diff --git a/.github/workflows/lambda-runner-binaries-syncer.yml b/.github/workflows/lambda-runner-binaries-syncer.yml
index 9e3120d658..76fc7c4624 100644
--- a/.github/workflows/lambda-runner-binaries-syncer.yml
+++ b/.github/workflows/lambda-runner-binaries-syncer.yml
@@ -17,7 +17,7 @@ jobs:
working-directory: modules/runner-binaries-syncer/lambdas/runner-binaries-syncer
steps:
- - uses: actions/checkout@v2
+ - uses: actions/checkout@v3
- name: Install dependencies
run: yarn install
- name: Run prettier
diff --git a/.github/workflows/lambda-runners.yml b/.github/workflows/lambda-runners.yml
index fe33c1a406..ddd5b37e75 100644
--- a/.github/workflows/lambda-runners.yml
+++ b/.github/workflows/lambda-runners.yml
@@ -17,7 +17,7 @@ jobs:
working-directory: modules/runners/lambdas/runners
steps:
- - uses: actions/checkout@v2
+ - uses: actions/checkout@v3
- name: Install dependencies
run: yarn install
- name: Run prettier
diff --git a/.github/workflows/lambda-webhook.yml b/.github/workflows/lambda-webhook.yml
index 7f99155dd7..343a406d2c 100644
--- a/.github/workflows/lambda-webhook.yml
+++ b/.github/workflows/lambda-webhook.yml
@@ -17,7 +17,7 @@ jobs:
working-directory: modules/webhook/lambdas/webhook
steps:
- - uses: actions/checkout@v2
+ - uses: actions/checkout@v3
- name: Install dependencies
run: yarn install
- name: Run prettier
diff --git a/.github/workflows/packer-build.yml b/.github/workflows/packer-build.yml
index 91787351a0..b810ea3908 100644
--- a/.github/workflows/packer-build.yml
+++ b/.github/workflows/packer-build.yml
@@ -27,7 +27,7 @@ jobs:
working-directory: images/${{ matrix.image }}
steps:
- name: "Checkout"
- uses: actions/checkout@v2
+ uses: actions/checkout@v3
- name: packer init
run: packer init .
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 9b613b941a..440da35854 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -21,7 +21,7 @@ jobs:
env:
LAMBDA: ${{ matrix.lambda }}
run: echo ::set-output name=name::${LAMBDA##*/}
- - uses: actions/checkout@v2
+ - uses: actions/checkout@v3
- name: Add zip
run: apt update && apt install zip
- name: Build dist
@@ -39,7 +39,7 @@ jobs:
needs:
prepare
steps:
- - uses: actions/checkout@v2
+ - uses: actions/checkout@v3
with:
fetch-depth: 0
persist-credentials: false
diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml
index ffbe29bea8..30d5b632ae 100644
--- a/.github/workflows/terraform.yml
+++ b/.github/workflows/terraform.yml
@@ -21,7 +21,7 @@ jobs:
image: hashicorp/terraform:${{ matrix.terraform }}
steps:
- name: "Checkout"
- uses: actions/checkout@v2
+ uses: actions/checkout@v3
- name: "Fake zip files" # Validate will fail if it cannot find the zip files
run: |
touch modules/webhook/lambdas/webhook/webhook.zip
@@ -53,7 +53,7 @@ jobs:
container:
image: hashicorp/terraform:${{ matrix.terraform }}
steps:
- - uses: actions/checkout@v2
+ - uses: actions/checkout@v3
- name: terraform init
run: terraform init -get -backend=false -input=false
- if: contains(matrix.terraform, '1.1.')
diff --git a/README.md b/README.md
index 9d59e2989c..5f7e33beeb 100644
--- a/README.md
+++ b/README.md
@@ -387,7 +387,10 @@ In case the setup does not work as intended follow the trace of events:
| [aws_resourcegroups_group.resourcegroups_group](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/resourcegroups_group) | resource |
| [aws_sqs_queue.queued_builds](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue) | resource |
| [aws_sqs_queue.queued_builds_dlq](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue) | resource |
+| [aws_sqs_queue_policy.build_queue_dlq_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue_policy) | resource |
+| [aws_sqs_queue_policy.build_queue_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue_policy) | resource |
| [random_string.random](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/string) | resource |
+| [aws_iam_policy_document.deny_unsecure_transport](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
## Inputs
@@ -395,6 +398,7 @@ In case the setup does not work as intended follow the trace of events:
|------|-------------|------|---------|:--------:|
| [ami\_filter](#input\_ami\_filter) | List of maps used to create the AMI filter for the action runner AMI. By default amazon linux 2 is used. | `map(list(string))` | `null` | no |
| [ami\_owners](#input\_ami\_owners) | The list of owners used to select the AMI of action runner instances. | `list(string)` | [
"amazon"
]
| no |
+| [aws\_partition](#input\_aws\_partition) | (optiona) partition in the arn namespace to use if not 'aws' | `string` | `"aws"` | no |
| [aws\_region](#input\_aws\_region) | AWS region. | `string` | n/a | yes |
| [block\_device\_mappings](#input\_block\_device\_mappings) | The EC2 instance block device configuration. Takes the following keys: `device_name`, `delete_on_termination`, `volume_type`, `volume_size`, `encrypted`, `iops` | `map(string)` | `{}` | no |
| [cloudwatch\_config](#input\_cloudwatch\_config) | (optional) Replaces the module default cloudwatch log config. See https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Agent-Configuration-File-Details.html for details. | `string` | `null` | no |
@@ -428,6 +432,7 @@ In case the setup does not work as intended follow the trace of events:
| [lambda\_subnet\_ids](#input\_lambda\_subnet\_ids) | List of subnets in which the action runners will be launched, the subnets needs to be subnets in the `vpc_id`. | `list(string)` | `[]` | no |
| [log\_level](#input\_log\_level) | Logging level for lambda logging. Valid values are 'silly', 'trace', 'debug', 'info', 'warn', 'error', 'fatal'. | `string` | `"info"` | no |
| [log\_type](#input\_log\_type) | Logging format for lambda logging. Valid values are 'json', 'pretty', 'hidden'. | `string` | `"pretty"` | no |
+| [logging\_kms\_key\_id](#input\_logging\_kms\_key\_id) | Specifies the kms key id to encrypt the logs with | `string` | `null` | no |
| [logging\_retention\_in\_days](#input\_logging\_retention\_in\_days) | Specifies the number of days you want to retain log events for the lambda log group. Possible values are: 0, 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. | `number` | `180` | no |
| [market\_options](#input\_market\_options) | DEPCRECATED: Replaced by `instance_target_capacity_type`. | `string` | `null` | no |
| [minimum\_running\_time\_in\_minutes](#input\_minimum\_running\_time\_in\_minutes) | The time an ec2 action runner should be running at minimum before terminated if not busy. | `number` | `null` | no |
diff --git a/images/linux-amzn2/github_agent.linux.pkr.hcl b/images/linux-amzn2/github_agent.linux.pkr.hcl
index d039229212..2c7a92f04d 100644
--- a/images/linux-amzn2/github_agent.linux.pkr.hcl
+++ b/images/linux-amzn2/github_agent.linux.pkr.hcl
@@ -31,6 +31,12 @@ variable "subnet_id" {
default = null
}
+variable "associate_public_ip_address" {
+ description = "If using a non-default VPC, there is no public IP address assigned to the EC2 instance. If you specified a public subnet, you probably want to set this to true. Otherwise the EC2 instance won't have access to the internet"
+ type = string
+ default = null
+}
+
variable "instance_type" {
description = "The instance type Packer will use for the builder"
type = string
@@ -66,15 +72,22 @@ variable "snapshot_tags" {
default = {}
}
+variable "custom_shell_commands" {
+ description = "Additional commands to run on the EC2 instance, to customize the instance, like installing packages"
+ type = list(string)
+ default = []
+}
+
source "amazon-ebs" "githubrunner" {
- ami_name = "github-runner-amzn2-x86_64-${formatdate("YYYYMMDDhhmm", timestamp())}"
- instance_type = var.instance_type
- region = var.region
- security_group_id = var.security_group_id
- subnet_id = var.subnet_id
+ ami_name = "github-runner-amzn2-x86_64-${formatdate("YYYYMMDDhhmm", timestamp())}"
+ instance_type = var.instance_type
+ region = var.region
+ security_group_id = var.security_group_id
+ subnet_id = var.subnet_id
+ associate_public_ip_address = var.associate_public_ip_address
source_ami_filter {
filters = {
- name = "amzn2-ami-hvm-2.*-x86_64-ebs"
+ name = "amzn2-ami-kernel-5.*-hvm-*-x86_64-gp2"
root-device-type = "ebs"
virtualization-type = "hvm"
}
@@ -111,7 +124,7 @@ build {
]
provisioner "shell" {
environment_vars = []
- inline = [
+ inline = concat([
"sudo yum update -y",
"sudo yum install -y amazon-cloudwatch-agent curl jq git",
"sudo amazon-linux-extras install docker",
@@ -119,7 +132,7 @@ build {
"sudo systemctl enable containerd.service",
"sudo service docker start",
"sudo usermod -a -G docker ec2-user",
- ]
+ ], var.custom_shell_commands)
}
provisioner "file" {
diff --git a/images/ubuntu-focal/github_agent.ubuntu.pkr.hcl b/images/ubuntu-focal/github_agent.ubuntu.pkr.hcl
index 9c4f0b44d1..fccfeba2d7 100644
--- a/images/ubuntu-focal/github_agent.ubuntu.pkr.hcl
+++ b/images/ubuntu-focal/github_agent.ubuntu.pkr.hcl
@@ -31,6 +31,12 @@ variable "subnet_id" {
default = null
}
+variable "associate_public_ip_address" {
+ description = "If using a non-default VPC, there is no public IP address assigned to the EC2 instance. If you specified a public subnet, you probably want to set this to true. Otherwise the EC2 instance won't have access to the internet"
+ type = string
+ default = null
+}
+
variable "instance_type" {
description = "The instance type Packer will use for the builder"
type = string
@@ -66,12 +72,20 @@ variable "snapshot_tags" {
default = {}
}
+variable "custom_shell_commands" {
+ description = "Additional commands to run on the EC2 instance, to customize the instance, like installing packages"
+ type = list(string)
+ default = []
+}
+
source "amazon-ebs" "githubrunner" {
- ami_name = "github-runner-ubuntu-focal-amd64-${formatdate("YYYYMMDDhhmm", timestamp())}"
- instance_type = var.instance_type
- region = var.region
- security_group_id = var.security_group_id
- subnet_id = var.subnet_id
+ ami_name = "github-runner-ubuntu-focal-amd64-${formatdate("YYYYMMDDhhmm", timestamp())}"
+ instance_type = var.instance_type
+ region = var.region
+ security_group_id = var.security_group_id
+ subnet_id = var.subnet_id
+ associate_public_ip_address = var.associate_public_ip_address
+
source_ami_filter {
filters = {
name = "*/ubuntu-focal-20.04-amd64-server-*"
@@ -112,7 +126,7 @@ build {
environment_vars = [
"DEBIAN_FRONTEND=noninteractive"
]
- inline = [
+ inline = concat([
"sudo apt-get -y update",
"sudo apt-get -y install ca-certificates curl gnupg lsb-release",
"sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg",
@@ -128,7 +142,7 @@ build {
"sudo curl -f https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip -o awscliv2.zip",
"unzip awscliv2.zip",
"sudo ./aws/install",
- ]
+ ], var.custom_shell_commands)
}
provisioner "file" {
diff --git a/images/windows-core-2019/github_agent.windows.pkr.hcl b/images/windows-core-2019/github_agent.windows.pkr.hcl
index bde19e3b33..4f8c792534 100644
--- a/images/windows-core-2019/github_agent.windows.pkr.hcl
+++ b/images/windows-core-2019/github_agent.windows.pkr.hcl
@@ -25,11 +25,25 @@ variable "ebs_delete_on_termination" {
default = true
}
+variable "associate_public_ip_address" {
+ description = "If using a non-default VPC, there is no public IP address assigned to the EC2 instance. If you specified a public subnet, you probably want to set this to true. Otherwise the EC2 instance won't have access to the internet"
+ type = string
+ default = null
+}
+
+variable "custom_shell_commands" {
+ description = "Additional commands to run on the EC2 instance, to customize the instance, like installing packages"
+ type = list(string)
+ default = []
+}
+
source "amazon-ebs" "githubrunner" {
- ami_name = "github-runner-windows-core-2019-${formatdate("YYYYMMDDhhmm", timestamp())}"
- communicator = "winrm"
- instance_type = "t3a.medium"
- region = var.region
+ ami_name = "github-runner-windows-core-2019-${formatdate("YYYYMMDDhhmm", timestamp())}"
+ communicator = "winrm"
+ instance_type = "t3a.medium"
+ region = var.region
+ associate_public_ip_address = var.associate_public_ip_address
+
source_ami_filter {
filters = {
name = "Windows_Server-2019-English-Core-ContainersLatest-*"
@@ -70,8 +84,10 @@ build {
}
provisioner "powershell" {
- inline = [templatefile("./windows-provisioner.ps1", {
- action_runner_url = var.action_runner_url
- })]
+ inline = concat([
+ templatefile("./windows-provisioner.ps1", {
+ action_runner_url = var.action_runner_url
+ })
+ ], var.custom_shell_commands)
}
}
diff --git a/main.tf b/main.tf
index aaf0a56dd9..dbd32ac34c 100644
--- a/main.tf
+++ b/main.tf
@@ -17,6 +17,38 @@ resource "random_string" "random" {
upper = false
}
+data "aws_iam_policy_document" "deny_unsecure_transport" {
+ statement {
+ sid = "DenyUnsecureTransport"
+
+ effect = "Deny"
+
+ principals {
+ type = "AWS"
+ identifiers = ["*"]
+ }
+
+ actions = [
+ "sqs:*"
+ ]
+
+ resources = [
+ "*"
+ ]
+
+ condition {
+ test = "Bool"
+ variable = "aws:SecureTransport"
+ values = ["false"]
+ }
+ }
+}
+
+resource "aws_sqs_queue_policy" "build_queue_policy" {
+ queue_url = aws_sqs_queue.queued_builds.id
+ policy = data.aws_iam_policy_document.deny_unsecure_transport.json
+}
+
resource "aws_sqs_queue" "queued_builds" {
name = "${var.environment}-queued-builds${var.fifo_build_queue ? ".fifo" : ""}"
delay_seconds = var.delay_webhook_event
@@ -33,6 +65,13 @@ resource "aws_sqs_queue" "queued_builds" {
tags = var.tags
}
+
+resource "aws_sqs_queue_policy" "build_queue_dlq_policy" {
+ count = var.redrive_build_queue.enabled ? 1 : 0
+ queue_url = aws_sqs_queue.queued_builds.id
+ policy = data.aws_iam_policy_document.deny_unsecure_transport.json
+}
+
resource "aws_sqs_queue" "queued_builds_dlq" {
count = var.redrive_build_queue.enabled ? 1 : 0
name = "${var.environment}-queued-builds_dead_letter"
@@ -67,6 +106,7 @@ module "webhook" {
lambda_zip = var.webhook_lambda_zip
lambda_timeout = var.webhook_lambda_timeout
logging_retention_in_days = var.logging_retention_in_days
+ logging_kms_key_id = var.logging_kms_key_id
# labels
enable_workflow_job_labels_check = var.runner_enable_workflow_job_labels_check
@@ -83,11 +123,12 @@ module "webhook" {
module "runners" {
source = "./modules/runners"
- aws_region = var.aws_region
- vpc_id = var.vpc_id
- subnet_ids = var.subnet_ids
- environment = var.environment
- tags = local.tags
+ aws_region = var.aws_region
+ aws_partition = var.aws_partition
+ vpc_id = var.vpc_id
+ subnet_ids = var.subnet_ids
+ environment = var.environment
+ tags = local.tags
s3_bucket_runner_binaries = module.runner_binaries.bucket
s3_location_runner_binaries = local.s3_action_runner_url
@@ -132,6 +173,7 @@ module "runners" {
lambda_subnet_ids = var.lambda_subnet_ids
lambda_security_group_ids = var.lambda_security_group_ids
logging_retention_in_days = var.logging_retention_in_days
+ logging_kms_key_id = var.logging_kms_key_id
enable_cloudwatch_agent = var.enable_cloudwatch_agent
cloudwatch_config = var.cloudwatch_config
runner_log_files = var.runner_log_files
@@ -187,6 +229,7 @@ module "runner_binaries" {
lambda_zip = var.runner_binaries_syncer_lambda_zip
lambda_timeout = var.runner_binaries_syncer_lambda_timeout
logging_retention_in_days = var.logging_retention_in_days
+ logging_kms_key_id = var.logging_kms_key_id
server_side_encryption_configuration = var.runner_binaries_s3_sse_configuration
diff --git a/modules/runner-binaries-syncer/README.md b/modules/runner-binaries-syncer/README.md
index f67060d82e..76e197a67f 100644
--- a/modules/runner-binaries-syncer/README.md
+++ b/modules/runner-binaries-syncer/README.md
@@ -87,6 +87,7 @@ No modules.
