npm - @go-to-k/cdkd - Versions diffs - 0.86.0 → 0.87.0 - Mend

@go-to-k/cdkd 0.86.0 → 0.87.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/cli.js +154 -27
package/dist/cli.js.map +3 -3
package/dist/go-to-k-cdkd-0.87.0.tgz +0 -0
package/package.json +1 -1
package/dist/go-to-k-cdkd-0.86.0.tgz +0 -0

package/dist/cli.js CHANGED Viewed

@@ -79270,7 +79270,8 @@ import {
   DescribeTypeCommand,
   DeleteChangeSetCommand,
   waitUntilChangeSetCreateComplete,
-  waitUntilStackImportComplete
+  waitUntilStackImportComplete,
+  waitUntilStackUpdateComplete as waitUntilStackUpdateComplete2
 } from "@aws-sdk/client-cloudformation";
 init_aws_clients();
 var NEVER_IMPORTABLE_TYPES = /* @__PURE__ */ new Set([
@@ -79457,39 +79458,90 @@ async function exportCommand(stackArg, options) {
       }
     }
     try {
-      const { plan, skipped } = await buildImportPlan(state, template, awsClients.cloudFormation);
-      if (skipped.length > 0) {
+      const { phase1Imports, phase2Creates, blocked } = await buildImportPlan(
+        state,
+        template,
+        awsClients.cloudFormation
+      );
+      if (blocked.length > 0) {
+        logger.error("The following resources block migration:");
+        for (const b of blocked) {
+          logger.error(`  - ${b.logicalId} (${b.resourceType}): ${b.reason}`);
+        }
+        throw new Error(
+          `${blocked.length} resource(s) block migration. Either destroy them first (cdkd destroy / cdkd state destroy cherry-picked), or remove them from the CDK app and re-synthesize.`
+        );
+      }
+      if (phase2Creates.length > 0 && !options.includeNonImportable) {
         logger.error("The following resources cannot be imported into CloudFormation:");
-        for (const s of skipped) {
-          logger.error(`  - ${s.logicalId} (${s.resourceType}): ${s.reason}`);
+        for (const p of phase2Creates) {
+          logger.error(`  - ${p.logicalId} (${p.resourceType}): CFn cannot import this type`);
         }
         throw new Error(
-          `${skipped.length} resource(s) cannot be imported. CloudFormation IMPORT requires every template resource to map to an importable AWS resource. Either destroy these resources first (cdkd destroy / cdkd state destroy cherry-picked), or accept abandoning them by removing them from the CDK app and re-synthesizing.`
+          `${phase2Creates.length} non-importable resource(s) detected (Custom::*). Pass --include-non-importable to run a 2-phase migration: phase 1 imports the importable resources; phase 2 CFn-CREATEs the non-importable ones (re-invoking each Custom Resource's backing Lambda onCreate handler \u2014 make sure those are idempotent). Or destroy these resources first.`
         );
       }
-      if (plan.length === 0) {
-        logger.warn("No resources to import \u2014 cdkd state is empty.");
+      if (phase1Imports.length === 0 && phase2Creates.length === 0) {
+        logger.warn("No resources to migrate \u2014 cdkd state is empty.");
         return;
       }
-      printPlan(plan, cfnStackName);
+      if (phase1Imports.length === 0) {
+        throw new Error(
+          "No importable resources in the template. CloudFormation IMPORT changeset requires at least one importable resource for phase 1."
