Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enable creation of strong names for .NET assemblies. #643

Merged
merged 10 commits into from
Sep 11, 2018

Conversation

mpiroc
Copy link
Contributor

@mpiroc mpiroc commented Aug 30, 2018

Based on #617.

This change fetches a .snk file from secrets manager prior to build. This key is used during build to add strong names to each .NET assembly.

Your CI environment should set the DOTNET_STRONG_NAME_ROLE_ARN and DOTNET_STRONG_NAME_SECRET_ID environment variables prior to build.

continue
fi

cp $TMP_KEY $PACKAGE_PATH
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Instead of copying this file everywhere, maybe the .NET build can consult an environment variable for it's location?

Copy link
Contributor Author

@mpiroc mpiroc Aug 30, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • Using an environment variable is an extra level of indirection that we don't need (we already have too many [levels of indirection]!). There's no cost to copying the file everywhere.
  • I'm trying to minimize any necessary changes if we ever decide to move away from a monorepo. While an environment variable would still work with one package per repo, it seems like overkill.

Copy link
Contributor Author

@mpiroc mpiroc Aug 30, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Another issue with using an environment variable is: How would it be set? The temporary directory is created by fetch-dotnet-snk.sh, but build.sh is a sibling process of fetch-dotnet-snk.sh, not a descendant. A process can't modify its parent's environment variables.

"packageId": "Amazon.CDK.RuntimeValues"
"packageId": "Amazon.CDK.RuntimeValues",
"signAssembly": true,
"assemblyOriginatorKeyFile": "../../key.snk"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should be enforced by pkglint

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

✔️


sudo apt install jq -y

ROLE=$(aws sts assume-role --region us-east-2 --role-arn ${DOTNET_STRONG_NAME_ROLE_ARN:-} --role-session-name "cdk-dotnet-snk")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

region pass in?

@rix0rrr rix0rrr merged commit b6074ba into pirocchi/init Sep 11, 2018
@rix0rrr rix0rrr deleted the pirocchi/snk branch September 11, 2018 08:27
@rix0rrr rix0rrr restored the pirocchi/snk branch September 11, 2018 08:46
@rix0rrr
Copy link
Contributor

rix0rrr commented Sep 11, 2018

Poop, this should have been merged into master.

rix0rrr pushed a commit that referenced this pull request Sep 11, 2018
The headliners of this release are __.NET support__, and a wealth of commits by external contributors who are stepping
up to fix the CDK for their use cases! Thanks all for the effort put into this release!

* Add strongly-named .NET targets, and a `cdk init` template for C# projects ([@mpiroc] in [#617](#617), [#643](#643)).
* __@aws-cdk/aws-autoscaling__: Allow attaching additional security groups to Launch Configuration ([@moofish32] in [#636](#636)).
* __@aws-cdk/aws-autoscaling__: Support update and creation policies on AutoScalingGroups ([@rix0rrr] in [#595](#595)).
* __@aws-cdk/aws-codebuild__: Add support for running script from an asset ([@rix0rrr] in [#677](#677)).
* __@aws-cdk/aws-codebuild__: New method `addBuildToPipeline` on Project ([@skinny85] in [783dcb3](783dcb3)).
* __@aws-cdk/aws-codecommit__: New method `addToPipeline` on Repository ([@skinny85] in [#616](#616)).
* __@aws-cdk/aws-codedeploy__: Add initial support for CodeDeploy ([@skinny85] in [#593](#593), [#641](#641)).
* __@aws-cdk/aws-dynamodb__: Add support for DynamoDB autoscaling ([@SeekerWing] in [#637](#637)).
* __@aws-cdk/aws-dynamodb__: Add support for DynamoDB streams ([@rhboyd] in [#633](#633)).
* __@aws-cdk/aws-dynamodb__: Add support for server-side encryption ([@jungseoklee] in [#684](#864)).
* __@aws-cdk/aws-ec2__ (_**BREAKING**_): SecurityGroup can now be used as a Connectable [#582](#582)).
* __@aws-cdk/aws-ec2__: Add VPC tagging ([@moofish] in [#538](#538)).
* __@aws-cdk/aws-ec2__: Add support for `InstanceSize.Nano` ([@rix0rrr] in [#581](#581))
* __@aws-cdk/aws-lambda__: Add support for dead letter queues ([@SeekerWing] in [#663](#663)).
* __@aws-cdk/aws-lambda__: Add support for placing a Lambda in a VPC ([@rix0rrr] in [#598](#598)).
* __@aws-cdk/aws-logs__: Add `extractMetric()` helper function ([@rix0rrr] in [#676](#676)).
* __@aws-cdk/aws-rds__: Add support for Aurora PostreSQL/MySQL engines ([@cookejames] in [#586](#586))
* __@aws-cdk/aws-s3__: Additional grant methods for Buckets ([@eladb] in [#591](#591))
* __@aws-cdk/aws-s3__: New method `addToPipeline` on Bucket ([@skinny85] in [c8b7a49](c8b7a49)).
* __aws-cdk__: Add support for HTTP proxies ([@rix0rrr] in [#666](#666)).
* __aws-cdk__: Toolkit now shows failure reason if stack update fails ([@rix0rrr] in [#609](#609)).
* __cdk-build-tools__: Add support for running experiment JSII versions ([@RomainMuller] in [#649](#649)).

