npm - @go-to-k/cdkd - Versions diffs - 0.50.9 → 0.50.10 - Mend

@go-to-k/cdkd 0.50.9 → 0.50.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/cli.js +109 -41
package/dist/cli.js.map +2 -2
package/dist/go-to-k-cdkd-0.50.10.tgz +0 -0
package/package.json +1 -1
package/dist/go-to-k-cdkd-0.50.9.tgz +0 -0

package/dist/cli.js CHANGED Viewed

@@ -19412,7 +19412,11 @@ var EC2Provider = class {
       case "AWS::EC2::NetworkAcl":
       case "AWS::EC2::NetworkAclEntry":
       case "AWS::EC2::SubnetNetworkAclAssociation":
-        return { physicalId, wasReplaced: false };
+        throw new ResourceUpdateNotSupportedError(
+          resourceType,
+          logicalId,
+          "destroy + redeploy. The property surface for this resource type is effectively immutable in cdkd today."
+        );
       default:
         throw new ProvisioningError(
           `Unsupported resource type: ${resourceType}`,
@@ -19557,21 +19561,28 @@ var EC2Provider = class {
   async updateVpc(logicalId, physicalId, resourceType, properties, previousProperties) {
     this.logger.debug(`Updating VPC ${logicalId}: ${physicalId}`);
     try {
-      if (properties["EnableDnsHostnames"] !== void 0) {
-        const value = properties["EnableDnsHostnames"] === true || properties["EnableDnsHostnames"] === "true";
+      const asBool = (v) => {
+        if (v === void 0)
+          return void 0;
+        return v === true || v === "true";
+      };
+      const newDnsHostnames = asBool(properties["EnableDnsHostnames"]);
+      const oldDnsHostnames = asBool(previousProperties["EnableDnsHostnames"]);
+      if (newDnsHostnames !== void 0 && newDnsHostnames !== oldDnsHostnames) {
         await this.ec2Client.send(
           new ModifyVpcAttributeCommand({
             VpcId: physicalId,
-            EnableDnsHostnames: { Value: value }
+            EnableDnsHostnames: { Value: newDnsHostnames }
           })
         );
       }
-      if (properties["EnableDnsSupport"] !== void 0) {
-        const value = properties["EnableDnsSupport"] === true || properties["EnableDnsSupport"] === "true";
+      const newDnsSupport = asBool(properties["EnableDnsSupport"]);
+      const oldDnsSupport = asBool(previousProperties["EnableDnsSupport"]);
+      if (newDnsSupport !== void 0 && newDnsSupport !== oldDnsSupport) {
         await this.ec2Client.send(
           new ModifyVpcAttributeCommand({
             VpcId: physicalId,
-            EnableDnsSupport: { Value: value }
+            EnableDnsSupport: { Value: newDnsSupport }
           })
         );
       }
@@ -19754,8 +19765,13 @@ var EC2Provider = class {
     }
   }
   updateSubnet(logicalId, physicalId) {
-    this.logger.debug(`Updating Subnet ${logicalId}: ${physicalId} (no-op, immutable properties)`);
-    return Promise.resolve({ physicalId, wasReplaced: false });
+    return Promise.reject(
+      new ResourceUpdateNotSupportedError(
+        "AWS::EC2::Subnet",
+        logicalId,
+        "destroy + redeploy the Subnet (and the resources that depend on it). Subnet properties are immutable in AWS."
+      )
+    );
   }
   async deleteSubnet(logicalId, physicalId, resourceType, context) {
     this.logger.debug(`Deleting Subnet ${logicalId}: ${physicalId}`);
@@ -19890,8 +19906,13 @@ var EC2Provider = class {
     }
   }
   updateInternetGateway(logicalId, physicalId) {
-    this.logger.debug(`Updating InternetGateway ${logicalId}: ${physicalId} (no-op)`);
-    return Promise.resolve({ physicalId, wasReplaced: false });
+    return Promise.reject(
+      new ResourceUpdateNotSupportedError(
+        "AWS::EC2::InternetGateway",
+        logicalId,
+        "destroy + redeploy the InternetGateway. IGW properties are immutable in AWS."
+      )
+    );
   }
   async deleteInternetGateway(logicalId, physicalId, resourceType, context) {
     this.logger.debug(`Deleting InternetGateway ${logicalId}: ${physicalId}`);
@@ -19960,8 +19981,13 @@ var EC2Provider = class {
     }
   }
   updateVpcGatewayAttachment(logicalId, physicalId) {
-    this.logger.debug(`Updating VPCGatewayAttachment ${logicalId}: ${physicalId} (no-op)`);
-    return Promise.resolve({ physicalId, wasReplaced: false });
+    return Promise.reject(
+      new ResourceUpdateNotSupportedError(
+        "AWS::EC2::VPCGatewayAttachment",
+        logicalId,
+        "destroy + redeploy the VPCGatewayAttachment. The (VpcId, InternetGatewayId) pair is immutable."
