From 7970552718a9a24d3be75e5413fdd120df716c55 Mon Sep 17 00:00:00 2001 From: Parker Scanlon <69879391+scanlonp@users.noreply.github.com> Date: Fri, 21 Jul 2023 03:55:01 -0700 Subject: [PATCH 1/9] added my username to mergify and merit badger (#26454) Co-authored-by: Kaizen Conroy <36202692+kaizencc@users.noreply.github.com> --- .github/workflows/github-merit-badger.yml | 2 +- .mergify.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/github-merit-badger.yml b/.github/workflows/github-merit-badger.yml index a095694eebfcc..d818d2f2da061 100644 --- a/.github/workflows/github-merit-badger.yml +++ b/.github/workflows/github-merit-badger.yml @@ -17,4 +17,4 @@ jobs: badges: '[beginning-contributor,repeat-contributor,valued-contributor,admired-contributor,star-contributor,distinguished-contributor]' thresholds: '[0,3,6,13,25,50]' badge-type: 'achievement' - ignore-usernames: '[RomainMuller,rix0rrr,MrArnoldPalmer,iliapolo,otaviomacedo,madeline-k,kaizencc,comcalvi,corymhall,peterwoodworth,ryparker,TheRealAmazonKendra,vinayak-kukreja,Naumel,mrgrain,pahud,cgarvis,kellertk,HBobertz,sumupitchayan,pattasai,SankyRed,udaypant,colifran,khushail,aws-cdk-automation,dependabot[bot],mergify[bot]]' + ignore-usernames: '[RomainMuller,rix0rrr,MrArnoldPalmer,iliapolo,otaviomacedo,madeline-k,kaizencc,comcalvi,corymhall,peterwoodworth,ryparker,TheRealAmazonKendra,vinayak-kukreja,Naumel,mrgrain,pahud,cgarvis,kellertk,HBobertz,sumupitchayan,pattasai,SankyRed,udaypant,colifran,khushail,scanlonp,aws-cdk-automation,dependabot[bot],mergify[bot]]' diff --git a/.mergify.yml b/.mergify.yml index fafb56bf5a1cc..fc39ba7395066 100644 --- a/.mergify.yml +++ b/.mergify.yml @@ -11,7 +11,7 @@ pull_request_rules: label: add: [ contribution/core ] conditions: - - author~=^(RomainMuller|rix0rrr|MrArnoldPalmer|iliapolo|uttarasridhar|otaviomacedo|madeline-k|kaizencc|comcalvi|corymhall|peterwoodworth|ryparker|TheRealAmazonKendra|vinayak-kukreja|Naumel|mrgrain|pahud|cgarvis|kellertk|HBobertz|sumupitchayan|pattasai|SankyRed|udaypant|colifran)$ + - author~=^(RomainMuller|rix0rrr|MrArnoldPalmer|iliapolo|uttarasridhar|otaviomacedo|madeline-k|kaizencc|comcalvi|corymhall|peterwoodworth|ryparker|TheRealAmazonKendra|vinayak-kukreja|Naumel|mrgrain|pahud|cgarvis|kellertk|HBobertz|sumupitchayan|pattasai|SankyRed|udaypant|colifran|scanlonp)$ - -label~="contribution/core" - name: automatic merge actions: From ac9bb1a27c704f5bcb4d8ca15dc5a224a592bd27 Mon Sep 17 00:00:00 2001 From: jwoehrle <14852794+jwoehrle@users.noreply.github.com> Date: Fri, 21 Jul 2023 14:07:29 +0200 Subject: [PATCH 2/9] fix(rds): Add missing Aurora engine 8.0.mysql_aurora.3.02.3 (#26462) Add missing Aurora Engine Version 3_02_3. See Aurora docs at https://docs.aws.amazon.com/AmazonRDS/latest/AuroraMySQLReleaseNotes/AuroraMySQL.Updates.3023.html ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/aws-cdk-lib/aws-rds/lib/cluster-engine.ts | 2 ++ 1 file changed, 2 insertions(+) diff --git a/packages/aws-cdk-lib/aws-rds/lib/cluster-engine.ts b/packages/aws-cdk-lib/aws-rds/lib/cluster-engine.ts index 7e595265ab569..df955a119c470 100644 --- a/packages/aws-cdk-lib/aws-rds/lib/cluster-engine.ts +++ b/packages/aws-cdk-lib/aws-rds/lib/cluster-engine.ts @@ -430,6 +430,8 @@ export class AuroraMysqlEngineVersion { public static readonly VER_3_02_1 = AuroraMysqlEngineVersion.builtIn_8_0('3.02.1'); /** Version "8.0.mysql_aurora.3.02.2". */ public static readonly VER_3_02_2 = AuroraMysqlEngineVersion.builtIn_8_0('3.02.2'); + /** Version "8.0.mysql_aurora.3.02.3". */ + public static readonly VER_3_02_3 = AuroraMysqlEngineVersion.builtIn_8_0('3.02.3'); /** Version "8.0.mysql_aurora.3.03.0". */ public static readonly VER_3_03_0 = AuroraMysqlEngineVersion.builtIn_8_0('3.03.0'); From 9d9daba2ed72eef6ea45b51651e66bf6253df5fa Mon Sep 17 00:00:00 2001 From: Daniel Hochman Date: Fri, 21 Jul 2023 08:16:47 -0500 Subject: [PATCH 3/9] chore(api-gateway): fix resource name in lambda-api.test.ts causing no-op test (#26457) Test was a no-op due to the typo. --- packages/aws-cdk-lib/aws-apigateway/test/lambda-api.test.