From c12353a1f5581e38ab8cc87ce18ba24bb1817dad Mon Sep 17 00:00:00 2001 From: Eric Beard Date: Thu, 12 Oct 2023 16:51:45 -0700 Subject: [PATCH 1/9] Readme change --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 154e83e6..e7b92187 100644 --- a/README.md +++ b/README.md @@ -40,6 +40,7 @@ first be activated using the instructions |----|----|-------|-----------| |[AwsCommunity::Account::AlternateContact](./resources/Account_AlternateContact)|Resource|Prod|An alternate contact attached to an Amazon Web Services account| |[AwsCommunity::ApplicationAutoscaling::ScheduledAction](./resources/ApplicationAutoscaling_ScheduledAction)|Resource|Prod|Application Autoscaling Scheduled Action| +|[AwsCommunity::AppSync::BreakingChangeDetection](./hooks/AppSync_BreakingChangeDetection)|Hook|Prod|Detect breaking changes to appsync schemas| |[AwsCommunity::CloudFront::LoggingEnabled](./hooks/CloudFront_LoggingEnabled)|Hook|Alpha|Validate that a CloudFront distribution has logging enabled| |[AwsCommunity::CloudFront::S3Website::MODULE](./modules/CloudFront_S3Website/)|Module|Prod|CloudFront backed by an S3 bucket with Route53 integration| |[AwsCommunity::DynamoDB::Item](./resources/DynamoDB_Item)|Resource|Prod|Manage the lifecycle of items in a DynamoDB table| From 212385d7ec21610d94a501d6e91152bb55d695c4 Mon Sep 17 00:00:00 2001 From: Eric Beard Date: Thu, 12 Oct 2023 16:55:37 -0700 Subject: [PATCH 2/9] Readme change --- .../docs/README.md | 10 +------ .../resource-role.yaml | 3 +-- .../models.py | 27 ++++++++++--------- 3 files changed, 17 insertions(+), 23 deletions(-) diff --git a/resources/ApplicationAutoscaling_ScheduledAction/docs/README.md b/resources/ApplicationAutoscaling_ScheduledAction/docs/README.md index 84b6caf8..682a3453 100644 --- a/resources/ApplicationAutoscaling_ScheduledAction/docs/README.md +++ b/resources/ApplicationAutoscaling_ScheduledAction/docs/README.md @@ -1,6 +1,6 @@ # AwsCommunity::ApplicationAutoscaling::ScheduledAction -Resource to create a Application Autoscaling Scheduled Action. Can be used with any resource that uses AWS Application Autoscaling Dimensions. +Application Autoscaling Scheduled Action. ## Syntax @@ -53,8 +53,6 @@ _Update requires_: [No interruption](https://docs.aws.amazon.com/AWSCloudFormati #### ResourceId -Must be a valid resource as defined in https://docs.aws.amazon.com/autoscaling/application/APIReference/API_PutScheduledAction.html#autoscaling-PutScheduledAction-request-ResourceId - _Required_: Yes _Type_: String @@ -81,8 +79,6 @@ _Update requires_: [No interruption](https://docs.aws.amazon.com/AWSCloudFormati #### Schedule -Must be a valid schedule as defined in https://docs.aws.amazon.com/autoscaling/application/APIReference/API_PutScheduledAction.html#autoscaling-PutScheduledAction-request-ResourceId - _Required_: Yes _Type_: String @@ -93,8 +89,6 @@ _Update requires_: [No interruption](https://docs.aws.amazon.com/AWSCloudFormati #### ScheduledActionName -Must be a valid action name as defined in https://docs.aws.amazon.com/autoscaling/application/APIReference/API_PutScheduledAction.html#autoscaling-PutScheduledAction-request-ResourceId - _Required_: Yes _Type_: String @@ -121,8 +115,6 @@ _Update requires_: [No interruption](https://docs.aws.amazon.com/AWSCloudFormati #### Timezone -Must be a valid timestamp as defined in https://docs.aws.amazon.com/autoscaling/application/APIReference/API_PutScheduledAction.html#autoscaling-PutScheduledAction-request-ResourceId - _Required_: No _Type_: String diff --git a/resources/ApplicationAutoscaling_ScheduledAction/resource-role.yaml b/resources/ApplicationAutoscaling_ScheduledAction/resource-role.yaml index dc8a5c2b..f420d782 100644 --- a/resources/ApplicationAutoscaling_ScheduledAction/resource-role.yaml +++ b/resources/ApplicationAutoscaling_ScheduledAction/resource-role.yaml @@ -13,8 +13,7 @@ Resources: Statement: - Effect: Allow Principal: - Service: - Fn::Sub: resources.cloudformation.${AWS::URLSuffix} + Service: resources.cloudformation.amazonaws.com Action: sts:AssumeRole Condition: StringEquals: diff --git a/resources/ApplicationAutoscaling_ScheduledAction/src/awscommunity_applicationautoscaling_scheduledaction/models.py b/resources/ApplicationAutoscaling_ScheduledAction/src/awscommunity_applicationautoscaling_scheduledaction/models.py index a6eb674c..e3d358a7 100644 --- a/resources/ApplicationAutoscaling_ScheduledAction/src/awscommunity_applicationautoscaling_scheduledaction/models.py +++ b/resources/ApplicationAutoscaling_ScheduledAction/src/awscommunity_applicationautoscaling_scheduledaction/models.py @@ -1,6 +1,14 @@ # DO NOT modify this file by hand, changes will be overwritten -import sys from dataclasses import dataclass + +from cloudformation_cli_python_lib.interface import ( + BaseModel, + BaseResourceHandlerRequest, +) +from cloudformation_cli_python_lib.recast import recast_object +from cloudformation_cli_python_lib.utils import deserialize_list + +import sys from inspect import getmembers, isclass from typing import ( AbstractSet, @@ -14,13 +22,6 @@ TypeVar, ) -from cloudformation_cli_python_lib.interface import ( - BaseModel, - BaseResourceHandlerRequest, -) -from cloudformation_cli_python_lib.recast import recast_object -from cloudformation_cli_python_lib.utils import deserialize_list - T = TypeVar("T") @@ -64,9 +65,7 @@ def _deserialize( EndTime=json_data.get("EndTime"), ResourceId=json_data.get("ResourceId"), ScalableDimension=json_data.get("ScalableDimension"), - ScalableTargetAction=ScalableTargetAction._deserialize( - json_data.get("ScalableTargetAction") - ), + ScalableTargetAction=ScalableTargetAction._deserialize(json_data.get("ScalableTargetAction")), Schedule=json_data.get("Schedule"), ScheduledActionName=json_data.get("ScheduledActionName"), ServiceNamespace=json_data.get("ServiceNamespace"), @@ -104,6 +103,7 @@ def _deserialize( @dataclass class TypeConfigurationModel(BaseModel): + @classmethod def _deserialize( cls: Type["_TypeConfigurationModel"], @@ -111,8 +111,11 @@ def _deserialize( ) -> Optional["_TypeConfigurationModel"]: if not json_data: return None - return cls() + return cls( + ) # work around possible type aliasing issues when variable has same name as a model _TypeConfigurationModel = TypeConfigurationModel + + From c4126704d2c7e96fea6e6cef4e3a550567b57315 Mon Sep 17 00:00:00 2001 From: Eric Beard Date: Fri, 13 Oct 2023 18:36:49 +0000 Subject: [PATCH 3/9] Update base build image, python, and java versions --- release/Dockerfile | 6 +++--- resources/alpha-buildspec-java.yml | 2 +- resources/beta-buildspec-java.yml | 2 +- resources/prod-buildspec-java.yml | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/release/Dockerfile b/release/Dockerfile index a5cb27fb..6bcabe2b 100644 --- a/release/Dockerfile +++ b/release/Dockerfile @@ -1,11 +1,11 @@ -FROM public.ecr.aws/codebuild/amazonlinux2-x86_64-standard:3.0 +FROM public.ecr.aws/codebuild/amazonlinux2-x86_64-standard:4.0 COPY requirements.txt ./ COPY dockercfg.json ./ -RUN pyenv global 3.7.13 +RUN pyenv global 3.9.17 RUN python -m pip install --no-cache-dir --upgrade pip \ && pip install --no-cache-dir -r requirements.txt -RUN mkdir awscli && cd awscli && curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" && unzip awscliv2.zip && ./aws/install +#RUN mkdir awscli && cd awscli && curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" && unzip awscliv2.zip && ./aws/install RUN curl https://github.com/aws/aws-sam-cli/releases/latest/download/aws-sam-cli-linux-x86_64.zip -O -L \ && unzip aws-sam-cli-linux-x86_64.zip -d sam-installation \ && ./sam-installation/install diff --git a/resources/alpha-buildspec-java.yml b/resources/alpha-buildspec-java.yml index 93ad70b7..eb3a4618 100644 --- a/resources/alpha-buildspec-java.yml +++ b/resources/alpha-buildspec-java.yml @@ -4,7 +4,7 @@ phases: install: runtime-versions: python: 3.8 - java: corretto8 + java: corretto11 commands: - echo Entered the install phase... - echo About to build $RESOURCE_PATH diff --git a/resources/beta-buildspec-java.yml b/resources/beta-buildspec-java.yml index 8fa01bb6..9076264d 100644 --- a/resources/beta-buildspec-java.yml +++ b/resources/beta-buildspec-java.yml @@ -4,7 +4,7 @@ phases: install: runtime-versions: python: 3.8 - java: corretto8 + java: corretto11 commands: - echo Entered the install phase... - echo About to build $RESOURCE_PATH diff --git a/resources/prod-buildspec-java.yml b/resources/prod-buildspec-java.yml index b78b00ed..d807536e 100644 --- a/resources/prod-buildspec-java.yml +++ b/resources/prod-buildspec-java.yml @@ -4,7 +4,7 @@ phases: install: runtime-versions: python: 3.8 - java: corretto8 + java: corretto11 commands: - echo Entered the install phase... - echo About to build $RESOURCE_PATH From 9c2804a799da85be3a738c70e107f22ec0edbab4 Mon Sep 17 00:00:00 2001 From: Eric Beard Date: Fri, 13 Oct 2023 18:42:31 +0000 Subject: [PATCH 4/9] corretto17 --- hooks/alpha-buildspec-java.yml | 2 +- hooks/beta-buildspec-java-pre-update-only.yml | 2 +- hooks/beta-buildspec-java.yml | 2 +- hooks/prod-buildspec-java.yml | 2 +- resources/alpha-buildspec-java.yml | 2 +- resources/beta-buildspec-java.yml | 2 +- resources/prod-buildspec-java.yml | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/hooks/alpha-buildspec-java.yml b/hooks/alpha-buildspec-java.yml index ec66b4ac..cd84da0d 100644 --- a/hooks/alpha-buildspec-java.yml +++ b/hooks/alpha-buildspec-java.yml @@ -4,7 +4,7 @@ phases: install: runtime-versions: python: 3.8 - java: corretto11 + java: corretto17 commands: - echo Entered the install phase... - echo About to build $HOOK_PATH diff --git a/hooks/beta-buildspec-java-pre-update-only.yml b/hooks/beta-buildspec-java-pre-update-only.yml index 616f3e47..c6de401b 100644 --- a/hooks/beta-buildspec-java-pre-update-only.yml +++ b/hooks/beta-buildspec-java-pre-update-only.yml @@ -4,7 +4,7 @@ phases: install: runtime-versions: python: 3.8 - java: corretto11 + java: corretto17 commands: - echo Entered the install phase... - echo About to build $HOOK_PATH diff --git a/hooks/beta-buildspec-java.yml b/hooks/beta-buildspec-java.yml index 6ac3ebf6..3843bdae 100644 --- a/hooks/beta-buildspec-java.yml +++ b/hooks/beta-buildspec-java.yml @@ -4,7 +4,7 @@ phases: install: runtime-versions: python: 3.8 - java: corretto11 + java: corretto17 commands: - echo Entered the install phase... - echo About to build $HOOK_PATH diff --git a/hooks/prod-buildspec-java.yml b/hooks/prod-buildspec-java.yml index 5eadb38e..19219127 100644 --- a/hooks/prod-buildspec-java.yml +++ b/hooks/prod-buildspec-java.yml @@ -4,7 +4,7 @@ phases: install: runtime-versions: python: 3.8 - java: corretto11 + java: corretto17 commands: - echo Entered the install phase... - echo About to build $HOOK_PATH diff --git a/resources/alpha-buildspec-java.yml b/resources/alpha-buildspec-java.yml index eb3a4618..ed4f6550 100644 --- a/resources/alpha-buildspec-java.yml +++ b/resources/alpha-buildspec-java.yml @@ -4,7 +4,7 @@ phases: install: runtime-versions: python: 3.8 - java: corretto11 + java: corretto17 commands: - echo Entered the install phase... - echo About to build $RESOURCE_PATH diff --git a/resources/beta-buildspec-java.yml b/resources/beta-buildspec-java.yml index 9076264d..11c57466 100644 --- a/resources/beta-buildspec-java.yml +++ b/resources/beta-buildspec-java.yml @@ -4,7 +4,7 @@ phases: install: runtime-versions: python: 3.8 - java: corretto11 + java: corretto17 commands: - echo Entered the install phase... - echo About to build $RESOURCE_PATH diff --git a/resources/prod-buildspec-java.yml b/resources/prod-buildspec-java.yml index d807536e..0ae6b806 100644 --- a/resources/prod-buildspec-java.yml +++ b/resources/prod-buildspec-java.yml @@ -4,7 +4,7 @@ phases: install: runtime-versions: python: 3.8 - java: corretto11 + java: corretto17 commands: - echo Entered the install phase... - echo About to build $RESOURCE_PATH From 44534e1df96817cd8fe6c01df7e1d9032b0c2a96 Mon Sep 17 00:00:00 2001 From: Eric Beard Date: Fri, 13 Oct 2023 19:45:00 +0000 Subject: [PATCH 5/9] Python and java versions --- hooks/CloudFront_LoggingEnabled/.rpdk-config | 4 ++-- hooks/CloudTrail_LogValidation/.rpdk-config | 4 ++-- hooks/EC2_SecurityGroupRestrictedSSH/.rpdk-config | 4 ++-- hooks/KMS_EncryptionSettings/.rpdk-config | 2 +- hooks/S3_AccessControl/.rpdk-config | 2 +- hooks/S3_BucketVersioningEnabled/.rpdk-config | 4 ++-- hooks/S3_BucketVersioningEnabled/template.yml | 4 ++-- hooks/S3_PublicAccessControlsRestricted/.rpdk-config | 4 ++-- hooks/S3_PublicAccessControlsRestricted/template.yml | 4 ++-- hooks/alpha-buildspec-java.yml | 2 +- hooks/alpha-buildspec-python.yml | 2 +- hooks/beta-buildspec-java-pre-update-only.yml | 2 +- hooks/beta-buildspec-java.yml | 2 +- hooks/beta-buildspec-python.yml | 2 +- hooks/prod-buildspec-java.yml | 2 +- hooks/prod-buildspec-python.yml | 2 +- resources/Account_AlternateContact/.rpdk-config | 4 ++-- resources/CloudFront_WebACLAssociation/.rpdk-config | 4 ++-- resources/Resource_Lookup/.rpdk-config | 2 +- resources/S3_BucketNotification/.rpdk-config | 4 ++-- resources/S3_DeleteBucketContents/.rpdk-config | 4 ++-- resources/alpha-buildspec-go.yml | 2 +- resources/alpha-buildspec-java.yml | 2 +- resources/alpha-buildspec-python.yml | 2 +- resources/alpha-buildspec-typescript.yml | 2 +- resources/beta-buildspec-go.yml | 2 +- resources/beta-buildspec-java.yml | 2 +- resources/beta-buildspec-python.yml | 2 +- resources/beta-buildspec-typescript.yml | 2 +- resources/prod-buildspec-go.yml | 2 +- resources/prod-buildspec-java.yml | 2 +- resources/prod-buildspec-python.yml | 2 +- resources/prod-buildspec-typescript.yml | 2 +- 33 files changed, 44 insertions(+), 44 deletions(-) diff --git a/hooks/CloudFront_LoggingEnabled/.rpdk-config b/hooks/CloudFront_LoggingEnabled/.rpdk-config index 154177f9..e80d4189 100644 --- a/hooks/CloudFront_LoggingEnabled/.rpdk-config +++ b/hooks/CloudFront_LoggingEnabled/.rpdk-config @@ -1,8 +1,8 @@ { "artifact_type": "HOOK", "typeName": "AwsCommunity::CloudFront::LoggingEnabled", - "language": "python38", - "runtime": "python3.8", + "language": "python39", + "runtime": "python3.9", "entrypoint": "awscommunity_cloudfront_loggingenabled.handlers.hook", "testEntrypoint": "awscommunity_cloudfront_loggingenabled.handlers.test_entrypoint", "settings": { diff --git a/hooks/CloudTrail_LogValidation/.rpdk-config b/hooks/CloudTrail_LogValidation/.rpdk-config index afaa2be5..883e410a 100644 --- a/hooks/CloudTrail_LogValidation/.rpdk-config +++ b/hooks/CloudTrail_LogValidation/.rpdk-config @@ -1,8 +1,8 @@ { "artifact_type": "HOOK", "typeName": "AwsCommunity::CloudTrail::LogValidationEnabled", - "language": "python38", - "runtime": "python3.8", + "language": "python39", + "runtime": "python3.9", "entrypoint": "awscommunity_cloudtrail_logvalidationenabled.handlers.hook", "testEntrypoint": "awscommunity_cloudtrail_logvalidationenabled.handlers.test_entrypoint", "settings": { diff --git a/hooks/EC2_SecurityGroupRestrictedSSH/.rpdk-config b/hooks/EC2_SecurityGroupRestrictedSSH/.rpdk-config index d082e0ec..7e3b380b 100644 --- a/hooks/EC2_SecurityGroupRestrictedSSH/.rpdk-config +++ b/hooks/EC2_SecurityGroupRestrictedSSH/.rpdk-config @@ -1,8 +1,8 @@ { "artifact_type": "HOOK", "typeName": "AwsCommunity::EC2::SecurityGroupRestrictedSSH", - "language": "python38", - "runtime": "python3.8", + "language": "python39", + "runtime": "python3.9", "entrypoint": "awscommunity_ec2_securitygrouprestrictedssh.handlers.hook", "testEntrypoint": "awscommunity_ec2_securitygrouprestrictedssh.handlers.test_entrypoint", "settings": { diff --git a/hooks/KMS_EncryptionSettings/.rpdk-config b/hooks/KMS_EncryptionSettings/.rpdk-config index aac9df89..1827d4cc 100644 --- a/hooks/KMS_EncryptionSettings/.rpdk-config +++ b/hooks/KMS_EncryptionSettings/.rpdk-config @@ -2,7 +2,7 @@ "artifact_type": "HOOK", "typeName": "AwsCommunity::KMS::EncryptionSettings", "language": "java", - "runtime": "java8", + "runtime": "java17", "entrypoint": "com.awscommunity.kms.encryptionsettings.HookHandlerWrapper::handleRequest", "testEntrypoint": "com.awscommunity.kms.encryptionsettings.HookHandlerWrapper::testEntrypoint", "settings": { diff --git a/hooks/S3_AccessControl/.rpdk-config b/hooks/S3_AccessControl/.rpdk-config index 13f09df7..25dad110 100644 --- a/hooks/S3_AccessControl/.rpdk-config +++ b/hooks/S3_AccessControl/.rpdk-config @@ -2,7 +2,7 @@ "artifact_type": "HOOK", "typeName": "AwsCommunity::S3::AccessControl", "language": "java", - "runtime": "java8", + "runtime": "java17", "entrypoint": "com.awscommunity.s3.accesscontrol.HookHandlerWrapper::handleRequest", "testEntrypoint": "com.awscommunity.s3.accesscontrol.HookHandlerWrapper::testEntrypoint", "settings": { diff --git a/hooks/S3_BucketVersioningEnabled/.rpdk-config b/hooks/S3_BucketVersioningEnabled/.rpdk-config index 5f38f244..8272f31c 100644 --- a/hooks/S3_BucketVersioningEnabled/.rpdk-config +++ b/hooks/S3_BucketVersioningEnabled/.rpdk-config @@ -1,8 +1,8 @@ { "artifact_type": "HOOK", "typeName": "AwsCommunity::S3::BucketVersioningEnabled", - "language": "python38", - "runtime": "python3.8", + "language": "python39", + "runtime": "python3.9", "entrypoint": "awscommunity_s3_bucketversioningenabled.handlers.hook", "testEntrypoint": "awscommunity_s3_bucketversioningenabled.handlers.test_entrypoint", "settings": { diff --git a/hooks/S3_BucketVersioningEnabled/template.yml b/hooks/S3_BucketVersioningEnabled/template.yml index b9853435..0e2ac734 100644 --- a/hooks/S3_BucketVersioningEnabled/template.yml +++ b/hooks/S3_BucketVersioningEnabled/template.yml @@ -12,13 +12,13 @@ Resources: Type: AWS::Serverless::Function Properties: Handler: awscommunity_s3_bucketversioningenabled.handlers.hook - Runtime: python3.7 + Runtime: python3.9 CodeUri: build/ TestEntrypoint: Type: AWS::Serverless::Function Properties: Handler: awscommunity_s3_bucketversioningenabled.handlers.test_entrypoint - Runtime: python3.7 + Runtime: python3.9 CodeUri: build/ diff --git a/hooks/S3_PublicAccessControlsRestricted/.rpdk-config b/hooks/S3_PublicAccessControlsRestricted/.rpdk-config index f77aee73..12606c4d 100644 --- a/hooks/S3_PublicAccessControlsRestricted/.rpdk-config +++ b/hooks/S3_PublicAccessControlsRestricted/.rpdk-config @@ -1,8 +1,8 @@ { "artifact_type": "HOOK", "typeName": "AwsCommunity::S3::PublicAccessControlsRestricted", - "language": "python38", - "runtime": "python3.8", + "language": "python39", + "runtime": "python3.9", "entrypoint": "awscommunity_s3_publicaccesscontrolsrestricted.handlers.hook", "testEntrypoint": "awscommunity_s3_publicaccesscontrolsrestricted.handlers.test_entrypoint", "settings": { diff --git a/hooks/S3_PublicAccessControlsRestricted/template.yml b/hooks/S3_PublicAccessControlsRestricted/template.yml index cd54c5c0..4d9449b2 100644 --- a/hooks/S3_PublicAccessControlsRestricted/template.yml +++ b/hooks/S3_PublicAccessControlsRestricted/template.yml @@ -12,13 +12,13 @@ Resources: Type: AWS::Serverless::Function Properties: Handler: awscommunity_s3_publicaccesscontrolsrestricted.handlers.hook - Runtime: python3.8 + Runtime: python3.9 CodeUri: build/ TestEntrypoint: Type: AWS::Serverless::Function Properties: Handler: awscommunity_s3_publicaccesscontrolsrestricted.handlers.test_entrypoint - Runtime: python3.8 + Runtime: python3.9 CodeUri: build/ diff --git a/hooks/alpha-buildspec-java.yml b/hooks/alpha-buildspec-java.yml index cd84da0d..72a2c098 100644 --- a/hooks/alpha-buildspec-java.yml +++ b/hooks/alpha-buildspec-java.yml @@ -3,7 +3,7 @@ version: 0.2 phases: install: runtime-versions: - python: 3.8 + python: 3.9 java: corretto17 commands: - echo Entered the install phase... diff --git a/hooks/alpha-buildspec-python.yml b/hooks/alpha-buildspec-python.yml index 6922bd72..149627ff 100644 --- a/hooks/alpha-buildspec-python.yml +++ b/hooks/alpha-buildspec-python.yml @@ -3,7 +3,7 @@ version: 0.2 phases: install: runtime-versions: - python: 3.8 + python: 3.9 commands: - echo Entered the install phase... - echo About to build $HOOK_PATH diff --git a/hooks/beta-buildspec-java-pre-update-only.yml b/hooks/beta-buildspec-java-pre-update-only.yml index c6de401b..049341ca 100644 --- a/hooks/beta-buildspec-java-pre-update-only.yml +++ b/hooks/beta-buildspec-java-pre-update-only.yml @@ -3,7 +3,7 @@ version: 0.2 phases: install: runtime-versions: - python: 3.8 + python: 3.9 java: corretto17 commands: - echo Entered the install phase... diff --git a/hooks/beta-buildspec-java.yml b/hooks/beta-buildspec-java.yml index 3843bdae..29619d3d 100644 --- a/hooks/beta-buildspec-java.yml +++ b/hooks/beta-buildspec-java.yml @@ -3,7 +3,7 @@ version: 0.2 phases: install: runtime-versions: - python: 3.8 + python: 3.9 java: corretto17 commands: - echo Entered the install phase... diff --git a/hooks/beta-buildspec-python.yml b/hooks/beta-buildspec-python.yml index cc1ae0f9..43fa15a9 100644 --- a/hooks/beta-buildspec-python.yml +++ b/hooks/beta-buildspec-python.yml @@ -3,7 +3,7 @@ version: 0.2 phases: install: runtime-versions: - python: 3.8 + python: 3.9 commands: - echo Entered the install phase... - echo About to build $HOOK_PATH diff --git a/hooks/prod-buildspec-java.yml b/hooks/prod-buildspec-java.yml index 19219127..d23f17e9 100644 --- a/hooks/prod-buildspec-java.yml +++ b/hooks/prod-buildspec-java.yml @@ -3,7 +3,7 @@ version: 0.2 phases: install: runtime-versions: - python: 3.8 + python: 3.9 java: corretto17 commands: - echo Entered the install phase... diff --git a/hooks/prod-buildspec-python.yml b/hooks/prod-buildspec-python.yml index ea8d476d..cc850b5e 100644 --- a/hooks/prod-buildspec-python.yml +++ b/hooks/prod-buildspec-python.yml @@ -3,7 +3,7 @@ version: 0.2 phases: install: runtime-versions: - python: 3.8 + python: 3.9 commands: - echo Entered the install phase... - echo About to build $HOOK_PATH diff --git a/resources/Account_AlternateContact/.rpdk-config b/resources/Account_AlternateContact/.rpdk-config index ef7a155c..bcd1e04f 100644 --- a/resources/Account_AlternateContact/.rpdk-config +++ b/resources/Account_AlternateContact/.rpdk-config @@ -1,8 +1,8 @@ { "artifact_type": "RESOURCE", "typeName": "AwsCommunity::Account::AlternateContact", - "language": "python38", - "runtime": "python3.8", + "language": "python39", + "runtime": "python3.9", "entrypoint": "awscommunity_account_alternatecontact.handlers.resource", "testEntrypoint": "awscommunity_account_alternatecontact.handlers.test_entrypoint", "settings": { diff --git a/resources/CloudFront_WebACLAssociation/.rpdk-config b/resources/CloudFront_WebACLAssociation/.rpdk-config index c849de77..a8f68d24 100644 --- a/resources/CloudFront_WebACLAssociation/.rpdk-config +++ b/resources/CloudFront_WebACLAssociation/.rpdk-config @@ -1,8 +1,8 @@ { "artifact_type": "RESOURCE", "typeName": "AwsCommunity::CloudFront::WebACLAssociation", - "language": "python38", - "runtime": "python3.8", + "language": "python39", + "runtime": "python3.9", "entrypoint": "awscommunity_cloudfront_webaclassociation.handlers.resource", "testEntrypoint": "awscommunity_cloudfront_webaclassociation.handlers.test_entrypoint", "settings": { diff --git a/resources/Resource_Lookup/.rpdk-config b/resources/Resource_Lookup/.rpdk-config index 9ddb6443..ee89f058 100644 --- a/resources/Resource_Lookup/.rpdk-config +++ b/resources/Resource_Lookup/.rpdk-config @@ -2,7 +2,7 @@ "artifact_type": "RESOURCE", "typeName": "AwsCommunity::Resource::Lookup", "language": "java", - "runtime": "java8", + "runtime": "java17", "entrypoint": "com.awscommunity.resource.lookup.HandlerWrapper::handleRequest", "testEntrypoint": "com.awscommunity.resource.lookup.HandlerWrapper::testEntrypoint", "settings": { diff --git a/resources/S3_BucketNotification/.rpdk-config b/resources/S3_BucketNotification/.rpdk-config index bc4f4913..3bda70c2 100644 --- a/resources/S3_BucketNotification/.rpdk-config +++ b/resources/S3_BucketNotification/.rpdk-config @@ -1,8 +1,8 @@ { "artifact_type": "RESOURCE", "typeName": "AwsCommunity::S3::BucketNotification", - "language": "python38", - "runtime": "python3.8", + "language": "python39", + "runtime": "python3.9", "entrypoint": "awscommunity_s3_bucketnotification.handlers.resource", "testEntrypoint": "awscommunity_s3_bucketnotification.handlers.test_entrypoint", "settings": { diff --git a/resources/S3_DeleteBucketContents/.rpdk-config b/resources/S3_DeleteBucketContents/.rpdk-config index 4ad89522..7b1e4cbb 100644 --- a/resources/S3_DeleteBucketContents/.rpdk-config +++ b/resources/S3_DeleteBucketContents/.rpdk-config @@ -1,8 +1,8 @@ { "artifact_type": "RESOURCE", "typeName": "AwsCommunity::S3::DeleteBucketContents", - "language": "python38", - "runtime": "python3.8", + "language": "python39", + "runtime": "python3.9", "entrypoint": "awscommunity_s3_deletebucketcontents.handlers.resource", "testEntrypoint": "awscommunity_s3_deletebucketcontents.handlers.test_entrypoint", "settings": { diff --git a/resources/alpha-buildspec-go.yml b/resources/alpha-buildspec-go.yml index 8541a174..e9f543d3 100644 --- a/resources/alpha-buildspec-go.yml +++ b/resources/alpha-buildspec-go.yml @@ -3,7 +3,7 @@ version: 0.2 phases: install: runtime-versions: - python: 3.8 + python: 3.9 commands: - echo Entered the install phase... - echo About to build $RESOURCE_PATH diff --git a/resources/alpha-buildspec-java.yml b/resources/alpha-buildspec-java.yml index ed4f6550..a9aaa931 100644 --- a/resources/alpha-buildspec-java.yml +++ b/resources/alpha-buildspec-java.yml @@ -3,7 +3,7 @@ version: 0.2 phases: install: runtime-versions: - python: 3.8 + python: 3.9 java: corretto17 commands: - echo Entered the install phase... diff --git a/resources/alpha-buildspec-python.yml b/resources/alpha-buildspec-python.yml index fa201d3b..d3a735d2 100644 --- a/resources/alpha-buildspec-python.yml +++ b/resources/alpha-buildspec-python.yml @@ -3,7 +3,7 @@ version: 0.2 phases: install: runtime-versions: - python: 3.8 + python: 3.9 commands: - echo Entered the install phase... - echo About to build $RESOURCE_PATH diff --git a/resources/alpha-buildspec-typescript.yml b/resources/alpha-buildspec-typescript.yml index 6e918f11..18797dd6 100644 --- a/resources/alpha-buildspec-typescript.yml +++ b/resources/alpha-buildspec-typescript.yml @@ -3,7 +3,7 @@ version: 0.2 phases: install: runtime-versions: - python: 3.8 + python: 3.9 commands: - echo Entered the install phase... - echo About to build $RESOURCE_PATH diff --git a/resources/beta-buildspec-go.yml b/resources/beta-buildspec-go.yml index 05598399..13b253d3 100644 --- a/resources/beta-buildspec-go.yml +++ b/resources/beta-buildspec-go.yml @@ -3,7 +3,7 @@ version: 0.2 phases: install: runtime-versions: - python: 3.8 + python: 3.9 commands: - echo Entered the install phase... - echo About to build $RESOURCE_PATH diff --git a/resources/beta-buildspec-java.yml b/resources/beta-buildspec-java.yml index 11c57466..714d676a 100644 --- a/resources/beta-buildspec-java.yml +++ b/resources/beta-buildspec-java.yml @@ -3,7 +3,7 @@ version: 0.2 phases: install: runtime-versions: - python: 3.8 + python: 3.9 java: corretto17 commands: - echo Entered the install phase... diff --git a/resources/beta-buildspec-python.yml b/resources/beta-buildspec-python.yml index 402017a4..1f98b961 100644 --- a/resources/beta-buildspec-python.yml +++ b/resources/beta-buildspec-python.yml @@ -3,7 +3,7 @@ version: 0.2 phases: install: runtime-versions: - python: 3.8 + python: 3.9 commands: - echo Entered the install phase... - echo About to build $RESOURCE_PATH diff --git a/resources/beta-buildspec-typescript.yml b/resources/beta-buildspec-typescript.yml index 71aab746..37304de3 100644 --- a/resources/beta-buildspec-typescript.yml +++ b/resources/beta-buildspec-typescript.yml @@ -3,7 +3,7 @@ version: 0.2 phases: install: runtime-versions: - python: 3.8 + python: 3.9 commands: - echo Entered the install phase... - echo About to build $RESOURCE_PATH diff --git a/resources/prod-buildspec-go.yml b/resources/prod-buildspec-go.yml index e7754aaa..40878a2d 100644 --- a/resources/prod-buildspec-go.yml +++ b/resources/prod-buildspec-go.yml @@ -3,7 +3,7 @@ version: 0.2 phases: install: runtime-versions: - python: 3.8 + python: 3.9 commands: - echo Entered the install phase... - echo About to build $RESOURCE_PATH diff --git a/resources/prod-buildspec-java.yml b/resources/prod-buildspec-java.yml index 0ae6b806..154f6743 100644 --- a/resources/prod-buildspec-java.yml +++ b/resources/prod-buildspec-java.yml @@ -3,7 +3,7 @@ version: 0.2 phases: install: runtime-versions: - python: 3.8 + python: 3.9 java: corretto17 commands: - echo Entered the install phase... diff --git a/resources/prod-buildspec-python.yml b/resources/prod-buildspec-python.yml index cf81b28b..04e8eb11 100644 --- a/resources/prod-buildspec-python.yml +++ b/resources/prod-buildspec-python.yml @@ -3,7 +3,7 @@ version: 0.2 phases: install: runtime-versions: - python: 3.8 + python: 3.9 commands: - echo Entered the install phase... - echo About to build $RESOURCE_PATH diff --git a/resources/prod-buildspec-typescript.yml b/resources/prod-buildspec-typescript.yml index 451f5b17..5e9e4c08 100644 --- a/resources/prod-buildspec-typescript.yml +++ b/resources/prod-buildspec-typescript.yml @@ -3,7 +3,7 @@ version: 0.2 phases: install: runtime-versions: - python: 3.8 + python: 3.9 commands: - echo Entered the install phase... - echo About to build $RESOURCE_PATH From 8a68a1b21a25de9764abe82d8582327757698750 Mon Sep 17 00:00:00 2001 From: Eric Beard Date: Fri, 13 Oct 2023 13:42:37 -0700 Subject: [PATCH 6/9] Install corretto11 on CodeBuild 4.0 --- hooks/alpha-buildspec-java.yml | 2 +- hooks/beta-buildspec-java-pre-update-only.yml | 2 +- hooks/beta-buildspec-java.yml | 2 +- hooks/prod-buildspec-java.yml | 2 +- release/Dockerfile | 84 +++++++++++++++++++ resources/alpha-buildspec-java.yml | 2 +- resources/beta-buildspec-java.yml | 2 +- resources/prod-buildspec-java.yml | 2 +- 8 files changed, 91 insertions(+), 7 deletions(-) diff --git a/hooks/alpha-buildspec-java.yml b/hooks/alpha-buildspec-java.yml index 72a2c098..d8614db2 100644 --- a/hooks/alpha-buildspec-java.yml +++ b/hooks/alpha-buildspec-java.yml @@ -4,7 +4,7 @@ phases: install: runtime-versions: python: 3.9 - java: corretto17 + java: corretto11 commands: - echo Entered the install phase... - echo About to build $HOOK_PATH diff --git a/hooks/beta-buildspec-java-pre-update-only.yml b/hooks/beta-buildspec-java-pre-update-only.yml index 049341ca..6e56d9bd 100644 --- a/hooks/beta-buildspec-java-pre-update-only.yml +++ b/hooks/beta-buildspec-java-pre-update-only.yml @@ -4,7 +4,7 @@ phases: install: runtime-versions: python: 3.9 - java: corretto17 + java: corretto11 commands: - echo Entered the install phase... - echo About to build $HOOK_PATH diff --git a/hooks/beta-buildspec-java.yml b/hooks/beta-buildspec-java.yml index 29619d3d..5db27c4a 100644 --- a/hooks/beta-buildspec-java.yml +++ b/hooks/beta-buildspec-java.yml @@ -4,7 +4,7 @@ phases: install: runtime-versions: python: 3.9 - java: corretto17 + java: corretto11 commands: - echo Entered the install phase... - echo About to build $HOOK_PATH diff --git a/hooks/prod-buildspec-java.yml b/hooks/prod-buildspec-java.yml index d23f17e9..f428c264 100644 --- a/hooks/prod-buildspec-java.yml +++ b/hooks/prod-buildspec-java.yml @@ -4,7 +4,7 @@ phases: install: runtime-versions: python: 3.9 - java: corretto17 + java: corretto11 commands: - echo Entered the install phase... - echo About to build $HOOK_PATH diff --git a/release/Dockerfile b/release/Dockerfile index 6bcabe2b..8b1dd591 100644 --- a/release/Dockerfile +++ b/release/Dockerfile @@ -19,6 +19,90 @@ RUN go env -w GOPROXY=direct RUN GO111MODULE=on go install github.com/aws-cloudformation/rain/cmd/rain@latest RUN mkdir /root/.docker && cp dockercfg.json /root/.docker/config.json +#**************** JAVA **************************************************** + +ENV JAVA_11_HOME="/usr/lib/jvm/java-11-amazon-corretto.x86_64" \ + JDK_11_HOME="/usr/lib/jvm/java-11-amazon-corretto.x86_64" \ + JRE_11_HOME="/usr/lib/jvm/java-11-amazon-corretto.x86_64" \ + ANT_VERSION=1.10.13 \ + MAVEN_HOME="/opt/maven" \ + MAVEN_VERSION=3.9.2 \ + INSTALLED_GRADLE_VERSIONS="7.6.1" \ + GRADLE_VERSION=7.6.1 \ + SBT_VERSION=1.8.3 \ + GRADLE_PATH="$SRC_DIR/gradle" \ + ANT_DOWNLOAD_SHA512="de4ac604629e39a86a306f0541adb3775596909ad92feb8b7de759b1b286417db24f557228737c8b902d6abf722d2ce5bb0c3baa3640cbeec3481e15ab1958c9" \ + MAVEN_DOWNLOAD_SHA512="900bdeeeae550d2d2b3920fe0e00e41b0069f32c019d566465015bdd1b3866395cbe016e22d95d25d51d3a5e614af2c83ec9b282d73309f644859bbad08b63db" \ + GRADLE_DOWNLOADS_SHA256="518a863631feb7452b8f1b3dc2aaee5f388355cc3421bbd0275fbeadd77e84b2 7.6.1" \ + SBT_DOWNLOAD_SHA256="21F4210786FD68FD15DCA3F4C8EE9CAE0DB249C54E1B0EF6E829E9FA4936423A" \ + LOG4J_UNSAFE_VERSIONS="2.11.1 1.2.8" + +ARG MAVEN_CONFIG_HOME="/root/.m2" +ENV JAVA_HOME="$JAVA_11_HOME" \ + JDK_HOME="$JDK_11_HOME" \ + JRE_HOME="$JRE_11_HOME" + +RUN set -x \ + # Install Amazon Corretto 11 + && rpm --import https://yum.corretto.aws/corretto.key \ + && curl -L -o /etc/yum.repos.d/corretto.repo https://yum.corretto.aws/corretto.repo \ + && yum install -y -q java-11-amazon-corretto java-11-amazon-corretto-devel \ + && update-ca-trust \ + && for tool_path in $JAVA_HOME/bin/*; do \ + tool=`basename $tool_path`; \ + update-alternatives --install /usr/bin/$tool $tool $tool_path 10000; \ + update-alternatives --set $tool $tool_path; \ + done \ + && rm $JAVA_HOME/lib/security/cacerts && ln -s /etc/pki/java/cacerts $JAVA_HOME/lib/security/cacerts \ + # Install Ant + && curl -LSso /var/tmp/apache-ant-$ANT_VERSION-bin.tar.gz https://archive.apache.org/dist/ant/binaries/apache-ant-$ANT_VERSION-bin.tar.gz \ + && echo "$ANT_DOWNLOAD_SHA512 /var/tmp/apache-ant-$ANT_VERSION-bin.tar.gz" | sha512sum -c - \ + && tar -xzf /var/tmp/apache-ant-$ANT_VERSION-bin.tar.gz -C /opt \ + && rm /var/tmp/apache-ant-$ANT_VERSION-bin.tar.gz \ + && update-alternatives --install /usr/bin/ant ant /opt/apache-ant-$ANT_VERSION/bin/ant 10000 + +RUN set -ex \ + # Install Maven + && mkdir -p $MAVEN_HOME \ + && curl -LSso /var/tmp/apache-maven-$MAVEN_VERSION-bin.tar.gz https://archive.apache.org/dist/maven/maven-3/$MAVEN_VERSION/binaries/apache-maven-$MAVEN_VERSION-bin.tar.gz \ + && echo "$MAVEN_DOWNLOAD_SHA512 /var/tmp/apache-maven-$MAVEN_VERSION-bin.tar.gz" | sha512sum -c - \ + && tar xzf /var/tmp/apache-maven-$MAVEN_VERSION-bin.tar.gz -C $MAVEN_HOME --strip-components=1 \ + && rm /var/tmp/apache-maven-$MAVEN_VERSION-bin.tar.gz \ + && update-alternatives --install /usr/bin/mvn mvn /opt/maven/bin/mvn 10000 \ + && mkdir -p $MAVEN_CONFIG_HOME \ + # Install Gradle + && mkdir -p $GRADLE_PATH \ + && for version in $INSTALLED_GRADLE_VERSIONS; do { \ + wget -q "https://services.gradle.org/distributions/gradle-$version-all.zip" -O "$GRADLE_PATH/gradle-$version-all.zip" \ + && unzip -q -o "$GRADLE_PATH/gradle-$version-all.zip" -d /usr/local \ + && echo -e "$GRADLE_DOWNLOADS_SHA256" | grep "$version" | sed "s|$version|$GRADLE_PATH/gradle-$version-all.zip|" | sha256sum -c - \ + && rm "$GRADLE_PATH/gradle-$version-all.zip" \ + && mkdir "/tmp/gradle-$version" \ + && "/usr/local/gradle-$version/bin/gradle" -p "/tmp/gradle-$version" init \ + && "/usr/local/gradle-$version/bin/gradle" -p "/tmp/gradle-$version" wrapper \ + # Android Studio uses the "-all" distribution for it's wrapper script. + && perl -pi -e "s/gradle-$version-bin.zip/gradle-$version-all.zip/" "/tmp/gradle-$version/gradle/wrapper/gradle-wrapper.properties" \ + && "/tmp/gradle-$version/gradlew" -p "/tmp/gradle-$version" init \ + && rm -rf "/tmp/gradle-$version" \ + && if [ "$version" != "$GRADLE_VERSION" ]; then rm -rf "/usr/local/gradle-$version"; fi; \ + }; done \ + # Install default GRADLE_VERSION to path + && ln -f -s /usr/local/gradle-$GRADLE_VERSION/bin/gradle /usr/bin/gradle \ + && rm -rf $GRADLE_PATH \ + # Install SBT + && curl -fSL "https://github.com/sbt/sbt/releases/download/v${SBT_VERSION}/sbt-${SBT_VERSION}.tgz" -o sbt.tgz \ + && echo "${SBT_DOWNLOAD_SHA256} *sbt.tgz" | sha256sum -c - \ + && tar xzf sbt.tgz -C /usr/local/bin/ \ + && rm sbt.tgz \ + && for version in $LOG4J_UNSAFE_VERSIONS; do find / -name log4j*-$version.jar | xargs rm -f; done + +ENV PATH "/usr/local/bin/sbt/bin:$PATH" +RUN sbt version -Dsbt.rootdir=true +# Cleanup +RUN rm -fr /tmp/* /var/tmp/* +RUN java -version +#**************** END JAVA **************************************************** + # This gets ignored, we have to run it in the buildspec ENTRYPOINT ["/usr/local/bin/dockerd-entrypoint.sh"] diff --git a/resources/alpha-buildspec-java.yml b/resources/alpha-buildspec-java.yml index a9aaa931..94df592f 100644 --- a/resources/alpha-buildspec-java.yml +++ b/resources/alpha-buildspec-java.yml @@ -4,7 +4,7 @@ phases: install: runtime-versions: python: 3.9 - java: corretto17 + java: corretto11 commands: - echo Entered the install phase... - echo About to build $RESOURCE_PATH diff --git a/resources/beta-buildspec-java.yml b/resources/beta-buildspec-java.yml index 714d676a..9ab1f1f1 100644 --- a/resources/beta-buildspec-java.yml +++ b/resources/beta-buildspec-java.yml @@ -4,7 +4,7 @@ phases: install: runtime-versions: python: 3.9 - java: corretto17 + java: corretto11 commands: - echo Entered the install phase... - echo About to build $RESOURCE_PATH diff --git a/resources/prod-buildspec-java.yml b/resources/prod-buildspec-java.yml index 154f6743..06b13ea1 100644 --- a/resources/prod-buildspec-java.yml +++ b/resources/prod-buildspec-java.yml @@ -4,7 +4,7 @@ phases: install: runtime-versions: python: 3.9 - java: corretto17 + java: corretto11 commands: - echo Entered the install phase... - echo About to build $RESOURCE_PATH From d30cf29e4696470eea044f033a711e03e13492b6 Mon Sep 17 00:00:00 2001 From: Eric Beard Date: Fri, 13 Oct 2023 14:00:37 -0700 Subject: [PATCH 7/9] Remove java runtime versions --- hooks/alpha-buildspec-java.yml | 1 - hooks/beta-buildspec-java-pre-update-only.yml | 1 - hooks/beta-buildspec-java.yml | 1 - hooks/prod-buildspec-java.yml | 1 - resources/alpha-buildspec-java.yml | 1 - resources/beta-buildspec-java.yml | 1 - resources/prod-buildspec-java.yml | 1 - 7 files changed, 7 deletions(-) diff --git a/hooks/alpha-buildspec-java.yml b/hooks/alpha-buildspec-java.yml index d8614db2..9daec220 100644 --- a/hooks/alpha-buildspec-java.yml +++ b/hooks/alpha-buildspec-java.yml @@ -4,7 +4,6 @@ phases: install: runtime-versions: python: 3.9 - java: corretto11 commands: - echo Entered the install phase... - echo About to build $HOOK_PATH diff --git a/hooks/beta-buildspec-java-pre-update-only.yml b/hooks/beta-buildspec-java-pre-update-only.yml index 6e56d9bd..ad36dd4e 100644 --- a/hooks/beta-buildspec-java-pre-update-only.yml +++ b/hooks/beta-buildspec-java-pre-update-only.yml @@ -4,7 +4,6 @@ phases: install: runtime-versions: python: 3.9 - java: corretto11 commands: - echo Entered the install phase... - echo About to build $HOOK_PATH diff --git a/hooks/beta-buildspec-java.yml b/hooks/beta-buildspec-java.yml index 5db27c4a..4c287bcf 100644 --- a/hooks/beta-buildspec-java.yml +++ b/hooks/beta-buildspec-java.yml @@ -4,7 +4,6 @@ phases: install: runtime-versions: python: 3.9 - java: corretto11 commands: - echo Entered the install phase... - echo About to build $HOOK_PATH diff --git a/hooks/prod-buildspec-java.yml b/hooks/prod-buildspec-java.yml index f428c264..bd084d61 100644 --- a/hooks/prod-buildspec-java.yml +++ b/hooks/prod-buildspec-java.yml @@ -4,7 +4,6 @@ phases: install: runtime-versions: python: 3.9 - java: corretto11 commands: - echo Entered the install phase... - echo About to build $HOOK_PATH diff --git a/resources/alpha-buildspec-java.yml b/resources/alpha-buildspec-java.yml index 94df592f..413f1544 100644 --- a/resources/alpha-buildspec-java.yml +++ b/resources/alpha-buildspec-java.yml @@ -4,7 +4,6 @@ phases: install: runtime-versions: python: 3.9 - java: corretto11 commands: - echo Entered the install phase... - echo About to build $RESOURCE_PATH diff --git a/resources/beta-buildspec-java.yml b/resources/beta-buildspec-java.yml index 9ab1f1f1..4897118e 100644 --- a/resources/beta-buildspec-java.yml +++ b/resources/beta-buildspec-java.yml @@ -4,7 +4,6 @@ phases: install: runtime-versions: python: 3.9 - java: corretto11 commands: - echo Entered the install phase... - echo About to build $RESOURCE_PATH diff --git a/resources/prod-buildspec-java.yml b/resources/prod-buildspec-java.yml index 06b13ea1..f59b6335 100644 --- a/resources/prod-buildspec-java.yml +++ b/resources/prod-buildspec-java.yml @@ -4,7 +4,6 @@ phases: install: runtime-versions: python: 3.9 - java: corretto11 commands: - echo Entered the install phase... - echo About to build $RESOURCE_PATH From 5e4e073cf3639c89372c6cc920eb7e094d7d3ba4 Mon Sep 17 00:00:00 2001 From: Eric Beard Date: Fri, 13 Oct 2023 14:14:49 -0700 Subject: [PATCH 8/9] Replace python3.7 with 3.9 --- .github/workflows/dependency.yml | 2 +- CONTRIBUTING.md | 4 ++-- hooks/CloudFront_LoggingEnabled/template.yml | 4 ++-- hooks/CloudTrail_LogValidation/template.yml | 4 ++-- hooks/EC2_SecurityGroupRestrictedSSH/template.yml | 4 ++-- hooks/KMS_EncryptionSettings/template.yml | 4 ++-- hooks/S3_AccessControl/template.yml | 4 ++-- modules/alpha-buildspec.yml | 2 +- modules/beta-buildspec.yml | 2 +- modules/prod-buildspec.yml | 2 +- packages/cfn_guard_rs_hook/example/.rpdk-config | 4 ++-- packages/cfn_guard_rs_hook/example/template.yml | 4 ++-- release/awscommunity/cicd.yml | 2 +- release/cloudflare/cicd.yml | 2 +- release/common.yml | 2 +- release/databricks/cicd.yml | 2 +- release/dynatrace/cicd.yml | 2 +- release/fastly/cicd.yml | 2 +- release/github/cicd.yml | 2 +- release/gitlab/cicd.yml | 2 +- release/newrelic/cicd.yml | 2 +- release/okta/cicd.yml | 2 +- release/pagerduty/cicd.yml | 2 +- release/rollbar/cicd.yml | 2 +- release/snowflake/cicd.yml | 2 +- resources/Account_AlternateContact/template.yml | 4 ++-- resources/CloudFront_WebACLAssociation/template.yml | 4 ++-- resources/Resource_Lookup/template.yml | 4 ++-- .../src/awscommunity_s3_bucketnotification/config_integ.py | 2 +- resources/S3_BucketNotification/template.yml | 4 ++-- resources/S3_DeleteBucketContents/template.yml | 4 ++-- scripts/build.sh | 4 ++-- scripts/cicd-3p-template.yml | 2 +- 33 files changed, 47 insertions(+), 47 deletions(-) diff --git a/.github/workflows/dependency.yml b/.github/workflows/dependency.yml index 3a53edad..df79d89c 100644 --- a/.github/workflows/dependency.yml +++ b/.github/workflows/dependency.yml @@ -20,7 +20,7 @@ jobs: needs: req-files strategy: matrix: - python: [ 3.7, 3.8, 3.9, "3.10" ] + python: [ 3.8, 3.9, "3.10" ] os: [ubuntu-latest] files: ${{ fromJSON(needs.req-files.outputs.reqfiles) }} runs-on: ${{ matrix.os }} diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index af972c73..87169eda 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -160,10 +160,10 @@ import ResourceModel` or they won't work when deployed. In order to run SAM to test your resource, you have to first run `cfn submit --dry-run` in order to create the `build/` folder that SAM relies on. -Create a Python environment and use Python v3.7 for resource type and hook development. +Create a Python environment and use Python v3.9 for resource type and hook development. ```sh -python3.7 -m venv .env +python3.9 -m venv .env source .env/bin/activate ``` diff --git a/hooks/CloudFront_LoggingEnabled/template.yml b/hooks/CloudFront_LoggingEnabled/template.yml index cdf64cc5..3299ad3c 100644 --- a/hooks/CloudFront_LoggingEnabled/template.yml +++ b/hooks/CloudFront_LoggingEnabled/template.yml @@ -12,13 +12,13 @@ Resources: Type: AWS::Serverless::Function Properties: Handler: awscommunity_cloudfront_loggingenabled.handlers.hook - Runtime: python3.7 + Runtime: python3.9 CodeUri: build/ TestEntrypoint: Type: AWS::Serverless::Function Properties: Handler: awscommunity_cloudfront_loggingenabled.handlers.test_entrypoint - Runtime: python3.7 + Runtime: python3.9 CodeUri: build/ diff --git a/hooks/CloudTrail_LogValidation/template.yml b/hooks/CloudTrail_LogValidation/template.yml index f0d11f09..66ebb395 100644 --- a/hooks/CloudTrail_LogValidation/template.yml +++ b/hooks/CloudTrail_LogValidation/template.yml @@ -12,13 +12,13 @@ Resources: Type: AWS::Serverless::Function Properties: Handler: awscommunity_cloudtrail_logvalidationenabled.handlers.hook - Runtime: python3.7 + Runtime: python3.9 CodeUri: build/ TestEntrypoint: Type: AWS::Serverless::Function Properties: Handler: awscommunity_cloudtrail_logvalidationenabled.handlers.test_entrypoint - Runtime: python3.7 + Runtime: python3.9 CodeUri: build/ diff --git a/hooks/EC2_SecurityGroupRestrictedSSH/template.yml b/hooks/EC2_SecurityGroupRestrictedSSH/template.yml index ab7b8d9c..0e095ca9 100644 --- a/hooks/EC2_SecurityGroupRestrictedSSH/template.yml +++ b/hooks/EC2_SecurityGroupRestrictedSSH/template.yml @@ -12,13 +12,13 @@ Resources: Type: AWS::Serverless::Function Properties: Handler: awscommunity_ec2_securitygrouprestrictedssh.handlers.hook - Runtime: python3.7 + Runtime: python3.9 CodeUri: build/ TestEntrypoint: Type: AWS::Serverless::Function Properties: Handler: awscommunity_ec2_securitygrouprestrictedssh.handlers.test_entrypoint - Runtime: python3.7 + Runtime: python3.9 CodeUri: build/ diff --git a/hooks/KMS_EncryptionSettings/template.yml