Skip to content

Commit

Permalink
Merge branch 'master' into huijbers/bottle-rocket-type
Browse files Browse the repository at this point in the history
  • Loading branch information
mergify[bot] authored Aug 13, 2021
2 parents ca976c6 + f570c94 commit 6b2c243
Show file tree
Hide file tree
Showing 8 changed files with 369 additions and 141 deletions.
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
import { arrayWith, countResources, expect, haveResourceLike, not, objectLike } from '@aws-cdk/assert-internal';
import { ABSENT, arrayWith, countResources, expect, haveResourceLike, not, objectLike } from '@aws-cdk/assert-internal';
import * as codebuild from '@aws-cdk/aws-codebuild';
import * as codecommit from '@aws-cdk/aws-codecommit';
import * as codepipeline from '@aws-cdk/aws-codepipeline';
Expand Down Expand Up @@ -38,6 +38,91 @@ nodeunitShim({
test.done();
},

'cross-account CodeCommit Repository Source does not use target role in source stack'(test: Test) {
// Test for https://github.com/aws/aws-cdk/issues/15639
const app = new App();
const sourceStack = new Stack(app, 'SourceStack', { env: { account: '1234', region: 'north-pole' } });
const targetStack = new Stack(app, 'TargetStack', { env: { account: '5678', region: 'north-pole' } });

const repo = new codecommit.Repository(sourceStack, 'MyRepo', {
repositoryName: 'my-repo',
});

const sourceOutput = new codepipeline.Artifact();
new codepipeline.Pipeline(targetStack, 'MyPipeline', {
stages: [
{
stageName: 'Source',
actions: [
new cpactions.CodeCommitSourceAction({ actionName: 'Source', repository: repo, output: sourceOutput }),
],
},
{
stageName: 'Build',
actions: [
new cpactions.CodeBuildAction({ actionName: 'Build', project: new codebuild.PipelineProject(targetStack, 'MyProject'), input: sourceOutput }),
],
},
],
});

// THEN - creates a Rule in the source stack targeting the pipeline stack's event bus using a generated role
expect(sourceStack).to(haveResourceLike('AWS::Events::Rule', {
EventPattern: {
source: ['aws.codecommit'],
resources: [
{ 'Fn::GetAtt': ['MyRepoF4F48043', 'Arn'] },
],
},
Targets: [{
RoleARN: ABSENT,
Arn: {
'Fn::Join': ['', [
'arn:',
{ 'Ref': 'AWS::Partition' },
':events:north-pole:5678:event-bus/default',
]],
},
}],
}));

// THEN - creates a Rule in the pipeline stack using the role to start the pipeline
expect(targetStack).to(haveResourceLike('AWS::Events::Rule', {
'EventPattern': {
'source': [
'aws.codecommit',
],
'resources': [
{
'Fn::Join': [
'',
[
'arn:',
{ 'Ref': 'AWS::Partition' },
':codecommit:north-pole:1234:my-repo',
],
],
},
],
},
'Targets': [
{
'Arn': {
'Fn::Join': ['', [
'arn:',
{ 'Ref': 'AWS::Partition' },
':codepipeline:north-pole:5678:',
{ 'Ref': 'MyPipelineAED38ECF' },
]],
},
'RoleArn': { 'Fn::GetAtt': ['MyPipelineEventsRoleFAB99F32', 'Arn'] },
},
],
}));

test.done();
},

'does not poll for source changes and uses Events for CodeCommitTrigger.EVENTS'(test: Test) {
const stack = new Stack();

Expand Down
10 changes: 9 additions & 1 deletion packages/@aws-cdk/aws-ec2/lib/nat.ts
Original file line number Diff line number Diff line change
Expand Up @@ -222,6 +222,14 @@ class NatGatewayProvider extends NatProvider {
}

public configureNat(options: ConfigureNatOptions) {
if (
this.props.eipAllocationIds != null
&& !Token.isUnresolved(this.props.eipAllocationIds)
&& this.props.eipAllocationIds.length < options.natSubnets.length
) {
throw new Error(`Not enough NAT gateway EIP allocation IDs (${this.props.eipAllocationIds.length} provided) for the requested subnet count (${options.natSubnets.length} needed).`);
}

// Create the NAT gateways
let i = 0;
for (const sub of options.natSubnets) {
Expand Down Expand Up @@ -413,4 +421,4 @@ function pickN(i: number, xs: string[]) {
}

return xs[i];
}
}
46 changes: 35 additions & 11 deletions packages/@aws-cdk/aws-ec2/test/vpc.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ nodeunitShim({
'vpc.vpcId returns a token to the VPC ID'(test: Test) {
const stack = getTestStack();
const vpc = new Vpc(stack, 'TheVPC');
test.deepEqual(stack.resolve(vpc.vpcId), { Ref: 'TheVPC92636AB0' } );
test.deepEqual(stack.resolve(vpc.vpcId), { Ref: 'TheVPC92636AB0' });
test.done();
},

