Merge pull request #8321 from aws/autoMerge/feature/smus

Merge master into feature/smus

Author: laileni-aws

.github/CODEOWNERS

@@ -2,3 +2,4 @@
 packages/core/src/codewhisperer/ @aws/codewhisperer-team
 packages/core/src/amazonqFeatureDev/ @aws/earlybird
 packages/core/src/awsService/accessanalyzer/ @aws/access-analyzer
+packages/core/src/awsService/cloudformation/ @aws/cfn-dev-productivity

CONTRIBUTING.md

@@ -527,6 +527,11 @@ Unlike the user setting overrides, not all of these environment variables have t
 
 -   `SSMDOCUMENT_LANGUAGESERVER_PORT`: The port the ssm document language server should start debugging on
 
+#### CloudFormation LSP
+
+-   `__CLOUDFORMATIONLSP_PATH`: for aws.dev.cloudformationLsp.path
+-   `__CLOUDFORMATIONLSP_CLOUDFORMATION_ENDPOINT`: for aws.dev.cloudformationLsp.cloudformationEndpoint
+
 #### CI/Testing
 
 -   `GITHUB_ACTION`: The name of the current GitHub Action workflow step that is running

packages/core/scripts/test/launchTestUtilities.ts

@@ -121,6 +121,7 @@ async function getVSCodeCliArgs(params: {
             ['DEVELOPMENT_PATH']: projectRootDir,
             ['AWS_TOOLKIT_AUTOMATION']: params.suite,
             ['TEST_DIR']: process.env.TEST_DIR,
+            ['JAVA_HOME']: process.env.JAVA_HOME,
             ...params.env,
         },
     }

packages/core/src/awsService/cloudformation/artifacts/awsDocumentationLinks.ts

@@ -0,0 +1,7 @@
+/*!
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+export const ResourceIdentifierDocumentationUrl =
+    'https://docs.aws.amazon.com/cloudcontrolapi/latest/userguide/resource-identifier.html'

packages/core/src/awsService/cloudformation/auth/credentials.ts

@@ -0,0 +1,80 @@
+/*!
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import { Disposable } from 'vscode'
+import { LanguageClient } from 'vscode-languageclient/node'
+import { StacksManager } from '../stacks/stacksManager'
+import { ResourcesManager } from '../resources/resourcesManager'
+import { CloudFormationRegionManager } from '../explorer/regionManager'
+import globals from '../../../shared/extensionGlobals'
+import * as jose from 'jose'
+import * as crypto from 'crypto'
+
+export const encryptionKey = crypto.randomBytes(32)
+
+export class AwsCredentialsService implements Disposable {
+    private authChangeListener: Disposable
+    private client: LanguageClient | undefined
+
+    constructor(
+        private stacksManager: StacksManager,
+        private resourcesManager: ResourcesManager,
+        private regionManager: CloudFormationRegionManager
+    ) {
+        this.authChangeListener = globals.awsContext.onDidChangeContext(() => {
+            void this.updateCredentialsFromActiveConnection()
+        })
+    }
+
+    async initialize(client: LanguageClient): Promise<void> {
+        this.client = client
+        await this.updateCredentialsFromActiveConnection()
+    }
+
+    private async updateCredentialsFromActiveConnection(): Promise<void> {
+        if (!this.client) {
+            return
+        }
+
+        const credentials = await globals.awsContext.getCredentials()
+        const profileName = globals.awsContext.getCredentialProfileName()
+
+        if (credentials && profileName) {
+            const encryptedRequest = await this.createEncryptedCredentialsRequest({
+                profile: profileName.replaceAll('profile:', ''),
+                region: this.regionManager.getSelectedRegion(),
+                accessKeyId: credentials.accessKeyId,
+                secretAccessKey: credentials.secretAccessKey,
+                sessionToken: credentials.sessionToken,
+            })
+
+            await this.client.sendRequest('aws/credentials/iam/update', encryptedRequest)
+        }
+
+        void this.stacksManager.reload()
+        void this.resourcesManager.reload()
+    }
+
+    async updateRegion(): Promise<void> {
+        await this.updateCredentialsFromActiveConnection()
+    }
+
+    private async createEncryptedCredentialsRequest(data: any): Promise<any> {
+        const payload = new TextEncoder().encode(JSON.stringify({ data }))
+
+        const jwt = await new jose.CompactEncrypt(payload)
+            .setProtectedHeader({ alg: 'dir', enc: 'A256GCM' })
+            .encrypt(encryptionKey)
+
+        return {
+            data: jwt,
+            encrypted: true,
+        }
+    }
+
+    dispose(): void {
+        this.authChangeListener.dispose()
+    }
+}

packages/core/src/awsService/cloudformation/cfn-init/cfnEnvironmentApi.ts

@@ -0,0 +1,19 @@
+/*!
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import { LanguageClient } from 'vscode-languageclient/node'
+import {
+    ParsedCfnEnvironmentFile,
+    ParseCfnEnvironmentFilesParams,
+    ParseCfnEnvironmentFilesRequest,
+} from './cfnEnvironmentRequestType'
+
+export async function parseCfnEnvironmentFiles(
+    client: LanguageClient,
+    params: ParseCfnEnvironmentFilesParams
+): Promise<ParsedCfnEnvironmentFile[]> {
+    const result = await client.sendRequest(ParseCfnEnvironmentFilesRequest, params)
+    return result.parsedFiles
+}