refactor(assets): API cleanups

[eladb]

Reorganize asset-related modules as follows:

• @aws-cdk/assets: core types related to assets such as filesystem operations and staging
• @aws-cdk/aws-s3-assets: file assets deployed to s3
• @aws-cdk/aws-ecr-assets: docker assets deployed to ecr
• @aws-cdk/assets-docker: deprecated

BREAKING CHANGE: AssetProps.packaging has been removed and is now automatically discovered based on the file type.

• assets: ZipDirectoryAsset has been removed, use aws-s3-assets.Asset.
• assets: FileAsset has been removed, use aws-s3-assets.Asset.
• lambda: Code.directory and Code.file have been removed. Use Code.asset.
• assets-docker: The module has been renamed to aws-ecr-assets

---

Pull Request Checklist

• Testing
  • Unit test added (prefer not to modify an existing test, otherwise, it's probably a breaking change)
  • CLI change?: coordinate update of integration tests with team
  • cdk-init template change?: coordinated update of integration tests with team
• Docs
  • jsdocs: All public APIs documented
  • README: README and/or documentation topic updated
  • Design: For significant features, design document added to design folder
• Title and Description
  • Change type: title prefixed with fix, feat and module name in parens, which will appear in changelog
  • Title: use lower-case and doesn't end with a period
  • Breaking?: last paragraph: "BREAKING CHANGE: <describe what changed + link for details>"
  • Issues: Indicate issues fixed via: "Fixes #xxx" or "Closes #xxx"
• Sensitive Modules (requires 2 PR approvers)
  • IAM Policy Document (in @aws-cdk/aws-iam)
  • EC2 Security Groups and ACLs (in @aws-cdk/aws-ec2)
  • Grant APIs (only if not based on official documentation with a reference)

---

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license.

[RomainMuller]

We're basically blocking all opportunities to extend Assets by bringing you own implementation... Conversely, this means Docker images can no longer be assets... I'm not sure this is a big deal or not, but somehow I'd really like those based off of the same mechanisms...

[RomainMuller]

Would like for this to feature & adhere to symlink control behavior...

[eladb]

Not sure what you mean. stat follows symlinks, so if the path is a symlink to a directory or file, it should just work.

[RomainMuller]

What I mean is I might want to prohibit symlinking to /etc/passwd for example... Or taking files from /lib64 (which I have encountered before and can cause a mountain of problems).

Basically, I want to control Symlink traversal here... so that I can choose where files may come from. And if I say "no symlink out of app root", then if the asset lives out of there you should fail on the spot.

[eladb]

We're basically blocking all opportunities to extend Assets by bringing you own implementation... Conversely, this means Docker images can no longer be assets... I'm not sure this is a big deal or not, but somehow I'd really like those based off of the same mechanisms...

A good point about semantics... Docker images are still assets from the cloud assembly perspective, but you are right that calling this class Asset makes this confusing. I am wondering if perhaps we should rename this to S3Asset, since basically that's the point - it's a local file that is uploaded to S3... Maybe this means that we need to rename the module as well?

[RomainMuller]

I'm favorable to renaming here if we want to tighten up the semantics. We still will need the staging behavior to be shareable... Anything that copies directories to the staging area needs to have the same inclusion/exclusion/symlink behavior...

[eladb]

@RomainMuller @rix0rrr please take another look. I've reorganized the assets modules to:

• @aws-cdk/assets: core types related to assets such as filesystem operations and staging
• @aws-cdk/aws-s3-assets: file assets deployed to s3
• @aws-cdk/aws-ecr-assets: docker assets deployed to ecr
• @aws-cdk/assets-docker: deprecated

[mergify]

Thanks so much for taking the time to contribute to the AWS CDK ❤️

We will shortly assign someone to review this pull request and help get it
merged. In the meantime, please take a minute to make sure you follow this
checklist:

• PR title type(scope): text
  • type: fix, feat, refactor go into CHANGELOG, chore is hidden
  • scope: name of module without aws- or cdk- prefix or postfix (e.g. s3 instead of aws-s3-deployment)
  • text: use all lower-case, do not end with a period, do not include issue refs
• PR Description
  • Rationale: describe rationale of change and approach taken
  • Issues: indicate issues fixed via: fixes #xxx or closes #xxx
  • Breaking?: last paragraph: BREAKING CHANGE: <describe what changed + link for details>
• Testing
  • Unit test added. Prefer to add a new test rather than modify existing tests
  • CLI or init templates change? Re-run/add CLI integration tests
• Documentation
  • README: update module README to describe new features
  • API docs: public APIs must be documented. Copy from official AWS docs when possible
  • Design: for significant features, follow design process