chore(merge-back): 2.209.1 #35165
Merged
chore(merge-back): 2.209.1 #35165
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…5162) ### Issue # (if applicable) Closes #<issue number here>. ### Reason for this change #35148 and #35141 introduced a regression where the ECR public login doesn't happen anymore. ### Description of changes Fixed the logic responsible for running the helm commands. ### Describe any new or updated permissions being added ### Description of how you validated changes I ran one of the integ tests and verified it pulled the image correctly. I did not run all integ tests because it will take ages and they validate the same thing. ``` 2025-08-05T23:22:50.758Z INIT_START Runtime Version: python:3.11.v83 Runtime Version ARN: arn:aws:lambda:us-east-1::runtime:26afe95b80f712a3037463ff3166f54bef5aa010c870d7110cc2ce1e1233a3d5 2025-08-05T23:22:51.049Z START RequestId: 562fefdc-2c7f-4a89-9c1f-4801c2acdf8d Version: $LATEST 2025-08-05T23:22:51.050Z {"RequestType": "Create", "ServiceToken": "arn:aws:lambda:us-east-1:101763738007:function:MainStack3-awscdkawseksKu-ProviderframeworkonEvent-YtQLVleHIrAc", "ResponseURL": "...", "StackId": "arn:aws:cloudformation:us-east-1:101763738007:stack/MainStack3/78c14e90-7250-11f0-81f1-12f4a2696929", "RequestId": "1afdaae0-52fd-438e-9ca7-8152efd452ff", "LogicalResourceId": "TestClustercharttestocichartEE30CE0E", "ResourceType": "Custom::AWSCDK-EKS-HelmChart", "ResourceProperties": {"ServiceToken": "arn:aws:lambda:us-east-1:101763738007:function:MainStack3-awscdkawseksKu-ProviderframeworkonEvent-YtQLVleHIrAc", "Repository": "oci://public.ecr.aws/aws-controllers-k8s/s3-chart", "Version": "v0.1.0", "Values": "{\"aws\":{\"region\":\"us-east-1\"}}", "ClusterName": "TestCluster9D2C7838-8025b4a536c843d0a5fcbbe485dea518", "RoleArn": "arn:aws:iam::101763738007:role/MainStack3-TestClusterCreationRoleD7A0855A-UEouULUR9ywj", "Release": "s3-chart", "Chart": "s3-chart", "Namespace": "ack-system", "CreateNamespace": "true"}} 2025-08-05T23:22:51.050Z [INFO] 2025-08-05T23:22:51.050Z 562fefdc-2c7f-4a89-9c1f-4801c2acdf8d {"RequestType": "Create", "ServiceToken": "arn:aws:lambda:us-east-1:101763738007:function:MainStack3-awscdkawseksKu-ProviderframeworkonEvent-YtQLVleHIrAc", "ResponseURL": "...", "StackId": "arn:aws:cloudformation:us-east-1:101763738007:stack/MainStack3/78c14e90-7250-11f0-81f1-12f4a2696929", "RequestId": "1afdaae0-52fd-438e-9ca7-8152efd452ff", "LogicalResourceId": "TestClustercharttestocichartEE30CE0E", "ResourceType": "Custom::AWSCDK-EKS-HelmChart", "ResourceProperties": {"ServiceToken": "arn:aws:lambda:us-east-1:101763738007:function:MainStack3-awscdkawseksKu-ProviderframeworkonEvent-YtQLVleHIrAc", "Repository": "oci://public.ecr.aws/aws-controllers-k8s/s3-chart", "Version": "v0.1.0", "Values": "{\"aws\":{\"region\":\"us-east-1\"}}", "ClusterName": "TestCluster9D2C7838-8025b4a536c843d0a5fcbbe485dea518", "RoleArn": "arn:aws:iam::101763738007:role/MainStack3-TestClusterCreationRoleD7A0855A-UEouULUR9ywj", "Release": "s3-chart", "Chart": "s3-chart", "Namespace": "ack-system", "CreateNamespace": "true"}} 2025-08-05T23:22:52.415Z Added new context arn:aws:eks:us-east-1:101763738007:cluster/TestCluster9D2C7838-8025b4a536c843d0a5fcbbe485dea518 to /tmp/kubeconfig 2025-08-05T23:22:52.588Z [INFO] 2025-08-05T23:22:52.588Z 562fefdc-2c7f-4a89-9c1f-4801c2acdf8d Found AWS public repository, will use default region as deployment 2025-08-05T23:22:52.648Z [INFO] 2025-08-05T23:22:52.647Z 562fefdc-2c7f-4a89-9c1f-4801c2acdf8d Running login command: ['aws', 'ecr-public', 'get-login-password', '--region', 'us-east-1'] 2025-08-05T23:22:52.648Z [INFO] 2025-08-05T23:22:52.648Z 562fefdc-2c7f-4a89-9c1f-4801c2acdf8d Running registry login command: ['helm', 'registry', 'login', '--username', 'AWS', '--password-stdin', 'public.ecr.aws'] 2025-08-05T23:22:54.544Z [INFO] 2025-08-05T23:22:54.544Z 562fefdc-2c7f-4a89-9c1f-4801c2acdf8d Running helm command: ['helm', 'pull', 'oci://public.ecr.aws/aws-controllers-k8s/s3-chart', '--version', 'v0.1.0', '--untar'] 2025-08-05T23:22:54.945Z [INFO] 2025-08-05T23:22:54.945Z 562fefdc-2c7f-4a89-9c1f-4801c2acdf8d Pulled: public.ecr.aws/aws-controllers-k8s/s3-chart:v0.1.0 Digest: sha256:cdf85524b1196fb6c4eef8df90c78f11450489e988c1792a9b3cd7330b0c72c9 2025-08-05T23:22:54.945Z [INFO] 2025-08-05T23:22:54.945Z 562fefdc-2c7f-4a89-9c1f-4801c2acdf8d Running command: ['helm', 'upgrade', 's3-chart', '/tmp/tmprl8kft5f/s3-chart', '--install', '--create-namespace', '--repo', 'oci://public.ecr.aws/aws-controllers-k8s/s3-chart', '--values', '/tmp/values.yaml', '--version', 'v0.1.0', '--namespace', 'ack-system', '--kubeconfig', '/tmp/kubeconfig'] 2025-08-05T23:22:56.836Z [INFO] 2025-08-05T23:22:56.836Z 562fefdc-2c7f-4a89-9c1f-4801c2acdf8d Release "s3-chart" does not exist. Installing it now. NAME: s3-chart LAST DEPLOYED: Tue Aug 5 23:22:56 2025 NAMESPACE: ack-system STATUS: deployed REVISION: 1 TEST SUITE: None NOTES: s3-chart has been installed. This chart deploys "public.ecr.aws/aws-controllers-k8s/s3-controller:v0.1.0". Check its status by running: kubectl --namespace ack-system get pods -l "app.kubernetes.io/instance=s3-chart" You are now able to create Amazon Simple Storage Service (S3) resources! The controller is running in "cluster" mode. The controller is configured to manage AWS resources in region: "us-east-1" Visit https://aws-controllers-k8s.github.io/community/reference/ for an API reference of all the resources that can be created using this controller. For more information on the AWS Controllers for Kubernetes (ACK) project, visit: https://aws-controllers-k8s.github.io/community/ 2025-08-05T23:22:56.838Z END RequestId: 562fefdc-2c7f-4a89-9c1f-4801c2acdf8d 2025-08-05T23:22:56.838Z REPORT RequestId: 562fefdc-2c7f-4a89-9c1f-4801c2acdf8d Duration: 5788.71 ms Billed Duration: 5789 ms Memory Size: 1024 MB Ma ``` ### Checklist - [X] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