* _**BREAKING**_: Generate classes and types for the CloudFormation resource `.ref` attributes ([@rix0rrr] in [#627](#627)).
* _**BREAKING**_: Make types accepted in Policy-related classes narrower (from `any` to `Arn`, for example) to reduce typing mistakes ([@rix0rrr] in [#629](#629)).
* __@aws-cdk/aws-codepipeline__ (_**BREAKING**_): Align the CodePipeline APIs ([@skinny85] in [#492](#492), [#568](#568))
* __@aws-cdk/aws-ec2__ (_**BREAKING**_): Move Fleet/AutoScalingGroup to its own package ([@rix0rrr] in [#608](#608)).
* __aws-cdk__: Simplify plugin protocol ([@RomainMuller] in [#646](#646)).

* __@aws-cdk/aws-cloudfront__: Fix CloudFront behavior for ViewerProtocolPolicy ([@mindstorms6] in [#615](#615)).
* __@aws-cdk/aws-ec2__: VPC Placement now supports picking Isolated subnets ([@rix0rrr] in [#610](#610)).
* __@aws-cdk/aws-logs__: Add `export()/import()` capabilities ([@rix0rrr] in [#630](#630)).
* __@aws-cdk/aws-rds__: Fix a bug where a cluster with 1 instance could not be created ([@cookejames] in [#578](#578))
* __@aws-cdk/aws-s3__: Bucket notifications can now add dependencies, fixing creation order ([@eladb] in [#584](#584)).
* __@aws-cdk/aws-s3__: Remove useless bucket name validation ([@rix0rrr] in [#628](#628)).
* __@aws-cdk/aws-sqs__: Make `QueueRef.encryptionMasterKey` readonly ([@RomainMuller] in [#650](#650)).
* __assets__: S3 read permissions are granted on a prefix to fix lost permissions during asset update ([@rix0rrr] in [#510](#510)).
* __aws-cdk__: Remove bootstrapping error if multiple stacks are in the same environment ([@RomainMuller] in [#625](#625)).
* __aws-cdk__: Report and continue if git throws errors during `cdk init` ([@rix0rrr] in [#587](#587)).

