Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: guardian/cdk
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v6.2.3
Choose a base ref
...
head repository: guardian/cdk
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: main
Choose a head ref
Loading
Showing 340 changed files with 35,716 additions and 20,419 deletions.
8 changes: 8 additions & 0 deletions .changeset/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
# Changesets

Hello and welcome! This folder has been automatically generated by `@changesets/cli`, a build tool that works
with multi-package repos, or single-package repos to help you version and publish your code. You can
find the full documentation for it [in our repository](https://github.com/changesets/changesets)

We have a quick list of common questions to get you started engaging with this project in
[our documentation](https://github.com/changesets/changesets/blob/main/docs/common-questions.md)
10 changes: 10 additions & 0 deletions .changeset/config.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
{
"$schema": "https://unpkg.com/@changesets/config@2.3.1/schema.json",
"changelog": "@changesets/cli/changelog",
"commit": false,
"fixed": [],
"linked": [],
"access": "public",
"baseBranch": "main",
"ignore": []
}
25 changes: 24 additions & 1 deletion .eslintrc.js
Original file line number Diff line number Diff line change
@@ -10,12 +10,35 @@ module.exports = {
tsconfigRootDir: __dirname,
project: ["./tsconfig.eslint.json"],
},
plugins: ["@typescript-eslint", "custom-rules"],
plugins: ["@typescript-eslint", "custom-rules", "@guardian/tsdoc-required"],
rules: {
"@typescript-eslint/no-inferrable-types": 0,
"import/no-namespace": 2,
"custom-rules/valid-constructors": 2,
"custom-rules/experimental-classes": 0,
},
root: true,
ignorePatterns: ["**/*.js", "node_modules"],
overrides: [
{
files: ["src/bin/**"],
rules: {
"custom-rules/valid-constructors": 0,
},
},

// This rule is applied within `overrides` as it only applies to the `experimental` directory, and the rule's test.
{
files: ["src/experimental/**", "tools/eslint/rules/experimental-classes.test.ts"],
rules: {
"custom-rules/experimental-classes": 2,
},
},
{
files: ["src/patterns/**"], // Incremental rollout.
rules: {
"@guardian/tsdoc-required/tsdoc-required": 2,
}
}
],
};
12 changes: 9 additions & 3 deletions .github/PULL_REQUEST_TEMPLATE.md
Original file line number Diff line number Diff line change
@@ -1,14 +1,20 @@
## What does this change?
<!-- A PR should have enough detail to be understandable far in the future. e.g what is the problem/why is the change needed, how does it solve it and any questions or points of discussion. Prefer copying information from a Trello card over linking to it; the card may not always exist and reviewers may not have access to the board. -->

## Does this change require changes to existing projects or CDK CLI?
<!-- Consider whether this is something that will mean changes to projects that have already been migrated or to the CDK CLI tool. If changes are required, consider adding a checklist here and/or linking to related PRs --->

## How to test
<!-- Provide instructions to help others verify the change. This could take the form of "On PROD, do X and witness Y. On this branch, do X and witness Z. " -->
<!-- FYI you can use https://github.com/guardian/cdk-playground to test changes before publishing to NPM. -->

## How can we measure success?
<!-- Do you expect errors to decrease? Do you expect user journeys to be simplified? What can be used to prove this? A filtered view of logs or analytics, etc? -->

## Have we considered potential risks?
<!-- What are the potential risks and how can they be mitigated? Does an error require an alarm? Should user help, infosec, or legal be informed of this change? Is private information guarded? Do we need to add anything in the backlog? -->

## Checklist

- [ ] I have listed any breaking changes, along with a migration path [^1]
- [ ] I have updated the documentation as required for the described changes [^2]

[^1]: Consider whether this is something that will mean changes to projects that have already been migrated, or to the CDK CLI tool. If changes are required, consider adding a checklist here and/or linking to related PRs.
[^2]: If you are adding a new construct or pattern, has new documentation been added? If you are amending defaults or changing behaviour, are the existing docs still valid?
29 changes: 29 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -8,9 +8,38 @@ updates:
interval: 'weekly'
commit-message:
prefix: "chore(deps): "

