@friggframework/devtools 2.0.0--canary.580.235db2b.0 → 2.0.0--canary.580.f1cb41c.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -415,9 +415,16 @@ class AuroraBuilder extends InfrastructureBuilder {
|
|
|
415
415
|
],
|
|
416
416
|
// Note: PubliclyAccessible is NOT supported on Aurora clusters
|
|
417
417
|
// It should only be set on DB instances (see FriggAuroraInstance below)
|
|
418
|
+
// MaxCapacity default bumped 1 → 4 ACU: at 0.5–1 ACU Aurora is
|
|
419
|
+
// CPU-starved under 20-way concurrent writes from a Lambda
|
|
420
|
+
// fan-out sync, which starves worker queries and compounds
|
|
421
|
+
// the tail-latency problem. 4 ACU is still cheap (scales to
|
|
422
|
+
// min when idle) and gives the DB enough headroom to
|
|
423
|
+
// absorb bursty sync traffic. Apps can still override both
|
|
424
|
+
// via app definition dbConfig.
|
|
418
425
|
ServerlessV2ScalingConfiguration: {
|
|
419
426
|
MinCapacity: dbConfig.minCapacity || 0.5,
|
|
420
|
-
MaxCapacity: dbConfig.maxCapacity ||
|
|
427
|
+
MaxCapacity: dbConfig.maxCapacity || 4,
|
|
421
428
|
},
|
|
422
429
|
EnableHttpEndpoint: false,
|
|
423
430
|
BackupRetentionPeriod: 7,
|
|
@@ -790,9 +797,35 @@ exports.handler = async (event, context) => {
|
|
|
790
797
|
return `{{resolve:secretsmanager:${secretRefValue}:SecretString:password}}`;
|
|
791
798
|
};
|
|
792
799
|
|
|
800
|
+
// Pool + timeout query params:
|
|
801
|
+
// connection_limit=1 — one pg connection per Lambda container;
|
|
802
|
+
// rely on Lambda concurrency for parallelism
|
|
803
|
+
// rather than per-process pooling (AWS RDS/
|
|
804
|
+
// Lambda best practice).
|
|
805
|
+
// pool_timeout=10 — throw P2024 instead of waiting forever for
|
|
806
|
+
// a pool slot.
|
|
807
|
+
// connect_timeout=10 — bound TCP/TLS handshake to 10s.
|
|
808
|
+
// socket_timeout=60 — kill the client socket if the server
|
|
809
|
+
// never responds (dead NAT/VPC route case).
|
|
810
|
+
// options=-c statement_timeout=30000 -c lock_timeout=10000
|
|
811
|
+
// — Postgres-side hard caps on query and
|
|
812
|
+
// lock-wait duration; queries aborting
|
|
813
|
+
// with SQLSTATE 57014 / 55P03 surface as
|
|
814
|
+
// errors instead of 15-minute Lambda
|
|
815
|
+
// timeouts. URL-encoded per Postgres libpq
|
|
816
|
+
// conventions (space→%20, `=`→%3D inside
|
|
817
|
+
// the options value).
|
|
818
|
+
const queryParams = [
|
|
819
|
+
'connection_limit=1',
|
|
820
|
+
'pool_timeout=10',
|
|
821
|
+
'connect_timeout=10',
|
|
822
|
+
'socket_timeout=60',
|
|
823
|
+
'options=-c%20statement_timeout%3D30000%20-c%20lock_timeout%3D10000',
|
|
824
|
+
].join('&');
|
|
825
|
+
|
|
793
826
|
return {
|
|
794
827
|
'Fn::Sub': [
|
|
795
|
-
`postgresql://\${Username}:\${Password}@\${Host}:\${Port}/\${Database}`,
|
|
828
|
+
`postgresql://\${Username}:\${Password}@\${Host}:\${Port}/\${Database}?${queryParams}`,
|
|
796
829
|
{
|
|
797
830
|
Username: resolveSecretRef(secretRef),
|
|
798
831
|
Password: resolveSecretPassword(secretRef),
|
|
@@ -556,7 +556,14 @@ describe('AuroraBuilder', () => {
|
|
|
556
556
|
|
|
557
557
|
// Should use Fn::Sub with nested Fn::Sub to resolve the Ref
|
|
558
558
|
expect(dbUrl['Fn::Sub']).toBeDefined();
|
|
559
|
-
|
|
559
|
+
// Template includes pool + timeout query params to prevent
|
|
560
|
+
// silent 15-min Lambda hangs on DB contention.
