From c6c1aba02a71ce480ee4c3170da705a1d74e86d9 Mon Sep 17 00:00:00 2001 From: Kendra Neil <53584728+TheRealAmazonKendra@users.noreply.github.com> Date: Wed, 10 Aug 2022 10:31:14 -0700 Subject: [PATCH 1/2] revert "fix(eks): cannot disable cluster logging once it has been enabled" (#21545) Reverts https://github.com/aws/aws-cdk/pull/21185 and https://github.com/aws/aws-cdk/pull/21463 Closes https://github.com/aws/aws-cdk/issues/21515 Re-opens https://github.com/aws/aws-cdk/issues/19898. Fix for this in progress. ---- ### All Submissions: * [ ] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [ ] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [ ] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license* --- .../lib/cluster-resource-handler/cluster.ts | 6 +- .../@aws-cdk/aws-eks/lib/cluster-resource.ts | 2 +- packages/@aws-cdk/aws-eks/lib/cluster.ts | 18 +--- .../test/cluster-resource-provider.test.ts | 16 ---- .../@aws-cdk/aws-eks/test/cluster.test.ts | 94 ------------------- .../aws-cdk-eks-cluster-test.template.json | 9 +- .../aws-cdk-eks-helm-test.template.json | 9 +- .../@aws-cdk/aws-eks/test/fargate.test.ts | 74 +-------------- 8 files changed, 7 insertions(+), 221 deletions(-) diff --git a/packages/@aws-cdk/aws-eks/lib/cluster-resource-handler/cluster.ts b/packages/@aws-cdk/aws-eks/lib/cluster-resource-handler/cluster.ts index dfafd02d4c291..0177a7e21b695 100644 --- a/packages/@aws-cdk/aws-eks/lib/cluster-resource-handler/cluster.ts +++ b/packages/@aws-cdk/aws-eks/lib/cluster-resource-handler/cluster.ts @@ -286,14 +286,10 @@ function parseProps(props: any): aws.EKS.CreateClusterRequest { parsed.resourcesVpcConfig.endpointPublicAccess = parsed.resourcesVpcConfig.endpointPublicAccess === 'true'; } - if (typeof (parsed.logging?.clusterLogging[0]?.enabled) === 'string') { + if (typeof (parsed.logging?.clusterLogging[0].enabled) === 'string') { parsed.logging.clusterLogging[0].enabled = parsed.logging.clusterLogging[0].enabled === 'true'; } - if (typeof (parsed.logging?.clusterLogging[1]?.enabled) === 'string') { - parsed.logging.clusterLogging[1].enabled = parsed.logging.clusterLogging[1].enabled === 'false'; - } - return parsed; } diff --git a/packages/@aws-cdk/aws-eks/lib/cluster-resource.ts b/packages/@aws-cdk/aws-eks/lib/cluster-resource.ts index 28c6a5a2f51d7..755b89eec135c 100644 --- a/packages/@aws-cdk/aws-eks/lib/cluster-resource.ts +++ b/packages/@aws-cdk/aws-eks/lib/cluster-resource.ts @@ -25,7 +25,7 @@ export interface ClusterResourceProps { readonly onEventLayer?: lambda.ILayerVersion; readonly clusterHandlerSecurityGroup?: ec2.ISecurityGroup; readonly tags?: { [key: string]: string }; - readonly logging?: { [key: string]: [ { [key: string]: any }, { [key: string]: any } ] }; + readonly logging?: { [key: string]: [ { [key: string]: any } ] }; } /** diff --git a/packages/@aws-cdk/aws-eks/lib/cluster.ts b/packages/@aws-cdk/aws-eks/lib/cluster.ts index 481f0891c849d..5fd70cd5b1d45 100644 --- a/packages/@aws-cdk/aws-eks/lib/cluster.ts +++ b/packages/@aws-cdk/aws-eks/lib/cluster.ts @@ -1285,7 +1285,7 @@ export class Cluster extends ClusterBase { private readonly version: KubernetesVersion; - private readonly logging?: { [key: string]: [ { [key: string]: any }, { [key: string]: any } ] }; + private readonly logging?: { [key: string]: [ { [key: string]: any } ] }; /** * A dummy CloudFormation resource that is used as a wait barrier which @@ -1347,28 +1347,12 @@ export class Cluster extends ClusterBase { // Get subnetIds for all selected subnets const subnetIds = Array.from(new Set(flatten(selectedSubnetIdsPerGroup))); - // The value of clusterLoggingTypeDisabled should be invert of props.clusterLogging. - let clusterLoggingTypeDisabled: ClusterLoggingTypes[] = []; - - // Find out type(s) to disable. - Object.values(ClusterLoggingTypes).forEach(function (key) { - let clusterLoggingTypeEnabled = Object.values(props.clusterLogging ? Object.values(props.clusterLogging) : []); - if (!Object.values(clusterLoggingTypeEnabled).includes(key)) { - clusterLoggingTypeDisabled.push(key); - }; - }); - - // Leave it untouched as undefined if (props.clusterLogging === undefined). this.logging = props.clusterLogging ? { clusterLogging: [ { enabled: true, types: Object.values(props.clusterLogging), }, - { - enabled: false, - types: Object.values(clusterLoggingTypeDisabled), - }, ], } : undefined; diff --git a/packages/@aws-cdk/aws-eks/test/cluster-resource-provider.test.ts b/packages/@aws-cdk/aws-eks/test/cluster-resource-provider.test.ts index 7a486cc67600f..d7d7789bde0a5 100644 --- a/packages/@aws-cdk/aws-eks/test/cluster-resource-provider.test.ts +++ b/packages/@aws-cdk/aws-eks/test/cluster-resource-provider.test.ts @@ -566,10 +566,6 @@ describe('cluster resource provider', () => { types: ['api'], enabled: true, }, - { - types: ['audit', 'authenticator', 'controllerManager', 'scheduler'], - enabled: false, - }, ], }, }, { @@ -585,10 +581,6 @@ describe('cluster resource provider', () => { types: ['api'], enabled: true, }, - { - types: ['audit', 'authenticator', 'controllerManager', 'scheduler'], - enabled: false, - }, ], }, }); @@ -630,10 +622,6 @@ describe('cluster resource provider', () => { types: ['api', 'audit', 'authenticator', 'controllerManager', 'scheduler'], enabled: true, }, - { - types: [], - enabled: false, - }, ], }, resourcesVpcConfig: { @@ -656,10 +644,6 @@ describe('cluster resource provider', () => { types: ['api', 'audit', 'authenticator', 'controllerManager', 'scheduler'], enabled: true, }, - { - types: [], - enabled: false, - }, ], }, resourcesVpcConfig: { diff --git a/packages/@aws-cdk/aws-eks/test/cluster.test.ts b/packages/@aws-cdk/aws-eks/test/cluster.test.ts index 8b797a954007f..1f6ba84fc20fa 100644 --- a/packages/@aws-cdk/aws-eks/test/cluster.test.ts +++ b/packages/@aws-cdk/aws-eks/test/cluster.test.ts @@ -3156,98 +3156,4 @@ describe('cluster', () => { }, }); }); - - test('create a cluster without logging configure', () => { - // GIVEN - const { stack } = testFixture(); - - // WHEN - new eks.Cluster(stack, 'Cluster', { - version: CLUSTER_VERSION, - }); - - // THEN - Template.fromStack(stack).resourceCountIs('Custom::AWSCDK-EKS-Cluster::Config::logging', 0); - }); - - test('create a cluster with partial logging configure', () => { - // GIVEN - const { stack } = testFixture(); - - // WHEN - new eks.Cluster(stack, 'Cluster', { - version: CLUSTER_VERSION, - clusterLogging: [ - eks.ClusterLoggingTypes.API, - eks.ClusterLoggingTypes.AUTHENTICATOR, - eks.ClusterLoggingTypes.SCHEDULER, - ], - }); - - // THEN - Template.fromStack(stack).hasResourceProperties('Custom::AWSCDK-EKS-Cluster', { - Config: { - logging: { - clusterLogging: [ - { - enabled: true, - types: [ - 'api', - 'authenticator', - 'scheduler', - ], - }, - { - enabled: false, - types: [ - 'audit', - 'controllerManager', - ], - }, - ], - }, - }, - }); - }); - - test('create a cluster with all logging configure', () => { - // GIVEN - const { stack } = testFixture(); - - // WHEN - new eks.Cluster(stack, 'Cluster', { - version: CLUSTER_VERSION, - clusterLogging: [ - eks.ClusterLoggingTypes.API, - eks.ClusterLoggingTypes.AUDIT, - eks.ClusterLoggingTypes.AUTHENTICATOR, - eks.ClusterLoggingTypes.CONTROLLER_MANAGER, - eks.ClusterLoggingTypes.SCHEDULER, - ], - }); - - // THEN - Template.fromStack(stack).hasResourceProperties('Custom::AWSCDK-EKS-Cluster', { - Config: { - logging: { - clusterLogging: [ - { - enabled: true, - types: [ - 'api', - 'audit', - 'authenticator', - 'controllerManager', - 'scheduler', - ], - }, - { - enabled: false, - types: [], - }, - ], - }, - }, - }); - }); }); diff --git a/packages/@aws-cdk/aws-eks/test/eks-cluster.integ.snapshot/aws-cdk-eks-cluster-test.template.json b/packages/@aws-cdk/aws-eks/test/eks-cluster.integ.snapshot/aws-cdk-eks-cluster-test.template.json index e82dac45c4b78..281bb1075114d 100644 --- a/packages/@aws-cdk/aws-eks/test/eks-cluster.integ.snapshot/aws-cdk-eks-cluster-test.template.json +++ b/packages/@aws-cdk/aws-eks/test/eks-cluster.integ.snapshot/aws-cdk-eks-cluster-test.template.json @@ -825,13 +825,6 @@ "authenticator", "scheduler" ] - }, - { - "enabled": false, - "types": [ - "audit", - "controllerManager" - ] } ] } @@ -4039,4 +4032,4 @@ "Default": "/aws/service/bottlerocket/aws-k8s-1.21/x86_64/latest/image_id" } } -} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-eks/test/eks-helm-asset.integ.snapshot/aws-cdk-eks-helm-test.template.json b/packages/@aws-cdk/aws-eks/test/eks-helm-asset.integ.snapshot/aws-cdk-eks-helm-test.template.json index 48a92cfb5667b..7d2bb8615cb6f 100644 --- a/packages/@aws-cdk/aws-eks/test/eks-helm-asset.integ.snapshot/aws-cdk-eks-helm-test.template.json +++ b/packages/@aws-cdk/aws-eks/test/eks-helm-asset.integ.snapshot/aws-cdk-eks-helm-test.template.json @@ -668,13 +668,6 @@ "authenticator", "scheduler" ] - }, - { - "enabled": false, - "types": [ - "audit", - "controllerManager" - ] } ] } @@ -1323,4 +1316,4 @@ "Description": "Artifact hash for asset \"3d78a5cdc39276c4ee8503417d4363951a0693b01cfd99ec9786feed456d012f\"" } } -} +} \ No newline at end of file diff --git a/packages/@aws-cdk/aws-eks/test/fargate.test.ts b/packages/@aws-cdk/aws-eks/test/fargate.test.ts index d0cff709da411..e028981ff7bf2 100644 --- a/packages/@aws-cdk/aws-eks/test/fargate.test.ts +++ b/packages/@aws-cdk/aws-eks/test/fargate.test.ts @@ -459,62 +459,7 @@ describe('fargate', () => { }); - test('supports cluster logging without FargateCluster', () => { - // GIVEN - const stack = new Stack(); - - // WHEN - - new eks.FargateCluster(stack, 'FargateCluster', { - version: CLUSTER_VERSION, - }); - - //THEN - Template.fromStack(stack).resourceCountIs('Custom::AWSCDK-EKS-Cluster::Config::logging', 0); - }); - - test('supports cluster partial logging enabled with FargateCluster', () => { - // GIVEN - const stack = new Stack(); - - // WHEN - - new eks.FargateCluster(stack, 'FargateCluster', { - version: CLUSTER_VERSION, - clusterLogging: [ - eks.ClusterLoggingTypes.API, - eks.ClusterLoggingTypes.AUTHENTICATOR, - eks.ClusterLoggingTypes.SCHEDULER, - ], - }); - - //THEN - Template.fromStack(stack).hasResourceProperties('Custom::AWSCDK-EKS-Cluster', { - Config: { - logging: { - clusterLogging: [ - { - enabled: true, - types: [ - 'api', - 'authenticator', - 'scheduler', - ], - }, - { - enabled: false, - types: [ - 'audit', - 'controllerManager', - ], - }, - ], - }, - }, - }); - }); - - test('supports cluster all logging enabled with FargateCluster', () => { + test('supports cluster logging with FargateCluster', () => { // GIVEN const stack = new Stack(); @@ -524,9 +469,7 @@ describe('fargate', () => { version: CLUSTER_VERSION, clusterLogging: [ eks.ClusterLoggingTypes.API, - eks.ClusterLoggingTypes.AUDIT, eks.ClusterLoggingTypes.AUTHENTICATOR, - eks.ClusterLoggingTypes.CONTROLLER_MANAGER, eks.ClusterLoggingTypes.SCHEDULER, ], }); @@ -536,20 +479,7 @@ describe('fargate', () => { Config: { logging: { clusterLogging: [ - { - enabled: true, - types: [ - 'api', - 'audit', - 'authenticator', - 'controllerManager', - 'scheduler', - ], - }, - { - enabled: false, - types: [], - }, + { enabled: true, types: ['api', 'authenticator', 'scheduler'] }, ], }, }, From a82d7605f0a1208785735ab1cf07eeed4110581e Mon Sep 17 00:00:00 2001 From: Vinayak Kukreja Date: Wed, 10 Aug 2022 11:30:00 -0700 Subject: [PATCH 2/2] chore(release): 2.37.1 --- CHANGELOG.v2.alpha.md | 2 ++ CHANGELOG.v2.md | 6 ++++++ version.v2.json | 4 ++-- 3 files changed, 10 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.v2.alpha.md b/CHANGELOG.v2.alpha.md index 3545c566cf52e..215fba3893e11 100644 --- a/CHANGELOG.v2.alpha.md +++ b/CHANGELOG.v2.alpha.md @@ -2,6 +2,8 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [2.37.1-alpha.0](https://github.com/aws/aws-cdk/compare/v2.37.0-alpha.0...v2.37.1-alpha.0) (2022-08-10) + ## [2.37.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.36.0-alpha.0...v2.37.0-alpha.0) (2022-08-09) diff --git a/CHANGELOG.v2.md b/CHANGELOG.v2.md index 5e32a070a85e9..3d2e9539994bf 100644 --- a/CHANGELOG.v2.md +++ b/CHANGELOG.v2.md @@ -2,6 +2,12 @@ All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines. +## [2.37.1](https://github.com/aws/aws-cdk/compare/v2.37.0...v2.37.1) (2022-08-10) + +### Bug Fixes + +* **eks:** revert "fix(eks): cannot disable cluster logging once it has been enabled" ([#21545](https://github.com/aws/aws-cdk/pull/21545)) ([5515ce4](https://github.com/aws/aws-cdk/commit/5515ce4b439d7917bbba662d852acc29fea9d8a4)) + ## [2.37.0](https://github.com/aws/aws-cdk/compare/v2.36.0...v2.37.0) (2022-08-09) diff --git a/version.v2.json b/version.v2.json index 1d6fec099fc63..af0800298f522 100644 --- a/version.v2.json +++ b/version.v2.json @@ -1,4 +1,4 @@ { - "version": "2.37.0", - "alphaVersion": "2.37.0-alpha.0" + "version": "2.37.1", + "alphaVersion": "2.37.1-alpha.0" } \ No newline at end of file