Skip to content

Commit

Permalink
Merge branch 'main' into awsgh-26026
Browse files Browse the repository at this point in the history
  • Loading branch information
lpizzinidev committed Jun 29, 2023
2 parents 75db8ae + 1ccfc78 commit 89d1ba4
Show file tree
Hide file tree
Showing 62 changed files with 675 additions and 324 deletions.
14 changes: 14 additions & 0 deletions CHANGELOG.v2.alpha.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,20 @@

All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.

## [2.86.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.85.0-alpha.0...v2.86.0-alpha.0) (2023-06-29)


### Features

* **app-staging-synthesizer:** select different bootstrap region ([#26129](https://github.com/aws/aws-cdk/issues/26129)) ([2fec6a4](https://github.com/aws/aws-cdk/commit/2fec6a4cd09bd08b7183f1e67d5d7eb487e4ac29))
* **integ-runner:** integ-runner --watch ([#26087](https://github.com/aws/aws-cdk/issues/26087)) ([1fe2f09](https://github.com/aws/aws-cdk/commit/1fe2f095a0bc0aafb6b2dbd0cdaae79cc2e59ddd))
* **integ-tests:** new HttpApiCall method to easily make http calls ([#26102](https://github.com/aws/aws-cdk/issues/26102)) ([00b9c84](https://github.com/aws/aws-cdk/commit/00b9c84ecf17c05a4c794ba7b5bdc9d83b2fba16))


### Bug Fixes

* **batch-alpha:** cannot import FargateComputeEnvironment with fromFargateComputeEnvironmentArn ([#25985](https://github.com/aws/aws-cdk/issues/25985)) ([05810f4](https://github.com/aws/aws-cdk/commit/05810f44f3fa008c07c6fe39bacd2a00c52b32a0)), closes [40aws-cdk/aws-batch-alpha/lib/managed-compute-environment.ts#L1071](https://github.com/40aws-cdk/aws-batch-alpha/lib/managed-compute-environment.ts/issues/L1071) [40aws-cdk/aws-batch-alpha/lib/managed-compute-environment.ts#L1077-L1079](https://github.com/40aws-cdk/aws-batch-alpha/lib/managed-compute-environment.ts/issues/L1077-L1079) [#25979](https://github.com/aws/aws-cdk/issues/25979)

## [2.85.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.84.0-alpha.0...v2.85.0-alpha.0) (2023-06-21)


Expand Down
18 changes: 18 additions & 0 deletions CHANGELOG.v2.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,24 @@

All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.

## [2.86.0](https://github.com/aws/aws-cdk/compare/v2.85.0...v2.86.0) (2023-06-29)


### Features

* **cfnspec:** cloudformation spec v128.1.0 ([#26096](https://github.com/aws/aws-cdk/issues/26096)) ([d71c040](https://github.com/aws/aws-cdk/commit/d71c0407e7091a240dbecfdc910dc632ed1b7bff))


### Bug Fixes

* **cdk-lib:** Pass lookupRoleArn to NestedStackSynthesizer ([#26116](https://github.com/aws/aws-cdk/issues/26116)) ([3c29223](https://github.com/aws/aws-cdk/commit/3c29223b178840368088b56aba2db9d2365bceed))
* **core:** network option is not being propagated to Docker ([#26014](https://github.com/aws/aws-cdk/issues/26014)) ([341de48](https://github.com/aws/aws-cdk/commit/341de48e3637953514a009715dfdeeb061aad929))
* **core:** prevent the error when the condition is split into groups of 10 and 1 in `Fn.conditionAnd()` ([#25999](https://github.com/aws/aws-cdk/issues/25999)) ([ee3d41e](https://github.com/aws/aws-cdk/commit/ee3d41e674bc6b02cabd986de92075350017209b)), closes [/github.com/aws/aws-cdk/issues/25696#issuecomment-1561064092](https://github.com/aws//github.com/aws/aws-cdk/issues/25696/issues/issuecomment-1561064092)
* **ecs:** potential race condition on TaskRole default policy update with CfnService ([#26070](https://github.com/aws/aws-cdk/issues/26070)) ([2d9078c](https://github.com/aws/aws-cdk/commit/2d9078c6afc77c0ef026d74168730bff2a167a60)), closes [#24880](https://github.com/aws/aws-cdk/issues/24880)
* **ecs:** validation for task definition fails when task-level memory is defined but container-level memory and memoryReservation are not defined with EC2 compatibility ([#26027](https://github.com/aws/aws-cdk/issues/26027)) ([0e251e6](https://github.com/aws/aws-cdk/commit/0e251e68bad90b2dd7cb3ef48dfe025695e4ab64)), closes [#25275](https://github.com/aws/aws-cdk/issues/25275)
* **elbv2:** correct wrong timeout validation ([#26031](https://github.com/aws/aws-cdk/issues/26031)) ([636841c](https://github.com/aws/aws-cdk/commit/636841c380ccc3a6da372117cf0317f351a75cff)), closes [#26023](https://github.com/aws/aws-cdk/issues/26023)
* **stepfunctions:** nested arrays are not serialized correctly ([#26055](https://github.com/aws/aws-cdk/issues/26055)) ([f9d4573](https://github.com/aws/aws-cdk/commit/f9d45738d7b1ad0c9ad9877fe961fe063f544224)), closes [#26045](https://github.com/aws/aws-cdk/issues/26045)

