chore(release): 1.77.0 #11901
Merged
chore(release): 1.77.0 #11901
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Making the issue templates title placeholder more explicit to avoid confusion since we've been getting a lot of issues with titles not formatted correctly. Also changing from brackets to parens to match PR titles, which will make adding PRs to the auto/label github action easier. That PR is coming later today. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Also create a 777 `/tmp/yarn-cache` like we do for `npm` in the `Dockerfile`. See bug reported in Slack https://cdk-dev.slack.com/archives/C018XT6REKT/p1606105713011400 I was not able to reproduce the problem on my machine but it's anyway safer and cleaner like this. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
This PR creates a construct (`EdgeFunction`) for Lambda@Edge functions. CloudFront requires that a function be in us-east-1 to be used with Lambda@Edge, even if the logical distribution is created via another region. The initial goal of this construct is to make it easier to request and work with a function in us-east-1 when the primary stack is in another region. In the future, this can be extended to validate other Lambda@Edge restrictions. See https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-requirements-limits.html and #9833 for more information on those limitations. Thanks to @asterikx for the inspiration and consolidated writeup in #1575. Related changes: * When updating the CloudFront README, I noticed that the `Distribution` sub-section hadn't been updated when it was flipped from Experimental to Dev Preview. * A minor docstring fix for Lambda. fixes #9862 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 10.17.46 to 10.17.47. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Signed-off-by: dependabot-preview[bot] <[email protected]> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: AWS CDK Team <[email protected]> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Creates the v2 init templates by first copying the v1 init templates wholesale, and then applying a series of changes to make the templates v2-compatible. This mostly involves adjusting dependencies and import statements. For ease of review, I suggest looking at the second commit, which is just the changes to the v2 templates from the v1 baseline. One call-out -- we don't (yet) have a plan for assert for v2. This is being tracked in the v2 project board, but is currently out of scope for the alpha release. This means I had to rewrite several tests that used assert to doing much simpler/uglier validations. I used the Java tests as the basis for these rewrites. Tested against a recent build artifact to verify correctness. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Fixes #11533 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…11740) Bumps [typescript-json-schema](https://github.com/YousefED/typescript-json-schema) from 0.44.0 to 0.44.1. - [Release notes](https://github.com/YousefED/typescript-json-schema/releases) - [Commits](YousefED/typescript-json-schema@v0.44.0...v0.44.1) Signed-off-by: dependabot-preview[bot] <[email protected]> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
The change made in #11524 which switched from using the `keyId` to `keyArn` is a BREAKING change as an update requires replacement: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-filesystem.html#cfn-efs-filesystem-kmskeyid The `efs` module is experimental and this was a capability that needed to be fixed ahead of moving to developer preview. It was missed that an update to the keyId replaces the filesystem. Amending the CHANGELOG to indicate that the filesystem will be replaced. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
fix for a small typo I noticed
…rcular structure to JSON (#11698) All the `FunctionOptions` were leaking into `core` where a cache key is calculated in asset staging. Some of those options have circular references making it impossible to calculate a cache key with the current implementation. Another PR is needed to make the cache key calculation in `core` more robust. Closes #11693 Closes #11726 Closes #11762 BREAKING CHANGE: bundling customization options like `minify` or `sourceMap` are now gathered under a new `bundling` prop. * **lambda-nodejs**: `bundlingEnvironment` is now `bundling.environment` * **lambda-nodejs**: `bundlingDockerImage` is now `bundling.dockerImage` ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…ir (#11729) When the defining file is a `.ts` that is emitted into an [`outDir`](https://www.typescriptlang.org/tsconfig#outDir) extracting the defining filename with the stacktrace returns the original path because of the sourcemap. So, if the `.ts` file is defined in `src` and emitted into `lib` using the stacktrace returns the path in `src`. When shipping a construct library with npm the `src` is not published and the automatic entry finding fails. The `src`/`lib` architecture is the one in https://github.com/projen/projen. Use the `CallSite` API to avoid this problem. Inspired by https://github.com/sindresorhus/callsites and https://github.com/sindresorhus/caller-callsite. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…ource (#11731) As part of the CDKv2 work, #11665 made the init templates version-aware (allowing for different init templates for v1 and v2). This works when the CLI \is run from a packaged distribution, but when run locally in development -- for example, when running `cdk-integ` -- the CLI was failing due to the local version being 0.0.0, and the templates looking for a "v0" directory. Fix the local experience by (currently) defaulting to v1 templates for local development. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Add support for running additional commands before bundling, before node modules installation and after bundling. Closes #11468 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…der feature flag) (#11736) Proper (tokenized) secret names for owned secrets was introduced in #11202. This caused `Secret.secretName` to return the full resource name (secret name + suffix) for owned secrets. This was done to ensure that the secretName was a Tokenized value that would create a dependency between the Secret and its consumer. However, Secrets Manager's DescribeSecret API does not accept the resourceName as an input; it accepts the full ARN, a partial ARN (without the suffix), or the secret name (without the suffix). This leads to several integrations with other services or custom scripts to fail when using the secretName from an owned Secret. For owned secrets, we can parse the resourceName to get the secretName based on either (a) knowing the secret name or (b) knowing the format that CloudFormation uses when secret names aren't specified. This fix introduces proper parsing of secret names for owned secrets (behind a feature flag). BREAKING CHANGE: (feature flag) Secret.secretName for owned secrets will now only the secret name (without suffix) and not the full resource name. This is enabled through the `@aws-cdk/secretsmanager:parseOwnedSecretName` flag. fixes #11727 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Bumps [@types/archiver](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/archiver) from 3.1.1 to 5.1.0. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/archiver) Signed-off-by: dependabot-preview[bot] <[email protected]> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Ignore assets in integration tests. Updates to `esbuild` can cause the bundles to be slighlty different and what we want here is to check that we can still correctly bundle. Closes #11772 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Fixed small typo.
…rted queue (#11651) fix(sqs): imported queue using incorrect options to generate queueUrl Currently if we use `fromQueueArn` static helper to import an existing queue, the generated `queueUrl` property uses incorrect account and region. It uses the stack's region/account in which it is imported rather than the one in which it was created. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
See README.md ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Fixes #11543 *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
The Logical ID hash used in Instance was based on the UserData string, but it needed to be based on the *resolved* version of the UserData string (since only the resolved version shows the asset hash). Slight complication because the resolution of the UserData may refer back to the LogicalID, which we need to account for by using a recursion breaker. Fixes #11704. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
A DeletionPolicy should be specified to protect the staging bucket This addresses cfn-lint error: W3011 Both UpdateReplacePolicy and DeletionPolicy are needed to protect Resources/StagingBucket from deletion partially fixes: #11545 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
The "resource name" part of the OIDC Provider ARN contains the ARN separator (`/`), which cannot be properly split into components using the primitives that CloudFormation gives us. Introduce a new helper method on `Arn` which can obtain the resource name, slashes and all, provided that we know the resource type for a fact. Fixes #11705. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…Action` (#11741) See [this doc](https://docs.aws.amazon.com/codebuild/latest/userguide/sample-pipeline-batch.html) which says >To enable batch builds in CodePipeline, set the BatchEnabled parameter of the configuration object to true. The configuration object it is referring to is [this](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codepipeline-pipeline-stages-actions.html#cfn-codepipeline-pipeline-stages-actions-configuration). I didn't add a test to ensure that `BatchEnabled` is not present by default because I wasn't sure exactly how to do this. Let me know if this is needed. It looks like `haveResourceLike` can take a function on `properties`, so maybe it's doable with that? Closes #11662
Split the prerequisites check for `pack` and `build`. Executing `build` does not execute pack, which means it does not require the tools for packaging (`mvn`, `python`, `.Net`, `java`) to be installed locally. This PR splits `check-prerequisites` into two separate scripts, `check-build-prerequisites` and `check-pack-prerequisites`. For build check: * `node` * `yarn` * `docker` (arguable, but fine) For pack check: * all build prerequisites * `mvn` * `java` * `.Net` * `python` ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Fixes: #11846 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
