Merge branch 'main' into fahadzub/cbor-constraint

Author: drganjoo

.github/workflows/ci.yml

@@ -307,11 +307,11 @@ jobs:
             "OPENSSL_INCLUDE_DIR",
         ]
         [target.powerpc-unknown-linux-gnu]
-        pre-build = ["curl -L -s -o /tmp/openssl.sh https://github.com/cross-rs/cross/raw/c183ee37a9dc6b0e6b6a6ac9c918173137bad4ef/docker/openssl.sh && bash /tmp/openssl.sh linux-ppc powerpc-linux-gnu-"]
+        pre-build = ["curl -L -s https://github.com/cross-rs/cross/raw/c183ee37a9dc6b0e6b6a6ac9c918173137bad4ef/docker/openssl.sh | sed 's/curl https/curl -L https/' > /tmp/openssl.sh && bash /tmp/openssl.sh linux-ppc powerpc-linux-gnu-"]
         [target.powerpc-unknown-linux-gnu.env]
         passthrough = ["OPENSSL_DIR"]
         [target.powerpc64-unknown-linux-gnu]
-        pre-build = ["curl -L -s -o /tmp/openssl.sh https://github.com/cross-rs/cross/raw/c183ee37a9dc6b0e6b6a6ac9c918173137bad4ef/docker/openssl.sh && bash /tmp/openssl.sh linux-ppc64 powerpc64-linux-gnu-"]
+        pre-build = ["curl -L -s https://github.com/cross-rs/cross/raw/c183ee37a9dc6b0e6b6a6ac9c918173137bad4ef/docker/openssl.sh | sed 's/curl https/curl -L https/' > /tmp/openssl.sh && bash /tmp/openssl.sh linux-ppc64 powerpc64-linux-gnu-"]
         [target.powerpc64-unknown-linux-gnu.env]
         passthrough = ["OPENSSL_DIR"]
         EOF

.github/workflows/manual-update-lockfiles.yml

@@ -0,0 +1,34 @@
+# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+# SPDX-License-Identifier: Apache-2.0
+
+name: Update lockfiles manually
+run-name: ${{ github.workflow }} (${{ inputs.base_branch }})
+on:
+  workflow_dispatch:
+    inputs:
+      base_branch:
+        description: The name of the branch on which to run `cargo update` for lockfiles
+        required: true
+        type: string
+      force_update_on_broken_dependencies:
+        description: When true, it forces `cargo update` to update broken dependencies to the latest semver-compatible versions, without downgrading them to the last known working versions
+        required: true
+        type: boolean
+        default: false
+
+concurrency:
+  group: ${{ github.workflow }}-${{ inputs.base_branch }}
+  cancel-in-progress: true
+
+jobs:
+  cargo-update-runtime-lockfiles-and-sdk-lockfile:
+    name: Run cargo update on the runtime lockfiles and the SDK lockfile
+    if: ${{ github.event_name == 'workflow_dispatch' }}
+    uses: ./.github/workflows/pull-request-updating-lockfiles.yml
+    with:
+      base_branch: ${{ inputs.base_branch }}
+      force_update_on_broken_dependencies: ${{ inputs.force_update_on_broken_dependencies }}
+    secrets:
+      DOCKER_LOGIN_TOKEN_PASSPHRASE: ${{ secrets.DOCKER_LOGIN_TOKEN_PASSPHRASE }}
+      SMITHY_RS_PUBLIC_ECR_PUSH_ROLE_ARN: ${{ secrets.SMITHY_RS_PUBLIC_ECR_PUSH_ROLE_ARN }}
+      RELEASE_AUTOMATION_BOT_PAT: ${{ secrets.RELEASE_AUTOMATION_BOT_PAT }}

