aws · mergify · Nov 16, 2022 · Nov 3, 2022 · Nov 12, 2022 · Nov 14, 2022
diff --git a/.github/workflows/yarn-upgrade.yml b/.github/workflows/yarn-upgrade.yml
@@ -38,8 +38,6 @@ jobs:
       - name: Install Tools
         run: |-
           npm -g install lerna npm-check-updates@^9.0.0
-      - name: Build CLI
-        run: cd packages/aws-cdk && ../../scripts/buildup
       - name: Build Integ Runner
         run: cd packages/@aws-cdk/integ-runner && ../../../scripts/buildup
       - name: List Mono-Repo Packages
@@ -69,6 +67,8 @@ jobs:
           for pj in $(find packages/aws-cdk/lib/init-templates -name package.json); do
             (cd $(dirname $pj) && ncu --upgrade --reject='@types/node,@types/prettier,@types/fs-extra,constructs,typescript,aws-sdk,aws-sdk-mock,ts-jest,jest,${{ steps.list-packages.outputs.list }}')
           done
+          # Upgrade dependencies at an aws-eks integ test docker image
+          cd packages/@aws-cdk/aws-eks/test/sdk-call-integ-test-docker-app/app/ && ncu --upgrade --reject='@types/jest,@types/node,@types/prettier,@types/fs-extra,constructs,typescript,aws-sdk,aws-sdk-mock,ts-jest,jest,${{ steps.list-packages.outputs.list }}'
 
       # This will ensure the current lockfile is up-to-date with the dependency specifications (necessary for "yarn update" to run)
       - name: Run "yarn install"

diff --git a/packages/@aws-cdk/aws-eks/lib/alb-controller.ts b/packages/@aws-cdk/aws-eks/lib/alb-controller.ts
@@ -231,7 +231,7 @@ export class AlbController extends CoreConstruct {
       // want to expose this since helm here is just an implementation detail
       // for installing a specific version of the controller itself.
       // https://github.com/aws/eks-charts/blob/v0.0.65/stable/aws-load-balancer-controller/Chart.yaml
-      version: '1.2.7',
+      version: '1.4.1',
 
       wait: true,
       timeout: Duration.minutes(15),

diff --git a/packages/@aws-cdk/aws-eks/lib/oidc-provider.ts b/packages/@aws-cdk/aws-eks/lib/oidc-provider.ts
@@ -41,18 +41,11 @@ export class OpenIdConnectProvider extends iam.OpenIdConnectProvider {
    * @param props Initialization properties
    */
   public constructor(scope: Construct, id: string, props: OpenIdConnectProviderProps) {
-    /**
-     * For some reason EKS isn't validating the root certificate but a intermediate certificate
-     * which is one level up in the tree. Because of the a constant thumbprint value has to be
-     * stated with this OpenID Connect provider. The certificate thumbprint is the same for all the regions.
-     */
-    const thumbprints = ['9e99a48a9960b14926bb7f3b02e22da2b0ab7280'];
 
     const clientIds = ['sts.amazonaws.com'];
 
     super(scope, id, {
       url: props.url,
-      thumbprints,
       clientIds,
     });
   }

diff --git a/packages/@aws-cdk/aws-eks/package.json b/packages/@aws-cdk/aws-eks/package.json
@@ -82,6 +82,8 @@
     "@aws-cdk/assertions": "0.0.0",
     "@aws-cdk/cdk-build-tools": "0.0.0",
     "@aws-cdk/integ-runner": "0.0.0",
+    "@aws-cdk/integ-tests": "0.0.0",
+    "@aws-cdk/aws-ecr-assets": "0.0.0",
     "@aws-cdk/cfn2ts": "0.0.0",
     "@aws-cdk/pkglint": "0.0.0",
     "@types/aws-lambda": "^8.10.108",