| [lambda\_zip](#input\_lambda\_zip) | File location of the lambda zip file. | `string` | `null` | no |
| [log\_level](#input\_log\_level) | Logging level for lambda logging. Valid values are 'silly', 'trace', 'debug', 'info', 'warn', 'error', 'fatal'. | `string` | `"info"` | no |
| [log\_type](#input\_log\_type) | Logging format for lambda logging. Valid values are 'json', 'pretty', 'hidden'. | `string` | `"pretty"` | no |
+| [logging\_kms\_key\_id](#input\_logging\_kms\_key\_id) | Specifies the kms key id to encrypt the logs with | `string` | `null` | no |
| [logging\_retention\_in\_days](#input\_logging\_retention\_in\_days) | Specifies the number of days you want to retain log events for the lambda log group. Possible values are: 0, 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. | `number` | `7` | no |
| [role\_path](#input\_role\_path) | The path that will be added to the role, if not set the environment name will be used. | `string` | `null` | no |
| [role\_permissions\_boundary](#input\_role\_permissions\_boundary) | Permissions boundary that will be added to the created role for the lambda. | `string` | `null` | no |
diff --git a/modules/runner-binaries-syncer/lambdas/runner-binaries-syncer/package.json b/modules/runner-binaries-syncer/lambdas/runner-binaries-syncer/package.json
index 15e643cdb4..8767c41805 100644
--- a/modules/runner-binaries-syncer/lambdas/runner-binaries-syncer/package.json
+++ b/modules/runner-binaries-syncer/lambdas/runner-binaries-syncer/package.json
@@ -17,13 +17,13 @@
"devDependencies": {
"@octokit/rest": "^18.12.0",
"@trivago/prettier-plugin-sort-imports": "^3.2.0",
- "@types/jest": "^27.4.0",
+ "@types/jest": "^27.4.1",
"@types/node": "^17.0.21",
"@types/request": "^2.48.8",
"@typescript-eslint/eslint-plugin": "^4.33.0",
"@typescript-eslint/parser": "^4.33.0",
"@vercel/ncc": "^0.33.3",
- "aws-sdk": "^2.1081.0",
+ "aws-sdk": "^2.1090.0",
"eslint": "^7.32.0",
"eslint-plugin-prettier": "4.0.0",
"jest": "^27.5.1",
@@ -31,7 +31,7 @@
"prettier": "2.5.1",
"ts-jest": "^27.1.3",
"ts-node-dev": "^1.1.6",
- "typescript": "^4.5.5"
+ "typescript": "^4.6.2"
},
"dependencies": {
"axios": "^0.26.0",
diff --git a/modules/runner-binaries-syncer/lambdas/runner-binaries-syncer/yarn.lock b/modules/runner-binaries-syncer/lambdas/runner-binaries-syncer/yarn.lock
index 0ef8001544..39dd29ad4e 100644
--- a/modules/runner-binaries-syncer/lambdas/runner-binaries-syncer/yarn.lock
+++ b/modules/runner-binaries-syncer/lambdas/runner-binaries-syncer/yarn.lock
@@ -815,12 +815,12 @@
dependencies:
"@types/istanbul-lib-report" "*"
-"@types/jest@^27.4.0":
- version "27.4.0"
- resolved "https://registry.yarnpkg.com/@types/jest/-/jest-27.4.0.tgz#037ab8b872067cae842a320841693080f9cb84ed"
- integrity sha512-gHl8XuC1RZ8H2j5sHv/JqsaxXkDDM9iDOgu0Wp8sjs4u/snb2PVehyWXJPr+ORA0RPpgw231mnutWI1+0hgjIQ==
+"@types/jest@^27.4.1":
+ version "27.4.1"
+ resolved "https://registry.yarnpkg.com/@types/jest/-/jest-27.4.1.tgz#185cbe2926eaaf9662d340cc02e548ce9e11ab6d"
+ integrity sha512-23iPJADSmicDVrWk+HT58LMJtzLAnB2AgIzplQuq/bSrGaxCrlvRFjGbXmamnnk/mAmCdLStiGqggu28ocUyiw==
dependencies:
- jest-diff "^27.0.0"
+ jest-matcher-utils "^27.0.0"
pretty-format "^27.0.0"
"@types/json-schema@^7.0.7":
@@ -1086,10 +1086,10 @@ asynckit@^0.4.0:
resolved "https://registry.yarnpkg.com/asynckit/-/asynckit-0.4.0.tgz#c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79"
integrity sha1-x57Zf380y48robyXkLzDZkdLS3k=
-aws-sdk@^2.1081.0:
- version "2.1081.0"
- resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.1081.0.tgz#171a306fcc752b97c18f2d01a8bff24bba12447a"
- integrity sha512-204Aqi3NmSRZDAvyzmi1usje6oCM+Q4g6PgA+vc/XQQPe1oxO95AgOXZvrpjX2QlLbA0JDItL1ufUh3nszjaqA==
+aws-sdk@^2.1090.0:
+ version "2.1090.0"
+ resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.1090.0.tgz#c30e4cbc177e4c3b7792020cc79dfaf155cc8197"
+ integrity sha512-oHdfbiuSjK9mn6rrm5fsitdwv7jEiYzaYB0Xz1kqjIczcVX3JEc+9ySdxlueQf4o5G3RVUcLRF2pIc5j9vcHSg==
dependencies:
buffer "4.9.2"
events "1.1.1"
@@ -1459,11 +1459,6 @@ detect-newline@^3.0.0:
resolved "https://registry.yarnpkg.com/detect-newline/-/detect-newline-3.1.0.tgz#576f5dfc63ae1a192ff192d8ad3af6308991b651"
integrity sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==
-diff-sequences@^27.4.0:
- version "27.4.0"
- resolved "https://registry.yarnpkg.com/diff-sequences/-/diff-sequences-27.4.0.tgz#d783920ad8d06ec718a060d00196dfef25b132a5"
- integrity sha512-YqiQzkrsmHMH5uuh8OdQFU9/ZpADnwzml8z0O5HvRNda+5UZsaX/xN+AAxfR2hWq1Y7HZnAzO9J5lJXOuDz2Ww==
-
diff-sequences@^27.5.1:
version "27.5.1"
resolved "https://registry.yarnpkg.com/diff-sequences/-/diff-sequences-27.5.1.tgz#eaecc0d327fd68c8d9672a1e64ab8dccb2ef5327"
@@ -2239,16 +2234,6 @@ jest-config@^27.5.1:
slash "^3.0.0"
strip-json-comments "^3.1.1"
-jest-diff@^27.0.0:
- version "27.4.2"
- resolved "https://registry.yarnpkg.com/jest-diff/-/jest-diff-27.4.2.tgz#786b2a5211d854f848e2dcc1e324448e9481f36f"
- integrity sha512-ujc9ToyUZDh9KcqvQDkk/gkbf6zSaeEg9AiBxtttXW59H/AcqEYp1ciXAtJp+jXWva5nAf/ePtSsgWwE5mqp4Q==
- dependencies:
- chalk "^4.0.0"
- diff-sequences "^27.4.0"
- jest-get-type "^27.4.0"
- pretty-format "^27.4.2"
-
jest-diff@^27.5.1:
version "27.5.1"
resolved "https://registry.yarnpkg.com/jest-diff/-/jest-diff-27.5.1.tgz#a07f5011ac9e6643cf8a95a462b7b1ecf6680def"
@@ -2302,11 +2287,6 @@ jest-environment-node@^27.5.1:
jest-mock "^27.5.1"
jest-util "^27.5.1"
-jest-get-type@^27.4.0:
- version "27.4.0"
- resolved "https://registry.yarnpkg.com/jest-get-type/-/jest-get-type-27.4.0.tgz#7503d2663fffa431638337b3998d39c5e928e9b5"
- integrity sha512-tk9o+ld5TWq41DkK14L4wox4s2D9MtTpKaAVzXfr5CUKm5ZK2ExcaFE0qls2W71zE/6R2TxxrK9w2r6svAFDBQ==
-
jest-get-type@^27.5.1:
version "27.5.1"
resolved "https://registry.yarnpkg.com/jest-get-type/-/jest-get-type-27.5.1.tgz#3cd613c507b0f7ace013df407a1c1cd578bcb4f1"
@@ -2363,7 +2343,7 @@ jest-leak-detector@^27.5.1:
jest-get-type "^27.5.1"
pretty-format "^27.5.1"
-jest-matcher-utils@^27.5.1:
+jest-matcher-utils@^27.0.0, jest-matcher-utils@^27.5.1:
version "27.5.1"
resolved "https://registry.yarnpkg.com/jest-matcher-utils/-/jest-matcher-utils-27.5.1.tgz#9c0cdbda8245bc22d2331729d1091308b40cf8ab"
integrity sha512-z2uTx/T6LBaCoNWNFWwChLBKYxTMcGBRjAt+2SbP929/Fflb9aa5LGma654Rz8z9HLxsrUaYzxE9T/EFIL/PAw==
@@ -3000,17 +2980,7 @@ prettier@2.5.1:
resolved "https://registry.yarnpkg.com/prettier/-/prettier-2.5.1.tgz#fff75fa9d519c54cf0fce328c1017d94546bc56a"
integrity sha512-vBZcPRUR5MZJwoyi3ZoyQlc1rXeEck8KgeC9AwwOn+exuxLxq5toTRDTSaVrXHxelDMHy9zlicw8u66yxoSUFg==
-pretty-format@^27.0.0, pretty-format@^27.4.2:
- version "27.4.2"
- resolved "https://registry.yarnpkg.com/pretty-format/-/pretty-format-27.4.2.tgz#e4ce92ad66c3888423d332b40477c87d1dac1fb8"
- integrity sha512-p0wNtJ9oLuvgOQDEIZ9zQjZffK7KtyR6Si0jnXULIDwrlNF8Cuir3AZP0hHv0jmKuNN/edOnbMjnzd4uTcmWiw==
- dependencies:
- "@jest/types" "^27.4.2"
- ansi-regex "^5.0.1"
- ansi-styles "^5.0.0"
- react-is "^17.0.1"
-
-pretty-format@^27.5.1:
+pretty-format@^27.0.0, pretty-format@^27.5.1:
version "27.5.1"
resolved "https://registry.yarnpkg.com/pretty-format/-/pretty-format-27.5.1.tgz#2181879fdea51a7a5851fb39d920faa63f01d88e"
integrity sha512-Qb1gy5OrP5+zDf2Bvnzdl3jsTf1qXVMazbvCoKhtKqVs4/YK4ozX4gKQJJVyNe+cajNPn0KoC0MC3FUmaHWEmQ==
@@ -3521,10 +3491,10 @@ typedarray-to-buffer@^3.1.5:
dependencies:
is-typedarray "^1.0.0"
-typescript@^4.5.5:
- version "4.5.5"
- resolved "https://registry.yarnpkg.com/typescript/-/typescript-4.5.5.tgz#d8c953832d28924a9e3d37c73d729c846c5896f3"
- integrity sha512-TCTIul70LyWe6IJWT8QSYeA54WQe8EjQFU4wY52Fasj5UKx88LNYKCgBEHcOMOrFF1rKGbD8v/xcNWVUq9SymA==
+typescript@^4.6.2:
+ version "4.6.2"
+ resolved "https://registry.yarnpkg.com/typescript/-/typescript-4.6.2.tgz#fe12d2727b708f4eef40f51598b3398baa9611d4"
+ integrity sha512-HM/hFigTBHZhLXshn9sN37H085+hQGeJHJ/X7LpBWLID/fbc2acUMfU+lGD98X81sKP+pFa9f0DZmCwB9GnbAg==
universal-user-agent@^6.0.0:
version "6.0.0"
diff --git a/modules/runner-binaries-syncer/runner-binaries-syncer.tf b/modules/runner-binaries-syncer/runner-binaries-syncer.tf
index 0020066264..564027de7f 100644
--- a/modules/runner-binaries-syncer/runner-binaries-syncer.tf
+++ b/modules/runner-binaries-syncer/runner-binaries-syncer.tf
@@ -45,6 +45,7 @@ resource "aws_lambda_function" "syncer" {
resource "aws_cloudwatch_log_group" "syncer" {
name = "/aws/lambda/${aws_lambda_function.syncer.function_name}"
retention_in_days = var.logging_retention_in_days
+ kms_key_id = var.logging_kms_key_id
tags = var.tags
}
diff --git a/modules/runner-binaries-syncer/variables.tf b/modules/runner-binaries-syncer/variables.tf
index 26da8fff03..37023b0486 100644
--- a/modules/runner-binaries-syncer/variables.tf
+++ b/modules/runner-binaries-syncer/variables.tf
@@ -84,6 +84,12 @@ variable "logging_retention_in_days" {
default = 7
}
+variable "logging_kms_key_id" {
+ description = "Specifies the kms key id to encrypt the logs with"
+ type = string
+ default = null
+}
+
variable "runner_allow_prerelease_binaries" {
description = "Allow the runners to update to prerelease binaries."
