runtime
Expand Down Expand Up @@ -196,6 +197,41 @@ integTest('can dump the template, modify and use it to deploy a custom bootstrap
});
}));

integTest('a customized template vendor will not overwrite the default template', withoutBootstrap(async (fixture) => {
// Initial bootstrap
const toolkitStackName = fixture.bootstrapStackName;
await fixture.cdkBootstrapModern({
toolkitStackName,
cfnExecutionPolicy: 'arn:aws:iam::aws:policy/AdministratorAccess',
});

// Customize template
const templateStr = await fixture.cdkBootstrapModern({
// toolkitStackName doesn't matter for this particular invocation
toolkitStackName,
showTemplate: true,
cliOptions: {
captureStderr: false,
},
});

const template = yaml.parse(templateStr, { schema: 'core' });
template.Parameters.BootstrapVariant.Default = 'CustomizedVendor';
const filename = path.join(fixture.integTestDir, `${fixture.qualifier}-template.yaml`);
fs.writeFileSync(filename, yaml.stringify(template, { schema: 'yaml-1.1' }), { encoding: 'utf-8' });

// Rebootstrap. For some reason, this doesn't cause a failure, it's a successful no-op.
const output = await fixture.cdkBootstrapModern({
toolkitStackName,
template: filename,
cfnExecutionPolicy: 'arn:aws:iam::aws:policy/AdministratorAccess',
cliOptions: {
captureStderr: true,
},
});
expect(output).toContain('Not overwriting it with a template containing');
}));

