(codebuild): AWS CDK 2.0 still defaults to LinuxBuildImage.STANDARD_1_0 #16707
Comments
markusl
added
bug
ryparker
added
effort/small
|
@peterwoodworth do you know if this is going to be included in AWS CDK 2.0? |
|
I'm not sure - @skinny85 might know |
|
@markusl unfortunately, I don't have the bandwidth to take care of this. Unless you submit a PR to the |
|
@skinny85 well, it is a security consideration to use supported platforms, instead of old, insecure, and deprecated platforms by default. I totally understand that there's a huge amount of different kinds of issues in your issue tracker but to me, it sounds weird that you expect library customers to take care of lifecycle updates of platform-level dependencies. In our company, we would like the library to default to the AWS recommended, standard and secure versions at all times. |
Unfortunately, that's kind of at odds with semantic versioning of a client-side library, so we're between a rock and a hard place (breaking backwards compatibility vs staying up to date). |
|
@peterwoodworth any news on this? Could you consider this for CDK v3? :) |
|
There are currently no plans for v3, so we can't really consider this for v3 quite yet. Also, we don't have an ETA on this. I wonder if we could include this in v2 with feature flags? |
|
@peterwoodworth Yep, I think that's the least you can do. It's really important that CDK libraries have sane defaults to officially supported CodeBuild images. |
|
@peterwoodworth Hello again! This issue still exists and a lot of people are seriously struggling with the AWS-provided default values that are not supported by AWS. Support for See also other related issues #23617 #23096 and #11960 which demonstrate why people are not having first-class experience at the moment. |
|
Maybe a feature flag? 😃 |
Sounds good. A feature flag to opt out of using the latest build image? :) |
I was actually thinking a feature flag that makes |
|
Not sure that is a good idea. This would also mean that the buildImage needs to be required in all constructs using this like CDK pipelines or it would not change anything. For me one of the benefits of the CDK is having proven defaults instead of setting my own properties. But I totally see that changing it also is a problem as it could be a breaking change. |
|
I definitely expected my new CDK pipeline to use a new image - so I was surprised when I got an AWS Health warning about the deprecation of standard/5.0 image on my new pipeline. |
|
Fixed by #24544 ? |
Unfortunately no: |
|
@markusl your ticket mentions cdk 2.0 and you're pointing issue from 1.0 |
|
Just recognize that #24544 fixed for CDK pipeline only |
…ined (#28533) As per these documents, the following build image is not actively maintained, so I added @deprecated tag in this PR. - `standard` - `STANDARD_1_0` - `STANDARD_2_0` - `STANDARD_3_0` - `STANDARD_4_0` - `amazonlinux2-x86_64-standard` - `AMAZON_LINUX_2` - `AMAZON_LINUX_2_2` - `AMAZON_LINUX_2_3` - `amazonlinux2-aarch64-standard` - `AMAZON_LINUX_2_STANDARD_1_0` https://github.com/aws/aws-codebuild-docker-images?tab=readme-ov-file#image-maintenance https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-available.html relates: #23096 (comment), #16707 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…ined (aws#28533) As per these documents, the following build image is not actively maintained, so I added @deprecated tag in this PR. - `standard` - `STANDARD_1_0` - `STANDARD_2_0` - `STANDARD_3_0` - `STANDARD_4_0` - `amazonlinux2-x86_64-standard` - `AMAZON_LINUX_2` - `AMAZON_LINUX_2_2` - `AMAZON_LINUX_2_3` - `amazonlinux2-aarch64-standard` - `AMAZON_LINUX_2_STANDARD_1_0` https://github.com/aws/aws-codebuild-docker-images?tab=readme-ov-file#image-maintenance https://docs.aws.amazon.com/codebuild/latest/userguide/build-env-ref-available.html relates: aws#23096 (comment), aws#16707 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
|
Landed here today with the same exact issue. Would love to see the team prioritize a good default here. |
AWS CDK 2.0 still defaults to LinuxBuildImage.STANDARD_1_0
Reproduction Steps
Define a
codebuild.Projectin a pipeline.What did you expect to happen?
The default build image should be something that AWS actually supports.
What actually happened?
CDK 2.0 defaults to an outdated build image.
Environment
Other
This is 🐛 Bug Report
The text was updated successfully, but these errors were encountered: