npm - @go-to-k/cdkd - Versions diffs - 0.162.3 → 0.163.0 - Mend

@go-to-k/cdkd 0.162.3 → 0.163.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/cli.js CHANGED Viewed

@@ -1004,9 +1004,12 @@ const MULTI_REGION_RECREATE_BLOCKED_TYPES = new Set(["AWS::DynamoDB::GlobalTable
 * Cheap, synchronous read of the resource's recorded properties only.
 * For `AWS::S3::Bucket` this returns `null` — the live `ListObjectsV2`
 * probe to distinguish empty buckets (safe to recreate) from
-* non-empty (data loss) needs an S3 client + an AWS round-trip and is
-* deferred to a follow-up issue (v1 sync-defers; an `--force-stateful-
-* recreation` is recommended for any potentially-non-empty S3 target).
+* non-empty (data loss) lives in
+* `src/deployment/recreate-targets.ts#probeStatefulRecreateTargetsAsync`
+* (issue [#648]) and runs after this sync first-cut. Sync callers can
+* still treat `null` as "not stateful" — the deploy command does both
+* passes back-to-back; only callers that explicitly opt out of the
+* async probe need to assume conservative "stateful" semantics.
 *
 * Returns the {@link StatefulReason} when the type is stateful (or
 * `null` for non-stateful types).
@@ -1038,11 +1041,47 @@ function renderStatefulReason(reason) {
 //#endregion
 //#region src/deployment/recreate-targets.ts
 /**
+* Pre-flight validation for `--recreate-via-cc-api <LogicalId>` deploy
+* flag (issue [#615]).
+*
+* Three things to validate before the deploy engine acts on the user's
+* recreate list:
+*
+*   1. Every named logical id MUST exist in the synth template. A typo
+*      should fail fast, not silently skip.
+*   2. Every named logical id MUST exist in cdkd state (the recreate
+*      operation requires an existing physical resource to destroy +
+*      recreate). A logical id in the template but absent from state
+*      is a CREATE on the next deploy regardless — recreate is a
+*      no-op for fresh deploys and should error out with a clear
+*      message rather than silently apply.
+*   3. Stateful-resource guard: every named target whose resource type
+*      is in {@link STATEFUL_TYPES} (or conditionally stateful — S3
+*      bucket with objects, LogGroup with retention) MUST be matched
+*      by an explicit `--force-stateful-recreation` flag. The sync
+*      first-cut runs from the recorded properties alone; the live
+*      `s3:ListObjectsV2` probe (issue [#648]) promotes a `null`
+*      reason to `'has-objects'` when a bucket actually contains data.
+*   4. Multi-region refusal: every named target whose resource type
+*      is in {@link MULTI_REGION_RECREATE_BLOCKED_TYPES} (e.g.
+*      `AWS::DynamoDB::GlobalTable`) is refused outright. Out of
+*      scope for v1; no `--force-stateful-recreation` bypass since
+*      this is a structural limitation, not a data-loss footgun.
+*
+* Plus one cross-flag invariant: `--recreate-via-cc-api MyLambda`
+* combined with `--allow-unsupported-properties AWS::Lambda::Function:LoggingConfig`
+* on a resource whose template carries `LoggingConfig` is **ambiguous
+* intent** — does the user want SDK + silent drop, or CC migration?
+* Fail fast and let the user pick one strategy per resource.
+*/
+/**
 * Plan-time validation of the user's recreate-via-cc-api list.
 *
-* Pure with respect to AWS — does NOT probe S3 bucket emptiness. The
-* S3 conditional check is deferred to a follow-up issue (the live
-* `s3:ListObjectsV2` probe is out of scope for v1).
+* Pure with respect to AWS — does NOT probe S3 bucket emptiness. Wrap
+* the result with {@link probeAndRevalidateStateful} to promote S3
+* targets' `statefulReason` via a live `s3:ListObjectsV2` round-trip
+* before rendering errors. The deploy command does this; the validator
+* itself stays sync so unit tests don't need an S3 mock.
 *
 * Input order is preserved; duplicate logical ids in the user's input
 * are deduplicated.
@@ -1137,6 +1176,84 @@ function renderRecreateTargetsErrors(validation) {
 	}
 	return lines.length > 0 ? lines.join("\n") : null;
 }
+/**
+* Async S3 object probe (issue [#648]).
+*
+* For every `AWS::S3::Bucket` target whose sync {@link StatefulReason}
+* is `null` (the sync map defers — see {@link isStatefulRecreateTargetSync}),
+* issues a single-page `ListObjectVersions(MaxKeys=1)` against the
+* bucket's recorded physical id. When the bucket has at least one
+* current object, prior version, OR delete-marker, promotes the
+* target's `statefulReason` to `'has-objects'`.
+*
+* Uses `ListObjectVersions` rather than `ListObjectsV2` so the probe
+* mirrors the s3-bucket-provider's `emptyBucket` view: a versioned
+* bucket whose current keys have all been soft-deleted (so
+* `ListObjectsV2.KeyCount === 0`) still holds prior versions +
+* delete-markers that the destroy + recreate cycle would lose. Using
+* the same listing API as the provider ensures the probe and the
+* destroy path agree on "empty".
