feat(ecs): enable fault injection flag #32598
Conversation
github-actions
bot
added
the
distinguished-contributor
There was a problem hiding this comment.
The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.
A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed add Clarification Request to a comment.
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #32598 +/- ##
=======================================
Coverage 81.52% 81.52%
=======================================
Files 222 222
Lines 13715 13715
Branches 2417 2417
=======================================
Hits 11181 11181
Misses 2254 2254
Partials 280 280
Flags with carried forward coverage won't be shown. Click here to find out more.
|
aws-cdk-automation
dismissed
their stale review
✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.
aws-cdk-automation
added
the
pr/needs-community-review
| memoryLimitMiB: 512, | ||
| }); | ||
|
|
||
| new IntegTest(app, 'TaskDefinitionEnableFaultInjection', { |
There was a problem hiding this comment.
Could you add assertions to a DescribeTaskDefinition API call? You should be able to retrieve the enableFaultInjection prop there
There was a problem hiding this comment.
I'm struggling to add integration test assertions.
The enable fault injection was correctly set to true in the management console after deployment.
However, the assertions are failing.
I'm not yet sure of the root cause, but I might need to update the SDK version used in the integ tests.
test.assertions.awsApiCall('@aws-sdk/client-ecs', 'DescribeTaskDefinition', {
taskDefinition: ec2TaskDefinition.taskDefinitionArn,
})
.expect(ExpectedResult.objectLike({
taskDefinition: {
enableFaultInjection: true,
},
})); ASSERT aws-ecs/test/integ.task-definition-enable-fault-injection-TaskDefinitionEnableFaultInjection/DefaultTest (undefined/us-east-1) 128.939s
AssertionResultsAwsApiCallawssdkclientecsDescribeTaskDefinitionfd8b5aaee373c34a7ec063a10e6c89a0
{
"tags": [],
"taskDefinition": {
"compatibilities": [ "EC2", "FARGATE" ],
"containerDefinitions": [ { ... } ],
"cpu": "256",
!! Missing key 'enableFaultInjection'
"enableFaultInjection": undefined,There was a problem hiding this comment.
I don't think it's a SDK issue, but one with the API, or at least its docs, as DescribeTaskDefinition should return enableFaultInjection, whether or not it was set. I'm not getting the property from the CLI either with aws ecs describe-task-definition, with both the EC2 or the Fargate definition.
Checking the task definition JSON in the web console does indicate that enableFaultInjection is being properly set by your integration, but I don't think we can test it as is. You could try to raise this issue with the AWS support but it might be better if a CDK team member could forward this issue.
There was a problem hiding this comment.
Thank you for the approval.
After updating the version in AWS CLI, I was able to retrieve it using describe-task-definition by AWS CLI.
Therefore, I think it might be an issue with a tool.
I'll investigate this further separately from this PR.
There was a problem hiding this comment.
You're absolutely right, I upgraded my CLI from 2.22.7 to 2.22.23 and the field now appears:
$ aws ecs describe-task-definition --task-definition <arn> | jq '.taskDefinition.enableFaultInjection'
trueI assumed the AWS API would do all the work with describe* commands, but I guess either the implementations map the results, or the API only returns certain fields after a certain version? Either way, kind of odd.
From what I can tell, since it's no longer documented, Node Lambdas ship with version 3.632.0 of the SDK (at least on us-east-1), so there's not much we can do about this as the assertions are ran on a custom resource. I don't think it's worth bundling and shipping the SDK for the version lag we're experiencing, even if this version is over 4 months old
aws-cdk-automation
removed
the
pr/needs-community-review
Co-authored-by: Jimmy Gaussen <[email protected]>
Co-authored-by: Jimmy Gaussen <[email protected]>
Co-authored-by: Jimmy Gaussen <[email protected]>
aws-cdk-automation
added
the
pr/needs-maintainer-review
godwingrs22
changed the title
There was a problem hiding this comment.
Thanks @mazyu36 for the contribution. LGTM overall. Just left two nit comments.
| if (props.enableFaultInjection && ![NetworkMode.AWS_VPC, NetworkMode.HOST].includes(this.networkMode)) { | ||
| throw new Error(`Only AWS_VPC and HOST Network Modes are supported for enabling Fault Injection, got ${this.networkMode} mode.`); | ||
| } | ||
|
|
There was a problem hiding this comment.
nit: It would be good to mention the behaviour link also above this code as a comment.
There was a problem hiding this comment.
Thanks. I've added the link.
| @@ -514,6 +527,7 @@ export class TaskDefinition extends TaskDefinitionBase { | |||
| cpuArchitecture: this.runtimePlatform?.cpuArchitecture?._cpuArchitecture, | |||
| operatingSystemFamily: this.runtimePlatform?.operatingSystemFamily?._operatingSystemFamily, | |||
| } : undefined, | |||
| enableFaultInjection: props.enableFaultInjection, | |||
There was a problem hiding this comment.
nit: since the enableFaultInjection is default false (as mentioned in jsdoc), it would be better we specify as false instead of leaving it as undefined. This ensures the default behavior is clear.
enableFaultInjection: props.enableFaultInjection ?? false
There was a problem hiding this comment.
In my understanding, if default false is set, all existing templates will change, and it should be avoided.
I have fixed the JSDoc. Please correct me if I'm wrong.
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
aws-cdk-automation
removed
the
pr/needs-maintainer-review
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
|
@Mergifyio update |
✅ Branch has been successfully updated |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
|
Comments on closed issues and PRs are hard for our team to see. |
Issue # (if applicable)
N/A
Reason for this change
Add a missing property.
Description of changes
Add
enableFaultInjectionproperty.Describe any new or updated permissions being added
No
Description of how you validated changes
Add unit test and integ test
Checklist
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license