b/hooks/KMS_EncryptionSettings/template.yml index 1bc7d72f..317a5121 100644 --- a/hooks/KMS_EncryptionSettings/template.yml +++ b/hooks/KMS_EncryptionSettings/template.yml @@ -12,12 +12,12 @@ Resources: Type: AWS::Serverless::Function Properties: Handler: com.awscommunity.kms.encryptionsettings.HookHandlerWrapper::handleRequest - Runtime: java8 + Runtime: java11 CodeUri: ./target/awscommunity-kms-encryptionsettings-handler-1.0-SNAPSHOT.jar TestEntrypoint: Type: AWS::Serverless::Function Properties: Handler: com.awscommunity.kms.encryptionsettings.HookHandlerWrapper::testEntrypoint - Runtime: java8 + Runtime: java11 CodeUri: ./target/awscommunity-kms-encryptionsettings-handler-1.0-SNAPSHOT.jar diff --git a/hooks/S3_AccessControl/template.yml b/hooks/S3_AccessControl/template.yml index 9e50403a..95248cd6 100644 --- a/hooks/S3_AccessControl/template.yml +++ b/hooks/S3_AccessControl/template.yml @@ -12,12 +12,12 @@ Resources: Type: AWS::Serverless::Function Properties: Handler: com.awscommunity.s3.accesscontrol.HookHandlerWrapper::handleRequest - Runtime: java8 + Runtime: java11 CodeUri: ./target/awscommunity-s3-accesscontrol-handler-1.0-SNAPSHOT.jar TestEntrypoint: Type: AWS::Serverless::Function Properties: Handler: com.awscommunity.s3.accesscontrol.HookHandlerWrapper::testEntrypoint - Runtime: java8 + Runtime: java11 CodeUri: ./target/awscommunity-s3-accesscontrol-handler-1.0-SNAPSHOT.jar diff --git a/modules/alpha-buildspec.yml b/modules/alpha-buildspec.yml index 611bf72f..90623464 100644 --- a/modules/alpha-buildspec.yml +++ b/modules/alpha-buildspec.yml @@ -3,7 +3,7 @@ version: 0.2 phases: install: runtime-versions: - python: 3.7 + python: 3.9 commands: - echo Entered the install phase... - echo About to build $MODULE_PATH diff --git a/modules/beta-buildspec.yml b/modules/beta-buildspec.yml index 1ba51ecb..513810d4 100644 --- a/modules/beta-buildspec.yml +++ b/modules/beta-buildspec.yml @@ -3,7 +3,7 @@ version: 0.2 phases: install: runtime-versions: - python: 3.7 + python: 3.9 commands: - echo Entered the install phase... - echo About to build $MODULE_PATH diff --git a/modules/prod-buildspec.yml b/modules/prod-buildspec.yml index 908593e2..0ae643ce 100644 --- a/modules/prod-buildspec.yml +++ b/modules/prod-buildspec.yml @@ -3,7 +3,7 @@ version: 0.2 phases: install: runtime-versions: - python: 3.7 + python: 3.9 commands: - echo Entered the install phase... - echo About to build $MODULE_PATH diff --git a/packages/cfn_guard_rs_hook/example/.rpdk-config b/packages/cfn_guard_rs_hook/example/.rpdk-config index d59e2bc6..38ceddb4 100644 --- a/packages/cfn_guard_rs_hook/example/.rpdk-config +++ b/packages/cfn_guard_rs_hook/example/.rpdk-config @@ -1,8 +1,8 @@ { "artifact_type": "HOOK", "typeName": "Sample::S3::DefaultLockEnabled", - "language": "python37", - "runtime": "python3.7", + "language": "python39", + "runtime": "python3.9", "entrypoint": "sample_s3_defaultlockenabled.handlers.hook", "testEntrypoint": "sample_s3_defaultlockenabled.handlers.test_entrypoint", "settings": { diff --git a/packages/cfn_guard_rs_hook/example/template.yml b/packages/cfn_guard_rs_hook/example/template.yml index 18aa7b99..b450fd51 100644 --- a/packages/cfn_guard_rs_hook/example/template.yml +++ b/packages/cfn_guard_rs_hook/example/template.yml @@ -12,13 +12,13 @@ Resources: Type: AWS::Serverless::Function Properties: Handler: sample_s3_defaultlockenabled.handlers.hook - Runtime: python3.7 + Runtime: python3.9 CodeUri: build/ TestEntrypoint: Type: AWS::Serverless::Function Properties: Handler: sample_s3_defaultlockenabled.handlers.test_entrypoint - Runtime: python3.7 + Runtime: python3.9 CodeUri: build/ diff --git a/release/awscommunity/cicd.yml b/release/awscommunity/cicd.yml index dcfd06a2..2f401a0a 100644 --- a/release/awscommunity/cicd.yml +++ b/release/awscommunity/cicd.yml @@ -2283,7 +2283,7 @@ Resources: Handler: delay.handler Timeout: 120 Role: !GetAtt DelayFunctionRole.Arn - Runtime: python3.7 + Runtime: python3.9 Code: !Rain::S3 Path: ../delay.py Zip: true diff --git a/release/cloudflare/cicd.yml b/release/cloudflare/cicd.yml index a36fe249..35e52f97 100644 --- a/release/cloudflare/cicd.yml +++ b/release/cloudflare/cicd.yml @@ -883,7 +883,7 @@ Resources: Handler: delay.handler Timeout: 120 Role: !GetAtt DelayFunctionRole.Arn - Runtime: python3.7 + Runtime: python3.9 Code: delay.py MemorySize: 1024 diff --git a/release/common.yml b/release/common.yml index 14e049eb..82e64388 100644 --- a/release/common.yml +++ b/release/common.yml @@ -278,7 +278,7 @@ Resources: KeyProperty: S3Key Role: !GetAtt WebHookHandlerRole.Arn Handler: webhook.handler - Runtime: python3.7 + Runtime: python3.9 MemorySize: 1024 Environment: Variables: diff --git a/release/databricks/cicd.yml b/release/databricks/cicd.yml index d321f29c..ec64d82d 100644 --- a/release/databricks/cicd.yml +++ b/release/databricks/cicd.yml @@ -660,6 +660,6 @@ Resources: Handler: delay.handler Timeout: 120 Role: !GetAtt DelayFunctionRole.Arn - Runtime: python3.7 + Runtime: python3.9 Code: delay.py MemorySize: 1024 \ No newline at end of file diff --git a/release/dynatrace/cicd.yml b/release/dynatrace/cicd.yml index 96060f8d..a5db1867 100644 --- a/release/dynatrace/cicd.yml +++ b/release/dynatrace/cicd.yml @@ -870,6 +870,6 @@ Resources: Handler: delay.handler Timeout: 120 Role: !GetAtt DelayFunctionRole.Arn - Runtime: python3.7 + Runtime: python3.9 Code: delay.py MemorySize: 1024 \ No newline at end of file diff --git a/release/fastly/cicd.yml b/release/fastly/cicd.yml index 1e9ab80b..54b8516b 100644 --- a/release/fastly/cicd.yml +++ b/release/fastly/cicd.yml @@ -1289,7 +1289,7 @@ Resources: Handler: delay.handler Timeout: 120 Role: !GetAtt DelayFunctionRole.Arn - Runtime: python3.7 + Runtime: python3.9 Code: delay.py MemorySize: 1024 diff --git a/release/github/cicd.yml b/release/github/cicd.yml index a96136ab..fe2c3e14 100644 --- a/release/github/cicd.yml +++ b/release/github/cicd.yml @@ -1190,7 +1190,7 @@ Resources: Handler: delay.handler Timeout: 120 Role: !GetAtt DelayFunctionRole.Arn - Runtime: python3.7 + Runtime: python3.9 Code: delay.py MemorySize: 1024 diff --git a/release/gitlab/cicd.yml b/release/gitlab/cicd.yml index 97d0eccf..791550b0 100644 --- a/release/gitlab/cicd.yml +++ b/release/gitlab/cicd.yml @@ -1116,6 +1116,6 @@ Resources: Handler: delay.handler Timeout: 120 Role: !GetAtt DelayFunctionRole.Arn - Runtime: python3.7 + Runtime: python3.9 Code: delay.py MemorySize: 1024 \ No newline at end of file diff --git a/release/newrelic/cicd.yml b/release/newrelic/cicd.yml index 29a1a50f..9522e9ee 100644 --- a/release/newrelic/cicd.yml +++ b/release/newrelic/cicd.yml @@ -739,6 +739,6 @@ Resources: Handler: delay.handler Timeout: 120 Role: !GetAtt DelayFunctionRole.Arn - Runtime: python3.7 + Runtime: python3.9 Code: delay.py MemorySize: 1024 \ No newline at end of file diff --git a/release/okta/cicd.yml b/release/okta/cicd.yml index 5256181f..d9c3ed8e 100644 --- a/release/okta/cicd.yml +++ b/release/okta/cicd.yml @@ -979,7 +979,7 @@ Resources: Handler: delay.handler Timeout: 120 Role: !GetAtt DelayFunctionRole.Arn - Runtime: python3.7 + Runtime: python3.9 Code: delay.py MemorySize: 1024 diff --git a/release/pagerduty/cicd.yml b/release/pagerduty/cicd.yml index 19b5a93f..fa54db77 100644 --- a/release/pagerduty/cicd.yml +++ b/release/pagerduty/cicd.yml @@ -961,6 +961,6 @@ Resources: Handler: delay.handler Timeout: 120 Role: !GetAtt DelayFunctionRole.Arn - Runtime: python3.7 + Runtime: python3.9 Code: delay.py MemorySize: 1024 \ No newline at end of file diff --git