From 96f8a508ecfccd6fc03e101bc3a1450715e53f99 Mon Sep 17 00:00:00 2001 From: "Kamat, Trivikram" <16024985+trivikr@users.noreply.github.com> Date: Thu, 10 Aug 2023 15:33:35 +0000 Subject: [PATCH 1/5] chore(aws-ec2): using aws-sdk-js-codemod for moving to JS SDK v3 npx aws-sdk-js-codemod@latest -t v2-to-v3 packages/aws-cdk-lib/aws-ec2/**/*.ts The command used aws-sdk-js-codemod@0.17.5 --- .../aws-ec2/lib/cfn-init-elements.ts | 40 +++++++++---------- packages/aws-cdk-lib/aws-ec2/lib/cfn-init.ts | 2 +- .../index.ts | 20 ++++++---- .../test/import-certificates-handler/index.ts | 10 ++--- .../aws-cdk-lib/aws-ec2/test/volume.test.ts | 18 +++------ 5 files changed, 44 insertions(+), 46 deletions(-) diff --git a/packages/aws-cdk-lib/aws-ec2/lib/cfn-init-elements.ts b/packages/aws-cdk-lib/aws-ec2/lib/cfn-init-elements.ts index 8fff7b7ab5706..ac6dd6c569e3b 100644 --- a/packages/aws-cdk-lib/aws-ec2/lib/cfn-init-elements.ts +++ b/packages/aws-cdk-lib/aws-ec2/lib/cfn-init-elements.ts @@ -174,10 +174,10 @@ export interface InitCommandOptions { export abstract class InitCommandWaitDuration { /** Wait for a specified duration after a command. */ public static of(duration: Duration): InitCommandWaitDuration { - return new class extends InitCommandWaitDuration { + return new (class extends InitCommandWaitDuration { /** @internal */ public _render() { return duration.toSeconds(); } - }(); + })(); } /** Do not wait for this command. */ @@ -330,7 +330,7 @@ export abstract class InitFile extends InitElement { if (!content) { throw new Error(`InitFile ${fileName}: cannot create empty file. Please supply at least one character of content.`); } - return new class extends InitFile { + return new (class extends InitFile { protected _doBind(bindOptions: InitBindOptions) { return { config: this._standardConfig(options, bindOptions.platform, { @@ -339,7 +339,7 @@ export abstract class InitFile extends InitElement { }), }; } - }(fileName, options); + })(fileName, options); } /** @@ -359,7 +359,7 @@ export abstract class InitFile extends InitElement { * May contain tokens. */ public static fromObject(fileName: string, obj: Record, options: InitFileOptions = {}): InitFile { - return new class extends InitFile { + return new (class extends InitFile { protected _doBind(bindOptions: InitBindOptions) { return { config: this._standardConfig(options, bindOptions.platform, { @@ -367,7 +367,7 @@ export abstract class InitFile extends InitElement { }), }; } - }(fileName, options); + })(fileName, options); } /** @@ -388,7 +388,7 @@ export abstract class InitFile extends InitElement { * Download from a URL at instance startup time */ public static fromUrl(fileName: string, url: string, options: InitFileOptions = {}): InitFile { - return new class extends InitFile { + return new (class extends InitFile { protected _doBind(bindOptions: InitBindOptions) { return { config: this._standardConfig(options, bindOptions.platform, { @@ -396,14 +396,14 @@ export abstract class InitFile extends InitElement { }), }; } - }(fileName, options); + })(fileName, options); } /** * Download a file from an S3 bucket at instance startup time */ public static fromS3Object(fileName: string, bucket: s3.IBucket, key: string, options: InitFileOptions = {}): InitFile { - return new class extends InitFile { + return new (class extends InitFile { protected _doBind(bindOptions: InitBindOptions) { bucket.grantRead(bindOptions.instanceRole, key); return { @@ -413,7 +413,7 @@ export abstract class InitFile extends InitElement { authentication: standardS3Auth(bindOptions.instanceRole, bucket.bucketName), }; } - }(fileName, options); + })(fileName, options); } /** @@ -422,7 +422,7 @@ export abstract class InitFile extends InitElement { * This is appropriate for files that are too large to embed into the template. */ public static fromAsset(targetFileName: string, path: string, options: InitFileAssetOptions = {}): InitFile { - return new class extends InitFile { + return new (class extends InitFile { protected _doBind(bindOptions: InitBindOptions) { const asset = new s3_assets.Asset(bindOptions.scope, `${targetFileName}Asset`, { path, @@ -438,14 +438,14 @@ export abstract class InitFile extends InitElement { assetHash: asset.assetHash, }; } - }(targetFileName, options); + })(targetFileName, options); } /** * Use a file from an asset at instance startup time */ public static fromExistingAsset(targetFileName: string, asset: s3_assets.Asset, options: InitFileOptions = {}): InitFile { - return new class extends InitFile { + return new (class extends InitFile { protected _doBind(bindOptions: InitBindOptions) { asset.grantRead(bindOptions.instanceRole); return { @@ -456,7 +456,7 @@ export abstract class InitFile extends InitElement { assetHash: asset.assetHash, }; } - }(targetFileName, options); + })(targetFileName, options); } public readonly elementType = InitElementType.FILE.toString(); @@ -923,7 +923,7 @@ export abstract class InitSource extends InitElement { * Extract an archive stored in an S3 bucket into the given directory */ public static fromS3Object(targetDirectory: string, bucket: s3.IBucket, key: string, options: InitSourceOptions = {}): InitSource { - return new class extends InitSource { + return new (class extends InitSource { protected _doBind(bindOptions: InitBindOptions) { bucket.grantRead(bindOptions.instanceRole, key); @@ -932,14 +932,14 @@ export abstract class InitSource extends InitElement { authentication: standardS3Auth(bindOptions.instanceRole, bucket.bucketName), }; } - }(targetDirectory, options.serviceRestartHandles); + })(targetDirectory, options.serviceRestartHandles); } /** * Create an InitSource from an asset created from the given path. */ public static fromAsset(targetDirectory: string, path: string, options: InitSourceAssetOptions = {}): InitSource { - return new class extends InitSource { + return new (class extends InitSource { protected _doBind(bindOptions: InitBindOptions) { const asset = new s3_assets.Asset(bindOptions.scope, `${targetDirectory}Asset`, { path, @@ -953,14 +953,14 @@ export abstract class InitSource extends InitElement { assetHash: asset.assetHash, }; } - }(targetDirectory, options.serviceRestartHandles); + })(targetDirectory, options.serviceRestartHandles); } /** * Extract a directory from an existing directory asset. */ public static fromExistingAsset(targetDirectory: string, asset: s3_assets.Asset, options: InitSourceOptions = {}): InitSource { - return new class extends InitSource { + return new (class extends InitSource { protected _doBind(bindOptions: InitBindOptions) { asset.grantRead(bindOptions.instanceRole); @@ -970,7 +970,7 @@ export abstract class InitSource extends InitElement { assetHash: asset.assetHash, }; } - }(targetDirectory, options.serviceRestartHandles); + })(targetDirectory, options.serviceRestartHandles); } public readonly elementType = InitElementType.SOURCE.toString(); diff --git a/packages/aws-cdk-lib/aws-ec2/lib/cfn-init.ts b/packages/aws-cdk-lib/aws-ec2/lib/cfn-init.ts index 5abcbc35fb926..e1e74f08dc4c3 100644 --- a/packages/aws-cdk-lib/aws-ec2/lib/cfn-init.ts +++ b/packages/aws-cdk-lib/aws-ec2/lib/cfn-init.ts @@ -308,7 +308,7 @@ function deepMerge(target?: Record, src?: Record) { throw new Error(`Trying to merge array [${value}] into a non-array '${target[key]}'`); } target[key] = Array.from(new Set([ - ...target[key] ?? [], + ...