* __@aws-cdk/cfnspec__: Updated [CloudFormation resource specification] to `v2.6.0` ([@RomainMuller] in [#594](#594))
  + **New AWS Construct Library**
    - `@aws-cdk/aws-sagemaker` supports AWS::SageMaker resources
  + **New Resource Types**
    - AWS::AmazonMQ::Broker
    - AWS::AmazonMQ::Configuration
    - AWS::CodePipeline::Webhook
    - AWS::Config::AggregationAuthorization
    - AWS::Config::ConfigurationAggregator
    - AWS::EC2::VPCEndpointConnectionNotification
    - AWS::EC2::VPCEndpointServicePermissions
    - AWS::IAM::ServiceLinkedRole
    - AWS::SSM::ResourceDataSync
    - AWS::SageMaker::Endpoint
    - AWS::SageMaker::EndpointConfig
    - AWS::SageMaker::Model
    - AWS::SageMaker::NotebookInstance
    - AWS::SageMaker::NotebookInstanceLifecycleConfig
  + **Attribute Changes**
    - AWS::CodePipeline::Pipeline Version (__added__)
  + **Property Changes**
    - AWS::AppSync::DataSource HttpConfig (__added__)
    - AWS::DAX::Cluster SSESpecification (__added__)
    - AWS::DynamoDB::Table Stream (__added__)
    - AWS::DynamoDB::Table AutoScalingSupport (__added__)
    - AWS::EC2::VPCEndpoint IsPrivateDnsEnabled (__added__)
    - AWS::EC2::VPCEndpoint SecurityGroupIds (__added__)
    - AWS::EC2::VPCEndpoint SubnetIds (__added__)
    - AWS::EC2::VPCEndpoint VPCEndpointType (__added__)
    - AWS::EC2::VPCEndpoint RouteTableIds.DuplicatesAllowed (__deleted__)
    - AWS::EC2::VPCPeeringConnection PeerRegion (__added__)
    - AWS::EFS::FileSystem ProvisionedThroughputInMibps (__added__)
    - AWS::EFS::FileSystem ThroughputMode (__added__)
    - AWS::EMR::Cluster KerberosAttributes (__added__)
    - AWS::Glue::Classifier JsonClassifier (__added__)
    - AWS::Glue::Classifier XMLClassifier (__added__)
    - AWS::Glue::Crawler Configuration (__added__)
    - AWS::Lambda::Lambda DLQConfigurationSupport (__added__)
    - AWS::Neptune::DBInstance DBSubnetGroupName.UpdateType (__changed__)
      - Old: Mutable
      - New: Immutable
    - AWS::SNS::Subscription DeliveryPolicy (__added__)
    - AWS::SNS::Subscription FilterPolicy (__added__)
    - AWS::SNS::Subscription RawMessageDelivery (__added__)
    - AWS::SNS::Subscription Region (__added__)
    - AWS::SQS::Queue Tags (__added__)
    - AWS::ServiceDiscovery::Service HealthCheckCustomConfig (__added__)
  + **Property Type Changes**
    - AWS::AppSync::DataSource.HttpConfig (__added__)
    - AWS::DAX::Cluster.SSESpecification (__added__)
    - AWS::EMR::Cluster.KerberosAttributes (__added__)
    - AWS::Glue::Classifier.JsonClassifier (__added__)
    - AWS::Glue::Classifier.XMLClassifier (__added__)
    - AWS::ServiceDiscovery::Service.HealthCheckCustomConfig (__added__)
    - AWS::CloudFront::Distribution.CacheBehavior FieldLevelEncryptionId (__added__)
    - AWS::CloudFront::Distribution.DefaultCacheBehavior FieldLevelEncryptionId (__added__)
    - AWS::CodeBuild::Project.Artifacts EncryptionDisabled (__added__)
    - AWS::CodeBuild::Project.Artifacts OverrideArtifactName (__added__)
    - AWS::CodeBuild::Project.Environment Certificate (__added__)
    - AWS::CodeBuild::Project.Source ReportBuildStatus (__added__)
    - AWS::ServiceDiscovery::Service.DnsConfig RoutingPolicy (__added__)
    - AWS::WAF::WebACL.ActivatedRule Action.Required (__changed__)
      - Old: true
      - New: false

* __@aws-cdk/cfnspec__: Updated Serverless Application Model (SAM) Resource Specification ([@RomainMuller] in [#594](#594))
  + **Property Changes**
    - AWS::Serverless::Api MethodSettings (__added__)
  + **Property Type Changes**
    - AWS::Serverless::Function.SQSEvent (__added__)
    - AWS::Serverless::Function.EventSource Properties.Types (__changed__)
      - Added SQSEvent
@rix0rrr rix0rrr mentioned this pull request Sep 11, 2018
rix0rrr added a commit that referenced this pull request Sep 11, 2018
The headliners of this release are __.NET support__, and a wealth of commits by external contributors who are stepping
up to fix the CDK for their use cases! Thanks all for the effort put into this release!