type = bool
diff --git a/modules/runners/README.md b/modules/runners/README.md
index d701010105..208e675e4e 100644
--- a/modules/runners/README.md
+++ b/modules/runners/README.md
@@ -115,11 +115,12 @@ yarn run dist
|------|-------------|------|---------|:--------:|
| [ami\_filter](#input\_ami\_filter) | Map of lists used to create the AMI filter for the action runner AMI. | `map(list(string))` | `null` | no |
| [ami\_owners](#input\_ami\_owners) | The list of owners used to select the AMI of action runner instances. | `list(string)` | [
"amazon"
]
| no |
+| [aws\_partition](#input\_aws\_partition) | (optional) partition for the base arn if not 'aws' | `string` | `"aws"` | no |
| [aws\_region](#input\_aws\_region) | AWS region. | `string` | n/a | yes |
| [block\_device\_mappings](#input\_block\_device\_mappings) | The EC2 instance block device configuration. Takes the following keys: `device_name`, `delete_on_termination`, `volume_type`, `volume_size`, `encrypted`, `iops` | `map(string)` | `{}` | no |
| [cloudwatch\_config](#input\_cloudwatch\_config) | (optional) Replaces the module default cloudwatch log config. See https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Agent-Configuration-File-Details.html for details. | `string` | `null` | no |
| [create\_service\_linked\_role\_spot](#input\_create\_service\_linked\_role\_spot) | (optional) create the service linked role for spot instances that is required by the scale-up lambda. | `bool` | `false` | no |
-| [disable\_runner\_autoupdate](#input\_disable\_runner\_autoupdate) | Disable the auto update of the github runner agent. Be-aware there is a grace period of 30 days, see also the [GitHub article](https://github.blog/changelog/2022-02-01-github-actions-self-hosted-runners-can-now-disable-automatic-updates/) | `bool` | `true` | no |
+| [disable\_runner\_autoupdate](#input\_disable\_runner\_autoupdate) | Disable the auto update of the github runner agent. Be-aware there is a grace period of 30 days, see also the [GitHub article](https://github.blog/changelog/2022-02-01-github-actions-self-hosted-runners-can-now-disable-automatic-updates/) | `bool` | `false` | no |
| [egress\_rules](#input\_egress\_rules) | List of egress rules for the GitHub runner instances. | list(object({
cidr_blocks = list(string)
ipv6_cidr_blocks = list(string)
prefix_list_ids = list(string)
from_port = number
protocol = string
security_groups = list(string)
self = bool
to_port = number
description = string
})) | [
{
"cidr_blocks": [
"0.0.0.0/0"
],
"description": null,
"from_port": 0,
"ipv6_cidr_blocks": [
"::/0"
],
"prefix_list_ids": null,
"protocol": "-1",
"security_groups": null,
"self": null,
"to_port": 0
}
]
| no |
| [enable\_cloudwatch\_agent](#input\_enable\_cloudwatch\_agent) | Enabling the cloudwatch agent on the ec2 runner instances, the runner contains default config. Configuration can be overridden via `cloudwatch_config`. | `bool` | `true` | no |
| [enable\_ephemeral\_runners](#input\_enable\_ephemeral\_runners) | Enable ephemeral runners, runners will only be used once. | `bool` | `false` | no |
@@ -148,6 +149,7 @@ yarn run dist
| [lambda\_zip](#input\_lambda\_zip) | File location of the lambda zip file. | `string` | `null` | no |
| [log\_level](#input\_log\_level) | Logging level for lambda logging. Valid values are 'silly', 'trace', 'debug', 'info', 'warn', 'error', 'fatal'. | `string` | `"info"` | no |
| [log\_type](#input\_log\_type) | Logging format for lambda logging. Valid values are 'json', 'pretty', 'hidden'. | `string` | `"pretty"` | no |
+| [logging\_kms\_key\_id](#input\_logging\_kms\_key\_id) | Specifies the kms key id to encrypt the logs with | `string` | `null` | no |
| [logging\_retention\_in\_days](#input\_logging\_retention\_in\_days) | Specifies the number of days you want to retain log events for the lambda log group. Possible values are: 0, 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. | `number` | `180` | no |
| [market\_options](#input\_market\_options) | DEPCRECATED: Replaced by `instance_target_capacity_type`. | `string` | `null` | no |
| [metadata\_options](#input\_metadata\_options) | Metadata options for the ec2 runner instances. | `map(any)` | {
"http_endpoint": "enabled",
"http_put_response_hop_limit": 1,
"http_tokens": "optional"
} | no |
diff --git a/modules/runners/lambdas/runners/package.json b/modules/runners/lambdas/runners/package.json
index 1500455993..836ca717ac 100644
--- a/modules/runners/lambdas/runners/package.json
+++ b/modules/runners/lambdas/runners/package.json
@@ -17,9 +17,9 @@
},
"devDependencies": {
"@trivago/prettier-plugin-sort-imports": "^3.2.0",
- "@types/aws-lambda": "^8.10.92",
+ "@types/aws-lambda": "^8.10.93",
"@types/express": "^4.17.11",
- "@types/jest": "^27.4.0",
+ "@types/jest": "^27.4.1",
"@typescript-eslint/eslint-plugin": "^4.33.0",
"@typescript-eslint/parser": "^4.33.0",
"@vercel/ncc": "^0.33.3",
@@ -32,20 +32,20 @@
"nock": "^13.2.4",
"prettier": "2.5.1",
"ts-jest": "^27.1.3",
- "ts-node": "^10.5.0",
+ "ts-node": "^10.7.0",
"ts-node-dev": "^1.1.6"
},
"dependencies": {
- "@aws-sdk/client-ssm": "^3.52.0",
+ "@aws-sdk/client-ssm": "^3.53.0",
"@octokit/auth-app": "3.6.1",
"@octokit/rest": "^18.12.0",
"@octokit/types": "^6.34.0",
- "@types/aws-lambda": "^8.10.92",
+ "@types/aws-lambda": "^8.10.93",
"@types/express": "^4.17.11",
- "@types/node": "^17.0.19",
- "aws-sdk": "^2.1080.0",
+ "@types/node": "^17.0.21",
+ "aws-sdk": "^2.1090.0",
"cron-parser": "^4.2.1",
"tslog": "^3.3.2",
- "typescript": "^4.5.5"
+ "typescript": "^4.6.2"
}
}
diff --git a/modules/runners/lambdas/runners/yarn.lock b/modules/runners/lambdas/runners/yarn.lock
index e7905d7dd5..fc1ee8db25 100644
--- a/modules/runners/lambdas/runners/yarn.lock
+++ b/modules/runners/lambdas/runners/yarn.lock
@@ -57,252 +57,252 @@
"@aws-sdk/util-utf8-browser" "^3.0.0"
tslib "^1.11.1"
-"@aws-sdk/abort-controller@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/abort-controller/-/abort-controller-3.52.0.tgz#9ef722a622b96a72cad4bdb0b2685b2fedaa5d2a"
- integrity sha512-Z+4uVtgwbKSChruh6R/WIrGb5uvvXi/d6EQ7zC6hyghtn9EGQc+WJ3BVB4bIUshwMunlgjA3nDiPb5V3t5zv8Q==
+"@aws-sdk/abort-controller@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/abort-controller/-/abort-controller-3.53.0.tgz#9e114f54bf52220bec279e5fd5f83a8ea76437b0"
+ integrity sha512-Xe7IX2mpf/qOjh1LrPnJ1UtiDw3cBlmy8n+Q2xSP5vaS/9IH0OMdQUveC9MV9HSgzICX+xzbPyUuSKc+4tufBQ==
dependencies:
- "@aws-sdk/types" "3.52.0"
+ "@aws-sdk/types" "3.53.0"
tslib "^2.3.0"
-"@aws-sdk/client-ssm@^3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/client-ssm/-/client-ssm-3.52.0.tgz#437248bf255f53698ec74de88cf5b2bb38363968"
- integrity sha512-HlBb9nhwYDACpgH30Yj8KR+vEXH69JJqbL3QUqJELglgc7s8i3n0LifLr5bzLb89DkDiU9grhNbkTt79u6R4fg==
+"@aws-sdk/client-ssm@^3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/client-ssm/-/client-ssm-3.53.0.tgz#5aed128f4a72b94e81860639f1291d1f0e2d5db5"
+ integrity sha512-TtN72Oqb27iAI0Wgp1tTlAY7Q2MtcERhJY6fdOmJ9qqrad8ie85L4MlT8/zcQ17Se+kwGE24kXLerqBhxs/PDA==
dependencies:
"@aws-crypto/sha256-browser" "2.0.0"
"@aws-crypto/sha256-js" "2.0.0"
- "@aws-sdk/client-sts" "3.52.0"
- "@aws-sdk/config-resolver" "3.52.0"
- "@aws-sdk/credential-provider-node" "3.52.0"
- "@aws-sdk/fetch-http-handler" "3.52.0"
- "@aws-sdk/hash-node" "3.52.0"
- "@aws-sdk/invalid-dependency" "3.52.0"
- "@aws-sdk/middleware-content-length" "3.52.0"
- "@aws-sdk/middleware-host-header" "3.52.0"
- "@aws-sdk/middleware-logger" "3.52.0"
- "@aws-sdk/middleware-retry" "3.52.0"
- "@aws-sdk/middleware-serde" "3.52.0"
- "@aws-sdk/middleware-signing" "3.52.0"
- "@aws-sdk/middleware-stack" "3.52.0"
- "@aws-sdk/middleware-user-agent" "3.52.0"
- "@aws-sdk/node-config-provider" "3.52.0"
- "@aws-sdk/node-http-handler" "3.52.0"
- "@aws-sdk/protocol-http" "3.52.0"
- "@aws-sdk/smithy-client" "3.52.0"
- "@aws-sdk/types" "3.52.0"
- "@aws-sdk/url-parser" "3.52.0"
+ "@aws-sdk/client-sts" "3.53.0"
+ "@aws-sdk/config-resolver" "3.53.0"
+ "@aws-sdk/credential-provider-node" "3.53.0"
+ "@aws-sdk/fetch-http-handler" "3.53.0"
+ "@aws-sdk/hash-node" "3.53.0"
+ "@aws-sdk/invalid-dependency" "3.53.0"
+ "@aws-sdk/middleware-content-length" "3.53.0"
+ "@aws-sdk/middleware-host-header" "3.53.0"
+ "@aws-sdk/middleware-logger" "3.53.0"
+ "@aws-sdk/middleware-retry" "3.53.0"
+ "@aws-sdk/middleware-serde" "3.53.0"
+ "@aws-sdk/middleware-signing" "3.53.0"
+ "@aws-sdk/middleware-stack" "3.53.0"
+ "@aws-sdk/middleware-user-agent" "3.53.0"
+ "@aws-sdk/node-config-provider" "3.53.0"
+ "@aws-sdk/node-http-handler" "3.53.0"
+ "@aws-sdk/protocol-http" "3.53.0"
+ "@aws-sdk/smithy-client" "3.53.0"
+ "@aws-sdk/types" "3.53.0"
+ "@aws-sdk/url-parser" "3.53.0"
"@aws-sdk/util-base64-browser" "3.52.0"
"@aws-sdk/util-base64-node" "3.52.0"
"@aws-sdk/util-body-length-browser" "3.52.0"
"@aws-sdk/util-body-length-node" "3.52.0"
- "@aws-sdk/util-defaults-mode-browser" "3.52.0"
- "@aws-sdk/util-defaults-mode-node" "3.52.0"
- "@aws-sdk/util-user-agent-browser" "3.52.0"
- "@aws-sdk/util-user-agent-node" "3.52.0"
+ "@aws-sdk/util-defaults-mode-browser" "3.53.0"
+ "@aws-sdk/util-defaults-mode-node" "3.53.0"
+ "@aws-sdk/util-user-agent-browser" "3.53.0"
+ "@aws-sdk/util-user-agent-node" "3.53.0"
"@aws-sdk/util-utf8-browser" "3.52.0"
"@aws-sdk/util-utf8-node" "3.52.0"
- "@aws-sdk/util-waiter" "3.52.0"
+ "@aws-sdk/util-waiter" "3.53.0"
tslib "^2.3.0"
uuid "^8.3.2"
-"@aws-sdk/client-sso@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/client-sso/-/client-sso-3.52.0.tgz#2d8b8c3a61913f136eb298f8f5bfad2852954dd1"
- integrity sha512-IvtZlZopWlWg6xnKSXAodWQaPcRySNBJLj68K6HJ8OVvBCgcXr53nNREArgPi0+KDzLsXqAZTRxvU5do/99PrA==
+"@aws-sdk/client-sso@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/client-sso/-/client-sso-3.53.0.tgz#f7dad82a04c95f2349ebf803bc741039df509dc5"
+ integrity sha512-X32YHHc5MO7xO4W3Ly8DeryieeEiDOsnl6ypBkfML7loO3M0ckvvL+HnNUR1J+HYyseEV7V93BsF/A1z5HmINQ==
dependencies:
"@aws-crypto/sha256-browser" "2.0.0"
"@aws-crypto/sha256-js" "2.0.0"
- "@aws-sdk/config-resolver" "3.52.0"
- "@aws-sdk/fetch-http-handler" "3.52.0"
- "@aws-sdk/hash-node" "3.52.0"
- "@aws-sdk/invalid-dependency" "3.52.0"
- "@aws-sdk/middleware-content-length" "3.52.0"
- "@aws-sdk/middleware-host-header" "3.52.0"
- "@aws-sdk/middleware-logger" "3.52.0"
- "@aws-sdk/middleware-retry" "3.52.0"
- "@aws-sdk/middleware-serde" "3.52.0"
- "@aws-sdk/middleware-stack" "3.52.0"
- "@aws-sdk/middleware-user-agent" "3.52.0"
- "@aws-sdk/node-config-provider" "3.52.0"
- "@aws-sdk/node-http-handler" "3.52.0"
- "@aws-sdk/protocol-http" "3.52.0"
- "@aws-sdk/smithy-client" "3.52.0"
- "@aws-sdk/types" "3.52.0"
- "@aws-sdk/url-parser" "3.52.0"
+ "@aws-sdk/config-resolver" "3.53.0"
+ "@aws-sdk/fetch-http-handler" "3.53.0"
+ "@aws-sdk/hash-node" "3.53.0"
+ "@aws-sdk/invalid-dependency" "3.53.0"
+ "@aws-sdk/middleware-content-length" "3.53.0"
+ "@aws-sdk/middleware-host-header" "3.53.0"
+ "@aws-sdk/middleware-logger" "3.53.0"
+ "@aws-sdk/middleware-retry" "3.53.0"
+ "@aws-sdk/middleware-serde" "3.53.0"
+ "@aws-sdk/middleware-stack" "3.53.0"
+ "@aws-sdk/middleware-user-agent" "3.53.0"
+ "@aws-sdk/node-config-provider" "3.53.0"
+ "@aws-sdk/node-http-handler" "3.53.0"
+ "@aws-sdk/protocol-http" "3.53.0"
+ "@aws-sdk/smithy-client" "3.53.0"
+ "@aws-sdk/types" "3.53.0"
+ "@aws-sdk/url-parser" "3.53.0"
"@aws-sdk/util-base64-browser" "3.52.0"
"@aws-sdk/util-base64-node" "3.52.0"
"@aws-sdk/util-body-length-browser" "3.52.0"
"@aws-sdk/util-body-length-node" "3.52.0"
- "@aws-sdk/util-defaults-mode-browser" "3.52.0"
- "@aws-sdk/util-defaults-mode-node" "3.52.0"
- "@aws-sdk/util-user-agent-browser" "3.52.0"
- "@aws-sdk/util-user-agent-node" "3.52.0"
+ "@aws-sdk/util-defaults-mode-browser" "3.53.0"
+ "@aws-sdk/util-defaults-mode-node" "3.53.0"
+ "@aws-sdk/util-user-agent-browser" "3.53.0"
+ "@aws-sdk/util-user-agent-node" "3.53.0"
"@aws-sdk/util-utf8-browser" "3.52.0"
"@aws-sdk/util-utf8-node" "3.52.0"
tslib "^2.3.0"
-"@aws-sdk/client-sts@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/client-sts/-/client-sts-3.52.0.tgz#e1db88e2599bb1a4c461e274624360407a2f4467"
- integrity sha512-tPLHYY9RdWehBQlyrwOaw4B31PqW1HmNNKJ3+Hc6KnEaiOwMAwQd8L7BFbSVG8ajQBDAEBUTDAkSaZ8jTYdfQQ==
+"@aws-sdk/client-sts@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/client-sts/-/client-sts-3.53.0.tgz#d904d14bd1438f696d01f2efe1766960727e32e0"
+ integrity sha512-MNG+Pmw/zZQ0kboZtsc8UEGM9pn8abjStDN0Yk67fwFAZMqz8sUHDtFXpa3gSXMrFqBwT+jMFXmIxqiq7XuAeA==
dependencies:
"@aws-crypto/sha256-browser" "2.0.0"
"@aws-crypto/sha256-js" "2.0.0"
- "@aws-sdk/config-resolver" "3.52.0"
- "@aws-sdk/credential-provider-node" "3.52.0"
- "@aws-sdk/fetch-http-handler" "3.52.0"
- "@aws-sdk/hash-node" "3.52.0"
- "@aws-sdk/invalid-dependency" "3.52.0"
- "@aws-sdk/middleware-content-length" "3.52.0"
- "@aws-sdk/middleware-host-header" "3.52.0"
- "@aws-sdk/middleware-logger" "3.52.0"
- "@aws-sdk/middleware-retry" "3.52.0"
- "@aws-sdk/middleware-sdk-sts" "3.52.0"
- "@aws-sdk/middleware-serde" "3.52.0"
- "@aws-sdk/middleware-signing" "3.52.0"
- "@aws-sdk/middleware-stack" "3.52.0"
- "@aws-sdk/middleware-user-agent" "3.52.0"
- "@aws-sdk/node-config-provider" "3.52.0"
