fix(eks): sporadic broken pipe when deploying helm charts #6522
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Retry three times if helm fails if a “broken pipe” error. Fixes #6381
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
* added additional stack to 'ls' test so it doesn't fail * combine physicalResourceId and physicalResourceIdPath to a union type * fix tests according to new api * added doc strings and rename argument * fix tests * fixing some tests * enhance 'fromResponsePath' docstring * fix references to physicalResourceId in README * fix integ expected template and rename fromResponsePath to fromResponse * Rephrase docstring for `fromResponse` Co-Authored-By: Elad Ben-Israel <benisrae@amazon.com> * Rephrase docstring for `of` Co-Authored-By: Elad Ben-Israel <benisrae@amazon.com> * fix README reference to fromResponsePath Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> Co-authored-by: Elad Ben-Israel <benisrae@amazon.com>
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Bumps [nock](https://github.com/nock/nock) from 12.0.1 to 12.0.2. - [Release notes](https://github.com/nock/nock/releases) - [Changelog](https://github.com/nock/nock/blob/master/CHANGELOG.md) - [Commits](nock/nock@v12.0.1...v12.0.2) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
… scaleOutCooldown (#6417) See https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-applicationautoscaling-scalingpolicy-targettrackingscalingpolicyconfiguration.html#cfn-applicationautoscaling-scalingpolicy-targettrackingscalingpolicyconfiguration-scaleincooldown Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
#6534) * fix(rds): setting timezone on DatabaseInstance causes internal failure Per documentation[1], 'Timezone' property is only supported on Microsoft SQL Server. Setting this property on a DatabaseInstance with a different database engine causes deployment to fail (1) with a validation error for a new instance of `AWS::RDS::DBInstance` and (2) internal failure when modifying an existing instance of `AWS::RDS::DBInstance`. [1]:https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-database-instance.html#cfn-rds-dbinstance-timezone fixes #6439 * PR feedback
* chore(pkglint): update language for experimental constructs. The current language states that the entire module is unstable and should not be used in production. This is not entirely correct. The updated language differentiates CFN resources from higher level APIs, and states the former can be used in production and are stable, while the latter APIs are not stable and subject to change. * add a sentence around intent * tweak the L1 line Co-Authored-By: Elad Ben-Israel <benisrae@amazon.com> * slight tweak * run pkglint -f and fixed up create-missing-libraries.ts * revert unintended monocdk changes Co-authored-by: Elad Ben-Israel <benisrae@amazon.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…6258) * feat(stepfunctions-tasks): add step functions task to run glue job * add new task RunGlueJobTask and associated unit tests * since Job construct does not yet exist, uses job name as required parameter closes #5266 * cleanup constructor properties, add integration test * remove job run ID from props, update default prop descriptions * add s3 assets package to module * fix linting errors * clean up documentation, add links to docs and glue task example * add verification step to integration step, ensure job succeeds * update expected integration test stack (asset names) * add integ test verification comment about glue cold start * cleaned up the note around cold start * specify glue job ARN in state machine role permissions * change state machine role permissions based on service integration pattern Co-authored-by: Niranjan Jayakar <16217941+nija-at@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…2.0 (#6544) Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 2.21.0 to 2.22.0. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v2.22.0/packages/eslint-plugin) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Bumps [aws-sdk](https://github.com/aws/aws-sdk-js) from 2.630.0 to 2.631.0. - [Release notes](https://github.com/aws/aws-sdk-js/releases) - [Changelog](https://github.com/aws/aws-sdk-js/blob/master/CHANGELOG.md) - [Commits](aws/aws-sdk-js@v2.630.0...v2.631.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
…call policies In an attempt to be more explicit about our usage of `*` permissions, we are inverting the flow. Instead of defaulting to auto-generated policy statements that use `*` permissions, we now force users to pass the `policy` property. To make life easier, we provide factory methods that help configure this. Note that the `*` is now explicitly set by the user, not by the library. Relates to #5873 BREAKING CHANGE: `policyStatements` property was removed in favor of a required `policy` property. Refer to [Execution Policy](https://github.com/aws/aws-cdk/tree/master/packages/%40aws-cdk/custom-resources#execution-policy-1) for more details. ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* <!-- Please read the contribution guidelines and follow the pull-request checklist: https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md -->