- package-ecosystem: 'npm'
directory: '/'
schedule:
interval: 'weekly'
# somewhat arbitrary, this is to spread Dependabot PRs throughout the week to avoid Monday overload
day: "wednesday"
commit-message:
prefix: "chore(deps): "
# force the lockfile and package.json to be updated
versioning-strategy: increase

# Users of `@guardian/cdk` must be on the exact version of these dependencies.
# Any update to them in `package.json` should create a new major version of `@guardian/cdk`.
# New versions of these dependencies are published quite often. In the case of `constructs`, see https://github.com/aws/constructs/issues/970.
# In order to reduce the frequency of new major versions of `@guardian/cdk`, we'll manage these dependencies ourselves via `script/update-aws-cdk`.
ignore:
- dependency-name: "aws-cdk"
- dependency-name: "aws-cdk-lib"
- dependency-name: "constructs"

- package-ecosystem: 'npm'
directory: '/tools/integration-test'
schedule:
interval: 'weekly'
# somewhat arbitrary, this is to spread Dependabot PRs throughout the week to avoid Monday overload
day: "wednesday"
commit-message:
prefix: "chore(deps): "
# The version of AWS CDK libraries must match those from @guardian/cdk.
# We'd never be able to update them here independently, so just ignore them.
ignore:
- dependency-name: "aws-cdk"
- dependency-name: "aws-cdk-lib"
- dependency-name: "constructs"
64 changes: 43 additions & 21 deletions .github/workflows/cd.yaml
Original file line number Diff line number Diff line change
@@ -3,32 +3,54 @@ on:
push:
branches:
- main
workflow_dispatch:

jobs:
CD:
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [14.15.1]

permissions:
contents: write
id-token: write
pull-requests: write

steps:
- uses: actions/checkout@v2
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v2.1.5
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
- name: CD
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
# see https://github.com/tschaub/gh-pages/issues/345
run: |
git remote set-url origin https://git:${GITHUB_TOKEN}@github.com/${GITHUB_REPOSITORY}.git
./script/cd
- name: post-release
uses: guardian/actions-merge-release-changes-to-protected-branch@v1.0.0
node-version-file: ".nvmrc"
cache: npm

- name: Install
run: npm ci

- name: Build
run: npm run build

- name: Lint
run: npm run lint

- name: Test
run: npm run test

- name: Create Release Pull Request or Publish to npm
id: changesets
uses: changesets/action@v1
with:
# This action will raise a PR to edit package.json.
# PRs raised by the default `secrets.GITHUB_TOKEN` will not trigger CI,
# so we need to provide a different token.
publish: npx changeset publish
title: "🦋 Release package updates"
commit: "Bump package version"

env:
# This action will raise a PR to edit package.json and package-lock.json.
# PRs raised by the default `secrets.GITHUB_TOKEN` will not trigger CI, so we need to provide a different token.
# This is a PAT for the guardian-ci user.
# See https://docs.github.com/en/actions/reference/events-that-trigger-workflows#triggering-new-workflows-using-a-personal-access-token
github-token: ${{ secrets.GU_GUARDIAN_CI_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GU_GUARDIAN_CI_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}