integTest('can use the default permissions boundary to bootstrap', withoutBootstrap(async (fixture) => {
let template = await fixture.cdkBootstrapModern({
// toolkitStackName doesn't matter for this particular invocation
Expand Down
6 changes: 3 additions & 3 deletions ...db/test/integ.cluster-rotation.lit.js.snapshot/aws-cdk-docdb-cluster-rotation.assets.json
View file
Original file line number Diff line number Diff line change
@@ -1,15 +1,15 @@
{
"version": "20.0.0",
"version": "30.1.0",
"files": {
"16960a7525b0e7f3fc99af30374461429f32d815db45bab3e136c4a994140575": {
"ffa0280c20139b5a0ec753fdb4365af29fb08ea9703b9139810054417bc99c10": {
"source": {
"path": "aws-cdk-docdb-cluster-rotation.template.json",
"packaging": "file"
},
"destinations": {
"current_account-current_region": {
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
"objectKey": "16960a7525b0e7f3fc99af30374461429f32d815db45bab3e136c4a994140575.json",
"objectKey": "ffa0280c20139b5a0ec753fdb4365af29fb08ea9703b9139810054417bc99c10.json",
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
}
}
Expand Down
4 changes: 2 additions & 2 deletions .../test/integ.cluster-rotation.lit.js.snapshot/aws-cdk-docdb-cluster-rotation.template.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -508,7 +508,7 @@
}
}
},
"DatabaseSecretAttachmentPolicy5ACFE6CA": {
"DatabaseSecretPolicyEE73D3F8": {
"Type": "AWS::SecretsManager::ResourcePolicy",
"Properties": {
"ResourcePolicy": {
Expand Down Expand Up @@ -540,7 +540,7 @@
"Version": "2012-10-17"
},
"SecretId": {
"Ref": "DatabaseSecretAttachmentE5D1B020"
"Ref": "DatabaseSecret3B817195"
}
}
},
Expand Down
2 changes: 1 addition & 1 deletion packages/@aws-cdk/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/cdk.out
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
{"version":"20.0.0"}
{"version":"30.1.0"}
2 changes: 1 addition & 1 deletion packages/@aws-cdk/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/integ.json
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{
"version": "20.0.0",
"version": "30.1.0",
"testCases": {
"integ.cluster-rotation.lit": {
"stacks": [
Expand Down
29 changes: 19 additions & 10 deletions packages/@aws-cdk/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/manifest.json
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,6 @@
{
"version": "20.0.0",
"version": "30.1.0",
"artifacts": {
"Tree": {
"type": "cdk:tree",
"properties": {
"file": "tree.json"
}
},
"aws-cdk-docdb-cluster-rotation.assets": {
"type": "cdk:asset-manifest",
"properties": {
Expand All @@ -23,7 +17,7 @@
"validateOnSynth": false,
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}",
"cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}",
"stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/16960a7525b0e7f3fc99af30374461429f32d815db45bab3e136c4a994140575.json",
"stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/ffa0280c20139b5a0ec753fdb4365af29fb08ea9703b9139810054417bc99c10.json",
"requiresBootstrapStackVersion": 6,
"bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version",
"additionalDependencies": [
Expand Down Expand Up @@ -213,10 +207,10 @@
"data": "DatabaseSecretAttachmentRotationScheduleA4E9F034"
}
],
"/aws-cdk-docdb-cluster-rotation/Database/Secret/Attachment/Policy/Resource": [
"/aws-cdk-docdb-cluster-rotation/Database/Secret/Policy/Resource": [
{
"type": "aws:cdk:logicalId",
"data": "DatabaseSecretAttachmentPolicy5ACFE6CA"
"data": "DatabaseSecretPolicyEE73D3F8"
}
],
"/aws-cdk-docdb-cluster-rotation/Database/Resource": [
Expand Down Expand Up @@ -260,9 +254,24 @@
"type": "aws:cdk:logicalId",
"data": "CheckBootstrapVersion"
}
],
"DatabaseSecretAttachmentPolicy5ACFE6CA": [
{
"type": "aws:cdk:logicalId",
"data": "DatabaseSecretAttachmentPolicy5ACFE6CA",
"trace": [
"!!DESTRUCTIVE_CHANGES: WILL_DESTROY"
]
}
]
},
"displayName": "aws-cdk-docdb-cluster-rotation"
},
"Tree": {
"type": "cdk:tree",
"properties": {
"file": "tree.json"
}
}
}
}
150 changes: 83 additions & 67 deletions packages/@aws-cdk/aws-docdb/test/integ.cluster-rotation.lit.js.snapshot/tree.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,14 +4,6 @@
"id": "App",
"path": "",
"children": {
"Tree": {
"id": "Tree",
"path": "Tree",
"constructInfo": {
"fqn": "constructs.Construct",
"version": "10.1.85"
}
},
"aws-cdk-docdb-cluster-rotation": {