## [2.85.0](https://github.com/aws/aws-cdk/compare/v2.84.0...v2.85.0) (2023-06-21)


Expand Down
Original file line number Diff line number Diff line change
@@ -1 +1 @@
{"version":"31.0.0"}
{"version":"32.0.0"}
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{
"version": "31.0.0",
"version": "32.0.0",
"files": {
"21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": {
"source": {
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{
"version": "31.0.0",
"version": "32.0.0",
"files": {
"488d9cf540c6790fc09af871e06438e043f47d03101ef192131f1dafbbb434cb": {
"source": {
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{
"version": "31.0.0",
"version": "32.0.0",
"testCases": {
"instance-test/DefaultTest": {
"stacks": [
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{
"version": "31.0.0",
"version": "32.0.0",
"artifacts": {
"integ-ec2-instance.assets": {
"type": "cdk:asset-manifest",
Expand Down Expand Up @@ -126,7 +126,10 @@
"/integ-ec2-instance/Instance/Resource": [
{
"type": "aws:cdk:logicalId",
"data": "InstanceC1063A87"
"data": "InstanceC1063A87",
"trace": [
"!!DESTRUCTIVE_CHANGES: WILL_REPLACE"
]
}
],
"/integ-ec2-instance/SsmParameterValue:--aws--service--ami-amazon-linux-latest--amzn2-ami-hvm-x86_64-gp2:C96584B6-F00A-464E-AD19-53AFF4B05118.Parameter": [
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -587,7 +587,7 @@
"path": "instance-test/DefaultTest/Default",
"constructInfo": {
"fqn": "constructs.Construct",
"version": "10.2.9"
"version": "10.2.26"
}
},
"DeployAssert": {
Expand Down Expand Up @@ -633,7 +633,7 @@
"path": "Tree",
"constructInfo": {
"fqn": "constructs.Construct",
"version": "10.2.9"
"version": "10.2.26"
}
}
},
Expand Down
23 changes: 23 additions & 0 deletions packages/@aws-cdk/aws-batch-alpha/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -495,6 +495,29 @@ jobDefn.container.addVolume(batch.EcsVolume.efs({
}));
```

### Secrets

You can expose SecretsManager Secret ARNs to your container as environment variables.
The following example defines the `MY_SECRET_ENV_VAR` environment variable that contains the
ARN of the Secret defined by `mySecret`:

```ts
import * as cdk from 'aws-cdk-lib';

declare const mySecret: secretsmanager.ISecret;