+      )
+    );
   }
   async deleteVpcGatewayAttachment(logicalId, physicalId, resourceType, context) {
     this.logger.debug(`Deleting VPCGatewayAttachment ${logicalId}: ${physicalId}`);
@@ -20076,8 +20102,13 @@ var EC2Provider = class {
     }
   }
   updateNatGateway(logicalId, physicalId) {
-    this.logger.debug(`Updating NatGateway ${logicalId}: ${physicalId} (no-op)`);
-    return Promise.resolve({ physicalId, wasReplaced: false });
+    return Promise.reject(
+      new ResourceUpdateNotSupportedError(
+        "AWS::EC2::NatGateway",
+        logicalId,
+        "destroy + redeploy the NatGateway (and the dependent Routes). NAT Gateway properties are immutable in AWS."
+      )
+    );
   }
   async deleteNatGateway(logicalId, physicalId, resourceType, context) {
     this.logger.debug(`Deleting NatGateway ${logicalId}: ${physicalId}`);
@@ -20152,8 +20183,13 @@ var EC2Provider = class {
     }
   }
   updateRouteTable(logicalId, physicalId) {
-    this.logger.debug(`Updating RouteTable ${logicalId}: ${physicalId} (no-op)`);
-    return Promise.resolve({ physicalId, wasReplaced: false });
+    return Promise.reject(
+      new ResourceUpdateNotSupportedError(
+        "AWS::EC2::RouteTable",
+        logicalId,
+        "destroy + redeploy the RouteTable (and its associated Routes / SubnetRouteTableAssociations). VpcId is immutable."
+      )
+    );
   }
   async deleteRouteTable(logicalId, physicalId, resourceType, context) {
     this.logger.debug(`Deleting RouteTable ${logicalId}: ${physicalId}`);
@@ -20228,8 +20264,11 @@ var EC2Provider = class {
       );
     }
   }
-  async updateRoute(logicalId, physicalId, resourceType, properties, _previousProperties) {
+  async updateRoute(logicalId, physicalId, resourceType, properties, previousProperties) {
     this.logger.debug(`Updating Route ${logicalId}: ${physicalId}`);
+    if (JSON.stringify(properties) === JSON.stringify(previousProperties)) {
+      return { physicalId, wasReplaced: false };
+    }
     try {
       await this.deleteRoute(logicalId, physicalId, resourceType);
       const createResult = await this.createRoute(logicalId, resourceType, properties);
@@ -20332,10 +20371,13 @@ var EC2Provider = class {
     }
   }
   updateSubnetRouteTableAssociation(logicalId, physicalId) {
-    this.logger.debug(
-      `Updating SubnetRouteTableAssociation ${logicalId}: ${physicalId} (no-op, requires replacement)`
+    return Promise.reject(
+      new ResourceUpdateNotSupportedError(
+        "AWS::EC2::SubnetRouteTableAssociation",
+        logicalId,
+        "destroy + redeploy the association. (SubnetId, RouteTableId) is immutable."
+      )
     );
-    return Promise.resolve({ physicalId, wasReplaced: false });
   }
   async deleteSubnetRouteTableAssociation(logicalId, physicalId, resourceType, context) {
     this.logger.debug(`Deleting SubnetRouteTableAssociation ${logicalId}: ${physicalId}`);
@@ -20633,6 +20675,9 @@ var EC2Provider = class {
   }
   async updateSecurityGroupIngress(logicalId, physicalId, resourceType, properties, previousProperties) {
     this.logger.debug(`Updating SecurityGroupIngress ${logicalId}: ${physicalId}`);
+    if (JSON.stringify(properties) === JSON.stringify(previousProperties)) {
+      return { physicalId, wasReplaced: false };
+    }
     try {
       await this.deleteSecurityGroupIngress(
         logicalId,
@@ -23906,6 +23951,24 @@ var CloudFrontOAIProvider = class {
       throw err;
     }
   }
+  /**
+   * State property paths the comparator must skip during drift detection.
+   *
+   * `CloudFrontOriginAccessIdentityConfig.CallerReference` is set by cdkd
+   * to `logicalId` at create time regardless of what the CDK template
+   * specified, so it ends up in `state.properties` (from the resolved
+   * template) but is intentionally not surfaced by `readCurrentState`. A
+   * keys-from-state walk would otherwise compare `state.CallerReference`
+   * against `aws=undefined` and fire a guaranteed false positive on every
+   * clean run for any stack whose template templated CallerReference.
+   *
+   * The field is also immutable in AWS — the OAI's CallerReference cannot
+   * change post-create — so omitting it from drift is also semantically
+   * correct.
+   */
+  getDriftUnknownPaths() {
+    return ["CloudFrontOriginAccessIdentityConfig.CallerReference"];
+  }
   /**
    * Adopt an existing CloudFront Origin Access Identity into cdkd state.