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
* docs(apigateway): incorrect docs for requestTemplate property closes #5997 * code fence * code fence Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
* chore(cfnspec): prepare cfnspec update for autobump `update-cfnspec.sh` is a single script that does the whole bump process from a fresh repo. `cfn.version` holds the current version of the CloudFormation version which changes with the bump process. This is required by delivlib's bump API here - https://github.com/awslabs/aws-delivlib/blob/0342978b78c5dd2c7bff2279d3b9a43c9e1f359c/lib/bump/bump.ts#L23-L27 * rename to bump * tweaked per PR feedback Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
* Pass securityPolicy from API Gateway DomainName to cfnDomainName * Update ApiGateway README with example securityPolicy * DomainName: Add documentation for SecurityPolicy TSL versions, add test for absent securityPolicy * fix tsdoc @default Co-authored-by: Void-Concept <49216983+Void-Concept@users.noreply.github.com> Co-authored-by: Niranjan Jayakar <16217941+nija-at@users.noreply.github.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
* feat(amplify): add L2 constructs Add L2 constructs for AWS Amplify Console: App, Branch and Domain. Apps and branches can be password protected with a Secrets Manager generated password. * README and JSDoc * delete empty test file * import style
Bumps [aws-sdk](https://github.com/aws/aws-sdk-js) from 2.631.0 to 2.632.0. - [Release notes](https://github.com/aws/aws-sdk-js/releases) - [Changelog](https://github.com/aws/aws-sdk-js/blob/master/CHANGELOG.md) - [Commits](aws/aws-sdk-js@v2.631.0...v2.632.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* feat(aws-cdk): pass cloudformation parameters to "cdk deploy" This commit closes #1237 I have added the command line option --parameters, -P which allows for adding CloudFormation parameters at deploy time. The functionality for deploying with parameters was already present, but I have just added a way for the command line to pass it to the deployment code. The motivation for adding this functionality has been that we have a setup where we share an account with access to CloudFormation, which is why we do not want to have some fields in plain text, while they do not have access to other services, which did not support secrets within the fields we want to keep secret. This allows us to have parameters that can be kept secret from the templates, while also having parameters with NoEcho. I have verified this functionality by both deploying a cdk project with a CfnParameter from @aws-cdk/core, and an original CloudFormation template with parameters. * feat(cli): pass cloudformation parameter to "cdk deploy" This changes the syntax of the --parameter parameter, so that it is now possible to specify which stack a parameter is meant for, i.e. of you want a parameter to apply to `MyStack`, then you would pass it as --parameters MyStack:key=value While still being able to pass parameters to all stacks by omitting the stack name, i.e. --paramters key=value This is being added to support wild card deployments, and deployments with multiple stacks that do not neccessary contain the same parameters. I have verified these changes by deploying a multistack cdk project, where the stacks contains different parameters, and some shared parameters. * feat(cli): pass cloudformation parameters to "cdk deploy" I have added some integration tests of both wildcard and single deployments with parameters. While also fixing a bug found while testing. * feat(cli): pass cloudformation parameters to "cdk deploy" Adding integration test for nested stacks. Adding section in README. * feat(cli): pass cloudformation parameters to "cdk deploy" Adding an example of using parameters to the README.md * update README * more README cleanup Co-authored-by: Elad Ben-Israel <benisrae@amazon.com> Co-authored-by: Shiv Lakshminarayan <shivlaks@amazon.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…esMatching` (#6553) In the spirit of being "Explicit and Clear*, renaming `catchErrorPattern` to `ignoreErrorCodesMatching` since it better describes the meaning of this property. In addition, the following validations were added: - `ignoreErrorCodesMatching` cannot be used with `PhysicalResourceId.fromResponse` since the response might not exist. - `ignoreErrorCodesMatching` cannot be used with `getData` or `getDataString` since the resource might not have any attributes due to the error catching. Relates to #5873 BREAKING CHANGE: `catchErrorPattern` was renamed to `ignoreErrorCodesMatching`. In addition, a few synth time validations were added when using this property. See [Error Handling](https://github.com/aws/aws-cdk/tree/master/packages/%40aws-cdk/custom-resources#error-handling-1) for details.