### Issue # (if applicable) Closes #<issue number here>. ### Reason for this change #35148 and #35141 introduced a regression where the ECR public login doesn't happen anymore. ### Description of changes Fixed the logic responsible for running the helm commands. ### Describe any new or updated permissions being added ### Description of how you validated changes I ran one of the integ tests and verified it pulled the image correctly. I did not run all integ tests because it will take ages and they validate the same thing. ``` 2025-08-05T23:22:50.758Z INIT_START Runtime Version: python:3.11.v83 Runtime Version ARN: arn:aws:lambda:us-east-1::runtime:26afe95b80f712a3037463ff3166f54bef5aa010c870d7110cc2ce1e1233a3d5 2025-08-05T23:22:51.049Z START RequestId: 562fefdc-2c7f-4a89-9c1f-4801c2acdf8d Version: $LATEST 2025-08-05T23:22:51.050Z {"RequestType": "Create", "ServiceToken": "arn:aws:lambda:us-east-1:101763738007:function:MainStack3-awscdkawseksKu-ProviderframeworkonEvent-YtQLVleHIrAc", "ResponseURL": "...", "StackId": "arn:aws:cloudformation:us-east-1:101763738007:stack/MainStack3/78c14e90-7250-11f0-81f1-12f4a2696929", "RequestId": "1afdaae0-52fd-438e-9ca7-8152efd452ff", "LogicalResourceId": "TestClustercharttestocichartEE30CE0E", "ResourceType": "Custom::AWSCDK-EKS-HelmChart", "ResourceProperties": {"ServiceToken": "arn:aws:lambda:us-east-1:101763738007:function:MainStack3-awscdkawseksKu-ProviderframeworkonEvent-YtQLVleHIrAc", "Repository": "oci://public.ecr.aws/aws-controllers-k8s/s3-chart", "Version": "v0.1.0", "Values": "{\"aws\":{\"region\":\"us-east-1\"}}", "ClusterName": "TestCluster9D2C7838-8025b4a536c843d0a5fcbbe485dea518", "RoleArn": "arn:aws:iam::101763738007:role/MainStack3-TestClusterCreationRoleD7A0855A-UEouULUR9ywj", "Release": "s3-chart", "Chart": "s3-chart", "Namespace": "ack-system", "CreateNamespace": "true"}} 2025-08-05T23:22:51.050Z [INFO] 2025-08-05T23:22:51.050Z 562fefdc-2c7f-4a89-9c1f-4801c2acdf8d {"RequestType": "Create", "ServiceToken": "arn:aws:lambda:us-east-1:101763738007:function:MainStack3-awscdkawseksKu-ProviderframeworkonEvent-YtQLVleHIrAc", "ResponseURL": "...", "StackId": "arn:aws:cloudformation:us-east-1:101763738007:stack/MainStack3/78c14e90-7250-11f0-81f1-12f4a2696929", "RequestId": "1afdaae0-52fd-438e-9ca7-8152efd452ff", "LogicalResourceId": "TestClustercharttestocichartEE30CE0E", "ResourceType": "Custom::AWSCDK-EKS-HelmChart", "ResourceProperties": {"ServiceToken": "arn:aws:lambda:us-east-1:101763738007:function:MainStack3-awscdkawseksKu-ProviderframeworkonEvent-YtQLVleHIrAc", "Repository": "oci://public.ecr.aws/aws-controllers-k8s/s3-chart", "Version": "v0.1.0", "Values": "{\"aws\":{\"region\":\"us-east-1\"}}", "ClusterName": "TestCluster9D2C7838-8025b4a536c843d0a5fcbbe485dea518", "RoleArn": "arn:aws:iam::101763738007:role/MainStack3-TestClusterCreationRoleD7A0855A-UEouULUR9ywj", "Release": "s3-chart", "Chart": "s3-chart", "Namespace": "ack-system", "CreateNamespace": "true"}} 2025-08-05T23:22:52.415Z Added new context arn:aws:eks:us-east-1:101763738007:cluster/TestCluster9D2C7838-8025b4a536c843d0a5fcbbe485dea518 to /tmp/kubeconfig 2025-08-05T23:22:52.588Z [INFO] 2025-08-05T23:22:52.588Z 562fefdc-2c7f-4a89-9c1f-4801c2acdf8d Found AWS public repository, will use default region as deployment 2025-08-05T23:22:52.648Z [INFO] 2025-08-05T23:22:52.647Z 562fefdc-2c7f-4a89-9c1f-4801c2acdf8d Running login command: ['aws', 'ecr-public', 'get-login-password', '--region', 