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/aws-cdk-lib/aws-apigateway/test/lambda-api.test.ts b/packages/aws-cdk-lib/aws-apigateway/test/lambda-api.test.ts index 43db110625a26..a72bed650dbab 100644 --- a/packages/aws-cdk-lib/aws-apigateway/test/lambda-api.test.ts +++ b/packages/aws-cdk-lib/aws-apigateway/test/lambda-api.test.ts @@ -189,7 +189,7 @@ describe('lambda api', () => { // THEN const template = Template.fromStack(stack); // Ensure that all methods have "AWS_PROXY" integrations. - const methods = template.findResources('AWS::ApiGateway::Mathod'); + const methods = template.findResources('AWS::ApiGateway::Method'); const hasProxyIntegration = Match.objectLike({ Integration: Match.objectLike({ Type: 'AWS_PROXY' }) }); for (const method of Object.values(methods)) { expect(hasProxyIntegration.test(method)).toBeTruthy(); From 1820fc902c6f37faed0538305bd701103dae43ff Mon Sep 17 00:00:00 2001 From: Luca Pizzini Date: Fri, 21 Jul 2023 15:43:06 +0200 Subject: [PATCH 4/9] fix(cdk): allow bootstrap with policy names with a path (#26378) Policy names with slashes (`/`) are not allowed when bootstrapping. For example: ``` cdk bootstrap --custom-permissions-boundary aaa/bbb ``` Would fail: ``` Error: The permissions boundary name aaa/bbb does not match the IAM conventions. ``` This fix allows to specify paths in the policy name. Closes #26320. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../bootstrapping.integtest.ts | 11 ++++++++++ .../api/bootstrap/bootstrap-environment.ts | 4 +++- packages/aws-cdk/test/api/bootstrap2.test.ts | 22 +++++++++++++++++++ 3 files changed, 36 insertions(+), 1 deletion(-) diff --git a/packages/@aws-cdk-testing/cli-integ/tests/cli-integ-tests/bootstrapping.integtest.ts b/packages/@aws-cdk-testing/cli-integ/tests/cli-integ-tests/bootstrapping.integtest.ts index c76ea0f9bec21..18889bde7dd7e 100644 --- a/packages/@aws-cdk-testing/cli-integ/tests/cli-integ-tests/bootstrapping.integtest.ts +++ b/packages/@aws-cdk-testing/cli-integ/tests/cli-integ-tests/bootstrapping.integtest.ts @@ -255,6 +255,17 @@ integTest('can use the custom permissions boundary to bootstrap', withoutBootstr expect(template).toContain('permission-boundary-name'); })); +integTest('can use the custom permissions boundary (with slashes) to bootstrap', withoutBootstrap(async (fixture) => { + let template = await fixture.cdkBootstrapModern({ + // toolkitStackName doesn't matter for this particular invocation + toolkitStackName: fixture.bootstrapStackName, + showTemplate: true, + customPermissionsBoundary: 'permission-boundary-name/with/path', + }); + + expect(template).toContain('permission-boundary-name/with/path'); +})); + integTest('can remove customPermissionsBoundary', withoutBootstrap(async (fixture) => { const bootstrapStackName = fixture.bootstrapStackName; const policyName = `${bootstrapStackName}-pb`; diff --git a/packages/aws-cdk/lib/api/bootstrap/bootstrap-environment.ts b/packages/aws-cdk/lib/api/bootstrap/bootstrap-environment.ts index f4a1b22729831..f3041fd3864ec 100644 --- a/packages/aws-cdk/lib/api/bootstrap/bootstrap-environment.ts +++ b/packages/aws-cdk/lib/api/bootstrap/bootstrap-environment.ts @@ -279,7 +279,9 @@ export class Bootstrapper { private validatePolicyName(permissionsBoundary: string) { // https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreatePolicy.html - const regexp: RegExp = /[\w+=,.