Update to version v3.2.5 (#156)

kamyarz-aws · web-flow · commit 78caed5a07cd · 2024-01-18T17:26:30.000-05:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,12 +5,25 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [3.2.5] - 2024-01-11
+
+### Changed
+
+- Updated version of taurus image to 1.16.27
+- Updated Jmeter dependencies and taurus dependencis within the docker image to enhance the security of the docker image
+- Updated version of "@aws-solutions-constructs/aws-cloudfront-s3" from 2.46.0 to 2.48.0
+- Updated version of "@aws-cdk/aws-servicecatalogappregistry-alpha" from 2.108.0-alpha.0 to 2.121.1-alpha.0
+
+### Fixed
+
+- Bug fix to resolve issues with automatic plugins installation [#152](https://github.com/aws-solutions/distributed-load-testing-on-aws/issues/152)
+
 ## [3.2.4] - 2023-11-10
 
 ### Changed
 
-- Updating Lambda Runtimes to Use Node-18
-- Updated Version of Taurus image to 1.16.26
+- Updating lambda runtimes to use node-18
+- Updated version of taurus image to 1.16.26
 - Updated Jmeter dependencies and taurus dependencis within the docker image to enhance the security of the docker image
 
 ### Fixed
diff --git a/README.md b/README.md
@@ -91,7 +91,7 @@ export BUCKET_NAME=$BUCKET_PREFIX-$REGION # full bucket name where the code will
 export SOLUTION_NAME=my-solution-name
 export VERSION=my-version # version number for the customized code
 export PUBLIC_ECR_REGISTRY=public.ecr.aws/aws-solutions # replace with the container registry and image if you want to use a different container image
-export PUBLIC_ECR_TAG=v3.2.1 # replace with the container image tag if you want to use a different container image
+export PUBLIC_ECR_TAG=v3.2.5 # replace with the container image tag if you want to use a different container image
 ```
 
 - Build the distributable.
diff --git a/deployment/ecr/distributed-load-testing-on-aws-load-tester/Dockerfile b/deployment/ecr/distributed-load-testing-on-aws-load-tester/Dockerfile
@@ -1,4 +1,4 @@
-FROM blazemeter/taurus:1.16.26
+FROM blazemeter/taurus:1.16.27
 # taurus includes python and pip
 RUN /usr/bin/python3 -m pip install --upgrade pip
 RUN pip install --no-cache-dir awscli
@@ -28,7 +28,7 @@ RUN gem install activesupport -v 7.0.7.1
 # Replacing urllib3, Werkzeug and cryptography with more stable Versions to fix vulnerabilities
 RUN pip install urllib3==2.0.7
 RUN pip install Werkzeug==3.0.1
-RUN pip install cryptography==41.0.5
+RUN pip install cryptography==41.0.6
 RUN rm -rf /root/.bzt/python-packages/3.10.12/urllib3*
 RUN rm -rf /root/.bzt/python-packages/3.10.12/werkzeug*
 RUN rm -rf /root/.bzt/python-packages/3.10.12/cryptography*
diff --git a/deployment/ecr/distributed-load-testing-on-aws-load-tester/jar_updater.py b/deployment/ecr/distributed-load-testing-on-aws-load-tester/jar_updater.py
@@ -7,24 +7,33 @@
 
 
 """
-jar_updater.py updates json-smart, neo4j-java-driver, xalan to address CVEs on the taurus image. this is not DLT application code. 
+jar_updater.py updates following jar files to address CVEs on the taurus image. this is not DLT application code. 
 the script may be removed once taurus updates the libraries on the image.