Expand All @@ -55,11 +55,11 @@ nodeunitShim({
new Vpc(stack, 'TheVPC');
cdkExpect(stack).to(
haveResource('AWS::EC2::VPC',
hasTags( [{ Key: 'Name', Value: 'TestStack/TheVPC' }])),
hasTags([{ Key: 'Name', Value: 'TestStack/TheVPC' }])),
);
cdkExpect(stack).to(
haveResource('AWS::EC2::InternetGateway',
hasTags( [{ Key: 'Name', Value: 'TestStack/TheVPC' }])),
hasTags([{ Key: 'Name', Value: 'TestStack/TheVPC' }])),
);
test.done();
},
Expand All @@ -86,7 +86,7 @@ nodeunitShim({

'dns getters correspond to CFN properties': (() => {

const tests: any = { };
const tests: any = {};

const inputs = [
{ dnsSupport: false, dnsHostnames: false },
Expand Down Expand Up @@ -173,8 +173,7 @@ nodeunitShim({
},
],
});
cdkExpect(stack).to(countResources('AWS::EC2::InternetGateway', 1))
;
cdkExpect(stack).to(countResources('AWS::EC2::InternetGateway', 1));
cdkExpect(stack).notTo(haveResource('AWS::EC2::NatGateway'));
test.done();
},
Expand Down Expand Up @@ -223,7 +222,7 @@ nodeunitShim({
'with no subnets defined, the VPC should have an IGW, and a NAT Gateway per AZ'(test: Test) {
const stack = getTestStack();
const zones = stack.availabilityZones.length;
new Vpc(stack, 'TheVPC', { });
new Vpc(stack, 'TheVPC', {});
cdkExpect(stack).to(countResources('AWS::EC2::InternetGateway', 1));
cdkExpect(stack).to(countResources('AWS::EC2::NatGateway', zones));
test.done();
Expand Down Expand Up @@ -251,7 +250,7 @@ nodeunitShim({
cdkExpect(stack).to(haveResource('AWS::EC2::InternetGateway'));
cdkExpect(stack).to(haveResourceLike('AWS::EC2::Route', {
DestinationCidrBlock: '8.8.8.8/32',
GatewayId: { },
GatewayId: {},
}));
test.done();
},
Expand Down Expand Up @@ -457,7 +456,7 @@ nodeunitShim({
}
cdkExpect(stack).to(haveResourceLike('AWS::EC2::Route', {
DestinationCidrBlock: '0.0.0.0/0',
NatGatewayId: { },
NatGatewayId: {},
}));

test.done();
Expand All @@ -475,7 +474,7 @@ nodeunitShim({
}
cdkExpect(stack).to(haveResourceLike('AWS::EC2::Route', {
DestinationCidrBlock: '0.0.0.0/0',
NatGatewayId: { },
NatGatewayId: {},
}));
test.done();
},
Expand All @@ -489,7 +488,7 @@ nodeunitShim({
cdkExpect(stack).to(countResources('AWS::EC2::NatGateway', 1));
cdkExpect(stack).to(haveResourceLike('AWS::EC2::Route', {
DestinationCidrBlock: '0.0.0.0/0',
NatGatewayId: { },
NatGatewayId: {},
}));
test.done();
},
Expand Down Expand Up @@ -873,6 +872,31 @@ nodeunitShim({
test.done();
},

'NAT gateway provider with insufficient EIP allocations'(test: Test) {
const stack = new Stack();
const natGatewayProvider = NatProvider.gateway({ eipAllocationIds: ['a'] });
expect(() => new Vpc(stack, 'VpcNetwork', { natGatewayProvider }))
.toThrow(/Not enough NAT gateway EIP allocation IDs \(1 provided\) for the requested subnet count \(\d+ needed\)/);

test.done();
},

'NAT gateway provider with token EIP allocations'(test: Test) {
const stack = new Stack();
const eipAllocationIds = Fn.split(',', Fn.importValue('myVpcId'));
const natGatewayProvider = NatProvider.gateway({ eipAllocationIds });
new Vpc(stack, 'VpcNetwork', { natGatewayProvider });

cdkExpect(stack).to(haveResource('AWS::EC2::NatGateway', {
AllocationId: stack.resolve(Fn.select(0, eipAllocationIds)),
}));
cdkExpect(stack).to(haveResource('AWS::EC2::NatGateway', {
AllocationId: stack.resolve(Fn.select(1, eipAllocationIds)),
}));

test.done();
},

'Can add an IPv6 route'(test: Test) {
// GIVEN
const stack = getTestStack();
Expand Down
2 changes: 1 addition & 1 deletion packages/@aws-cdk/aws-ecs/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -907,7 +907,7 @@ taskDefinition.addContainer('cont', {
Please note, ECS Exec leverages AWS Systems Manager (SSM). So as a prerequisite for the exec command
to work, you need to have the SSM plugin for the AWS CLI installed locally. For more information, see
[Install Session Manager plugin for AWS CLI] (https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-working-with-install-plugin.html).
[Install Session Manager plugin for AWS CLI](https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-working-with-install-plugin.html).
To enable the ECS Exec feature for your containers, set the boolean flag `enableExecuteCommand` to `true` in
your `Ec2Service` or `FargateService`.
Expand Down
Loading

0 comments on commit 6b2c243

Please sign in to comment.