Merge pull request #400 from epam/release/1.13

Release 1.13

Author: bohdan-onsha

.github/workflows/ci-java.yml

@@ -25,12 +25,40 @@ jobs:
     uses: ./.github/workflows/maven.yml
     if: github.repository_owner == 'epam'
 
+  check-modified-files:
+    runs-on: ubuntu-latest
+    outputs:
+      files_modified: ${{ steps.check_files.outputs.run_publish_steps }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Check modified files
+        id: check_files
+        run: |
+          git fetch origin master
+          changed_files=$(git diff --name-only origin/master)
+          echo "Changed files: ${changed_files}"
+          checked_directory="plugin/"
+          for file in ${changed_files}
+          do
+            if [[ ${file} == ${checked_directory}* ]]
+            then
+              echo "Target directory was modified."
+              echo "run_publish_steps=true" >>$GITHUB_OUTPUT
+              exit 0
+            fi
+          done
+          echo "Target directory was not modified."
+          echo "run_publish_steps=false" >>$GITHUB_OUTPUT
+           echo "dist=/tmp/bavp/dist" >>$GITHUB_OUTPUT
+        shell: bash
+
   release-snapshot-to-maven-central:
     name: Publish SNAPSHOT package to MavenCentral
     environment: release-snapshot
-    if: github.repository_owner == 'epam' && github.event_name == 'push' && github.ref == 'refs/heads/master'
+    needs: [maven, check-modified-files]
     runs-on: ubuntu-latest
-    needs: maven
+    if: github.repository_owner == 'epam' && github.event_name == 'push' && github.ref == 'refs/heads/master' && needs.check-modified-files.outputs.files_modified == 'true'
 
     steps:
       - uses: actions/checkout@v4
@@ -46,14 +74,15 @@ jobs:
           settings-path: ${{ github.workspace }}
       - name: Set SNAPSHOT in version
         run: |
+          gpg --version
           syndicate_plugin_version=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout --file ./plugin/pom.xml | xargs) 
           mvn versions:set -DnewVersion="${syndicate_plugin_version}-SNAPSHOT" --file ./plugin/pom.xml
           mvn versions:commit --file ./plugin/pom.xml
       - name: Build with Maven
         run: mvn -B package --file ./plugin/pom.xml
       - name: Deploy development version binaries (Snapshots)
         env:
-          OSS_SONATYPE_USERNAME: ${{ vars.OSSRH_USERNAME  }}
+          OSS_SONATYPE_USERNAME: ${{ secrets.OSSRH_USERNAME  }}
           OSS_SONATYPE_TOKEN: ${{ secrets.OSSRH_TOKEN }}
         run: |
           echo Checking variables ${{ secrets.OSSRH_USERNAME }}
@@ -64,9 +93,9 @@ jobs:
   release-to-maven-central:
     name: Publish released package to MavenCentral
     environment: release-maven-central
-    if: github.repository_owner == 'epam' && github.event.action == 'published'
+    needs: [maven, check-modified-files]
     runs-on: ubuntu-latest
-    needs: maven
+    if: github.repository_owner == 'epam' && github.event.action == 'published' && needs.check-modified-files.outputs.files_modified == 'true'
 
     steps:
       - uses: actions/checkout@v4
@@ -88,6 +117,7 @@ jobs:
           # -U force updates just to make sure we are using latest dependencies
           # -B Batch mode (do not ask for user input), just in case
           # -P activate profile
+          gpg --version
           mvn -U -B clean deploy -P release --file ./plugin/pom.xml
         env:
           GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}

