Skip to content

Commit 73419fa

Browse files
rix0rrrrix0rrr
committed
Merge remote-tracking branch 'origin/main' into merge-back/2.189.1
2 parents 824634e + 3eec60c commit 73419fa

File tree

1,015 files changed

+789702
-222604
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

1,015 files changed

+789702
-222604
lines changed

Diff for: .gitattributes

+3
Original file line numberDiff line numberDiff line change
@@ -17,3 +17,6 @@ packages/@aws-cdk-testing/framework-integ/test/aws-s3-deployment/test/integ.buck
1717
packages/@aws-cdk-testing/framework-integ/test/**/*.snapshot/**/asset*.zip filter=lfs diff=lfs merge=lfs -text
1818
packages/@aws-cdk/*-alpha/test/**/*.snapshot/**/asset*.zip filter=lfs diff=lfs merge=lfs -text
1919
packages/@aws-cdk/*-alpha/test/*.snapshot/asset.*/bootstrap filter=lfs diff=lfs merge=lfs -text
20+
packages/@aws-cdk-testing/framework-integ/test/aws-s3-deployment/test/integ.bucket-deployment-large-file/asset*/large* filter=lfs diff=lfs merge=lfs -text
21+
packages/@aws-cdk/*-alpha/test/*.snapshot/asset*.zip filter=lfs diff=lfs merge=lfs -text
22+
packages/@aws-cdk-testing/framework-integ/test/**/*.snapshot/asset*.zip filter=lfs diff=lfs merge=lfs -text

Diff for: .github/ISSUE_TEMPLATE/region.yml

+1
Original file line numberDiff line numberDiff line change
@@ -83,4 +83,5 @@ body:
8383
* [ ] Add region and ARN in [ADOT_LAMBDA_LAYER_PYTHON_SDK_ARNS](https://github.com/aws/aws-cdk/blob/v2.65.0/packages/@aws-cdk/region-info/build-tools/fact-tables.ts#L768) for most recent version in `x86_64` and `arm64`.
8484
* [ ] Add region and ARN in [ADOT_LAMBDA_LAYER_GENERIC_ARNS](https://github.com/aws/aws-cdk/blob/v2.65.0/packages/@aws-cdk/region-info/build-tools/fact-tables.ts#L847) for most recent version in `x86_64` and `arm64`.
8585
* [ ] Add region in [AWS_REGIONS_AND_RULES](https://github.com/aws/aws-cdk/blob/v2.65.0/packages/@aws-cdk/region-info/lib/aws-entities.ts).
86+
* [ ] Add partition info if the region is also a new partition in [PARTITION_MAP](https://github.com/aws/aws-cdk/blob/main/packages/aws-cdk-lib/region-info/build-tools/fact-tables.ts#L88)
8687
* [ ] Run integ tests and update snapshots

Diff for: .github/workflows/codecov.yml

+2
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,8 @@ jobs:
1313
runs-on: ubuntu-latest
1414
permissions:
1515
id-token: write
16+
contents: read
17+
pages: write
1618
steps:
1719
- name: Checkout
1820
uses: actions/checkout@v4

Diff for: .github/workflows/enum-auto-updater.yml

+36-3
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,8 @@
11
name: CDK Enums Auto Updater
22
on:
33
workflow_dispatch:
4+
schedule:
5+
- cron: '0 0 * * 1'
46

57
jobs:
68
update-l2-enums:
@@ -23,6 +25,40 @@ jobs:
2325
- name: Install dependencies
2426
run: cd tools/@aws-cdk/enum-updater && yarn install --frozen-lockfile && yarn build
2527

28+
- name: Update enum static mapping
29+
run: |
30+
cd tools/@aws-cdk/enum-updater
31+
./bin/update-static-enum-mapping
32+
33+
- name: Check for changes
34+
id: static-mapping-check
35+
run: |
36+
if [[ -n "$(git status --porcelain ./lib/static-enum-mapping.json)" ]]; then
37+
echo "changes=true" >> $GITHUB_OUTPUT
38+
else
39+
echo "changes=false" >> $GITHUB_OUTPUT
40+
fi
41+
42+
- name: Create PR for static mapping changes
43+
if: steps.static-mapping-check.outputs.changes == 'true'
44+
run: |
45+
git config --global user.name 'aws-cdk-automation'
46+
git config --global user.email '[email protected]'
47+
48+
# Create a new branch for the module
49+
branchName="enum-update/static-mapping-update"
50+
git checkout -b "$branchName"
51+
52+
git add . # Add all files changed
53+
git commit -m "chore: update enum static mapping"
54+
git push origin "$branchName"
55+
56+
gh pr create --title "chore: update enum static mapping" \
57+
--body "This PR updates the CDK enum mapping file." \
58+
--base main \
59+
--head "$branchName"
60+
--label "contribution/core,pr-linter/exempt-integ-test,pr-linter/exempt-readme,pr-linter/exempt-test"
61+
2662
- name: Identify Missing Values and Apply Code Changes
2763
run: |
2864
cd tools/@aws-cdk/enum-updater
@@ -40,9 +76,6 @@ jobs:
4076
- name: Commit & Push changes
4177
if: steps.git-check.outputs.changes == 'true'
4278
run: |
43-
git config --global user.name 'aws-cdk-automation'
44-
git config --global user.email '[email protected]'
45-
4679
# Iterate through each module directory that has changes
4780
for module in $(git diff --name-only | grep -E '^packages/(@aws-cdk|aws-cdk-lib)/.*' | sed -E 's|^packages/(@aws-cdk\|aws-cdk-lib)/([^/]+).*|\2|' | sort -u); do
4881
moduleName=$(basename $module)