"id": "aws-cdk-docdb-cluster-rotation",
"path": "aws-cdk-docdb-cluster-rotation",
Expand Down Expand Up @@ -91,8 +83,8 @@
"id": "Acl",
"path": "aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet1/Acl",
"constructInfo": {
"fqn": "constructs.Construct",
"version": "10.1.85"
"fqn": "@aws-cdk/core.Resource",
"version": "0.0.0"
}
},
"RouteTable": {
Expand Down Expand Up @@ -258,8 +250,8 @@
"id": "Acl",
"path": "aws-cdk-docdb-cluster-rotation/VPC/PublicSubnet2/Acl",
"constructInfo": {
"fqn": "constructs.Construct",
"version": "10.1.85"
"fqn": "@aws-cdk/core.Resource",
"version": "0.0.0"
}
},
"RouteTable": {
Expand Down Expand Up @@ -425,8 +417,8 @@
"id": "Acl",
"path": "aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet1/Acl",
"constructInfo": {
"fqn": "constructs.Construct",
"version": "10.1.85"
"fqn": "@aws-cdk/core.Resource",
"version": "0.0.0"
}
},
"RouteTable": {
Expand Down Expand Up @@ -544,8 +536,8 @@
"id": "Acl",
"path": "aws-cdk-docdb-cluster-rotation/VPC/PrivateSubnet2/Acl",
"constructInfo": {
"fqn": "constructs.Construct",
"version": "10.1.85"
"fqn": "@aws-cdk/core.Resource",
"version": "0.0.0"
}
},
"RouteTable": {
Expand Down Expand Up @@ -850,64 +842,64 @@
"fqn": "@aws-cdk/aws-secretsmanager.RotationSchedule",
"version": "0.0.0"
}
},
"Policy": {
"id": "Policy",
"path": "aws-cdk-docdb-cluster-rotation/Database/Secret/Attachment/Policy",
"children": {
"Resource": {
"id": "Resource",
"path": "aws-cdk-docdb-cluster-rotation/Database/Secret/Attachment/Policy/Resource",
"attributes": {
"aws:cdk:cloudformation:type": "AWS::SecretsManager::ResourcePolicy",
"aws:cdk:cloudformation:props": {
"resourcePolicy": {
"Statement": [
{
"Action": "secretsmanager:DeleteSecret",
"Effect": "Deny",
"Principal": {
"AWS": {
"Fn::Join": [
"",
[
"arn:",
{
"Ref": "AWS::Partition"
},
":iam::",
{
"Ref": "AWS::AccountId"
},
":root"
]
]
}
},
"Resource": "*"
}
},
"constructInfo": {
"fqn": "@aws-cdk/aws-secretsmanager.SecretTargetAttachment",
"version": "0.0.0"
}
},
"Policy": {
"id": "Policy",
"path": "aws-cdk-docdb-cluster-rotation/Database/Secret/Policy",
"children": {
"Resource": {
"id": "Resource",
"path": "aws-cdk-docdb-cluster-rotation/Database/Secret/Policy/Resource",
"attributes": {
"aws:cdk:cloudformation:type": "AWS::SecretsManager::ResourcePolicy",
"aws:cdk:cloudformation:props": {
"resourcePolicy": {
"Statement": [
{
"Action": "secretsmanager:DeleteSecret",
"Effect": "Deny",
"Principal": {
"AWS": {
"Fn::Join": [
"",
[
"arn:",
{
"Ref": "AWS::Partition"
},
":iam::",
{
"Ref": "AWS::AccountId"
},
":root"
]
]
}
],
"Version": "2012-10-17"
},
"secretId": {
"Ref": "DatabaseSecretAttachmentE5D1B020"
},
"Resource": "*"
}
}
],
"Version": "2012-10-17"
},
"constructInfo": {
"fqn": "@aws-cdk/aws-secretsmanager.CfnResourcePolicy",
"version": "0.0.0"
"secretId": {
"Ref": "DatabaseSecret3B817195"
}
}
},
"constructInfo": {
"fqn": "@aws-cdk/aws-secretsmanager.ResourcePolicy",
"fqn": "@aws-cdk/aws-secretsmanager.CfnResourcePolicy",
"version": "0.0.0"
}
}
},
"constructInfo": {
"fqn": "@aws-cdk/aws-secretsmanager.SecretTargetAttachment",
"fqn": "@aws-cdk/aws-secretsmanager.ResourcePolicy",
"version": "0.0.0"
}
}
Expand Down Expand Up @@ -1025,8 +1017,8 @@
"id": "SARMapping",
"path": "aws-cdk-docdb-cluster-rotation/Database/RotationSingleUser/SARMapping",
"constructInfo": {
"fqn": "constructs.Construct",
"version": "10.1.85"
"fqn": "@aws-cdk/core.CfnMapping",
"version": "0.0.0"
}
},
"Resource": {
Expand Down Expand Up @@ -1120,17 +1112,41 @@
"fqn": "@aws-cdk/aws-docdb.DatabaseCluster",
"version": "0.0.0"
}
},
"BootstrapVersion": {
"id": "BootstrapVersion",
"path": "aws-cdk-docdb-cluster-rotation/BootstrapVersion",
"constructInfo": {
"fqn": "@aws-cdk/core.CfnParameter",
"version": "0.0.0"
}
},
"CheckBootstrapVersion": {
"id": "CheckBootstrapVersion",
"path": "aws-cdk-docdb-cluster-rotation/CheckBootstrapVersion",
"constructInfo": {
"fqn": "@aws-cdk/core.CfnRule",
"version": "0.0.0"
}
}
},
"constructInfo": {
"fqn": "@aws-cdk/core.Stack",
"version": "0.0.0"
}
},
"Tree": {
"id": "Tree",
"path": "Tree",
"constructInfo": {
"fqn": "constructs.Construct",
"version": "10.1.85"
"version": "10.1.252"
}
}
},
"constructInfo": {
"fqn": "constructs.Construct",
"version": "10.1.85"
"fqn": "@aws-cdk/core.App",
"version": "0.0.0"
}
}
}
Loading

0 comments on commit c7ccff0

Please sign in to comment.