Skip to content

Commit f8e6207

Browse files
mergify[bot]mergify[bot]
authored
chore(release): v2.173.2 (#32557)
See CHANGELOG
2 parents 4eac959 + 522334f commit f8e6207

File tree

6 files changed

+44
-4
lines changed

6 files changed

+44
-4
lines changed

CHANGELOG.v2.alpha.md

+2
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,8 @@
22

33
All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
44

5+
## [2.173.2-alpha.0](https://github.com/aws/aws-cdk/compare/v2.173.1-alpha.0...v2.173.2-alpha.0) (2024-12-17)
6+
57
## [2.173.1-alpha.0](https://github.com/aws/aws-cdk/compare/v2.173.0-alpha.0...v2.173.1-alpha.0) (2024-12-14)
68

79
## [2.173.0-alpha.0](https://github.com/aws/aws-cdk/compare/v2.172.0-alpha.0...v2.173.0-alpha.0) (2024-12-11)

CHANGELOG.v2.md

+8
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,14 @@
22

33
All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
44

5+
## [2.173.2](https://github.com/aws/aws-cdk/compare/v2.173.1...v2.173.2) (2024-12-17)
6+
7+
8+
### Bug Fixes
9+
10+
* **cli:** allow credential plugins to return `null` for `expiration` ([#32554](https://github.com/aws/aws-cdk/issues/32554)) ([e59b1db](https://github.com/aws/aws-cdk/commit/e59b1db4d8da5fc11d0e3beeb136593440100325))
11+
* **cli:** doesn't support plugins that return initially empty credentials ([#32552](https://github.com/aws/aws-cdk/issues/32552)) ([7ee9b90](https://github.com/aws/aws-cdk/commit/7ee9b909695aca317a11aad16ca983dcc6d6f85a))
12+
513
## [2.173.1](https://github.com/aws/aws-cdk/compare/v2.173.0...v2.173.1) (2024-12-14)
614

715

packages/aws-cdk/lib/api/aws-auth/credential-plugins.ts

+1-1
Original file line numberDiff line numberDiff line change
@@ -165,7 +165,7 @@ function isV3Provider(x: PluginProviderResult): x is SDKv3CompatibleCredentialPr
165165
}
166166

167167
function isV2Credentials(x: PluginProviderResult): x is SDKv2CompatibleCredentials {
168-
return !!(x && typeof x === 'object' && x.accessKeyId && (x as SDKv2CompatibleCredentials).getPromise);
168+
return !!(x && typeof x === 'object' && (x as SDKv2CompatibleCredentials).getPromise);
169169
}
170170

171171
function isV3Credentials(x: PluginProviderResult): x is SDKv3CompatibleCredentials {

packages/aws-cdk/lib/api/aws-auth/provider-caching.ts

+1-1
Original file line numberDiff line numberDiff line change
@@ -20,5 +20,5 @@ export function makeCachingProvider(provider: AwsCredentialIdentityProvider): Aw
2020

2121
export function credentialsAboutToExpire(token: AwsCredentialIdentity) {
2222
const expiryMarginSecs = 5;
23-
return token.expiration !== undefined && token.expiration.getTime() - Date.now() < expiryMarginSecs * 1000;
23+
return !!token.expiration && token.expiration.getTime() - Date.now() < expiryMarginSecs * 1000;
2424
}

packages/aws-cdk/test/api/plugin/credential-plugin.test.ts

+30
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,5 @@
11
import { CredentialPlugins } from '../../../lib/api/aws-auth/credential-plugins';
2+
import { credentialsAboutToExpire } from '../../../lib/api/aws-auth/provider-caching';
23
import { CredentialProviderSource, Mode, SDKv3CompatibleCredentials } from '../../../lib/api/plugin/credential-provider-source';
34
import { PluginHost, markTesting } from '../../../lib/api/plugin/plugin';
45

@@ -104,6 +105,26 @@ test('plugin can return V2 compatible credential-provider', async () => {
104105
expect(getPromise).toHaveBeenCalled();
105106
});
106107

108+
test('plugin can return V2 compatible credential-provider with initially empty keys', async () => {
109+
// GIVEN
110+
mockCredentialFunction(() => Promise.resolve({
111+
accessKeyId: '',
112+
secretAccessKey: '',
113+
expired: false,
114+
getPromise() {
115+
this.accessKeyId = 'keyid';
116+
return Promise.resolve({});
117+
},
118+
}));
119+
120+
// WHEN
121+
const creds = await fetchNow();
122+
123+
await expect(creds).toEqual(expect.objectContaining({
124+
accessKeyId: 'keyid',
125+
}));
126+
});
127+
107128
test('plugin must not return something that is not a credential', async () => {
108129
// GIVEN
109130
mockCredentialFunction(() => Promise.resolve({
@@ -114,6 +135,15 @@ test('plugin must not return something that is not a credential', async () => {
114135
await expect(fetchNow()).rejects.toThrow(/Plugin returned a value that/);
115136
});
116137

138+
test('token expiration is allowed to be null', () => {
139+
expect(credentialsAboutToExpire({
140+
accessKeyId: 'key',
141+
secretAccessKey: 'secret',
142+
// This is not allowed according to the `.d.ts` contract, but it can happen in reality
143+
expiration: null as any,
144+
})).toEqual(false);
145+
});
146+
117147
function mockCredentialFunction(p: CredentialProviderSource['getProvider']) {
118148
mockCredentialPlugin({
119149
name: 'test',

version.v2.json

+2-2
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
11
{
2-
"version": "2.173.1",
3-
"alphaVersion": "2.173.1-alpha.0"
2+
"version": "2.173.2",
3+
"alphaVersion": "2.173.2-alpha.0"
44
}

0 commit comments

Comments
 (0)