 Affected Jmeter jars:
-    * json-smart v2.4.8 will be replaced with v2.4.9
+    * json-smart v2.4.8 will be replaced with v2.4.10
     * neo4j-java-driver v4.12.0 will be replaced with v5.14.0
-    * xalan v2.7.2 will be replaced with v2.7.3
+    * batik-script v1.14 will be replaced with v1.17
+    * batik-bridge v1.14 will be replaced with v1.17
+    * batik-transcoder v1.14 will be replaced with v1.17
+    * lets-plot-batik v2.2.1 will be replaced with 4.2.0
+
+Also jmeter plugins manager will be updated to v1.10 to address CVEs and cmdrunner will be updated to v2.3 to accomodate with plugins manager.
 """
 
 # these jars should be replaced with newer version in order to fix some vulnerabilities
 # component name and download link in https://repo1.maven.org/maven2/
 # These are Components with regards to JMETER
 JMETER_COMPONENTS = {
-    "json-smart": "net/minidev/json-smart/2.4.9/json-smart-2.4.9.jar",
+    "json-smart": "net/minidev/json-smart/2.4.10/json-smart-2.4.10.jar",
     "neo4j-java-driver": "org/neo4j/driver/neo4j-java-driver/5.14.0/neo4j-java-driver-5.14.0.jar",
-    "xalan": "xalan/xalan/2.7.3/xalan-2.7.3.jar",
+    "batik-script": "org/apache/xmlgraphics/batik-script/1.17/batik-script-1.17.jar",
+    "batik-bridge": "org/apache/xmlgraphics/batik-bridge/1.17/batik-bridge-1.17.jar",
+    "batik-transcoder": "org/apache/xmlgraphics/batik-transcoder/1.17/batik-transcoder-1.17.jar",
+    "lets-plot-batik":  "org/jetbrains/lets-plot/lets-plot-batik/4.2.0/lets-plot-batik-4.2.0.jar"
 }
-JMETER_VERSION = "5.4.3"
-
+JMETER_VERSION = "5.5"
+JMETER_PLUGINS_MANAGER_VERSION = "1.10"
+CMD_RUNNER_VERSION = "2.3"
 # To add other platform, and what to update, add affected components and version HERE
 
 def download(url, target_path):
@@ -45,11 +54,14 @@ def __init__(self, platform, version, affected_components=None):
         self.affected_components = affected_components
 
     def install_jmeter_plugins(self):
-        plugins_mgr_version = "1.10"
-        plugins_mgr_link = f'https://search.maven.org/remotecontent?filepath=kg/apc/jmeter-plugins-manager/{plugins_mgr_version}/jmeter-plugins-manager-{plugins_mgr_version}.jar'
+        plugins_mgr_link = f'https://search.maven.org/remotecontent?filepath=kg/apc/jmeter-plugins-manager/{JMETER_PLUGINS_MANAGER_VERSION}/jmeter-plugins-manager-{JMETER_PLUGINS_MANAGER_VERSION}.jar'
+        command_runner_link = f'https://search.maven.org/remotecontent?filepath=kg/apc/cmdrunner/{CMD_RUNNER_VERSION}/cmdrunner-{CMD_RUNNER_VERSION}.jar'
         plugins_mgr_name = os.path.basename(plugins_mgr_link)
+        command_runner_name = os.path.basename(command_runner_link)
         pm_installer_path = os.path.join(self.lib_dir, 'ext', plugins_mgr_name)
+        command_runner_path = os.path.join(self.lib_dir, command_runner_name)
         download(plugins_mgr_link, pm_installer_path)
+        download(command_runner_link, command_runner_path)
         self.obj._JMeter__install_plugins_manager(pm_installer_path)
         cleaner = JarCleaner(self.obj.log)
         cleaner.clean(os.path.join(self.lib_dir, 'ext'))
diff --git a/source/api-services/package.json b/source/api-services/package.json
@@ -1,6 +1,6 @@
 {
   "name": "api-services",
-  "version": "3.2.4",
+  "version": "3.2.5",
   "description": "REST API micro services",
   "repository": {
     "type": "git",
diff --git a/source/console/package.json b/source/console/package.json
@@ -1,6 +1,6 @@
 {
   "name": "distributed-load-testing-on-aws-ui",
-  "version": "3.2.4",
+  "version": "3.2.5",
   "private": true,
   "license": "Apache-2.0",
   "author": {
diff --git a/source/custom-resource/package.json b/source/custom-resource/package.json
@@ -1,6 +1,6 @@