* Add strongly-named .NET targets, and a `cdk init` template for C# projects ([@mpiroc] in [#617](#617), [#643](#643)).
* __@aws-cdk/aws-autoscaling__: Allow attaching additional security groups to Launch Configuration ([@moofish32] in [#636](#636)).
* __@aws-cdk/aws-autoscaling__: Support update and creation policies on AutoScalingGroups ([@rix0rrr] in [#595](#595)).
* __@aws-cdk/aws-codebuild__: Add support for running script from an asset ([@rix0rrr] in [#677](#677)).
* __@aws-cdk/aws-codebuild__: New method `addBuildToPipeline` on Project ([@skinny85] in [783dcb3](783dcb3)).
* __@aws-cdk/aws-codecommit__: New method `addToPipeline` on Repository ([@skinny85] in [#616](#616)).
* __@aws-cdk/aws-codedeploy__: Add initial support for CodeDeploy ([@skinny85] in [#593](#593), [#641](#641)).
* __@aws-cdk/aws-dynamodb__: Add support for DynamoDB autoscaling ([@SeekerWing] in [#637](#637)).
* __@aws-cdk/aws-dynamodb__: Add support for DynamoDB streams ([@rhboyd] in [#633](#633)).
* __@aws-cdk/aws-dynamodb__: Add support for server-side encryption ([@jungseoklee] in [#684](#864)).
* __@aws-cdk/aws-ec2__ (_**BREAKING**_): SecurityGroup can now be used as a Connectable [#582](#582)).
* __@aws-cdk/aws-ec2__: Add VPC tagging ([@moofish] in [#538](#538)).
* __@aws-cdk/aws-ec2__: Add support for `InstanceSize.Nano` ([@rix0rrr] in [#581](#581))
* __@aws-cdk/aws-lambda__: Add support for dead letter queues ([@SeekerWing] in [#663](#663)).
* __@aws-cdk/aws-lambda__: Add support for placing a Lambda in a VPC ([@rix0rrr] in [#598](#598)).
* __@aws-cdk/aws-logs__: Add `extractMetric()` helper function ([@rix0rrr] in [#676](#676)).
* __@aws-cdk/aws-rds__: Add support for Aurora PostreSQL/MySQL engines ([@cookejames] in [#586](#586))
* __@aws-cdk/aws-s3__: Additional grant methods for Buckets ([@eladb] in [#591](#591))
* __@aws-cdk/aws-s3__: New method `addToPipeline` on Bucket ([@skinny85] in [c8b7a49](c8b7a49)).
* __aws-cdk__: Add support for HTTP proxies ([@rix0rrr] in [#666](#666)).
* __aws-cdk__: Toolkit now shows failure reason if stack update fails ([@rix0rrr] in [#609](#609)).
* __cdk-build-tools__: Add support for running experiment JSII versions ([@RomainMuller] in [#649](#649)).

* _**BREAKING**_: Generate classes and types for the CloudFormation resource `.ref` attributes ([@rix0rrr] in [#627](#627)).
* _**BREAKING**_: Make types accepted in Policy-related classes narrower (from `any` to `Arn`, for example) to reduce typing mistakes ([@rix0rrr] in [#629](#629)).
* __@aws-cdk/aws-codepipeline__ (_**BREAKING**_): Align the CodePipeline APIs ([@skinny85] in [#492](#492), [#568](#568))
* __@aws-cdk/aws-ec2__ (_**BREAKING**_): Move Fleet/AutoScalingGroup to its own package ([@rix0rrr] in [#608](#608)).
* __aws-cdk__: Simplify plugin protocol ([@RomainMuller] in [#646](#646)).

