@fjall/components-infrastructure 0.96.0 → 0.99.3

package/dist/lib/patterns/aws/compute.js

@@ -1,14 +1,15 @@
 import { Runtime } from "aws-cdk-lib/aws-lambda";
 import { isCompute, isEcsCompute, isLambdaCompute, isEc2Compute } from "./interfaces/compute.js";
 import { warnIfPropertiesIgnored } from "../../utils/validationLogger.js";
+import { DEFAULT_ECS_FALLBACK_IMAGE, DEFAULT_EC2_INSTANCE_TYPE } from "../../resources/aws/compute/ecsConstants.js";
 // Import and re-export from per-pattern files
-import { EcsCompute, ECS_CAPACITY_PROVIDER_CONFIG, getEcsCapacityProviderConfig, ScalingType, validateEcsProps, buildContainerConfigs, resolveScalingConfig } from "./computeEcs.js";
+import { EcsCompute, ECS_CAPACITY_PROVIDER_CONFIG, getEcsCapacityProviderConfig, ScalingType, validateEcsProps, buildContainerConfigs, expandMigrationsSugar, resolveScalingConfig } from "./computeEcs.js";
 import { LambdaCompute, resolveLambdaDeployment, Architecture, HttpMethod, InvokeMode } from "./computeLambda.js";
 import { Ec2Compute } from "./computeEc2.js";
 // Re-export everything from per-pattern files
 export { 
 // ECS
-EcsCompute, ECS_CAPACITY_PROVIDER_CONFIG, getEcsCapacityProviderConfig, ScalingType, validateEcsProps, buildContainerConfigs, resolveScalingConfig, 
+EcsCompute, ECS_CAPACITY_PROVIDER_CONFIG, getEcsCapacityProviderConfig, ScalingType, validateEcsProps, buildContainerConfigs, expandMigrationsSugar, resolveScalingConfig, 
 // Lambda
 LambdaCompute, resolveLambdaDeployment, Architecture, HttpMethod, InvokeMode, 
 // EC2
@@ -36,14 +37,12 @@ export const COMPUTE_TYPE_CONFIG = {
  */
 export const COMPUTE_DEFAULTS = {
     EC2: {
-        INSTANCE_TYPE: "t4g.micro",
+        INSTANCE_TYPE: DEFAULT_EC2_INSTANCE_TYPE,
         MIN_CAPACITY: 1,
         MAX_CAPACITY: 1
     },
     ECS: {
-        /** AWS sample image used when no ECR repository is provided */
-        FALLBACK_IMAGE: "amazon/amazon-ecs-sample",
-        /** Default tag for ECR images */
+        FALLBACK_IMAGE: DEFAULT_ECS_FALLBACK_IMAGE,
         IMAGE_TAG: "latest"
     },
     LAMBDA: {
@@ -140,13 +139,8 @@ export class ComputeFactory {
                             name: service.name,
                             clusterName
                         };
-                        // Include dockerfilePath if specified (metadata for CLI)
-                        if (service.dockerfilePath) {
-                            manifestService.dockerfilePath = service.dockerfilePath;
-                        }
-                        // Include dockerTarget if specified (metadata for CLI)
-                        if (service.dockerTarget) {
-                            manifestService.dockerTarget = service.dockerTarget;
+                        if (service.docker !== undefined) {
+                            manifestService.docker = service.docker;
                         }
                         // Find container port from first container with a port
                         const containerWithPort = service.containers?.find((c) => c.port !== undefined);

package/dist/lib/patterns/aws/computeEcs.d.ts

@@ -1,13 +1,13 @@
-import { type ICluster, type IBaseService } from "aws-cdk-lib/aws-ecs";
+import { type ICluster, type IBaseService, type TaskDefinition, type FargateTaskDefinition } from "aws-cdk-lib/aws-ecs";
 import { type Connections, type ISecurityGroup } from "aws-cdk-lib/aws-ec2";
-import { type IGrantable, Grant } from "aws-cdk-lib/aws-iam";
+import { type IGrantable, type IRole, Grant } from "aws-cdk-lib/aws-iam";
 import { type IApplicationLoadBalancer, type ApplicationListener } from "aws-cdk-lib/aws-elasticloadbalancingv2";
 import { Construct } from "constructs";
 import { type IEcsCompute } from "./interfaces/compute.js";
 import EcsCluster, { type EcsClusterProps } from "../../resources/aws/compute/ecs.js";
 export { ScalingType } from "./computeEcsTypes.js";