- name: Release docs
if: (github.ref == 'refs/heads/main')
run: |
git remote set-url origin https://git:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git
npm run release:docs
14 changes: 14 additions & 0 deletions .github/workflows/ci-integration-test.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
name: Integration Tests
on:
pull_request:
workflow_dispatch:
jobs:
ProjectGeneration:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version-file: '.nvmrc'
cache: npm
- run: ./script/ci-project-generation
33 changes: 4 additions & 29 deletions .github/workflows/ci.yaml
Original file line number Diff line number Diff line change
@@ -3,37 +3,12 @@ on:
pull_request:
workflow_dispatch:
jobs:
# see https://github.com/marketplace/actions/semantic-pull-request
lint-PR:
runs-on: ubuntu-latest
steps:
- uses: amannn/action-semantic-pull-request@v3.4.0
with:
# When using "Squash and merge" on a PR with only one commit, GitHub
# will suggest using that commit message instead of the PR title for the
# merge commit, and it's easy to commit this by mistake. Enable this option
# to also validate the commit message for one commit PRs.
# https://github.com/amannn/action-semantic-pull-request
validateSingleCommit: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CI:
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [14.15.1]
steps:
- uses: actions/checkout@v2
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v2.1.5
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
node-version-file: ".nvmrc"
cache: npm
- run: ./script/ci
approve-and-merge:
runs-on: ubuntu-latest
needs: [CI]
steps:
- name: Validate, approve and merge release PRs
uses: guardian/actions-merge-release-changes-to-protected-branch@v1.0.0
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
36 changes: 36 additions & 0 deletions .github/workflows/stale.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
# Automatically mark any pull requests that have been inactive for 30 days as "Stale"
# then close them 3 days later if there is still no activity.
name: "Stale PR Handler"

on:
schedule:
# Check for Stale PRs every Monday to Thursday morning
# Don't check on Fridays as it wouldn't be very nice to have a bot mark your PR as Stale on Friday and then close it on Monday morning!
- cron: "0 6 * * MON-THU"

permissions:
pull-requests: write

jobs:
stale:
runs-on: ubuntu-latest
steps:
- uses: actions/stale@v9
id: stale
# Read about options here: https://github.com/actions/stale#all-options
with:
# never automatically mark issues as stale
days-before-issue-stale: -1

# Wait 30 days before marking a PR as stale
days-before-stale: 30
stale-pr-message: >
This PR is stale because it has been open 30 days with no activity.
Unless a comment is added or the “stale” label removed, this will be closed in 3 days
# Wait 3 days after a PR has been marked as stale before closing
days-before-close: 3
close-pr-message: This PR was closed because it has been stalled for 3 days with no activity.

# Ignore PR's raised by Dependabot
exempt-pr-labels: "dependencies"
34 changes: 34 additions & 0 deletions .github/workflows/update-aws-cdk.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
name: Update AWS CDK libraries
on:
schedule:
# At 10:00 on day-of-month 10.
# See https://crontab.guru/#0_10_10_*_*
- cron: '0 10 10 * *'

# Allows one to update the version of AWS CDK by simply starting the workflow, as opposed to manually running the update-aws-cdk script.
workflow_dispatch:
jobs:
update-aws-cdk:
# See https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
permissions:
contents: write # Allow pushing of a branch
pull-requests: write # Allow raising of a PR

runs-on: ubuntu-latest
name: Bump CDK versions
steps:
- uses: actions/checkout@v4
with:
ref: main
- uses: actions/setup-node@v4
with:
node-version-file: '.nvmrc'
cache: npm
- name: "AWS CDK update"
env:
# This action will raise a PR to edit package.json and package-lock.json.
# PRs raised by the default `secrets.GITHUB_TOKEN` will not trigger CI, so we need to provide a different token.
# This is a PAT for the guardian-ci user.
# See https://docs.github.com/en/actions/reference/events-that-trigger-workflows#triggering-new-workflows-using-a-personal-access-token
GITHUB_TOKEN: ${{ secrets.GU_GUARDIAN_CI_TOKEN }}
run: ./script/update-aws-cdk
4 changes: 4 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
# Generated / builds
lib
target
coverage
cdk

# IDEs
.idea
@@ -10,3 +12,5 @@ yarn-error.log
node_modules
# This repository currently uses npm over yarn due to some complications in releasing the library with yarn
yarn.lock

tsconfig.tsbuildinfo
2 changes: 1 addition & 1 deletion .nvmrc
Original file line number Diff line number Diff line change
@@ -1 +1 @@
14.15.1
v20.11.0
8 changes: 8 additions & 0 deletions .vscode/extensions.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
{
"recommendations": [
"esbenp.prettier-vscode",
"editorconfig.editorconfig",
"dbaeumer.vscode-eslint",
"stkb.rewrap",
]
}
Loading