Skip to content

Commit 607ec61

Browse files
rapgawsrapgaws
committed
Merge branch 'cdk_bump' into 'main'
Updated several dependencies for security findings See merge request observability-bd-projects/one-observability-demo!115
2 parents a2bea12 + 0a0cb5d commit 607ec61

File tree

13 files changed

+552
-3162
lines changed

13 files changed

+552
-3162
lines changed

PetAdoptions/cdk/pet_stack/lib/services.ts

Lines changed: 10 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -128,9 +128,10 @@ export class Services extends Stack {
128128
}
129129

130130
const auroraCluster = new rds.ServerlessCluster(this, 'Database', {
131-
engine: rds.DatabaseClusterEngine.auroraPostgres({ version: rds.AuroraPostgresEngineVersion.VER_10_18 }),
131+
132+
engine: rds.DatabaseClusterEngine.auroraPostgres({ version: rds.AuroraPostgresEngineVersion.VER_13_9 }),
132133

133-
parameterGroup: rds.ParameterGroup.fromParameterGroupName(this, 'ParameterGroup', 'default.aurora-postgresql10'),
134+
parameterGroup: rds.ParameterGroup.fromParameterGroupName(this, 'ParameterGroup', 'default.aurora-postgresql13'),
134135
vpc: theVPC,
135136
securityGroups: [rdssecuritygroup],
136137
defaultDatabaseName: 'adoptions',
@@ -473,7 +474,13 @@ export class Services extends Stack {
473474
instanceType: "t2.micro",
474475
name: "observabilityworkshop",
475476
subnetId: theVPC.privateSubnets[0].subnetId,
476-
connectionType: 'CONNECT_SSM'
477+
connectionType: 'CONNECT_SSM',
478+
repositories: [
479+
{
480+
repositoryUrl: "https://github.com/aws-samples/one-observability-demo.git",
481+
pathComponent: "workshopfiles/one-observability-demo"
482+
}
483+
]
477484
});
478485

479486
c9role = new iam.Role(this,'cloud9InstanceRole', {

PetAdoptions/cdk/pet_stack/package.json

Lines changed: 13 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -12,24 +12,23 @@
1212
"cdk": "cdk"
1313
},
1414
"devDependencies": {
15-
"@aws-cdk/assert": "2.12.0",
16-
"@types/jest": "^27.4.0",
17-
"@types/node": "^17.0.18",
18-
"aws-cdk": "2.12.0",
19-
"constructs": "^10.0.63",
20-
"ts-jest": "^27.1.3",
21-
"ts-node": "^10.5.0",
15+
"@aws-cdk/assert": "2.68.0",
16+
"@types/jest": "^29.5.2",
17+
"@types/node": "^20.2.5",
18+
"aws-cdk": "2.82.0",
19+
"constructs": "^10.2.43",
20+
"ts-jest": "^29.1.0",
21+
"ts-node": "^10.9.1",
2222
"ts-replace-all": "1.0.0",
23-
"typescript": "^4.5.5",
24-
"cdk-nag": "^2.12.22"
23+
"typescript": "^5.1.3",
24+
"cdk-nag": "^2.27.28"
2525
},
2626
"dependencies": {
27-
"@aws-cdk/aws-lambda-python-alpha": "^2.20.0-alpha.0",
27+
"@aws-cdk/aws-lambda-python-alpha": "^2.82.0-alpha.0",
2828
"@types/js-yaml": "4.0.5",
29-
"aws-cdk-dynamodb-seeder": "^1.2.1",
30-
"aws-cdk-lib": "^2.20.0",
31-
"cdk-ecr-deployment": "^2.5.5",
32-
"jest": "^27.5.1",
29+
"aws-cdk-lib": "^2.82.0",
30+
"cdk-ecr-deployment": "^2.5.6",
31+
"jest": "^29.5.0",
3332
"js-yaml": "^4.1.0",
3433
"source-map-support": "^0.5.21"
3534
}

PetAdoptions/cdk/pet_stack/resources/event-demos/riv-cop301-2022/ecs-api/go.mod

Lines changed: 34 additions & 70 deletions
Original file line numberDiff line numberDiff line change
@@ -1,84 +1,48 @@
11
module api
22

3-
go 1.18
3+
go 1.20
44

55
require (
6+
github.com/aws/aws-sdk-go v1.44.276
67
github.com/gorilla/mux v1.8.0
7-
github.com/prometheus/client_golang v1.13.1
8-
go.opentelemetry.io/contrib/detectors/aws/eks v1.11.1
9-
go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux v0.36.4
10-
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.36.4
11-
go.opentelemetry.io/contrib/propagators/aws v1.11.1
12-
go.opentelemetry.io/otel v1.11.1
13-
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.11.1
14-
go.opentelemetry.io/otel/sdk v1.11.1
8+
github.com/prometheus/client_golang v1.15.1
9+
github.com/rs/cors v1.9.0
10+
go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux v0.42.0
11+
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.42.0
12+
go.opentelemetry.io/contrib/propagators/aws v1.17.0
13+
go.opentelemetry.io/otel v1.16.0
14+
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.16.0
15+
go.opentelemetry.io/otel/sdk v1.16.0
16+
go.opentelemetry.io/otel/trace v1.16.0
17+
go.uber.org/zap v1.24.0
1518
)
1619