-export type { EcsCapacityProvider, Ec2CapacityConfig, RemoteConnectionSpec, EcsCapacityProviderConfig, EcsContainerConfig, EcsScalingConfig, EcsClusterConfig, EcsRoutingConfig, EcsServiceConfig, EcsComputeProps } from "./computeEcsTypes.js";
-import { ScalingType, type EcsCapacityProviderConfig, type EcsCapacityProvider, type EcsScalingConfig, type EcsServiceConfig, type EcsComputeProps } from "./computeEcsTypes.js";
+export type { EcsCapacityProvider, Ec2CapacityConfig, RemoteConnectionSpec, EcsCapacityProviderConfig, EcsContainerConfig, ContainerDependency, ContainerVolume, EcsScheduledTaskConfig, EcsLifecycleHookMigrationsConfig, EcsPostDeployMigrationsConfig, EcsHookMigrationsConfig, EcsMigrationsConfig, EcsMigrationsMode, EcsCircuitBreakerConfig, EcsScalingConfig, EcsClusterConfig, EcsRoutingConfig, EcsServiceConfig, EcsComputeProps } from "./computeEcsTypes.js";
+import { ScalingType, type EcsCapacityProviderConfig, type EcsCapacityProvider, type EcsContainerConfig, type EcsScalingConfig, type EcsServiceConfig, type EcsComputeProps } from "./computeEcsTypes.js";
 export declare const ECS_CAPACITY_PROVIDER_CONFIG: Record<EcsCapacityProvider, EcsCapacityProviderConfig>;
 export declare function getEcsCapacityProviderConfig(provider: EcsCapacityProvider): EcsCapacityProviderConfig;
 /**
@@ -15,12 +15,40 @@ export declare function getEcsCapacityProviderConfig(provider: EcsCapacityProvid
  * Extracted for clarity and detail parity with database/network patterns.
  */
 export declare function validateEcsProps(props: EcsComputeProps): void;
+/**
+ * Expand a service's `migrations` sugar into a synthetic init container plus
+ * auto-injected `dependsOn` entries on every other container.
+ *
+ * - Synthesises a non-essential container that runs the migration command and exits.
+ * - Inherits image / environment / secrets / secretsImport from the primary container
+ *   (first container with a port, or first container if none have a port).
+ * - Auto-wires every other container to wait on the migrate container's `SUCCESS`,
+ *   skipping containers that already declare the dependency to keep user overrides intact.
+ * - Throws on name collision when a user-defined container shares the migrate name.
+ *
+ * When `migrations.mode` is a lambda-hook variant (`"lifecycle-hook"` /
+ * `"post-deploy"`), this helper is a no-op: the task
+ * definition stays unmodified and the migration is run by a deployment lifecycle
+ * hook synthesised separately at the pattern layer.
+ *
+ * @internal Exported for testing only
+ */
+export declare function expandMigrationsSugar(service: EcsServiceConfig, userContainers: EcsContainerConfig[] | undefined): EcsContainerConfig[];
 /**
  * Build container configurations for an ECS service.
  * Converts user-facing EcsContainerConfig to internal EcsClusterProps format.
+ *
+ * @param service       Service config from EcsComputeProps.
+ * @param schemaVersionEnv Pre-resolved `{ EXPECTED_SCHEMA_VERSION: <ver> }`
+ *                      from a connected database's `migrations:` config, or
+ *                      `undefined` when the service has no migrated DB or
+ *                      opted out via `schemaGate: false`.
+ * @param annotationsScope Construct used as the source for synth-time
+ *                      warnings when the author has set `EXPECTED_SCHEMA_VERSION`
+ *                      themselves and the resolved value differs.
  * @internal Exported for testing only
  */
-export declare function buildContainerConfigs(service: EcsServiceConfig): EcsClusterProps["services"][number]["containers"];
+export declare function buildContainerConfigs(service: EcsServiceConfig, schemaVersionEnv?: Record<string, string>, annotationsScope?: Construct): EcsClusterProps["services"][number]["containers"];
 /**
  * Resolved scaling configuration for an ECS service.