 {
   "name": "custom-resource",
-  "version": "3.2.4",
+  "version": "3.2.5",
   "description": "cfn custom resources for distributed load testing on AWS workflow",
   "repository": {
     "type": "git",
diff --git a/source/infrastructure/package.json b/source/infrastructure/package.json
@@ -1,6 +1,6 @@
 {
   "name": "distributed-load-testing-on-aws-infrastructure",
-  "version": "3.2.4",
+  "version": "3.2.5",
   "author": {
     "name": "Amazon Web Services",
     "url": "https://aws.amazon.com/solutions"
@@ -18,8 +18,8 @@
     "cdk": "cdk"
   },
   "devDependencies": {
-    "@aws-solutions-constructs/aws-cloudfront-s3": "2.46.0",
-    "@aws-cdk/aws-servicecatalogappregistry-alpha": "2.108.0-alpha.0",
+    "@aws-solutions-constructs/aws-cloudfront-s3": "2.48.0",
+    "@aws-cdk/aws-servicecatalogappregistry-alpha": "2.121.1-alpha.0",
     "aws-cdk": "^2.96.2",
     "aws-cdk-lib": "^2.105.0",
     "constructs": "10.3.0",
diff --git a/source/infrastructure/test/__snapshots__/console.test.ts.snap b/source/infrastructure/test/__snapshots__/console.test.ts.snap
@@ -57,32 +57,50 @@ exports[`DLT API Test 1`] = `
                 ],
               },
               "Id": "DLTStackTestConsoleResourcesDLTCloudFrontToS3CloudFrontDistributionOrigin1AA2FCD06",
-              "S3OriginConfig": {
-                "OriginAccessIdentity": {
-                  "Fn::Join": [
-                    "",
-                    [
-                      "origin-access-identity/cloudfront/",
-                      {
-                        "Ref": "TestConsoleResourcesDLTCloudFrontToS3CloudFrontDistributionOrigin1S3OriginDB11D6D3",
-                      },
-                    ],
-                  ],
-                },
+              "OriginAccessControlId": {
+                "Fn::GetAtt": [
+                  "TestConsoleResourcesDLTCloudFrontToS3CloudFrontOac32BD357B",
+                  "Id",
+                ],
               },
+              "S3OriginConfig": {},
             },
           ],
         },
       },
       "Type": "AWS::CloudFront::Distribution",
     },
-    "TestConsoleResourcesDLTCloudFrontToS3CloudFrontDistributionOrigin1S3OriginDB11D6D3": {
+    "TestConsoleResourcesDLTCloudFrontToS3CloudFrontOac32BD357B": {
       "Properties": {
-        "CloudFrontOriginAccessIdentityConfig": {
-          "Comment": "Identity for DLTStackTestConsoleResourcesDLTCloudFrontToS3CloudFrontDistributionOrigin1AA2FCD06",
+        "OriginAccessControlConfig": {
+          "Description": "Origin access control provisioned by aws-cloudfront-s3",
+          "Name": {
+            "Fn::Join": [
+              "",
+              [
+                "aws-cloudfront-s3-DLTCtToS3-",
+                {
+                  "Fn::Select": [
+                    2,
+                    {
+                      "Fn::Split": [
+                        "/",
+                        {
+                          "Ref": "AWS::StackId",
+                        },
+                      ],
+                    },
+                  ],
+                },
+              ],
+            ],
+          },
+          "OriginAccessControlOriginType": "s3",
+          "SigningBehavior": "always",
+          "SigningProtocol": "sigv4",
         },
       },
-      "Type": "AWS::CloudFront::CloudFrontOriginAccessIdentity",
+      "Type": "AWS::CloudFront::OriginAccessControl",
     },
     "TestConsoleResourcesDLTCloudFrontToS3S3BucketAC4D9E17": {
       "DeletionPolicy": "Retain",
@@ -181,14 +199,28 @@ exports[`DLT API Test 1`] = `
             },
             {
               "Action": "s3:GetObject",
+              "Condition": {
+                "StringEquals": {
