npm - @fjall/deploy-core - Versions diffs - 2.13.0 → 2.14.0 - Mend

@fjall/deploy-core 2.13.0 → 2.14.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (97) hide show

package/dist/src/services/application/ApplicationStackService.d.ts CHANGED Viewed

@@ -1,6 +1,7 @@
 import type { CdkService } from "../infrastructure/CdkService.js";
 import type { CloudFormationService } from "../infrastructure/CloudFormationService.js";
 import type { AwsProvider } from "../../aws/AwsProvider.js";
+import type { DeployCallbacks } from "../../types/callbacks.js";
 import type { ResourceEvent } from "../../types/events.js";
 import type { DeploymentContext } from "../../types/deployment/DeploymentTypes.js";
 import { type ApplicationStack } from "../../types/operations.js";
@@ -8,9 +9,12 @@ import type { ParallelDeploymentResult } from "../../types/deployment/parallel.j
 import type { AppResourceFlags } from "../../types/patternDetection.js";
 import { type Result } from "@fjall/generator";
 import { ApplicationError, type StackDeploymentData } from "../../types/application/ApplicationServiceTypes.js";
+import { type DestroyAllStacksCallbacks } from "./applicationStackHelpers.js";
 interface StackCallbacks {
     onOutput?: (chunk: string) => void;
     onResourceProgress?: (event: ResourceEvent) => void;
+    onLog?: DeployCallbacks["onLog"];
+    onStackCleanupProgress?: DeployCallbacks["onStackCleanupProgress"];
 }
 interface DeployStackOptions {
     /**
@@ -23,6 +27,8 @@ interface DeployStackOptions {
 interface ParallelStackCallbacks {
     onOutput?: (chunk: string, stackId: ApplicationStack) => void;
     onResourceProgress?: (event: ResourceEvent, stackId: ApplicationStack) => void;
+    onLog?: DeployCallbacks["onLog"];
+    onStackCleanupProgress?: DeployCallbacks["onStackCleanupProgress"];
     onStackComplete?: (stack: ApplicationStack, success: boolean, duration: number, error?: Error) => void;
 }
 /**
@@ -56,7 +62,7 @@ export declare class ApplicationStackService {
     /**
      * Destroy a specific stack type
      */
-    destroyStack(stackType: ApplicationStack, context: DeploymentContext, callbacks?: StackCallbacks, useCdkOut?: boolean): Promise<Result<StackDeploymentData, ApplicationError>>;
+    destroyStack(stackType: ApplicationStack, context: DeploymentContext, callbacks?: StackCallbacks, useCdkOut?: boolean, abortSignal?: AbortSignal): Promise<Result<StackDeploymentData, ApplicationError>>;
     /**
      * Destroy multiple stacks in parallel within a destroy phase.
      *
@@ -64,7 +70,7 @@ export declare class ApplicationStackService {
      * be run beforehand. Multiple CDK commands cannot run in parallel because they
      * all try to synthesise to the same cdk.out directory.
      */
-    destroyStacksInParallel(stacks: readonly ApplicationStack[], context: DeploymentContext, callbacks?: ParallelStackCallbacks, useCdkOut?: boolean): Promise<Result<ParallelDeploymentResult[], ApplicationError>>;
+    destroyStacksInParallel(stacks: readonly ApplicationStack[], context: DeploymentContext, callbacks?: ParallelStackCallbacks, useCdkOut?: boolean, abortSignal?: AbortSignal): Promise<Result<ParallelDeploymentResult[], ApplicationError>>;
     /**
      * Get stack outputs for a deployed stack
      */
@@ -78,14 +84,7 @@ export declare class ApplicationStackService {
      * Destroy all stacks for an application in reverse order.
      * Supports parallel destruction for OpenNext patterns (nextjs/payload).
      */
-    destroyAllStacks(context: DeploymentContext, callbacks?: {
-        onOutput?: (chunk: string, stackId?: ApplicationStack) => void;
-        onResourceProgress?: (event: ResourceEvent, stackId?: ApplicationStack) => void;
-        onStackStart?: (stackType: ApplicationStack, stackName: string) => void;
-        onStackComplete?: (stackType: ApplicationStack, result: Result<StackDeploymentData, ApplicationError>) => void | Promise<void>;
-        onParallelPhaseStart?: (stacks: readonly ApplicationStack[], description: string) => void;
-        onParallelPhaseComplete?: (results: ParallelDeploymentResult[]) => void;
-    }, resources?: AppResourceFlags): Promise<Result<{
+    destroyAllStacks(context: DeploymentContext, callbacks?: DestroyAllStacksCallbacks, resources?: AppResourceFlags, abortSignal?: AbortSignal): Promise<Result<{
         message: string;
     }, ApplicationError>>;
 }

package/dist/src/services/application/ApplicationStackService.js CHANGED Viewed

	@@ -1 +1 @@
1	- import{STACK_NOT_FOUND_PATTERN as P,CDK_NO_STACKS_MATCH as A}from"../../types/constants.js";import{getApplicationStackName as y}from"../../types/operations.js";import{success as m,failure as k}from"@fjall/generator";import{ApplicationError as h}from"../../types/application/ApplicationServiceTypes.js";import{logger as S}from"@fjall/util/logger";import{maskSensitiveOutput as v}from"@fjall/util";import{convertCloudFormationOutputsToRecord as w}from"../supporting/helpers.js";import{destroyAllStacks as R,mapSettledResults as O,resolveWebsiteUrl as D}from"./applicationStackHelpers.js";class E{cdkService;cloudFormationService;aws;constructor(e,t,r){this.cdkService=e,this.cloudFormationService=t,this.aws=r}async runCdkSynth(e){return this.cdkService.runCdkSynth(e)}async deployStack(e,t,~~r,n~~){const i=t.target,u=y(i,e),c=await this.cdkService.runCdkDeploy(t,u,r?.onOutput,r?.onResourceProgress,this.aws,void 0,n?.parameters);if(c.success){const s=c.data;S.debug("ApplicationStackService","CDK deploy result",{stackName:u,stackType:e,success:!0,message:s.message,status:s.status,skipped:s.details?.skipped,hasOutput:!!s.details?.output});const o=await this.cloudFormationService.getStackOutputs(u);S.debug("ApplicationStackService","Stack outputs after deploy",{stackName:u,hasOutputs:o.success&&o.data.length>0,outputCount:o.success?o.data.length:0});const a=o.success&&o.data.length>0?w(o.data):void 0;return m({stackType:e,stackName:u,skipped:s.details?.skipped===!0,outputs:a})}else{const s=v(c.error\|\|`Failed to deploy ${e} infrastructure`);return S.error("ApplicationStackService","Stack deployment failed",{stackType:e,target:t.target,error:s}),k(new h(s,{errorType:"deployment_failed",appName:t.target,operation:"deployStack",stackType:e}))}}async deployStacksInParallel(e,t,r){const n=r?.onOutput,i=r?.onResourceProgress,u=r?.onStackComplete,c=await Promise.allSettled(e.map(async s=>{const o=Date.now(),a=await this.deployStack(s,t,{onOutput:n?p=>n(p,s):void 0,onResourceProgress:i?p=>i(p,s):void 0}),d=Date.now()-o,g={stack:s,success:a.success,error:a.success?void 0:a.error,duration:d,...a.success&&a.data.outputs!==void 0?{outputs:a.data.outputs}:{}};return!a.success&&a.error&&S.debug("deployStacksInParallel",`Stack ${s} failed`,{error:a.error.message}),u?.(s,a.success,d,a.success?void 0:a.error),g}));return m(O(c,e))}async destroyStack(e,t,r,n){const i=t.target,u=y(i,e),c=await this.cdkService.runCdkDestroy(t,u,r?.onOutput,r?.onResourceProgress,this.aws,n);if(c.success)return m({stackType:e,stackName:u,skipped:!1,outputs:void 0});{const s=v(c.error\|\|`Failed to destroy ${e} stack`);return S.error("ApplicationStackService","Stack destroy failed",{stackType:e,target:t.target,error:s}),k(new h(s,{errorType:"destroy_failed",appName:t.target,operation:"destroyStack",stackType:e}))}}async destroyStacksInParallel(e,t,r,n){const i=r?.onOutput,u=r?.onResourceProgress,c=r?.onStackComplete,s=await Promise.allSettled(e.map(async o=>{const a=Date.now(),d=await this.destroyStack(o,t,{onOutput:i?f=>i(f,o):void 0,onResourceProgress:u?f=>u(f,o):void 0},n),g=Date.now()-a,p=d.success?"":d.error?.message??"",C=p.includes(P)\|\|p.includes(A),l={stack:o,success:d.success\|\|C,error:d.success\|\|C?void 0:d.error,duration:g};return!l.success&&l.error&&S.debug("destroyStacksInParallel",`Stack ${o} failed`,{error:l.error.message}),c?.(o,l.success,g,l.success?void 0:l.error),l}));return m(O(s,e))}async getStackOutputs(e,t){const r=y(e,t),n=await this.cloudFormationService.getStackOutputs(r);return n.success?m(w(n.data)):k(new h(`Failed to get outputs for ${r}`,{errorType:"stack_error",appName:e,operation:"getStackOutputs",stackType:t,details:n.error}))}async resolveWebsiteUrl(e){return D(e,this.cloudFormationService)}async destroyAllStacks(e,t,r){return R(this,e,t,r)}}export{E as ApplicationStackService};
1	+ import{CloudFormationClient as R}from"@aws-sdk/client-cloudformation";import{S3Client as v}from"@aws-sdk/client-s3";import{capturedSweepBuckets as D,preEmptyStackBuckets as N,sweepOrphanedDestroyBuckets as F}from"../../orchestration/stackCleanup.js";import{STACK_NOT_FOUND_PATTERN as _,CDK_NO_STACKS_MATCH as L}from"../../types/constants.js";import{getApplicationStackName as y}from"../../types/operations.js";import{success as g,failure as k}from"@fjall/generator";import{ApplicationError as h}from"../../types/application/ApplicationServiceTypes.js";import{logger as d}from"@fjall/util/logger";import{maskSensitiveOutput as P}from"@fjall/util";import{convertCloudFormationOutputsToRecord as O}from"../supporting/helpers.js";import{destroyAllStacks as $,mapSettledResults as A,resolveWebsiteUrl as B}from"./applicationStackHelpers.js";class z{cdkService;cloudFormationService;aws;constructor(e,s,t){this.cdkService=e,this.cloudFormationService=s,this.aws=t}async runCdkSynth(e){return this.cdkService.runCdkSynth(e)}async deployStack(e,s,t,a){const c=s.target,i=y(c,e),n=await this.cdkService.runCdkDeploy(s,i,t?.onOutput,t?.onResourceProgress,this.aws,void 0,a?.parameters);if(n.success){const o=n.data;d.debug("ApplicationStackService","CDK deploy result",{stackName:i,stackType:e,success:!0,message:o.message,status:o.status,skipped:o.details?.skipped,hasOutput:!!o.details?.output});const u=await this.cloudFormationService.getStackOutputs(i);d.debug("ApplicationStackService","Stack outputs after deploy",{stackName:i,hasOutputs:u.success&&u.data.length>0,outputCount:u.success?u.data.length:0});const r=u.success&&u.data.length>0?O(u.data):void 0;return g({stackType:e,stackName:i,skipped:o.details?.skipped===!0,outputs:r})}else{const o=P(n.error\|\|`Failed to deploy ${e} infrastructure`);return d.error("ApplicationStackService","Stack deployment failed",{stackType:e,target:s.target,error:o}),k(new h(o,{errorType:"deployment_failed",appName:s.target,operation:"deployStack",stackType:e}))}}async deployStacksInParallel(e,s,t){const a=t?.onOutput,c=t?.onResourceProgress,i=t?.onStackComplete,n=await Promise.allSettled(e.map(async o=>{const u=Date.now(),r=await this.deployStack(o,s,{onOutput:a?m=>a(m,o):void 0,onResourceProgress:c?m=>c(m,o):void 0}),S=Date.now()-u,p={stack:o,success:r.success,error:r.success?void 0:r.error,duration:S,...r.success&&r.data.outputs!==void 0?{outputs:r.data.outputs}:{}};return!r.success&&r.error&&d.debug("deployStacksInParallel",`Stack ${o} failed`,{error:r.error.message}),i?.(o,r.success,S,r.success?void 0:r.error),p}));return g(A(n,e))}async destroyStack(e,s,t,a,c){const i=s.target,n=y(i,e);let o=[];if(this.aws!==void 0)if(a===!0\|\|(await this.cdkService.runCdkSynth(s)).success){const S=await N(this.aws.getClient(R),this.aws.getClient(v),n,{onLog:t?.onLog,onStackCleanupProgress:t?.onStackCleanupProgress},c);o=D(S)}else d.debug("ApplicationStackService","Skipping pre-empty pass after failed validation synth \u2014 the destroy will surface the error",{stackName:n});else d.debug("ApplicationStackService","No AWS provider available, skipping pre-empty pass",{stackName:n});const u=await this.cdkService.runCdkDestroy(s,n,t?.onOutput,t?.onResourceProgress,this.aws,a);if(u.success)return this.aws!==void 0&&o.length>0&&await F(this.aws.getClient(v),o,{onLog:t?.onLog,onStackCleanupProgress:t?.onStackCleanupProgress},c),g({stackType:e,stackName:n,skipped:!1,outputs:void 0});{const r=P(u.error\|\|`Failed to destroy ${e} stack`);return d.error("ApplicationStackService","Stack destroy failed",{stackType:e,target:s.target,error:r}),k(new h(r,{errorType:"destroy_failed",appName:s.target,operation:"destroyStack",stackType:e}))}}async destroyStacksInParallel(e,s,t,a,c){const i=t?.onOutput,n=t?.onResourceProgress,o=t?.onStackComplete,u=await Promise.allSettled(e.map(async r=>{const S=Date.now(),p=await this.destroyStack(r,s,{onOutput:i?f=>i(f,r):void 0,onResourceProgress:n?f=>n(f,r):void 0,onLog:t?.onLog,onStackCleanupProgress:t?.onStackCleanupProgress},a,c),m=Date.now()-S,C=p.success?"":p.error?.message??"",w=C.includes(_)\|\|C.includes(L),l={stack:r,success:p.success\|\|w,error:p.success\|\|w?void 0:p.error,duration:m};return!l.success&&l.error&&d.debug("destroyStacksInParallel",`Stack ${r} failed`,{error:l.error.message}),o?.(r,l.success,m,l.success?void 0:l.error),l}));return g(A(u,e))}async getStackOutputs(e,s){const t=y(e,s),a=await this.cloudFormationService.getStackOutputs(t);return a.success?g(O(a.data)):k(new h(`Failed to get outputs for ${t}`,{errorType:"stack_error",appName:e,operation:"getStackOutputs",stackType:s,details:a.error}))}async resolveWebsiteUrl(e){return B(e,this.cloudFormationService)}async destroyAllStacks(e,s,t,a){return $(this,e,s,t,a)}}export{z as ApplicationStackService};

package/dist/src/services/application/applicationStackHelpers.d.ts CHANGED Viewed

@@ -7,6 +7,18 @@ import { type Result } from "@fjall/generator";
 import { ApplicationError, type StackDeploymentData } from "../../types/application/ApplicationServiceTypes.js";
 import type { ApplicationStackService } from "./ApplicationStackService.js";
 import type { CloudFormationService } from "../infrastructure/CloudFormationService.js";
+import type { DeployCallbacks } from "../../types/callbacks.js";
+/** Shared with ApplicationStackService.destroyAllStacks — the two signatures must not drift. */
+export interface DestroyAllStacksCallbacks {
+    onOutput?: (chunk: string, stackId?: ApplicationStack) => void;
+    onResourceProgress?: (event: ResourceEvent, stackId?: ApplicationStack) => void;
+    onLog?: DeployCallbacks["onLog"];
+    onStackCleanupProgress?: DeployCallbacks["onStackCleanupProgress"];
+    onStackStart?: (stackType: ApplicationStack, stackName: string) => void;
+    onStackComplete?: (stackType: ApplicationStack, result: Result<StackDeploymentData, ApplicationError>) => void | Promise<void>;
+    onParallelPhaseStart?: (stacks: readonly ApplicationStack[], description: string) => void;
+    onParallelPhaseComplete?: (results: ParallelDeploymentResult[]) => void;
+}
 /**
  * Convert "doesn't exist" errors to success for destroy operations.
  */
@@ -24,14 +36,7 @@ export declare function handleDestroyError(result: Result<StackDeploymentData, A
  * Destroy all stacks for an application in reverse order.
  * Supports parallel destruction for OpenNext patterns (nextjs/payload).
  */
-export declare function destroyAllStacks(service: ApplicationStackService, context: DeploymentContext, callbacks?: {
-    onOutput?: (chunk: string, stackId?: ApplicationStack) => void;
-    onResourceProgress?: (event: ResourceEvent, stackId?: ApplicationStack) => void;
-    onStackStart?: (stackType: ApplicationStack, stackName: string) => void;
-    onStackComplete?: (stackType: ApplicationStack, result: Result<StackDeploymentData, ApplicationError>) => void | Promise<void>;
-    onParallelPhaseStart?: (stacks: readonly ApplicationStack[], description: string) => void;
-    onParallelPhaseComplete?: (results: ParallelDeploymentResult[]) => void;
-}, resources?: AppResourceFlags): Promise<Result<{
+export declare function destroyAllStacks(service: ApplicationStackService, context: DeploymentContext, callbacks?: DestroyAllStacksCallbacks, resources?: AppResourceFlags, abortSignal?: AbortSignal): Promise<Result<{
     message: string;
 }, ApplicationError>>;
 /**

package/dist/src/services/application/applicationStackHelpers.js CHANGED Viewed

@@ -1,4 +1,4 @@
-import{maskSensitiveOutput as P}from"@fjall/util";import{STACK_NOT_FOUND_PATTERN as T,CDK_NO_STACKS_MATCH as D,INFRASTRUCTURE_FILENAME as $}from"../../types/constants.js";import{APPLICATION_STACKS as N,getApplicationStackName as S,getApplicationDestroyOrder as U,getParallelDestroyGroups as K}from"../../types/operations.js";import{FrameworkRegistry as L}from"../../orchestration/builders/frameworkRegistry.js";import{success as k,failure as h,isFailure as R}from"@fjall/generator";import{ApplicationError as O}from"../../types/application/ApplicationServiceTypes.js";import{logger as F}from"@fjall/util/logger";function A(t,r,e){if(t.success)return t;const n=R(t)?t.error.message:"";return n.includes(T)||n.includes(D)?k({stackName:S(e,r),stackType:r,outputs:{},skipped:!0}):t}function E(t,r){if(t.success)return null;const e=R(t)?P(t.error.message):"";if(e.includes("TSError")||e.includes("Unable to compile TypeScript")||e.includes("Subprocess exited with error")){const n=e.match(/infrastructure\.ts\(\d+,\d+\): error TS\d+: .+/),s=n?n[0]:`Check ${$} for syntax errors`;return{continue:!1,result:h(new O(`CDK synthesis failed: ${s}`,{errorType:"synth_failed",operation:`destroy-${r}`}))}}return e.includes(T)||e.includes(D)?{continue:!0,result:k({message:"Stack already deleted"})}:{continue:!1,result:h(new O(`Failed to destroy ${r} stack: ${e}`,{errorType:"destroy_failed",operation:`destroy-${r}`}))}}async function G(t,r,e,n){const s=r.target,l=L.createDefault().resolve({appPath:r.path});let f,y;if(l){const u=l.builder.plan({appPath:r.path},l.detection);f=u.parallelDestroy,y=u.destroyOrder}else f=!1,y=U({pattern:null,resources:n});if(f){const u=K();for(const C of u){const m=C.stacks;if(m.length===1){const a=m[0],p=S(s,a);e?.onStackStart?.(a,p);const o=await t.destroyStack(a,r,{onOutput:e?.onOutput?d=>e.onOutput?.(d,a):void 0,onResourceProgress:e?.onResourceProgress?d=>e.onResourceProgress?.(d,a):void 0}),i=A(o,a,s);e?.onStackComplete&&await e.onStackComplete(a,i);const c=E(i,a);if(c){if(c.continue)continue;return c.result}}else{const a=await t.runCdkSynth(r);if(!a.success)return h(new O(a.error,{errorType:"synth_failed",appName:s,operation:"destroy-parallel-synth"}));e?.onParallelPhaseStart?.(m,C.description);for(const o of m)e?.onStackStart?.(o,S(s,o));const p=await t.destroyStacksInParallel(m,r,{onOutput:e?.onOutput,onResourceProgress:e?.onResourceProgress,onStackComplete:async(o,i,c,d)=>{const g=d?.message!==void 0?P(d.message):"Stack destruction failed",_=i?k({stackName:S(s,o),stackType:o,outputs:{}}):h(d instanceof O?d:new O(g,{errorType:"destroy_failed",appName:s,operation:`destroy-${o}`}));await e?.onStackComplete?.(o,_)}},!0);if(p.success){e?.onParallelPhaseComplete?.(p.data);const o=p.data.filter(i=>!i.success);if(o.length>0){const i=o.filter(c=>c.error&&!c.error.message.includes(T)&&!c.error.message.includes(D));if(i.length>0){const c=i.map(g=>g.stack).join(", "),d=i.map(g=>`${g.stack}: ${g.error?.message??"Unknown error"}`).join(`
-`);return h(new O(`Failed to destroy stacks: ${c}
+import{maskSensitiveOutput as T}from"@fjall/util";import{STACK_NOT_FOUND_PATTERN as D,CDK_NO_STACKS_MATCH as N,INFRASTRUCTURE_FILENAME as $}from"../../types/constants.js";import{APPLICATION_STACKS as R,getApplicationStackName as g,getApplicationDestroyOrder as U,getParallelDestroyGroups as K}from"../../types/operations.js";import{FrameworkRegistry as F}from"../../orchestration/builders/frameworkRegistry.js";import{success as w,failure as P,isFailure as A}from"@fjall/generator";import{ApplicationError as C}from"../../types/application/ApplicationServiceTypes.js";import{logger as M}from"@fjall/util/logger";function E(t,r,e){if(t.success)return t;const s=A(t)?t.error.message:"";return s.includes(D)||s.includes(N)?w({stackName:g(e,r),stackType:r,outputs:{},skipped:!0}):t}function L(t,r){if(t.success)return null;const e=A(t)?T(t.error.message):"";if(e.includes("TSError")||e.includes("Unable to compile TypeScript")||e.includes("Subprocess exited with error")){const s=e.match(/infrastructure\.ts\(\d+,\d+\): error TS\d+: .+/),d=s?s[0]:`Check ${$} for syntax errors`;return{continue:!1,result:P(new C(`CDK synthesis failed: ${d}`,{errorType:"synth_failed",operation:`destroy-${r}`}))}}return e.includes(D)||e.includes(N)?{continue:!0,result:w({message:"Stack already deleted"})}:{continue:!1,result:P(new C(`Failed to destroy ${r} stack: ${e}`,{errorType:"destroy_failed",operation:`destroy-${r}`}))}}async function W(t,r,e,s,d){const u=r.target,f=F.createDefault().resolve({appPath:r.path});let y,k;if(f){const a=f.builder.plan({appPath:r.path},f.detection);y=a.parallelDestroy,k=a.destroyOrder}else y=!1,k=U({pattern:null,resources:s});if(y){const a=K();for(const h of a){const m=h.stacks;if(m.length===1){const n=m[0],l=g(u,n);e?.onStackStart?.(n,l);const o=await t.destroyStack(n,r,{onOutput:e?.onOutput?c=>e.onOutput?.(c,n):void 0,onResourceProgress:e?.onResourceProgress?c=>e.onResourceProgress?.(c,n):void 0,onLog:e?.onLog,onStackCleanupProgress:e?.onStackCleanupProgress},void 0,d),i=E(o,n,u);e?.onStackComplete&&await e.onStackComplete(n,i);const p=L(i,n);if(p){if(p.continue)continue;return p.result}}else{const n=await t.runCdkSynth(r);if(!n.success)return P(new C(n.error,{errorType:"synth_failed",appName:u,operation:"destroy-parallel-synth"}));e?.onParallelPhaseStart?.(m,h.description);for(const o of m)e?.onStackStart?.(o,g(u,o));const l=await t.destroyStacksInParallel(m,r,{onOutput:e?.onOutput,onResourceProgress:e?.onResourceProgress,onLog:e?.onLog,onStackCleanupProgress:e?.onStackCleanupProgress,onStackComplete:async(o,i,p,c)=>{const O=c?.message!==void 0?T(c.message):"Stack destruction failed",_=i?w({stackName:g(u,o),stackType:o,outputs:{}}):P(c instanceof C?c:new C(O,{errorType:"destroy_failed",appName:u,operation:`destroy-${o}`}));await e?.onStackComplete?.(o,_)}},!0,d);if(l.success){e?.onParallelPhaseComplete?.(l.data);const o=l.data.filter(i=>!i.success);if(o.length>0){const i=o.filter(p=>p.error&&!p.error.message.includes(D)&&!p.error.message.includes(N));if(i.length>0){const p=i.map(O=>O.stack).join(", "),c=i.map(O=>`${O.stack}: ${O.error?.message??"Unknown error"}`).join(`
+`);return P(new C(`Failed to destroy stacks: ${p}
-${d}`,{errorType:"destroy_failed",appName:s,operation:"destroy-parallel"}))}}}}}}else for(const u of y){const C=S(s,u);e?.onStackStart?.(u,C);const m=await t.destroyStack(u,r,{onOutput:e?.onOutput?o=>e.onOutput?.(o,u):void 0,onResourceProgress:e?.onResourceProgress?o=>e.onResourceProgress?.(o,u):void 0}),a=A(m,u,s);e?.onStackComplete&&await e.onStackComplete(u,a);const p=E(a,u);if(p){if(p.continue)continue;return p.result}}return k({message:"All stacks destroyed"})}function W(t,r){return t.map((e,n)=>e.status==="fulfilled"?e.value:{stack:r[n]??N.NETWORK,success:!1,error:e.reason instanceof Error?e.reason:new Error(String(e.reason)),duration:0})}async function H(t,r){try{const e=S(t,N.COMPUTE),n=await r.getStackOutputs(e);if(n.success&&n.data.length>0){const l=n.data.find(y=>y.OutputKey?.includes("LoadBalancerUrl"));if(l?.OutputValue)return l.OutputValue.toLowerCase();const f=n.data.find(y=>y.OutputKey?.includes("LoadBalancerDnsName"));if(f?.OutputValue)return`http://${f.OutputValue.toLowerCase()}`}const s=S(t,N.CDN),w=await r.getStackOutputs(s);if(w.success&&w.data.length>0){const l=w.data.find(f=>f.OutputKey?.includes("DistributionDomainName"));if(l?.OutputValue)return`https://${l.OutputValue.toLowerCase()}`}return}catch(e){F.warn("ApplicationStackService","URL resolution failed",{error:P(e instanceof Error?e.message:String(e))});return}}export{A as convertDestroyResultIfNotExists,G as destroyAllStacks,E as handleDestroyError,W as mapSettledResults,H as resolveWebsiteUrl};
+${c}`,{errorType:"destroy_failed",appName:u,operation:"destroy-parallel"}))}}}}}}else for(const a of k){const h=g(u,a);e?.onStackStart?.(a,h);const m=await t.destroyStack(a,r,{onOutput:e?.onOutput?o=>e.onOutput?.(o,a):void 0,onResourceProgress:e?.onResourceProgress?o=>e.onResourceProgress?.(o,a):void 0,onLog:e?.onLog,onStackCleanupProgress:e?.onStackCleanupProgress},void 0,d),n=E(m,a,u);e?.onStackComplete&&await e.onStackComplete(a,n);const l=L(n,a);if(l){if(l.continue)continue;return l.result}}return w({message:"All stacks destroyed"})}function H(t,r){return t.map((e,s)=>e.status==="fulfilled"?e.value:{stack:r[s]??R.NETWORK,success:!1,error:e.reason instanceof Error?e.reason:new Error(String(e.reason)),duration:0})}async function q(t,r){try{const e=g(t,R.COMPUTE),s=await r.getStackOutputs(e);if(s.success&&s.data.length>0){const S=s.data.find(y=>y.OutputKey?.includes("LoadBalancerUrl"));if(S?.OutputValue)return S.OutputValue.toLowerCase();const f=s.data.find(y=>y.OutputKey?.includes("LoadBalancerDnsName"));if(f?.OutputValue)return`http://${f.OutputValue.toLowerCase()}`}const d=g(t,R.CDN),u=await r.getStackOutputs(d);if(u.success&&u.data.length>0){const S=u.data.find(f=>f.OutputKey?.includes("DistributionDomainName"));if(S?.OutputValue)return`https://${S.OutputValue.toLowerCase()}`}return}catch(e){M.warn("ApplicationStackService","URL resolution failed",{error:T(e instanceof Error?e.message:String(e))});return}}export{E as convertDestroyResultIfNotExists,W as destroyAllStacks,L as handleDestroyError,H as mapSettledResults,q as resolveWebsiteUrl};