.github/workflows/pull-request-updating-lockfiles.yml

@@ -0,0 +1,121 @@
+# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+# SPDX-License-Identifier: Apache-2.0
+
+# This is a shared workflow used by both `update-lockfiles.yml` and `manual-update-lockfiles.yml`.
+
+name: Pull Request for Updating Lockfiles
+on:
+  workflow_call:
+    inputs:
+      base_branch:
+        description: The name of the branch on which to run `cargo update` for lockfiles
+        required: true
+        type: string
+      force_update_on_broken_dependencies:
+        description: When true, it forces `cargo update` to update broken dependencies to the latest semver-compatible versions, without downgrading them to the last known working versions
+        required: true
+        type: boolean
+    secrets:
+      DOCKER_LOGIN_TOKEN_PASSPHRASE:
+        required: true
+      SMITHY_RS_PUBLIC_ECR_PUSH_ROLE_ARN:
+        required: true
+      RELEASE_AUTOMATION_BOT_PAT:
+        required: true
+
+env:
+  ecr_repository: public.ecr.aws/w0m4q9l7/github-awslabs-smithy-rs-ci
+
+jobs:
+  save-docker-login-token:
+    name: Save a docker login token
+    timeout-minutes: 10
+    outputs:
+      docker-login-password: ${{ steps.set-token.outputs.docker-login-password }}
+    permissions:
+      id-token: write
+      contents: read
+    continue-on-error: true
+    runs-on: ubuntu-latest
+    steps:
+    - name: Attempt to load a docker login password
+      uses: aws-actions/configure-aws-credentials@v4
+      with:
+        role-to-assume: ${{ secrets.SMITHY_RS_PUBLIC_ECR_PUSH_ROLE_ARN }}
+        role-session-name: GitHubActions
+        aws-region: us-west-2
+    - name: Save the docker login password to the output
+      id: set-token
+      run: |
+        ENCRYPTED_PAYLOAD=$(
+          gpg --symmetric --batch --passphrase "${{ secrets.DOCKER_LOGIN_TOKEN_PASSPHRASE }}" --output - <(aws ecr-public get-login-password --region us-east-1) | base64 -w0
+        )
+        echo "docker-login-password=$ENCRYPTED_PAYLOAD" >> $GITHUB_OUTPUT
+
+  acquire-base-image:
+    name: Acquire Base Image
+    needs: save-docker-login-token
+    runs-on: ubuntu-latest
+    timeout-minutes: 60
+    env:
+      ENCRYPTED_DOCKER_PASSWORD: ${{ needs.save-docker-login-token.outputs.docker-login-password }}
+      DOCKER_LOGIN_TOKEN_PASSPHRASE: ${{ secrets.DOCKER_LOGIN_TOKEN_PASSPHRASE }}
+    permissions:
+      id-token: write
+      contents: read
+    steps:
+    - uses: actions/checkout@v4
+      with:
+        path: smithy-rs
+    - name: Acquire base image
+      id: acquire
+      env:
+        DOCKER_BUILDKIT: 1
+      run: ./smithy-rs/.github/scripts/acquire-build-image
+    - name: Acquire credentials
+      uses: aws-actions/configure-aws-credentials@v4
+      with:
+        role-to-assume: ${{ secrets.SMITHY_RS_PUBLIC_ECR_PUSH_ROLE_ARN }}
+        role-session-name: GitHubActions
+        aws-region: us-west-2
+    - name: Upload image
+      run: |
+        IMAGE_TAG="$(./smithy-rs/.github/scripts/docker-image-hash)"
+        docker tag "smithy-rs-base-image:${IMAGE_TAG}" "${{ env.ecr_repository }}:${IMAGE_TAG}"
+        aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws
+        docker push "${{ env.ecr_repository }}:${IMAGE_TAG}"
+
+  create-pull-request-for-updating-lockfiles:
+    name: Create a Pull Request for updating lockfiles
+    needs:
+    - acquire-base-image
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout smithy-rs
+      uses: actions/checkout@v4
+      with:
+        path: smithy-rs
+        token: ${{ secrets.RELEASE_AUTOMATION_BOT_PAT }}
+    - name: Create branch name for updating lockfiles
+      id: branch-name-for-updating-lockfiles
+      shell: bash
+      run: |
+        branch_name="update-all-lockfiles-$(date +%s)"
+        echo "branch_name=${branch_name}" > $GITHUB_OUTPUT
+    - name: Cargo update all lockfiles
+      uses: ./smithy-rs/.github/actions/docker-build
+      with:
+        action: cargo-update-lockfiles
+        action-arguments: ${{ inputs.base_branch }} ${{ steps.branch-name-for-updating-lockfiles.outputs.branch_name }} ${{ inputs.force_update_on_broken_dependencies }}
+    - name: Create pull request
+      working-directory: smithy-rs
+      shell: bash
+      env:
+        GITHUB_TOKEN: ${{ secrets.RELEASE_AUTOMATION_BOT_PAT }}
+      run: |
+        gh pr create \
+          --title 'Run `cargo update` on the runtime lockfiles and the SDK lockfile' \
+          --body 'If CI fails, commit the necessary fixes to this PR until all checks pass. If required, update entries in [crateNameToLastKnownWorkingVersions](https://github.com/smithy-lang/smithy-rs/blob/6b42eb5ca00a2dc9c46562452e495a2ec2e43d0f/aws/sdk/build.gradle.kts#L503-L504).' \
+          --base ${{ inputs.base_branch }} \
+          --head ${{ steps.branch-name-for-updating-lockfiles.outputs.branch_name }} \
+          --label "needs-sdk-review"

.github/workflows/update-lockfiles.yml

@@ -0,0 +1,23 @@
+# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+# SPDX-License-Identifier: Apache-2.0
+
+name: Update lockfiles scheduled
+run-name: ${{ github.workflow }}
+on:
+  schedule:
+    # Runs 22:00 UTC every Tuesday
+  - cron: 0 22 * * 2
+
+jobs:
+  cargo-update-runtime-lockfiles-and-sdk-lockfile:
+    name: Run cargo update on the runtime lockfiles and the SDK lockfile
+    # Don't run on forked repositories
+    if: github.repository == 'smithy-lang/smithy-rs'
+    uses: ./.github/workflows/pull-request-updating-lockfiles.yml
+    with:
+      base_branch: main
+      force_update_on_broken_dependencies: false
+    secrets:
+      DOCKER_LOGIN_TOKEN_PASSPHRASE: ${{ secrets.DOCKER_LOGIN_TOKEN_PASSPHRASE }}
+      SMITHY_RS_PUBLIC_ECR_PUSH_ROLE_ARN: ${{ secrets.SMITHY_RS_PUBLIC_ECR_PUSH_ROLE_ARN }}
+      RELEASE_AUTOMATION_BOT_PAT: ${{ secrets.RELEASE_AUTOMATION_BOT_PAT }}

