Add tests for ecs module and its sub-modules

[rudransh-shrivastava]

Proposed change

Resolves #3665
Add tests for ecs module and its sub-modules

Checklist

• Required: I followed the contributing workflow
• Required: I verified that my code works as intended and resolves the issue as described
• Required: I ran make check-test locally: all warnings addressed, tests passed
• I used AI for code, documentation, tests, or communication related to this PR

[coderabbitai]

Summary by CodeRabbit

• Infrastructure Updates

  • Added ECR repository with image scanning enabled.
  • Updated ECR lifecycle policies to retain images for 7 days.
  • Implemented consistent naming conventions for IAM roles and policies.
  • Made scheduled task deployments optional via conditional configuration.

• Tests

  • Added comprehensive test suites for ECS infrastructure and task definitions.
  • Validates naming formats, capacity providers, and logging configurations.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

Walkthrough

This PR adds comprehensive Terraform tests for the ECS module and its task submodule while updating the AWS provider to version 6.22.0. It refactors ECS task scheduling to be conditional based on schedule expression, adds explicit naming and tags to IAM roles and policies, and restructures ECS task definitions. Two new test specification files validate infrastructure naming conventions, resource configurations, and conditional logic.

Changes

Cohort / File(s)	Summary
Terraform Provider Lock Files infrastructure/modules/ecs/.terraform.lock.hcl, infrastructure/modules/ecs/modules/task/.terraform.lock.hcl	Auto-generated lock files specifying AWS provider version 6.22.0 with corresponding hashes and constraints.
ECS Module Infrastructure infrastructure/modules/ecs/main.tf	Added aws_ecr_repository resource with image scanning; refactored ECR lifecycle policy to use action-based expiration rules for images older than 7 days; added explicit names and tags to IAM roles (ecs_task_role, event_bridge_role) and policies (ecs_tasks_execution_role_ssm_policy, ecs_tasks_execution_policy, event_bridge_ecs_policy).
ECS Task Submodule Infrastructure infrastructure/modules/ecs/modules/task/main.tf	Made CloudWatch event rule and target conditional on schedule_expression; restructured aws_ecs_task_definition to include top-level cpu, memory, and execution_role_arn attributes; reorganized container_definitions structure with image moved into container block; separated log group resource declaration.
ECS Module Tests infrastructure/modules/ecs/tests/ecs.tftest.hcl	New test specification validating ECS cluster naming format, capacity providers (FARGATE/FARGATE_SPOT), ECR repository naming and image scanning configuration, and IAM role/policy naming conventions.
ECS Task Submodule Tests infrastructure/modules/ecs/modules/task/tests/task.tftest.hcl	New test specification validating task definition family naming, network mode (awsvpc), Fargate compatibility, CPU/memory configuration, CloudWatch log group retention (90 days) and KMS encryption, and conditional EventBridge rule creation based on schedule_expression.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~22 minutes

Possibly related PRs

• Add CI/CD for staging deployment #3466 — Adds and adjusts aws_ecr_repository resource with related outputs and attributes in the ECS module.
• Improve ecs Module #2777 — Modifies ECR lifecycle policy logic and introduces custom IAM policies for ECS task execution and EventBridge.
• Make Improvements to Infrastructure Code #2812 — Updates ECS module provider lockfile version and modifies IAM/ECR resource attributes including tags and explicit naming.

Suggested labels

backend, ci

Suggested reviewers

• kasya
• arkid15r

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Out of Scope Changes check	❓ Inconclusive	Beyond adding test files, the PR includes infrastructure code updates (.terraform.lock.hcl files, modifications to main.tf files) that appear necessary to support the new tests but may warrant clarification.	Verify that the infrastructure changes (lock files, main.tf modifications for attributes like cpu, memory, image definitions) are required dependencies for the tests or refactor to isolate test-only changes.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and specifically describes the primary change: adding tests for the ecs module and its sub-modules, which aligns with the changeset.
Description check	✅ Passed	The description is directly related to the changeset, explaining the proposed change to add tests for the ecs module and its sub-modules, and references the resolved issue #3665.
Linked Issues check	✅ Passed	The pull request successfully implements the coding requirement from issue #3665 by adding comprehensive test files (.tftest.hcl) for both the ecs module and its task sub-module.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 85.50%. Comparing base (1a524d4) to head (b56a211).
⚠️ Report is 1 commits behind head on feature/nest-zappa-migration.

Additional details and impacted files

@@                      Coverage Diff                      @@
##           feature/nest-zappa-migration    #3691   +/-   ##
=============================================================
  Coverage                         85.50%   85.50%           
=============================================================
  Files                               463      463           
  Lines                             14271    14271           
  Branches                           1900     1900           
=============================================================
  Hits                              12202    12202           
  Misses                             1689     1689           
  Partials                            380      380           

Flag	Coverage Δ
backend	84.49% <ø> (ø)
frontend	88.27% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 1a524d4...b56a211. Read the comment docs.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[sonarqubecloud]

Quality Gate passed

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud