Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Release v1.1.4 #15

Merged
merged 8 commits into from
Jan 30, 2024
Merged

Release v1.1.4 #15

merged 8 commits into from
Jan 30, 2024

Conversation

gyalai-aws
Copy link
Contributor

Issue #, if available:

In this release we have included bugfixes and also refactored the License checking. To cleanup the non-used docker image for the license checker, please run the following command docker rmi aws/codebuild/standard:7.0 and then re-run npm run audit:fix:license and follow the steps in the README.md.

Added

  • Allowed modifying the location of the synthesized stacks with the primaryOutputDirectory attribute. This allows the VP to be placed into a subdirectory in a repository. That results in a cleaner directory structure where the root directory can focus on the business problem, while the Vanilla Pipeline will be present only as a sidecar and enable the CI/CD process.

Changed

  • Removed outdated S3 Resource Policy enforcements (DenyUnEncryptedObjectUploads) from bin/aspects.ts. This is handled from Amazon S3, here the official documentation (all new objects are automatically encrypted by default).
  • Removed fix_log_groups from src/codebuild/post-deploy-fixes.py as this is only Porsche EPO specific and doesn't apply to all the other EPOs.
  • License checking has been reworked to improve developer experience. The license only needs to be regenerated when new dependencies are introduced to either NPM or any Python package. It is determined by the change on the file. If the files are untouched the license checker will assume the dependencies are not changed and pass successfully.
  • License checking is no longer depending on Docker images, the licenses are generated based on the environment the script is executed. It is recommended to generate the NOTICE file on an environment that is close to the desired target environment in case you are looking for the precise results. Note: List of dependencies can be different based on OS and CPU architecture types.
  • License checking supports requirements.txt files from now as well. It is recommended to be as specific as possible with your dependency versions. Overall the recommendation is to use Pipenv over the requirements.txt.
  • Scripts have been modified to assume that the PROJECT_ROOT is the CWD directory instead of the parent folder of the scripts folder. This allows the VP to be placed into a subfolder in a repository.

Fixed

  • Issue with python dependency check script on multi lambda layers structure
  • Issue with the license checker in using amd64 platform

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

gmuslia
gmuslia approved these changes Jan 30, 2024
View reviewed changes
Copy link
Contributor

@gmuslia gmuslia left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@gyalai-aws gyalai-aws merged commit 7e8e410 into main Jan 30, 2024
5 checks passed
@gyalai-aws gyalai-aws deleted the release/v1.1.4 branch January 30, 2024 17:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gmuslia gmuslia gmuslia approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@gyalai-aws @gmuslia