feat(aws-certificatemanager): Add ability to specify the certificate name #22301
Conversation
github-actions
bot
added
repeat-contributor
|
|
There was a problem hiding this comment.
The Pull Request Linter fails with the following errors:
❌ Features must contain a change to a README file.
❌ Features must contain a change to an integration test file and the resulting snapshot.
PRs must pass status checks before we can provide a meaningful review.
mergify
bot
dismissed
aws-cdk-automation’s stale review
Pull request has been modified.
|
The build is failing due to test failure in ecs-patterns. However the integ test cannot be regenerate due to certificate validation issue. I'm not sure how the original snapshot was generated. A workaround would be to remove the default certificateName but I feel consistency with other constructs its important. |
mergify
bot
dismissed
aws-cdk-automation’s stale review
Pull request has been modified.
|
For now I have manually updated the snapshot |
aws-cdk-automation
dismissed
their stale review
Pull Request updated. Dissmissing previous PRLinter Review.
aws-cdk-automation
dismissed
their stale review
Pull Request updated. Dissmissing previous PRLinter Review.
I just added an integration test for |
mergify
bot
dismissed stale reviews from corymhall and aws-cdk-automation
Pull request has been modified.
aws-cdk-automation
dismissed
their stale review
✅ Updated pull request passes all PRLinter validations. Dissmissing previous PRLinter review.
| @@ -247,6 +261,8 @@ export class Certificate extends CertificateBase implements ICertificate { | |||
| certificateTransparencyLoggingPreference, | |||
| }); | |||
|
|
|||
| Tags.of(cert).add(NAME_TAG, props.certificateName || this.node.path); | |||
There was a problem hiding this comment.
The Tag value has a limit of 255 characters. Can you add something here to restrict the value to that? I don't think it is as much of a problem if the user provides a certificateName, but node.path might hit that limit.
Maybe just a value.slice(0, 255);
https://docs.aws.amazon.com/acm/latest/userguide/tags-restrictions.html
There was a problem hiding this comment.
Nice catch; I have sliced the auto-generated certificate name but left the user inputted value alone.
mergify
bot
dismissed
corymhall’s stale review
Pull request has been modified.
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
…name (aws#22301) ---- Like other AWS resources (VPC, TargetGroups,etc) they do not have an actual physical name but can be assigned an AWS designated tag which will be displayed in the web console. This is useful when you have many certificates to determine what is what. I largely followed the pattern set about in other CDK constructs, for example in `vpc.ts` I also followed the convention set elsewhere name tag is used by defaulting the value too `this.node.path` I believe this is also an important first step towards any implementation of aws#10792 I tried added integration tests, however due to the requirement of needing to validate the certificate I don't think this is possible. Currently there are no other integration tests for this module. I have attached a screenshot of the failed integ-test (validation required) which shows the name tag in action  ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [x] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [x] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…name (aws#22301) ---- Like other AWS resources (VPC, TargetGroups,etc) they do not have an actual physical name but can be assigned an AWS designated tag which will be displayed in the web console. This is useful when you have many certificates to determine what is what. I largely followed the pattern set about in other CDK constructs, for example in `vpc.ts` I also followed the convention set elsewhere name tag is used by defaulting the value too `this.node.path` I believe this is also an important first step towards any implementation of aws#10792 I tried added integration tests, however due to the requirement of needing to validate the certificate I don't think this is possible. Currently there are no other integration tests for this module. I have attached a screenshot of the failed integ-test (validation required) which shows the name tag in action  ### All Submissions: * [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) ### Adding new Unconventional Dependencies: * [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md/#adding-new-unconventional-dependencies) ### New Features * [x] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/main/INTEGRATION_TESTS.md)? * [x] Did you use `yarn integ` to deploy the infrastructure and generate the snapshot (i.e. `yarn integ` without `--dry-run`)? *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Like other AWS resources (VPC, TargetGroups,etc) they do not have an actual physical name but can be assigned an AWS designated tag which will be displayed in the web console. This is useful when you have many certificates to determine what is what.
I largely followed the pattern set about in other CDK constructs, for example in
vpc.tsI also followed the convention set elsewhere name tag is used by defaulting the value toothis.node.pathI believe this is also an important first step towards any implementation of #10792
I tried added integration tests, however due to the requirement of needing to validate the certificate I don't think this is possible. Currently there are no other integration tests for this module.
I have attached a screenshot of the failed integ-test (validation required) which shows the name tag in action
All Submissions:
Adding new Unconventional Dependencies:
New Features
yarn integto deploy the infrastructure and generate the snapshot (i.e.yarn integwithout--dry-run)?By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license