Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(cli): upgrade aws-sdk to sdkv3 #31702

Merged
merged 52 commits into from
Nov 12, 2024
Merged

feat(cli): upgrade aws-sdk to sdkv3 #31702

merged 52 commits into from
Nov 12, 2024
+191,999 −98,902

Conversation

TheRealAmazonKendra
Copy link
Contributor

@TheRealAmazonKendra TheRealAmazonKendra commented Oct 9, 2024
edited
Loading

This PR updates the CDK CLI to use the AWS SDK V3 instead of V2.

Manual Test Cases for Authorization

All tests were run verbosely so that I could manually check the credentials being used from the CLI output.

  • No credentials setup and no default profile fails as expected (established to ensure nothing was unintentionally setup)
  • Explicitly provided profile sourced from config file, tested with both --profile and AWS_PROFILE
    • aws_access_key_id and aws_secret_access_key
    • aws_access_key_id and aws_secret_access_key and region
    • source_profile and role_arn that points to another profile with aws_access_key_id and aws_secret_access_key in both config and credentials
    • source_profile and role_arn that points to Environment
    • source_profile that and role_arn that points to SSO profile in both config and credentials
    • SSO both using all fields in [profile] and split between [sso-session] and [profile]
    • credential_source is Environment
    • credential_process
  • Explicitly provided profile sourced from credentials file
    • aws_access_key_id and aws_secret_access_key
    • aws_access_key_id and aws_secret_access_key and region
    • source_profile and role_arn that points to another profile with aws_access_key_id and aws_secret_access_key in both config and credentials
    • source_profile and role_arn that points to Environment
    • source_profile that and role_arn that points to SSO profile in both config and credentials
    • credential_source is Environment
    • credential_source is EcsContainer (integ tests in CodeBuild)
    • credential_process
  • Default profile (in both config file and credentials file)
    • AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY environment variables set (cleared after test)
    • AMAZON_ACCESS_KEY_ID and AMAZON_SECRET_ACCESS_KEY environment variables set (cleared after test)
    • aws_access_key_id and aws_secret_access_key
    • aws_access_key_id and aws_secret_access_key and region
    • source_profile and role_arn that points to a profile with aws_access_key_id and aws_secret_access_key
    • source_profile and role_arn that points to Environment (this will use fromEnv prior to getting to looking for source_profile in the Ini file)
    • SSO profile is setup as default
    • credential_process

Missing cases:

  • Web Identity Token
  • Ec2Instance as credential_source
  • Metadata Service
  • MFA

Closes #25870, #26292, #20956, #24744, #27265, 20896.

Reason for this change

The AWS SDK V2 is now in maintenance mode.

***Note: This is now blocked by #31623 because the underlying changes to cdk-assets were not merged to the v3 branch so that will need to be done before this can be rebased and merged.

Additionally, the version will need to be updated for skipping regression tests when this PR is ready to be merged.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@aws-cdk-automation aws-cdk-automation requested a review from a team October 9, 2024 00:47
@github-actions github-actions bot added the p2 label Oct 9, 2024
aws-cdk-automation
aws-cdk-automation previously requested changes Oct 9, 2024
View reviewed changes
Copy link
Collaborator

@aws-cdk-automation aws-cdk-automation left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.

A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed add Clarification Request to a comment.

@aws-cdk-automation aws-cdk-automation added the pr/needs-cli-test-run This PR needs CLI tests run against it. label Oct 9, 2024
@aws aws deleted a comment from mergify bot Oct 9, 2024
@mergify mergify bot added the contribution/core This is a PR that came from AWS. label Oct 9, 2024
This was referenced Oct 10, 2024
Closed
Open
Open
Open
Open
Open
Open
Open
Open
@github-actions github-actions bot added bug This issue is a bug. effort/medium Medium work item – several days of effort p1 and removed p2 labels Oct 15, 2024
rix0rrr
rix0rrr reviewed Nov 8, 2024
View reviewed changes
packages/@aws-cdk-testing/cli-integ/lib/integ-test.ts Outdated
Comment on lines 5 to 6
const SKIP_TESTS = fs
.readFileSync(path.join(__dirname, '..', 'skip-tests.txt'), { encoding: 'utf-8' })
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

☹️ on all these formatting changes

@otaviomacedo otaviomacedo added the pr-linter/cli-integ-tested Assert that any CLI changes have been integ tested label Nov 9, 2024
@aws-cdk-automation aws-cdk-automation dismissed their stale review November 9, 2024 14:52

✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.

@aws-cdk-automation aws-cdk-automation added pr/needs-maintainer-review This PR needs a review from a Core Team Member and removed pr/needs-cli-test-run This PR needs CLI tests run against it. labels Nov 9, 2024
rix0rrr
rix0rrr approved these changes Nov 11, 2024
View reviewed changes
Copy link
Contributor

@rix0rrr rix0rrr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I trust the construction of this nuclear power plant.

@otaviomacedo
Merge branch 'main' into TheRealAmazonKendra/sdkv3-for-aws-cdk-take-two
b2383fc 
# Conflicts:
#	packages/@aws-cdk/integ-runner/package.json
@codecov Codecov
Copy link

codecov bot commented Nov 11, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 77.28%. Comparing base (6303b72) to head (275e6b4).
Report is 1 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main   #31702      +/-   ##
==========================================
- Coverage   77.44%   77.28%   -0.17%     
==========================================
  Files         106      114       +8     
  Lines        7200     7628     +428     
  Branches     1345     1360      +15     
==========================================
+ Hits         5576     5895     +319     
- Misses       1428     1551     +123     
+ Partials      196      182      -14
Flag Coverage Δ
suite.unit 77.28% <ø> (-0.17%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Components Coverage Δ
packages/aws-cdk 77.28% <ø> (-0.17%) ⬇️

@aws-cdk-automation
Copy link
Collaborator

➡️ PR build request submitted to test-main-pipeline ⬅️

A maintainer must now check the pipeline and add the pr-linter/cli-integ-tested label once the pipeline succeeds.

@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
  • Commit ID: 275e6b4
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@aws-cdk-automation aws-cdk-automation removed the pr/needs-maintainer-review This PR needs a review from a Core Team Member label Nov 11, 2024
@otaviomacedo otaviomacedo merged commit 5bc0662 into main Nov 12, 2024
16 of 18 checks passed
@otaviomacedo otaviomacedo deleted the TheRealAmazonKendra/sdkv3-for-aws-cdk-take-two branch November 12, 2024 10:11
@github-actions GitHub Actions
Copy link

Comments on closed issues and PRs are hard for our team to see.
If you need help, please open a new issue that references this one.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Nov 12, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@mrgrain mrgrain mrgrain left review comments

@otaviomacedo otaviomacedo otaviomacedo left review comments

@rix0rrr rix0rrr rix0rrr approved these changes

@aws-cdk-automation aws-cdk-automation aws-cdk-automation left review comments

Assignees

@otaviomacedo otaviomacedo

Labels
bug This issue is a bug. contribution/core This is a PR that came from AWS. effort/medium Medium work item – several days of effort p1 pr-linter/cli-integ-tested Assert that any CLI changes have been integ tested pr-linter/exempt-readme The PR linter will not require README changes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

(cli): (cdk fails with "Profile <profile name> did not include credential process)
5 participants
@TheRealAmazonKendra @aws-cdk-automation @otaviomacedo @mrgrain @rix0rrr