- "@aws-sdk/node-http-handler" "3.52.0"
- "@aws-sdk/protocol-http" "3.52.0"
- "@aws-sdk/smithy-client" "3.52.0"
- "@aws-sdk/types" "3.52.0"
- "@aws-sdk/url-parser" "3.52.0"
+ "@aws-sdk/config-resolver" "3.53.0"
+ "@aws-sdk/credential-provider-node" "3.53.0"
+ "@aws-sdk/fetch-http-handler" "3.53.0"
+ "@aws-sdk/hash-node" "3.53.0"
+ "@aws-sdk/invalid-dependency" "3.53.0"
+ "@aws-sdk/middleware-content-length" "3.53.0"
+ "@aws-sdk/middleware-host-header" "3.53.0"
+ "@aws-sdk/middleware-logger" "3.53.0"
+ "@aws-sdk/middleware-retry" "3.53.0"
+ "@aws-sdk/middleware-sdk-sts" "3.53.0"
+ "@aws-sdk/middleware-serde" "3.53.0"
+ "@aws-sdk/middleware-signing" "3.53.0"
+ "@aws-sdk/middleware-stack" "3.53.0"
+ "@aws-sdk/middleware-user-agent" "3.53.0"
+ "@aws-sdk/node-config-provider" "3.53.0"
+ "@aws-sdk/node-http-handler" "3.53.0"
+ "@aws-sdk/protocol-http" "3.53.0"
+ "@aws-sdk/smithy-client" "3.53.0"
+ "@aws-sdk/types" "3.53.0"
+ "@aws-sdk/url-parser" "3.53.0"
"@aws-sdk/util-base64-browser" "3.52.0"
"@aws-sdk/util-base64-node" "3.52.0"
"@aws-sdk/util-body-length-browser" "3.52.0"
"@aws-sdk/util-body-length-node" "3.52.0"
- "@aws-sdk/util-defaults-mode-browser" "3.52.0"
- "@aws-sdk/util-defaults-mode-node" "3.52.0"
- "@aws-sdk/util-user-agent-browser" "3.52.0"
- "@aws-sdk/util-user-agent-node" "3.52.0"
+ "@aws-sdk/util-defaults-mode-browser" "3.53.0"
+ "@aws-sdk/util-defaults-mode-node" "3.53.0"
+ "@aws-sdk/util-user-agent-browser" "3.53.0"
+ "@aws-sdk/util-user-agent-node" "3.53.0"
"@aws-sdk/util-utf8-browser" "3.52.0"
"@aws-sdk/util-utf8-node" "3.52.0"
entities "2.2.0"
fast-xml-parser "3.19.0"
tslib "^2.3.0"
-"@aws-sdk/config-resolver@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/config-resolver/-/config-resolver-3.52.0.tgz#8a3119c5ba8ce04c1613e0eb644972d7c02e606e"
- integrity sha512-XKUCpPLMwdlqPtwutdMfAHWqGEPTDd14Dp01WyNhVtmTmsHkpFfLPpELLO1BczDS+jyoMUj+UDj9jHm4YLvXXg==
+"@aws-sdk/config-resolver@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/config-resolver/-/config-resolver-3.53.0.tgz#1bb2e1eb8e378fb559969036f94952e9f89de6d3"
+ integrity sha512-wAqP/xNx49H1dutHWHjhKduaKtAcDg2KoH25W6peW2qXZ6OfpVcxRIBbJE4Z0yGOmFFaxw0OeH3h2ptP7tdhGQ==
dependencies:
- "@aws-sdk/signature-v4" "3.52.0"
- "@aws-sdk/types" "3.52.0"
+ "@aws-sdk/signature-v4" "3.53.0"
+ "@aws-sdk/types" "3.53.0"
"@aws-sdk/util-config-provider" "3.52.0"
tslib "^2.3.0"
-"@aws-sdk/credential-provider-env@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-env/-/credential-provider-env-3.52.0.tgz#f314bd8b576f5639ba8e25c8573c09011d545e7d"
- integrity sha512-9R8kTMQ3udNz7fyY/0rkU6Yhu0ALYQJZQ0lFCrxtNo2Nlo9taQtZgxhtRcv+EeqbTcJs91voNNz70HLbedtBUw==
+"@aws-sdk/credential-provider-env@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-env/-/credential-provider-env-3.53.0.tgz#fe4fd8fbc646be8a86a1f12ecb749f442b0b80dd"
+ integrity sha512-ocqZ4w7y7eay2M+uUBAD6NkhikUPoajEFX1/7iMvEFMmS5MyzjuolHPNK7Hh8lFmPyoflxaMXJVKO8C1MguA/A==
dependencies:
- "@aws-sdk/property-provider" "3.52.0"
- "@aws-sdk/types" "3.52.0"
+ "@aws-sdk/property-provider" "3.53.0"
+ "@aws-sdk/types" "3.53.0"
tslib "^2.3.0"
-"@aws-sdk/credential-provider-imds@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-imds/-/credential-provider-imds-3.52.0.tgz#c369a2fbc600c0e79f145ab37c65dc7d3088a828"
- integrity sha512-939kfHSkMLsOfQtO2nBqC/zAE1ecTOCAs72pKvVxrluGzDry4UtwlyQ4YGC04pYBRQeRIqvIOoVbADYJy4XjmQ==
+"@aws-sdk/credential-provider-imds@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-imds/-/credential-provider-imds-3.53.0.tgz#cb771ad8fde938bfcc2bef440f6798ae03a9cc63"
+ integrity sha512-aKc8POSqCi58566KhF1p8Sxt7LHehMnshyfQzNAOB7xshSxuWg41rxafnQU4Soq9Tz7q5bwkauR2CEUihv/TRg==
dependencies:
- "@aws-sdk/node-config-provider" "3.52.0"
- "@aws-sdk/property-provider" "3.52.0"
- "@aws-sdk/types" "3.52.0"
- "@aws-sdk/url-parser" "3.52.0"
+ "@aws-sdk/node-config-provider" "3.53.0"
+ "@aws-sdk/property-provider" "3.53.0"
+ "@aws-sdk/types" "3.53.0"
+ "@aws-sdk/url-parser" "3.53.0"
tslib "^2.3.0"
-"@aws-sdk/credential-provider-ini@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.52.0.tgz#1c403c369dba003bd646a2f597474d70723a443d"
- integrity sha512-MCzWWPYoZjZ3C/X8UXXf9eRqgGJc3Y1QyFXIuQzNrVhffrFkYOkOUQsG4s5TuDr1MmGfxe83XtHQgATJ0fe3zw==
- dependencies:
- "@aws-sdk/credential-provider-env" "3.52.0"
- "@aws-sdk/credential-provider-imds" "3.52.0"
- "@aws-sdk/credential-provider-sso" "3.52.0"
- "@aws-sdk/credential-provider-web-identity" "3.52.0"
- "@aws-sdk/property-provider" "3.52.0"
+"@aws-sdk/credential-provider-ini@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-ini/-/credential-provider-ini-3.53.0.tgz#42ccbe0065466948e078199e44142f7bc2fbbbe8"
+ integrity sha512-g+UoJ1ikDrfpI1wHAhlrcBtX4OHxoLV6vakirpG27hhFwuMih565Q/Sjn3o5hLT8PBlWxwT2YeRuxCjtaL3cDA==
+ dependencies:
+ "@aws-sdk/credential-provider-env" "3.53.0"
+ "@aws-sdk/credential-provider-imds" "3.53.0"
+ "@aws-sdk/credential-provider-sso" "3.53.0"
+ "@aws-sdk/credential-provider-web-identity" "3.53.0"
+ "@aws-sdk/property-provider" "3.53.0"
"@aws-sdk/shared-ini-file-loader" "3.52.0"
- "@aws-sdk/types" "3.52.0"
- "@aws-sdk/util-credentials" "3.52.0"
+ "@aws-sdk/types" "3.53.0"
+ "@aws-sdk/util-credentials" "3.53.0"
tslib "^2.3.0"
-"@aws-sdk/credential-provider-node@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-node/-/credential-provider-node-3.52.0.tgz#5d137d3262aef517031852c30d0ca72915e04cf4"
- integrity sha512-SUl+t2S7xKHxAkIfuyvucKQ/JemJ/bCsuCk2qtjTSiVjrLx65Rnfw14j+44JU8U5mP+xodpKNCpgIF5PHu1kKQ==
- dependencies:
- "@aws-sdk/credential-provider-env" "3.52.0"
- "@aws-sdk/credential-provider-imds" "3.52.0"
- "@aws-sdk/credential-provider-ini" "3.52.0"
- "@aws-sdk/credential-provider-process" "3.52.0"
- "@aws-sdk/credential-provider-sso" "3.52.0"
- "@aws-sdk/credential-provider-web-identity" "3.52.0"
- "@aws-sdk/property-provider" "3.52.0"
+"@aws-sdk/credential-provider-node@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-node/-/credential-provider-node-3.53.0.tgz#65343d6f7aee4ae4b0386cbc325790ea40b00de9"
+ integrity sha512-sy0NeuJHOBhe7XwxCX2y+YZAB4CqcHveyXJfT6mv7eY6bYQskkMTCPp2D586hSH3c6cfIsmvLSxNhNJApj1Atw==
+ dependencies:
+ "@aws-sdk/credential-provider-env" "3.53.0"
+ "@aws-sdk/credential-provider-imds" "3.53.0"
+ "@aws-sdk/credential-provider-ini" "3.53.0"
+ "@aws-sdk/credential-provider-process" "3.53.0"
+ "@aws-sdk/credential-provider-sso" "3.53.0"
+ "@aws-sdk/credential-provider-web-identity" "3.53.0"
+ "@aws-sdk/property-provider" "3.53.0"
"@aws-sdk/shared-ini-file-loader" "3.52.0"
- "@aws-sdk/types" "3.52.0"
- "@aws-sdk/util-credentials" "3.52.0"
+ "@aws-sdk/types" "3.53.0"
+ "@aws-sdk/util-credentials" "3.53.0"
tslib "^2.3.0"
-"@aws-sdk/credential-provider-process@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-process/-/credential-provider-process-3.52.0.tgz#7f5d5f68bcf76e8247aad80bb711f6cfe80c3032"
- integrity sha512-DGaSprlcEGgFuCiXNH9moksa6/1vBmX/G/tt/ulpgFEJmKljoazIEgUse/6oPJT7t5jazydAqMRVp1HK3Jp/0A==
+"@aws-sdk/credential-provider-process@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-process/-/credential-provider-process-3.53.0.tgz#12b58fb87db59e8d4362a69f341bf4546ac413dd"
+ integrity sha512-nazHndueCa4y5jUM58OHSysb52E953r3VhmpCs0qIv1ZH5Ijs3kT/usbUq7Yms7pcpaUmpu00VZTc6IfOOC0GA==
dependencies:
- "@aws-sdk/property-provider" "3.52.0"
+ "@aws-sdk/property-provider" "3.53.0"
"@aws-sdk/shared-ini-file-loader" "3.52.0"
- "@aws-sdk/types" "3.52.0"
- "@aws-sdk/util-credentials" "3.52.0"
+ "@aws-sdk/types" "3.53.0"
+ "@aws-sdk/util-credentials" "3.53.0"
tslib "^2.3.0"
-"@aws-sdk/credential-provider-sso@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.52.0.tgz#54c53ef4926821b7a40311ed2a546778408d9c89"
- integrity sha512-8Q0X4wro+sPMYkbZE/ZW+CBpjxGq/x/vv4yQh7zdHpNfANhqjTSR8tUCApemVcfPtwNhQNPpW8KrlWUIMguHdg==
+"@aws-sdk/credential-provider-sso@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-sso/-/credential-provider-sso-3.53.0.tgz#3276a54743ec6533d04a3eaa6c24463da1b00c7c"
+ integrity sha512-EongClNxdVw+O4y+S0mZFjNeLHv1ssdAnBM/9L1PfR6sH06eikVmU6isEN2quwoKBy9HRVPaIVF075Q8QIpipg==
dependencies:
- "@aws-sdk/client-sso" "3.52.0"
- "@aws-sdk/property-provider" "3.52.0"
+ "@aws-sdk/client-sso" "3.53.0"
+ "@aws-sdk/property-provider" "3.53.0"
"@aws-sdk/shared-ini-file-loader" "3.52.0"
- "@aws-sdk/types" "3.52.0"
- "@aws-sdk/util-credentials" "3.52.0"
+ "@aws-sdk/types" "3.53.0"
+ "@aws-sdk/util-credentials" "3.53.0"
tslib "^2.3.0"
-"@aws-sdk/credential-provider-web-identity@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.52.0.tgz#185f6955910ba928baeb353439b996fac24f9b4d"
- integrity sha512-+4qz0PZn9u6HRRNBO9YfIixdItukixPOtLP8tNlgriCh66BC6M1mAXXP/uq2x7kIaMRZtTo3Eey4T/tA0QMkOg==
+"@aws-sdk/credential-provider-web-identity@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/credential-provider-web-identity/-/credential-provider-web-identity-3.53.0.tgz#416e8ccadd8937e607413882d5d72dd59fe4b073"
+ integrity sha512-YbysBkX3mbomHJZULxk/3jyQ7NWn6rZ68IDY28bmp8cNWajWeGzDxKmR4Y+c8gNiN2ziWjUZWfHcnZC056/79Q==
dependencies:
- "@aws-sdk/property-provider" "3.52.0"
- "@aws-sdk/types" "3.52.0"
+ "@aws-sdk/property-provider" "3.53.0"
+ "@aws-sdk/types" "3.53.0"
tslib "^2.3.0"
-"@aws-sdk/fetch-http-handler@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/fetch-http-handler/-/fetch-http-handler-3.52.0.tgz#4303728769ca0baf9e6ca3f087fb3113a686dadc"
- integrity sha512-pFXkCeEIcrgH8esRyUab1nnIo1cjUjrheqwb/MK3gJ363/kenT6IqYXOq0UO4mF7bn6IOz/yxODlhQIU6i1Vww==
+"@aws-sdk/fetch-http-handler@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/fetch-http-handler/-/fetch-http-handler-3.53.0.tgz#b3470a217454df472bbe68d1dbd3829a4d49a31f"
+ integrity sha512-0CcEYarIAVAoGzu1ClO2xDq30Jii6AevDFJYR7M9yojqAMvwjP31DY4/qfPc2nCpSAd9dASR6vcx6r/RoIynVg==
dependencies:
- "@aws-sdk/protocol-http" "3.52.0"
- "@aws-sdk/querystring-builder" "3.52.0"
- "@aws-sdk/types" "3.52.0"
+ "@aws-sdk/protocol-http" "3.53.0"
+ "@aws-sdk/querystring-builder" "3.53.0"
+ "@aws-sdk/types" "3.53.0"
"@aws-sdk/util-base64-browser" "3.52.0"
tslib "^2.3.0"
-"@aws-sdk/hash-node@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/hash-node/-/hash-node-3.52.0.tgz#6c77a5fdbf9d183739c7644493eea4fb878a02a6"
- integrity sha512-pN2dSSyyy0emFFtK6jgmzYXcJHITbfdPqR7UTQ1fj1wFvbURPN19C1f4uYbVDjuiUQX01hLclJDLnPy1BIzTGQ==
+"@aws-sdk/hash-node@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/hash-node/-/hash-node-3.53.0.tgz#323b554157b8f92e6bd3da20660b5dca16440728"
+ integrity sha512-0xK5PSUUVOPttvCLWrrUTmrKe7Fz6njPdBYvB3ESk1whXL+TY3syJj4em63Sq6yFyeuXdqyTzqfcs9fU2puWkA==
dependencies:
- "@aws-sdk/types" "3.52.0"
+ "@aws-sdk/types" "3.53.0"
"@aws-sdk/util-buffer-from" "3.52.0"
tslib "^2.3.0"
-"@aws-sdk/invalid-dependency@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/invalid-dependency/-/invalid-dependency-3.52.0.tgz#bc97182d071669addb70f8ccc0d160f16f09a8bc"
- integrity sha512-TjRzfFFiY4i/a9ry5llCQMiIwpyhIyriM2QuPgAdRaRPM076I01FohUzlAc7zgwwhCa5rpI4zRZ+auGPrU44Gw==
+"@aws-sdk/invalid-dependency@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/invalid-dependency/-/invalid-dependency-3.53.0.tgz#509cfef9c503ec1015f7ce57c1c55a4a7f6b5f91"
+ integrity sha512-qp2qRFa1a/AjZRCe6MZCpbaXo5t4enGAtch/83fuH4rRkzVOctYox1gyTGTliHk28rjMREtSgZDQZojp5/5M5w==
dependencies:
- "@aws-sdk/types" "3.52.0"
+ "@aws-sdk/types" "3.53.0"
tslib "^2.3.0"
"@aws-sdk/is-array-buffer@3.52.0":
@@ -312,148 +312,148 @@
dependencies:
tslib "^2.3.0"
-"@aws-sdk/middleware-content-length@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-content-length/-/middleware-content-length-3.52.0.tgz#07b8b183ea307080870267578c6f0e08ef953d6c"
- integrity sha512-U+aa8UswtEvEdt4vvX+C4b+vetSpG6PZVeGN/hZ2J0j3jQxODQtjKHU3VIO+Fvp8m9rSCtcfAPly5CcejHLeKw==
+"@aws-sdk/middleware-content-length@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-content-length/-/middleware-content-length-3.53.0.tgz#86f92f2f17e241944e3f8d45b67b11dde8424bb4"
+ integrity sha512-CXANhpL2MAE2tPKmu0cOf4Fd99useIj5kgX6UA+HWg/ZbJ4qBg6Q4W/nYVt+OuukeqwEEbpt3wv0lKQ8k/vINQ==
dependencies:
- "@aws-sdk/protocol-http" "3.52.0"
- "@aws-sdk/types" "3.52.0"
+ "@aws-sdk/protocol-http" "3.53.0"
+ "@aws-sdk/types" "3.53.0"
tslib "^2.3.0"
-"@aws-sdk/middleware-host-header@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-host-header/-/middleware-host-header-3.52.0.tgz#7b4a8482a2dee223f7767f51a558425d5ae8ae45"
- integrity sha512-t7y0gtJyFNrS6bwluR7N2LtppA7B0SDk+uNlvOJOYnJRms89fXltyMJWl8wrv8IHHvrhRLwNEP22vvOhn3hriA==
+"@aws-sdk/middleware-host-header@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-host-header/-/middleware-host-header-3.53.0.tgz#9497e75b2e521241285f7fd29e54fbd577d883bd"
+ integrity sha512-w5qMAUgy52fvJGqzqruNJhv4BtkanE4I368zWiysmwXXL5xmpKs8TpkGqcSQw4g2wKS8MR2Yxh21LukHlsgAJw==
dependencies:
- "@aws-sdk/protocol-http" "3.52.0"
- "@aws-sdk/types" "3.52.0"
+ "@aws-sdk/protocol-http" "3.53.0"
+ "@aws-sdk/types" "3.53.0"
tslib "^2.3.0"
-"@aws-sdk/middleware-logger@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-logger/-/middleware-logger-3.52.0.tgz#a40fcf1e919612efd776da540683e7d92f198eba"
- integrity sha512-YbFuJAsOPvbYe64gpqmS6XmEQXwyAGwH3Y4iOp3CnrGAz/zXbwWwzb653Uby+h4PVkTZ1+RviCO/A6si9bUkhw==
