Enable creation of strong names for .NET assemblies.

buildspec.yaml

@@ -4,6 +4,9 @@ phases:
   install:
     commands:
       - /bin/bash ./install.sh
+  pre_build:
+    commands:
+      - /bin/bash ./fetch-dotnet-snk.sh
   build:
     commands:
       - /bin/bash ./build.sh

fetch-dotnet-snk.sh

@@ -0,0 +1,29 @@
+#!/bin/bash
+set -euo pipefail
+
+# This script retrieves the .snk file needed
+# to create strong names for .NET assemblies.
+echo "Retrieving SNK..."
+
+sudo apt install jq -y
+
+ROLE=$(aws sts assume-role --region us-east-2 --role-arn ${DOTNET_STRONG_NAME_ROLE_ARN:-} --role-session-name "cdk-dotnet-snk")
+export AWS_ACCESS_KEY_ID=$(echo $ROLE | jq -r .Credentials.AccessKeyId)
+export AWS_SECRET_ACCESS_KEY=$(echo $ROLE | jq -r .Credentials.SecretAccessKey)
+export AWS_SESSION_TOKEN=$(echo $ROLE | jq .Credentials.SessionToken)
+
+SNK_SECRET=$(aws secretsmanager get-secret-value --region us-east-2 --secret-id ${DOTNET_STRONG_NAME_SECRET_ID:-})
+TMP_DIR=$(mktemp -d)
+TMP_KEY="$TMP_DIR/key.snk"
+echo $SNK_SECRET | jq -r .SecretBinary | base64 --decode > $TMP_KEY
+
+for PACKAGE_PATH in packages/@aws-cdk/*; do
+    JSII_PROPERTY=$(cat "$PACKAGE_PATH/package.json" | jq -r .jsii)
+    if [ -z $JSII_PROPERTY ]; then
+        continue
+    fi
+
+    cp $TMP_KEY $PACKAGE_PATH
+done
+
+rm -rf $TMP_DIR

