Merge pull request #233 from gockle/main

Update Dockerfile to fix CVE(s) v3.3.8

Author: abewub

CHANGELOG.md

@@ -6,7 +6,14 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 
-## [3.3.7] - 2025-05-12
+## [3.3.8] - 2025-05-22
+
+### Security
+
+- Update sqllite-libs to fix [CVE](https://alas.aws.amazon.com/cve/json/v1/CVE-2022-46908.json)
+- Update setuptools to fix [CVE](https://www.cve.org/CVERecord?id=CVE-2025-47273)
+
+## [3.3.7] - 2025-05-06
 
 ### Security
 

README.md

@@ -1,6 +1,6 @@
 # Distributed Load Testing on AWS
 
-The Distributed Load Testing Solution leverages managed, highly available and highly scalable AWS services to effortlessly create and simulate thousands of connected users generating a selected amount of transactions per second, originating from up to 5 simultaneous AWS regions. As a result, developers can understand the behavior of their applications at scale and at load to identify any bottleneck problems before they deploy to Production.
+The Distributed Load Testing Solution leverages managed, highly available and highly scalable AWS services to effortlessly create and simulate thousands of connected users generating a selected amount of transactions per second, originating from up to 5 simultaneous AWS regions. As a result, developers can understand the behavior of their applications at scale and at load to identify any bottleneck problems before they deploy to Production. [Launch in the AWS Console](https://console.aws.amazon.com/cloudformation/home?region=us-east-1#/stacks/new?&templateURL=https://solutions-reference.s3.amazonaws.com/distributed-load-testing-on-aws/latest/distributed-load-testing-on-aws.template&redirectId=GitHub)
 
 ## On this Page
 
@@ -13,6 +13,36 @@ The Distributed Load Testing Solution leverages managed, highly available and hi
 
 ![Architecture](architecture.png)
 
+The high-level process flow for the solution components deployed with the AWS CloudFormation template is as follows:  
+
+1. A distributed load tester API, which leverages [Amazon API Gateway](https://aws.amazon.com/api-gateway) to invoke the solution's microservices ([AWS Lambda](https://aws.amazon.com/lambda) functions).
+
+2. The microservices provide the business logic to manage test data and run the tests.
+
+3. These microservices interact with [Amazon Simple Storage Service](https://aws.amazon.com/s3) (Amazon S3), [Amazon DynamoDB](https://aws.amazon.com/dynamodb), and [AWS Step Functions](https://aws.amazon.com/step-functions) to provide storage for the test scenario details and results and run test scenarios.
+
+4. An [Amazon Virtual Private Cloud](https://aws.amazon.com/vpc) (Amazon VPC) network topology is deployed containing the solution\'s [Amazon Elastic Container Service](https://aws.amazon.com/ecs) (Amazon ECS) containers running on [AWS Fargate](https://aws.amazon.com/fargate).
+
+5. The containers include the [AmazonLinux](https://aws.amazon.com/linux/amazon-linux-2023/) (with blazemeter load testing framework installed) [Open Container Initiative](https://opencontainers.org/) (OCI) compliant container image, which is used to generate load for testing your application\'s performance. Taurus/Blazemeter is an open-source test automation framework. The container image is hosted by AWS in an [Amazon Elastic Container Registry](https://aws.amazon.com/ecr) (Amazon ECR) public repository. For more information about the ECR image repository, refer to [Container image customization](https://docs.aws.amazon.com/solutions/latest/distributed-load-testing-on-aws/container-image.html).
+
+6. A web console powered by [AWS Amplify](https://aws.amazon.com/amplify) is deployed it into an Amazon S3 bucket configured for static web hosting.
+
+7. [Amazon CloudFront](https://aws.amazon.com/cloudfront) provides secure, public access to the solution\'s website bucket contents.
+
+8. During initial configuration, this solution also creates a default solution administrator role (IAM role) and sends an access invite to a customer-specified user email address.
+
+9. An [Amazon Cognito](https://aws.amazon.com/cognito) user pool manages user access to the console and the distributed load tester API.
+
+10. After you deploy this solution, you can use the web console to create a test scenario that defines a series of tasks.
+
+11. The microservices use this test scenario to run Amazon ECS on AWS Fargate tasks in the Regions specified.
+
+12. In addition to storing the results in Amazon S3 and DynamoDB, once the test is complete the output is logged in [Amazon CloudWatch](https://aws.amazon.com/cloudwatch).
+
+13. If you select the live data option, the solution sends the Amazon CloudWatch logs for the AWS Fargate tasks to a Lambda function during the test, for each Region in which the test was run.
+
+14. The Lambda function then publishes the data to the corresponding topic in [AWS IoT Core](https://aws.amazon.com/iot-core) in the Region where the main stack was deployed. The web console subscribes to the topic, and you can see the data while the test runs in the web console.
+
 ## Deployment
 