+"@aws-sdk/middleware-logger@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-logger/-/middleware-logger-3.53.0.tgz#178abbb939c3c158714d33e75c23f4b79ac77211"
+ integrity sha512-jMME8OOyPHliHhVD3FaBQ+4X+FDCQovw6CYGqPdqP0JUuhR8E1LWKHV1+xRpkpOICKwBnIXrgD8/0NQo/+Z84A==
dependencies:
- "@aws-sdk/types" "3.52.0"
+ "@aws-sdk/types" "3.53.0"
tslib "^2.3.0"
-"@aws-sdk/middleware-retry@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-retry/-/middleware-retry-3.52.0.tgz#bd3a04c6ad4e18ac554b00b972495f3cc5a1943d"
- integrity sha512-O+4mfn7OPv1POYagKwOgdlc16AQFWa4bY05g6Y94KZ2400ywNpK+Y2cwdskyNU3OTGOlluVGR21W5eO1b+XhNg==
+"@aws-sdk/middleware-retry@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-retry/-/middleware-retry-3.53.0.tgz#9a837d51ef8a857781c1d2e1ad9e1c14975c4539"
+ integrity sha512-TKEdTLP//SjasunU3/yX7avXMxhIEDoSOaiwj77zEpPGF2NWcR99UFfqNLeJsRPCyzYScYo1JSuxIwgXHNIhyQ==
dependencies:
- "@aws-sdk/protocol-http" "3.52.0"
- "@aws-sdk/service-error-classification" "3.52.0"
- "@aws-sdk/types" "3.52.0"
+ "@aws-sdk/protocol-http" "3.53.0"
+ "@aws-sdk/service-error-classification" "3.53.0"
+ "@aws-sdk/types" "3.53.0"
tslib "^2.3.0"
uuid "^8.3.2"
-"@aws-sdk/middleware-sdk-sts@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-sdk-sts/-/middleware-sdk-sts-3.52.0.tgz#e61491638af316a30cfbd33a7c7cb58809f65fa3"
- integrity sha512-NB1wHvOp+I6DXi5fPutyl9dAWvJYqzRqdi8lMeu02ub/d6nybrAjoB56za1LvGblcoEiYClf1A6dTKtmydgzFQ==
- dependencies:
- "@aws-sdk/middleware-signing" "3.52.0"
- "@aws-sdk/property-provider" "3.52.0"
- "@aws-sdk/protocol-http" "3.52.0"
- "@aws-sdk/signature-v4" "3.52.0"
- "@aws-sdk/types" "3.52.0"
+"@aws-sdk/middleware-sdk-sts@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-sdk-sts/-/middleware-sdk-sts-3.53.0.tgz#65ae76800e71e12bda8886a2abc2c87d3b775fd2"
+ integrity sha512-b9AUXYqA5jaUTpWu7wPZz43RQnmy1WGPFVHd8CvcUzFdMzwJlQeH4wq+sEdZ1KtIsz6n6TmY7vobzrScgq3ftg==
+ dependencies:
+ "@aws-sdk/middleware-signing" "3.53.0"
+ "@aws-sdk/property-provider" "3.53.0"
+ "@aws-sdk/protocol-http" "3.53.0"
+ "@aws-sdk/signature-v4" "3.53.0"
+ "@aws-sdk/types" "3.53.0"
tslib "^2.3.0"
-"@aws-sdk/middleware-serde@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-serde/-/middleware-serde-3.52.0.tgz#c9ea6785aa526e82f2a029d063bdfcfbc2ee824a"
- integrity sha512-4ZooINTdOI4+T6pEiu8xte5EEhOqbE/wqOwBzvOASk3JKElZ93u6xKP2u7UKVD6asBBYK2mDrYSy1PsU4fNl4A==
+"@aws-sdk/middleware-serde@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-serde/-/middleware-serde-3.53.0.tgz#c2f261f3d4a5b6dca28790f7c975b65a9f44f0ab"
+ integrity sha512-jPoou51ULWN2PpvWkDF3wLKnTezyM33NBdF89mvfnI4++Za0/NpuL12636YqWLXt2CK87u8cA2Q+7Opob7KocA==
dependencies:
- "@aws-sdk/types" "3.52.0"
+ "@aws-sdk/types" "3.53.0"
tslib "^2.3.0"
-"@aws-sdk/middleware-signing@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-signing/-/middleware-signing-3.52.0.tgz#8bd46ff378060f65f393adc418745abed662beee"
- integrity sha512-7FUqmZQ5DzaDJYCJ3YmOHRFEyFeohtsDQ1akWD2qekcjp16ftBtk05Fi9am5/L7pO8svVzobji/wg00Tlq183A==
+"@aws-sdk/middleware-signing@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-signing/-/middleware-signing-3.53.0.tgz#062fb5ed3ab41b293c72dc0ccfff0cf1ad34304b"
+ integrity sha512-r3g2ytin1YbhXCDedMfR7ZSlt1B39GWA0+J04ZZzUdevtnS2VnkFNhsanO5os/WOpVUV7iqk/ncJgSpn9LI2DA==
dependencies:
- "@aws-sdk/property-provider" "3.52.0"
- "@aws-sdk/protocol-http" "3.52.0"
- "@aws-sdk/signature-v4" "3.52.0"
- "@aws-sdk/types" "3.52.0"
+ "@aws-sdk/property-provider" "3.53.0"
+ "@aws-sdk/protocol-http" "3.53.0"
+ "@aws-sdk/signature-v4" "3.53.0"
+ "@aws-sdk/types" "3.53.0"
tslib "^2.3.0"
-"@aws-sdk/middleware-stack@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-stack/-/middleware-stack-3.52.0.tgz#ffcbbe4132fe56d09b9425985ec430b99bb1fbc4"
- integrity sha512-4OTbQ+tWc6Le7es3kSnXBzCyddcUw6Sk2GupR/1+PD9v4/qvtKXXK+uD4bMDDMfi6dTNV+2riOGBniOtBVsayw==
+"@aws-sdk/middleware-stack@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-stack/-/middleware-stack-3.53.0.tgz#3197e74c3a3d1648b6117d5c44bff10d37ad0b02"
+ integrity sha512-YanQOVUXGjm63GCZVRYPlPMl6niaWtVjE2C0+0lpCrJQYaUIrvKh27Ff40JLi3U0F89hmsYOO7yPQOPTbc9NBg==
dependencies:
tslib "^2.3.0"
-"@aws-sdk/middleware-user-agent@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.52.0.tgz#a438ee7d7f637416914221f3e18bf2e002e6e4ea"
- integrity sha512-sfdJvAp/f4PHmQvSklFAuCpD7gqloG502gSmBAMrXKqYykvQ5SAGyr6sCZPWf8CZxKtn5n4ftg8CLKywwrKwmg==
+"@aws-sdk/middleware-user-agent@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/middleware-user-agent/-/middleware-user-agent-3.53.0.tgz#7d7374f505bb367ff95f38ffd25c4c4fccbaf9e0"
+ integrity sha512-ClKxpFXoHLhdnDxyDRRVNaFYQnfylps7rk1wfbRLWb+FWQwKWBvLq5c5ZPvznBU8BvftDSkFtrY+7OLMlj6qxA==
dependencies:
- "@aws-sdk/protocol-http" "3.52.0"
- "@aws-sdk/types" "3.52.0"
+ "@aws-sdk/protocol-http" "3.53.0"
+ "@aws-sdk/types" "3.53.0"
tslib "^2.3.0"
-"@aws-sdk/node-config-provider@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/node-config-provider/-/node-config-provider-3.52.0.tgz#e42e04190b7dbdfea4b70830065d262ae4e27c1c"
- integrity sha512-vfeTzkfVtGaNQrnhCRMObqid0shxFtNFEnnU1Nnx7HsgBfag2/T6fnsDzdVGaliQ6nmfg+RMrhzw2VECyBTHQQ==
+"@aws-sdk/node-config-provider@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/node-config-provider/-/node-config-provider-3.53.0.tgz#2fec26cb78f181ebd9871698a99cb76446d52e85"
+ integrity sha512-l00gDzU7n2WSIBHZPVW8/t6L0UD6qwtre5kuGKiv8ZkZKynPg9VV39IB/JZ7swp2uydbXuqxgDxFvqImvY3IyA==
dependencies:
- "@aws-sdk/property-provider" "3.52.0"
+ "@aws-sdk/property-provider" "3.53.0"
"@aws-sdk/shared-ini-file-loader" "3.52.0"
- "@aws-sdk/types" "3.52.0"
+ "@aws-sdk/types" "3.53.0"
tslib "^2.3.0"
-"@aws-sdk/node-http-handler@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/node-http-handler/-/node-http-handler-3.52.0.tgz#41e04a5e7c083dab5fb00c3e40d9650142e6e8a0"
- integrity sha512-MjLkndwLuWye1kavyFnDw5BvK8Rg4YpMULTne++OL/uEsxWO786K+QQMyLWkirPe+ELMEYu/3eOrQTly2tqHsA==
+"@aws-sdk/node-http-handler@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/node-http-handler/-/node-http-handler-3.53.0.tgz#1394bd99c8177bc7cf114e5b20d791a826611f2b"
+ integrity sha512-YqovPyn75gNzDSvPWQUTAEbwhr8PBdp1MQz65bB8p+qOlzQi1jGCyj1uHqG7qwVIlis9+bAfqpAqNDuYpdGsNg==
dependencies:
- "@aws-sdk/abort-controller" "3.52.0"
- "@aws-sdk/protocol-http" "3.52.0"
- "@aws-sdk/querystring-builder" "3.52.0"
- "@aws-sdk/types" "3.52.0"
+ "@aws-sdk/abort-controller" "3.53.0"
+ "@aws-sdk/protocol-http" "3.53.0"
+ "@aws-sdk/querystring-builder" "3.53.0"
+ "@aws-sdk/types" "3.53.0"
tslib "^2.3.0"
-"@aws-sdk/property-provider@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/property-provider/-/property-provider-3.52.0.tgz#43acedad903882c96c6474ae6afc72d222413511"
- integrity sha512-Ooam7CvGefHKhMwQ413MiEtDTFw70xbCduJCF7Bg1F0WKrf700M/Yte+q3E0ljlXWJ28rwJNgwW3ptZaSXMGPg==
+"@aws-sdk/property-provider@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/property-provider/-/property-provider-3.53.0.tgz#76b4679316bcb3cc567a4def2b61578dc549c60c"
+ integrity sha512-qrVFYcOV/Da7/ozW2bDLDz0JQP0NLIn6/eNUwT2fqKVw9MWcrLf6xtyAJhCwckdUVOWS2HoBSyvEopa4mdh9Sw==
dependencies:
- "@aws-sdk/types" "3.52.0"
+ "@aws-sdk/types" "3.53.0"
tslib "^2.3.0"
-"@aws-sdk/protocol-http@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/protocol-http/-/protocol-http-3.52.0.tgz#67f790df41fdb3c9641614f302cac958e3e0fe08"
- integrity sha512-L6ITU9NG0L6nyYfzhSLa0EsgDlyL1vHNz+Om9o7TayUUF7O0f3UiZToWf2hdETQ04Os8625aZt0VH92ZnYyeEw==
+"@aws-sdk/protocol-http@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/protocol-http/-/protocol-http-3.53.0.tgz#9669900fcb6224a2a30cfe0095318ab455359e1b"
+ integrity sha512-lKOXq2FjQH2i/ztJOKHoNgJ9Kpaprhb6/lsKMjHuePr/YDEzp62nEuJKbVx5rA9C8Rxuuj2hE8vXhQ6dyUIsjg==
dependencies:
- "@aws-sdk/types" "3.52.0"
+ "@aws-sdk/types" "3.53.0"
tslib "^2.3.0"
-"@aws-sdk/querystring-builder@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/querystring-builder/-/querystring-builder-3.52.0.tgz#3ea8c3cde363ed9645754665570ff1edd4b81078"
- integrity sha512-RfNXqKeR6mdg2n2LO5Vs2Bz+f47/KN5k36HWk04bSwIbhnBtslXBp0F1KgSPkeP56KEgmmUWldRD7g8BvDkgAw==
+"@aws-sdk/querystring-builder@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/querystring-builder/-/querystring-builder-3.53.0.tgz#da3435e45fa7ec31c411f5f1e577a3c5ae261874"
+ integrity sha512-oliOrup52985pSKOjHbbm7t3bGL0HTPs9UODhBuDpHE7l0pdWE1hv9YiU3FF5NUIF25VwbL83GYmL9R52GxZhA==
dependencies:
- "@aws-sdk/types" "3.52.0"
+ "@aws-sdk/types" "3.53.0"
"@aws-sdk/util-uri-escape" "3.52.0"
tslib "^2.3.0"
-"@aws-sdk/querystring-parser@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/querystring-parser/-/querystring-parser-3.52.0.tgz#0b57268aca363693823707366a4fd91f9cb0c883"
- integrity sha512-/A6PauieStZajbkxX3sZSBBDacGDc3I/Sk7rjJulmg1GnizeVcUgx1OUdDh1JasdqA1h9E3ks/Y2Lu3xUMctLw==
+"@aws-sdk/querystring-parser@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/querystring-parser/-/querystring-parser-3.53.0.tgz#6593b9c16f420e00c3dfa836af51b7ed2165890c"
+ integrity sha512-wEkS40w/wW4eBSnf7xt+m8InZFVzjLAzRYK1yPab2qfOIShpWgxg1ndqEP0eu14MvwdEfMPW9xU6J2AiWoxWng==
dependencies:
- "@aws-sdk/types" "3.52.0"
+ "@aws-sdk/types" "3.53.0"
tslib "^2.3.0"
-"@aws-sdk/service-error-classification@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/service-error-classification/-/service-error-classification-3.52.0.tgz#126bac9bfcbfcd9b5bfcf568dcf478d75bd6bede"
- integrity sha512-2bpSIZCx5VGp2CBTeXK6PxlBYWrn2wiqxBVYstDRExZ8P7edcwPRgWi8qaKgPM2wvstZwJieF774niiuLddIpg==
+"@aws-sdk/service-error-classification@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/service-error-classification/-/service-error-classification-3.53.0.tgz#89b9a91adbe3a0f64e5c2f37247962b7672f03b5"
+ integrity sha512-l5g8QncKk0ZmzQL7mWyQ6n5xWkd1XQJuoOfLZPBas9SJAyz7wanV5P3CG9PX6s1GVHWLC+2MafpIQ6+aH1x5cQ==
"@aws-sdk/shared-ini-file-loader@3.52.0":
version "3.52.0"
@@ -462,38 +462,38 @@
dependencies:
tslib "^2.3.0"
-"@aws-sdk/signature-v4@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/signature-v4/-/signature-v4-3.52.0.tgz#bc0c33c9397e41f9e4d4fa4890f9dc4fdb7092e3"
- integrity sha512-lSlDASXGLup5v12kclzT2ZLoUnnVLknSRcMXrTVjnX7spmHMbs6s7LOcN0RXZzFIACs7vW+930KUzhBxt8UiFQ==
+"@aws-sdk/signature-v4@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/signature-v4/-/signature-v4-3.53.0.tgz#d87417ef90e9e38ce0a1d1439ab18246213766f4"
+ integrity sha512-CUvCIrwiiWpJd/ldSA04RERXPsdvkuKW3+gBDIUREq4uc7co7Cml1/wbIJ0UOHAmJpDw82NDYqAUthYB1kbHrQ==
dependencies:
"@aws-sdk/is-array-buffer" "3.52.0"
- "@aws-sdk/types" "3.52.0"
+ "@aws-sdk/types" "3.53.0"
"@aws-sdk/util-hex-encoding" "3.52.0"
"@aws-sdk/util-uri-escape" "3.52.0"
tslib "^2.3.0"
-"@aws-sdk/smithy-client@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/smithy-client/-/smithy-client-3.52.0.tgz#71ab9a5299160221fbdc611e77b2df079e81ad8f"
- integrity sha512-GuOJuoA1kky/v2p7byOZGq7YOiu2Ov8DA3d58gM6L/q7XavBjnzwNB/BYU7SPU3Ly6S7qGxBJFeadufic4bCYg==
+"@aws-sdk/smithy-client@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/smithy-client/-/smithy-client-3.53.0.tgz#73876a4a483329c11cffbf5f6839a5101621fc99"
+ integrity sha512-/mZn1/1/BXFgV5PwbGfXczbSyZFrhUEhWQzPG7x1NXLQh3kcSoHGDSONqFhqTeHWkfEXp1Tn0zUe7R4vAseFmQ==
dependencies:
- "@aws-sdk/middleware-stack" "3.52.0"
- "@aws-sdk/types" "3.52.0"
+ "@aws-sdk/middleware-stack" "3.53.0"
+ "@aws-sdk/types" "3.53.0"
tslib "^2.3.0"
-"@aws-sdk/types@3.52.0", "@aws-sdk/types@^3.1.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/types/-/types-3.52.0.tgz#e09d7cec3c155afc76ca8036ec18b2034964456f"
- integrity sha512-5deI1v6Fr7/a+TT9hPuiy6I/L/7uJTda3q3DEvUd0CsGbBB/fcDXJg8jlnMHcmw7mkfP9vE553ZJQS3Cb0v4vg==
+"@aws-sdk/types@3.53.0", "@aws-sdk/types@^3.1.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/types/-/types-3.53.0.tgz#fcc1db0c2114e94e8b9fd5b14b410aef6cd36b95"
+ integrity sha512-FqHfWRXdnQvfxgngDKfYpYOuQ1HmPgxaGKELx3pFaEnQdMo/dMXjfBGQcEQgP8jqU6bPLaJSfykjWjDzua8JBg==
-"@aws-sdk/url-parser@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/url-parser/-/url-parser-3.52.0.tgz#82dec0a2bf2cf80de927e52a3d8ecde12feedf14"
- integrity sha512-/9OJwol/384jsISiAs5JX7fkgd9mv7hJsHFCVXnByim5qTZu1V9fMcJYJ1L3iRmfCRy0w75UDJljIx2RZnwAYw==
+"@aws-sdk/url-parser@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/url-parser/-/url-parser-3.53.0.tgz#a7371e8c14728774527c9487cf75a9619964f3cd"
+ integrity sha512-lB0U5TkBDSdJK8h3noDkSG/P1cGnpSxOxBroMgPHA8Lrf5lmFRMvDXLXMhRDnTiqtsd/DpHDPyat91pfwLVEwA==
dependencies:
- "@aws-sdk/querystring-parser" "3.52.0"
- "@aws-sdk/types" "3.52.0"
+ "@aws-sdk/querystring-parser" "3.53.0"
+ "@aws-sdk/types" "3.53.0"
tslib "^2.3.0"
"@aws-sdk/util-base64-browser@3.52.0":
@@ -540,34 +540,34 @@
dependencies:
tslib "^2.3.0"
-"@aws-sdk/util-credentials@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/util-credentials/-/util-credentials-3.52.0.tgz#6e08b5e0a0667732db8c24e4e92a1e4e380b2cb6"
- integrity sha512-fNcm2cNzDHWt5Pr6xD2FXA40jkcgClsbumuI0VBhLEyNLfoetwPImKTpqbxo1XfWVxhqIbT/ELnrbS2OYBRIXg==
+"@aws-sdk/util-credentials@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/util-credentials/-/util-credentials-3.53.0.tgz#3b8237a501826f5b707e55b2c0226eacd69c79ae"