a/release/rollbar/cicd.yml b/release/rollbar/cicd.yml index d386424a..8b24f17b 100644 --- a/release/rollbar/cicd.yml +++ b/release/rollbar/cicd.yml @@ -878,6 +878,6 @@ Resources: Handler: delay.handler Timeout: 120 Role: !GetAtt DelayFunctionRole.Arn - Runtime: python3.7 + Runtime: python3.9 Code: delay.py MemorySize: 1024 \ No newline at end of file diff --git a/release/snowflake/cicd.yml b/release/snowflake/cicd.yml index 452de968..35b17f2f 100644 --- a/release/snowflake/cicd.yml +++ b/release/snowflake/cicd.yml @@ -1055,7 +1055,7 @@ Resources: Handler: delay.handler Timeout: 120 Role: !GetAtt DelayFunctionRole.Arn - Runtime: python3.7 + Runtime: python3.9 Code: delay.py MemorySize: 1024 diff --git a/resources/Account_AlternateContact/template.yml b/resources/Account_AlternateContact/template.yml index 36ef76bc..c728d423 100644 --- a/resources/Account_AlternateContact/template.yml +++ b/resources/Account_AlternateContact/template.yml @@ -12,12 +12,12 @@ Resources: Type: AWS::Serverless::Function Properties: Handler: awscommunity_account_alternatecontact.handlers.resource - Runtime: python3.7 + Runtime: python3.9 CodeUri: build/ TestEntrypoint: Type: AWS::Serverless::Function Properties: Handler: awscommunity_account_alternatecontact.handlers.test_entrypoint - Runtime: python3.7 + Runtime: python3.9 CodeUri: build/ diff --git a/resources/CloudFront_WebACLAssociation/template.yml b/resources/CloudFront_WebACLAssociation/template.yml index d14a11e9..02c9629a 100644 --- a/resources/CloudFront_WebACLAssociation/template.yml +++ b/resources/CloudFront_WebACLAssociation/template.yml @@ -12,13 +12,13 @@ Resources: Type: AWS::Serverless::Function Properties: Handler: awscommunity_cloudfront_webaclassociation.handlers.resource - Runtime: python3.7 + Runtime: python3.9 CodeUri: build/ TestEntrypoint: Type: AWS::Serverless::Function Properties: Handler: awscommunity_cloudfront_webaclassociation.handlers.test_entrypoint - Runtime: python3.7 + Runtime: python3.9 CodeUri: build/ diff --git a/resources/Resource_Lookup/template.yml b/resources/Resource_Lookup/template.yml index 11111aec..8ba876e9 100644 --- a/resources/Resource_Lookup/template.yml +++ b/resources/Resource_Lookup/template.yml @@ -12,12 +12,12 @@ Resources: Type: AWS::Serverless::Function Properties: Handler: com.awscommunity.resource.lookup.HandlerWrapper::handleRequest - Runtime: java8 + Runtime: java11 CodeUri: ./target/awscommunity-resource-lookup-handler-1.0-SNAPSHOT.jar TestEntrypoint: Type: AWS::Serverless::Function Properties: Handler: com.awscommunity.resource.lookup.HandlerWrapper::testEntrypoint - Runtime: java8 + Runtime: java11 CodeUri: ./target/awscommunity-resource-lookup-handler-1.0-SNAPSHOT.jar diff --git a/resources/S3_BucketNotification/src/awscommunity_s3_bucketnotification/config_integ.py b/resources/S3_BucketNotification/src/awscommunity_s3_bucketnotification/config_integ.py index f2913938..cdb373b2 100644 --- a/resources/S3_BucketNotification/src/awscommunity_s3_bucketnotification/config_integ.py +++ b/resources/S3_BucketNotification/src/awscommunity_s3_bucketnotification/config_integ.py @@ -131,7 +131,7 @@ def main(profile_name): #pylint: disable=too-many-branches zipped_code = f.read() r = lam.create_function(FunctionName=function_name, - Runtime="python3.7", + Runtime="python3.9", Role=function_role_arn, Handler="test_lambda.handle", Code=dict(ZipFile=zipped_code)) diff --git a/resources/S3_BucketNotification/template.yml b/resources/S3_BucketNotification/template.yml index 56f2f768..35f8e7c4 100644 --- a/resources/S3_BucketNotification/template.yml +++ b/resources/S3_BucketNotification/template.yml @@ -12,13 +12,13 @@ Resources: Type: AWS::Serverless::Function Properties: Handler: awscommunity_s3_bucketnotification.handlers.resource - Runtime: python3.7 + Runtime: python3.9 CodeUri: build/ TestEntrypoint: Type: AWS::Serverless::Function Properties: Handler: awscommunity_s3_bucketnotification.handlers.test_entrypoint - Runtime: python3.7 + Runtime: python3.9 CodeUri: build/ diff --git a/resources/S3_DeleteBucketContents/template.yml b/resources/S3_DeleteBucketContents/template.yml index b0b3c3ae..25ca5a21 100644 --- a/resources/S3_DeleteBucketContents/template.yml +++ b/resources/S3_DeleteBucketContents/template.yml @@ -12,13 +12,13 @@ Resources: Type: AWS::Serverless::Function Properties: Handler: awscommunity_s3_deletebucketcontents.handlers.resource - Runtime: python3.7 + Runtime: python3.9 CodeUri: build/ TestEntrypoint: Type: AWS::Serverless::Function Properties: Handler: awscommunity_s3_deletebucketcontents.handlers.test_entrypoint - Runtime: python3.7 + Runtime: python3.9 CodeUri: build/ diff --git a/scripts/build.sh b/scripts/build.sh index 2a2ddb29..f57e23d4 100755 --- a/scripts/build.sh +++ b/scripts/build.sh @@ -15,13 +15,13 @@ do echo "Building $dir" # Get the name of the source folder - ENTRY=$(python3.7 scripts/entry.py $dir/.rpdk-config) + ENTRY=$(python3.9 scripts/entry.py $dir/.rpdk-config) # Move into the resource directory pushd $dir # Create a short-lived python environment - python3.7 -m venv .tmpenv + python3.9 -m venv .tmpenv . .tmpenv/bin/activate # Install dependencies diff --git a/scripts/cicd-3p-template.yml b/scripts/cicd-3p-template.yml index 49dab744..5416d394 100644 --- a/scripts/cicd-3p-template.yml +++ b/scripts/cicd-3p-template.yml @@ -734,7 +734,7 @@ Resources: Handler: delay.handler Timeout: 120 Role: !GetAtt DelayFunctionRole.Arn - Runtime: python3.7 + Runtime: python3.9 Code: delay.py MemorySize: 1024 From 2db9dc2f91e4f2723d854a2167ef4a52ed076448 Mon Sep 17 00:00:00 2001 From: Eric Beard Date: Fri, 13 Oct 2023 14:40:44 -0700 Subject: [PATCH 9/9] Java11 --- hooks/KMS_EncryptionSettings/.rpdk-config | 2 +- hooks/S3_AccessControl/.rpdk-config | 2 +- resources/Resource_Lookup/.rpdk-config | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/hooks/KMS_EncryptionSettings/.rpdk-config b/hooks/KMS_EncryptionSettings/.rpdk-config index 1827d4cc..d8af8b28 100644 --- a/hooks/KMS_EncryptionSettings/.rpdk-config +++ b/hooks/KMS_EncryptionSettings/.rpdk-config @@ -2,7 +2,7 @@ "artifact_type": "HOOK", "typeName": "AwsCommunity::KMS::EncryptionSettings", "language": "java", - "runtime": "java17", + "runtime": "java11", "entrypoint": "com.awscommunity.kms.encryptionsettings.HookHandlerWrapper::handleRequest", "testEntrypoint": "com.awscommunity.kms.encryptionsettings.HookHandlerWrapper::testEntrypoint", "settings": { diff --git a/hooks/S3_AccessControl/.rpdk-config b/hooks/S3_AccessControl/.rpdk-config index 25dad110..38ebda80 100644 --- a/hooks/S3_AccessControl/.rpdk-config +++ b/hooks/S3_AccessControl/.rpdk-config @@ -2,7 +2,7 @@ "artifact_type": "HOOK", "typeName": "AwsCommunity::S3::AccessControl", "language": "java", - "runtime": "java17", + "runtime": "java11", "entrypoint": "com.awscommunity.s3.accesscontrol.HookHandlerWrapper::handleRequest", "testEntrypoint": "com.awscommunity.s3.accesscontrol.HookHandlerWrapper::testEntrypoint", "settings": { diff --git a/resources/Resource_Lookup/.rpdk-config b/resources/Resource_Lookup/.rpdk-config index ee89f058..e6ede17b 100644 --- a/resources/Resource_Lookup/.rpdk-config +++ b/resources/Resource_Lookup/.rpdk-config @@ -2,7 +2,7 @@ "artifact_type": "RESOURCE", "typeName": "AwsCommunity::Resource::Lookup", "language": "java", - "runtime": "java17", + "runtime": "java11", "entrypoint": "com.awscommunity.resource.lookup.HandlerWrapper::handleRequest", "testEntrypoint": "com.awscommunity.resource.lookup.HandlerWrapper::testEntrypoint", "settings": {