package/dist/src/steps/stepRegistry.js CHANGED Viewed

	@@ -1 +1 @@
1	- import{APPLICATION_STACKS as n,APPLICATION_DEPLOY_ORDER as A,getApplicationStepName as t,getApplicationStepId as a}from"../types/index.js";import{STEP_IDS as e,STEP_NAMES as s,INFRA_STEP_NAME as d}from"../types/index.js";const O={Network:e.NETWORK_DESTROY,Storage:e.STORAGE_DESTROY,Messaging:e.MESSAGING_DESTROY,Database:e.DATABASE_DESTROY,Compute:e.COMPUTE_DESTROY,Cdn:e.CDN_DESTROY};function S(f){return O[f]??`${f.toLowerCase()}-destroy`}class p{static DEPLOYMENT_STEPS=new Map([["application-deploy",[{id:e.AUTH,name:s.AUTH},{id:e.DETECT_CONFIG,name:s.PREPARE_DEPLOY},{id:e.BOOTSTRAP,name:s.BOOTSTRAP,conditions:{requiresInfra:!0}},{id:a(n.NETWORK,"deploy"),name:t(n.NETWORK,"deploy"),conditions:{requiresInfra:!0,requiresNetwork:!0}},{id:a(n.STORAGE,"deploy"),name:t(n.STORAGE,"deploy"),conditions:{requiresInfra:!0,requiresStorage:!0}},{id:a(n.MESSAGING,"deploy"),name:t(n.MESSAGING,"deploy"),conditions:{requiresInfra:!0,requiresMessaging:!0}},{id:a(n.DATABASE,"deploy"),name:t(n.DATABASE,"deploy"),conditions:{requiresInfra:!0,requiresDatabase:!0}},{id:e.DOCKER_OPERATIONS,name:"Docker operations",conditions:{requiresDocker:!0,requiresCompute:!0,skipForInfraOnly:!0}},{id:e.TAG_ECR_IMAGES,name:"Tagging container images",conditions:{requiresImageTagging:!0,requiresCompute:!0,skipForInfraOnly:!0}},{id:a(n.COMPUTE,"deploy"),name:t(n.COMPUTE,"deploy"),conditions:{requiresInfra:!0,requiresCompute:!0}},{id:a(n.CDN,"deploy"),name:t(n.CDN,"deploy"),conditions:{requiresInfra:!0,requiresCdn:!0}}]],["application-destroy",[{id:e.AUTH,name:s.AUTH},{id:e.DETECT_CONFIG,name:s.CHECK_INFRA_STATE},{id:a(n.CDN,"destroy"),name:t(n.CDN,"destroy"),conditions:{requiresCdn:!0}},{id:a(n.COMPUTE,"destroy"),name:t(n.COMPUTE,"destroy")},{id:a(n.DATABASE,"destroy"),name:t(n.DATABASE,"destroy")},{id:a(n.MESSAGING,"destroy"),name:t(n.MESSAGING,"destroy"),conditions:{requiresMessaging:!0}},{id:a(n.STORAGE,"destroy"),name:t(n.STORAGE,"destroy"),conditions:{requiresStorage:!0}},{id:a(n.NETWORK,"destroy"),name:t(n.NETWORK,"destroy")}]],["organisation-deploy",[{id:e.AUTH,name:s.AUTH},{id:e.ORG_SETUP,name:s.ORG_SETUP},{id:e.PREPARE_ENVIRONMENT,name:d.PREPARE},{id:e.ORG_DEPLOY,name:s.ORG_DEPLOY,conditions:{requiresOrgChanges:!0}},{id:e.CASCADE_PLATFORM,name:s.CASCADE_PLATFORM,conditions:{requiresPlatformAccount:!0}},{id:e.CASCADE_ACCOUNTS,name:s.CASCADE_ACCOUNTS,conditions:{requiresMemberAccounts:!0}}]],["organisation-destroy",[{id:e.AUTH,name:s.AUTH},{id:e.CFN_CHECK,name:s.CHECK_INFRA_STATE},{id:e.CASCADE_ACCOUNTS,name:"Destroying account infrastructure",conditions:{requiresMemberAccounts:!0}},{id:e.CASCADE_PLATFORM,name:"Destroying platform infrastructure",conditions:{requiresPlatformAccount:!0}},{id:e.DESTROY,name:"Destroying organisation infrastructure"}]],["platform-deploy",[{id:e.AUTH,name:s.AUTH},{id:e.CONNECT,name:d.CONNECT},{id:e.PREPARE_ENVIRONMENT,name:d.PREPARE},{id:e.DEPLOY,name:d.DEPLOY},{id:e.MONITORING,name:d.MONITORING}]],["platform-destroy",[{id:e.AUTH,name:s.AUTH},{id:e.CFN_CHECK,name:"Checking infrastructure state"},{id:e.ORG_DESTROY,name:"Destroying platform infrastructure"}]],["account-deploy",[{id:e.AUTH,name:s.AUTH},{id:e.CONNECT,name:d.CONNECT},{id:e.PREPARE_ENVIRONMENT,name:d.PREPARE},{id:e.DEPLOY,name:d.DEPLOY},{id:e.MONITORING,name:d.MONITORING}]],["account-destroy",[{id:e.AUTH,name:s.AUTH},{id:e.CFN_CHECK,name:"Checking infrastructure state"},{id:e.ORG_DESTROY,name:"Destroying account infrastructure"}]]]);static getSteps(r){if(r.deploymentType==="application"&&r.operation==="deploy"&&r.deployOnly)return[{id:e.AUTH,name:s.AUTH},{id:e.DOCKER_OPERATIONS,name:"Build and push Docker container"},{id:a(n.COMPUTE,"deploy"),name:t(n.COMPUTE,"deploy")}];const o=`${r.deploymentType}-${r.operation}`;return(this.DEPLOYMENT_STEPS.get(o)??[]).filter(i=>{if(r.deploymentType==="application"){const l=r.builderName==="opennext";if(i.conditions?.requiresInfra&&r.deployOnly)return!1;if(r.resources){const c=r.resources;if(i.conditions?.requiresNetwork&&!c.hasNetwork\|\|i.conditions?.requiresCompute&&!c.hasCompute\|\|i.conditions?.requiresDatabase&&!c.hasDatabase\|\|i.conditions?.requiresStorage&&!c.hasStorage\|\|i.conditions?.requiresMessaging&&!c.hasMessaging\|\|i.conditions?.requiresCdn&&!c.hasCdn)return!1}else if(r.operation==="deploy"&&!l&&(i.conditions?.requiresNetwork\|\|i.conditions?.requiresCompute\|\|i.conditions?.requiresDatabase\|\|i.conditions?.requiresStorage\|\|i.conditions?.requiresMessaging\|\|i.conditions?.requiresCdn))return!1;if(i.conditions?.requiresDocker\|\|i.id===e.DOCKER_OPERATIONS)return l\|\|r.infraOnly\|\|r.resources&&!r.resources.hasCompute?!1:r.deployOnly?r.hasDockerfile===!0:r.hasDockerfile===!0\|\|r.hasDockerfile===!1&&!r.isManagedAccount;if(i.conditions?.requiresImageTagging)return r.infraOnly\|\|l\|\|r.resources&&!r.resources.hasCompute?!1:r.hasDockerfile===!1}return!(i.conditions?.requiresMemberAccounts&&!r.hasMemberAccounts\|\|i.conditions?.requiresPlatformAccount&&!r.hasPlatformAccount\|\|i.conditions?.requiresOrgChanges&&r.hasOrgChanges!==!0\|\|i.conditions?.requiresPlatformChanges&&r.hasPlatformChanges!==!0\|\|i.conditions?.requiresAccountChanges&&r.hasAccountChanges!==!0\|\|i.conditions?.requiresDomainConfiguration&&!r.hasDomainConfiguration\|\|i.conditions?.requiresDomainChanges&&r.hasDomainChanges!==!0)}).map(i=>i.id===e.DOCKER_OPERATIONS?{...i,name:r.hasDockerfile?"Building and pushing Docker image":"Initialising container repository"}:i)}static getStepNames(r){return this.getSteps(r).map(o=>o.name)}static getStepIndex(r,o){return this.getSteps(o).findIndex(E=>E.id===r)}static getStepById(r,o="application"){const u=`${o}-deploy`,i=(this.DEPLOYMENT_STEPS.get(u)\|\|[]).find(T=>T.id===r);if(i)return i;const l=`${o}-destroy`;return(this.DEPLOYMENT_STEPS.get(l)\|\|[]).find(T=>T.id===r)}static isStepIncluded(r,o){return this.getSteps(o).some(E=>E.id===r)}static createContext(r,o,u){return{deploymentType:r,operation:o,deployOnly:u?.deployOnly??!1,infraOnly:u?.infraOnly??!1,isManagedAccount:u?.isManagedAccount??!1,hasDockerfile:u?.hasDockerfile??!1,pattern:u?.pattern??null,builderName:u?.builderName,resources:u?.resources}}static getDeploymentTypes(){return["application","organisation","platform","account"]}static getStackNames(r){switch(r){case"application":return[...A];case"organisation":return["Organisation"];case"platform":return["Platform"];case"account":return["Account"];default:return[]}}static getInfraStepIds(){return[e.CFN_CHECK,e.BOOTSTRAP,e.DIFF,e.NETWORK,e.STORAGE,e.MESSAGING,e.DATABASE,e.COMPUTE,e.CDN]}static getDockerStepIds(){return[e.ECR_INIT,e.DOCKER_DEPLOY]}}export{p as StepRegistry,S as getDestroyStepId};
1	+ import{APPLICATION_STACKS as n,APPLICATION_DEPLOY_ORDER as l,getApplicationStepName as t,getApplicationStepId as a}from"../types/index.js";import{STEP_IDS as e,STEP_NAMES as s,INFRA_STEP_NAME as d}from"../types/index.js";const O={Network:e.NETWORK_DESTROY,Storage:e.STORAGE_DESTROY,Messaging:e.MESSAGING_DESTROY,Database:e.DATABASE_DESTROY,Compute:e.COMPUTE_DESTROY,Cdn:e.CDN_DESTROY};function C(A){return O[A]??`${A.toLowerCase()}-destroy`}class p{static DEPLOYMENT_STEPS=new Map([["application-deploy",[{id:e.AUTH,name:s.AUTH},{id:e.DETECT_CONFIG,name:s.PREPARE_DEPLOY},{id:e.TARGET_READINESS,name:s.TARGET_READINESS,conditions:{requiresInfra:!0}},{id:e.BOOTSTRAP,name:s.BOOTSTRAP,conditions:{requiresInfra:!0}},{id:a(n.NETWORK,"deploy"),name:t(n.NETWORK,"deploy"),conditions:{requiresInfra:!0,requiresNetwork:!0}},{id:a(n.STORAGE,"deploy"),name:t(n.STORAGE,"deploy"),conditions:{requiresInfra:!0,requiresStorage:!0}},{id:a(n.MESSAGING,"deploy"),name:t(n.MESSAGING,"deploy"),conditions:{requiresInfra:!0,requiresMessaging:!0}},{id:a(n.DATABASE,"deploy"),name:t(n.DATABASE,"deploy"),conditions:{requiresInfra:!0,requiresDatabase:!0}},{id:e.DOCKER_OPERATIONS,name:"Docker operations",conditions:{requiresDocker:!0,requiresCompute:!0,skipForInfraOnly:!0}},{id:e.TAG_ECR_IMAGES,name:"Tagging container images",conditions:{requiresImageTagging:!0,requiresCompute:!0,skipForInfraOnly:!0}},{id:a(n.COMPUTE,"deploy"),name:t(n.COMPUTE,"deploy"),conditions:{requiresInfra:!0,requiresCompute:!0}},{id:a(n.CDN,"deploy"),name:t(n.CDN,"deploy"),conditions:{requiresInfra:!0,requiresCdn:!0}}]],["application-destroy",[{id:e.AUTH,name:s.AUTH},{id:e.DETECT_CONFIG,name:s.CHECK_INFRA_STATE},{id:a(n.CDN,"destroy"),name:t(n.CDN,"destroy"),conditions:{requiresCdn:!0}},{id:a(n.COMPUTE,"destroy"),name:t(n.COMPUTE,"destroy")},{id:a(n.DATABASE,"destroy"),name:t(n.DATABASE,"destroy")},{id:a(n.MESSAGING,"destroy"),name:t(n.MESSAGING,"destroy"),conditions:{requiresMessaging:!0}},{id:a(n.STORAGE,"destroy"),name:t(n.STORAGE,"destroy"),conditions:{requiresStorage:!0}},{id:a(n.NETWORK,"destroy"),name:t(n.NETWORK,"destroy")}]],["organisation-deploy",[{id:e.AUTH,name:s.AUTH},{id:e.ORG_SETUP,name:s.ORG_SETUP},{id:e.PREPARE_ENVIRONMENT,name:d.PREPARE},{id:e.ORG_DEPLOY,name:s.ORG_DEPLOY,conditions:{requiresOrgChanges:!0}},{id:e.CASCADE_PLATFORM,name:s.CASCADE_PLATFORM,conditions:{requiresPlatformAccount:!0}},{id:e.CASCADE_ACCOUNTS,name:s.CASCADE_ACCOUNTS,conditions:{requiresMemberAccounts:!0}}]],["organisation-destroy",[{id:e.AUTH,name:s.AUTH},{id:e.CFN_CHECK,name:s.CHECK_INFRA_STATE},{id:e.CASCADE_ACCOUNTS,name:"Destroying account infrastructure",conditions:{requiresMemberAccounts:!0}},{id:e.CASCADE_PLATFORM,name:"Destroying platform infrastructure",conditions:{requiresPlatformAccount:!0}},{id:e.DESTROY,name:"Destroying organisation infrastructure"}]],["platform-deploy",[{id:e.AUTH,name:s.AUTH},{id:e.CONNECT,name:d.CONNECT},{id:e.PREPARE_ENVIRONMENT,name:d.PREPARE},{id:e.DEPLOY,name:d.DEPLOY},{id:e.MONITORING,name:d.MONITORING}]],["platform-destroy",[{id:e.AUTH,name:s.AUTH},{id:e.CFN_CHECK,name:"Checking infrastructure state"},{id:e.ORG_DESTROY,name:"Destroying platform infrastructure"}]],["account-deploy",[{id:e.AUTH,name:s.AUTH},{id:e.CONNECT,name:d.CONNECT},{id:e.PREPARE_ENVIRONMENT,name:d.PREPARE},{id:e.DEPLOY,name:d.DEPLOY},{id:e.MONITORING,name:d.MONITORING}]],["account-destroy",[{id:e.AUTH,name:s.AUTH},{id:e.CFN_CHECK,name:"Checking infrastructure state"},{id:e.ORG_DESTROY,name:"Destroying account infrastructure"}]]]);static getSteps(r){if(r.deploymentType==="application"&&r.operation==="deploy"&&r.deployOnly)return[{id:e.AUTH,name:s.AUTH},{id:e.DOCKER_OPERATIONS,name:"Build and push Docker container"},{id:a(n.COMPUTE,"deploy"),name:t(n.COMPUTE,"deploy")}];const o=`${r.deploymentType}-${r.operation}`;return(this.DEPLOYMENT_STEPS.get(o)??[]).filter(i=>{if(r.deploymentType==="application"){const T=r.builderName==="opennext";if(i.conditions?.requiresInfra&&r.deployOnly)return!1;if(r.resources){const E=r.resources;if(i.conditions?.requiresNetwork&&!E.hasNetwork\|\|i.conditions?.requiresCompute&&!E.hasCompute\|\|i.conditions?.requiresDatabase&&!E.hasDatabase\|\|i.conditions?.requiresStorage&&!E.hasStorage\|\|i.conditions?.requiresMessaging&&!E.hasMessaging\|\|i.conditions?.requiresCdn&&!E.hasCdn)return!1}else if(r.operation==="deploy"&&!T&&(i.conditions?.requiresNetwork\|\|i.conditions?.requiresCompute\|\|i.conditions?.requiresDatabase\|\|i.conditions?.requiresStorage\|\|i.conditions?.requiresMessaging\|\|i.conditions?.requiresCdn))return!1;if(i.conditions?.requiresDocker\|\|i.id===e.DOCKER_OPERATIONS)return T\|\|r.infraOnly\|\|r.resources&&!r.resources.hasCompute?!1:r.deployOnly?r.hasDockerfile===!0:r.hasDockerfile===!0\|\|r.hasDockerfile===!1&&!r.isManagedAccount;if(i.conditions?.requiresImageTagging)return r.infraOnly\|\|T\|\|r.resources&&!r.resources.hasCompute?!1:r.hasDockerfile===!1}return!(i.conditions?.requiresMemberAccounts&&!r.hasMemberAccounts\|\|i.conditions?.requiresPlatformAccount&&!r.hasPlatformAccount\|\|i.conditions?.requiresOrgChanges&&r.hasOrgChanges!==!0\|\|i.conditions?.requiresPlatformChanges&&r.hasPlatformChanges!==!0\|\|i.conditions?.requiresAccountChanges&&r.hasAccountChanges!==!0\|\|i.conditions?.requiresDomainConfiguration&&!r.hasDomainConfiguration\|\|i.conditions?.requiresDomainChanges&&r.hasDomainChanges!==!0)}).map(i=>i.id===e.DOCKER_OPERATIONS?{...i,name:r.hasDockerfile?"Building and pushing Docker image":"Initialising container repository"}:i)}static getStepNames(r){return this.getSteps(r).map(o=>o.name)}static getStepIndex(r,o){return this.getSteps(o).findIndex(c=>c.id===r)}static getStepById(r,o="application"){const u=`${o}-deploy`,i=(this.DEPLOYMENT_STEPS.get(u)\|\|[]).find(f=>f.id===r);if(i)return i;const T=`${o}-destroy`;return(this.DEPLOYMENT_STEPS.get(T)\|\|[]).find(f=>f.id===r)}static isStepIncluded(r,o){return this.getSteps(o).some(c=>c.id===r)}static createContext(r,o,u){return{deploymentType:r,operation:o,deployOnly:u?.deployOnly??!1,infraOnly:u?.infraOnly??!1,isManagedAccount:u?.isManagedAccount??!1,hasDockerfile:u?.hasDockerfile??!1,pattern:u?.pattern??null,builderName:u?.builderName,resources:u?.resources}}static getDeploymentTypes(){return["application","organisation","platform","account"]}static getStackNames(r){switch(r){case"application":return[...l];case"organisation":return["Organisation"];case"platform":return["Platform"];case"account":return["Account"];default:return[]}}static getInfraStepIds(){return[e.CFN_CHECK,e.TARGET_READINESS,e.BOOTSTRAP,e.DIFF,e.NETWORK,e.STORAGE,e.MESSAGING,e.DATABASE,e.COMPUTE,e.CDN]}static getDockerStepIds(){return[e.ECR_INIT,e.DOCKER_DEPLOY]}}export{p as StepRegistry,C as getDestroyStepId};

package/dist/src/types/FjallState.d.ts CHANGED Viewed

@@ -24,6 +24,13 @@ export type FjallStateFile = z.infer<typeof FjallStateFileSchema>;
  * Get the state file path for an application
  */
 export declare function getStateFilePath(appPath: string): string;
+/**
+ * Suffix form of a region for cascade artefact naming — shared by assembly
+ * dirs (`cdk.out.<accountId>.<suffix>`), per-account state files, and the
+ * Platform stack's IPAM output keys (`IpamPoolId<accountId><suffix>`). One
+ * derivation so producers and consumers of those names cannot drift.
+ */
+export declare function regionSuffix(region: string): string;
 /**
  * Get the per-account state file path for a cascade target.
  *

package/dist/src/types/FjallState.js CHANGED Viewed

	@@ -1 +1 @@
1	- import{z as a}from"zod";import{randomBytes as u}from"crypto";import{readFile as d,writeFile as f,unlink as s,rename as m,mkdir as S}from"fs/promises";import{dirname as g,join as c}from"path";import{fileExists as h}from"@fjall/util/fsHelpers";import{logger as o}from"@fjall/util/logger";import{getErrorMessage as i,maskSensitiveOutput as y}from"@fjall/util";const F=a.object({hash:a.string(),deployedAt:a.string(),stackStatus:a.string().optional()}).strict(),w=a.object({version:a.literal(1),lastDeployedAt:a.string().optional(),templateHashes:a.record(a.string(),F),metadata:a.record(a.string(),a.unknown()).optional()}).strict(),x=".fjall-state.json";function l(t){return c(t,x)}function $(t~~,r,e~~){~~const~~ ~~n=e~~.replace(/-/g,"");return c(t,`.fjall-state.cascade-${r}-${n}.json`)}async function j(t){if(!await h(t))return null;try{const r=await d(t,"utf-8"),e=JSON.parse(r),n=w.safeParse(e);return n.success?n.data:null}catch(r){return o.debug("FjallState","Failed to read state file",{path:t,error:i(r)}),null}}async function E(t,r){const e=`${t}.${Date.now()}-${u(4).toString("hex")}.tmp`;await S(g(t),{recursive:!0});try{await f(e,JSON.stringify(r,null,2),"utf-8"),await m(e,t)}catch(n){try{await s(e)}catch(p){o.debug("FjallState","Temp file cleanup failed (non-fatal)",{path:e,error:i(p)})}throw n}}async function k(t){return j(l(t))}async function v(t,r){return E(l(t),r)}function I(){return{version:1,templateHashes:{}}}async function J(t){const r=l(t);try{await s(r)}catch(e){(typeof e=="object"&&e!==null&&"code"in e?e.code:void 0)!=="ENOENT"&&o.warn("FjallState","Failed to delete state file",{path:r,error:y(i(e))})}}function M(t,r,e,n){return{...t,lastDeployedAt:new Date().toISOString(),templateHashes:{...t.templateHashes,[r]:{hash:e,deployedAt:new Date().toISOString(),...n!==void 0&&{stackStatus:n}}}}}export{w as FjallStateFileSchema,I as createEmptyState,J as deleteStateFile,$ as getCascadeStateFilePath,l as getStateFilePath,k as readStateFile,j as readStateFileAt,M as updateTemplateHash,v as writeStateFile,E as writeStateFileAt};
1	+ import{z as a}from"zod";import{randomBytes as u}from"crypto";import{readFile as f,writeFile as d,unlink as s,rename as m,mkdir as S}from"fs/promises";import{dirname as g,join as c}from"path";import{fileExists as h}from"@fjall/util/fsHelpers";import{logger as o}from"@fjall/util/logger";import{getErrorMessage as i,maskSensitiveOutput as y}from"@fjall/util";const F=a.object({hash:a.string(),deployedAt:a.string(),stackStatus:a.string().optional()}).strict(),w=a.object({version:a.literal(1),lastDeployedAt:a.string().optional(),templateHashes:a.record(a.string(),F),metadata:a.record(a.string(),a.unknown()).optional()}).strict(),x=".fjall-state.json";function l(t){return c(t,x)}function j(t){return t.replace(/-/g,"")}function k(t,r,e){return c(t,`.fjall-state.cascade-${r}-${j(e)}.json`)}async function E(t){if(!await h(t))return null;try{const r=await f(t,"utf-8"),e=JSON.parse(r),n=w.safeParse(e);return n.success?n.data:null}catch(r){return o.debug("FjallState","Failed to read state file",{path:t,error:i(r)}),null}}async function A(t,r){const e=`${t}.${Date.now()}-${u(4).toString("hex")}.tmp`;await S(g(t),{recursive:!0});try{await d(e,JSON.stringify(r,null,2),"utf-8"),await m(e,t)}catch(n){try{await s(e)}catch(p){o.debug("FjallState","Temp file cleanup failed (non-fatal)",{path:e,error:i(p)})}throw n}}async function v(t){return E(l(t))}async function I(t,r){return A(l(t),r)}function J(){return{version:1,templateHashes:{}}}async function M(t){const r=l(t);try{await s(r)}catch(e){(typeof e=="object"&&e!==null&&"code"in e?e.code:void 0)!=="ENOENT"&&o.warn("FjallState","Failed to delete state file",{path:r,error:y(i(e))})}}function _(t,r,e,n){return{...t,lastDeployedAt:new Date().toISOString(),templateHashes:{...t.templateHashes,[r]:{hash:e,deployedAt:new Date().toISOString(),...n!==void 0&&{stackStatus:n}}}}}export{w as FjallStateFileSchema,J as createEmptyState,M as deleteStateFile,k as getCascadeStateFilePath,l as getStateFilePath,v as readStateFile,E as readStateFileAt,j as regionSuffix,_ as updateTemplateHash,I as writeStateFile,A as writeStateFileAt};

package/dist/src/types/callbacks.d.ts CHANGED Viewed

@@ -3,6 +3,40 @@ import type { TrailLifecycleState } from "@fjall/util/config";
 import type { DetectionResult } from "./detection.js";
 import type { CascadeLedger } from "../orchestration/cascadeSummary.js";
 export type StepCompleteStatus = "completed" | "skipped" | "error";
+/**
+ * Structured payload for the "quarantine-suspected" stack-cleanup phase:
+ * an AccessDenied empty pass on a DELETE_FAILED bucket, the earliest signal
+ * that the auto-delete deny policy stranded the bucket.
+ */
+export interface StackCleanupQuarantineDetail {
+    /** Bucket whose empty pass was denied. */
+    bucketName: string;
+    /** Account the bucket lives in, when the caller knows it. */
+    accountId?: string;
+}
+/**
+ * Structured payload for the "retained-buckets" stack-cleanup phase: buckets
+ * the pre-empty pass left untouched (no pre-empty tag → Retain removal
+ * policy). Emitted once per stack when the retained set is non-empty, so
+ * operators hear by name which buckets survive the destroy (AC3.5).
+ */
+export interface StackCleanupRetainedBucketsDetail {
+    /** Bucket names left in place; they survive the destroy by design. */
+    retainedBuckets: string[];
+    /**
+     * Pre-formatted, identifier-only operator copy (canonical source:
+     * formatRetainedBucketsMessage in orchestration/stackCleanup.ts). Adapters
+     * render this verbatim so the remediation wording has a single source.
+     */
+    message: string;
+}
+/**
+ * Narrow an onStackCleanupProgress detail to the quarantine payload.
+ * Accepts undefined so call sites drop their `detail !== undefined &&` prefix.
+ */
+export declare function isQuarantineDetail(detail: StackCleanupQuarantineDetail | StackCleanupRetainedBucketsDetail | undefined): detail is StackCleanupQuarantineDetail;
+/** Narrow an onStackCleanupProgress detail to the retained-buckets payload. */
+export declare function isRetainedBucketsDetail(detail: StackCleanupQuarantineDetail | StackCleanupRetainedBucketsDetail | undefined): detail is StackCleanupRetainedBucketsDetail;
 /**
  * Unified callback interface for deployment progress.
  *
@@ -173,8 +207,15 @@ export interface DeployCallbacks {
      * ConnectedAwsAccount update) — the engine holds no durable state itself.
      */
     onTrailLifecycleChanged?: (accountId: string, from: TrailLifecycleState | undefined, to: TrailLifecycleState) => void;
-    /** @emittedBy engine — progress during failed-state stack cleanup (S3 emptying, deletion). */
-    onStackCleanupProgress?: (stackName: string, phase: "emptying-bucket" | "deleting-stack" | "waiting" | "complete" | "error") => void;
+    /**
+     * @emittedBy engine — progress during failed-state stack cleanup (S3
+     * emptying, deletion) and the pre-destroy pre-empty pass. `detail` is only
+     * populated for two phases: "quarantine-suspected" (Phase 2's detection
+     * rule and `fjall unlock` consume that vocabulary, so the literal must not
+     * be renamed) and "retained-buckets" (the production-retained set, named
+     * so operators delete deliberately).
+     */
+    onStackCleanupProgress?: (stackName: string, phase: "emptying-bucket" | "deleting-stack" | "waiting" | "complete" | "error" | "quarantine-suspected" | "retained-buckets", detail?: StackCleanupQuarantineDetail | StackCleanupRetainedBucketsDetail) => void;
     /**
      * @emittedBy engine — fired after the detection pipeline completes with full analysis results.
      * May be async — engine awaits the return value so callers can run post-detection

package/dist/src/types/callbacks.js CHANGED Viewed

	@@ -0,0 +1 @@
1	+ function n(e){return e!==void 0&&"bucketName"in e}function t(e){return e!==void 0&&"retainedBuckets"in e}export{n as isQuarantineDetail,t as isRetainedBucketsDetail};

package/dist/src/types/deploymentEventSchema.d.ts CHANGED Viewed

@@ -15,6 +15,15 @@ export declare const DEPLOYMENT_EVENT_RESOURCE_CATEGORIES: readonly ["security",
 export type DeploymentEventResourceCategory = (typeof DEPLOYMENT_EVENT_RESOURCE_CATEGORIES)[number];
 export declare const CASCADE_PHASES: readonly ["platform", "domains", "accounts"];
 export declare const CASCADE_ACCOUNT_STATUSES: readonly ["started", "deploying", "completed", "failed"];
+/**
+ * Field caps shared with producers that truncate before enqueueing (webapp
+ * `deploymentCallbackAdapter`). Defined beside the schema so its `.max()`
+ * and the producer's `.slice()` cannot drift apart — a producer cap above
+ * the schema cap makes the server reject the whole event.
+ */
+export declare const DEPLOYMENT_EVENT_STATUS_REASON_MAX = 2048;
+export declare const DEPLOYMENT_EVENT_ERROR_MESSAGE_MAX = 4096;
+export declare const DEPLOYMENT_EVENT_TRAIL_DETAIL_MAX = 2048;
 export declare const DEPLOYMENT_EVENT_TYPES: readonly ["step", "resource", "docker", "ecs", "error", "complete", "cascade_phase", "cascade_account", "cascade_missing_accounts", "parallel_phase", "detection", "trail_migration", "log"];
 export type DeploymentEventType = (typeof DEPLOYMENT_EVENT_TYPES)[number];
 export type DeploymentEventCascadePhase = (typeof CASCADE_PHASES)[number];

package/dist/src/types/deploymentEventSchema.js CHANGED Viewed

	@@ -1 +1 @@
1	- import{z as e}from"zod";import{TRAIL_MIGRATION_PHASES as r,TRAIL_MIGRATION_STATUSES as i}from"./events.js";const c=["security","network","compute","database","storage","monitoring","dns","identity","bootstrap","events","registry","backup"],n=["platform","domains","accounts"],m=["started","deploying","completed","failed"],l=["step","resource","docker","ecs","error","complete","cascade_phase","cascade_account","cascade_missing_accounts","parallel_phase","detection","trail_migration","log"],p={step:"step",resource:"resource",docker:"docker",ecs:"ecs",error:"error",complete:null,cascade_phase:"cascadePhase",cascade_account:"cascadeAccount",cascade_missing_accounts:"cascadeMissingAccounts",parallel_phase:"parallelPhase",detection:"detection",trail_migration:"trailMigration",log:"log"},d=e.object({type:e.enum(l),timestamp:e.string().max(64),sequence:e.number().int().nonnegative().optional(),step:e.object({id:e.string().max(256),name:e.string().max(256),index:e.number(),total:e.number(),status:e.string().max(64)}).strict().optional(),resource:e.object({logicalId:e.string().max(256),resourceType:e.string().max(256),category:e.enum(c),group:e.string().max(128).optional(),constructPath:e.string().max(512).optional(),displayName:e.string().max(256),status:e.string().max(64),statusReason:e.string().max(~~2048~~).optional(),physicalId:e.string().max(2048).optional(),expectedDurationSeconds:e.number().optional(),stack:e.string().max(256).optional()}).strict().optional(),docker:e.object({message:e.string().max(2048),percentage:e.number().optional()}).strict().optional(),ecs:e.object({status:e.string().max(64),message:e.string().max(2048).optional(),percentage:e.number().optional()}).strict().optional(),error:e.object({message:e.string().max(~~4096~~),category:e.string().max(128).optional(),remediation:e.array(e.string().max(1024)).max(10).optional()}).strict().optional(),message:e.string().max(2048).optional(),cascadePhase:e.object({phase:e.enum(n),status:e.enum(["started","completed"])}).strict().optional(),cascadeAccount:e.object({accountId:e.string().max(32),region:e.string().max(32),operationKey:e.string().max(256),status:e.enum(m),error:e.string().max(2048).optional(),phase:e.enum(["bootstrap","synth","deploy","destroy"]).optional(),cascadePhase:e.enum(n).optional()}).strict().optional(),cascadeMissingAccounts:e.object({accountNames:e.array(e.string().max(256)).max(256)}).strict().optional(),parallelPhase:e.object({stacks:e.array(e.string().max(256)).max(20),status:e.enum(["started","completed"]),results:e.array(e.object({stack:e.string().max(256),success:e.boolean(),error:e.string().max(2048).optional()}).strict()).max(20).optional()}).strict().optional(),detection:e.object({pattern:e.string().max(128).nullable(),hasDockerfile:e.boolean(),hasDifferences:e.boolean(),resources:e.object({hasNetwork:e.boolean(),hasCompute:e.boolean(),hasDatabase:e.boolean(),hasStorage:e.boolean(),hasMessaging:e.boolean(),hasCdn:e.boolean()}).strict(),requiredSecrets:e.array(e.string().max(512)).max(100).optional()}).strict().optional(),trailMigration:e.object({accountId:e.string().max(32),accountName:e.string().max(256),phase:e.enum(r),status:e.enum(i),detail:e.string().max(~~2048~~).optional()}).strict().optional(),log:e.object({message:e.string().max(2048),level:e.enum(["info","debug","warn"])}).strict().optional()}).strict().superRefine((t,o)=>{const a=p[t.type],s=a?t[a]:void 0;a&&s==null&&o.addIssue({code:e.ZodIssueCode.custom,message:`"${a}" is required when type is "${t.type}"`,path:[a]}),t.type==="complete"&&!t.message&&o.addIssue({code:e.ZodIssueCode.custom,message:'"message" is required when type is "complete"',path:["message"]})});function x(t){if(t==="platform")return"platform";if(t==="account")return"accounts"}export{m as CASCADE_ACCOUNT_STATUSES,n as CASCADE_PHASES,c as DEPLOYMENT_EVENT_RESOURCE_CATEGORIES,l as DEPLOYMENT_EVENT_TYPES,d as DeploymentEventSchema,x as toCascadePhase};
1	+ import{z as e}from"zod";import{TRAIL_MIGRATION_PHASES as r,TRAIL_MIGRATION_STATUSES as i}from"./events.js";const c=["security","network","compute","database","storage","monitoring","dns","identity","bootstrap","events","registry","backup"],n=["platform","domains","accounts"],m=["started","deploying","completed","failed"],l=2048,p=4096,u=2048,g=["step","resource","docker","ecs","error","complete","cascade_phase","cascade_account","cascade_missing_accounts","parallel_phase","detection","trail_migration","log"],d={step:"step",resource:"resource",docker:"docker",ecs:"ecs",error:"error",complete:null,cascade_phase:"cascadePhase",cascade_account:"cascadeAccount",cascade_missing_accounts:"cascadeMissingAccounts",parallel_phase:"parallelPhase",detection:"detection",trail_migration:"trailMigration",log:"log"},_=e.object({type:e.enum(g),timestamp:e.string().max(64),sequence:e.number().int().nonnegative().optional(),step:e.object({id:e.string().max(256),name:e.string().max(256),index:e.number(),total:e.number(),status:e.string().max(64)}).strict().optional(),resource:e.object({logicalId:e.string().max(256),resourceType:e.string().max(256),category:e.enum(c),group:e.string().max(128).optional(),constructPath:e.string().max(512).optional(),displayName:e.string().max(256),status:e.string().max(64),statusReason:e.string().max(l).optional(),physicalId:e.string().max(2048).optional(),expectedDurationSeconds:e.number().optional(),stack:e.string().max(256).optional()}).strict().optional(),docker:e.object({message:e.string().max(2048),percentage:e.number().optional()}).strict().optional(),ecs:e.object({status:e.string().max(64),message:e.string().max(2048).optional(),percentage:e.number().optional()}).strict().optional(),error:e.object({message:e.string().max(p),category:e.string().max(128).optional(),remediation:e.array(e.string().max(1024)).max(10).optional()}).strict().optional(),message:e.string().max(2048).optional(),cascadePhase:e.object({phase:e.enum(n),status:e.enum(["started","completed"])}).strict().optional(),cascadeAccount:e.object({accountId:e.string().max(32),region:e.string().max(32),operationKey:e.string().max(256),status:e.enum(m),error:e.string().max(2048).optional(),phase:e.enum(["bootstrap","synth","deploy","destroy"]).optional(),cascadePhase:e.enum(n).optional()}).strict().optional(),cascadeMissingAccounts:e.object({accountNames:e.array(e.string().max(256)).max(256)}).strict().optional(),parallelPhase:e.object({stacks:e.array(e.string().max(256)).max(20),status:e.enum(["started","completed"]),results:e.array(e.object({stack:e.string().max(256),success:e.boolean(),error:e.string().max(2048).optional()}).strict()).max(20).optional()}).strict().optional(),detection:e.object({pattern:e.string().max(128).nullable(),hasDockerfile:e.boolean(),hasDifferences:e.boolean(),resources:e.object({hasNetwork:e.boolean(),hasCompute:e.boolean(),hasDatabase:e.boolean(),hasStorage:e.boolean(),hasMessaging:e.boolean(),hasCdn:e.boolean()}).strict(),requiredSecrets:e.array(e.string().max(512)).max(100).optional()}).strict().optional(),trailMigration:e.object({accountId:e.string().max(32),accountName:e.string().max(256),phase:e.enum(r),status:e.enum(i),detail:e.string().max(u).optional()}).strict().optional(),log:e.object({message:e.string().max(2048),level:e.enum(["info","debug","warn"])}).strict().optional()}).strict().superRefine((t,o)=>{const a=d[t.type],s=a?t[a]:void 0;a&&s==null&&o.addIssue({code:e.ZodIssueCode.custom,message:`"${a}" is required when type is "${t.type}"`,path:[a]}),t.type==="complete"&&!t.message&&o.addIssue({code:e.ZodIssueCode.custom,message:'"message" is required when type is "complete"',path:["message"]})});function b(t){if(t==="platform")return"platform";if(t==="account")return"accounts"}export{m as CASCADE_ACCOUNT_STATUSES,n as CASCADE_PHASES,p as DEPLOYMENT_EVENT_ERROR_MESSAGE_MAX,c as DEPLOYMENT_EVENT_RESOURCE_CATEGORIES,l as DEPLOYMENT_EVENT_STATUS_REASON_MAX,u as DEPLOYMENT_EVENT_TRAIL_DETAIL_MAX,g as DEPLOYMENT_EVENT_TYPES,_ as DeploymentEventSchema,b as toCascadePhase};

package/dist/src/types/index.d.ts CHANGED Viewed

@@ -1,12 +1,13 @@
-export { DeploymentEventSchema, DEPLOYMENT_EVENT_TYPES, DEPLOYMENT_EVENT_RESOURCE_CATEGORIES, CASCADE_PHASES, CASCADE_ACCOUNT_STATUSES, toCascadePhase } from "./deploymentEventSchema.js";
+export { DeploymentEventSchema, DEPLOYMENT_EVENT_TYPES, DEPLOYMENT_EVENT_RESOURCE_CATEGORIES, DEPLOYMENT_EVENT_STATUS_REASON_MAX, DEPLOYMENT_EVENT_ERROR_MESSAGE_MAX, DEPLOYMENT_EVENT_TRAIL_DETAIL_MAX, CASCADE_PHASES, CASCADE_ACCOUNT_STATUSES, toCascadePhase } from "./deploymentEventSchema.js";
 export type { DeploymentEvent, DeploymentEventType, DeploymentEventResourceCategory, DeploymentEventCascadePhase, DeploymentEventCascadeAccountStatus } from "./deploymentEventSchema.js";
 export type { AwsCredentials, DeployIdentity } from "./credentials.js";
-export type { DeployCallbacks, StepCompleteStatus } from "./callbacks.js";
+export type { DeployCallbacks, StepCompleteStatus, StackCleanupQuarantineDetail, StackCleanupRetainedBucketsDetail } from "./callbacks.js";
+export { isQuarantineDetail, isRetainedBucketsDetail } from "./callbacks.js";
 export type { ProgressEvent, ProgressEventType, ResourceEvent, AwsAuthResult, CascadeDeploymentResult, CascadePhase, BuildPushStartEvent, BuildPushProgressEvent, BuildPushCompleteEvent, TaskDefRegisteredEvent, ECSCompleteEvent, MigrationsStartEvent, MigrationsCompleteEvent, TrailMigrationPhase, TrailMigrationStatus, TrailMigrationPhaseEvent } from "./events.js";
 export { TRAIL_MIGRATION_PHASES, TRAIL_MIGRATION_STATUSES } from "./events.js";
 export type { ApiClientInterface, EntitlementsData } from "./apiClient.js";
 export type { DeployParams, DeployOptions, DeploymentType, DeployResult, DestroyParams, DestroyOptions, DestroyResult } from "./params.js";
-export type { OrgConfig, ProviderAccount, SSOSession } from "./orgConfig.js";
+export type { OrgConfig, ProviderAccount, RootAccessManagementMode, SSOSession } from "./orgConfig.js";
 export type { Entitlements } from "./entitlements.js";
 export type { StackOutput, StackOutputsRecord, DeploymentContext, StepOutput, ApplicationDeploymentContext, CallerIdentity } from "./deployment/index.js";
 export { stubCallerIdentity } from "./deployment/index.js";
@@ -21,16 +22,10 @@ export { PARALLEL_OPERATION_TYPES } from "./deployment/index.js";
 export type { OpenNextPattern, AppResourceFlags } from "./patternTypes.js";
 export { isOpenNextPattern, OPENNEXT_PATTERNS } from "./patternTypes.js";
 export { deriveResourcesFromManifestStacks } from "./patternDetection.js";
-/** @deprecated Use FrameworkRegistry.resolve() instead */
-export { detectPattern } from "./patternDetection.js";
-/** @deprecated Use FrameworkRegistry.resolve() instead */
-export { detectPayloadPattern } from "./patternDetection.js";
-/** @deprecated Use FrameworkRegistry.resolve() instead */
-export { detectDatabase } from "./patternDetection.js";
 export { STACK_NOT_FOUND_PATTERN, STACK_FAILED_STATE_PATTERN, CDK_NO_STACKS_MATCH, INFRASTRUCTURE_FILENAME } from "./constants.js";
 export { ApplicationError, wrapApplicationError, type ApplicationErrorType, type StackDeploymentData, type StackDeploymentOptions, type ApplicationDeploymentData, type ApplicationDestructionData } from "./application/index.js";
 export type { FjallStateFile, TemplateHashEntry } from "./FjallState.js";
-export { FjallStateFileSchema, readStateFile, writeStateFile, createEmptyState, deleteStateFile, updateTemplateHash, getStateFilePath } from "./FjallState.js";
+export { FjallStateFileSchema, readStateFile, writeStateFile, createEmptyState, deleteStateFile, updateTemplateHash, getStateFilePath, regionSuffix } from "./FjallState.js";
 export type { FrameworkBuilder, FrameworkDetection, BuildPlan, BuildCommand, BuildCallbacks, DetectionContext, BuildOptions } from "./frameworkBuilder.js";
 export { STEP_IDS, STEP_NAMES, INFRASTRUCTURE_STEP_NAMES, INFRA_STEP_NAME } from "./stepDefinitions.js";
 export type { StepId, InfrastructureStepName, StepDefinition, StepDeploymentType, Operation, StepContext } from "./stepDefinitions.js";