* __@aws-cdk/aws-cloudfront__: Fix CloudFront behavior for ViewerProtocolPolicy ([@mindstorms6] in [#615](#615)).
* __@aws-cdk/aws-ec2__: VPC Placement now supports picking Isolated subnets ([@rix0rrr] in [#610](#610)).
* __@aws-cdk/aws-logs__: Add `export()/import()` capabilities ([@rix0rrr] in [#630](#630)).
* __@aws-cdk/aws-rds__: Fix a bug where a cluster with 1 instance could not be created ([@cookejames] in [#578](#578))
* __@aws-cdk/aws-s3__: Bucket notifications can now add dependencies, fixing creation order ([@eladb] in [#584](#584)).
* __@aws-cdk/aws-s3__: Remove useless bucket name validation ([@rix0rrr] in [#628](#628)).
* __@aws-cdk/aws-sqs__: Make `QueueRef.encryptionMasterKey` readonly ([@RomainMuller] in [#650](#650)).
* __assets__: S3 read permissions are granted on a prefix to fix lost permissions during asset update ([@rix0rrr] in [#510](#510)).
* __aws-cdk__: Remove bootstrapping error if multiple stacks are in the same environment ([@RomainMuller] in [#625](#625)).
* __aws-cdk__: Report and continue if git throws errors during `cdk init` ([@rix0rrr] in [#587](#587)).

* __@aws-cdk/cfnspec__: Updated [CloudFormation resource specification] to `v2.6.0` ([@RomainMuller] in [#594](#594))
  + **New AWS Construct Library**
    - `@aws-cdk/aws-sagemaker` supports AWS::SageMaker resources
  + **New Resource Types**
    - AWS::AmazonMQ::Broker
    - AWS::AmazonMQ::Configuration
    - AWS::CodePipeline::Webhook
    - AWS::Config::AggregationAuthorization
    - AWS::Config::ConfigurationAggregator
    - AWS::EC2::VPCEndpointConnectionNotification
    - AWS::EC2::VPCEndpointServicePermissions
    - AWS::IAM::ServiceLinkedRole
    - AWS::SSM::ResourceDataSync
    - AWS::SageMaker::Endpoint
    - AWS::SageMaker::EndpointConfig
    - AWS::SageMaker::Model
    - AWS::SageMaker::NotebookInstance
    - AWS::SageMaker::NotebookInstanceLifecycleConfig
  + **Attribute Changes**
    - AWS::CodePipeline::Pipeline Version (__added__)
  + **Property Changes**
    - AWS::AppSync::DataSource HttpConfig (__added__)
    - AWS::DAX::Cluster SSESpecification (__added__)
    - AWS::DynamoDB::Table Stream (__added__)
    - AWS::DynamoDB::Table AutoScalingSupport (__added__)
    - AWS::EC2::VPCEndpoint IsPrivateDnsEnabled (__added__)
    - AWS::EC2::VPCEndpoint SecurityGroupIds (__added__)
    - AWS::EC2::VPCEndpoint SubnetIds (__added__)
    - AWS::EC2::VPCEndpoint VPCEndpointType (__added__)
    - AWS::EC2::VPCEndpoint RouteTableIds.DuplicatesAllowed (__deleted__)
    - AWS::EC2::VPCPeeringConnection PeerRegion (__added__)
    - AWS::EFS::FileSystem ProvisionedThroughputInMibps (__added__)
    - AWS::EFS::FileSystem ThroughputMode (__added__)
    - AWS::EMR::Cluster KerberosAttributes (__added__)
    - AWS::Glue::Classifier JsonClassifier (__added__)
    - AWS::Glue::Classifier XMLClassifier (__added__)
    - AWS::Glue::Crawler Configuration (__added__)
    - AWS::Lambda::Lambda DLQConfigurationSupport (__added__)
    - AWS::Neptune::DBInstance DBSubnetGroupName.UpdateType (__changed__)
      - Old: Mutable
      - New: Immutable
    - AWS::SNS::Subscription DeliveryPolicy (__added__)
    - AWS::SNS::Subscription FilterPolicy (__added__)
    - AWS::SNS::Subscription RawMessageDelivery (__added__)
    - AWS::SNS::Subscription Region (__added__)
    - AWS::SQS::Queue Tags (__added__)
    - AWS::ServiceDiscovery::Service HealthCheckCustomConfig (__added__)
  + **Property Type Changes**
    - AWS::AppSync::DataSource.HttpConfig (__added__)
    - AWS::DAX::Cluster.SSESpecification (__added__)
    - AWS::EMR::Cluster.KerberosAttributes (__added__)
    - AWS::Glue::Classifier.JsonClassifier (__added__)
    - AWS::Glue::Classifier.XMLClassifier (__added__)
    - AWS::ServiceDiscovery::Service.HealthCheckCustomConfig (__added__)
    - AWS::CloudFront::Distribution.CacheBehavior FieldLevelEncryptionId (__added__)
    - AWS::CloudFront::Distribution.DefaultCacheBehavior FieldLevelEncryptionId (__added__)
    - AWS::CodeBuild::Project.Artifacts EncryptionDisabled (__added__)
    - AWS::CodeBuild::Project.Artifacts OverrideArtifactName (__added__)
    - AWS::CodeBuild::Project.Environment Certificate (__added__)
    - AWS::CodeBuild::Project.Source ReportBuildStatus (__added__)
    - AWS::ServiceDiscovery::Service.DnsConfig RoutingPolicy (__added__)
    - AWS::WAF::WebACL.ActivatedRule Action.Required (__changed__)
      - Old: true
      - New: false