'us-east-1'] 2025-08-05T23:22:52.648Z [INFO] 2025-08-05T23:22:52.648Z 562fefdc-2c7f-4a89-9c1f-4801c2acdf8d Running registry login command: ['helm', 'registry', 'login', '--username', 'AWS', '--password-stdin', 'public.ecr.aws'] 2025-08-05T23:22:54.544Z [INFO] 2025-08-05T23:22:54.544Z 562fefdc-2c7f-4a89-9c1f-4801c2acdf8d Running helm command: ['helm', 'pull', 'oci://public.ecr.aws/aws-controllers-k8s/s3-chart', '--version', 'v0.1.0', '--untar'] 2025-08-05T23:22:54.945Z [INFO] 2025-08-05T23:22:54.945Z 562fefdc-2c7f-4a89-9c1f-4801c2acdf8d Pulled: public.ecr.aws/aws-controllers-k8s/s3-chart:v0.1.0 Digest: sha256:cdf85524b1196fb6c4eef8df90c78f11450489e988c1792a9b3cd7330b0c72c9 2025-08-05T23:22:54.945Z [INFO] 2025-08-05T23:22:54.945Z 562fefdc-2c7f-4a89-9c1f-4801c2acdf8d Running command: ['helm', 'upgrade', 's3-chart', '/tmp/tmprl8kft5f/s3-chart', '--install', '--create-namespace', '--repo', 'oci://public.ecr.aws/aws-controllers-k8s/s3-chart', '--values', '/tmp/values.yaml', '--version', 'v0.1.0', '--namespace', 'ack-system', '--kubeconfig', '/tmp/kubeconfig'] 2025-08-05T23:22:56.836Z [INFO] 2025-08-05T23:22:56.836Z 562fefdc-2c7f-4a89-9c1f-4801c2acdf8d Release "s3-chart" does not exist. Installing it now. NAME: s3-chart LAST DEPLOYED: Tue Aug 5 23:22:56 2025 NAMESPACE: ack-system STATUS: deployed REVISION: 1 TEST SUITE: None NOTES: s3-chart has been installed. This chart deploys "public.ecr.aws/aws-controllers-k8s/s3-controller:v0.1.0". Check its status by running: kubectl --namespace ack-system get pods -l "app.kubernetes.io/instance=s3-chart" You are now able to create Amazon Simple Storage Service (S3) resources! The controller is running in "cluster" mode. The controller is configured to manage AWS resources in region: "us-east-1" Visit https://aws-controllers-k8s.github.io/community/reference/ for an API reference of all the resources that can be created using this controller. For more information on the AWS Controllers for Kubernetes (ACK) project, visit: https://aws-controllers-k8s.github.io/community/ 2025-08-05T23:22:56.838Z END RequestId: 562fefdc-2c7f-4a89-9c1f-4801c2acdf8d 2025-08-05T23:22:56.838Z REPORT RequestId: 562fefdc-2c7f-4a89-9c1f-4801c2acdf8d Duration: 5788.71 ms Billed Duration: 5789 ms Memory Size: 1024 MB Ma ``` ### Checklist - [X] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
See CHANGELOG
aws-cdk-automation
added
auto-approve
pr/no-squash
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
aws-cdk-automation
added
the
pr/needs-maintainer-review
|
Thank you for contributing! Your pull request will be automatically updated and merged without squashing (do not update manually, and be sure to allow changes to be pushed to your fork). |
|
Thank you for contributing! Your pull request will be automatically updated and merged without squashing (do not update manually, and be sure to allow changes to be pushed to your fork). |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
|
Comments on closed issues and PRs are hard for our team to see. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
3 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See CHANGELOG