tea-release 1.1.1 Update Policy Lambda Patch

This adds an inline policy to the UpdatePolicyLambda to allow the SNS for AmazonIpSpaceChanged to invoke the lambda.

What's Changed

• Updated ACLs in release script by @mckadesorensen in #614
• PR-3496 feat: add lambda permissions to SNS to invoke by @mattp0 in #635

Full Changelog: tea-release.1.1.0...tea-release.1.1.1

tea-release.1.1.0 Added Open Telemetry to TEA

What's Changed

• Merged the Latency Tiger Teams Open Telemetry changes
• Added dependency locking for test requirements
• Fixed broken links in documentation
• Internal refactoring of bucket map and jwt handling

Full Changelog: tea-release.1.0.2...tea-release.1.1.0

tea-release.1.0.4: Added Open Telemetry to TEA

What's Changed

• Merged the Latency Tiger Teams Open Telemetry changes
• Added dependency locking for test requirements
• Fixed broken links in documentation
• Internal refactoring of bucket map and jwt handling

Full Changelog: tea-release.1.0.2...tea-release.1.0.4

tea-release.1.0.3:

Merge pull request #594 from asfadmin/devel

PR-3212 merge to master

tea-release.1.0.2: Fix default S3 keys

The default lambda code and dependency zip keys were swapped in the CloudFormation template built by GitHub Actions.

What's Changed

• Fix default s3 keys by @reweeden in #471

Full Changelog: tea-release.1.0.1...tea-release.1.0.2

tea-release.1.0.1: Semantic versioning and development improvements

What changed in TEA:

TEA is moving to semantic versioning! We hope this will make it easier to judge the amount of effort required in upgrading between any particular versions. To kick off this transition we are labeling build 121 version 1.0.0. Version 1.0.1 contains dependency updates as well as some minor refactoring.

If you are a TEA developer, or are building TEA yourself from source, note that this release changes some of the repository structure and adds some tools to make your life easier.

✳️ Updates

• JSON logging mode will now consistently output well-formed JSON

✳️ CVE Remediation:

• Update cfnresponse from 1.1.1 to 1.1.2
• Update chalice from 1.26.2 to 1.26.6

✳️ Development Improvements

These changes don't affect TEA itself, but they make it easier for developers to make modifications to the code.

• Added a comprehensive unit test suite
• Added a Makefile for automating development tasks

✳️ Pull Requests

List

• Add GitHub Actions for lints and tests by @reweeden in #441
• PR-2930 add unit tests by @reweeden in #440
• PR-3041 Update dependencies by @reweeden in #443
• PR-3033 Add a makefile for automating development tasks by @reweeden in #452
• Update dependencies by @reweeden in #458
• PR-3066 convert end to end tests to pytest by @reweeden in #450
• Compile pattern in multiline mode by @reweeden in #460
• PR-3080 Add github actions by @reweeden in #459
• Improve support for building local dependencies by @reweeden in #464
• Move requirements_deps option below the docker options by @reweeden in #466
• Additional end-to-end tests by @reweeden in #467
• Merge devel into master by @reweeden in #469

New Contributors

• @reweeden made their first contribution in #441

tea-release.1.0.0: Semantic versioning

TEA is moving to semantic versioning! We hope this will make it easier to judge the amount of effort required in upgrading between any particular versions. To kick off this transition we are labeling build 121 version 1.0.0.

What Changed in TEA

• Nothing. This release is identical to build 121

tea-build.121: Fixed bug preventing TEA from deploying in us-east-1

What changed in TEA:

✳️ Updates

• Fixed Issue 386

tea-build.120: Upgrade to Python 3.8

What changed in TEA:

✳️ Updates

• Upgrade to python 3.8

✳️ CVE Remediation:

• Update pyyaml from 5.4.1 to 6.0
• Update pyjwt from 2.2.0 to 2.3.0
• Update chalice from 1.25.0 to 1.26.2
• Update cryyptography from 3.4.8 to 35.0.0

tea-build.118: Better request/timing visibility, Logging Improvements

What changed in TEA:

✳️ Better Session Tracking:

• x-request-id header is now provided to outgoing EDL requests
• x-origin-request-id is internally tracked and forwarded to EDL if provide

✳️ Code instrumentation improvements

• All external, and some internal operations are timed individually now
• Timing log records are provided as JSON for easy parsing and visualization

 {
  "timing": {
    "duration": 282.79, 
    "endpoint": "https://urs.earthdata.nasa.gov/oauth/token", 
    "method": "POST", 
    "service": "EDL", 
    "unit": "milliseconds"
  }
}

✳️ Logs records are sanitized for credentials by default

• JWT's, Basic Auth payloads, EDL tokens, and AWS Keys are censored
  • This can be temporarily overridden for debug by injecting a UNCENSORED_LOGGING env var.

✳️ CVE Remediation:

• Update chalice from 1.24.2 to 1.25.0
• Update Jinja2 from 3.0.1 to 3.0.2
• Update jwcrypto from 0.9.1 to 1.0
• update pyjwt from 2.1.0 to 2.2.0
• Update pyOpenSSL from 20.0.1 to 21.0.0

✳️ General code quality refactoring

• Additional and improved integration tests

⚠️ For upgrades from versions BEFORE build.115 ⚠️

✳️ Important post-upgrade steps:

If you are upgrading from a version BEFORE build.115, be aware that here are some post-upgrade steps you should take to insure in-region downloads are no interupted. See the IMPORTANT NOTES ON UPGRADES section of the build.115 release for me details.