+                  "AWS:SourceArn": {
+                    "Fn::Join": [
+                      "",
+                      [
+                        "arn:aws:cloudfront::",
+                        {
+                          "Ref": "AWS::AccountId",
+                        },
+                        ":distribution/",
+                        {
+                          "Ref": "TestConsoleResourcesDLTCloudFrontToS3CloudFrontDistribution4534927E",
+                        },
+                      ],
+                    ],
+                  },
+                },
+              },
               "Effect": "Allow",
               "Principal": {
-                "CanonicalUser": {
-                  "Fn::GetAtt": [
-                    "TestConsoleResourcesDLTCloudFrontToS3CloudFrontDistributionOrigin1S3OriginDB11D6D3",
-                    "S3CanonicalUserId",
-                  ],
-                },
+                "Service": "cloudfront.amazonaws.com",
               },
               "Resource": {
                 "Fn::Join": [
diff --git a/source/infrastructure/test/__snapshots__/distributed-load-testing-on-aws-stack.test.ts.snap b/source/infrastructure/test/__snapshots__/distributed-load-testing-on-aws-stack.test.ts.snap
@@ -2649,19 +2649,13 @@ exports[`Distributed Load Testing stack test 1`] = `
                 ],
               },
               "Id": "DLTStackDLTConsoleResourcesDLTCloudFrontToS3CloudFrontDistributionOrigin1022BE4E8",
-              "S3OriginConfig": {
-                "OriginAccessIdentity": {
-                  "Fn::Join": [
-                    "",
-                    [
-                      "origin-access-identity/cloudfront/",
-                      {
-                        "Ref": "DLTConsoleResourcesDLTCloudFrontToS3CloudFrontDistributionOrigin1S3Origin5080EA34",
-                      },
-                    ],
-                  ],
-                },
+              "OriginAccessControlId": {
+                "Fn::GetAtt": [
+                  "DLTConsoleResourcesDLTCloudFrontToS3CloudFrontOac3AF5A4EE",
+                  "Id",
+                ],
               },
+              "S3OriginConfig": {},
             },
           ],
         },
@@ -2680,13 +2674,37 @@ exports[`Distributed Load Testing stack test 1`] = `
       },
       "Type": "AWS::CloudFront::Distribution",
     },
-    "DLTConsoleResourcesDLTCloudFrontToS3CloudFrontDistributionOrigin1S3Origin5080EA34": {
+    "DLTConsoleResourcesDLTCloudFrontToS3CloudFrontOac3AF5A4EE": {
       "Properties": {
-        "CloudFrontOriginAccessIdentityConfig": {
-          "Comment": "Identity for DLTStackDLTConsoleResourcesDLTCloudFrontToS3CloudFrontDistributionOrigin1022BE4E8",
+        "OriginAccessControlConfig": {
+          "Description": "Origin access control provisioned by aws-cloudfront-s3",
+          "Name": {
+            "Fn::Join": [
+              "",
+              [
+                "aws-cloudfront-s3-DLTCtToS3-",
+                {
+                  "Fn::Select": [
+                    2,
+                    {
+                      "Fn::Split": [
+                        "/",
+                        {
+                          "Ref": "AWS::StackId",
+                        },
+                      ],
+                    },
+                  ],
+                },
+              ],
+            ],
+          },
+          "OriginAccessControlOriginType": "s3",
+          "SigningBehavior": "always",
+          "SigningProtocol": "sigv4",
         },
       },
-      "Type": "AWS::CloudFront::CloudFrontOriginAccessIdentity",
+      "Type": "AWS::CloudFront::OriginAccessControl",
     },
     "DLTConsoleResourcesDLTCloudFrontToS3S3Bucket4FED8B63": {
