Skip to content

Commit

Permalink
Update to version 6.3.0 (#573)
Browse files Browse the repository at this point in the history
  • Loading branch information
simonkrol authored Sep 9, 2024
1 parent 7bc55b0 commit 55d24fe
Show file tree
Hide file tree
Showing 41 changed files with 8,563 additions and 168 deletions.
26 changes: 23 additions & 3 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,15 +5,32 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

## [6.3.0] - 2024-09-09

### Added

- Additional anonymized metrics system to help understand how the solution is being used, identify areas of improvement, and drive future roadmap decisions.

### Changed

- Cdk update to 2.151.0
- Default log retention to 180 days
- Cache-control header on fallback images to use (in order of priority), fallback image metadata, header provided in image request, and default cache control [#563](https://github.com/aws-solutions/serverless-image-handler/issues/563)

### Security

- Upgraded micromatch to v4.0.8 for vulnerability CVE-2024-4067

## [6.2.7] - 2024-08-19

### Security
- Upgraded axios to v1.7.4 for vulnerability CVE-2024-39338
### Security

- Upgraded axios to v1.7.4 for vulnerability CVE-2024-39338

## [6.2.6] - 2024-06-27

### Added

- StackId tag to CloudFrontLoggingBucket and its bucket name as a CfnOutput [#529](https://github.com/aws-solutions/serverless-image-handler/issues/529)
- Test case to verify UTF-8 support in object key [#320](https://github.com/aws-solutions/serverless-image-handler/pull/320)
- Test cases to verify crop functionality [#459](https://github.com/aws-solutions/serverless-image-handler/pull/459)
Expand All @@ -23,6 +40,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
- Support for 8-bit depth AVIF image type inference [#360](https://github.com/aws-solutions/serverless-image-handler/issues/360)

### Changed

- Decreased permissions allotted to CustomResource Lambda and ImageHandler Lambda
- cdk update to 2.124.0
- aws-solutions-constructs update to 2.51.0
Expand All @@ -32,18 +50,20 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
- Modified JPEG SOI marker parsing to only check first 2 bytes [#429]

### Security

- Upgraded follow-redirects to v1.15.6 for vulnerability CVE-2024-28849
- Upgraded braces to v3.0.3 for vulnerability CVE-2024-4068

### Removed

- Unused CopyS3Assets custom resource

### Fixed

- Some error messages indicating incorrect file types
- Solution version and id not being passed to Backend Lambda
- Thumbor-style URL matching being overly permissive


## [6.2.5] - 2024-01-03

### Fixed
Expand Down
10 changes: 10 additions & 0 deletions NOTICE
Original file line number Diff line number Diff line change
Expand Up @@ -55,3 +55,13 @@ ts-jest under the Massachusetts Institute of Technology (MIT) license
ts-node under the Massachusetts Institute of Technology (MIT) license
typescript under the Apache License 2.0
uuid under the Massachusetts Institute of Technology (MIT) license
@aws-sdk/client-cloudwatch under the Apache License 2.0
@aws-sdk/client-cloudwatch-logs under the Apache License 2.0
@aws-sdk/client-sqs under the Apache License 2.0
@aws-solutions-constructs/aws-eventbridge-lambda under the Apache License 2.0
@aws-solutions-constructs/aws-lambda-sqs-lambda under the Apache License 2.0
@types/aws-lambda under the Massachusetts Institute of Technology (MIT) license
esbuild under the Massachusetts Institute of Technology (MIT) license
@aws-cdk/aws-servicecatalogappregistry-alpha under the Apache License 2.0
@types/adm-zip under the Massachusetts Institute of Technology (MIT) license
prettier under the Massachusetts Institute of Technology (MIT) license
6 changes: 4 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -105,8 +105,10 @@ This solution collects anonymous operational metrics to help AWS improve the qua
- [@Fjool](https://github.com/Fjool) for [#489](https://github.com/aws-solutions/serverless-image-handler/pull/489)
- [@fvsnippets](https://github.com/fvsnippets) for [#373](https://github.com/aws-solutions/serverless-image-handler/pull/373), [#380](https://github.com/aws-solutions/serverless-image-handler/pull/380)
- [@ccchapman](https://github.com/ccchapman) for [#490](https://github.com/aws-solutions/serverless-image-handler/pull/490)
- [@bennet-esyoil][https://github.com/bennet-esyoil] for [#521](https://github.com/aws-solutions/serverless-image-handler/pull/521)
- [@vaniyokk][https://github.com/vaniyokk] for [#511](https://github.com/aws-solutions/serverless-image-handler/pull/511)
- [@bennet-esyoil](https://github.com/bennet-esyoil) for [#521](https://github.com/aws-solutions/serverless-image-handler/pull/521)
- [@vaniyokk](https://github.com/vaniyokk) for [#511](https://github.com/aws-solutions/serverless-image-handler/pull/511)
- [@nicolasbuch](https://github.com/nicolasbuch) for [#569](https://github.com/aws-solutions/serverless-image-handler/pull/569)
- [@mrnonz](https://github.com/mrnonz) for [#567](https://github.com/aws-solutions/serverless-image-handler/pull/567)