@-]+/; + // Added support for policy names with a path + // See https://github.com/aws/aws-cdk/issues/26320 + const regexp: RegExp = /[\w+\/=,.@-]+/; const matches = regexp.exec(permissionsBoundary); if (!(matches && matches.length === 1 && matches[0] === permissionsBoundary)) { throw new Error(`The permissions boundary name ${permissionsBoundary} does not match the IAM conventions.`); diff --git a/packages/aws-cdk/test/api/bootstrap2.test.ts b/packages/aws-cdk/test/api/bootstrap2.test.ts index b7e48f8493069..427ea1daf0906 100644 --- a/packages/aws-cdk/test/api/bootstrap2.test.ts +++ b/packages/aws-cdk/test/api/bootstrap2.test.ts @@ -207,6 +207,28 @@ describe('Bootstrapping v2', () => { ])); }); + test('adding permission boundary with path in policy name', async () => { + mockTheToolkitInfo({ + Parameters: [ + { + ParameterKey: 'InputPermissionsBoundary', + ParameterValue: '', + }, + ], + }); + await bootstrapper.bootstrapEnvironment(env, sdk, { + parameters: { + customPermissionsBoundary: 'permissions-boundary-name/with/path', + }, + }); + + expect(stderrMock.mock.calls).toEqual(expect.arrayContaining([ + expect.arrayContaining([ + expect.stringMatching(/Adding new permissions boundary permissions-boundary-name\/with\/path/), + ]), + ])); + }); + test('passing trusted accounts without CFN managed policies results in an error', async () => { await expect(bootstrapper.bootstrapEnvironment(env, sdk, { parameters: { From a9e2789d2f927c26db0aee4ce7cb2cc073a99bc5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Krzysztof=20S=C5=82owi=C5=84ski?= <30654022+krzysztof-slowinski@users.noreply.github.com> Date: Fri, 21 Jul 2023 16:48:51 +0200 Subject: [PATCH 5/9] feat(cli): add diff message on the number of stacks with differences (#26297) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Reported issue with `diff` is that it treats the fail return status for cases when there are actual diffs, making it hard to know what happened with pipeline automations. The proposed solution adds a logging statement with a similar format that is used for deploy (but here the total time is reported) specifying how many stacks have differences, as presented below. As a result, it will be possible to check in pipelines for this logging statement to correctly detect situation when there are no actual changes, when there are changes, and when there are failures, since on failures this statement will not be present: Case of no changes: ✨ Number of stacks with differences: 0 Case of changes in 5 stacks: ✨ Number of stacks with differences: 5 Closes #10417. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- packages/aws-cdk/lib/cdk-toolkit.ts | 2 ++ packages/aws-cdk/test/diff.test.ts | 8 +++++++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/packages/aws-cdk/lib/cdk-toolkit.ts b/packages/aws-cdk/lib/cdk-toolkit.ts index 70d7650f58f7b..e5ff7cc642af3 100644 --- a/packages/aws-cdk/lib/cdk-toolkit.ts +++ b/packages/aws-cdk/lib/cdk-toolkit.ts @@ -143,6 +143,8 @@ export class CdkToolkit { } } + stream.write(format('\n✨ Number of stacks with differences: %s\n', diffs)); + return diffs && options.fail ? 1 : 0; } diff --git a/packages/aws-cdk/test/diff.test.ts b/packages/aws-cdk/test/diff.test.ts index 128c933dad245..ad8202a64db63 100644 --- a/packages/aws-cdk/test/diff.test.ts +++ b/packages/aws-cdk/test/diff.test.ts @@ -81,6 +81,7 @@ describe('non-nested stacks', () => { expect(plainTextOutput).toContain('Stack A'); expect(plainTextOutput).toContain('Stack B'); + expect(buffer.data.trim()).toContain('✨ Number of stacks with differences: 2'); expect(exitCode).toBe(0); }); @@ -96,6 +97,7 @@ describe('non-nested stacks', () => { }); // THEN + expect(buffer.data.trim()).toContain('✨ Number of stacks with differences: 1'); expect(exitCode).toBe(1); }); @@ -121,6 +123,7 @@ describe('non-nested stacks', () => { }); // THEN + expect(buffer.data.trim()).toContain('✨ Number of stacks with differences: 1'); expect(exitCode).toBe(1); }); @@ -255,7 +258,10 @@ Resources └─ [~] .Properties: └─ [~] .Prop: ├─ [-] old-value - └─ [+] new-value`); + └─ [+] new-value + + +✨ Number of stacks with differences: 3`); expect(exitCode).toBe(0); }); From 87ec5257104ec6c48527b21212cd91f9b0fe9dec Mon Sep 17 00:00:00 2001 From: bun <73948280+bun913@users.noreply.github.com> Date: Sat, 22 Jul 2023 00:55:53 +0900 Subject: [PATCH 6/9] docs(contributing): document how to get around node out of memory error (#26465) Closes #26415 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- CONTRIBUTING.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 1356abe3eb3e6..2a7567e8d64bb 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -108,6 +108,8 @@ Note: `lerna` uses a local cache by default. If your build fails, you can fix the issue and run the command again and it will not rerun any previously successful steps. +Note: If you encounter `ERROR: Reached heap limit Allocation failed - JavaScript heap out of memory`, please try running the command with increased memory by using `export NODE_OPTIONS="--max-old-space-size=8192"`. + At this point, you can run build and test the `aws-cdk-lib` module by running ```console From fd181c70f3668b2f0ec0ccbca38a5ef9100eb86b Mon Sep 17 00:00:00 2001 From: Cory Hall <43035978+corymhall@users.noreply.github.com> Date: Fri, 21 Jul 2023 13:28:30 -0400 Subject: [PATCH 7/9] fix(core): policy validation trace incorrect for larger constructs (#26466) Ran into an issue where the construct trace was incorrect in larger projects, specifically where there are constructs that contain multiple constructs. To get the construct trace tree we first construct a new tree that only contains the path to the terminal construct (the one with the trace). We drop all the other constructs in the tree that don't relate. For example, if we had a tree like: ``` ->App -->MyStage --->MyStack1 ---->MyConstruct ----->Resource --->MyStack2 ---->MyConstruct ----->Resource --->MyStack3 ---->MyConstruct ----->Resource ``` And we want to get a new tree for `/App/MyStage/MyStack2/MyConstruct/Resource` it should look like this: ``` ->App -->MyStage --->MyStack2 ---->MyConstruct ----->Resource ``` We weren't correctly generating the new tree correctly and would always end up with the tree being the first item in the list. I've updated one of the tests, and also tested this on a more complex application. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../core/lib/private/tree-metadata.ts | 41 +++++++++++++------ .../lib/validation/private/construct-tree.ts | 18 +++++++- .../core/test/validation/trace.test.ts | 9 ++++ 3 files changed, 53 insertions(+), 15 deletions(-) diff --git a/packages/aws-cdk-lib/core/lib/private/tree-metadata.ts b/packages/aws-cdk-lib/core/lib/private/tree-metadata.ts index f0ceb3c0301c5..24e6bb3f526b1 100644 --- a/packages/aws-cdk-lib/core/lib/private/tree-metadata.ts +++ b/packages/aws-cdk-lib/core/lib/private/tree-metadata.ts @@ -10,7 +10,9 @@ import { ISynthesisSession } from '../stack-synthesizers'; import { IInspectable, TreeInspector } from '../tree'; const FILE_PATH = 'tree.json'; - +type Mutable = { + -readonly [P in keyof T]: Mutable; +}; /** * Construct that is automatically attached to the top-level `App`. * This generates, as part of synthesis, a file containing the construct tree and the metadata