* __@aws-cdk/cfnspec__: Updated Serverless Application Model (SAM) Resource Specification ([@RomainMuller] in [#594](#594))
  + **Property Changes**
    - AWS::Serverless::Api MethodSettings (__added__)
  + **Property Type Changes**
    - AWS::Serverless::Function.SQSEvent (__added__)
    - AWS::Serverless::Function.EventSource Properties.Types (__changed__)
      - Added SQSEvent
@rix0rrr rix0rrr deleted the pirocchi/snk branch September 11, 2018 09:44
RomainMuller added a commit that referenced this pull request Oct 31, 2018
Adds a `pkglint` rule to enforce presence of the `*.snk` pattern in both the `.gitignore`
and `.npmignore` file as a way to make it harder for one to accidentially push the
material to public locations.

This was missed in #643.
rix0rrr pushed a commit that referenced this pull request Nov 6, 2018
Bug Fixes
=========

* **aws-autoscaling:** allow minSize to be set to 0 ([#1015](#1015)) ([67f7fa1](67f7fa1))
* **aws-codebuild:** correctly pass the timeout property to CFN when creating a Project. ([#1071](#1071)) ([b1322bb](b1322bb))
* **aws-codebuild:** correctly set S3 path when using it as artifact. ([#1072](#1072)) ([f32cba9](f32cba9))
* **aws-kms:** add output value when exporting an encryption key ([#1036](#1036)) ([cb490be](cb490be))
* Switch from `js-yaml` to `yaml` ([#1092](#1092)) ([0b132b5](0b132b5))

Features
=========

* **applets:** integrate into toolkit ([#1039](#1039)) ([fdabe95](fdabe95)), closes [#849](#849) [#342](#342) [#291](#291)
* **aws-codecommit:** use CloudWatch Events instead of polling by default in the CodePipeline Action. ([#1026](#1026)) ([d09d30c](d09d30c))
* **aws-dynamodb:** allow specifying partition/sort keys in props ([#1054](#1054)) ([ec87331](ec87331)), closes [#1051](#1051)
* **aws-ec2:** AmazonLinuxImage supports AL2 ([#1081](#1081)) ([97b57a5](97b57a5)), closes [#1062](#1062)
* **aws-lambda:** high level API for event sources ([#1063](#1063)) ([1be3442](1be3442))
* **aws-sqs:** improvements to IAM grants API ([#1052](#1052)) ([6f2475e](6f2475e))
* don't upload the same asset multiple times ([#1011](#1011)) ([35937b6](35937b6)), closes [#989](#989)
* **codepipeline/cfn:** Use fewer statements for pipeline permissions ([#1009](#1009)) ([8f4c2ab](8f4c2ab))
* add a new construct library for ECS ([#1058](#1058)) ([ae03ddb](ae03ddb))
* **pkglint:** Make sure .snk files are ignored ([#1049](#1049)) ([53c8d76](53c8d76)), closes [#643](#643)
* **toolkit:** deployment ui improvements ([#1067](#1067)) ([c832eaf](c832eaf))

BREAKING CHANGES
=========

* The ec2.Connections object has been changed to be able to manage multiple
  security groups. The relevant property has been changed from `securityGroup`
  to `securityGroups` (an array of security group objects).
* **aws-codecommit:** This modifies the default behavior of the CodeCommit
  Action.  It also changes the internal API contract between the
  aws-codepipeline-api module and the CodePipeline Actions in the service
  packages.
* **applets:** The applet schema has changed to allow Multiple applets can be
  define in one file by structuring the files like this:
* **applets:** The applet schema has changed to allow definition of multiple
  applets in the same file.