+ integrity sha512-XP/3mYOmSn5KpWv+PnBTP2UExXb+hx1ugbH4Gkveshdq9KBlVnpV5eVgIwSAnKBsplScfsNMJ5EOtHjz5Cvu5A==
dependencies:
"@aws-sdk/shared-ini-file-loader" "3.52.0"
tslib "^2.3.0"
-"@aws-sdk/util-defaults-mode-browser@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/util-defaults-mode-browser/-/util-defaults-mode-browser-3.52.0.tgz#7744e1f7350baa4e0e26179a3e5960e70c88b789"
- integrity sha512-N2/DHJ/OfiQ5zP97k9cJ8jSGiWDjtR7oFqXR+wbKZzKOww6vencMPYlndU6v1uZOKEjoj+NBr5N0jPEjCz+6+g==
+"@aws-sdk/util-defaults-mode-browser@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/util-defaults-mode-browser/-/util-defaults-mode-browser-3.53.0.tgz#2f9f010bbd289468724a4ec33f64194ee391c30b"
+ integrity sha512-ubOcZT3rkVXSTwCHeIJevgBVV5GHnejz3hd+dFY9OcuK53oMZnFPS8SfJLgGG6PHfg30P8EurKv1VhWrbuuJDw==
dependencies:
- "@aws-sdk/property-provider" "3.52.0"
- "@aws-sdk/types" "3.52.0"
+ "@aws-sdk/property-provider" "3.53.0"
+ "@aws-sdk/types" "3.53.0"
bowser "^2.11.0"
tslib "^2.3.0"
-"@aws-sdk/util-defaults-mode-node@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/util-defaults-mode-node/-/util-defaults-mode-node-3.52.0.tgz#4fab451cc2030ec9a6ba4741ffab43681a634514"
- integrity sha512-vmbvirg5edfNKBin8Mup2noxgqIYzYPnvk+BgIx3jFPvwT57WGRs/ahOMNqHgv/6xAdVaUjz8g7gw9Yy3mwP3A==
- dependencies:
- "@aws-sdk/config-resolver" "3.52.0"
- "@aws-sdk/credential-provider-imds" "3.52.0"
- "@aws-sdk/node-config-provider" "3.52.0"
- "@aws-sdk/property-provider" "3.52.0"
- "@aws-sdk/types" "3.52.0"
+"@aws-sdk/util-defaults-mode-node@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/util-defaults-mode-node/-/util-defaults-mode-node-3.53.0.tgz#b00491b4659ee14fcccc3e2ede529786672adc51"
+ integrity sha512-84nczaF0eZMRkZ7chJh7OZd4ekV31eWmw8LOTJ4RQeeRy+0eY8th23yKyt5TU+YgmMLrY0BVK7103BQAI/6ccQ==
+ dependencies:
+ "@aws-sdk/config-resolver" "3.53.0"
+ "@aws-sdk/credential-provider-imds" "3.53.0"
+ "@aws-sdk/node-config-provider" "3.53.0"
+ "@aws-sdk/property-provider" "3.53.0"
+ "@aws-sdk/types" "3.53.0"
tslib "^2.3.0"
"@aws-sdk/util-hex-encoding@3.52.0":
@@ -591,22 +591,22 @@
dependencies:
tslib "^2.3.0"
-"@aws-sdk/util-user-agent-browser@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/util-user-agent-browser/-/util-user-agent-browser-3.52.0.tgz#38a13181be64dacde77b92876e1eff88485f96d9"
- integrity sha512-zmw9pJ91QAr1oF3uqLKuo/3++NrSEagLwz3xnuID5wN8WLAgbC6MkvM7FG+r11CHSoUX3IeB6YDqoBMQW8en8w==
+"@aws-sdk/util-user-agent-browser@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/util-user-agent-browser/-/util-user-agent-browser-3.53.0.tgz#79d2cb85bdf13111945396fdccfd599027c2e594"
+ integrity sha512-fJsxzjo4UMv2o6KYSvw8cwfDhAQiao3X+iY1lGNVKrcY2bnI4zW5pWYge94oIJXMyFjjg6k6Ek+JIvGLMFY0XA==
dependencies:
- "@aws-sdk/types" "3.52.0"
+ "@aws-sdk/types" "3.53.0"
bowser "^2.11.0"
tslib "^2.3.0"
-"@aws-sdk/util-user-agent-node@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.52.0.tgz#86d7d16e131b31f1b1c9953bcb36b258d1bf907c"
- integrity sha512-jqbyb6R4goWOTIESizmNPy1i3Xa25Q3QG0xt6Pct0DwLQUSVpnPHw07NmfRhql+eYBoD4uxpXDX9lWsuLUBi0w==
+"@aws-sdk/util-user-agent-node@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/util-user-agent-node/-/util-user-agent-node-3.53.0.tgz#490b6ecc0c4b4f9e2f06944c517a444c890f46ad"
+ integrity sha512-YbrqMpTi+ArL9qG+NIXPInmnjGwYu0lohiH5uyEMHAHolqg4vqdKBlXyZ7Pjls2Nka7px2UUfX/Ba2RIssBBMQ==
dependencies:
- "@aws-sdk/node-config-provider" "3.52.0"
- "@aws-sdk/types" "3.52.0"
+ "@aws-sdk/node-config-provider" "3.53.0"
+ "@aws-sdk/types" "3.53.0"
tslib "^2.3.0"
"@aws-sdk/util-utf8-browser@3.52.0", "@aws-sdk/util-utf8-browser@^3.0.0":
@@ -624,13 +624,13 @@
"@aws-sdk/util-buffer-from" "3.52.0"
tslib "^2.3.0"
-"@aws-sdk/util-waiter@3.52.0":
- version "3.52.0"
- resolved "https://registry.yarnpkg.com/@aws-sdk/util-waiter/-/util-waiter-3.52.0.tgz#dc69673c6e6a82332fd4fe071f1d9069c4aa85f2"
- integrity sha512-8Gx0NunIg1RFpnKSA3nwzDl5j8mJ42kWjy5sHgd4wfUyiXRSvTl69sV6O8qhleI9OMDV0iS4xHZBCLK11HdIoA==
+"@aws-sdk/util-waiter@3.53.0":
+ version "3.53.0"
+ resolved "https://registry.yarnpkg.com/@aws-sdk/util-waiter/-/util-waiter-3.53.0.tgz#ac559dbeeec7a70e4608173c976af0e15e3df93c"
+ integrity sha512-WyiyHOzmiapbbwB8dtu7axRqu9u5+Mnp1/+k2Ia7cm0UMUTKLjdixPsaM89HNre3EMa8WHrDBnwyVmo/Khbq3w==
dependencies:
- "@aws-sdk/abort-controller" "3.52.0"
- "@aws-sdk/types" "3.52.0"
+ "@aws-sdk/abort-controller" "3.53.0"
+ "@aws-sdk/types" "3.53.0"
tslib "^2.3.0"
"@babel/code-frame@7.12.11":
@@ -1451,10 +1451,10 @@
resolved "https://registry.yarnpkg.com/@tsconfig/node16/-/node16-1.0.2.tgz#423c77877d0569db20e1fc80885ac4118314010e"
integrity sha512-eZxlbI8GZscaGS7kkc/trHTT5xgrjH3/1n2JDwusC9iahPKWMRvRjJSAN5mCXviuTGQ/lHnhvv8Q1YTpnfz9gA==
-"@types/aws-lambda@^8.10.92":
- version "8.10.92"
- resolved "https://registry.yarnpkg.com/@types/aws-lambda/-/aws-lambda-8.10.92.tgz#645f769ff88b8eba1acd35542695ac322c7757c4"
- integrity sha512-dB14TltT1SNq73z3MaZfKyyBZ37NAgAFl8jze59bisR4fJ6pB6AYGxItHFkooZbN7UcVJX/cFudM4p8wp1W4rA==
+"@types/aws-lambda@^8.10.93":
+ version "8.10.93"
+ resolved "https://registry.yarnpkg.com/@types/aws-lambda/-/aws-lambda-8.10.93.tgz#3e2c80894122477040aabf29b7320556f5702a76"
+ integrity sha512-Vsyi9ogDAY3REZDjYnXMRJJa62SDvxHXxJI5nGDQdZW058dDE+av/anynN2rLKbCKXDRNw3D/sQmqxVflZFi4A==
"@types/babel__core@^7.0.0", "@types/babel__core@^7.1.14":
version "7.1.18"
@@ -1554,12 +1554,12 @@
dependencies:
"@types/istanbul-lib-report" "*"
-"@types/jest@^27.4.0":
- version "27.4.0"
- resolved "https://registry.yarnpkg.com/@types/jest/-/jest-27.4.0.tgz#037ab8b872067cae842a320841693080f9cb84ed"
- integrity sha512-gHl8XuC1RZ8H2j5sHv/JqsaxXkDDM9iDOgu0Wp8sjs4u/snb2PVehyWXJPr+ORA0RPpgw231mnutWI1+0hgjIQ==
+"@types/jest@^27.4.1":
+ version "27.4.1"
+ resolved "https://registry.yarnpkg.com/@types/jest/-/jest-27.4.1.tgz#185cbe2926eaaf9662d340cc02e548ce9e11ab6d"
+ integrity sha512-23iPJADSmicDVrWk+HT58LMJtzLAnB2AgIzplQuq/bSrGaxCrlvRFjGbXmamnnk/mAmCdLStiGqggu28ocUyiw==
dependencies:
- jest-diff "^27.0.0"
+ jest-matcher-utils "^27.0.0"
pretty-format "^27.0.0"
"@types/json-schema@^7.0.7":
@@ -1584,10 +1584,10 @@
resolved "https://registry.yarnpkg.com/@types/mime/-/mime-1.3.2.tgz#93e25bf9ee75fe0fd80b594bc4feb0e862111b5a"
integrity sha512-YATxVxgRqNH6nHEIsvg6k2Boc1JHI9ZbH5iWFFv/MTkchz3b1ieGDa5T0a9RznNdI0KhVbdbWSN+KWWrQZRxTw==
-"@types/node@*", "@types/node@^17.0.19":
- version "17.0.19"
- resolved "https://registry.yarnpkg.com/@types/node/-/node-17.0.19.tgz#726171367f404bfbe8512ba608a09ebad810c7e6"
- integrity sha512-PfeQhvcMR4cPFVuYfBN4ifG7p9c+Dlh3yUZR6k+5yQK7wX3gDgVxBly4/WkBRs9x4dmcy1TVl08SY67wwtEvmA==
+"@types/node@*", "@types/node@^17.0.21":
+ version "17.0.21"
+ resolved "https://registry.yarnpkg.com/@types/node/-/node-17.0.21.tgz#864b987c0c68d07b4345845c3e63b75edd143644"
+ integrity sha512-DBZCJbhII3r90XbQxI8Y9IjjiiOGlZ0Hr32omXIZvwwZ7p4DMMXGrKXVyPfuoBOri9XNtL0UK69jYIBIsRX3QQ==
"@types/prettier@^2.1.5":
version "2.4.3"
@@ -1850,10 +1850,10 @@ asynckit@^0.4.0:
resolved "https://registry.yarnpkg.com/asynckit/-/asynckit-0.4.0.tgz#c79ed97f7f34cb8f2ba1bc9790bcc366474b4b79"
integrity sha1-x57Zf380y48robyXkLzDZkdLS3k=
-aws-sdk@^2.1080.0:
- version "2.1080.0"
- resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.1080.0.tgz#90aca78e159f8ad04fb77fc6740a54ec0981b977"
- integrity sha512-CI3ovrQ7WarYuSliDCihpA5w+LoBWEvgBayRMgrZzGmAIEP9pNtXYWQ/wSjVYOyYtU1ilOFyhQBNExX3Kz1pXw==
+aws-sdk@^2.1090.0:
+ version "2.1090.0"
+ resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.1090.0.tgz#c30e4cbc177e4c3b7792020cc79dfaf155cc8197"
+ integrity sha512-oHdfbiuSjK9mn6rrm5fsitdwv7jEiYzaYB0Xz1kqjIczcVX3JEc+9ySdxlueQf4o5G3RVUcLRF2pIc5j9vcHSg==
dependencies:
buffer "4.9.2"
events "1.1.1"
@@ -2238,11 +2238,6 @@ detect-newline@^3.0.0:
resolved "https://registry.yarnpkg.com/detect-newline/-/detect-newline-3.1.0.tgz#576f5dfc63ae1a192ff192d8ad3af6308991b651"
integrity sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==
-diff-sequences@^27.4.0:
- version "27.4.0"
- resolved "https://registry.yarnpkg.com/diff-sequences/-/diff-sequences-27.4.0.tgz#d783920ad8d06ec718a060d00196dfef25b132a5"
- integrity sha512-YqiQzkrsmHMH5uuh8OdQFU9/ZpADnwzml8z0O5HvRNda+5UZsaX/xN+AAxfR2hWq1Y7HZnAzO9J5lJXOuDz2Ww==
-
diff-sequences@^27.5.1:
version "27.5.1"
resolved "https://registry.yarnpkg.com/diff-sequences/-/diff-sequences-27.5.1.tgz#eaecc0d327fd68c8d9672a1e64ab8dccb2ef5327"
@@ -3016,16 +3011,6 @@ jest-config@^27.5.1:
slash "^3.0.0"
strip-json-comments "^3.1.1"
-jest-diff@^27.0.0:
- version "27.4.6"
- resolved "https://registry.yarnpkg.com/jest-diff/-/jest-diff-27.4.6.tgz#93815774d2012a2cbb6cf23f84d48c7a2618f98d"
- integrity sha512-zjaB0sh0Lb13VyPsd92V7HkqF6yKRH9vm33rwBt7rPYrpQvS1nCvlIy2pICbKta+ZjWngYLNn4cCK4nyZkjS/w==
- dependencies:
- chalk "^4.0.0"
- diff-sequences "^27.4.0"
- jest-get-type "^27.4.0"
- pretty-format "^27.4.6"
-
jest-diff@^27.5.1:
version "27.5.1"
resolved "https://registry.yarnpkg.com/jest-diff/-/jest-diff-27.5.1.tgz#a07f5011ac9e6643cf8a95a462b7b1ecf6680def"
@@ -3079,11 +3064,6 @@ jest-environment-node@^27.5.1:
jest-mock "^27.5.1"
jest-util "^27.5.1"
-jest-get-type@^27.4.0:
- version "27.4.0"
- resolved "https://registry.yarnpkg.com/jest-get-type/-/jest-get-type-27.4.0.tgz#7503d2663fffa431638337b3998d39c5e928e9b5"
- integrity sha512-tk9o+ld5TWq41DkK14L4wox4s2D9MtTpKaAVzXfr5CUKm5ZK2ExcaFE0qls2W71zE/6R2TxxrK9w2r6svAFDBQ==
-
jest-get-type@^27.5.1:
version "27.5.1"
resolved "https://registry.yarnpkg.com/jest-get-type/-/jest-get-type-27.5.1.tgz#3cd613c507b0f7ace013df407a1c1cd578bcb4f1"
@@ -3140,7 +3120,7 @@ jest-leak-detector@^27.5.1:
jest-get-type "^27.5.1"
pretty-format "^27.5.1"
-jest-matcher-utils@^27.5.1:
+jest-matcher-utils@^27.0.0, jest-matcher-utils@^27.5.1:
version "27.5.1"
resolved "https://registry.yarnpkg.com/jest-matcher-utils/-/jest-matcher-utils-27.5.1.tgz#9c0cdbda8245bc22d2331729d1091308b40cf8ab"
integrity sha512-z2uTx/T6LBaCoNWNFWwChLBKYxTMcGBRjAt+2SbP929/Fflb9aa5LGma654Rz8z9HLxsrUaYzxE9T/EFIL/PAw==
@@ -3894,16 +3874,7 @@ prettier@2.5.1:
resolved "https://registry.yarnpkg.com/prettier/-/prettier-2.5.1.tgz#fff75fa9d519c54cf0fce328c1017d94546bc56a"
integrity sha512-vBZcPRUR5MZJwoyi3ZoyQlc1rXeEck8KgeC9AwwOn+exuxLxq5toTRDTSaVrXHxelDMHy9zlicw8u66yxoSUFg==
-pretty-format@^27.0.0, pretty-format@^27.4.6:
- version "27.4.6"
- resolved "https://registry.yarnpkg.com/pretty-format/-/pretty-format-27.4.6.tgz#1b784d2f53c68db31797b2348fa39b49e31846b7"
- integrity sha512-NblstegA1y/RJW2VyML+3LlpFjzx62cUrtBIKIWDXEDkjNeleA7Od7nrzcs/VLQvAeV4CgSYhrN39DRN88Qi/g==
- dependencies:
- ansi-regex "^5.0.1"
- ansi-styles "^5.0.0"
- react-is "^17.0.1"
-
-pretty-format@^27.5.1:
+pretty-format@^27.0.0, pretty-format@^27.5.1:
version "27.5.1"
resolved "https://registry.yarnpkg.com/pretty-format/-/pretty-format-27.5.1.tgz#2181879fdea51a7a5851fb39d920faa63f01d88e"
integrity sha512-Qb1gy5OrP5+zDf2Bvnzdl3jsTf1qXVMazbvCoKhtKqVs4/YK4ozX4gKQJJVyNe+cajNPn0KoC0MC3FUmaHWEmQ==
@@ -4363,10 +4334,10 @@ ts-node-dev@^1.1.6:
ts-node "^9.0.0"
tsconfig "^7.0.0"
-ts-node@^10.5.0:
- version "10.5.0"
- resolved "https://registry.yarnpkg.com/ts-node/-/ts-node-10.5.0.tgz#618bef5854c1fbbedf5e31465cbb224a1d524ef9"
- integrity sha512-6kEJKwVxAJ35W4akuiysfKwKmjkbYxwQMTBaAxo9KKAx/Yd26mPUyhGz3ji+EsJoAgrLqVsYHNuuYwQe22lbtw==
+ts-node@^10.7.0:
+ version "10.7.0"
+ resolved "https://registry.yarnpkg.com/ts-node/-/ts-node-10.7.0.tgz#35d503d0fab3e2baa672a0e94f4b40653c2463f5"
+ integrity sha512-TbIGS4xgJoX2i3do417KSaep1uRAW/Lu+WAL2doDHC0D6ummjirVOXU5/7aiZotbQ5p1Zp9tP7U6cYhA0O7M8A==
dependencies:
"@cspotcode/source-map-support" "0.7.0"
"@tsconfig/node10" "^1.0.7"
@@ -4464,10 +4435,10 @@ typedarray-to-buffer@^3.1.5:
dependencies:
is-typedarray "^1.0.0"
-typescript@^4.5.5:
- version "4.5.5"
- resolved "https://registry.yarnpkg.com/typescript/-/typescript-4.5.5.tgz#d8c953832d28924a9e3d37c73d729c846c5896f3"
- integrity sha512-TCTIul70LyWe6IJWT8QSYeA54WQe8EjQFU4wY52Fasj5UKx88LNYKCgBEHcOMOrFF1rKGbD8v/xcNWVUq9SymA==
+typescript@^4.6.2:
+ version "4.6.2"
+ resolved "https://registry.yarnpkg.com/typescript/-/typescript-4.6.2.tgz#fe12d2727b708f4eef40f51598b3398baa9611d4"
+ integrity sha512-HM/hFigTBHZhLXshn9sN37H085+hQGeJHJ/X7LpBWLID/fbc2acUMfU+lGD98X81sKP+pFa9f0DZmCwB9GnbAg==
universal-github-app-jwt@^1.0.1:
version "1.1.0"
diff --git a/modules/runners/logging.tf b/modules/runners/logging.tf
index 6bd0843fdb..9f4ab3ee90 100644
--- a/modules/runners/logging.tf
+++ b/modules/runners/logging.tf
@@ -54,6 +54,7 @@ resource "aws_cloudwatch_log_group" "gh_runners" {
count = length(local.loggroups_names)
name = local.loggroups_names[count.index]
retention_in_days = var.logging_retention_in_days
+ kms_key_id = var.logging_kms_key_id
tags = local.tags
}
diff --git a/modules/runners/main.tf b/modules/runners/main.tf
index 60826522b6..ff5c614f1a 100644
--- a/modules/runners/main.tf
+++ b/modules/runners/main.tf
@@ -16,7 +16,7 @@ locals {
default_ami = {
"windows" = { name = ["Windows_Server-20H2-English-Core-ContainersLatest-*"] }
- "linux" = var.runner_architecture == "arm64" ? { name = ["amzn2-ami-hvm-2*-arm64-gp2"] } : { name = ["amzn2-ami-hvm-2.*-x86_64-ebs"] }