    *
@@ -26549,7 +26612,8 @@ var ELBv2Provider = class {
   async updateTargetGroup(logicalId, physicalId, resourceType, properties, previousProperties) {
     this.logger.debug(`Updating TargetGroup ${logicalId}: ${physicalId}`);
     try {
-      const matcher = properties["Matcher"];
+      const rawMatcher = properties["Matcher"];
+      const matcher = rawMatcher && (rawMatcher.HttpCode !== void 0 || rawMatcher.GrpcCode !== void 0) ? rawMatcher : void 0;
       await this.getClient().send(
         new ModifyTargetGroupCommand({
           TargetGroupArn: physicalId,
@@ -28527,7 +28591,7 @@ var Route53Provider = class {
       }
     }
     const setIdentifier = properties["SetIdentifier"];
-    if (setIdentifier) {
+    if (setIdentifier !== void 0) {
       recordSet.SetIdentifier = setIdentifier;
     }
     const weight = properties["Weight"];
@@ -28535,11 +28599,11 @@ var Route53Provider = class {
       recordSet.Weight = Number(weight);
     }
     const region = properties["Region"];
-    if (region) {
+    if (region !== void 0) {
       recordSet.Region = region;
     }
     const failover = properties["Failover"];
-    if (failover) {
+    if (failover !== void 0) {
       recordSet.Failover = failover;
     }
     const multiValueAnswer = properties["MultiValueAnswer"];
@@ -28547,15 +28611,15 @@ var Route53Provider = class {
       recordSet.MultiValueAnswer = typeof multiValueAnswer === "string" ? multiValueAnswer.toLowerCase() === "true" : multiValueAnswer;
     }
     const healthCheckId = properties["HealthCheckId"];
-    if (healthCheckId) {
+    if (healthCheckId !== void 0) {
       recordSet.HealthCheckId = healthCheckId;
     }
     const geoLocation = properties["GeoLocation"];
     if (geoLocation) {
       recordSet.GeoLocation = {
-        ...geoLocation["ContinentCode"] ? { ContinentCode: geoLocation["ContinentCode"] } : {},
-        ...geoLocation["CountryCode"] ? { CountryCode: geoLocation["CountryCode"] } : {},
-        ...geoLocation["SubdivisionCode"] ? { SubdivisionCode: geoLocation["SubdivisionCode"] } : {}
+        ...geoLocation["ContinentCode"] !== void 0 ? { ContinentCode: geoLocation["ContinentCode"] } : {},
+        ...geoLocation["CountryCode"] !== void 0 ? { CountryCode: geoLocation["CountryCode"] } : {},
+        ...geoLocation["SubdivisionCode"] !== void 0 ? { SubdivisionCode: geoLocation["SubdivisionCode"] } : {}
       };
     }
     return recordSet;
@@ -28785,14 +28849,16 @@ var Route53Provider = class {
       }
       result["HostedZoneConfig"] = cfg;
     }
-    result["VPCs"] = (resp.VPCs ?? []).map((v) => {
-      const out = {};
-      if (v.VPCId !== void 0)
-        out["VPCId"] = v.VPCId;
-      if (v.VPCRegion !== void 0)
-        out["VPCRegion"] = v.VPCRegion;
-      return out;
-    });
+    if (resp.HostedZone.Config?.PrivateZone === true) {
+      result["VPCs"] = (resp.VPCs ?? []).map((v) => {
+        const out = {};
+        if (v.VPCId !== void 0)
+          out["VPCId"] = v.VPCId;
+        if (v.VPCRegion !== void 0)
+          out["VPCRegion"] = v.VPCRegion;
+        return out;
+      });
+    }
     const idTail = physicalId.replace(/^\/hostedzone\//, "");
     try {
       const tagsResp = await this.getClient().send(
@@ -28837,9 +28903,11 @@ var Route53Provider = class {
       Name: name,
       Type: type
     };
-    if (recordSet.TTL !== void 0)
-      result["TTL"] = recordSet.TTL;
-    result["ResourceRecords"] = (recordSet.ResourceRecords ?? []).map((r) => r.Value).filter((v) => typeof v === "string");
+    if (!recordSet.AliasTarget) {
+      if (recordSet.TTL !== void 0)
+        result["TTL"] = recordSet.TTL;
+      result["ResourceRecords"] = (recordSet.ResourceRecords ?? []).map((r) => r.Value).filter((v) => typeof v === "string");
+    }
     if (recordSet.AliasTarget) {
       const at = {};
       if (recordSet.AliasTarget.HostedZoneId !== void 0) {
@@ -43669,7 +43737,7 @@ function reorderArgs(argv) {
 }
 async function main() {
   const program = new Command14();
-  program.name("cdkd").description("CDK Direct - Deploy AWS CDK apps directly via SDK/Cloud Control API").version("0.50.9");
+  program.name("cdkd").description("CDK Direct - Deploy AWS CDK apps directly via SDK/Cloud Control API").version("0.50.10");
   program.addCommand(createBootstrapCommand());
   program.addCommand(createSynthCommand());
   program.addCommand(createListCommand());