search

aws / aws-cdk

The AWS Cloud Development Kit is a framework for defining cloud infrastructure in code
https://aws.amazon.com/cdk
Apache License 2.0
11.68k stars 3.93k forks source link

aws-cdk/aws-s3: Unable to deploy CDK due to asset bucket request missing headers #31926

Closed cedw93 closed 1 week ago

cedw93 commented 2 weeks ago

Describe the bug

Dependabot recently updated our CDK to version 2.164.1 which has broken our deployments due an issue publishing to s3. The Error is (sensitive information removed):

event-handlerCluster: start: Building 
aee30b6515587d0de5c06fce1889cea27c2ae6eaf9ada7885811078e911caf2c:000000000000-eu-west-1
event-handlerCluster: success: Built 
event-handlerCluster: success: Built aee30b6515587d0de5c06fce1889cea27c2ae6eaf9ada7885811078e911caf2c:000000000000-eu-west-1
event-handlerApplication: start: Building 771cc1f4e8115208b9f2549d7b353fe88ccf21f59c2f4cff0062b49a57b37751:000000000000-eu-west-1
event-handlerApplication: success: Built 771cc1f4e8115208b9f2549d7b353fe88ccf21f59c2f4cff0062b49a57b37751:000000000000-eu-west-1
event-handlerCluster: start: Publishing aee30b6515587d0de5c06fce1889cea27c2ae6eaf9ada7885811078e911caf2c:000000000000-eu-west-1
event-handlerCluster: fail: Content-MD5 OR x-amz-checksum- HTTP header is required for Put Object requests with Object Lock parameters

Our buckets have Governance Objects lock on them which we cannot remove.

It seems like it might be related to the FIPS configuration recently raised here: https://github.com/aws/aws-cdk/pull/31883

Reverting to a previous CDK version allowed the deployment to complete but this impacts our patch management if we cannot update CDK.

Regression Issue

Last Known Working CDK Version

2.162.1

Expected Behavior

CDK deploy works as expected

Current Behavior

CDK deployment fails when the asset buckets have an object lock

Reproduction Steps

Run CDK Deploy for our stack as normal

Possible Solution

No response

Additional Information/Context

No response

CDK CLI Version

2.164.1

Framework Version

No response

Node.js Version

18.20.4

OS

Linux & Mac OS

Language

TypeScript

Language Version

No response

Other information

No response

mrgrain commented 2 weeks ago

Investigating. This seems possible with a non-standard bootstrapping setup.

rix0rrr commented 1 week ago

Closed by https://github.com/aws/aws-cdk/pull/31937

github-actions[bot] commented 1 week ago

Comments on closed issues and PRs are hard for our team to see. If you need help, please open a new issue that references this one.