for each node in the tree. @@ -109,21 +111,34 @@ export class TreeMetadata extends Construct { * tree that leads to a specific construct so drop any nodes not in that path * * @param node Node the current tree node - * @param child Node the previous tree node and the current node's child node - * @returns Node the new tree + * @returns Node the root node of the new tree */ - private renderTreeWithChildren(node: Node, child?: Node): Node { - if (node.parent) { - return this.renderTreeWithChildren(node.parent, node); - } else if (child) { - return { - ...node, - children: { - [child.id]: child, - }, + private renderTreeWithChildren(node: Node): Node { + /** + * @param currentNode - The current node being evaluated + * @param currentNodeChild - The previous node which should be the only child of the current node + * @returns The node with all children removed except for the path to the current node + */ + function renderTreeWithSingleChild(currentNode: Mutable, currentNodeChild: Mutable) { + currentNode.children = { + [currentNodeChild.id]: currentNodeChild, }; + if (currentNode.parent) { + currentNode.parent = renderTreeWithSingleChild(currentNode.parent, currentNode); + } + return currentNode; } - return node; + + const currentNode = node.parent ? renderTreeWithSingleChild(node.parent, node) : node; + // now that we have the new tree we need to return the root node + let root = currentNode; + do { + if (root.parent) { + root = root.parent; + } + } while (root.parent); + + return root; } /** diff --git a/packages/aws-cdk-lib/core/lib/validation/private/construct-tree.ts b/packages/aws-cdk-lib/core/lib/validation/private/construct-tree.ts index f6bd078ad89f2..a48553a8d5cc7 100644 --- a/packages/aws-cdk-lib/core/lib/validation/private/construct-tree.ts +++ b/packages/aws-cdk-lib/core/lib/validation/private/construct-tree.ts @@ -147,6 +147,17 @@ export class ConstructTree { return node; } + /** + * @param node - the root node of the tree + * @returns the terminal node in the tree + */ + private lastChild(node: Node): Node { + if (node.children) { + return this.lastChild(this.getChild(node.children)); + } + return node; + } + /** * Get a ConstructTrace from the cache for a given construct * @@ -154,7 +165,8 @@ export class ConstructTree { * root of the tree and go down to the construct that has the violation */ public getTrace(node: Node, locations?: string[]): ConstructTrace | undefined { - const trace = this._traceCache.get(node.path); + const lastChild = this.lastChild(node); + const trace = this._traceCache.get(lastChild.path); if (trace) { return trace; } @@ -177,7 +189,9 @@ export class ConstructTree { libraryVersion: node.constructInfo?.version, location: thisLocation ?? "Run with '--debug' to include location info", }; - this._traceCache.set(constructTrace.path, constructTrace); + // set the cache for the last child path. If the last child path is different then + // we have a different tree and need to retrieve the trace again + this._traceCache.set(lastChild.path, constructTrace); return constructTrace; } diff --git a/packages/aws-cdk-lib/core/test/validation/trace.test.ts b/packages/aws-cdk-lib/core/test/validation/trace.test.ts index 5f17537b88e1b..5ec4652c7a507 100644 --- a/packages/aws-cdk-lib/core/test/validation/trace.test.ts +++ b/packages/aws-cdk-lib/core/test/validation/trace.test.ts @@ -113,6 +113,12 @@ class MyL2Resource extends Resource implements IMyL2Resource { public readonly constructPath: string; constructor(scope: Construct, id: string) { super(scope, id); + new core.CfnResource(this, 'Resource1', { + type: 'AWS::CDK::TestResource', + properties: { + testProp1: 'testValue', + }, + }); const resource = new core.CfnResource(this, 'Resource', { type: 'AWS::CDK::TestResource', properties: { @@ -127,6 +133,7 @@ class MyConstruct extends Construct { public readonly constructPath: string; constructor(scope: Construct, id: string) { super(scope, id); + new MyL2Resource(this, 'MyL2Resource1'); const myResource = new MyL2Resource(this, 'MyL2Resource'); this.constructPath = myResource.constructPath; } @@ -136,6 +143,8 @@ class MyStack extends core.Stack { public readonly constructPath: string; constructor(scope: Construct, id: string, props?: core.StackProps) { super(scope, id, props); + new MyConstruct(this, 'MyConstruct2'); + new MyConstruct(this, 'MyConstruct3'); const myConstruct = new MyConstruct(this, 'MyConstruct'); this.constructPath = myConstruct.constructPath; } From 1b3612457078f8195fb5a73b9f0e44caf99fae96 Mon Sep 17 00:00:00 2001 From: Kaizen Conroy <36202692+kaizencc@users.noreply.github.com> Date: Fri, 21 Jul 2023 14:05:55 -0400 Subject: [PATCH 8/9] feat(app-staging-synthesizer): option to specify staging stack name prefix (#26324) Optionally specify a prefix for the staging stack name, which will be baked into the stackId and stackName. The default prefix is `StagingStack`. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../lib/default-staging-stack.ts | 19 ++++++++++--- .../test/app-staging-synthesizer.test.ts | 27 +++++++++++++++++-- 2 files changed, 40 insertions(+), 6 deletions(-) diff --git a/packages/@aws-cdk/app-staging-synthesizer-alpha/lib/default-staging-stack.ts b/packages/@aws-cdk/app-staging-synthesizer-alpha/lib/default-staging-stack.ts index be3a44eb15fd3..6875de6a123d2 100644 --- a/packages/@aws-cdk/app-staging-synthesizer-alpha/lib/default-staging-stack.ts +++ b/packages/@aws-cdk/app-staging-synthesizer-alpha/lib/default-staging-stack.ts @@ -111,6 +111,16 @@ export interface DefaultStagingStackOptions { * @default true */ readonly autoDeleteStagingAssets?: boolean; + + /** + * Specify a custom prefix to be used as the staging stack name and + * construct ID. The prefix will be appended before the appId, which + * is required to be part of the stack name and construct ID to + * ensure uniqueness. + * + * @default 'StagingStack' + */ + readonly stagingStackNamePrefix?: string; } /** @@ -159,12 +169,13 @@ export class DefaultStagingStack extends Stack implements IStagingResources { new UsingAppStagingSynthesizer(stack, `UsingAppStagingSynthesizer/${stack.stackName}`); } - const stackId = `StagingStack-${appId}-${context.environmentString}`; + const stackPrefix = options.stagingStackNamePrefix ?? 'StagingStack'; + // Stack name does not need to contain environment because appId is unique inside an env + const stackName = `${stackPrefix}-${appId}`; + const stackId = `${stackName}-${context.environmentString}`; return new DefaultStagingStack(app, stackId, { ...options, - - // Does not need to contain environment because stack names are unique inside an env anyway - stackName: `StagingStack-${appId}`, + stackName, env: { account: stack.account, region: stack.region, diff --git a/packages/@aws-cdk/app-staging-synthesizer-alpha/test/app-staging-synthesizer.test.ts b/packages/@aws-cdk/app-staging-synthesizer-alpha/test/app-staging-synthesizer.test.ts index f1dec13b34a3a..3e6504b7befe9 100644 --- a/packages/@aws-cdk/app-staging-synthesizer-alpha/test/app-staging-synthesizer.test.ts +++ b/packages/@aws-cdk/app-staging-synthesizer-alpha/test/app-staging-synthesizer.test.ts @@ -492,6 +492,29 @@ describe(AppStagingSynthesizer, () => { Template.fromJSON(getStagingResourceStack(asm).template).resourceCountIs('Custom::S3AutoDeleteObjects', 0); }); + test('stack prefix can be customized', () => { + // GIVEN + const prefix = 'Prefix'; + app = new App({ + defaultStackSynthesizer: AppStagingSynthesizer.defaultResources({ + appId: APP_ID, + stagingStackNamePrefix: prefix, + }), + }); + stack = new Stack(app, 'Stack', { + env: { + account: '000000000000', + region: 'us-east-1', + }, + }); + + // WHEN + const asm = app.synth(); + + // THEN + expect(getStagingResourceStack(asm, prefix).template).toBeDefined(); + }); + describe('environment specifics', () => { test('throws if App includes env-agnostic and specific env stacks', () => { // GIVEN - App with Stack with specific environment @@ -536,7 +559,7 @@ describe(AppStagingSynthesizer, () => { /** * Return the staging resource stack that is generated as part of the assembly */ - function getStagingResourceStack(asm: CloudAssembly) { - return asm.getStackArtifact(`StagingStack-${APP_ID}-000000000000-us-east-1`); + function getStagingResourceStack(asm: CloudAssembly, prefix?: string) { + return asm.getStackArtifact(`${prefix ?? 'StagingStack'}-${APP_ID}-000000000000-us-east-1`); } }); From eea223b52f4445e6084b1fa1fa15a3a78f83fa18 Mon Sep 17 00:00:00 2001 From: Austin Ely Date: Fri, 21 Jul 2023 14:44:49 -0400 Subject: [PATCH 9/9] fix(ecs): deployment alarm configurations are being added in isolated partitions (#26458) Fixes #26456. Renames the isolated partitions to their correct names. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../aws-ecs/lib/base/base-service.ts | 2 +- .../aws-ecs/test/ec2/ec2-service.test.ts | 26 +++++++++++++++++++ 2 files changed, 27 insertions(+), 1 deletion(-) diff --git a/packages/aws-cdk-lib/aws-ecs/lib/base/base-service.ts b/packages/aws-cdk-lib/aws-ecs/lib/base/base-service.ts index 05a0054491554..7eaaccbb86b01 100644 --- a/packages/aws-cdk-lib/aws-ecs/lib/base/base-service.ts +++ b/packages/aws-cdk-lib/aws-ecs/lib/base/base-service.ts @@ -1367,7 +1367,7 @@ export abstract class BaseService extends Resource } private deploymentAlarmsAvailableInRegion(): boolean { - const unsupportedPartitions = ['aws-cn', 'aws-us-gov', 'aws-us-iso', 'aws-us-iso-b']; + const unsupportedPartitions = ['aws-cn', 'aws-us-gov', 'aws-iso', 'aws-iso-b']; const currentRegion = RegionInfo.get(this.stack.resolve(this.stack.region)); if (currentRegion.partition) { return !unsupportedPartitions.includes(currentRegion.partition); diff --git a/packages/aws-cdk-lib/aws-ecs/test/ec2/ec2-service.test.ts b/packages/aws-cdk-lib/aws-ecs/test/ec2/ec2-service.test.ts index 8da11d24bae4e..a07841af5d75f 100644 --- a/packages/aws-cdk-lib/aws-ecs/test/ec2/ec2-service.test.ts +++ b/packages/aws-cdk-lib/aws-ecs/test/ec2/ec2-service.test.ts @@ -2365,6 +2365,32 @@ describe('ec2 service', () => { }); }); + test('no deployment alarms in isolated partitions', () => { + const app = new cdk.App(); + const govCloudStack = new cdk.Stack(app, 'IsoStack', { + env: { region: 'us-isob-east-1' }, + }); + const vpc = new ec2.Vpc(govCloudStack, 'MyVpc', {}); + const gcCluster = new ecs.Cluster(govCloudStack, 'EcsCluster', { vpc }); + addDefaultCapacityProvider(gcCluster, govCloudStack, vpc); + const gcTaskDefinition = new ecs.Ec2TaskDefinition(govCloudStack, 'Ec2TaskDef'); + + gcTaskDefinition.addContainer('web', { + image: ecs.ContainerImage.fromRegistry('amazon/amazon-ecs-sample'), + memoryLimitMiB: 512, + }); + new ecs.Ec2Service(govCloudStack, 'Ec2Service', { + cluster: gcCluster, + taskDefinition: gcTaskDefinition, + }); + + Template.fromStack(govCloudStack).hasResourceProperties('AWS::ECS::Service', { + DeploymentConfiguration: { + Alarms: Match.absent(), + }, + }); + }); + /** * This section of tests test all combinations of the following possible * alarm names and metrics. Most combinations work just fine, some