Diff for: .github/workflows/security-guardian.yml

+67
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,67 @@
1+
name: Security Guardian
2+
on:
3+
pull_request: {}
4+
5+
jobs:
6+
run-security-guardian:
7+
runs-on: ubuntu-latest
8+
steps:
9+
- name: Checkout
10+
uses: actions/checkout@v4
11+
with:
12+
fetch-depth: 0 # Fetches full history
13+
14+
- name: Get list of changed .template.json files
15+
id: filter_files
16+
run: |
17+
echo "Getting changed CloudFormation templates..."
18+
mkdir -p changed_templates
19+
20+
git fetch origin main --depth=1
21+
22+
base_sha="${{ github.event.pull_request.base.sha }}"
23+
head_sha="${{ github.event.pull_request.head.sha }}"
24+
if [[ -z "$base_sha" ]]; then base_sha=$(git merge-base origin/main HEAD); fi
25+
if [[ -z "$head_sha" ]]; then head_sha=HEAD; fi
26+
27+
git diff --name-status "$base_sha" "$head_sha" \
28+
| grep -E '^(A|M)\s+.*\.template\.json$' \
29+
| awk '{print $2}' > changed_files.txt || true
30+
31+
while IFS= read -r file; do
32+
if [ -f "$file" ]; then
33+
safe_name=$(echo "$file" | sed 's|/|_|g')
34+
cp "$file" "changed_templates/$safe_name"
35+
else
36+
echo "::warning::Changed file not found in workspace: $file"
37+
fi
38+
done < changed_files.txt
39+
40+
if [ -s changed_files.txt ]; then
41+
echo "files_changed=true" >> $GITHUB_OUTPUT
42+
else
43+
echo "files_changed=false" >> $GITHUB_OUTPUT
44+
fi
45+
46+
- name: Install cfn-guard
47+
if: steps.filter_files.outputs.files_changed == 'true'
48+
run: |
49+
mkdir -p $HOME/.local/bin
50+
curl -L -o cfn-guard.tar.gz https://github.com/aws-cloudformation/cloudformation-guard/releases/latest/download/cfn-guard-v3-x86_64-ubuntu-latest.tar.gz
51+
tar -xzf cfn-guard.tar.gz
52+
mv cfn-guard-v3-*/cfn-guard $HOME/.local/bin/cfn-guard
53+
chmod +x $HOME/.local/bin/cfn-guard
54+
echo "$HOME/.local/bin" >> $GITHUB_PATH
55+
56+
- name: Install & Build security-guardian
57+
if: steps.filter_files.outputs.files_changed == 'true'
58+
run: yarn install --frozen-lockfile && cd tools/@aws-cdk/security-guardian && yarn build
59+
60+
- name: Run cfn-guard if templates changed
61+
if: steps.filter_files.outputs.files_changed == 'true'
62+
uses: ./tools/@aws-cdk/security-guardian
63+
with:
64+
data_directory: './changed_templates'
65+
rule_set_path: './tools/@aws-cdk/security-guardian/rules/trust_scope_rules.guard'
66+
show_summary: 'fail'
67+
output_format: 'single-line-summary'

Diff for: packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/aws-cdk-aws-apigatewayv2-http-stage.assets.json

+4-3
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

Diff for: packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/aws-cdk-aws-apigatewayv2-http-stage.template.json

+17
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,13 @@
11
{
22
"Resources": {
3+
"MyLogGroup5C0DAD85": {
4+
"Type": "AWS::Logs::LogGroup",
5+
"Properties": {
6+
"RetentionInDays": 731
7+
},
8+
"UpdateReplacePolicy": "Retain",
9+
"DeletionPolicy": "Retain"
10+
},
311
"HttpApiF5A9A8A7": {
412
"Type": "AWS::ApiGatewayV2::Api",
513
"Properties": {
@@ -10,6 +18,15 @@
1018
"HttpStageWithPropertiesC0AABA83": {
1119
"Type": "AWS::ApiGatewayV2::Stage",
1220
"Properties": {
21+
"AccessLogSettings": {
22+
"DestinationArn": {
23+
"Fn::GetAtt": [
24+
"MyLogGroup5C0DAD85",
25+
"Arn"
26+
]
27+
},
28+
"Format": "{\"extendedRequestId\":\"$context.extendedRequestId\",\"requestTime\":\"$context.requestTime\"}"
29+
},
1330
"ApiId": {
1431
"Ref": "HttpApiF5A9A8A7"
1532
},

Diff for: packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/awscdkawsapigatewayv2httpstagetestDefaultTestDeployAssert66182A52.assets.json

+20
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

Diff for: packages/@aws-cdk-testing/framework-integ/test/aws-ecs/test/integ.fargate-task-def.js.snapshot/FargateTaskDefinitionDefaultTestDeployAssertD76B1D35.template.json renamed to packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/awscdkawsapigatewayv2httpstagetestDefaultTestDeployAssert66182A52.template.json

File renamed without changes.

Diff for: packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/cdk.out

+1-1
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

Diff for: packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/integ.json

+5-7
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

Diff for: packages/@aws-cdk-testing/framework-integ/test/aws-apigatewayv2/test/http/integ.stage.js.snapshot/manifest.json

+64-3
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)