       "DeletionPolicy": "Retain",
@@ -2797,14 +2815,28 @@ exports[`Distributed Load Testing stack test 1`] = `
             },
             {
               "Action": "s3:GetObject",
+              "Condition": {
+                "StringEquals": {
+                  "AWS:SourceArn": {
+                    "Fn::Join": [
+                      "",
+                      [
+                        "arn:aws:cloudfront::",
+                        {
+                          "Ref": "AWS::AccountId",
+                        },
+                        ":distribution/",
+                        {
+                          "Ref": "DLTConsoleResourcesDLTCloudFrontToS3CloudFrontDistribution3EF384B4",
+                        },
+                      ],
+                    ],
+                  },
+                },
+              },
               "Effect": "Allow",
               "Principal": {
-                "CanonicalUser": {
-                  "Fn::GetAtt": [
-                    "DLTConsoleResourcesDLTCloudFrontToS3CloudFrontDistributionOrigin1S3Origin5080EA34",
-                    "S3CanonicalUserId",
-                  ],
-                },
+                "Service": "cloudfront.amazonaws.com",
               },
               "Resource": {
                 "Fn::Join": [
diff --git a/source/package.json b/source/package.json
@@ -1,6 +1,6 @@
 {
   "name": "source",
-  "version": "3.2.4",
+  "version": "3.2.5",
   "private": true,
   "description": "ESLint and prettier dependencies to be used within the solution",
   "license": "Apache-2.0",
diff --git a/source/real-time-data-publisher/package.json b/source/real-time-data-publisher/package.json
@@ -1,6 +1,6 @@
 {
   "name": "real-time-data-publisher",
-  "version": "3.2.4",
+  "version": "3.2.5",
   "description": "Publishes real time test data to an IoT endpoint",
   "repository": {
     "type": "git",
diff --git a/source/results-parser/package.json b/source/results-parser/package.json
@@ -1,6 +1,6 @@
 {
   "name": "results-parser",
-  "version": "3.2.4",
+  "version": "3.2.5",
   "description": "result parser for indexing xml test results to DynamoDB",
   "repository": {
     "type": "git",
diff --git a/source/solution-utils/package.json b/source/solution-utils/package.json
@@ -1,6 +1,6 @@
 {
   "name": "solution-utils",
-  "version": "3.2.4",
+  "version": "3.2.5",
   "description": "Utilities package for Distributed Load Testing on AWS",
   "license": "Apache-2.0",
   "author": {
diff --git a/source/task-canceler/package.json b/source/task-canceler/package.json
@@ -1,6 +1,6 @@
 {
   "name": "task-canceler",
-  "version": "3.2.4",
+  "version": "3.2.5",
   "description": "Triggered by api-services lambda function, cancels ecs tasks",
   "repository": {
     "type": "git",
diff --git a/source/task-runner/package.json b/source/task-runner/package.json
diff --git a/source/task-status-checker/package.json b/source/task-status-checker/package.json

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "api-services",`
`3`		`- "version": "3.2.4",`
	`3`	`+ "version": "3.2.5",`
`4`	`4`	`"description": "REST API micro services",`
`5`	`5`	`"repository": {`
`6`	`6`	`"type": "git",`
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "distributed-load-testing-on-aws-ui",`
`3`		`- "version": "3.2.4",`
	`3`	`+ "version": "3.2.5",`
`4`	`4`	`"private": true,`
`5`	`5`	`"license": "Apache-2.0",`
`6`	`6`	`"author": {`
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "custom-resource",`
`3`		`- "version": "3.2.4",`
	`3`	`+ "version": "3.2.5",`
`4`	`4`	`"description": "cfn custom resources for distributed load testing on AWS workflow",`
`5`	`5`	`"repository": {`
`6`	`6`	`"type": "git",`