-
Notifications
You must be signed in to change notification settings - Fork 22
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
ec20b08
commit 741e007
Showing
16 changed files
with
2,569 additions
and
9,067 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,21 +1,34 @@ | ||
# Change Log | ||
|
||
All notable changes to this project will be documented in this file. | ||
|
||
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), | ||
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). | ||
|
||
## [1.0.3] - 2023-10-27 | ||
|
||
### Changed | ||
|
||
- Library updates to address [Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code](https://nvd.nist.gov/vuln/detail/CVE-2023-45133) | ||
- Library updates to address [xml2js vulnerable to improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')](https://nvd.nist.gov/vuln/detail/CVE-2023-0842) | ||
|
||
## [1.0.2] - 2022-12-19 | ||
### Updated | ||
|
||
### Changed | ||
|
||
- Name change to Firewall Automation for Network Traffic on AWS | ||
- Upgrade to CDK v2 | ||
- Fix NPM security warnings | ||
- Fix SonarQube bugs and increase unit test coverage | ||
|
||
## [1.0.1] - 2021-04-10 | ||
### Updated | ||
- Updated default branch name to 'main'. [Change branch settings in your | ||
existing AWS CodeCommit repository.](https://docs.aws.amazon.com/codecommit/latest/userguide/how-to-change-branch.html) | ||
|
||
### Changed | ||
|
||
- Updated default branch name to 'main'. [Change branch settings in your existing AWS CodeCommit repository.](https://docs.aws.amazon.com/codecommit/latest/userguide/how-to-change-branch.html) | ||
|
||
## [1.0.0] - 2021-02-24 | ||
|
||
### Added | ||
|
||
- New solution AWS Network Firewall Deployment Automations for AWS Transit Gateway, initial version |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,4 @@ | ||
## Code of Conduct | ||
This project has adopted the [Amazon Open Source Code of Conduct](https://aws.github.io/code-of-conduct). | ||
For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq) or contact | ||
[email protected] with any additional questions or comments. | ||
[email protected] with any additional questions or comments. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -23,19 +23,18 @@ reported the issue. Please try to include as much information as you can. Detail | |
## Contributing via Pull Requests | ||
Contributions via pull requests are much appreciated. Before sending us a pull request, please ensure that: | ||
|
||
1. You are working against the latest source on the *master* branch. | ||
1. You are working against the latest source on the *main* branch. | ||
2. You check existing open, and recently merged, pull requests to make sure someone else hasn't addressed the problem already. | ||
3. You open an issue to discuss any significant work - we would hate for your time to be wasted. | ||
|
||
To send us a pull request, please: | ||
|
||
1. Fork the repository. | ||
2. Modify the source; please focus on the specific change you are contributing. If you also reformat all the code, it will be hard for us to focus on your change. | ||
3. Ensure all build processes execute successfully (see README.md for additional guidance). | ||
4. Ensure all unit, integration, and/or snapshot tests pass, as applicable. | ||
5. Commit to your fork using clear commit messages. | ||
6. Send us a pull request, answering any default questions in the pull request interface. | ||
7. Pay attention to any automated CI failures reported in the pull request, and stay involved in the conversation. | ||
3. Ensure local tests pass. | ||
4. Commit to your fork using clear commit messages. | ||
5. Send us a pull request, answering any default questions in the pull request interface. | ||
6. Pay attention to any automated CI failures reported in the pull request, and stay involved in the conversation. | ||
|
||
GitHub provides additional document on [forking a repository](https://help.github.com/articles/fork-a-repo/) and | ||
[creating a pull request](https://help.github.com/articles/creating-a-pull-request/). | ||
|
@@ -52,11 +51,11 @@ [email protected] with any additional questions or comments. | |
|
||
|
||
## Security issue notifications | ||
If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/). Please do **not** create a public GitHub issue. | ||
If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/). Please do **not** create a public github issue. | ||
|
||
|
||
## Licensing | ||
|
||
See the [LICENSE](https://github.com/aws-solutions/firewall-automation-for-network-traffic-on-aws/blob/master/LICENSE) file for our project's licensing. We will ask you to confirm the licensing of your contribution. | ||
See the [LICENSE](https://github.com/aws-solutions/firewall-automation-for-network-traffic-on-aws/blob/main/LICENSE.txt) file for our project's licensing. We will ask you to confirm the licensing of your contribution. | ||
|
||
We may ask you to sign a [Contributor License Agreement (CLA)](http://en.wikipedia.org/wiki/Contributor_License_Agreement) for larger changes. | ||
We may ask you to sign a [Contributor License Agreement (CLA)](http://en.wikipedia.org/wiki/Contributor_License_Agreement) for larger changes. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,77 @@ | ||
#!/bin/bash | ||
# | ||
# This script runs all tests for the root CDK project, as well as any microservices, Lambda functions, or dependency | ||
# source code packages. These include unit tests, integration tests, and snapshot tests. | ||
# | ||
# This script is called by the ../initialize-repo.sh file and the buildspec.yml file. It is important that this script | ||
# be tested and validated to ensure that all available test fixtures are run. | ||
# | ||
# The if/then blocks are for error handling. They will cause the script to stop executing if an error is thrown from the | ||
# node process running the test case(s). Removing them or not using them for additional calls with result in the | ||
# script continuing to execute despite an error being thrown. | ||
|
||
[ "$DEBUG" == 'true' ] && set -x | ||
set -e | ||
|
||
prepare_jest_coverage_report() { | ||
local component_name=$1 | ||
|
||
# prepare coverage reports | ||
rm -fr coverage/lcov-report | ||
mkdir -p $coverage_reports_top_path/jest | ||
coverage_report_path=$coverage_reports_top_path/jest/$component_name | ||
rm -fr $coverage_report_path | ||
mv coverage $coverage_report_path | ||
} | ||
|
||
run_javascript_test() { | ||
local component_path=$1 | ||
local component_name=$2 | ||
|
||
echo "------------------------------------------------------------------------------" | ||
echo "[Test] Run javascript unit test with coverage" | ||
echo "------------------------------------------------------------------------------" | ||
echo "cd $component_path" | ||
cd $component_path | ||
|
||
# run unittest | ||
npm run test | ||
|
||
# prepare coverage reports | ||
prepare_jest_coverage_report $component_name | ||
} | ||
|
||
run_cdk_project_test() { | ||
local component_path=$1 | ||
local component_name=solutions-constructs | ||
echo "------------------------------------------------------------------------------" | ||
echo "[Test] $component_name" | ||
echo "------------------------------------------------------------------------------" | ||
cd $component_path | ||
|
||
npm install | ||
npm run build | ||
|
||
## Option to suppress the Override Warning messages while synthesizing using CDK | ||
# export overrideWarningsEnabled=false | ||
|
||
npm run test -- -u | ||
|
||
# prepare coverage reports | ||
prepare_jest_coverage_report $component_name | ||
} | ||
|
||
# Run unit tests | ||
echo "Running unit tests" | ||
|
||
# Get reference for source folder | ||
source_dir="$(cd $PWD/../source; pwd -P)" | ||
coverage_reports_top_path=$source_dir/test/coverage-reports | ||
|
||
#Run the npm install for the lambda projects | ||
run_javascript_test $source_dir/networkFirewallAutomation networkFirewallAutomation | ||
|
||
run_cdk_project_test $source_dir | ||
|
||
# Return to the source/ level | ||
cd $source_dir |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
--- | ||
id: SO0108 # Solution Id | ||
name: firewall-automation-for-network-traffic-on-aws # trademarked name | ||
version: v1.0.3 # current version of the solution. Used to verify template headers | ||
cloudformation_templates: # This list should match with AWS CloudFormation templates section of IG | ||
- template: firewall-automation-for-network-traffic-on-aws.template | ||
main_template: true | ||
build_environment: | ||
build_image: 'aws/codebuild/standard:7.0' # Options include: 'aws/codebuild/standard:5.0','aws/codebuild/standard:6.0','aws/codebuild/standard:7.0','aws/codebuild/amazonlinux2-x86_64-standard:4.0','aws/codebuild/amazonlinux2-x86_64-standard:5.0' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.