CHANGELOG.md

@@ -4,6 +4,24 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+# [1.13.0] - 2024-07-10
+- Added possibility to configure `FunctionResponseTypes` for lambda functions
+- Updated maven plugin version to 1.12.0 with support of `FunctionResponseTypes`
+- Added possibility to set up Cognito user pool ID in lambda function environment variable
+- Added possibility to set up Cognito user pool client ID in lambda function environment variable
+- Fix lambda triggers deletion when removed from meta
+- Fix resources dependencies resolving
+- Fix losing successfully deployed resources from the output file during deployment with the option `--continue_deploy`
+- Fix API Gateway duplication in case of existing API Gateway with the same name
+- Fix detection of usage `--rollback_on_error` option with an incompatible option `--continue_deploy`
+- Changed datetime format for lock attributes in the `.syndicate` file to UTC format
+- The Syndicate Java plugin version updated to 1.13.0 with changes:
+  - The ResourceType enum for the @DependsOn annotation extended with new type ResourceType.COGNITO_USER_POOL
+  - The @EnvironmentVariable annotation for the Syndicate Java plugin improved to support the value transformer
+  - A new value transformer type created ValueTransformer.USER_POOL_NAME_TO_USER_POOL_ID
+  - A new value transformer type created ValueTransformer.USER_POOL_NAME_TO_CLIENT_ID
+- The generate Java lambda template changed to use the Syndicate Java plugin version 1.13.0
+
 # [1.12.0] - 2024-06-20
 - Added ability for `clean` command to automatically resolve if `--rollback` is needed.
 - Fixed an issue related to `log group already exists` error while deploying or updating `lambda`.

examples/java/demo-apigateway-cognito/.syndicate-config-demo-apigateway-cognito/syndicate.yml

@@ -0,0 +1,4 @@
+account_id: ACCOUNT_ID
+region: REGION_NAME
+deploy_target_bucket: BUCKET_NAME
+project_path: PROJECT_FOLDER

examples/java/demo-apigateway-cognito/.syndicate-config-demo-apigateway-cognito/syndicate_aliases.yml

@@ -0,0 +1,5 @@
+account_id: ACCOUNT_ID
+region: REGION_NAME
+logs_expiration: 30
+
+pool_name: USERPOOL_NAME

examples/java/demo-apigateway-cognito/README.md

@@ -0,0 +1,35 @@
+#### This example shows a Syndicate configuration for deploying:
+* 1 Java Lambda function;
+* 1 IAM role attached to lambda;
+* 1 Custom IAM policy attached to role;
+* 1 API Gateway
+* 1 Cognito User Pool
+
+#### To deploy this example:
+
+##### 1. Replace following placeholders in `syndicate.yml`:
+* `ACCOUNT_ID` - AWS account id where syndicate will deploy this demo;
+* `REGION_NAME` - AWS region where syndicate will deploy this demo;
+* `BUCKET_NAME` - bucket name to upload deployment artifacts, must be unique across all AWS accounts;
+* `PROJECT_FOLDER` - absolute path to the  project folder;
+
+##### 2. Replace following placeholder in `syndicate_aliases.yml`:
+* `ACCOUNT_ID` - AWS account id where syndicate will deploy this demo;
+* `REGION_NAME` - AWS region where syndicate will deploy this demo;
+* `USERPOOL_NAME` - desired Cognito User Pool name;
+
+##### 3. Export config files path (set environment variable SDCT_CONF):
+* Unix: `export SDCT_CONF=$CONFIG_FOLDER`, in this example $CONFIG_FOLDER is PROJECT_FOLDER/.syndicate-config-demo-apigateway-cognito;
+* Windows (cmd): `set SDCT_CONF=%CONFIG_FOLDER%`, in this example %CONFIG_FOLDER% is PROJECT_FOLDER/.syndicate-config-demo-apigateway-cognito;
+
+##### 4. Build bundle:
+
+`syndicate build`
+
+##### 5. Deploy:
+
+`syndicate deploy`
+
+#### 6. To clean project resources:
+
+`syndicate clean`

