diff --git a/CHANGELOG.md b/CHANGELOG.md index c483318e..e7bc7a2b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,7 +3,9 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). - +## [6.1.1] - 2023-4-17 +### Changed +- Updated object ownership configuration on the CloudFormation logging bucket ## [6.1.0] - 2023-2-27 ### Changed - Added region name and account ID to AppRegistry Application name diff --git a/buildspec.yml b/buildspec.yml index 70b29fdd..911d02aa 100644 --- a/buildspec.yml +++ b/buildspec.yml @@ -3,8 +3,8 @@ version: 0.2 phases: install: runtime-versions: - nodejs: 14 - python: 3.8 + nodejs: 16 + python: 3.10 pre_build: commands: - echo "Installing dependencies and executing unit tests - `pwd`" diff --git a/deployment/build-open-source-dist.sh b/deployment/build-open-source-dist.sh new file mode 100644 index 00000000..6a480122 --- /dev/null +++ b/deployment/build-open-source-dist.sh @@ -0,0 +1,79 @@ +#!/bin/bash +# +# This assumes all of the OS-level configuration has been completed and git repo has already been cloned +# +# This script should be run from the repo's deployment directory +# cd deployment +# ./build-open-source-dist.sh solution-name +# +# Parameters: +# - solution-name: name of the solution for consistency + +# Check to see if input has been provided: +if [ -z "$1" ]; then + echo "Please provide the trademark approved solution name for the open source package." + echo "For example: ./build-open-source-dist.sh trademarked-solution-name" + exit 1 +fi + +# Get reference for all important folders +source_template_dir="$PWD" +dist_dir="$source_template_dir/open-source" +dist_template_dir="$dist_dir/deployment" +source_dir="$source_template_dir/../source" + +echo "------------------------------------------------------------------------------" +echo "Building open-source folder" +echo "------------------------------------------------------------------------------" +rm -rf $dist_dir +mkdir -p $dist_dir +mkdir -p $dist_template_dir + +echo "------------------------------------------------------------------------------" +echo "Copying Deployment Folder" +echo "------------------------------------------------------------------------------" +cp -v $source_template_dir/build-s3-dist.sh $dist_template_dir +cp -v $source_template_dir/run-unit-tests.sh $dist_template_dir +cp -vr $source_template_dir/cdk-solution-helper $dist_template_dir + +echo "------------------------------------------------------------------------------" +echo "Copying Source Folder" +echo "------------------------------------------------------------------------------" +cp -r $source_dir $dist_dir +cp $source_template_dir/../LICENSE.txt $dist_dir +cp $source_template_dir/../NOTICE.txt $dist_dir +cp $source_template_dir/../README.md $dist_dir +cp $source_template_dir/../CODE_OF_CONDUCT.md $dist_dir +cp $source_template_dir/../CONTRIBUTING.md $dist_dir +cp $source_template_dir/../CHANGELOG.md $dist_dir +cp $source_template_dir/../.gitignore $dist_dir + +echo "------------------------------------------------------------------------------" +echo "Copying Architecture Diagram and GitHub Templates" +echo "------------------------------------------------------------------------------" +cp -r $source_template_dir/assets/.github $dist_dir/ +cp $source_template_dir/assets/architecture.png $dist_dir/ + +echo "------------------------------------------------------------------------------" +echo "Removing Build Files From Open Source Packaging" +echo "------------------------------------------------------------------------------" +find $dist_dir -iname "dist" -type d -exec rm -r "{}" \; 2> /dev/null +find $dist_dir -iname "node_modules" -type d -exec rm -r "{}" \; 2> /dev/null +find $dist_dir -name "package-lock.json" -type f -exec rm -r "{}" \; 2> /dev/null + +find $dist_dir -iname "pypackage" -type d -exec rm -r "{}" \; 2> /dev/null +find $dist_dir -iname "pytests" -type d -exec rm -r "{}" \; 2> /dev/null +find $dist_dir -iname "__pycache__" -type d -exec rm -r "{}" \; 2> /dev/null +find $dist_dir -iname "*.egg-info" -type d -exec rm -r "{}" \; 2> /dev/null +find $dist_dir -type f -name '*.pyc' -delete +rm $dist_dir/source/mediainfo/bin/mediainfo + +echo "------------------------------------------------------------------------------" +echo "Creating GitHub zip file" +echo "------------------------------------------------------------------------------" +cd $dist_dir +zip -q -r9 ../$1.zip * .github .gitignore +rm -rf * +rm -rf .github .gitignore +mv ../$1.zip . +echo "Completed building $1.zip" \ No newline at end of file diff --git a/source/cdk/cdk.json b/source/cdk/cdk.json index c88eaa72..623f2cfa 100644 --- a/source/cdk/cdk.json +++ b/source/cdk/cdk.json @@ -2,6 +2,7 @@ "app": "npx ts-node bin/vod.ts", "context": { "aws-cdk:enableDiffNoFail": "true", - "@aws-cdk/core:stackRelativeExports": "true" + "@aws-cdk/core:stackRelativeExports": "true", + "@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": true } } diff --git a/source/cdk/lib/vod-stack.ts b/source/cdk/lib/vod-stack.ts index b14c4d0c..76370539 100644 --- a/source/cdk/lib/vod-stack.ts +++ b/source/cdk/lib/vod-stack.ts @@ -181,7 +181,7 @@ export class VideoOnDemand extends cdk.Stack { * Logging bucket for S3 and CloudFront */ const logsBucket = new s3.Bucket(this, 'Logs', { - accessControl: s3.BucketAccessControl.LOG_DELIVERY_WRITE, + objectOwnership: s3.ObjectOwnership.OBJECT_WRITER, blockPublicAccess: new s3.BlockPublicAccess({ blockPublicAcls: true, blockPublicPolicy: true,