# License

Expand Down
2 changes: 1 addition & 1 deletion VERSION.txt
Original file line number Diff line number Diff line change
@@ -1 +1 @@
6.2.7
6.3.0
1 change: 0 additions & 1 deletion deployment/cdk-solution-helper/asset-packager/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,6 @@
*/

import { CDKAssetPackager } from "./asset-packager";
import path from "path";

export async function handler(cdkAssetFolderPath: string | undefined, outputPath: string | undefined) {
if (!cdkAssetFolderPath || !outputPath) throw new Error("undefined input path");
Expand Down
9 changes: 5 additions & 4 deletions deployment/cdk-solution-helper/package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions deployment/run-unit-tests.sh
Original file line number Diff line number Diff line change
Expand Up @@ -35,13 +35,15 @@ template_dir="$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd
cdk_dir="$template_dir/../source/constructs"
image_handler_dir="$template_dir/../source/image-handler"
custom_resource_dir="$template_dir/../source/custom-resource"
metrics_utils_dir="$template_dir/../source/metrics-utils"
coverage_reports_top_path="$template_dir/../source/test/coverage-reports"

headline "[Tests] Run unit tests"
declare -a packages=(
"$cdk_dir"
"$image_handler_dir"
"$custom_resource_dir"
"$metrics_utils_dir"
)
for package in "${packages[@]}"; do
cd "$package"
Expand Down
2 changes: 1 addition & 1 deletion source/constructs/cdk.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"app": "npx ts-node --prefer-ts-exts bin/constructs.ts",
"context": {
"solutionId": "SO0023",
"solutionVersion": "custom-v6.2.7",
"solutionVersion": "custom-v6.3.0",
"solutionName": "serverless-image-handler"
}
}
34 changes: 33 additions & 1 deletion source/constructs/lib/back-end/back-end-construct.ts
Original file line number Diff line number Diff line change
Expand Up @@ -21,18 +21,21 @@ import { Runtime } from "aws-cdk-lib/aws-lambda";
import { NodejsFunction } from "aws-cdk-lib/aws-lambda-nodejs";
import { LogGroup, RetentionDays } from "aws-cdk-lib/aws-logs";
import { IBucket } from "aws-cdk-lib/aws-s3";
import { ArnFormat, Aws, Duration, Lazy, Stack } from "aws-cdk-lib";
import { ArnFormat, Aspects, Aws, CfnCondition, Duration, Fn, Lazy, Stack } from "aws-cdk-lib";
import { Construct } from "constructs";
import { CloudFrontToApiGatewayToLambda } from "@aws-solutions-constructs/aws-cloudfront-apigateway-lambda";

import { addCfnSuppressRules } from "../../utils/utils";
import { SolutionConstructProps } from "../types";
import * as api from "aws-cdk-lib/aws-apigateway";
import { SolutionsMetrics, ExecutionDay } from "metrics-utils";
import { ConditionAspect } from "../../utils/aspects";

export interface BackEndProps extends SolutionConstructProps {
readonly solutionVersion: string;
readonly solutionId: string;
readonly solutionName: string;
readonly sendAnonymousStatistics: CfnCondition;
readonly secretsManagerPolicy: Policy;
readonly logsBucket: IBucket;
readonly uuid: string;
Expand Down Expand Up @@ -230,5 +233,34 @@ export class BackEnd extends Construct {
imageHandlerCloudFrontApiGatewayLambda.apiGateway.node.tryRemoveChild("Endpoint"); // we don't need the RestApi endpoint in the outputs