const jobDefn = new batch.EcsJobDefinition(this, 'JobDefn', {
container: new batch.EcsEc2ContainerDefinition(this, 'containerDefn', {
image: ecs.ContainerImage.fromRegistry('public.ecr.aws/amazonlinux/amazonlinux:latest'),
memory: cdk.Size.mebibytes(2048),
cpu: 256,
secrets: {
MY_SECRET_ENV_VAR: mySecret,
}
}),
});
```

### Running Kubernetes Workflows

Batch also supports running workflows on EKS. The following example creates a `JobDefinition` that runs on EKS:
Expand Down
18 changes: 10 additions & 8 deletions packages/@aws-cdk/aws-batch-alpha/lib/ecs-container-definition.ts
Original file line number Diff line number Diff line change
Expand Up @@ -342,13 +342,14 @@ export interface IEcsContainerDefinition extends IConstruct {
readonly readonlyRootFilesystem?: boolean;

/**
* The secrets for the container. Can be referenced in your job definition.
* A map from environment variable names to the secrets for the container. Allows your job definitions
* to reference the secret by the environment variable name defined in this property.
*
* @see https://docs.aws.amazon.com/batch/latest/userguide/specifying-sensitive-data.html
*
* @default - no secrets
*/
readonly secrets?: secretsmanager.ISecret[];
readonly secrets?: { [envVarName: string]: secretsmanager.ISecret };

/**
* The user name to use inside the container
Expand Down Expand Up @@ -458,13 +459,14 @@ export interface EcsContainerDefinitionProps {
readonly readonlyRootFilesystem?: boolean;

/**
* The secrets for the container. Can be referenced in your job definition.
* A map from environment variable names to the secrets for the container. Allows your job definitions
* to reference the secret by the environment variable name defined in this property.
*
* @see https://docs.aws.amazon.com/batch/latest/userguide/specifying-sensitive-data.html
*
* @default - no secrets
*/
readonly secrets?: secretsmanager.ISecret[];
readonly secrets?: { [envVarName: string]: secretsmanager.ISecret };

/**
* The user name to use inside the container
Expand Down Expand Up @@ -495,7 +497,7 @@ abstract class EcsContainerDefinitionBase extends Construct implements IEcsConta
public readonly linuxParameters?: LinuxParameters;
public readonly logDriverConfig?: ecs.LogDriverConfig;
public readonly readonlyRootFilesystem?: boolean;
public readonly secrets?: secretsmanager.ISecret[];
public readonly secrets?: { [envVarName: string]: secretsmanager.ISecret };
public readonly user?: string;
public readonly volumes: EcsVolume[];

Expand Down Expand Up @@ -553,12 +555,12 @@ abstract class EcsContainerDefinitionBase extends Construct implements IEcsConta
logConfiguration: this.logDriverConfig,
readonlyRootFilesystem: this.readonlyRootFilesystem,
resourceRequirements: this._renderResourceRequirements(),
secrets: this.secrets?.map((secret) => {
secrets: this.secrets ? Object.entries(this.secrets).map(([name, secret]) => {
return {
name: secret.secretName,
name,
valueFrom: secret.secretArn,
};
}),
}) : undefined,
mountPoints: Lazy.any({
produce: () => {
if (this.volumes.length === 0) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -647,9 +647,9 @@ export interface EksVolumeOptions {
readonly name: string;

/**
* The path on the container where the container is mounted.
* The path on the container where the volume is mounted.
*
* @default - the container is not mounted
* @default - the volume is not mounted
*/
readonly mountPath?: string;

Expand Down Expand Up @@ -902,7 +902,7 @@ export class SecretPathVolume extends EksVolume {
constructor(options: SecretPathVolumeOptions) {
super(options);
this.secretName = options.secretName;
this.optional = options.optional;
this.optional = options.optional ?? true;
}
}

Expand Down
3 changes: 1 addition & 2 deletions packages/@aws-cdk/aws-batch-alpha/lib/eks-job-definition.ts
Original file line number Diff line number Diff line change
Expand Up @@ -192,14 +192,13 @@ export class EksJobDefinition extends JobDefinitionBase implements IEksJobDefini
};
}
if (SecretPathVolume.isSecretPathVolume(volume)) {
/*return {
return {
name: volume.name,
secret: {
optional: volume.optional,
secretName: volume.secretName,
},
};
*/
}

throw new Error('unknown volume type');
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -255,9 +255,9 @@ describe.each([EcsEc2ContainerDefinition, EcsFargateContainerDefinition])('%p',
new EcsJobDefinition(stack, 'ECSJobDefn', {
container: new ContainerDefinition(stack, 'EcsContainer', {
...defaultContainerProps,
secrets: [
new Secret(stack, 'testSecret'),
],
secrets: {
envName: new Secret(stack, 'testSecret'),
},
}),
});

Expand All @@ -268,59 +268,7 @@ describe.each([EcsEc2ContainerDefinition, EcsFargateContainerDefinition])('%p',
...pascalCaseExpectedProps.ContainerProperties,
Secrets: [
{
Name: {
'Fn::Join': [
'-',
[
{
'Fn::Select': [
0,
{
'Fn::Split': [
'-',
{
'Fn::Select': [
6,
{
'Fn::Split': [
':',
{
Ref: 'testSecretB96AD12C',
},
],
},
],
},
],
},
],
},
{
'Fn::Select': [
1,
{
'Fn::Split': [
'-',
{
'Fn::Select': [
6,
{
'Fn::Split': [
':',
{
Ref: 'testSecretB96AD12C',
},
],
},
],
},
],
},
],
},
],
],
},
Name: 'envName',
ValueFrom: { Ref: 'testSecretB96AD12C' },
},
],
Expand Down
Loading

0 comments on commit 89d1ba4

Please sign in to comment.