+ "linux" = var.runner_architecture == "arm64" ? { name = ["amzn2-ami-kernel-5.*-hvm-*-arm64-gp2"] } : { name = ["amzn2-ami-kernel-5.*-hvm-*-x86_64-gp2"] }
}
default_userdata_template = {
@@ -55,7 +55,7 @@ resource "aws_launch_template" "runner" {
name = "${var.environment}-action-runner"
dynamic "block_device_mappings" {
- for_each = [var.block_device_mappings]
+ for_each = var.block_device_mappings != null ? [var.block_device_mappings] : []
content {
device_name = lookup(block_device_mappings.value, "device_name", "/dev/xvda")
diff --git a/modules/runners/policies-runner.tf b/modules/runners/policies-runner.tf
index dc90d47b0b..2e6351ac00 100644
--- a/modules/runners/policies-runner.tf
+++ b/modules/runners/policies-runner.tf
@@ -26,8 +26,8 @@ resource "aws_iam_role_policy" "ssm_parameters" {
role = aws_iam_role.runner.name
policy = templatefile("${path.module}/policies/instance-ssm-parameters-policy.json",
{
- arn_ssm_parameters_prefix = "arn:aws:ssm:${var.aws_region}:${data.aws_caller_identity.current.account_id}:parameter/${var.environment}-*"
- arn_ssm_parameters_path = "arn:aws:ssm:${var.aws_region}:${data.aws_caller_identity.current.account_id}:parameter/${var.environment}/*"
+ arn_ssm_parameters_prefix = "arn:${var.aws_partition}:ssm:${var.aws_region}:${data.aws_caller_identity.current.account_id}:parameter/${var.environment}-*"
+ arn_ssm_parameters_path = "arn:${var.aws_partition}:ssm:${var.aws_region}:${data.aws_caller_identity.current.account_id}:parameter/${var.environment}/*"
}
)
}
diff --git a/modules/runners/policies/service-linked-role-create-policy.json b/modules/runners/policies/service-linked-role-create-policy.json
index db6224d266..18a47d5104 100644
--- a/modules/runners/policies/service-linked-role-create-policy.json
+++ b/modules/runners/policies/service-linked-role-create-policy.json
@@ -4,7 +4,7 @@
{
"Effect": "Allow",
"Action": "iam:CreateServiceLinkedRole",
- "Resource": "arn:aws:iam::*:role/aws-service-role/*"
+ "Resource": "arn:${aws_partition}:iam::*:role/aws-service-role/*"
}
]
}
diff --git a/modules/runners/pool.tf b/modules/runners/pool.tf
index 6c749a5ca5..67c165bb9e 100644
--- a/modules/runners/pool.tf
+++ b/modules/runners/pool.tf
@@ -19,6 +19,7 @@ module "pool" {
log_level = var.log_level
log_type = var.log_type
logging_retention_in_days = var.logging_retention_in_days
+ logging_kms_key_id = var.logging_retention_in_days
reserved_concurrent_executions = var.pool_lambda_reserved_concurrent_executions
s3_bucket = var.lambda_s3_bucket
s3_key = var.runners_lambda_s3_key
@@ -44,4 +45,6 @@ module "pool" {
tags = local.tags
}
+ aws_partition = var.aws_partition
+
}
diff --git a/modules/runners/pool/main.tf b/modules/runners/pool/main.tf
index 8c8c24bc04..3a4b1e7fd4 100644
--- a/modules/runners/pool/main.tf
+++ b/modules/runners/pool/main.tf
@@ -49,6 +49,7 @@ resource "aws_lambda_function" "pool" {
resource "aws_cloudwatch_log_group" "pool" {
name = "/aws/lambda/${aws_lambda_function.pool.function_name}"
retention_in_days = var.config.lambda.logging_retention_in_days
+ kms_key_id = var.config.lambda.logging_kms_key_id
tags = var.config.tags
}
@@ -82,7 +83,7 @@ resource "aws_iam_role_policy" "pool_logging" {
resource "aws_iam_role_policy_attachment" "pool_vpc_execution_role" {
count = length(var.config.lambda.subnet_ids) > 0 ? 1 : 0
role = aws_iam_role.pool.name
- policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole"
+ policy_arn = "arn:${var.aws_partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole"
}
data "aws_iam_policy_document" "lambda_assume_role_policy" {
diff --git a/modules/runners/pool/variables.tf b/modules/runners/pool/variables.tf
index 0fcbe345f9..579a37f904 100644
--- a/modules/runners/pool/variables.tf
+++ b/modules/runners/pool/variables.tf
@@ -4,6 +4,7 @@ variable "config" {
log_level = string
log_type = string
logging_retention_in_days = number
+ logging_kms_key_id = string
reserved_concurrent_executions = number
s3_bucket = string
s3_key = string
@@ -50,3 +51,9 @@ variable "config" {
role_path = string
})
}
+
+variable "aws_partition" {
+ description = "(optional) partition for the arn if not 'aws'"
+ type = string
+ default = "aws"
+}
diff --git a/modules/runners/scale-down.tf b/modules/runners/scale-down.tf
index 44b2ae1749..a1c30fcf9b 100644
--- a/modules/runners/scale-down.tf
+++ b/modules/runners/scale-down.tf
@@ -46,6 +46,7 @@ resource "aws_lambda_function" "scale_down" {
resource "aws_cloudwatch_log_group" "scale_down" {
name = "/aws/lambda/${aws_lambda_function.scale_down.function_name}"
retention_in_days = var.logging_retention_in_days
+ kms_key_id = var.logging_kms_key_id
tags = var.tags
}
@@ -97,5 +98,5 @@ resource "aws_iam_role_policy" "scale_down_logging" {
resource "aws_iam_role_policy_attachment" "scale_down_vpc_execution_role" {
count = length(var.lambda_subnet_ids) > 0 ? 1 : 0
role = aws_iam_role.scale_down.name
- policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole"
+ policy_arn = "arn:${var.aws_partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole"
}
diff --git a/modules/runners/scale-up.tf b/modules/runners/scale-up.tf
index 234e4f7667..0a4bde8f6b 100644
--- a/modules/runners/scale-up.tf
+++ b/modules/runners/scale-up.tf
@@ -49,6 +49,7 @@ resource "aws_lambda_function" "scale_up" {
resource "aws_cloudwatch_log_group" "scale_up" {
name = "/aws/lambda/${aws_lambda_function.scale_up.function_name}"
retention_in_days = var.logging_retention_in_days
+ kms_key_id = var.logging_kms_key_id
tags = var.tags
}
@@ -99,11 +100,11 @@ resource "aws_iam_role_policy" "service_linked_role" {
count = var.create_service_linked_role_spot ? 1 : 0
name = "${var.environment}-service_linked_role"
role = aws_iam_role.scale_up.name
- policy = templatefile("${path.module}/policies/service-linked-role-create-policy.json", {})
+ policy = templatefile("${path.module}/policies/service-linked-role-create-policy.json", { aws_partition = var.aws_partition })
}
resource "aws_iam_role_policy_attachment" "scale_up_vpc_execution_role" {
count = length(var.lambda_subnet_ids) > 0 ? 1 : 0
role = aws_iam_role.scale_up.name
- policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole"
+ policy_arn = "arn:${var.aws_partition}:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole"
}
diff --git a/modules/runners/variables.tf b/modules/runners/variables.tf
index 59d93f6749..8252f3c715 100644
--- a/modules/runners/variables.tf
+++ b/modules/runners/variables.tf
@@ -280,6 +280,12 @@ variable "logging_retention_in_days" {
default = 180
}
+variable "logging_kms_key_id" {
+ description = "Specifies the kms key id to encrypt the logs with"
+ type = string
+ default = null
+}
+
variable "enable_ssm_on_runners" {
description = "Enable to allow access to the runner instances for debugging purposes via SSM. Note that this adds additional permissions to the runner instances."
type = bool
@@ -306,6 +312,12 @@ variable "create_service_linked_role_spot" {
default = false
}
+variable "aws_partition" {
+ description = "(optional) partition for the base arn if not 'aws'"
+ type = string
+ default = "aws"
+}
+
variable "runner_iam_role_managed_policy_arns" {
description = "Attach AWS or customer-managed IAM policies (by ARN) to the runner IAM role"
type = list(string)
@@ -499,5 +511,5 @@ variable "pool_config" {
variable "disable_runner_autoupdate" {
description = "Disable the auto update of the github runner agent. Be-aware there is a grace period of 30 days, see also the [GitHub article](https://github.blog/changelog/2022-02-01-github-actions-self-hosted-runners-can-now-disable-automatic-updates/)"
type = bool
- default = true
+ default = false
}
diff --git a/modules/setup-iam-permissions/README.md b/modules/setup-iam-permissions/README.md
index c0e78f7638..b66adb7e50 100644
--- a/modules/setup-iam-permissions/README.md
+++ b/modules/setup-iam-permissions/README.md
@@ -70,6 +70,7 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [account\_id](#input\_account\_id) | The module allows to switch to the created role from the provided account id. | `string` | n/a | yes |
+| [aws\_partition](#input\_aws\_partition) | (optional) partition in the arn namespace if not aws | `string` | `"aws"` | no |
| [environment](#input\_environment) | A name that identifies the environment, used as prefix and for tagging. | `string` | n/a | yes |
| [namespaces](#input\_namespaces) | The role will be only allowed to create roles, policies and instance profiles in the given namespace / path. All policies in the boundaries namespace cannot be modified by this role. | object({
boundary_namespace = string
role_namespace = string
policy_namespace = string
instance_profile_namespace = string
}) | n/a | yes |
diff --git a/modules/setup-iam-permissions/main.tf b/modules/setup-iam-permissions/main.tf
index d06c0c7770..a577dfd482 100644
--- a/modules/setup-iam-permissions/main.tf
+++ b/modules/setup-iam-permissions/main.tf
@@ -5,7 +5,8 @@ resource "aws_iam_role" "deploy" {
permissions_boundary = aws_iam_policy.deploy_boundary.arn
assume_role_policy = templatefile("${path.module}/policies/assume-role-for-account.json", {
- account_id = var.account_id
+ account_id = var.account_id
+ aws_partition = var.aws_partition
})
}
@@ -16,6 +17,7 @@ resource "aws_iam_policy" "boundary" {
policy = templatefile("${path.module}/policies/boundary.json", {
role_namespace = var.namespaces.role_namespace
account_id = data.aws_caller_identity.current.account_id
+ aws_partition = var.aws_partition
})
}
@@ -44,5 +46,6 @@ resource "aws_iam_policy" "deploy_boundary" {
instance_profile_namespace = var.namespaces.instance_profile_namespace
boundary_namespace = var.namespaces.boundary_namespace
permission_boundary = aws_iam_policy.boundary.arn
+ aws_partition = var.aws_partition
})
}
diff --git a/modules/setup-iam-permissions/policies/assume-role-for-account.json b/modules/setup-iam-permissions/policies/assume-role-for-account.json
index d8300991a8..b6c51b5f96 100644
--- a/modules/setup-iam-permissions/policies/assume-role-for-account.json
+++ b/modules/setup-iam-permissions/policies/assume-role-for-account.json
@@ -3,7 +3,7 @@
"Statement": [
{
"Action": "sts:AssumeRole",
- "Principal": { "AWS": "arn:aws:iam::${account_id}:root" },
+ "Principal": { "AWS": "arn:${aws_partition}:iam::${account_id}:root" },
"Effect": "Allow",
"Sid": "",
"Condition": {
diff --git a/modules/setup-iam-permissions/policies/boundary.json b/modules/setup-iam-permissions/policies/boundary.json
index f336edadec..5e9363456a 100644
--- a/modules/setup-iam-permissions/policies/boundary.json
+++ b/modules/setup-iam-permissions/policies/boundary.json
@@ -21,7 +21,7 @@
"Sid": "RoleInNamespace",
"Effect": "Allow",
"Action": ["iam:PassRole"],
- "Resource": "arn:aws:iam::${account_id}:role/${role_namespace}/*"
+ "Resource": "arn:${aws_partition}:iam::${account_id}:role/${role_namespace}/*"
},
{
"Sid": "Decrypt",
diff --git a/modules/setup-iam-permissions/policies/deploy-boundary.json b/modules/setup-iam-permissions/policies/deploy-boundary.json
index 1b6f7fc8c8..e6111e5f19 100644
--- a/modules/setup-iam-permissions/policies/deploy-boundary.json
+++ b/modules/setup-iam-permissions/policies/deploy-boundary.json
@@ -10,7 +10,7 @@
"iam:PutRolePermissionsBoundary",
"iam:PutRolePolicy"
],
- "Resource": "arn:aws:iam::${account_id}:role/${role_namespace}/*",
+ "Resource": "arn:${aws_partition}:iam::${account_id}:role/${role_namespace}/*",
"Condition": {
"StringEquals": {
"iam:PermissionsBoundary": "${permission_boundary}"
@@ -29,7 +29,7 @@
"iam:DetachRolePolicy",
"iam:DeleteRolePolicy"
],
- "Resource": "arn:aws:iam::${account_id}:role/${role_namespace}/*"
+ "Resource": "arn:${aws_partition}:iam::${account_id}:role/${role_namespace}/*"
},
{
"Sid": "PolicyInNamespace",
@@ -42,7 +42,7 @@
"iam:GetPolicyVersion",
"iam:SetDefaultPolicyVersion"
],
- "Resource": "arn:aws:iam::${account_id}:policy/${policy_namespace}/*"
+ "Resource": "arn:${aws_partition}:iam::${account_id}:policy/${policy_namespace}/*"
},
{
"Sid": "InstanceProfileInNamespace",
@@ -54,7 +54,7 @@
"iam:AddRoleToInstanceProfile",
"iam:GetInstanceProfile"
],
- "Resource": "arn:aws:iam::${account_id}:instance-profile/${instance_profile_namespace}/*"
+ "Resource": "arn:${aws_partition}:iam::${account_id}:instance-profile/${instance_profile_namespace}/*"
},
{
"Sid": "IamListActions",
@@ -78,7 +78,7 @@
"iam:DeletePolicyVersion",
"iam:SetDefaultPolicyVersion"
],
- "Resource": "arn:aws:iam::${account_id}:policy/${boundary_namespace}/*"
+ "Resource": "arn:${aws_partition}:iam::${account_id}:policy/${boundary_namespace}/*"
},
{
"Sid": "Services",
diff --git a/modules/setup-iam-permissions/variables.tf b/modules/setup-iam-permissions/variables.tf
index 32e514a0bb..a67d56648c 100644
--- a/modules/setup-iam-permissions/variables.tf
+++ b/modules/setup-iam-permissions/variables.tf
@@ -18,3 +18,9 @@ variable "account_id" {
type = string
}
+
+variable "aws_partition" {
+ description = "(optional) partition in the arn namespace if not aws"
+ type = string
+ default = "aws"
+}
diff --git a/modules/webhook/README.md b/modules/webhook/README.md
index 52fc6c5248..c57474258f 100644
--- a/modules/webhook/README.md
+++ b/modules/webhook/README.md
@@ -83,6 +83,7 @@ No modules.
