feat: remove the lambda layers used for custom resources underneath l…

…ambda functions (#1731) This change removed the Lambda layers we used to add the pgp and openssl binaries to the lambda functions that are used to implement the OpenPGPKeyPair, RsaPrivateKeySecret, CodeSigningCertificate, and CertificateSigningRequest constructs. The change is to make these lambda functions to be of Image package type, so we can install the required binaries in the docker image, instead of maintaining the binaries in the github repo. I followed this section https://github.com/cdklabs/aws-delivlib/blob/main/CONTRIBUTING.md#testing for testing these changes, and mainly the part of running `yarn integ:update` ----- By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
cdklabs · Sep 19, 2024 · 9af9a71 · 9af9a71
1 parent aa53827
commit 9af9a71
Show file tree

Hide file tree

Showing 18 changed files with 573 additions and 451 deletions.
diff --git a/lib/__tests__/chime-notifier.test.ts b/lib/__tests__/chime-notifier.test.ts
@@ -1,4 +1,4 @@
-import * as https from 'https';
+import https from 'https';
 import {
   App, Lazy, Stack,
   aws_codepipeline as aws_codepipeline,
@@ -9,27 +9,23 @@ import { Construct } from 'constructs';
 import { ChimeNotifier } from '../../lib';
 import { codePipeline, handler } from '../../lib/chime-notifier/handler/notifier-handler';
 
-jest.mock('https', () => {
+const mockHttpsWrite = jest.fn();
+
+https.request = jest.fn().mockImplementation((_url, _options, cb) => {
   return {
-    request: jest.fn((_url, _options, cb) => {
-      return {
-        on: jest.fn(),
-        write: mockHttpsWrite,
-        end: () => cb({
-          statusCode: 200,
-          headers: {},
-          setEncoding: () => undefined,
-          on: (event: string, listener: () => void) => {
-            if (event === 'end') { listener(); }
-          },
-        }),
-      };
+    on: jest.fn(),
+    write: mockHttpsWrite,
+    end: () => cb({
+      statusCode: 200,
+      headers: {},
+      setEncoding: () => undefined,
+      on: (event: string, listener: () => void) => {
+        if (event === 'end') { listener(); }
+      },
     }),
   };
 });
 
-const mockHttpsWrite = jest.fn();
-
 test('call codepipeline and then post to webhooks', async () => {
   codePipeline.getPipelineExecution = jest.fn().mockReturnValue(
     Promise.resolve({

diff --git a/lib/__tests__/code-signing-cert.test.ts b/lib/__tests__/code-signing-cert.test.ts
@@ -42,7 +42,7 @@ test('secret name consists of stack name and relative construct path', () => {
   // THEN - specifically: does not include construct names above the containing stack
   // uses the actual stack name (and not the stack NODE name)
   template.hasResourceProperties('Custom::RsaPrivateKeySecret', {
-    SecretName: 'ActualStackName/Inbetween/Cert/RSAPrivateKey',
+    SecretName: 'ActualStackName/Inbetween/Cert/RSAPrivateKeyV2',
   });
 });
 
@@ -59,6 +59,6 @@ test('secret name can be overridden', () => {
   const template = Template.fromStack(stack);
 
   template.hasResourceProperties('Custom::RsaPrivateKeySecret', {
-    SecretName: 'Sekrit/RSAPrivateKey',
+    SecretName: 'Sekrit/RSAPrivateKeyV2',
   });
 });
diff --git a/lib/__tests__/custom-resource-handlers/certificate-signing-request.test.ts b/lib/__tests__/custom-resource-handlers/certificate-signing-request.test.ts
@@ -135,7 +135,7 @@ test('Create', async () => {
   };
 
   mockExec.mockImplementation(async (cmd: string, ...args: string[]) => {
-    expect(cmd).toBe('/opt/openssl');
+    expect(cmd).toBe('openssl');
     switch (args[0]) {
       case 'req':
         expect(args).toEqual(['req', '-config', require('path').join(mockTmpDir, 'csr.config'),
@@ -187,7 +187,7 @@ test('Update', async () => {
   };
 
   mockExec.mockImplementation(async (cmd: string, ...args: string[]) => {
-    expect(cmd).toBe('/opt/openssl');
+    expect(cmd).toBe('openssl');
     switch (args[0]) {
       case 'req':
         expect(args).toEqual(['req', '-config', require('path').join(mockTmpDir, 'csr.config'),

diff --git a/lib/__tests__/custom-resource-handlers/private-key.test.ts b/lib/__tests__/custom-resource-handlers/private-key.test.ts
@@ -27,7 +27,7 @@ const secretArn = 'arn::::::secret';
 
 cfn.sendResponse = jest.fn().mockName('cfn.sendResponse').mockResolvedValue(undefined);
 jest.mock('../../custom-resource-handlers/src/_exec', () => async (cmd: string, ...args: string[]) => {
-  expect(cmd).toBe('/opt/openssl');
+  expect(cmd).toBe('openssl');
   expect(args).toEqual(['genrsa', '-out', require('path').join(mockTmpDir, 'private_key.pem'), mockKeySize]);
   return '';
 });