examples/java/demo-apigateway-cognito/deployment_resources.json

@@ -0,0 +1,144 @@
+{
+  "lambda-cognito-execution": {
+    "policy_content": {
+      "Statement": [
+        {
+          "Action": [
+            "logs:CreateLogGroup",
+            "logs:CreateLogStream",
+            "logs:PutLogEvents",
+
+            "cognito-idp:DescribeUserPool",
+            "cognito-idp:GetUser",
+            "cognito-idp:ListUsers",
+            "cognito-idp:AdminCreateUser",
+            "cognito-idp:AdminInitiateAuth",
+            "cognito-idp:GetIdentityProviderByIdentifier",
+            "cognito-idp:ListUserPools",
+            "cognito-idp:ListUserPoolClients",
+            "cognito-idp:AdminRespondToAuthChallenge",
+
+            "ssm:PutParameter",
+            "ssm:GetParameter",
+            "kms:Decrypt"
+          ],
+          "Effect": "Allow",
+          "Resource": "*"
+        }
+      ],
+      "Version": "2012-10-17"
+    },
+    "resource_type": "iam_policy"
+  },
+
+  "api-handler-role": {
+    "predefined_policies": [],
+    "principal_service": "lambda",
+    "custom_policies": [
+      "lambda-cognito-execution"
+    ],
+    "resource_type": "iam_role"
+  },
+
+  "${pool_name}": {
+    "resource_type": "cognito_idp",
+    "password_policy": {
+      "minimum_length": 8,
+      "require_uppercase": false,
+      "require_symbols": false,
+      "require_lowercase": false,
+      "require_numbers": false
+    },
+    "auto_verified_attributes": [],
+    "sms_configuration": {},
+    "username_attributes": [],
+    "custom_attributes": [],
+    "client": {
+      "client_name": "client-app",
+      "generate_secret": false,
+      "explicit_auth_flows": [
+        "ALLOW_ADMIN_USER_PASSWORD_AUTH",
+        "ALLOW_CUSTOM_AUTH",
+        "ALLOW_USER_SRP_AUTH",
+        "ALLOW_REFRESH_TOKEN_AUTH"
+      ]
+    }
+  },
+
+  "demo-api-gateway": {
+    "resource_type": "api_gateway",
+    "deploy_stage": "api",
+    "authorizers": {
+      "authorizer": {
+        "type": "COGNITO_USER_POOLS",
+        "identity_source": "method.request.header.Authorization",
+        "user_pools": [
+          "${pool_name}"
+        ],
+        "ttl": 300
+      }
+    },
+    "resources": {
+      "/": {
+        "enable_cors": false,
+        "GET": {
+          "enable_proxy": true,
+          "authorization_type": "NONE",
+          "integration_type": "lambda",
+          "lambda_name": "api-handler",
+          "api_key_required": false,
+          "method_request_parameters": {},
+          "integration_request_body_template": {},
+          "responses": [],
+          "integration_responses": [],
+          "default_error_pattern": true
+        }
+      },
+      "/secured": {
+        "enable_cors": false,
+        "GET": {
+          "enable_proxy": true,
+          "authorization_type": "authorizer",
+          "integration_type": "lambda",
+          "lambda_name": "api-handler",
+          "api_key_required": false,
+          "method_request_parameters": {},
+          "integration_request_body_template": {},
+          "responses": [],
+          "integration_responses": [],
+          "default_error_pattern": true
+        }
+      },
+      "/signin": {
+        "enable_cors": false,
+        "POST": {
+          "enable_proxy": true,
+          "authorization_type": "NONE",
+          "integration_type": "lambda",
+          "lambda_name": "api-handler",
+          "api_key_required": false,
+          "method_request_parameters": {},
+          "integration_request_body_template": {},
+          "responses": [],
+          "integration_responses": [],
+          "default_error_pattern": true
+        }
+      },
+      "/signup": {
+        "enable_cors": false,
+        "POST": {
+          "enable_proxy": true,
+          "authorization_type": "NONE",
+          "integration_type": "lambda",
+          "lambda_name": "api-handler",
+          "api_key_required": false,
+          "method_request_parameters": {},
+          "integration_request_body_template": {},
+          "responses": [],
+          "integration_responses": [],
+          "default_error_pattern": true
+        }
+      }
+    }
+  }
+}