Bumps [uuid](https://github.com/uuidjs/uuid) from 7.0.1 to 7.0.2. - [Release notes](https://github.com/uuidjs/uuid/releases) - [Changelog](https://github.com/uuidjs/uuid/blob/master/CHANGELOG.md) - [Commits](uuidjs/uuid@v7.0.1...v7.0.2) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Renaming for some more clarity. Relates to #5873 BREAKING CHANGE: `getDataString` was renamed to `getResponseField` and `getData` was renamed to `getResponseFieldReference`
Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Bumps [yaml](https://github.com/eemeli/yaml) from 1.7.2 to 1.8.0. - [Release notes](https://github.com/eemeli/yaml/releases) - [Commits](eemeli/yaml@v1.7.2...v1.8.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
BREAKING CHANGE: the `allocationStrategy` property was moved from `ComputeEnvironmentProps` to the `ComputeResources` interface, which is where it semantically belongs.
…ts--> fix(apigateway): update documentation for `retainDeployments` (#6625)
Bumps [yargs](https://github.com/yargs/yargs) from 15.2.0 to 15.3.0. - [Release notes](https://github.com/yargs/yargs/releases) - [Changelog](https://github.com/yargs/yargs/blob/master/CHANGELOG.md) - [Commits](yargs/yargs@v15.2.0...v15.3.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Fixes: #6615 BREAKING CHANGE: `computeEnvironments` is now required
…6552) * chore: clean up aws-stepfunctions linter exclusions * addressing PR feedback Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
…6633) All properties of `MethodOptions` are optional.
…iting outputArtifacts (#6594) To allow cross account actions in codepipeline we create a role in the other account which is assumable by codepipeline. Since the artifacts are stored in an encrypted S3 bucket in the code pipeline account, the role in the other account must have permission to access the bucket and KMS key in the codepipeline account. To give the role permissions to access the bucket and key two type of policies are required: 1. The policy defined on the bucket and key must give the other account permissions to perform all required actions. 2. The role policy must allow all required actions Policy **1** is defined by the codepipeline construct. The role in the other account is created via the (new) bootstrap command and is defined as `DeploymentActionRole` in the `bootstrap-template.json` file. To satisfy **2**, the policy attached to the role must allow the required S3 and KMS actions. The policy attached to the role was missing the required KMS actions to allow writing the output artifacts to the S3 bucket. This commits adds `kms:Encrypt`, `kms:ReEncrypt `, `kms:GenerateDataKey ` to the `DeploymentActionRole` attached policy
* Adding support for an array of path patterns for application listener rule config. Closes #6497 * Introduce `pathPatterns` prop for listener rule * Introduce `pathPatterns` prop for listener rule * Deperecate `pathPattern`. Co-authored-by: Derk Schooltink <derk.schooltink@sqills.com> Co-authored-by: Rico Huijbers <huijbers@amazon.com> Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
* chore(ecs): escape regexp special characters * chore(ecs): fix error message addPortMapping is a nonexistent method Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
In order to make it possible to use the `DynamoEventSource` feature from `@aws-cdk/aws-lambda-event-sources` with imported tables (`ITable`s obtained from `Table.fromTableAttributes`), the `tableStreamArn` property must be visible on the `ITable` interface, and accepted as part of the `TableAttributes` struct. The necessary `grant` methods that target the table stream were also modified so that they can be used on any `ITable` that was built with a `tableStreamArn`. As a bonus, added documentation text for a couple of previously undocumented enum constants. Fixes #6344
Bumps [aws-sdk](https://github.com/aws/aws-sdk-js) from 2.634.0 to 2.635.0. - [Release notes](https://github.com/aws/aws-sdk-js/releases) - [Changelog](https://github.com/aws/aws-sdk-js/blob/master/CHANGELOG.md) - [Commits](aws/aws-sdk-js@v2.634.0...v2.635.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
chore(eks): consolidate integ tests (#6636) Since creating a VPC and an EKS cluster takes about ~30 minutes and integration tests had to be executed for any change in one of the resource providers' code, the EKS integration tests became a major barrier for contributions and evolution of the EKS module. Pragmatically, this change consolidates all "kubectl-enabled" tests into a single integration test which exercises all the relevant features. This is not perfect, but at least will allow us to evolve.
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
rix0rrr
approved these changes
Mar 10, 2020
|
Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Commit Message
fix(eks): sporadic broken pipe when deploying helm charts (#6522)
Retry three times if helm fails if a “broken pipe” error.
Fixes #6381
End of Commit Message
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license