packages/@aws-cdk/assets/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.Assets",
-        "packageId": "Amazon.CDK.Assets"
+        "packageId": "Amazon.CDK.Assets",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-apigateway/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.APIGateway",
-        "packageId": "Amazon.CDK.AWS.APIGateway"
+        "packageId": "Amazon.CDK.AWS.APIGateway",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-applicationautoscaling/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.ApplicationAutoScaling",
-        "packageId": "Amazon.CDK.AWS.ApplicationAutoScaling"
+        "packageId": "Amazon.CDK.AWS.ApplicationAutoScaling",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-appsync/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.AppSync",
-        "packageId": "Amazon.CDK.AWS.AppSync"
+        "packageId": "Amazon.CDK.AWS.AppSync",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-athena/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.Athena",
-        "packageId": "Amazon.CDK.AWS.Athena"
+        "packageId": "Amazon.CDK.AWS.Athena",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-autoscaling/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.AutoScaling",
-        "packageId": "Amazon.CDK.AWS.AutoScaling"
+        "packageId": "Amazon.CDK.AWS.AutoScaling",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-autoscalingplans/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.AutoScalingPlans",
-        "packageId": "Amazon.CDK.AWS.AutoScalingPlans"
+        "packageId": "Amazon.CDK.AWS.AutoScalingPlans",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-batch/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.Batch",
-        "packageId": "Amazon.CDK.AWS.Batch"
+        "packageId": "Amazon.CDK.AWS.Batch",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-budgets/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.Budgets",
-        "packageId": "Amazon.CDK.AWS.Budgets"
+        "packageId": "Amazon.CDK.AWS.Budgets",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-certificatemanager/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.CertificateManager",
-        "packageId": "Amazon.CDK.AWS.CertificateManager"
+        "packageId": "Amazon.CDK.AWS.CertificateManager",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-cloud9/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.Cloud9",
-        "packageId": "Amazon.CDK.AWS.Cloud9"
+        "packageId": "Amazon.CDK.AWS.Cloud9",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-cloudformation/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.CloudFormation",
-        "packageId": "Amazon.CDK.AWS.CloudFormation"
+        "packageId": "Amazon.CDK.AWS.CloudFormation",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-cloudfront/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.CloudFront",
-        "packageId": "Amazon.CDK.AWS.CloudFront"
+        "packageId": "Amazon.CDK.AWS.CloudFront",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-cloudtrail/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.CloudTrail",
-        "packageId": "Amazon.CDK.AWS.CloudTrail"
+        "packageId": "Amazon.CDK.AWS.CloudTrail",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-cloudwatch/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.CloudWatch",
-        "packageId": "Amazon.CDK.AWS.CloudWatch"
+        "packageId": "Amazon.CDK.AWS.CloudWatch",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-codebuild/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.CodeBuild",
-        "packageId": "Amazon.CDK.AWS.CodeBuild"
+        "packageId": "Amazon.CDK.AWS.CodeBuild",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-codecommit/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.CodeCommit",
-        "packageId": "Amazon.CDK.AWS.CodeCommit"
+        "packageId": "Amazon.CDK.AWS.CodeCommit",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-codedeploy/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.CodeDeploy",
-        "packageId": "Amazon.CDK.AWS.CodeDeploy"
+        "packageId": "Amazon.CDK.AWS.CodeDeploy",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-codepipeline-api/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.Codepipeline.Api",
-        "packageId": "Amazon.CDK.AWS.Codepipeline.Api"
+        "packageId": "Amazon.CDK.AWS.Codepipeline.Api",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-codepipeline/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.CodePipeline",
-        "packageId": "Amazon.CDK.AWS.CodePipeline"
+        "packageId": "Amazon.CDK.AWS.CodePipeline",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-cognito/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.Cognito",
-        "packageId": "Amazon.CDK.AWS.Cognito"
+        "packageId": "Amazon.CDK.AWS.Cognito",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-config/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.Config",
-        "packageId": "Amazon.CDK.AWS.Config"
+        "packageId": "Amazon.CDK.AWS.Config",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-datapipeline/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.DataPipeline",
-        "packageId": "Amazon.CDK.AWS.DataPipeline"
+        "packageId": "Amazon.CDK.AWS.DataPipeline",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-dax/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.DAX",
-        "packageId": "Amazon.CDK.AWS.DAX"
+        "packageId": "Amazon.CDK.AWS.DAX",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-directoryservice/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.DirectoryService",
-        "packageId": "Amazon.CDK.AWS.DirectoryService"
+        "packageId": "Amazon.CDK.AWS.DirectoryService",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-dms/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.DMS",
-        "packageId": "Amazon.CDK.AWS.DMS"
+        "packageId": "Amazon.CDK.AWS.DMS",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-dynamodb/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.DynamoDB",
-        "packageId": "Amazon.CDK.AWS.DynamoDB"
+        "packageId": "Amazon.CDK.AWS.DynamoDB",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-ec2/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.EC2",
-        "packageId": "Amazon.CDK.AWS.EC2"
+        "packageId": "Amazon.CDK.AWS.EC2",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-ecr/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.ECR",
-        "packageId": "Amazon.CDK.AWS.ECR"
+        "packageId": "Amazon.CDK.AWS.ECR",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-ecs/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.ECS",
-        "packageId": "Amazon.CDK.AWS.ECS"
+        "packageId": "Amazon.CDK.AWS.ECS",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-efs/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.EFS",
-        "packageId": "Amazon.CDK.AWS.EFS"
+        "packageId": "Amazon.CDK.AWS.EFS",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }

packages/@aws-cdk/aws-eks/package.json

@@ -16,7 +16,9 @@
       },
       "dotnet": {
         "namespace": "Amazon.CDK.AWS.EKS",
-        "packageId": "Amazon.CDK.AWS.EKS"
+        "packageId": "Amazon.CDK.AWS.EKS",
+        "signAssembly": true,
+        "assemblyOriginatorKeyFile": "../../key.snk"
       },
       "sphinx": {}
     }