-
Notifications
You must be signed in to change notification settings - Fork 3.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(iam): incorrect input for AccountPrincipal is building successfully #30559
base: main
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.
A comment requesting an exemption should contain the text Exemption Request
. Additionally, if clarification is needed add Clarification Request
to a comment.
Logs are quite odd
Seems issue with yarn/nx |
/** | ||
* | ||
* @param accountId AWS account ID (i.e. '123456789012') | ||
*/ | ||
constructor(public readonly accountId: any) { | ||
super(new StackDependentToken(stack => `arn:${stack.partition}:iam::${accountId}:root`).toString()); | ||
if (!cdk.Token.isUnresolved(accountId) && typeof accountId !== 'string') { | ||
throw new Error('accountId should be of type string'); | ||
if (!cdk.Token.isUnresolved(accountId) && typeof accountId !== 'string' && !this.accountIdRegExp.test(accountId)) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
While you're at it, maybe we should check to see that all characters in the string are digits.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's covered with the regex new RegExp('^[0-9]{12}$');
as restricting only digits to 0-9 (could also be \d, but 0-9 is easier to read imo)
This build failure can't possibly have anything to do with this change... I'll retrigger it. |
@Mergifyio update |
✅ Branch has been successfully updated |
For fixes, the title should describe the bug, not the solution. Could you please update it? |
✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.
A comment requesting an exemption should contain the text Exemption Request
. Additionally, if clarification is needed add Clarification Request
to a comment.
Hey Kendra, thanks for the review and restarting the build
Done ! Is it better with this ?
|
✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.
Pull request has been modified.
206cce4
to
17c7271
Compare
Seems this PR is breaking lots of existing test ... I'll look into it, if it's too complex or there is actual use case where the an AWS ID is not 12 digits (which should not be the case ?) I'll close it. |
...-cdk-testing/framework-integ/test/aws-codepipeline-actions/test/integ.pipeline-ecr-source.ts
Show resolved
Hide resolved
...testing/framework-integ/test/aws-codepipeline-actions/test/cloudformation/integ.stacksets.ts
Outdated
Show resolved
Hide resolved
b41104b
to
b22e556
Compare
Had to refactor/fix in bunch of test files but now they use proper mock AWS Accound id 🙌 |
Bump ! |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
Reason for this change
There is no validation and test that the AWS Account Id when creating AccountPrincipal Object. In my case I missed a digit when copy pasting an account id and the build still passed, the typo has been caught only during the code review process
Description of changes
Adding simple regex to check that AWS Id is 12 digits long & update error message
Description of how you validated changes
Existing tests are passing and added 2 of them
Checklist
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license