package/dist/src/types/index.js CHANGED Viewed

	@@ -1 +1 @@
1	- import{DeploymentEventSchema as r,DEPLOYMENT_EVENT_TYPES as E,DEPLOYMENT_EVENT_RESOURCE_CATEGORIES as o,CASCADE_PHASES as a,CASCADE_ACCOUNT_STATUSES as A,toCascadePhase as S}from"./deploymentEventSchema.js";import{TRAIL_MIGRATION_PHASES as p,TRAIL_MIGRATION_STATUSES as _}from"./events.js";import{stubCallerIdentity as O}from"./deployment/index.js";import{ProgressReporter as N}from"./ProgressEvent.js";import{APPLICATION_STACKS as l,ORGANISATION_TYPES as m,APPLICATION_DEPLOY_ORDER as D,APPLICATION_DESTROY_ORDER as I,OPENNEXT_DEPLOY_ORDER as L,OPENNEXT_DESTROY_ORDER as n,PARALLEL_DEPLOY_GROUPS as s,PARALLEL_DESTROY_GROUPS as c,OPENNEXT_PARALLEL_GROUPS as C,isApplicationOperation as f,isOrganisationOperation as x,getParallelDeployGroups as d,getParallelDestroyGroups as F,getApplicationDeployOrder as g,getApplicationDestroyOrder as U,getApplicationStackName as Y,getOrganisationStackName as M,isApplicationStack as G,getApplicationStepName as y,getApplicationStepId as h,toPascalCase as u}from"./operations.js";import{PARALLEL_OPERATION_TYPES as k}from"./deployment/index.js";import{isOpenNextPattern as X,OPENNEXT_PATTERNS as b}from"./patternTypes.js";import{deriveResourcesFromManifestStacks as ~~w}from"./patternDetection.js";import{detectPattern as j}from"./patternDetection.js";import{detectPayloadPattern as~~ z}from"./patternDetection.js";import{~~detectDatabase as J}from"./patternDetection.js";import{~~STACK_NOT_FOUND_PATTERN as W,STACK_FAILED_STATE_PATTERN as Z,CDK_NO_STACKS_MATCH as $,INFRASTRUCTURE_FILENAME as ee}from"./constants.js";import{ApplicationError as re,wrapApplicationError as Ee}from"./application/index.js";import{FjallStateFileSchema as ae,readStateFile as Ae,writeStateFile as Se,createEmptyState as Te,deleteStateFile as pe,updateTemplateHash as _e,getStateFilePath as Pe}from"./FjallState.js";import{STEP_IDS as Re,STEP_NAMES as Ne,INFRASTRUCTURE_STEP_NAMES as ie,INFRA_STEP_NAME as le}from"./stepDefinitions.js";export{D as APPLICATION_DEPLOY_ORDER,I as APPLICATION_DESTROY_ORDER,l as APPLICATION_STACKS,re as ApplicationError,A as CASCADE_ACCOUNT_STATUSES,a as CASCADE_PHASES,$ as CDK_NO_STACKS_MATCH,o as DEPLOYMENT_EVENT_RESOURCE_CATEGORIES,E as DEPLOYMENT_EVENT_TYPES,r as DeploymentEventSchema,ae as FjallStateFileSchema,ee as INFRASTRUCTURE_FILENAME,ie as INFRASTRUCTURE_STEP_NAMES,le as INFRA_STEP_NAME,L as OPENNEXT_DEPLOY_ORDER,n as OPENNEXT_DESTROY_ORDER,C as OPENNEXT_PARALLEL_GROUPS,b as OPENNEXT_PATTERNS,m as ORGANISATION_TYPES,s as PARALLEL_DEPLOY_GROUPS,c as PARALLEL_DESTROY_GROUPS,k as PARALLEL_OPERATION_TYPES,N as ProgressReporter,Z as STACK_FAILED_STATE_PATTERN,W as STACK_NOT_FOUND_PATTERN,Re as STEP_IDS,Ne as STEP_NAMES,p as TRAIL_MIGRATION_PHASES,_ as TRAIL_MIGRATION_STATUSES,Te as createEmptyState,pe as deleteStateFile,w as deriveResourcesFromManifestStacks,J as ~~detectDatabase,j as detectPattern,z as detectPayloadPattern,g as~~ getApplicationDeployOrder,U as getApplicationDestroyOrder,Y as getApplicationStackName,h as getApplicationStepId,y as getApplicationStepName,M as getOrganisationStackName,d as getParallelDeployGroups,F as getParallelDestroyGroups,Pe as getStateFilePath,f as isApplicationOperation,G as isApplicationStack,X as isOpenNextPattern,x as isOrganisationOperation,Ae as readStateFile,O as stubCallerIdentity,S as toCascadePhase,u as toPascalCase,_e as updateTemplateHash,Ee as wrapApplicationError,Se as writeStateFile};
1	+ import{DeploymentEventSchema as t,DEPLOYMENT_EVENT_TYPES as A,DEPLOYMENT_EVENT_RESOURCE_CATEGORIES as T,DEPLOYMENT_EVENT_STATUS_REASON_MAX as r,DEPLOYMENT_EVENT_ERROR_MESSAGE_MAX as S,DEPLOYMENT_EVENT_TRAIL_DETAIL_MAX as _,CASCADE_PHASES as a,CASCADE_ACCOUNT_STATUSES as o,toCascadePhase as p}from"./deploymentEventSchema.js";import{isQuarantineDetail as i,isRetainedBucketsDetail as N}from"./callbacks.js";import{TRAIL_MIGRATION_PHASES as R,TRAIL_MIGRATION_STATUSES as l}from"./events.js";import{stubCallerIdentity as L}from"./deployment/index.js";import{ProgressReporter as n}from"./ProgressEvent.js";import{APPLICATION_STACKS as m,ORGANISATION_TYPES as C,APPLICATION_DEPLOY_ORDER as c,APPLICATION_DESTROY_ORDER as M,OPENNEXT_DEPLOY_ORDER as f,OPENNEXT_DESTROY_ORDER as x,PARALLEL_DEPLOY_GROUPS as Y,PARALLEL_DESTROY_GROUPS as g,OPENNEXT_PARALLEL_GROUPS as F,isApplicationOperation as U,isOrganisationOperation as d,getParallelDeployGroups as G,getParallelDestroyGroups as u,getApplicationDeployOrder as y,getApplicationDestroyOrder as X,getApplicationStackName as h,getOrganisationStackName as k,isApplicationStack as K,getApplicationStepName as V,getApplicationStepId as H,toPascalCase as v}from"./operations.js";import{PARALLEL_OPERATION_TYPES as b}from"./deployment/index.js";import{isOpenNextPattern as B,OPENNEXT_PATTERNS as Q}from"./patternTypes.js";import{deriveResourcesFromManifestStacks as z}from"./patternDetection.js";import{STACK_NOT_FOUND_PATTERN as W,STACK_FAILED_STATE_PATTERN as Z,CDK_NO_STACKS_MATCH as $,INFRASTRUCTURE_FILENAME as ee}from"./constants.js";import{ApplicationError as te,wrapApplicationError as Ae}from"./application/index.js";import{FjallStateFileSchema as re,readStateFile as Se,writeStateFile as _e,createEmptyState as ae,deleteStateFile as oe,updateTemplateHash as pe,getStateFilePath as Oe,regionSuffix as ie}from"./FjallState.js";import{STEP_IDS as Pe,STEP_NAMES as Re,INFRASTRUCTURE_STEP_NAMES as le,INFRA_STEP_NAME as De}from"./stepDefinitions.js";export{c as APPLICATION_DEPLOY_ORDER,M as APPLICATION_DESTROY_ORDER,m as APPLICATION_STACKS,te as ApplicationError,o as CASCADE_ACCOUNT_STATUSES,a as CASCADE_PHASES,$ as CDK_NO_STACKS_MATCH,S as DEPLOYMENT_EVENT_ERROR_MESSAGE_MAX,T as DEPLOYMENT_EVENT_RESOURCE_CATEGORIES,r as DEPLOYMENT_EVENT_STATUS_REASON_MAX,_ as DEPLOYMENT_EVENT_TRAIL_DETAIL_MAX,A as DEPLOYMENT_EVENT_TYPES,t as DeploymentEventSchema,re as FjallStateFileSchema,ee as INFRASTRUCTURE_FILENAME,le as INFRASTRUCTURE_STEP_NAMES,De as INFRA_STEP_NAME,f as OPENNEXT_DEPLOY_ORDER,x as OPENNEXT_DESTROY_ORDER,F as OPENNEXT_PARALLEL_GROUPS,Q as OPENNEXT_PATTERNS,C as ORGANISATION_TYPES,Y as PARALLEL_DEPLOY_GROUPS,g as PARALLEL_DESTROY_GROUPS,b as PARALLEL_OPERATION_TYPES,n as ProgressReporter,Z as STACK_FAILED_STATE_PATTERN,W as STACK_NOT_FOUND_PATTERN,Pe as STEP_IDS,Re as STEP_NAMES,R as TRAIL_MIGRATION_PHASES,l as TRAIL_MIGRATION_STATUSES,ae as createEmptyState,oe as deleteStateFile,z as deriveResourcesFromManifestStacks,y as getApplicationDeployOrder,X as getApplicationDestroyOrder,h as getApplicationStackName,H as getApplicationStepId,V as getApplicationStepName,k as getOrganisationStackName,G as getParallelDeployGroups,u as getParallelDestroyGroups,Oe as getStateFilePath,U as isApplicationOperation,K as isApplicationStack,B as isOpenNextPattern,d as isOrganisationOperation,i as isQuarantineDetail,N as isRetainedBucketsDetail,Se as readStateFile,ie as regionSuffix,L as stubCallerIdentity,p as toCascadePhase,v as toPascalCase,pe as updateTemplateHash,Ae as wrapApplicationError,_e as writeStateFile};

package/dist/src/types/orgConfig.d.ts CHANGED Viewed

@@ -8,8 +8,8 @@
  * Passed to CDK via -c orgConfig=<json> context at synthesis time.
  * See: investigations/2026-03-16-config-split-investigation.md
  */
-import type { ProviderAccount, SSOSession } from "@fjall/util/config";
-export type { ProviderAccount, SSOSession };
+import type { ProviderAccount, RootAccessManagementMode, SSOSession } from "@fjall/util/config";
+export type { ProviderAccount, RootAccessManagementMode, SSOSession };
 export interface OrgConfig {
     providerAccounts: ProviderAccount[];
     primaryRegion?: string;
@@ -17,4 +17,10 @@ export interface OrgConfig {
     disasterRecoveryRegion?: string;
     rootOidcRoleArn?: string;
     ssoSessions?: Record<string, SSOSession>;
+    /**
+     * Centralised root-access opt-out. Absent ⇒ default-on ("centralised");
+     * "off" maps to OrgSetupConfig.skipRootAccessManagement at the adapter
+     * boundary — the engine never sees this union.
+     */
+    rootAccessManagement?: RootAccessManagementMode;
 }

package/dist/src/types/params.d.ts CHANGED Viewed

@@ -72,6 +72,11 @@ export interface DeployOptions {
     serviceName?: string;
     /** Skip the pre-rollout migrations RunTask. Honoured by the code-only orchestrator. */
     skipMigrations?: boolean;
+    /**
+     * Skip the pre-deploy TARGET_READINESS probe. The step still emits and
+     * completes as "skipped" so the bypass is recorded in output (AC2b.3).
+     */
+    skipReadinessCheck?: boolean;
     /**
      * Roll forward/back to an existing image tag. When set, the orchestrator skips
      * build + push and rolls ECS to `<repo>:<imageTag>`. Implies `deployOnly`.
@@ -129,6 +134,13 @@ export interface DestroyParams {
      * Worker: provide this from DB, omit apiClient.
      */
     identity?: DeployIdentity;
+    /**
+     * Caller shutdown signal. Stack-cleanup probes, bucket pre-empty/orphan
+     * sweeps, and the failed-stack deletion poll compose this with their own
+     * per-request timeouts so SIGTERM is not stalled by an in-flight call
+     * (mirrors DeployParams.abortSignal).
+     */
+    abortSignal?: AbortSignal;
 }
 export interface DestroyOptions {
     /** Skip interactive confirmation prompts */

