Skip to content

Commit

Permalink
feat(cli): upgrade aws-sdk to sdkv3 (#31702)
Browse files Browse the repository at this point in the history
This PR updates the CDK CLI to use the AWS SDK V3 instead of V2.

### Manual Test Cases for Authorization
All tests were run verbosely so that I could manually check the
credentials being used from the CLI output.

- [x] No credentials setup and no default profile fails as expected
(established to ensure nothing was unintentionally setup)
- [x] Explicitly provided profile sourced from config file, tested with
both `--profile` and `AWS_PROFILE`
  - [x] `aws_access_key_id` and `aws_secret_access_key`
  - [x] `aws_access_key_id` and `aws_secret_access_key` and `region`
- [x] `source_profile` and `role_arn` that points to another profile
with `aws_access_key_id` and `aws_secret_access_key` in both config and
credentials
  - [x] `source_profile` and `role_arn` that points to Environment
- [x] `source_profile` that and `role_arn` that points to SSO profile in
both config and credentials
- [x] SSO both using all fields in `[profile]` and split between
`[sso-session]` and `[profile]`
  - [x] `credential_source` is Environment
  - [x] `credential_process`
- [x] Explicitly provided profile sourced from  credentials file
  - [x] `aws_access_key_id` and `aws_secret_access_key`
  - [x] `aws_access_key_id` and `aws_secret_access_key` and `region`
- [x] `source_profile` and `role_arn` that points to another profile
with `aws_access_key_id` and `aws_secret_access_key` in both config and
credentials
  - [x] `source_profile` and `role_arn` that points to Environment
- [x] `source_profile` that and `role_arn` that points to SSO profile in
both config and credentials
  - [x]  `credential_source` is Environment
  - [x] `credential_source` is EcsContainer (integ tests in CodeBuild)
  - [x] `credential_process`
- [x] Default profile (in both config file and credentials file)
- [x] `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` environment
variables set (cleared after test)
- [x] `AMAZON_ACCESS_KEY_ID` and `AMAZON_SECRET_ACCESS_KEY` environment
variables set (cleared after test)
  - [x] `aws_access_key_id` and `aws_secret_access_key`
  - [x] `aws_access_key_id` and `aws_secret_access_key` and `region`
- [x] `source_profile` and `role_arn` that points to a profile with
`aws_access_key_id` and `aws_secret_access_key`
- [x] `source_profile` and `role_arn` that points to Environment (this
will use `fromEnv` prior to getting to looking for `source_profile` in
the Ini file)
  - [x] SSO profile is setup as default
  - [x] `credential_process`

Closes #25870, #26292, #20956, #24744, #27265, 20896.

### Reason for this change

The AWS SDK V2 is now in maintenance mode.

----

*By submitting this pull request, I confirm that my contribution is made
under the terms of the Apache-2.0 license*

---------

Co-authored-by: Otavio Macedo <[email protected]>
Co-authored-by: Rico Huijbers <[email protected]>

(cherry picked from commit 5bc0662)
  • Loading branch information
TheRealAmazonKendra authored and otaviomacedo committed Nov 12, 2024
1 parent 7bb9203 commit df5080c
Show file tree
Hide file tree
Showing 525 changed files with 191,999 additions and 98,902 deletions.
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
The output of this test is changed by the sdk upgrade. The type and content of the error have changed from sdkv2 to sdkv3. We now receive more specific information about the error type.
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
# Skipping test due to the incompatibility in error output between sdkv2 and sdkv3
hotswap deployment for ecs service detects failed deployment and errors
Original file line number Diff line number Diff line change
Expand Up @@ -2160,11 +2160,12 @@ integTest(
const functionName = response.Stacks?.[0].Outputs?.[0].OutputValue;

// THEN

// The deployment should not trigger a full deployment, thus the stack's status must remains
// "CREATE_COMPLETE"
expect(response.Stacks?.[0].StackStatus).toEqual('CREATE_COMPLETE');
expect(deployOutput).toContain(`Lambda Function '${functionName}' hotswapped!`);
// The entire string fails locally due to formatting. Making this test less specific
expect(deployOutput).toMatch(/hotswapped!/);
expect(deployOutput).toContain(functionName);
}),
);

Expand Down Expand Up @@ -2205,7 +2206,9 @@ integTest(
// The deployment should not trigger a full deployment, thus the stack's status must remains
// "CREATE_COMPLETE"
expect(response.Stacks?.[0].StackStatus).toEqual('CREATE_COMPLETE');
expect(deployOutput).toContain(`Lambda Function '${functionName}' hotswapped!`);
// The entire string fails locally due to formatting. Making this test less specific
expect(deployOutput).toMatch(/hotswapped!/);
expect(deployOutput).toContain(functionName);
} finally {
// Ensure cleanup in reverse order due to use of import/export
await fixture.cdkDestroy('lambda-hotswap');
Expand Down Expand Up @@ -2244,7 +2247,9 @@ integTest(
// The deployment should not trigger a full deployment, thus the stack's status must remains
// "CREATE_COMPLETE"
expect(response.Stacks?.[0].StackStatus).toEqual('CREATE_COMPLETE');
expect(deployOutput).toContain(`ECS Service '${serviceName}' hotswapped!`);
// The entire string fails locally due to formatting. Making this test less specific
expect(deployOutput).toMatch(/hotswapped!/);
expect(deployOutput).toContain(serviceName);
}),
);

Expand All @@ -2257,7 +2262,7 @@ integTest(
});

// WHEN
await fixture.cdkDeploy('ecs-hotswap', {
const deployOutput = await fixture.cdkDeploy('ecs-hotswap', {
options: ['--hotswap'],
modEnv: {
DYNAMIC_ECS_PROPERTY_VALUE: 'new value',
Expand All @@ -2283,14 +2288,15 @@ integTest(
}),
);
expect(describeServicesResponse.services?.[0].deployments).toHaveLength(1); // only one deployment present
expect(deployOutput).toMatch(/hotswapped!/);
}),
);

integTest(
'hotswap deployment for ecs service detects failed deployment and errors',
withExtendedTimeoutFixture(async (fixture) => {
// GIVEN
await fixture.cdkDeploy('ecs-hotswap');
await fixture.cdkDeploy('ecs-hotswap', { verbose: true });

// WHEN
const deployOutput = await fixture.cdkDeploy('ecs-hotswap', {
Expand All @@ -2299,10 +2305,11 @@ integTest(
USE_INVALID_ECS_HOTSWAP_IMAGE: 'true',
},
allowErrExit: true,
verbose: true,
});

const expectedSubstring = 'Resource is not in the state deploymentCompleted';

// THEN
const expectedSubstring = 'Resource is not in the expected state due to waiter status: TIMEOUT';
expect(deployOutput).toContain(expectedSubstring);
expect(deployOutput).not.toContain('hotswapped!');
}),
Expand Down

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@
"S3Bucket": {
"Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
},
"S3Key": "79d996cbc4399f346983e7812dac92ec3a24a0f1ffb793b5b0acea8c43d33332.zip"
"S3Key": "090e0296140a1dcbecf4e3e94b65780102aefb7e81e4247b1f00a7cc9e8e98c5.zip"
},
"Handler": "index.handler",
"Role": {
Expand Down

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Large diffs are not rendered by default.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading

0 comments on commit df5080c

Please sign in to comment.