Skip to content

Commit

Permalink
Merge branch 'main' into huijbers/mfa-when-profile
Browse files Browse the repository at this point in the history
  • Loading branch information
mergify[bot] authored Nov 28, 2024
2 parents da74ab4 + f271168 commit 38d45f6
Show file tree
Hide file tree
Showing 12 changed files with 525 additions and 107 deletions.
17 changes: 10 additions & 7 deletions .devcontainer/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,15 @@ FROM jsii/superchain:1-bookworm-slim-node20

USER root

# Setup oh-my-zsh
RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \
&& apt-get -y install --no-install-recommends zsh vim \
&& rm -rf /var/lib/apt/lists/* \
&& chsh -s $(which zsh) superchain

# Required, otherwise shell is extermly slow due the size of the aws-cdk
RUN sh -c 'echo "[oh-my-zsh]\n hide-dirty = 1" > /etc/gitconfig'

# Change uid/guid of superchain so it can work with the docker-in-docker feature
RUN groupmod --gid 1000 superchain \
&& usermod --uid 1000 --gid 1000 superchain \
Expand All @@ -10,10 +19,4 @@ RUN groupmod --gid 1000 superchain \
USER superchain

# Setup oh-my-zsh
RUN sudo apt-get update && export DEBIAN_FRONTEND=noninteractive \
&& sudo apt-get -y install --no-install-recommends zsh vim \
&& sudo rm -rf /var/lib/apt/lists/* \
&& sudo chsh -s $(which zsh) $(whoami)
RUN sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" "" --unattended \
# Required, otherwise shell is extermly slow due the size of the aws-cdk
&& sudo sh -c 'echo "[oh-my-zsh]\n hide-dirty = 1" > /etc/gitconfig'
RUN sh -c "$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)" "" --unattended
8 changes: 4 additions & 4 deletions .devcontainer/devcontainer.json
Original file line number Diff line number Diff line change
Expand Up @@ -3,17 +3,17 @@
"build": {
"dockerfile": "Dockerfile"
},

"customizations": {
"vscode": {
"extensions": ["dbaeumer.vscode-eslint"]
"extensions": [
"dbaeumer.vscode-eslint"
]
}
},

"postCreateCommand": "yarn install",
"remoteUser": "superchain",
"features": {
"docker-in-docker": {
"ghcr.io/devcontainers/features/docker-in-docker:2": {
"version": "latest",
"moby": true
}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/codecov.yml
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ jobs:
run: cd packages/aws-cdk && yarn test

- name: Upload results to Codecov
uses: codecov/codecov-action@v5
uses: codecov/codecov-action@v4
with:
directory: packages/aws-cdk/coverage
fail_ci_if_error: true
Expand Down
3 changes: 3 additions & 0 deletions packages/aws-cdk-lib/aws-cloudfront/lib/origin.ts
Original file line number Diff line number Diff line change
Expand Up @@ -149,6 +149,7 @@ export abstract class OriginBase implements IOrigin {
private readonly originShieldRegion?: string;
private readonly originShieldEnabled: boolean;
private readonly originId?: string;
private readonly originAccessControlId?: string;

protected constructor(domainName: string, props: OriginProps = {}) {
validateIntInRangeOrUndefined('connectionTimeout', 1, 10, props.connectionTimeout?.toSeconds());
Expand All @@ -163,6 +164,7 @@ export abstract class OriginBase implements IOrigin {
this.originShieldRegion = props.originShieldRegion;
this.originId = props.originId;
this.originShieldEnabled = props.originShieldEnabled ?? true;
this.originAccessControlId = props.originAccessControlId;
}

/**
Expand All @@ -187,6 +189,7 @@ export abstract class OriginBase implements IOrigin {
s3OriginConfig,
customOriginConfig,
originShield: this.renderOriginShield(this.originShieldEnabled, this.originShieldRegion),
originAccessControlId: this.originAccessControlId,
},
};
}
Expand Down
32 changes: 31 additions & 1 deletion packages/aws-cdk-lib/aws-cloudfront/test/distribution.test.ts
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
import { defaultOrigin, defaultOriginGroup } from './test-origin';
import { defaultOrigin, defaultOriginGroup, defaultOriginWithOriginAccessControl } from './test-origin';
import { Annotations, Match, Template } from '../../assertions';
import * as acm from '../../aws-certificatemanager';
import * as cloudwatch from '../../aws-cloudwatch';
Expand Down Expand Up @@ -1282,6 +1282,36 @@ test('with publish additional metrics', () => {
});
});

test('with origin access control id', () => {
const origin = defaultOriginWithOriginAccessControl();
new Distribution(stack, 'MyDist', {
defaultBehavior: { origin },
publishAdditionalMetrics: true,
});

Template.fromStack(stack).hasResourceProperties('AWS::CloudFront::Distribution', {
DistributionConfig: {
DefaultCacheBehavior: {
CachePolicyId: '658327ea-f89d-4fab-a63d-7e88639e58f6',
Compress: true,
TargetOriginId: 'StackMyDistOrigin1D6D5E535',
ViewerProtocolPolicy: 'allow-all',
},
Enabled: true,
HttpVersion: 'http2',
IPV6Enabled: true,
Origins: [{
DomainName: 'www.example.com',
Id: 'StackMyDistOrigin1D6D5E535',
CustomOriginConfig: {
OriginProtocolPolicy: 'https-only',
},
OriginAccessControlId: 'test-origin-access-control-id',
}],
},
});
});

describe('Distribution metrics tests', () => {
const additionalMetrics = [
{ name: 'OriginLatency', method: 'metricOriginLatency', statistic: 'Average', additionalMetricsRequired: true, errorMetricName: 'Origin latency' },
Expand Down
35 changes: 31 additions & 4 deletions packages/aws-cdk-lib/aws-cloudfront/test/test-origin.ts
Original file line number Diff line number Diff line change
@@ -1,16 +1,31 @@
import { Construct } from 'constructs';
import { CfnDistribution, IOrigin, OriginBase, OriginBindConfig, OriginBindOptions, OriginProps, OriginProtocolPolicy } from '../lib';
import {
CfnDistribution,
IOrigin,
OriginBase,
OriginBindConfig,
OriginBindOptions,
OriginProps,
OriginProtocolPolicy,
} from '../lib';