+        );
+      }
+      printPlan(phase1Imports, cfnStackName);
+      if (phase2Creates.length > 0) {
+        logger.info(`Phase 2 will CREATE ${phase2Creates.length} non-importable resource(s):`);
+        for (const p of phase2Creates) {
+          logger.info(`  ${p.logicalId} (${p.resourceType})`);
+        }
+        logger.info("");
+      }
       if (options.dryRun) {
         logger.info("--dry-run: no CloudFormation changeset will be created.");
         return;
       }
       if (!options.yes) {
+        const phase2Note = phase2Creates.length > 0 ? ` Phase 2 will then CREATE ${phase2Creates.length} non-importable resource(s) (invoking each Custom Resource's onCreate handler).` : "";
         const ok = await confirmPrompt6(
-          `Create CloudFormation stack '${cfnStackName}' by importing ${plan.length} resource(s) from cdkd state '${resolvedStackName}' (${targetRegion})? AWS resources are unchanged. cdkd state for '${resolvedStackName}' will be deleted on success.`
+          `Create CloudFormation stack '${cfnStackName}' by importing ${phase1Imports.length} resource(s) from cdkd state '${resolvedStackName}' (${targetRegion})?` + phase2Note + ` AWS resources are unchanged on import. cdkd state for '${resolvedStackName}' will be deleted on success.`
         );
         if (!ok) {
           logger.info("Migration cancelled. cdkd state and CloudFormation are unchanged.");
           return;
         }
       }
-      const filteredTemplate = filterTemplateForImport(template, plan);
-      await executeImportChangeSet(awsClients.cloudFormation, cfnStackName, filteredTemplate, plan);
+      const phase1Template = filterTemplateForImport(template, phase1Imports);
+      await executeImportChangeSet(
+        awsClients.cloudFormation,
+        cfnStackName,
+        phase1Template,
+        phase1Imports
+      );
       logger.info(
-        `\u2713 CloudFormation stack '${cfnStackName}' created via IMPORT. ${plan.length} resource(s) are now managed by CloudFormation.`
+        `\u2713 Phase 1: CloudFormation stack '${cfnStackName}' created via IMPORT. ${phase1Imports.length} resource(s) imported.`
       );
+      if (phase2Creates.length > 0) {
+        try {
+          await executeUpdateChangeSet(awsClients.cloudFormation, cfnStackName, template);
+          logger.info(`\u2713 Phase 2: ${phase2Creates.length} non-importable resource(s) CREATEd.`);
+        } catch (err) {
+          const msg = err instanceof Error ? err.message : String(err);
+          throw new Error(
+            `Phase 1 (IMPORT) succeeded; phase 2 (UPDATE) failed: ${msg}
+The CloudFormation stack '${cfnStackName}' now contains the imported resources but is missing the ${phase2Creates.length} non-importable resource(s). cdkd state is UNCHANGED so you can inspect what's in it, but DO NOT run \`cdkd deploy\` against this stack (the imported resources are now CFn-managed). To recover:
+  1. Fix the failure cause (typically an onCreate Lambda error).
+  2. Re-run the phase 2 UPDATE manually with the full synth template:
+       aws cloudformation create-change-set --stack-name ${cfnStackName} \\
+         --change-set-name cdkd-phase2-retry --change-set-type UPDATE \\
+         --template-body file://<full-template.json>
+  3. Once phase 2 succeeds, run: cdkd state orphan ${resolvedStackName}
+     to clean up cdkd's stale state record.`
+          );
+        }
+      }
       await stateBackend.deleteState(resolvedStackName, targetRegion);
       logger.info(
         `cdkd state for '${resolvedStackName}' (${targetRegion}) removed. Manage the stack with 'cdk deploy' or 'aws cloudformation' from here on.`
@@ -79585,13 +79637,17 @@ async function assertCfnStackAbsent(cfnClient, stackName) {
     throw err;
   }
 }
+function isPhase2CreatableType(resourceType) {
+  return resourceType.startsWith("Custom::");
+}
 async function buildImportPlan(state, template, cfnClient) {
   const templateResources = template["Resources"];
   if (!templateResources || typeof templateResources !== "object" || Array.isArray(templateResources)) {
     throw new Error("Template has no Resources section.");
   }
-  const plan = [];
-  const skipped = [];
+  const phase1Imports = [];
+  const phase2Creates = [];
+  const blocked = [];
   const identifierCache = /* @__PURE__ */ new Map();
   for (const [logicalId, raw] of Object.entries(templateResources)) {
     if (!raw || typeof raw !== "object" || Array.isArray(raw))
@@ -79600,19 +79656,24 @@ async function buildImportPlan(state, template, cfnClient) {
     const resourceType = resource.Type ?? "";
     if (!resourceType)
       continue;
+    if (resourceType === "AWS::CDK::Metadata") {
+      continue;
+    }
     if (isNeverImportableType(resourceType)) {
-      if (resourceType === "AWS::CDK::Metadata")
-        continue;
-      skipped.push({
-        logicalId,
-        resourceType,
-        reason: "CloudFormation IMPORT does not support this resource type"
-      });
+      if (isPhase2CreatableType(resourceType)) {
+        phase2Creates.push({ logicalId, resourceType });
+      } else {
+        blocked.push({
+          logicalId,
+          resourceType,
+          reason: "CloudFormation cannot import or recreate this resource type"
+        });
+      }
       continue;
     }
     const stateEntry = state.resources[logicalId];
     if (!stateEntry || !stateEntry.physicalId) {
-      skipped.push({
+      blocked.push({
         logicalId,
         resourceType,
         reason: "no entry in cdkd state (resource is in template but was not deployed by cdkd)"
@@ -79628,21 +79689,21 @@ async function buildImportPlan(state, template, cfnClient) {
         identifierCache
       );
     } catch (err) {
-      skipped.push({
+      blocked.push({
         logicalId,
         resourceType,
         reason: "could not resolve resource identifier: " + (err instanceof Error ? err.message : String(err))
       });
       continue;
     }
-    plan.push({
+    phase1Imports.push({
       logicalId,
       resourceType,
       physicalId: stateEntry.physicalId,
       resourceIdentifier
     });
   }
-  return { plan, skipped };
+  return { phase1Imports, phase2Creates, blocked };
 }
 async function resolveResourceIdentifier(resourceType, physicalId, cfnClient, cache2) {
   let entry = cache2.get(resourceType);
@@ -79831,6 +79892,68 @@ async function executeImportChangeSet(cfnClient, stackName, template, plan) {
     throw err;
   }
 }
+async function executeUpdateChangeSet(cfnClient, stackName, template) {
+  const logger = getLogger();
+  const changeSetName = `cdkd-phase2-${Date.now()}`;
+  const templateBody = JSON.stringify(template, null, 2);
+  if (templateBody.length > 51200) {
+    throw new Error(
+      `Full template is ${templateBody.length} bytes, over the 51,200-byte inline TemplateBody limit for phase-2 UPDATE. TemplateURL upload is not yet implemented.`
+    );
+  }
+  logger.info(
+    `Creating UPDATE changeset '${changeSetName}' for phase 2 (${templateBody.length} bytes)...`
+  );
+  try {
+    await cfnClient.send(
+      new CreateChangeSetCommand({
+        StackName: stackName,
+        ChangeSetName: changeSetName,
+        ChangeSetType: "UPDATE",
+        TemplateBody: templateBody,
+        Capabilities: ["CAPABILITY_IAM", "CAPABILITY_NAMED_IAM", "CAPABILITY_AUTO_EXPAND"]
+      })
+    );
+  } catch (err) {
+    const msg = err instanceof Error ? err.message : String(err);
+    throw new Error(`Failed to create UPDATE changeset: ${msg}`);
+  }
+  try {
+    await waitUntilChangeSetCreateComplete(
+      { client: cfnClient, maxWaitTime: 600 },
+      { StackName: stackName, ChangeSetName: changeSetName }
+    );
+  } catch (err) {
+    try {
+      const desc = await cfnClient.send(
+        new DescribeChangeSetCommand({ StackName: stackName, ChangeSetName: changeSetName })
+      );
+      const reason = desc.StatusReason ?? "unknown";
+      await cfnClient.send(new DeleteChangeSetCommand({ StackName: stackName, ChangeSetName: changeSetName })).catch(() => {
+      });
+      throw new Error(`UPDATE changeset FAILED: ${reason}`);
+    } catch (innerErr) {
+      if (innerErr instanceof Error && innerErr.message.startsWith("UPDATE changeset FAILED")) {
+        throw innerErr;
+      }
+      throw err;
+    }
+  }
+  logger.info(`Executing UPDATE changeset...`);
+  try {
+    await cfnClient.send(
+      new ExecuteChangeSetCommand({ StackName: stackName, ChangeSetName: changeSetName })
+    );
+    await waitUntilStackUpdateComplete2(
+      { client: cfnClient, maxWaitTime: 3600 },
+      { StackName: stackName }
+    );
+  } catch (err) {
+    await cfnClient.send(new DeleteChangeSetCommand({ StackName: stackName, ChangeSetName: changeSetName })).catch(() => {
+    });
+    throw err;
+  }
+}
 function refuseTransientContextIfUnsafe(options) {
   const overrides = options.context ?? [];
   if (overrides.length === 0)
@@ -79900,6 +80023,10 @@ function createExportCommand() {
     "--accept-transient-context",
     "Allow CLI -c key=value overrides at export time even though they are not persisted to cdk.json / cdk.context.json (default: refuse). When set, the user is responsible for passing the same -c flags to every future cdk deploy.",
     false
+  ).option(
+    "--include-non-importable",
+    "Run a 2-phase migration when the stack contains non-importable resources (Custom::*). Phase 1 imports the importable resources; phase 2 CFn-CREATEs the non-importable ones, which re-invokes each Custom Resource's onCreate handler. Make sure onCreate is idempotent before enabling.",
+    false
   ).action(withErrorHandling(exportCommand));
   [...commonOptions, ...appOptions, ...stateOptions, ...contextOptions].forEach(
     (opt) => cmd.addOption(opt)
@@ -79938,7 +80065,7 @@ function reorderArgs(argv) {
 }
 async function main() {
   const program = new Command18();
-  program.name("cdkd").description("CDK Direct - Deploy AWS CDK apps directly via SDK/Cloud Control API").version("0.86.0");
+  program.name("cdkd").description("CDK Direct - Deploy AWS CDK apps directly via SDK/Cloud Control API").version("0.87.0");
   program.addCommand(createBootstrapCommand());
   program.addCommand(createSynthCommand());
   program.addCommand(createListCommand());