From 6caefc9120823566ddebc500c983559671a0124f Mon Sep 17 00:00:00 2001 From: aws-sam-cli-bot <46753707+aws-sam-cli-bot@users.noreply.github.com> Date: Wed, 8 Feb 2023 15:16:42 -0800 Subject: [PATCH] chore: bump SamTranslator version (#4672) * chore: Bump SamTranslator version to 1.59.0 * remove old runtimes --------- Co-authored-by: Jacob Fuss <32497805+jfuss@users.noreply.github.com> Co-authored-by: Mehmet Nuri Deveci <5735811+mndeveci@users.noreply.github.com> --- requirements/base.txt | 2 +- requirements/reproducible-linux.txt | 7 +- .../lib/models/connector_hardcoded_props.yaml | 22 ++++ .../embedded_connectors_api_to_function.yaml | 83 ++++++++++++ ...edded_connectors_depends_on_connector.yaml | 28 ++++ .../embedded_connectors_esm_depends_on.yaml | 28 ++++ .../embedded_connectors_function_to.yaml | 124 ++++++++++++++++++ .../embedded_connectors_hardcoded_props.yaml | 67 ++++++++++ .../models/embedded_connectors_rule_to.yaml | 86 ++++++++++++ .../models/embedded_connectors_sfn_to.yaml | 56 ++++++++ .../models/embedded_connectors_sns_to.yaml | 27 ++++ ...embedded_connectors_table_to_function.yaml | 61 +++++++++ .../lib/models/schema_validation_4.yaml | 62 +++++++++ .../schema_validation_ec2_not_valid.yaml | 16 +++ 14 files changed, 664 insertions(+), 5 deletions(-) create mode 100644 tests/functional/commands/validate/lib/models/embedded_connectors_api_to_function.yaml create mode 100644 tests/functional/commands/validate/lib/models/embedded_connectors_depends_on_connector.yaml create mode 100644 tests/functional/commands/validate/lib/models/embedded_connectors_esm_depends_on.yaml create mode 100644 tests/functional/commands/validate/lib/models/embedded_connectors_function_to.yaml create mode 100644 tests/functional/commands/validate/lib/models/embedded_connectors_hardcoded_props.yaml create mode 100644 tests/functional/commands/validate/lib/models/embedded_connectors_rule_to.yaml create mode 100644 tests/functional/commands/validate/lib/models/embedded_connectors_sfn_to.yaml create mode 100644 tests/functional/commands/validate/lib/models/embedded_connectors_sns_to.yaml create mode 100644 tests/functional/commands/validate/lib/models/embedded_connectors_table_to_function.yaml create mode 100644 tests/functional/commands/validate/lib/models/schema_validation_4.yaml create mode 100644 tests/functional/commands/validate/lib/models/schema_validation_ec2_not_valid.yaml diff --git a/requirements/base.txt b/requirements/base.txt index 77bcae21ed..7fbdedc06a 100644 --- a/requirements/base.txt +++ b/requirements/base.txt @@ -9,7 +9,7 @@ jmespath~=0.10.0 ruamel_yaml==0.17.21 PyYAML>=5.4.1,==5.* cookiecutter~=2.1.1 -aws-sam-translator==1.58.1 +aws-sam-translator==1.59.0 #docker minor version updates can include breaking changes. Auto update micro version only. docker~=4.2.0 dateparser~=1.0 diff --git a/requirements/reproducible-linux.txt b/requirements/reproducible-linux.txt index 175510eee6..96d5e28616 100644 --- a/requirements/reproducible-linux.txt +++ b/requirements/reproducible-linux.txt @@ -19,10 +19,9 @@ aws-lambda-builders==1.26.0 \ --hash=sha256:511a3be80511b3cedbc223504fef9366063c45f8fff94d2acb270de92e9efb02 \ --hash=sha256:d316837180d3ed5a04a40584e25c318fb97a7d0ab987c0f21bd07e421fd4d1d8 # via aws-sam-cli (setup.py) -aws-sam-translator==1.58.1 \ - --hash=sha256:c4e261e450d574572d389edcafab04d1fe337615f867610410390c2435cb1f26 \ - --hash=sha256:ca47d6eb04d8cf358bea9160411193da40a80dc3e79bb0c5bace0c21f0e4c888 \ - --hash=sha256:cd60a19085d432bc00769b597bc2e6854f546ff9928f8067fc5fbcb5a1ed74ff +aws-sam-translator==1.59.0 \ + --hash=sha256:6761293a21bd1cb0e19f168926ebfc4a3a6c9011aca67bd448ef485a55d6f658 \ + --hash=sha256:9b8f23a5754cba92677d334ece5c5d9dc9b1f1a327a650fc8939ae3fc6da4141 # via # aws-sam-cli (setup.py) # cfn-lint diff --git a/tests/functional/commands/validate/lib/models/connector_hardcoded_props.yaml b/tests/functional/commands/validate/lib/models/connector_hardcoded_props.yaml index cd595a4afa..1e655fa5a7 100644 --- a/tests/functional/commands/validate/lib/models/connector_hardcoded_props.yaml +++ b/tests/functional/commands/validate/lib/models/connector_hardcoded_props.yaml @@ -75,6 +75,28 @@ Resources: Permissions: - Write + ApiV1ToLambdaWithId: + Type: AWS::Serverless::Connector + Properties: + Source: + Id: MyApiV1 + Qualifier: Prod/GET/foobar + Destination: + Id: MyFunction + Permissions: + - Write + + ApiV2ToLambdaWithId: + Type: AWS::Serverless::Connector + Properties: + Source: + Id: MyApiV2 + Qualifier: '*' + Destination: + Id: MyFunction + Permissions: + - Write + SfnToSfn: Type: AWS::Serverless::Connector Properties: diff --git a/tests/functional/commands/validate/lib/models/embedded_connectors_api_to_function.yaml b/tests/functional/commands/validate/lib/models/embedded_connectors_api_to_function.yaml new file mode 100644 index 0000000000..331b8d47f8 --- /dev/null +++ b/tests/functional/commands/validate/lib/models/embedded_connectors_api_to_function.yaml @@ -0,0 +1,83 @@ +Resources: + MyHttpApi: + Type: AWS::Serverless::HttpApi + Connectors: + MyConnectorServerlessHttpApiToLambda: + Properties: + Destination: + Id: MyFunction + Permissions: + - Write + MyConnectorApigwToLambda: + Properties: + Destination: + Id: MyServerlessFunction + Permissions: + - Write + Properties: + StageName: Prod + + MyApiGateway: + Type: AWS::ApiGateway::RestApi + Properties: + Description: A test API + Name: MyRestAPI + + MyApiGatewayRootMethod: + Type: AWS::ApiGateway::Method + Properties: + AuthorizationType: NONE + HttpMethod: POST + Integration: + Type: MOCK + ResourceId: !GetAtt MyApiGateway.RootResourceId + RestApiId: !Ref MyApiGateway + + MyApiGatewayV2: + Type: AWS::ApiGatewayV2::Api + Connectors: + MyConnectorApiV2ToLambda: + Properties: + Destination: + Id: MyServerlessFunction + Permissions: + - Write + Properties: + Name: MyApi + ProtocolType: WEBSOCKET + + MyServerlessFunction: + Type: AWS::Serverless::Function + Properties: + Runtime: nodejs14.x + Handler: index.handler + InlineCode: | + const AWS = require('aws-sdk'); + exports.handler = async (event) => { + console.log(JSON.stringify(event)); + }; + + MyRole: + Type: AWS::IAM::Role + Properties: + AssumeRolePolicyDocument: + Statement: + - Effect: Allow + Action: sts:AssumeRole + Principal: + Service: lambda.amazonaws.com + ManagedPolicyArns: + - !Sub arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole + + MyFunction: + Type: AWS::Lambda::Function + Properties: + Role: !GetAtt MyRole.Arn + Runtime: nodejs14.x + Handler: index.handler + Code: + ZipFile: |- + const AWS = require('aws-sdk'); + exports.handler = async (event) => { + console.log(JSON.stringify(event)); + }; diff --git a/tests/functional/commands/validate/lib/models/embedded_connectors_depends_on_connector.yaml b/tests/functional/commands/validate/lib/models/embedded_connectors_depends_on_connector.yaml new file mode 100644 index 0000000000..a38b9b0a0b --- /dev/null +++ b/tests/functional/commands/validate/lib/models/embedded_connectors_depends_on_connector.yaml @@ -0,0 +1,28 @@ +Resources: + MyFunction: + Type: AWS::Serverless::Function + Properties: + Runtime: nodejs16.x + Handler: index.handler + InlineCode: | + exports.handler = async (event) => { + console.log(event); + }; + + MyQueue: + Type: AWS::SQS::Queue + Connectors: + MyConnector: + Properties: + Destination: + Id: MyFunction + Permissions: + - Read + - Write + + MyEventSourceMapping: + DependsOn: MyQueueMyConnector + Type: AWS::Lambda::EventSourceMapping + Properties: + FunctionName: !Ref MyFunction + EventSourceArn: !GetAtt MyQueue.Arn diff --git a/tests/functional/commands/validate/lib/models/embedded_connectors_esm_depends_on.yaml b/tests/functional/commands/validate/lib/models/embedded_connectors_esm_depends_on.yaml new file mode 100644 index 0000000000..2f7c32db8d --- /dev/null +++ b/tests/functional/commands/validate/lib/models/embedded_connectors_esm_depends_on.yaml @@ -0,0 +1,28 @@ +Resources: + MyFunction: + Type: AWS::Serverless::Function + Properties: + Runtime: nodejs16.x + Handler: index.handler + InlineCode: | + exports.handler = async (event) => { + console.log(event); + }; + + MyQueue: + Type: AWS::SQS::Queue + Connectors: + MyConnector: + Properties: + Destination: + Id: MyFunction + Permissions: + - Read + - Write + + MyEventSourceMapping: + DependsOn: MyQueueMyConnectorPolicy + Type: AWS::Lambda::EventSourceMapping + Properties: + FunctionName: !Ref MyFunction + EventSourceArn: !GetAtt MyQueue.Arn diff --git a/tests/functional/commands/validate/lib/models/embedded_connectors_function_to.yaml b/tests/functional/commands/validate/lib/models/embedded_connectors_function_to.yaml new file mode 100644 index 0000000000..70a1ed39bf --- /dev/null +++ b/tests/functional/commands/validate/lib/models/embedded_connectors_function_to.yaml @@ -0,0 +1,124 @@ +Resources: + MyServerlessFunction: + Type: AWS::Serverless::Function + Connectors: + BucketConnector: + Properties: + Destination: + Id: MyBucket + Permissions: + - Read + - Write + SQSConnector: + Properties: + Destination: + Id: MyQueue + Permissions: + - Read + - Write + TableConnector: + Properties: + Destination: + Id: MyTable + Permissions: + - Read + - Write + TableConnectorWithTableArn: + Properties: + Destination: + Type: AWS::DynamoDB::Table + Arn: !GetAtt MyTable.Arn + Permissions: + - Read + - Write + SNSConnector: + Properties: + Destination: + Id: MySNSTopic + Permissions: + - Write + SFNConnector: + Properties: + Destination: + Id: MyStateMachine + Permissions: + - Read + - Write + Properties: + Runtime: nodejs14.x + Handler: index.handler + InlineCode: | + const AWS = require('aws-sdk'); + exports.handler = async (event) => { + console.log(JSON.stringify(event)); + }; + + MyLambdaFunction: + Type: AWS::Lambda::Function + Connectors: + LambdaSQSConnector: + Properties: + Destination: + Id: MyQueue + Permissions: + - Read + LambdaTableConnector: + Properties: + Destination: + Id: MyTable + Permissions: + - Read + - Write + LambdaTableConnectorWithTableArn: + Properties: + Destination: + Type: AWS::DynamoDB::Table + Arn: !GetAtt MyTable.Arn + Permissions: + - Read + - Write + Properties: + Role: !GetAtt MyRole.Arn + Runtime: nodejs14.x + Handler: index.handler + Code: + ZipFile: | + const AWS = require('aws-sdk'); + exports.handler = async (event) => { + console.log(JSON.stringify(event)); + }; + Environment: + Variables: + TABLE_NAME: !Ref MyTable + + MyRole: + Type: AWS::IAM::Role + Properties: + AssumeRolePolicyDocument: + Statement: + - Effect: Allow + Action: sts:AssumeRole + Principal: + Service: lambda.amazonaws.com + + MyBucket: + Type: AWS::S3::Bucket + MyQueue: + Type: AWS::SQS::Queue + MySNSTopic: + Type: AWS::SNS::Topic + MyStateMachine: + Type: AWS::Serverless::StateMachine + Properties: + Definition: + StartAt: MyLambdaState + MyTable: + Type: AWS::DynamoDB::Table + Properties: + BillingMode: PAY_PER_REQUEST + AttributeDefinitions: + - AttributeName: Id + AttributeType: S + KeySchema: + - AttributeName: Id + KeyType: HASH diff --git a/tests/functional/commands/validate/lib/models/embedded_connectors_hardcoded_props.yaml b/tests/functional/commands/validate/lib/models/embedded_connectors_hardcoded_props.yaml new file mode 100644 index 0000000000..5c84285d96 --- /dev/null +++ b/tests/functional/commands/validate/lib/models/embedded_connectors_hardcoded_props.yaml @@ -0,0 +1,67 @@ +Transform: AWS::Serverless-2016-10-31 +Resources: + MyFunction: + Type: AWS::Lambda::Function + + MyRule: + Type: AWS::Events::Rule + Connectors: + RuleToTopic: + Properties: + Destination: + Type: AWS::SNS::Topic + Arn: !Ref MyTopic + Permissions: + - Write + + MyQueue: + Type: AWS::SQS::Queue + MyQueue2: + Type: AWS::SQS::Queue + + MyTopic: + Type: AWS::SNS::Topic + Connectors: + TopicToQueue: + Properties: + Destination: + Type: AWS::SQS::Queue + Arn: !Ref MyQueue + QueueUrl: sqs.us.amazonaws.com/1234567890/test + Permissions: + - Write + + MyApiV1: + Type: AWS::ApiGateway::RestApi + Connectors: + ApiV1ToLambda: + Properties: + SourceReference: + Qualifier: Prod/GET/foobar + Destination: + Id: MyFunction + Permissions: + - Write + + MyApiV2: + Type: AWS::ApiGatewayV2::Api + Connectors: + ApiV2ToLambda: + Properties: + SourceReference: + Qualifier: '*' + Destination: + Id: MyFunction + Permissions: + - Write + + MySNSTopic: + Type: AWS::SNS::Topic + Connectors: + TopicToLambdaHardcoded: + Properties: + Destination: + Type: AWS::Lambda::Function + Arn: !GetAtt MyFunction.Arn + Permissions: + - Write diff --git a/tests/functional/commands/validate/lib/models/embedded_connectors_rule_to.yaml b/tests/functional/commands/validate/lib/models/embedded_connectors_rule_to.yaml new file mode 100644 index 0000000000..4fcf8fbf04 --- /dev/null +++ b/tests/functional/commands/validate/lib/models/embedded_connectors_rule_to.yaml @@ -0,0 +1,86 @@ +Resources: + MyEventsRule1: + Type: AWS::Events::Rule + Connectors: + SfnConnector: + Properties: + Destination: + Id: StateMachine + Permissions: + - Write + Properties: + Name: mynewabc + EventPattern: + source: + - aws.ec2 + State: ENABLED + Targets: + - RoleArn: !GetAtt MyRuleRole.Arn + Arn: !GetAtt StateMachine.Arn + Id: StateMachine + + MyEventsRule2: + Type: AWS::Events::Rule + Connectors: + MyEVBusConnector: + Properties: + Destination: + Id: EventBus + Permissions: + - Write + Properties: + Name: mynewabc + EventPattern: + source: + - aws.ec2 + State: ENABLED + Targets: + - RoleArn: !GetAtt MyRuleRole.Arn + Arn: !GetAtt 'EventBus.Arn' + Id: EventBus + + MyEventsRuleToDefaultBus: + Type: AWS::Events::Rule + Connectors: + MyConnectorToDefaultBus: + Properties: + Destination: + Type: AWS::Events::EventBus + Arn: !Sub arn:${AWS::Partition}:events:${AWS::Region}:${AWS::AccountId}:event-bus/default + Permissions: + - Write + Properties: + Name: mynewabc + EventPattern: + source: + - aws.ec2 + State: ENABLED + Targets: + - RoleArn: !GetAtt MyRuleRole.Arn + Arn: !Sub arn:${AWS::Partition}:events:${AWS::Region}:${AWS::AccountId}:event-bus/default + Id: EventBus + + MyRuleRole: + Type: AWS::IAM::Role + Properties: + AssumeRolePolicyDocument: + Statement: + - Effect: Allow + Principal: + Service: events.amazonaws.com + Action: sts:AssumeRole + + StateMachine: + Type: AWS::Serverless::StateMachine + Properties: + Type: EXPRESS + Definition: + StartAt: MyLambdaState + Policies: + - LambdaInvokePolicy: + FunctionName: SomethingIsNotStateMachineFunction + + EventBus: + Type: AWS::Events::EventBus + Properties: + Name: !Sub '${AWS::StackName}-EventBus' diff --git a/tests/functional/commands/validate/lib/models/embedded_connectors_sfn_to.yaml b/tests/functional/commands/validate/lib/models/embedded_connectors_sfn_to.yaml new file mode 100644 index 0000000000..952aebfbb0 --- /dev/null +++ b/tests/functional/commands/validate/lib/models/embedded_connectors_sfn_to.yaml @@ -0,0 +1,56 @@ +Resources: + MyStateMachine: + Type: AWS::Serverless::StateMachine + Connectors: + SfnToFunction: + Properties: + Destination: + Id: MyFunction + Permissions: + - Write + SfnToSfn: + Properties: + Destination: + Id: MyStateMachineWithoutPolicy + Permissions: + - Read + - Write + Properties: + Type: EXPRESS + Definition: + StartAt: MyLambdaState + Policies: + - LambdaInvokePolicy: + FunctionName: SomethingIsNotStateMachineFunction + + MyStateMachineWithoutPolicy: + Type: AWS::Serverless::StateMachine + Connectors: + SfnToFunctionWithoutPolicy: + Properties: + Destination: + Id: MyFunction + Permissions: + - Write + Properties: + Type: EXPRESS + Definition: + StartAt: TryDoSomething + States: + TryDoSomething: + Type: Task + Resource: !Sub arn:${AWS::Partition}:states:::lambda:invoke + Parameters: + FunctionName: !Ref MyFunction + End: true + + MyFunction: + Type: AWS::Serverless::Function + Properties: + Runtime: nodejs14.x + Handler: index.handler + InlineCode: | + const AWS = require('aws-sdk'); + exports.handler = async (event) => { + console.log(JSON.stringify(event)); + }; diff --git a/tests/functional/commands/validate/lib/models/embedded_connectors_sns_to.yaml b/tests/functional/commands/validate/lib/models/embedded_connectors_sns_to.yaml new file mode 100644 index 0000000000..ea7ac8bf5b --- /dev/null +++ b/tests/functional/commands/validate/lib/models/embedded_connectors_sns_to.yaml @@ -0,0 +1,27 @@ +Resources: + MySNSTopic: + Type: AWS::SNS::Topic + Connectors: + SnsToQueueConnector: + Properties: + Destination: + Id: MyQueue + Permissions: + - Write + SnsToFunctionConnector: + Properties: + Destination: + Id: MyFunction + Permissions: + - Write + + MyQueue: + Type: AWS::SQS::Queue + + MyFunction: + Type: AWS::Serverless::Function + Properties: + Runtime: nodejs14.x + Handler: index.handler + InlineCode: " const AWS = require('aws-sdk'); exports.handler = async (event)\ + \ => { console.log(JSON.stringify(event)); };" diff --git a/tests/functional/commands/validate/lib/models/embedded_connectors_table_to_function.yaml b/tests/functional/commands/validate/lib/models/embedded_connectors_table_to_function.yaml new file mode 100644 index 0000000000..8cd3907a66 --- /dev/null +++ b/tests/functional/commands/validate/lib/models/embedded_connectors_table_to_function.yaml @@ -0,0 +1,61 @@ +Resources: + MyServerlessFunction: + Type: AWS::Serverless::Function + Properties: + Runtime: nodejs14.x + Handler: index.handler + InlineCode: | + exports.handler = async (event) => { + console.log(JSON.stringify(event)); + }; + + MyLambdaFunction: + Type: AWS::Lambda::Function + Properties: + Role: !GetAtt MyRole.Arn + Runtime: nodejs14.x + Handler: index.handler + Code: + ZipFile: | + const AWS = require('aws-sdk'); + exports.handler = async (event) => { + console.log(JSON.stringify(event)); + }; + Environment: + Variables: + TABLE_NAME: !Ref MyTable + MyRole: + Type: AWS::IAM::Role + Properties: + AssumeRolePolicyDocument: + Statement: + - Effect: Allow + Action: sts:AssumeRole + Principal: + Service: lambda.amazonaws.com + + MyTable: + Type: AWS::DynamoDB::Table + Connectors: + TableConnectorLambdaFunction: + Properties: + Destination: + Id: MyLambdaFunction + Permissions: + - Read + TableConnectorServerlessFunction: + Properties: + Destination: + Id: MyServerlessFunction + Permissions: + - Read + Properties: + BillingMode: PAY_PER_REQUEST + StreamSpecification: + StreamViewType: NEW_AND_OLD_IMAGES + AttributeDefinitions: + - AttributeName: Id + AttributeType: S + KeySchema: + - AttributeName: Id + KeyType: HASH diff --git a/tests/functional/commands/validate/lib/models/schema_validation_4.yaml b/tests/functional/commands/validate/lib/models/schema_validation_4.yaml new file mode 100644 index 0000000000..90e23fc18f --- /dev/null +++ b/tests/functional/commands/validate/lib/models/schema_validation_4.yaml @@ -0,0 +1,62 @@ +Transform: AWS::Serverless-2016-10-31 +AWSTemplateFormatVersion: '2010-09-09' +Description: Some description +Parameters: + InstanceTypeParameter: + Type: String + Default: t2.micro + AllowedValues: + - t2.micro + - m1.small + - m1.large + Description: Enter t2.micro, m1.small, or m1.large. Default is t2.micro. +Conditions: + CreateProdResources: !Equals + - !Ref InstanceTypeParameter + - prod +Resources: + Bucket: + Type: AWS::S3::Bucket + Condition: CreateProdResources + MyTable: + Type: AWS::Serverless::SimpleTable + + MyInstance: + Type: AWS::EC2::Instance + Properties: + ImageId: ami-79fd7eee + KeyName: testkey + BlockDeviceMappings: + - DeviceName: /dev/sdm + Ebs: + VolumeType: io1 + Iops: 200 + DeleteOnTermination: false + VolumeSize: 20 + - DeviceName: /dev/sdk + NoDevice: {} + + Function: + Type: AWS::Lambda::Function + Properties: + Handler: index.handler + Role: arn:aws:iam::123456789012:role/lambda-role + Code: + S3Bucket: my-bucket + S3Key: function.zip + Runtime: nodejs12.x + Timeout: 5 + TracingConfig: + Mode: Active + VpcConfig: + SecurityGroupIds: + - sg-085912345678492fb + SubnetIds: + - subnet-071f712345678e7c8 + - subnet-07fd123456788a036 + +Outputs: + BackupLoadBalancerDNSName: + Description: The DNSName of the backup load balancer + Value: !Ref Function + Condition: CreateProdResources diff --git a/tests/functional/commands/validate/lib/models/schema_validation_ec2_not_valid.yaml b/tests/functional/commands/validate/lib/models/schema_validation_ec2_not_valid.yaml new file mode 100644 index 0000000000..1077db7086 --- /dev/null +++ b/tests/functional/commands/validate/lib/models/schema_validation_ec2_not_valid.yaml @@ -0,0 +1,16 @@ +Resources: + MyInstance: + Type: AWS::EC2::Instance + Properties: + ImageId: ami-79fd7eee + KeyName: testkey + BlockDeviceMappings: + - DeviceName: /dev/sdm + Ebs: + VolumeType: io1 + Iops: 200 + # Should be bool + DeleteOnTermination: 'false' + VolumeSize: 20 + - DeviceName: /dev/sdk + NoDevice: {}