+*
+* **Soft-fail on probe errors**: if `ListObjectVersions` throws
+* (permission denied, bucket-not-found mid-flight, transient network
+* error), logs a warn and leaves the target's `statefulReason` at the
+* sync result (`null`). The user can decide to proceed without the
+* probe by passing `--force-stateful-recreation`.
+*
+* Returns a NEW array of targets; the input is not mutated. Non-S3
+* targets and S3 targets whose sync reason is already non-null are
+* passed through unchanged.
+*/
+async function probeStatefulRecreateTargetsAsync(targets, s3Client, logger = getLogger().child("recreate-targets")) {
+	const promoted = [];
+	for (const target of targets) {
+		if (target.resourceType !== "AWS::S3::Bucket" || target.statefulReason !== null) {
+			promoted.push({ ...target });
+			continue;
+		}
+		try {
+			const result = await s3Client.send(new ListObjectVersionsCommand({
+				Bucket: target.physicalId,
+				MaxKeys: 1
+			}));
+			const hasVersions = (result.Versions?.length ?? 0) > 0;
+			const hasDeleteMarkers = (result.DeleteMarkers?.length ?? 0) > 0;
+			if (hasVersions || hasDeleteMarkers) promoted.push({
+				...target,
+				statefulReason: "has-objects"
+			});
+			else promoted.push({ ...target });
+		} catch (e) {
+			logger.warn(`--recreate-via-cc-api: live S3 probe failed for ${target.logicalId} (bucket ${target.physicalId}); leaving stateful guard at the sync result. If the bucket might be non-empty, re-run with --force-stateful-recreation. Underlying error: ${e instanceof Error ? e.message : String(e)}`);
+			promoted.push({ ...target });
+		}
+	}
+	return promoted;
+}
+/**
+* Async re-validation of the stateful-guard slice of a
+* {@link RecreateTargetsValidation}, after promoting S3 bucket reasons
+* via {@link probeStatefulRecreateTargetsAsync}.
+*
+* Skips the probe entirely when `forceStatefulRecreation: true` — the
+* sync validation already omits the blocked list in that case, and
+* skipping avoids an unnecessary AWS round-trip (plus permission-denied
+* warn-and-skip cycle on low-privilege CI roles).
+*
+* Returns a NEW validation; the input is not mutated. Non-stateful
+* categories (`unknownLogicalIds` / `missingFromState` /
+* `ambiguousIntent` / `blockedMultiRegionTargets`) are preserved verbatim.
+*/
+async function probeAndRevalidateStateful(input) {
+	if (input.forceStatefulRecreation) return input.validation;
+	const promoted = await probeStatefulRecreateTargetsAsync(input.validation.targets, input.s3Client);
+	const blockedStatefulTargets = promoted.filter((t) => t.statefulReason !== null);
+	return {
+		...input.validation,
+		targets: promoted,
+		blockedStatefulTargets
+	};
+}
 //#endregion
 //#region src/state/export-index-store.ts
@@ -33597,18 +33714,22 @@ async function deployCommand(stacks, options) {
 				let recreateViaCcApiTargets;
 				if (options.recreateViaCcApi?.length) {
 					const stateForRecreateCheck = await stackStateBackend.getState(stackInfo.stackName, stackRegion);
-					const validation = validateRecreateTargets({
-						template: stackInfo.template,
-						state: stateForRecreateCheck?.state ?? {
-							version: 7,
-							stackName: stackInfo.stackName,
-							region: stackRegion,
-							resources: {},
-							outputs: {},
-							lastModified: Date.now()
-						},
-						recreateViaCcApi: options.recreateViaCcApi,
-						allowUnsupportedProperties: new Set(options.allowUnsupportedProperties ?? []),
+					const validation = await probeAndRevalidateStateful({
+						validation: validateRecreateTargets({
+							template: stackInfo.template,
+							state: stateForRecreateCheck?.state ?? {
+								version: 7,
+								stackName: stackInfo.stackName,
+								region: stackRegion,
+								resources: {},
+								outputs: {},
+								lastModified: Date.now()
+							},
+							recreateViaCcApi: options.recreateViaCcApi,
+							allowUnsupportedProperties: new Set(options.allowUnsupportedProperties ?? []),
+							forceStatefulRecreation: options.forceStatefulRecreation ?? false
+						}),
+						s3Client: stackAwsClients.s3,
 						forceStatefulRecreation: options.forceStatefulRecreation ?? false
 					});
 					const errorBlock = renderRecreateTargetsErrors(validation);
@@ -60328,7 +60449,7 @@ function reorderArgs(argv) {
 */
 async function main() {
 	const program = new Command();
-	program.name("cdkd").description("CDK Direct - Deploy AWS CDK apps directly via SDK/Cloud Control API").version("0.162.3");
+	program.name("cdkd").description("CDK Direct - Deploy AWS CDK apps directly via SDK/Cloud Control API").version("0.163.0");
 	program.addCommand(createBootstrapCommand());
 	program.addCommand(createSynthCommand());
 	program.addCommand(createListCommand());