The schema now looks like this:

    applets:
      MyApplet:
        type: ./my-applet-file
        properties:
          property1: value
          ...
By starting an applet specifier with npm://, applet modules can
directly be referenced in NPM. You can include a version specifier
(@1.2.3) to reference specific versions.
* **aws-sqs:** `queue.grantReceiveMessages` has been removed. It is unlikely
  that this would be sufficient to interact with a queue. Alternatively you can
  use `queue.grantConsumeMessages` or `queue.grant('sqs:ReceiveMessage')` if
  there's a need to only grant this action.
@rix0rrr rix0rrr mentioned this pull request Nov 6, 2018
rix0rrr pushed a commit that referenced this pull request Nov 6, 2018
Bug Fixes
========

* **aws-autoscaling:** allow minSize to be set to 0 ([#1015](#1015)) ([67f7fa1](67f7fa1))
* **aws-codebuild:** correctly pass the timeout property to CFN when creating a Project. ([#1071](#1071)) ([b1322bb](b1322bb))
* **aws-codebuild:** correctly set S3 path when using it as artifact. ([#1072](#1072)) ([f32cba9](f32cba9))
* **aws-kms:** add output value when exporting an encryption key ([#1036](#1036)) ([cb490be](cb490be))
* Switch from `js-yaml` to `yaml` ([#1092](#1092)) ([0b132b5](0b132b5))

Features
========

* don't upload the same asset multiple times ([#1011](#1011)) ([35937b6](35937b6)), closes [#989](#989)
* **app-delivery:** CI/CD for CDK Stacks ([#1022](#1022)) ([f2fe4e9](f2fe4e9))
* add a new construct library for ECS ([#1058](#1058)) ([ae03ddb](ae03ddb))
* **applets:** integrate into toolkit ([#1039](#1039)) ([fdabe95](fdabe95)), closes [#849](#849) [#342](#342) [#291](#291)
* **aws-codecommit:** use CloudWatch Events instead of polling by default in the CodePipeline Action. ([#1026](#1026)) ([d09d30c](d09d30c))
* **aws-dynamodb:** allow specifying partition/sort keys in props ([#1054](#1054)) ([ec87331](ec87331)), closes [#1051](#1051)
* **aws-ec2:** AmazonLinuxImage supports AL2 ([#1081](#1081)) ([97b57a5](97b57a5)), closes [#1062](#1062)
* **aws-lambda:** high level API for event sources ([#1063](#1063)) ([1be3442](1be3442))
* **aws-sqs:** improvements to IAM grants API ([#1052](#1052)) ([6f2475e](6f2475e))
* **codepipeline/cfn:** Use fewer statements for pipeline permissions ([#1009](#1009)) ([8f4c2ab](8f4c2ab))
* **pkglint:** Make sure .snk files are ignored ([#1049](#1049)) ([53c8d76](53c8d76)), closes [#643](#643)
* **toolkit:** deployment ui improvements ([#1067](#1067)) ([c832eaf](c832eaf))
* Update to CloudFormation resource specification v2.11.0

BREAKING CHANGES
========

* The ec2.Connections object has been changed to be able to manage multiple
  security groups. The relevant property has been changed from `securityGroup`
  to `securityGroups` (an array of security group objects).
* **aws-codecommit:** this modifies the default behavior of the CodeCommit
  Action.  It also changes the internal API contract between the
  aws-codepipeline-api module and the CodePipeline Actions in the service
  packages.
* **applets:** The applet schema has changed to allow Multiple applets can be
  define in one file by structuring the files like this:
* **applets:** The applet schema has changed to allow definition of multiple
  applets in the same file.