(target[key] ?? []), ...value, ])); continue; diff --git a/packages/aws-cdk-lib/aws-ec2/lib/restrict-default-security-group-handler/index.ts b/packages/aws-cdk-lib/aws-ec2/lib/restrict-default-security-group-handler/index.ts index f2072012329df..89b71d07d7851 100644 --- a/packages/aws-cdk-lib/aws-ec2/lib/restrict-default-security-group-handler/index.ts +++ b/packages/aws-cdk-lib/aws-ec2/lib/restrict-default-security-group-handler/index.ts @@ -1,12 +1,18 @@ // eslint-disable-next-line import/no-extraneous-dependencies -import { EC2 } from 'aws-sdk'; + + +import * as AWS_EC2 from "@aws-sdk/client-ec2"; + +const { + EC2 +} = AWS_EC2; const ec2 = new EC2(); /** * The default security group ingress rule. This can be used to both revoke and authorize the rules */ -function ingressRuleParams(groupId: string, account: string): EC2.RevokeSecurityGroupIngressRequest | EC2.AuthorizeSecurityGroupIngressRequest { +function ingressRuleParams(groupId: string, account: string): AWS_EC2.RevokeSecurityGroupIngressCommandInput | AWS_EC2.AuthorizeSecurityGroupIngressCommandInput { return { GroupId: groupId, IpPermissions: [{ @@ -22,7 +28,7 @@ function ingressRuleParams(groupId: string, account: string): EC2.RevokeSecurity /** * The default security group egress rule. This can be used to both revoke and authorize the rules */ -function egressRuleParams(groupId: string): EC2.RevokeSecurityGroupEgressRequest | EC2.AuthorizeSecurityGroupEgressRequest { +function egressRuleParams(groupId: string): AWS_EC2.RevokeSecurityGroupEgressCommandInput | AWS_EC2.AuthorizeSecurityGroupEgressCommandInput { return { GroupId: groupId, IpPermissions: [{ @@ -67,8 +73,8 @@ async function onUpdate(event: AWSLambda.CloudFormationCustomResourceUpdateEvent * Revoke both ingress and egress rules */ async function revokeRules(groupId: string, account: string): Promise { - await ec2.revokeSecurityGroupEgress(egressRuleParams(groupId)).promise(); - await ec2.revokeSecurityGroupIngress(ingressRuleParams(groupId, account)).promise(); + await ec2.revokeSecurityGroupEgress(egressRuleParams(groupId)); + await ec2.revokeSecurityGroupIngress(ingressRuleParams(groupId, account)); return; } @@ -76,7 +82,7 @@ async function revokeRules(groupId: string, account: string): Promise { * Authorize both ingress and egress rules */ async function authorizeRules(groupId: string, account: string): Promise { - await ec2.authorizeSecurityGroupIngress(ingressRuleParams(groupId, account)).promise(); - await ec2.authorizeSecurityGroupEgress(egressRuleParams(groupId)).promise(); + await ec2.authorizeSecurityGroupIngress(ingressRuleParams(groupId, account)); + await ec2.authorizeSecurityGroupEgress(egressRuleParams(groupId)); return; } diff --git a/packages/aws-cdk-lib/aws-ec2/test/import-certificates-handler/index.ts b/packages/aws-cdk-lib/aws-ec2/test/import-certificates-handler/index.ts index 8d89d4c8d8b5f..37d0b2b08b813 100644 --- a/packages/aws-cdk-lib/aws-ec2/test/import-certificates-handler/index.ts +++ b/packages/aws-cdk-lib/aws-ec2/test/import-certificates-handler/index.ts @@ -1,5 +1,5 @@ import * as fs from 'fs'; -import { ACM } from 'aws-sdk'; // eslint-disable-line import/no-extraneous-dependencies +import { ACM } from "@aws-sdk/client-acm"; const acm = new ACM(); @@ -12,7 +12,7 @@ export async function handler(event: AWSLambda.CloudFormationCustomResourceEvent