  * @internal Exported for testing only
@@ -44,7 +72,46 @@ export declare class EcsCompute extends Construct implements IEcsCompute {
     readonly computeType: "ecs";
     readonly connections: Connections;
     private readonly ecsCluster;
+    private readonly clusterId;
+    private readonly appName;
+    private readonly migrationTaskDefinitions;
     constructor(scope: Construct, id: string, props: EcsComputeProps);
+    /**
+     * Walks a service's `connections:` for a relational database carrying a
+     * `migrations:` config. Returns the schema-version gate env entries to
+     * thread into the service's containers, or `undefined` when the service is
+     * not gated.
+     *
+     * - `schemaGate: false` → returns `undefined` (auditable opt-out)
+     * - No migrated DB in connections → returns `undefined`
+     * - Exactly one migrated DB → returns `{ EXPECTED_SCHEMA_VERSION, EXPECTED_SCHEMA_VERSION_TOOL }`
+     * - Two or more migrated DBs → throws via `resolveMigrationDatabaseForService`
+     *
+     * Both envs always emit together. The tool sibling lets the runtime gate
+     * dispatch to the matching resolver (or refuse on unknown tool) instead of
+     * hardcoding one.
+     */
+    private resolveSchemaVersionEnv;
+    private materialiseScheduledTasks;
+    private buildScheduledTaskDefinition;
+    /**
+     * For each service whose `migrations.mode` is a lambda-hook variant
+     * (`"lifecycle-hook"` for PRE_SCALE_UP, `"post-deploy"` for POST_SCALE_UP),
+     * synthesise the Lambda + IAM role + log group that backs the deployment
+     * lifecycle hook. The init-container path is unaffected — services without
+     * `mode` (or with `mode: "init-container"`) still get the synthetic
+     * migrate container injected by `expandMigrationsSugar`.
+     */
+    private wireLifecycleHookMigrations;
+    /**
+     * Synthesise a dedicated migration task definition for a lifecycle-hook
+     * migration when `separateTaskDef` is set. Creates the migration's own
+     * execution + task roles, log group, security group (when `egressTo` is
+     * present, else reuses the service's SGs), and the Fargate task definition
+     * with the migration container baked in.
+     */
+    private synthesiseMigrationTaskDef;
+    private resolveMigrationSecrets;
     /** Get the ECS cluster. */
     getCluster(): ICluster;
     /** Get the Application Load Balancer if one was created. */
@@ -53,6 +120,14 @@ export declare class EcsCompute extends Construct implements IEcsCompute {
     getService(name: string): IBaseService | undefined;
     /** Get all services in the cluster. */
     getAllServices(): IBaseService[];
+    getTaskDefinition(serviceName: string): TaskDefinition | undefined;
+    /**
+     * Get the migration task definition for a service. Returns `undefined` when
+     * the service has no `migrations: { mode: "lifecycle-hook", separateTaskDef }`
+     * configured — escape hatch for callers that need to attach grants (e.g.
+     * `bucket.grantReadWrite(td.taskRole)`) to the migration task role.
+     */
+    getMigrationTaskDefinition(serviceName: string): FargateTaskDefinition | undefined;
     /** Get the security group for the cluster. */
     getSecurityGroup(): ISecurityGroup;
     /**
@@ -70,4 +145,17 @@ export declare class EcsCompute extends Construct implements IEcsCompute {
      * which are not known until runtime (tasks are ephemeral).
      */
     grantExecuteCommand(grantee: IGrantable): Grant;
+    /**
+     * Get the EC2 instance role for the cluster's underlying ASG. EC2-mode
+     * clusters return the ASG instance role; Fargate-only clusters return
+     * `undefined`. Use to attach S3 grants etc. that must reach the host
+     * process (D10 — single accessor; no separate `getAutoScalingGroup()`).
+     */
+    getInstanceRole(): IRole | undefined;
+    /**
+     * Get the underlying ASG's `autoScalingGroupName` token. String-only —
+     * D10 forbids exposing the ASG construct itself. Used by alarm helpers
+     * that need a CloudWatch dimension value.
+     */
+    getAutoScalingGroupName(): string | undefined;
 }