1720
require (
18-
github.com/PuerkitoBio/purell v1.1.1 // indirect
19-
github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect
20-
github.com/aws/aws-sdk-go v1.44.118 // indirect
21-
github.com/aws/aws-sdk-go-v2 v1.17.1 // indirect
22-
github.com/aws/smithy-go v1.13.4 // indirect
2321
github.com/beorn7/perks v1.0.1 // indirect
24-
github.com/cenkalti/backoff/v4 v4.1.3 // indirect
25-
github.com/cespare/xxhash/v2 v2.1.2 // indirect
26-
github.com/davecgh/go-spew v1.1.1 // indirect
27-
github.com/emicklei/go-restful/v3 v3.8.0 // indirect
22+
github.com/cenkalti/backoff/v4 v4.2.1 // indirect
23+
github.com/cespare/xxhash/v2 v2.2.0 // indirect
2824
github.com/felixge/httpsnoop v1.0.3 // indirect
29-
github.com/go-logr/logr v1.2.3 // indirect
25+
github.com/go-logr/logr v1.2.4 // indirect
3026
github.com/go-logr/stdr v1.2.2 // indirect
31-
github.com/go-openapi/jsonpointer v0.19.5 // indirect
32-
github.com/go-openapi/jsonreference v0.19.5 // indirect
33-
github.com/go-openapi/swag v0.19.14 // indirect
34-
github.com/gogo/protobuf v1.3.2 // indirect
35-
github.com/golang/protobuf v1.5.2 // indirect
36-
github.com/google/gnostic v0.5.7-v3refs // indirect
37-
github.com/google/gofuzz v1.1.0 // indirect
38-
github.com/grpc-ecosystem/grpc-gateway/v2 v2.7.0 // indirect
27+
github.com/golang/protobuf v1.5.3 // indirect
28+
github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0 // indirect
3929
github.com/jmespath/go-jmespath v0.4.0 // indirect
40-
github.com/josharian/intern v1.0.0 // indirect
41-
github.com/json-iterator/go v1.1.12 // indirect
42-
github.com/mailru/easyjson v0.7.6 // indirect
43-
github.com/matttproud/golang_protobuf_extensions v1.0.1 // indirect
44-
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
45-
github.com/modern-go/reflect2 v1.0.2 // indirect
46-
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
47-
github.com/prometheus/client_model v0.2.0 // indirect
48-
github.com/prometheus/common v0.37.0 // indirect
49-
github.com/prometheus/procfs v0.8.0 // indirect
50-
github.com/rs/cors v1.8.2 // indirect
51-
go.opentelemetry.io/contrib/detectors/aws/ec2 v1.11.1 // indirect
52-
go.opentelemetry.io/contrib/detectors/aws/ecs v1.11.1 // indirect
53-
go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.11.1 // indirect
54-
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.11.1 // indirect
55-
go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.11.1 // indirect
56-
go.opentelemetry.io/otel/metric v0.33.0 // indirect
57-
go.opentelemetry.io/otel/trace v1.11.1 // indirect
30+
github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
31+
github.com/prometheus/client_model v0.4.0 // indirect
32+
github.com/prometheus/common v0.44.0 // indirect
33+
github.com/prometheus/procfs v0.10.1 // indirect
34+
go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.16.0 // indirect
35+
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.16.0 // indirect
36+
go.opentelemetry.io/otel/metric v1.16.0 // indirect
5837
go.opentelemetry.io/proto/otlp v0.19.0 // indirect
59-
go.uber.org/atomic v1.10.0 // indirect
60-
go.uber.org/multierr v1.8.0 // indirect
61-
go.uber.org/zap v1.23.0 // indirect
62-
golang.org/x/net v0.0.0-20220722155237-a158d28d115b // indirect
63-
golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b // indirect
64-
golang.org/x/sys v0.0.0-20220919091848-fb04ddd9f9c8 // indirect
65-
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 // indirect
66-
golang.org/x/text v0.3.7 // indirect
67-
golang.org/x/time v0.0.0-20220210224613-90d013bbcef8 // indirect
68-
google.golang.org/appengine v1.6.7 // indirect
69-
google.golang.org/genproto v0.0.0-20211118181313-81c1377c94b1 // indirect
70-
google.golang.org/grpc v1.50.1 // indirect
71-
google.golang.org/protobuf v1.28.1 // indirect
72-
gopkg.in/inf.v0 v0.9.1 // indirect
73-
gopkg.in/yaml.v2 v2.4.0 // indirect
74-
gopkg.in/yaml.v3 v3.0.1 // indirect
75-
k8s.io/api v0.25.3 // indirect
76-
k8s.io/apimachinery v0.25.3 // indirect
77-
k8s.io/client-go v0.25.3 // indirect
78-
k8s.io/klog/v2 v2.70.1 // indirect
79-
k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1 // indirect
80-
k8s.io/utils v0.0.0-20220728103510-ee6ede2d64ed // indirect
81-
sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect
82-
sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
83-
sigs.k8s.io/yaml v1.2.0 // indirect
38+
go.uber.org/atomic v1.11.0 // indirect
39+
go.uber.org/multierr v1.11.0 // indirect
40+
golang.org/x/net v0.10.0 // indirect
41+
golang.org/x/sys v0.8.0 // indirect
42+
golang.org/x/text v0.9.0 // indirect
43+
google.golang.org/genproto v0.0.0-20230530153820-e85fd2cbaebc // indirect
44+
google.golang.org/genproto/googleapis/api v0.0.0-20230530153820-e85fd2cbaebc // indirect
45+
google.golang.org/genproto/googleapis/rpc v0.0.0-20230530153820-e85fd2cbaebc // indirect
46+
google.golang.org/grpc v1.55.0 // indirect
47+
google.golang.org/protobuf v1.30.0 // indirect
8448
)

0 commit comments

Comments
 (0)