package/dist/src/types/patternDetection.d.ts CHANGED Viewed

@@ -4,7 +4,6 @@
  * Pure types and predicates live in patternTypes.ts (browser-safe).
  * This file contains only functions that require Node fs access.
  */
-import type { PatternType } from "@fjall/generator";
 export type { OpenNextPattern, AppResourceFlags } from "./patternTypes.js";
 export { OPENNEXT_PATTERNS, isOpenNextPattern } from "./patternTypes.js";
 import type { AppResourceFlags } from "./patternTypes.js";
@@ -15,27 +14,3 @@ export declare function deriveResourcesFromManifestStacks(stackNames: string[]):
  * Returns null if file doesn't exist or can't be read.
  */
 export declare function readInfrastructureContent(appPath: string): string | null;
-/**
- * Detect the application pattern (Payload, Next.js, or none) from infrastructure.ts.
- *
- * Pattern detection is based on the IaC file (infrastructure.ts), NOT on
- * project files like package.json. This ensures accurate detection even
- * when multiple apps coexist in the same project directory.
- *
- * @deprecated Use FrameworkRegistry.resolve() instead. This function is retained
- * for backwards compatibility with consumers that have not yet migrated.
- *
- * @param appPath - The fjall app path (e.g., "fjall/app8" or absolute path)
- */
-export declare function detectPattern(appPath: string): {
-    pattern: PatternType | null;
-    hasDatabase: boolean;
-};
-/**
- * Detect if infrastructure.ts contains a Payload CMS pattern.
- */
-export declare function detectPayloadPattern(appPath: string): boolean;
-/**
- * Detect if infrastructure.ts contains a database resource.
- */
-export declare function detectDatabase(appPath: string): boolean;

package/dist/src/types/patternDetection.js CHANGED Viewed

	@@ -1 +1 @@
1	- import{existsSync as o,readFileSync as i}from"fs";import{join as u}from"path";import{logger as c}from"@fjall/util/logger";import{getErrorMessage as l}from"@fjall/util";import{APPLICATION_STACKS as a}from"./operations.js";import{INFRASTRUCTURE_FILENAME as d}from"./constants.js";import{OPENNEXT_PATTERNS as x,isOpenNextPattern as P}from"./patternTypes.js";function E(e){const t=r=>e.some(n=>n.endsWith(r));return{hasNetwork:t(a.NETWORK),hasCompute:t(a.COMPUTE),hasDatabase:t(a.DATABASE),hasStorage:t(a.STORAGE),hasMessaging:t(a.MESSAGING),hasCdn:t(a.CDN)}}function f(e){try{const t=u(e,d);return o(t)?i(t,"utf-8"):null}catch(t){return c.debug("patternDetection","Failed to read infrastructure file",{appPath:e,error:l(t)}),null}}function s(e){const t=f(e);if(!t)return{pattern:null,hasDatabase:!1};if(t.includes("PatternFactory")){if(t.includes('type: "payload"'))return{pattern:"payload",hasDatabase:!0};if(t.includes('type: "nextjs"'))return{pattern:"nextjs",hasDatabase:t.includes("DatabaseFactory.build(")\|\|t.includes("database:")}}return{pattern:null,hasDatabase:t.includes("DatabaseFactory.build(")}}function S(e){const{pattern:t}=s(e);return t==="payload"}function A(e){const{hasDatabase:t}=s(e);return t}export{x as OPENNEXT_PATTERNS,E as deriveResourcesFromManifestStacks,A as ~~detectDatabase,s as detectPattern,S as detectPayloadPattern,P as~~ isOpenNextPattern,f as readInfrastructureContent};
1	+ import{existsSync as s,readFileSync as a}from"fs";import{join as i}from"path";import{logger as f}from"@fjall/util/logger";import{getErrorMessage as m}from"@fjall/util";import{APPLICATION_STACKS as e}from"./operations.js";import{INFRASTRUCTURE_FILENAME as u}from"./constants.js";import{OPENNEXT_PATTERNS as g,isOpenNextPattern as C}from"./patternTypes.js";function p(t){const r=o=>t.some(n=>n.endsWith(o));return{hasNetwork:r(e.NETWORK),hasCompute:r(e.COMPUTE),hasDatabase:r(e.DATABASE),hasStorage:r(e.STORAGE),hasMessaging:r(e.MESSAGING),hasCdn:r(e.CDN)}}function h(t){try{const r=i(t,u);return s(r)?a(r,"utf-8"):null}catch(r){return f.debug("patternDetection","Failed to read infrastructure file",{appPath:t,error:m(r)}),null}}export{g as OPENNEXT_PATTERNS,p as deriveResourcesFromManifestStacks,C as isOpenNextPattern,h as readInfrastructureContent};

package/dist/src/types/stepDefinitions.d.ts CHANGED Viewed

@@ -15,6 +15,7 @@ import type { AppResourceFlags } from "./patternTypes.js";
 export declare const STEP_IDS: {
     readonly AUTH: "auth";
     readonly DETECT_CONFIG: "detect-config";
+    readonly TARGET_READINESS: "target-readiness";
     readonly BOOTSTRAP: "bootstrap";
     readonly CFN_CHECK: "cfn-check";
     readonly DIFF: "diff";
@@ -71,6 +72,7 @@ export declare const STEP_NAMES: {
     readonly AUTH: "Authenticating with AWS";
     readonly PREPARE_DEPLOY: "Preparing deployment";
     readonly PREPARE_DESTROY: "Preparing destruction";
+    readonly TARGET_READINESS: "Verifying target readiness";
     readonly BOOTSTRAP: "Bootstrapping AWS environment";
     readonly CHECK_INFRA_STATE: "Checking infrastructure state";
     readonly ORG_SETUP: "Configuring organisation";

package/dist/src/types/stepDefinitions.js CHANGED Viewed

	@@ -1 +1 @@
1	- const E={AUTH:"auth",DETECT_CONFIG:"detect-config",BOOTSTRAP:"bootstrap",CFN_CHECK:"cfn-check",DIFF:"diff",DEPLOY:"deploy",DESTROY:"destroy",VERIFY:"verify",CDK_SYNTH:"cdk-synth",DOCKER_OPERATIONS:"docker-operations",ECR_INIT:"ecr-init",DOCKER_DEPLOY:"docker-deploy",TAG_ECR_IMAGES:"tag-ecr-images",ORG_SETUP:"org-setup",ORG_ENSURE:"org-ensure",ORG_POLICY_TYPES:"policy-types",ORG_SERVICE_ACCESS:"service-access",ORG_CREATE_ACCOUNTS:"create-accounts",ORG_ENSURE_OUS:"ensure-ous",ORG_PLACE_ACCOUNTS:"place-accounts",IDENTITY_CENTRE:"identity-centre",ORG_ACCOUNTS:"accounts",ORG_COST_TAGS:"cost-tags",ORG_PROFILES:"profiles",PREPARE:"prepare",PREPARE_ENVIRONMENT:"prepare-environment",PLATFORM_ACCOUNT:"platform-account",ACCOUNT_CONTEXT:"account-context",CONNECT:"connect",MONITORING:"monitoring",ORG_DEPLOY:"organisation-deploy",ORG_DESTROY:"organisation-destroy",CASCADE_PLATFORM:"cascade-platform",CASCADE_DOMAINS:"cascade-domains",CASCADE_ACCOUNTS:"cascade-accounts",NETWORK:"network",STORAGE:"storage",MESSAGING:"messaging",DATABASE:"database",COMPUTE:"compute",CDN:"cdn",NETWORK_DESTROY:"network-destroy",STORAGE_DESTROY:"storage-destroy",MESSAGING_DESTROY:"messaging-destroy",DATABASE_DESTROY:"database-destroy",COMPUTE_DESTROY:"compute-destroy",CDN_DESTROY:"cdn-destroy"},t={AUTH:"Authenticating with AWS",PREPARE_DEPLOY:"Preparing deployment",PREPARE_DESTROY:"Preparing destruction",BOOTSTRAP:"Bootstrapping AWS environment",CHECK_INFRA_STATE:"Checking infrastructure state",ORG_SETUP:"Configuring organisation",ORG_DEPLOY:"Deploying organisation",CASCADE_PLATFORM:"Deploying platform",CASCADE_ACCOUNTS:"Deploying accounts"},e=["Connect securely","Prepare environment","Deploy infrastructure","Enable monitoring"],o={CONNECT:e[0],PREPARE:e[1],DEPLOY:e[2],MONITORING:e[3]};export{e as INFRASTRUCTURE_STEP_NAMES,o as INFRA_STEP_NAME,E as STEP_IDS,t as STEP_NAMES};
1	+ const E={AUTH:"auth",DETECT_CONFIG:"detect-config",TARGET_READINESS:"target-readiness",BOOTSTRAP:"bootstrap",CFN_CHECK:"cfn-check",DIFF:"diff",DEPLOY:"deploy",DESTROY:"destroy",VERIFY:"verify",CDK_SYNTH:"cdk-synth",DOCKER_OPERATIONS:"docker-operations",ECR_INIT:"ecr-init",DOCKER_DEPLOY:"docker-deploy",TAG_ECR_IMAGES:"tag-ecr-images",ORG_SETUP:"org-setup",ORG_ENSURE:"org-ensure",ORG_POLICY_TYPES:"policy-types",ORG_SERVICE_ACCESS:"service-access",ORG_CREATE_ACCOUNTS:"create-accounts",ORG_ENSURE_OUS:"ensure-ous",ORG_PLACE_ACCOUNTS:"place-accounts",IDENTITY_CENTRE:"identity-centre",ORG_ACCOUNTS:"accounts",ORG_COST_TAGS:"cost-tags",ORG_PROFILES:"profiles",PREPARE:"prepare",PREPARE_ENVIRONMENT:"prepare-environment",PLATFORM_ACCOUNT:"platform-account",ACCOUNT_CONTEXT:"account-context",CONNECT:"connect",MONITORING:"monitoring",ORG_DEPLOY:"organisation-deploy",ORG_DESTROY:"organisation-destroy",CASCADE_PLATFORM:"cascade-platform",CASCADE_DOMAINS:"cascade-domains",CASCADE_ACCOUNTS:"cascade-accounts",NETWORK:"network",STORAGE:"storage",MESSAGING:"messaging",DATABASE:"database",COMPUTE:"compute",CDN:"cdn",NETWORK_DESTROY:"network-destroy",STORAGE_DESTROY:"storage-destroy",MESSAGING_DESTROY:"messaging-destroy",DATABASE_DESTROY:"database-destroy",COMPUTE_DESTROY:"compute-destroy",CDN_DESTROY:"cdn-destroy"},t={AUTH:"Authenticating with AWS",PREPARE_DEPLOY:"Preparing deployment",PREPARE_DESTROY:"Preparing destruction",TARGET_READINESS:"Verifying target readiness",BOOTSTRAP:"Bootstrapping AWS environment",CHECK_INFRA_STATE:"Checking infrastructure state",ORG_SETUP:"Configuring organisation",ORG_DEPLOY:"Deploying organisation",CASCADE_PLATFORM:"Deploying platform",CASCADE_ACCOUNTS:"Deploying accounts"},e=["Connect securely","Prepare environment","Deploy infrastructure","Enable monitoring"],o={CONNECT:e[0],PREPARE:e[1],DEPLOY:e[2],MONITORING:e[3]};export{e as INFRASTRUCTURE_STEP_NAMES,o as INFRA_STEP_NAME,E as STEP_IDS,t as STEP_NAMES};

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@fjall/deploy-core",
-  "version": "2.13.0",
+  "version": "2.14.0",
   "description": "Shared deployment engine for Fjall — used by CLI and webapp worker",
   "type": "module",
   "main": "dist/src/index.js",
@@ -69,15 +69,17 @@
     "@aws-sdk/client-cost-explorer": "^3.1038.0",
     "@aws-sdk/client-ec2": "^3.1038.0",
     "@aws-sdk/client-ecr": "^3.1039.0",
+    "@aws-sdk/client-iam": "^3.1038.0",
     "@aws-sdk/client-kms": "^3.1065.0",
     "@aws-sdk/client-organizations": "^3.1038.0",
     "@aws-sdk/client-ram": "^3.1038.0",
     "@aws-sdk/client-s3": "^3.1038.0",
     "@aws-sdk/client-secrets-manager": "^3.1038.0",
+    "@aws-sdk/client-sqs": "^3.1067.0",
     "@aws-sdk/client-sso-admin": "^3.1038.0",
     "@aws-sdk/client-sts": "^3.1038.0",
-    "@fjall/generator": "^2.13.0",
-    "@fjall/util": "^2.13.0",
+    "@fjall/generator": "^2.14.0",
+    "@fjall/util": "^2.14.0",
     "@smithy/node-http-handler": "^4.6.1",
     "tsx": "^4.21.0",
     "zod": "^4.4.3"
@@ -86,5 +88,5 @@
     "@types/node": "^25.6.0",
     "vitest": "^4.1.5"
   },
-  "gitHead": "5b16c5731256628f829d4168c65cf165b3516f9a"
+  "gitHead": "ce434478f9e3d5e5ccf979c152a237c81e4acee5"
 }