Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

secretsmanager: allow to specify semanticVersion in semanticVersionForPartition #30200

Open
pahud opened this issue May 15, 2024 · 2 comments
Open

secretsmanager: allow to specify semanticVersion in semanticVersionForPartition #30200

pahud opened this issue May 15, 2024 · 2 comments
Labels
@aws-cdk/aws-secretsmanager Related to AWS Secrets Manager bug This issue is a bug. effort/medium Medium work item – several days of effort p2

Comments

@pahud
Copy link
Contributor

pahud commented May 15, 2024
edited

Describe the bug

semanticVersionForPartition has pinned version which does not allow users to specify the version number.

At this moment, 1.1.212 for aws-cn comes with deprecated python runtime and there's no workaroud for that.

aws-cdk/packages/aws-cdk-lib/aws-secretsmanager/lib/secret-rotation.ts

Lines 161 to 172 in 4b6dc8c

public semanticVersionForPartition(partition: string) {
if (partition === 'aws') {
return this.semanticVersion;
} else if (partition === 'aws-cn') {
return '1.1.212';
} else if (partition === 'aws-us-gov') {
return '1.1.93';
} else {
throw new Error(`unsupported partition: ${partition}`);
}
}
}

Expected Behavior

We should allow user to specify the version number.

Current Behavior

User can't specify version number and requires a PR to bump the version.

Reproduction Steps

similar to #28696

Possible Solution

Additional Information/Context

No response

CDK CLI Version

v2.141.0

Framework Version

No response

Node.js Version

all

OS

all

Language

TypeScript

Language Version

No response

Other information

No response
@pahud pahud added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. @aws-cdk/aws-secretsmanager Related to AWS Secrets Manager p1 effort/medium Medium work item – several days of effort and removed needs-triage This issue or PR still needs to be triaged. labels May 15, 2024
@pahud
Copy link
Contributor Author

pahud commented May 15, 2024

internal tracking: P128811127

@pahud pahud self-assigned this May 15, 2024
@pahud pahud mentioned this issue May 15, 2024
Merged
1 task
@pahud
Copy link
Contributor Author

pahud commented May 15, 2024

workaround #30201 (comment)

@pahud pahud added p2 and removed p1 labels May 15, 2024
@pahud pahud removed their assignment May 15, 2024
mergify bot pushed a commit that referenced this issue May 17, 2024
@pahud
chore(secrets): bump semanticVersion for aws-cn (#30201)
dca7efe 
### Issue # (if applicable)

Similar to #28733 , this PR bumps the default version for aws-cn partition ro `1.1.237` as the current version comes with deprecated lambda python runtime.

```
aws --profile bjs serverlessrepo get-application --application-id arn:aws-cn:serverlessrepo:cn-north-1:193023089310:applications/SecretsManagerRDSPostgreSQLRotationSingleUser --query Version.SemanticVersion --output text
1.1.237
```

I was evaluating a fix for #30200 but unfortunately that would require a lot of refactor so I am opening this tiny PR to get it bumped.

internal tracking: P128811127





Closes #<issue number here>.

### Reason for this change



### Description of changes



### Description of how you validated changes



### Checklist
- [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md)

### How to find the serverless `applicationId` and `semanticVersion`
1. Go to the serverlessrepo console and search `SecretsManagerRDSPostgreSQLRotationSingleUser`. Make sure to check `Show apps that create custom IAM roles or resource policies`

<img width="434" alt="image" src="https://github.com/aws/aws-cdk/assets/278432/f3fbd9e8-64b0-4c84-b877-dc5bdef1e9f8">


2. Click into the application
3. Find the `applicationId` from the URL. For example, in `us-east-1` the id is
`arn:aws:serverlessrepo:us-east-1:297356227824:applications/SecretsManagerRDSPostgreSQLRotationSingleUser`
4. Find out the semanticVersion using AWS CLI:

```sh
$ appid='arn:aws:serverlessrepo:us-east-1:297356227824:applications/SecretsManagerRDSPostgreSQLRotationSingleUser'
$ aws serverlessrepo get-application --application-id $appid --query Version.SemanticVersion --output text
```
----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
@github-actions github-actions bot mentioned this issue May 20, 2024
Closed
@github-actions github-actions bot mentioned this issue Jun 1, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
@aws-cdk/aws-secretsmanager Related to AWS Secrets Manager bug This issue is a bug. effort/medium Medium work item – several days of effort p2
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@pahud