this.domainName = imageHandlerCloudFrontApiGatewayLambda.cloudFrontWebDistribution.distributionDomainName;

const shortLogRetentionCondition: CfnCondition = new CfnCondition(this, "ShortLogRetentionCondition", {
expression: Fn.conditionOr(
Fn.conditionEquals(props.logRetentionPeriod.toString(), "1"),
Fn.conditionEquals(props.logRetentionPeriod.toString(), "3"),
Fn.conditionEquals(props.logRetentionPeriod.toString(), "5")
),
});
const solutionsMetrics = new SolutionsMetrics(this, "SolutionMetrics", {
uuid: props.uuid,
executionDay: Fn.conditionIf(
shortLogRetentionCondition.logicalId,
ExecutionDay.DAILY,
ExecutionDay.MONDAY
).toString(),
});
solutionsMetrics.addLambdaInvocationCount(imageHandlerLambdaFunction.functionName);
solutionsMetrics.addLambdaBilledDurationMemorySize([imageHandlerLogGroup], "BilledDurationMemorySizeQuery");
solutionsMetrics.addCloudFrontMetric(
imageHandlerCloudFrontApiGatewayLambda.cloudFrontWebDistribution.distributionId,
"Requests"
);

solutionsMetrics.addCloudFrontMetric(
imageHandlerCloudFrontApiGatewayLambda.cloudFrontWebDistribution.distributionId,
"BytesDownloaded"
);

Aspects.of(solutionsMetrics).add(new ConditionAspect(props.sendAnonymousStatistics));
}
}
12 changes: 8 additions & 4 deletions source/constructs/lib/serverless-image-stack.ts
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
// SPDX-License-Identifier: Apache-2.0

import { PriceClass } from "aws-cdk-lib/aws-cloudfront";
import { Aspects, CfnMapping, CfnOutput, CfnParameter, Stack, StackProps, Tags } from "aws-cdk-lib";
import { Aspects, CfnCondition, CfnMapping, CfnOutput, CfnParameter, Fn, Stack, StackProps, Tags } from "aws-cdk-lib";
import { Construct } from "constructs";
import { ConditionAspect, SuppressLambdaFunctionCfnRulesAspect } from "../utils/aspects";
import { BackEnd } from "./back-end/back-end-construct";
Expand Down Expand Up @@ -72,7 +72,7 @@ export class ServerlessImageHandlerStack extends Stack {
"1827",
"3653",
],
default: "1",
default: "180",
});

const autoWebPParameter = new CfnParameter(this, "AutoWebPParameter", {
Expand Down Expand Up @@ -138,10 +138,13 @@ export class ServerlessImageHandlerStack extends Stack {
Version: props.solutionVersion,
},
},
lazy: true,
lazy: false,
});

const anonymousUsage = `${solutionMapping.findInMap("Config", "AnonymousUsage")}`;
const sendAnonymousStatistics = new CfnCondition(this, "SendAnonymousStatistics", {
expression: Fn.conditionEquals(anonymousUsage, "Yes"),
});

const solutionConstructProps: SolutionConstructProps = {
corsEnabled: corsEnabledParameter.valueAsString,
Expand Down Expand Up @@ -175,6 +178,7 @@ export class ServerlessImageHandlerStack extends Stack {
solutionId: props.solutionId,
solutionName: props.solutionName,
secretsManagerPolicy: commonResources.secretsManagerPolicy,
sendAnonymousStatistics,
logsBucket: commonResources.logsBucket,
uuid: commonResources.customResources.uuid,
cloudFrontPriceClass: cloudFrontPriceClassParameter.valueAsString,
Expand Down Expand Up @@ -326,7 +330,7 @@ export class ServerlessImageHandlerStack extends Stack {
new CfnOutput(this, "CloudFrontLoggingBucket", {
value: commonResources.logsBucket.bucketName,
description: "Amazon S3 bucket for storing CloudFront access logs.",
})
});

Aspects.of(this).add(new SuppressLambdaFunctionCfnRulesAspect());
Tags.of(this).add("SolutionId", props.solutionId);
Expand Down
Loading

0 comments on commit 55d24fe

Please sign in to comment.