The doc for lambda docker image function contains example code that doesn't work. ref: https://github.com/aws/aws-cdk/blob/e55f3cc5cf68fd5d79553934b3bb4bce333945be/packages/%40aws-cdk/aws-lambda/lib/image-function.ts#L30-L44 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Configuration to specify accessTokenValidity, idTokenValidity and refreshTokenValidity when a new user pool client is created in Cognito. Closes #11689 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
) This PR adds [poetry](https://python-poetry.org/) support to building Lambda dependencies for the PythonFunction. I used the pipenv setup for inspiration. I'm not very familiar with writing integration tests, so there's a possibility that I could've missed something. Closes #11753. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…11835) Bumps [typescript-json-schema](https://github.com/YousefED/typescript-json-schema) from 0.44.1 to 0.45.0. - [Release notes](https://github.com/YousefED/typescript-json-schema/releases) - [Commits](YousefED/typescript-json-schema@v0.44.1...v0.45.0) Signed-off-by: dependabot-preview[bot] <[email protected]> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Bumps [ts-node](https://github.com/TypeStrong/ts-node) from 9.0.0 to 9.1.0. - [Release notes](https://github.com/TypeStrong/ts-node/releases) - [Commits](TypeStrong/ts-node@v9.0.0...v9.1.0) Signed-off-by: dependabot-preview[bot] <[email protected]> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Bumps [aws-sdk](https://github.com/aws/aws-sdk-js) from 2.802.0 to 2.804.0. - [Release notes](https://github.com/aws/aws-sdk-js/releases) - [Changelog](https://github.com/aws/aws-sdk-js/blob/master/CHANGELOG.md) - [Commits](aws/aws-sdk-js@v2.802.0...v2.804.0) Signed-off-by: dependabot-preview[bot] <[email protected]> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
…he current CFN schema (#11822) Currently, if cloudformation-include encounters a property in one of the resources the CDK has an L1 for that is not in the version of the CloudFormation resource schema the module uses, the property will be silently dropped. Of course, that is not ideal. Make changes to our L1 code generation to preserve all properties that are not in the CFN schema. Fixes #9717 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…table) (#11882) As part of making the module stable, also deprecate the `CfnInclude` class from the core module. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Bumps [esbuild](https://github.com/evanw/esbuild) from 0.8.17 to 0.8.19. - [Release notes](https://github.com/evanw/esbuild/releases) - [Changelog](https://github.com/evanw/esbuild/blob/master/CHANGELOG.md) - [Commits](evanw/esbuild@v0.8.17...v0.8.19) Signed-off-by: dependabot-preview[bot] <[email protected]> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Bumps [yargs](https://github.com/yargs/yargs) from 16.1.1 to 16.2.0. - [Release notes](https://github.com/yargs/yargs/releases) - [Changelog](https://github.com/yargs/yargs/blob/master/CHANGELOG.md) - [Commits](yargs/yargs@v16.1.1...v16.2.0) Signed-off-by: dependabot-preview[bot] <[email protected]> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
…1891) Following the request from @eladb in #11850 (review), consolidating some of the integration tests in the package. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Bumps [esbuild](https://github.com/evanw/esbuild) from 0.8.19 to 0.8.20. - [Release notes](https://github.com/evanw/esbuild/releases) - [Changelog](https://github.com/evanw/esbuild/blob/master/CHANGELOG.md) - [Commits](evanw/esbuild@v0.8.19...v0.8.20) Signed-off-by: dependabot-preview[bot] <[email protected]> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Encoded token lists are represented as `["#{Token[1234]}"]` (as opposed
to encoded strings, which are represented as `"${Token[1234]}"`, notice
the different sigil).
If a string that looks like `"#{Token[...]}"` ever appears outside
of a list context, that's an error. Someone got there by doing:
```
list[0]
```
Which we cannot allow, because things list `list[n]` are not detectable
by us and so cannot be adequately converted to CloudFormation syntax.
They are supposed to use `Fn.select(n, list)` instead.
We did not use to test for this, but of course people *will* do this
and then get confused about the results, so add an explicit test
and error message.
Closes #11750
----
*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
aws-cdk-automation
added
the
pr/no-squash
njlynch
reviewed
Dec 7, 2020
Added a missing word to a secretsmanager breaking change; added the module prefix and re-sorted the order of the cfn-include GA announcement.
|
|
njlynch
approved these changes
Dec 7, 2020
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
|
Thank you for contributing! Your pull request will be updated from master and then merged automatically without squashing (do not update manually, and be sure to allow changes to be pushed to your fork). |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See CHANGELOG