Certificate: fs.readFileSync('./server.crt'), PrivateKey: fs.readFileSync('./server.key'), CertificateChain: fs.readFileSync('./ca.crt'), - }).promise(); + }); } let clientImport; @@ -21,7 +21,7 @@ export async function handler(event: AWSLambda.CloudFormationCustomResourceEvent Certificate: fs.readFileSync('./client1.domain.tld.crt'), PrivateKey: fs.readFileSync('./client1.domain.tld.key'), CertificateChain: fs.readFileSync('./ca.crt'), - }).promise(); + }); } return { @@ -36,12 +36,12 @@ export async function handler(event: AWSLambda.CloudFormationCustomResourceEvent if (event.ResourceProperties.ServerCertificateArn) { await acm.deleteCertificate({ CertificateArn: event.ResourceProperties.ServerCertificateArn, - }).promise(); + }); } if (event.ResourceProperties.ClientCertificateArn) { await acm.deleteCertificate({ CertificateArn: event.ResourceProperties.ClientCertificateArn, - }).promise(); + }); } return; } diff --git a/packages/aws-cdk-lib/aws-ec2/test/volume.test.ts b/packages/aws-cdk-lib/aws-ec2/test/volume.test.ts index ffe1ef38a9c17..a61909522ede8 100644 --- a/packages/aws-cdk-lib/aws-ec2/test/volume.test.ts +++ b/packages/aws-cdk-lib/aws-ec2/test/volume.test.ts @@ -1417,9 +1417,7 @@ describe('volume', () => { availabilityZone: 'us-east-1a', size: cdk.Size.gibibytes(min - 1), volumeType, - ...iops - ? { iops } - : {}, + ...(iops ? { iops } : {}), }); }).toThrow(/volumes must be between/); expect(() => { @@ -1427,9 +1425,7 @@ describe('volume', () => { availabilityZone: 'us-east-1a', size: cdk.Size.gibibytes(min), volumeType, - ...iops - ? { iops } - : {}, + ...(iops ? { iops } : {}), }); }).not.toThrow(); expect(() => { @@ -1437,9 +1433,7 @@ describe('volume', () => { availabilityZone: 'us-east-1a', size: cdk.Size.gibibytes(max), volumeType, - ...iops - ? { iops } - : {}, + ...(iops ? { iops } : {}), }); }).not.toThrow(); expect(() => { @@ -1447,9 +1441,7 @@ describe('volume', () => { availabilityZone: 'us-east-1a', size: cdk.Size.gibibytes(max + 1), volumeType, - ...iops - ? { iops } - : {}, + ...(iops ? { iops } : {}), }); }).toThrow(/volumes must be between/); } @@ -1480,7 +1472,7 @@ describe('volume', () => { availabilityZone: 'us-east-1a', size: cdk.Size.gibibytes(125), volumeType, - ...iops ? { iops }: {}, + ...(iops ? { iops } : {}), throughput: 125, }); }).toThrow(/throughput property requires volumeType: EbsDeviceVolumeType.GP3/); From b58c9c462a108fd610d93ee999a909037ea96bc8 Mon Sep 17 00:00:00 2001 From: "Kamat, Trivikram" <16024985+trivikr@users.noreply.github.com> Date: Thu, 10 Aug 2023 15:36:03 +0000 Subject: [PATCH 2/5] chore(deps): add @aws-sdk/client-ec2 --- packages/aws-cdk-lib/package.json | 1 + 1 file changed, 1 insertion(+) diff --git a/packages/aws-cdk-lib/package.json b/packages/aws-cdk-lib/package.json index 0f895ef231fa1..ebfa93780d9d1 100644 --- a/packages/aws-cdk-lib/package.json +++ b/packages/aws-cdk-lib/package.json @@ -150,6 +150,7 @@ "@aws-sdk/client-codepipeline": "^3.387.0", "@aws-sdk/client-cloudwatch-logs": "^3.387.0", "@aws-sdk/client-dynamodb": "^3.387.0", + "@aws-sdk/client-ec2": "^3.387.0", "@aws-sdk/client-ecr": "^3.387.0", "@aws-sdk/client-eks": "^3.387.0", "@aws-sdk/client-lambda": "^3.387.0", From 33caa2a3ef721f531036ca13b56f726f9026c51b Mon Sep 17 00:00:00 2001 From: "Kamat, Trivikram" <16024985+trivikr@users.noreply.github.com> Date: Thu, 10 Aug 2023 17:08:19 +0000 Subject: [PATCH 3/5] fix(ec2): fix lint issues introduced by codemod with --fix --- .../lib/restrict-default-security-group-handler/index.ts | 5 ++--- .../aws-ec2/test/import-certificates-handler/index.ts | 2 +- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/packages/aws-cdk-lib/aws-ec2/lib/restrict-default-security-group-handler/index.ts b/packages/aws-cdk-lib/aws-ec2/lib/restrict-default-security-group-handler/index.ts index 89b71d07d7851..c3a62ee0bdb9a 100644 --- a/packages/aws-cdk-lib/aws-ec2/lib/restrict-default-security-group-handler/index.ts +++ b/packages/aws-cdk-lib/aws-ec2/lib/restrict-default-security-group-handler/index.ts @@ -1,10 +1,9 @@ // eslint-disable-next-line import/no-extraneous-dependencies - -import * as AWS_EC2 from "@aws-sdk/client-ec2"; +import * as AWS_EC2 from '@aws-sdk/client-ec2'; const { - EC2 + EC2, } = AWS_EC2; const ec2 = new EC2(); diff --git a/packages/aws-cdk-lib/aws-ec2/test/import-certificates-handler/index.ts b/packages/aws-cdk-lib/aws-ec2/test/import-certificates-handler/index.ts index 37d0b2b08b813..11741edbf9196 100644 --- a/packages/aws-cdk-lib/aws-ec2/test/import-certificates-handler/index.ts +++ b/packages/aws-cdk-lib/aws-ec2/test/import-certificates-handler/index.ts @@ -1,5 +1,5 @@ import * as fs from 'fs'; -import { ACM } from "@aws-sdk/client-acm"; +import { ACM } from '@aws-sdk/client-acm'; const acm = new ACM(); From 79f4c8c4b64b883f963f5e94dc83302fbc7fa491 Mon Sep 17 00:00:00 2001 From: "Kamat, Trivikram" <16024985+trivikr@users.noreply.github.com> Date: Thu, 10 Aug 2023 17:09:40 +0000 Subject: [PATCH 4/5] fix(ec2): list @aws-sdk/client-ec2 in dependencies --- packages/aws-cdk-lib/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/aws-cdk-lib/package.json b/packages/aws-cdk-lib/package.json index ebfa93780d9d1..59cdea3ab19a2 100644 --- a/packages/aws-cdk-lib/package.json +++ b/packages/aws-cdk-lib/package.json @@ -126,6 +126,7 @@ "@aws-cdk/asset-awscli-v1": "^2.2.200", "@aws-cdk/asset-node-proxy-agent-v5": "^2.0.166", "@aws-cdk/asset-kubectl-v20": "^2.1.2", + "@aws-sdk/client-ec2": "^3.387.0", "@balena/dockerignore": "^1.0.2", "case": "1.6.3", "fs-extra": "^11.1.1", @@ -150,7 +151,6 @@ "@aws-sdk/client-codepipeline": "^3.387.0", "@aws-sdk/client-cloudwatch-logs": "^3.387.0", "@aws-sdk/client-dynamodb": "^3.387.0", - "@aws-sdk/client-ec2": "^3.387.0", "@aws-sdk/client-ecr": "^3.387.0", "@aws-sdk/client-eks": "^3.387.0", "@aws-sdk/client-lambda": "^3.387.0", From 0b96edd35dc6abe179c1befea3e620f95e4f1d0e Mon Sep 17 00:00:00 2001 From: "Kamat, Trivikram" <16024985+trivikr@users.noreply.github.com> Date: Thu, 10 Aug 2023 17:10:39 +0000 Subject: [PATCH 5/5] fix(ec2): change ingressRuleParams to fit max-len=150 --- .../lib/restrict-default-security-group-handler/index.ts | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/packages/aws-cdk-lib/aws-ec2/lib/restrict-default-security-group-handler/index.ts b/packages/aws-cdk-lib/aws-ec2/lib/restrict-default-security-group-handler/index.ts index c3a62ee0bdb9a..233cfee3fe012 100644 --- a/packages/aws-cdk-lib/aws-ec2/lib/restrict-default-security-group-handler/index.ts +++ b/packages/aws-cdk-lib/aws-ec2/lib/restrict-default-security-group-handler/index.ts @@ -11,7 +11,10 @@ const ec2 = new EC2(); /** * The default security group ingress rule. This can be used to both revoke and authorize the rules */ -function ingressRuleParams(groupId: string, account: string): AWS_EC2.RevokeSecurityGroupIngressCommandInput | AWS_EC2.AuthorizeSecurityGroupIngressCommandInput { +function ingressRuleParams( + groupId: string, + account: string, +): AWS_EC2.RevokeSecurityGroupIngressCommandInput | AWS_EC2.AuthorizeSecurityGroupIngressCommandInput { return { GroupId: groupId, IpPermissions: [{