/** Used for testing common Origin functionality */
export class TestOrigin extends OriginBase {
constructor(domainName: string, props: OriginProps = {}) { super(domainName, props); }
protected renderCustomOriginConfig(): CfnDistribution.CustomOriginConfigProperty | undefined {
constructor(domainName: string, props: OriginProps = {}) {
super(domainName, props);
}
protected renderCustomOriginConfig():
| CfnDistribution.CustomOriginConfigProperty
| undefined {
return { originProtocolPolicy: OriginProtocolPolicy.HTTPS_ONLY };
}
}

export class TestOriginGroup implements IOrigin {
constructor(private readonly primaryDomainName: string, private readonly secondaryDomainName: string) { }
constructor(
private readonly primaryDomainName: string,
private readonly secondaryDomainName: string,
) {}
/* eslint-disable @cdklabs/no-core-construct */
public bind(scope: Construct, options: OriginBindOptions): OriginBindConfig {
const primaryOrigin = new TestOrigin(this.primaryDomainName);
Expand All @@ -35,3 +50,15 @@ export function defaultOrigin(domainName?: string, originId?: string): IOrigin {
export function defaultOriginGroup(): IOrigin {
return new TestOriginGroup('www.example.com', 'foo.example.com');
}

export function defaultOriginWithOriginAccessControl(
domainName?: string,
originId?: string,
originAccessControlId?: string,
): IOrigin {
return new TestOrigin(domainName ?? 'www.example.com', {
originId,
originAccessControlId:
originAccessControlId ?? 'test-origin-access-control-id',
});
}
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ import { ArtifactMetadataEntryType, type MetadataEntry } from '@aws-cdk/cloud-as
import type { CloudFormationStackArtifact } from '@aws-cdk/cx-api';
import * as chalk from 'chalk';
import { ResourceEvent, StackEventPoller } from './stack-event-poller';
import { error, logLevel, LogLevel, setLogLevel } from '../../../logging';
import { error, LogLevel, setLogLevel } from '../../../logging';
import type { ICloudFormationClient } from '../../aws-auth';
import { RewritableBlock } from '../display';

Expand Down Expand Up @@ -102,7 +102,7 @@ export class StackActivityMonitor {
};

const isWindows = process.platform === 'win32';
const verbose = options.logLevel ?? logLevel;
const verbose = options.logLevel ?? LogLevel.INFO;
// On some CI systems (such as CircleCI) output still reports as a TTY so we also
// need an individual check for whether we're running on CI.
// see: https://discuss.circleci.com/t/circleci-terminal-is-a-tty-but-term-is-not-set/9965
Expand Down Expand Up @@ -626,7 +626,7 @@ export class CurrentActivityPrinter extends ActivityPrinterBase {
*/
public readonly updateSleep: number = 2_000;

private oldLogLevel: LogLevel = LogLevel.DEFAULT;
private oldLogLevel: LogLevel = LogLevel.INFO;
private block = new RewritableBlock(this.stream);

constructor(props: PrinterProps) {
Expand Down Expand Up @@ -674,8 +674,7 @@ export class CurrentActivityPrinter extends ActivityPrinterBase {
public start() {
// Need to prevent the waiter from printing 'stack not stable' every 5 seconds, it messes
// with the output calculations.
this.oldLogLevel = logLevel;
setLogLevel(LogLevel.DEFAULT);
setLogLevel(LogLevel.INFO);
}

public stop() {
Expand Down
16 changes: 14 additions & 2 deletions packages/aws-cdk/lib/cli.ts
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ import { realHandler as docs } from '../lib/commands/docs';
import { realHandler as doctor } from '../lib/commands/doctor';
import { MIGRATE_SUPPORTED_LANGUAGES, getMigrateScanType } from '../lib/commands/migrate';
import { availableInitLanguages, cliInit, printAvailableTemplates } from '../lib/init';
import { data, debug, error, print, setLogLevel, setCI } from '../lib/logging';
import { data, debug, error, print, setCI, setLogLevel, LogLevel } from '../lib/logging';
import { Notices } from '../lib/notices';
import { Command, Configuration, Settings } from '../lib/settings';
import * as version from '../lib/version';
Expand All @@ -48,8 +48,20 @@ export async function exec(args: string[], synthesizer?: Synthesizer): Promise<n

const argv = await parseCommandLineArguments(args, makeBrowserDefault(), await availableInitLanguages(), MIGRATE_SUPPORTED_LANGUAGES as string[], version.DISPLAY_VERSION, yargsNegativeAlias);

// if one -v, log at a DEBUG level
// if 2 -v, log at a TRACE level
if (argv.verbose) {
setLogLevel(argv.verbose);
let logLevel: LogLevel;
switch (argv.verbose) {
case 1:
logLevel = LogLevel.DEBUG;
break;
case 2:
default:
logLevel = LogLevel.TRACE;
break;
}
setLogLevel(logLevel);
}

// Debug should always imply tracing
Expand Down
Loading

0 comments on commit 38d45f6

Please sign in to comment.