|
|
561
|
+
expect(dbUrl['Fn::Sub'][0]).toMatch(
|
|
562
|
+
/^postgresql:\/\/\$\{Username\}:\$\{Password\}@\$\{Host\}:\$\{Port\}\/\$\{Database\}\?/
|
|
563
|
+
);
|
|
564
|
+
expect(dbUrl['Fn::Sub'][0]).toContain('connection_limit=1');
|
|
565
|
+
expect(dbUrl['Fn::Sub'][0]).toContain('pool_timeout=10');
|
|
566
|
+
expect(dbUrl['Fn::Sub'][0]).toContain('statement_timeout%3D30000');
|
|
560
567
|
|
|
561
568
|
// The Username and Password should use Fn::Sub to resolve the secret Ref, not literal "[object Object]"
|
|
562
569
|
expect(dbUrl['Fn::Sub'][1].Username['Fn::Sub']).toBeDefined();
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@friggframework/devtools",
|
|
3
3
|
"prettier": "@friggframework/prettier-config",
|
|
4
|
-
"version": "2.0.0--canary.580.
|
|
4
|
+
"version": "2.0.0--canary.580.f1cb41c.0",
|
|
5
5
|
"bin": {
|
|
6
6
|
"frigg": "./frigg-cli/index.js"
|
|
7
7
|
},
|
|
@@ -25,9 +25,9 @@
|
|
|
25
25
|
"@babel/eslint-parser": "^7.18.9",
|
|
26
26
|
"@babel/parser": "^7.25.3",
|
|
27
27
|
"@babel/traverse": "^7.25.3",
|
|
28
|
-
"@friggframework/core": "2.0.0--canary.580.
|
|
29
|
-
"@friggframework/schemas": "2.0.0--canary.580.
|
|
30
|
-
"@friggframework/test": "2.0.0--canary.580.
|
|
28
|
+
"@friggframework/core": "2.0.0--canary.580.f1cb41c.0",
|
|
29
|
+
"@friggframework/schemas": "2.0.0--canary.580.f1cb41c.0",
|
|
30
|
+
"@friggframework/test": "2.0.0--canary.580.f1cb41c.0",
|
|
31
31
|
"@hapi/boom": "^10.0.1",
|
|
32
32
|
"@inquirer/prompts": "^5.3.8",
|
|
33
33
|
"axios": "^1.7.2",
|
|
@@ -55,8 +55,8 @@
|
|
|
55
55
|
"validate-npm-package-name": "^5.0.0"
|
|
56
56
|
},
|
|
57
57
|
"devDependencies": {
|
|
58
|
-
"@friggframework/eslint-config": "2.0.0--canary.580.
|
|
59
|
-
"@friggframework/prettier-config": "2.0.0--canary.580.
|
|
58
|
+
"@friggframework/eslint-config": "2.0.0--canary.580.f1cb41c.0",
|
|
59
|
+
"@friggframework/prettier-config": "2.0.0--canary.580.f1cb41c.0",
|
|
60
60
|
"aws-sdk-client-mock": "^4.1.0",
|
|
61
61
|
"aws-sdk-client-mock-jest": "^4.1.0",
|
|
62
62
|
"jest": "^30.1.3",
|
|
@@ -88,5 +88,5 @@
|
|
|
88
88
|
"publishConfig": {
|
|
89
89
|
"access": "public"
|
|
90
90
|
},
|
|
91
|
-
"gitHead": "
|
|
91
|
+
"gitHead": "f1cb41cac2478873b9f7de4f2021848d85587a2a"
|
|
92
92
|
}
|