| [lambda\_zip](#input\_lambda\_zip) | File location of the lambda zip file. | `string` | `null` | no |
| [log\_level](#input\_log\_level) | Logging level for lambda logging. Valid values are 'silly', 'trace', 'debug', 'info', 'warn', 'error', 'fatal'. | `string` | `"info"` | no |
| [log\_type](#input\_log\_type) | Logging format for lambda logging. Valid values are 'json', 'pretty', 'hidden'. | `string` | `"pretty"` | no |
+| [logging\_kms\_key\_id](#input\_logging\_kms\_key\_id) | Specifies the kms key id to encrypt the logs with | `string` | `null` | no |
| [logging\_retention\_in\_days](#input\_logging\_retention\_in\_days) | Specifies the number of days you want to retain log events for the lambda log group. Possible values are: 0, 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. | `number` | `7` | no |
| [repository\_white\_list](#input\_repository\_white\_list) | List of repositories allowed to use the github app | `list(string)` | `[]` | no |
| [role\_path](#input\_role\_path) | The path that will be added to the role; if not set, the environment name will be used. | `string` | `null` | no |
diff --git a/modules/webhook/lambdas/webhook/package.json b/modules/webhook/lambdas/webhook/package.json
index 935d59a364..10796db0e4 100644
--- a/modules/webhook/lambdas/webhook/package.json
+++ b/modules/webhook/lambdas/webhook/package.json
@@ -18,14 +18,14 @@
"devDependencies": {
"@octokit/webhooks-definitions": "^3.67.3",
"@trivago/prettier-plugin-sort-imports": "^3.2.0",
- "@types/aws-lambda": "^8.10.92",
+ "@types/aws-lambda": "^8.10.93",
"@types/express": "^4.17.11",
- "@types/jest": "^27.4.0",
+ "@types/jest": "^27.4.1",
"@types/node": "^17.0.21",
"@typescript-eslint/eslint-plugin": "^4.33.0",
"@typescript-eslint/parser": "^4.33.0",
"@vercel/ncc": "0.33.3",
- "aws-sdk": "^2.1081.0",
+ "aws-sdk": "^2.1087.0",
"body-parser": "^1.19.0",
"eslint": "^7.32.0",
"eslint-plugin-prettier": "4.0.0",
@@ -36,7 +36,7 @@
"prettier": "2.5.1",
"ts-jest": "^27.1.3",
"ts-node-dev": "^1.1.6",
- "typescript": "^4.5.5"
+ "typescript": "^4.6.2"
},
"dependencies": {
"@aws-sdk/client-ssm": "^3.53.0",
diff --git a/modules/webhook/lambdas/webhook/yarn.lock b/modules/webhook/lambdas/webhook/yarn.lock
index 594b8fe1a9..3779771344 100644
--- a/modules/webhook/lambdas/webhook/yarn.lock
+++ b/modules/webhook/lambdas/webhook/yarn.lock
@@ -1410,10 +1410,10 @@
javascript-natural-sort "0.7.1"
lodash "4.17.21"
-"@types/aws-lambda@^8.10.92":
- version "8.10.92"
- resolved "https://registry.yarnpkg.com/@types/aws-lambda/-/aws-lambda-8.10.92.tgz#645f769ff88b8eba1acd35542695ac322c7757c4"
- integrity sha512-dB14TltT1SNq73z3MaZfKyyBZ37NAgAFl8jze59bisR4fJ6pB6AYGxItHFkooZbN7UcVJX/cFudM4p8wp1W4rA==
+"@types/aws-lambda@^8.10.93":
+ version "8.10.93"
+ resolved "https://registry.yarnpkg.com/@types/aws-lambda/-/aws-lambda-8.10.93.tgz#3e2c80894122477040aabf29b7320556f5702a76"
+ integrity sha512-Vsyi9ogDAY3REZDjYnXMRJJa62SDvxHXxJI5nGDQdZW058dDE+av/anynN2rLKbCKXDRNw3D/sQmqxVflZFi4A==
"@types/babel__core@^7.0.0", "@types/babel__core@^7.1.14":
version "7.1.16"
@@ -1508,12 +1508,12 @@
dependencies:
"@types/istanbul-lib-report" "*"
-"@types/jest@^27.4.0":
- version "27.4.0"
- resolved "https://registry.yarnpkg.com/@types/jest/-/jest-27.4.0.tgz#037ab8b872067cae842a320841693080f9cb84ed"
- integrity sha512-gHl8XuC1RZ8H2j5sHv/JqsaxXkDDM9iDOgu0Wp8sjs4u/snb2PVehyWXJPr+ORA0RPpgw231mnutWI1+0hgjIQ==
+"@types/jest@^27.4.1":
+ version "27.4.1"
+ resolved "https://registry.yarnpkg.com/@types/jest/-/jest-27.4.1.tgz#185cbe2926eaaf9662d340cc02e548ce9e11ab6d"
+ integrity sha512-23iPJADSmicDVrWk+HT58LMJtzLAnB2AgIzplQuq/bSrGaxCrlvRFjGbXmamnnk/mAmCdLStiGqggu28ocUyiw==
dependencies:
- jest-diff "^27.0.0"
+ jest-matcher-utils "^27.0.0"
pretty-format "^27.0.0"
"@types/json-schema@^7.0.7":
@@ -1818,10 +1818,10 @@ aws-lambda@^1.0.7:
js-yaml "^3.14.1"
watchpack "^2.0.0-beta.10"
-aws-sdk@^2.1081.0, aws-sdk@^2.814.0:
- version "2.1081.0"
- resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.1081.0.tgz#171a306fcc752b97c18f2d01a8bff24bba12447a"
- integrity sha512-204Aqi3NmSRZDAvyzmi1usje6oCM+Q4g6PgA+vc/XQQPe1oxO95AgOXZvrpjX2QlLbA0JDItL1ufUh3nszjaqA==
+aws-sdk@^2.1087.0, aws-sdk@^2.814.0:
+ version "2.1087.0"
+ resolved "https://registry.yarnpkg.com/aws-sdk/-/aws-sdk-2.1087.0.tgz#bb00dbac5c6bf415040ad00e7c95462b34c26ddf"
+ integrity sha512-m5EERT29Fwh2cv3SaSdygeAjJBXnjSaXRRERy70bf6PQ7KgmASJouBxY11g5G7LTEPK/yfB0TGshujKh3hEtPA==
dependencies:
buffer "4.9.2"
events "1.1.1"
@@ -2264,11 +2264,6 @@ detect-newline@^3.0.0:
resolved "https://registry.yarnpkg.com/detect-newline/-/detect-newline-3.1.0.tgz#576f5dfc63ae1a192ff192d8ad3af6308991b651"
integrity sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==
-diff-sequences@^27.4.0:
- version "27.4.0"
- resolved "https://registry.yarnpkg.com/diff-sequences/-/diff-sequences-27.4.0.tgz#d783920ad8d06ec718a060d00196dfef25b132a5"
- integrity sha512-YqiQzkrsmHMH5uuh8OdQFU9/ZpADnwzml8z0O5HvRNda+5UZsaX/xN+AAxfR2hWq1Y7HZnAzO9J5lJXOuDz2Ww==
-
diff-sequences@^27.5.1:
version "27.5.1"
resolved "https://registry.yarnpkg.com/diff-sequences/-/diff-sequences-27.5.1.tgz#eaecc0d327fd68c8d9672a1e64ab8dccb2ef5327"
@@ -3169,16 +3164,6 @@ jest-config@^27.5.1:
slash "^3.0.0"
strip-json-comments "^3.1.1"
-jest-diff@^27.0.0:
- version "27.4.2"
- resolved "https://registry.yarnpkg.com/jest-diff/-/jest-diff-27.4.2.tgz#786b2a5211d854f848e2dcc1e324448e9481f36f"
- integrity sha512-ujc9ToyUZDh9KcqvQDkk/gkbf6zSaeEg9AiBxtttXW59H/AcqEYp1ciXAtJp+jXWva5nAf/ePtSsgWwE5mqp4Q==
- dependencies:
- chalk "^4.0.0"
- diff-sequences "^27.4.0"
- jest-get-type "^27.4.0"
- pretty-format "^27.4.2"
-
jest-diff@^27.5.1:
version "27.5.1"
resolved "https://registry.yarnpkg.com/jest-diff/-/jest-diff-27.5.1.tgz#a07f5011ac9e6643cf8a95a462b7b1ecf6680def"
@@ -3232,11 +3217,6 @@ jest-environment-node@^27.5.1:
jest-mock "^27.5.1"
jest-util "^27.5.1"
-jest-get-type@^27.4.0:
- version "27.4.0"
- resolved "https://registry.yarnpkg.com/jest-get-type/-/jest-get-type-27.4.0.tgz#7503d2663fffa431638337b3998d39c5e928e9b5"
- integrity sha512-tk9o+ld5TWq41DkK14L4wox4s2D9MtTpKaAVzXfr5CUKm5ZK2ExcaFE0qls2W71zE/6R2TxxrK9w2r6svAFDBQ==
-
jest-get-type@^27.5.1:
version "27.5.1"
resolved "https://registry.yarnpkg.com/jest-get-type/-/jest-get-type-27.5.1.tgz#3cd613c507b0f7ace013df407a1c1cd578bcb4f1"
@@ -3293,7 +3273,7 @@ jest-leak-detector@^27.5.1:
jest-get-type "^27.5.1"
pretty-format "^27.5.1"
-jest-matcher-utils@^27.5.1:
+jest-matcher-utils@^27.0.0, jest-matcher-utils@^27.5.1:
version "27.5.1"
resolved "https://registry.yarnpkg.com/jest-matcher-utils/-/jest-matcher-utils-27.5.1.tgz#9c0cdbda8245bc22d2331729d1091308b40cf8ab"
integrity sha512-z2uTx/T6LBaCoNWNFWwChLBKYxTMcGBRjAt+2SbP929/Fflb9aa5LGma654Rz8z9HLxsrUaYzxE9T/EFIL/PAw==
@@ -4019,17 +3999,7 @@ prettier@2.5.1:
resolved "https://registry.yarnpkg.com/prettier/-/prettier-2.5.1.tgz#fff75fa9d519c54cf0fce328c1017d94546bc56a"
integrity sha512-vBZcPRUR5MZJwoyi3ZoyQlc1rXeEck8KgeC9AwwOn+exuxLxq5toTRDTSaVrXHxelDMHy9zlicw8u66yxoSUFg==
-pretty-format@^27.0.0, pretty-format@^27.4.2:
- version "27.4.2"
- resolved "https://registry.yarnpkg.com/pretty-format/-/pretty-format-27.4.2.tgz#e4ce92ad66c3888423d332b40477c87d1dac1fb8"
- integrity sha512-p0wNtJ9oLuvgOQDEIZ9zQjZffK7KtyR6Si0jnXULIDwrlNF8Cuir3AZP0hHv0jmKuNN/edOnbMjnzd4uTcmWiw==
- dependencies:
- "@jest/types" "^27.4.2"
- ansi-regex "^5.0.1"
- ansi-styles "^5.0.0"
- react-is "^17.0.1"
-
-pretty-format@^27.5.1:
+pretty-format@^27.0.0, pretty-format@^27.5.1:
version "27.5.1"
resolved "https://registry.yarnpkg.com/pretty-format/-/pretty-format-27.5.1.tgz#2181879fdea51a7a5851fb39d920faa63f01d88e"
integrity sha512-Qb1gy5OrP5+zDf2Bvnzdl3jsTf1qXVMazbvCoKhtKqVs4/YK4ozX4gKQJJVyNe+cajNPn0KoC0MC3FUmaHWEmQ==
@@ -4652,10 +4622,10 @@ typedarray-to-buffer@^3.1.5:
dependencies:
is-typedarray "^1.0.0"
-typescript@^4.5.5:
- version "4.5.5"
- resolved "https://registry.yarnpkg.com/typescript/-/typescript-4.5.5.tgz#d8c953832d28924a9e3d37c73d729c846c5896f3"
- integrity sha512-TCTIul70LyWe6IJWT8QSYeA54WQe8EjQFU4wY52Fasj5UKx88LNYKCgBEHcOMOrFF1rKGbD8v/xcNWVUq9SymA==
+typescript@^4.6.2:
+ version "4.6.2"
+ resolved "https://registry.yarnpkg.com/typescript/-/typescript-4.6.2.tgz#fe12d2727b708f4eef40f51598b3398baa9611d4"
+ integrity sha512-HM/hFigTBHZhLXshn9sN37H085+hQGeJHJ/X7LpBWLID/fbc2acUMfU+lGD98X81sKP+pFa9f0DZmCwB9GnbAg==
universal-user-agent@^6.0.0:
version "6.0.0"
diff --git a/modules/webhook/variables.tf b/modules/webhook/variables.tf
index aa7b777397..d719ad45d9 100644
--- a/modules/webhook/variables.tf
+++ b/modules/webhook/variables.tf
@@ -56,6 +56,12 @@ variable "logging_retention_in_days" {
default = 7
}
+variable "logging_kms_key_id" {
+ description = "Specifies the kms key id to encrypt the logs with"
+ type = string
+ default = null
+}
+
variable "lambda_s3_bucket" {
description = "S3 bucket from which to specify lambda functions. This is an alternative to providing local files directly."
default = null
diff --git a/modules/webhook/webhook.tf b/modules/webhook/webhook.tf
index bd2ae54cda..25e9c4d60a 100644
--- a/modules/webhook/webhook.tf
+++ b/modules/webhook/webhook.tf
@@ -29,6 +29,7 @@ resource "aws_lambda_function" "webhook" {
resource "aws_cloudwatch_log_group" "webhook" {
name = "/aws/lambda/${aws_lambda_function.webhook.function_name}"
retention_in_days = var.logging_retention_in_days
+ kms_key_id = var.logging_kms_key_id
tags = var.tags
}
diff --git a/variables.tf b/variables.tf
index 5865e32225..b2f65d5a51 100644
--- a/variables.tf
+++ b/variables.tf
@@ -211,6 +211,12 @@ variable "logging_retention_in_days" {
default = 180
}
+variable "logging_kms_key_id" {
+ description = "Specifies the kms key id to encrypt the logs with"
+ type = string
+ default = null
+}
+
variable "runner_allow_prerelease_binaries" {
description = "Allow the runners to update to prerelease binaries."
type = bool
@@ -586,6 +592,12 @@ variable "pool_config" {
default = []
}
+variable "aws_partition" {
+ description = "(optiona) partition in the arn namespace to use if not 'aws'"
+ type = string
+ default = "aws"
+}
+
variable "disable_runner_autoupdate" {
description = "Disable the auto update of the github runner agent. Be-aware there is a grace period of 30 days, see also the [GitHub article](https://github.blog/changelog/2022-02-01-github-actions-self-hosted-runners-can-now-disable-automatic-updates/)"
type = bool