 The solution is deployed using a CloudFormation template with a lambda backed custom resource. To simulate users from regions other than the region the solution is initially deployed in, a regional template must be deployed within the other desired regions. For details on deploying the solution please see the details on the solution implementation guide: [Distributed Load Testing](https://docs.aws.amazon.com/solutions/latest/distributed-load-testing-on-aws/deployment.html).
@@ -91,7 +121,7 @@ export BUCKET_NAME=$BUCKET_PREFIX-$REGION # full bucket name where the code will
 export SOLUTION_NAME=my-solution-name
 export VERSION=my-version # version number for the customized code
 export PUBLIC_ECR_REGISTRY=public.ecr.aws/aws-solutions # replace with the container registry and image if you want to use a different container image
-export PUBLIC_ECR_TAG=v3.3.7 # replace with the container image tag if you want to use a different container image
+export PUBLIC_ECR_TAG=v3.3.8 # replace with the container image tag if you want to use a different container image
 ```
 
 - Build the distributable.

VERSION.txt

@@ -1 +1 @@
-3.3.7
+3.3.8

deployment/ecr/distributed-load-testing-on-aws-load-tester/Dockerfile

@@ -8,10 +8,11 @@ ENV PIP_INSTALL="pip3.11 install --no-cache-dir"
 
 
 # install bzt
-RUN $PIP_INSTALL --upgrade bzt awscli setuptools==70.0.0 h11
+RUN $PIP_INSTALL --upgrade bzt awscli setuptools==78.1.1 h11 && \
+    $PIP_INSTALL --upgrade bzt
 
 # install bzt tools
-RUN bzt -install-tools -o modules.install-checker.exclude=selenium,gatling,tsung,siege,ab,k6,external-results-loader,locust,junit,testng,rspec,mocha,nunit,xunit,wdio
+RUN bzt -install-tools -o modules.install-checker.exclude=selenium,gatling,tsung,siege,ab,k6,external-results-loader,locust,junit,testng,rspec,mocha,nunit,xunit,wdio,robot,newman
 RUN rm -rf /root/.bzt/selenium-taurus
 RUN mkdir /bzt-configs /tmp/artifacts
 ADD ./load-test.sh /bzt-configs/

source/api-services/package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "api-services",
-  "version": "3.3.7",
+  "version": "3.3.8",
   "description": "REST API micro services",
   "repository": {
     "type": "git",

source/api-services/package.json

@@ -1,6 +1,6 @@
 {
   "name": "distributed-load-testing-on-aws-ui",
-  "version": "3.3.7",
+  "version": "3.3.8",
   "private": true,
   "license": "Apache-2.0",
   "author": {

source/console/package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "custom-resource",
-  "version": "3.3.7",
+  "version": "3.3.8",
   "description": "cfn custom resources for distributed load testing on AWS workflow",
   "repository": {
     "type": "git",

source/console/package.json

@@ -1,6 +1,6 @@
 {
   "name": "distributed-load-testing-on-aws-infrastructure",
-  "version": "3.3.7",
+  "version": "3.3.8",
   "author": {
     "name": "Amazon Web Services",
     "url": "https://aws.amazon.com/solutions"

source/custom-resource/package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "metrics-utils",
-  "version": "3.3.7",
+  "version": "3.3.8",
   "main": "index.ts",
   "license": "Apache-2.0",
   "description": "Distributed Load Testing on AWS Ops Metrics",

source/custom-resource/package.json

@@ -1,6 +1,6 @@
 {
   "name": "source",
-  "version": "3.3.7",
+  "version": "3.3.8",
   "private": true,
   "description": "ESLint and prettier dependencies to be used within the solution",
   "license": "Apache-2.0",

source/infrastructure/package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "real-time-data-publisher",
-  "version": "3.3.7",
+  "version": "3.3.8",
   "description": "Publishes real time test data to an IoT endpoint",
   "repository": {
     "type": "git",

source/infrastructure/package.json

@@ -1,6 +1,6 @@
 {
   "name": "results-parser",
-  "version": "3.3.7",
+  "version": "3.3.8",
   "description": "result parser for indexing xml test results to DynamoDB",
   "repository": {
     "type": "git",

source/metrics-utils/package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "solution-utils",
-  "version": "3.3.7",
+  "version": "3.3.8",
   "description": "Utilities package for Distributed Load Testing on AWS",
   "license": "Apache-2.0",
   "author": {

source/metrics-utils/package.json

@@ -1,6 +1,6 @@
 {
   "name": "task-canceler",
-  "version": "3.3.7",
+  "version": "3.3.8",
   "description": "Triggered by api-services lambda function, cancels ecs tasks",
   "repository": {
     "type": "git",