CHANGELOG.md

@@ -1,4 +1,10 @@
 <!-- Do not manually edit this file. Use the `changelogger` tool. -->
+September 26th, 2024
+====================
+**New this release:**
+- :bug: (client, [smithy-rs#3820](https://github.com/smithy-lang/smithy-rs/issues/3820)) Fixed a bug with the content length of compressed payloads that caused such requests to hang.
+
+
 September 17th, 2024
 ====================
 

aws/SDK_CHANGELOG.next.json

@@ -17,7 +17,7 @@
         "smithy-rs#3800"
       ],
       "since-commit": "d64aea29ad48d7bddb5a7511f3f1175c478e2c1e",
-      "age": 3
+      "age": 4
     },
     {
       "message": "Add minimal support for `AWS::Auth::AccountId` and `AWS::Auth::AccountIdEndpointMode` endpoint built-ins\n",
@@ -31,7 +31,7 @@
         "smithy-rs#3792"
       ],
       "since-commit": "d64aea29ad48d7bddb5a7511f3f1175c478e2c1e",
-      "age": 3
+      "age": 4
     },
     {
       "message": "Fix the execution order of [modify_before_serialization](https://docs.rs/aws-smithy-runtime-api/latest/aws_smithy_runtime_api/client/interceptors/trait.Intercept.html#method.modify_before_serialization) and [read_before_serialization](https://docs.rs/aws-smithy-runtime-api/latest/aws_smithy_runtime_api/client/interceptors/trait.Intercept.html#method.read_before_serialization) in the orchestrator. The `modify_before_serialization` method now executes before the `read_before_serialization` method. This adjustment may result in changes in behavior depending on how you customize interceptors.\n",
@@ -45,7 +45,7 @@
         "smithy-rs#3798"
       ],
       "since-commit": "d64aea29ad48d7bddb5a7511f3f1175c478e2c1e",
-      "age": 3
+      "age": 4
     },
     {
       "message": "Fix the [Length::UpTo](https://docs.rs/aws-smithy-types/1.2.2/aws_smithy_types/byte_stream/enum.Length.html) usage in [FsBuilder](https://docs.rs/aws-smithy-types/1.2.2/aws_smithy_types/byte_stream/struct.FsBuilder.html), ensuring that the specified length does not exceed the remaining file length.\n",
@@ -60,7 +60,7 @@
         "smithy-rs#3797"
       ],
       "since-commit": "d64aea29ad48d7bddb5a7511f3f1175c478e2c1e",
-      "age": 3
+      "age": 4
     },
     {
       "message": "Re-export `ByteStream`'s `Length` and `FsBuilder`. By making these types available directly within a client crate, customers can use `ByteStream::read_from` without needing to import them separately from the `aws-smithy-types` crate.\n",
@@ -74,7 +74,7 @@
         "aws-sdk-rust#820"
       ],
       "since-commit": "d64aea29ad48d7bddb5a7511f3f1175c478e2c1e",
-      "age": 3
+      "age": 4
     },
     {
       "message": "Remove stalled stream protection from transcribe-streaming operations.\n",
@@ -88,7 +88,7 @@
         "aws-sdk-rust#1181"
       ],
       "since-commit": "c622e5e97b199cc2382a4fbc14a9773e9ea1766c",
-      "age": 1
+      "age": 2
     },
     {
       "message": "deprecate http-02x presign APIs in favor of http-1x equivalents\n",
@@ -100,7 +100,7 @@
       "author": "aajtodd",
       "references": [],
       "since-commit": "c622e5e97b199cc2382a4fbc14a9773e9ea1766c",
-      "age": 1
+      "age": 2
     },
     {
       "message": "Update Smoketest codegeneration to be endpoint built-in aware.\n",
@@ -114,6 +114,20 @@
         "smithy-rs#3836"
       ],
       "since-commit": "c622e5e97b199cc2382a4fbc14a9773e9ea1766c",
+      "age": 2
+    },
+    {
+      "message": "Fixed a bug with the content length of compressed payloads that caused such requests to hang.\n",
+      "meta": {
+        "bug": true,
+        "breaking": false,
+        "tada": false
+      },
+      "author": "Velfi",
+      "references": [
+        "smithy-rs#3820"
+      ],
+      "since-commit": "2f29209c1ecfd8a848dc0745dbce6b510c898d9a",
       "age": 1
     }
   ],

aws/rust-runtime/Cargo.lock

@@ -1,6 +1,6 @@
 [package]
 name = "aws-config"
-version = "1.5.6"
+version = "1.5.7"
 authors = [
     "AWS Rust SDK Team <[email protected]>",
     "Russell Cohen <[email protected]>",