The schema now looks like this:

    applets:
      MyApplet:
        type: ./my-applet-file
        properties:
          property1: value
          ...
By starting an applet specifier with npm://, applet modules can directly be
referenced in NPM. You can include a version specifier (@1.2.3) to reference
specific versions.
* **aws-sqs:** `queue.grantReceiveMessages` has been removed. It is unlikely
  that this would be sufficient to interact with a queue. Alternatively you can
  use `queue.grantConsumeMessages` or `queue.grant('sqs:ReceiveMessage')` if
  there's a need to only grant this action.
rix0rrr added a commit that referenced this pull request Nov 6, 2018
Bug Fixes
========

* **aws-autoscaling:** allow minSize to be set to 0 ([#1015](#1015)) ([67f7fa1](67f7fa1))
* **aws-codebuild:** correctly pass the timeout property to CFN when creating a Project. ([#1071](#1071)) ([b1322bb](b1322bb))
* **aws-codebuild:** correctly set S3 path when using it as artifact. ([#1072](#1072)) ([f32cba9](f32cba9))
* **aws-kms:** add output value when exporting an encryption key ([#1036](#1036)) ([cb490be](cb490be))
* Switch from `js-yaml` to `yaml` ([#1092](#1092)) ([0b132b5](0b132b5))

Features
========

* don't upload the same asset multiple times ([#1011](#1011)) ([35937b6](35937b6)), closes [#989](#989)
* **app-delivery:** CI/CD for CDK Stacks ([#1022](#1022)) ([f2fe4e9](f2fe4e9))
* add a new construct library for ECS ([#1058](#1058)) ([ae03ddb](ae03ddb))
* **applets:** integrate into toolkit ([#1039](#1039)) ([fdabe95](fdabe95)), closes [#849](#849) [#342](#342) [#291](#291)
* **aws-codecommit:** use CloudWatch Events instead of polling by default in the CodePipeline Action. ([#1026](#1026)) ([d09d30c](d09d30c))
* **aws-dynamodb:** allow specifying partition/sort keys in props ([#1054](#1054)) ([ec87331](ec87331)), closes [#1051](#1051)
* **aws-ec2:** AmazonLinuxImage supports AL2 ([#1081](#1081)) ([97b57a5](97b57a5)), closes [#1062](#1062)
* **aws-lambda:** high level API for event sources ([#1063](#1063)) ([1be3442](1be3442))
* **aws-sqs:** improvements to IAM grants API ([#1052](#1052)) ([6f2475e](6f2475e))
* **codepipeline/cfn:** Use fewer statements for pipeline permissions ([#1009](#1009)) ([8f4c2ab](8f4c2ab))
* **pkglint:** Make sure .snk files are ignored ([#1049](#1049)) ([53c8d76](53c8d76)), closes [#643](#643)
* **toolkit:** deployment ui improvements ([#1067](#1067)) ([c832eaf](c832eaf))
* Update to CloudFormation resource specification v2.11.0

BREAKING CHANGES
========

* The ec2.Connections object has been changed to be able to manage multiple
  security groups. The relevant property has been changed from `securityGroup`
  to `securityGroups` (an array of security group objects).
* **aws-codecommit:** this modifies the default behavior of the CodeCommit
  Action.  It also changes the internal API contract between the
  aws-codepipeline-api module and the CodePipeline Actions in the service
  packages.
* **applets:** The applet schema has changed to allow Multiple applets can be
  define in one file by structuring the files like this:
* **applets:** The applet schema has changed to allow definition of multiple
  applets in the same file.

The schema now looks like this:

    applets:
      MyApplet:
        type: ./my-applet-file
        properties:
          property1: value
          ...
By starting an applet specifier with npm://, applet modules can directly be
referenced in NPM. You can include a version specifier (@1.2.3) to reference
specific versions.
* **aws-sqs:** `queue.grantReceiveMessages` has been removed. It is unlikely
  that this would be sufficient to interact with a queue. Alternatively you can
  use `queue.grantConsumeMessages` or `queue.grant('sqs:ReceiveMessage')` if
  there's a need to only grant this action.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants