Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(core): set (default) stack termination protection on (parent) stage level #33239

Open
wants to merge 12 commits into
base: main
Choose a base branch
from
Open

feat(core): set (default) stack termination protection on (parent) stage level #33239

wants to merge 12 commits into from

Conversation

aripalo
Copy link

@aripalo aripalo commented Jan 30, 2025
edited
Loading

Issue

Closes #31449.

This is a new pull request, since the previous one did not receive any activity/communication and had some CI quality gate check issues, so trying again if this time there's a change for getting this merged!

Reason for this change

New feature: Enable setting Stack (default) termination protection on (parent) Stage level.

Description of changes

Changes to cdk.Stage:

  1. Introduce new optional terminationProtection into StageProps
  2. The Stage exposes the value as a readonly property
  3. When nesting Stages: A Stage can inherit the terminationProtection property from parent stage, but also it can be overriden by child Stages

Changes to cdk.Stack:

  1. Stack inherits the terminationProtection from parent Stage – unless overriden on Stack level
  2. If terminationProtection is not set in the Stack level or in any of its parent Stages, the value will default to false as before – hence this is NOT a breaking change.

Describe any new or updated permissions being added

None.

Description of how you validated changes

I've originally done a PoC in my own codebase (by extending cdk.Stage).

After modifications into aws-cdk codebase:

  • I've added new unit tests into:
    • packages/aws-cdk-lib/core/test/stage.test.ts
    • packages/aws-cdk-lib/core/test/stack.test.ts
  • I've added new integ-test into packages/@aws-cdk-testing/framework-integ/test/core/test/integ.stage-termination-protection.ts (which verifies the termination protection) and updated the snapshots

Checklist

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@github-actions github-actions bot added effort/medium Medium work item – several days of effort feature-request A feature should be added or improved. p2 labels Jan 30, 2025
@aws-cdk-automation aws-cdk-automation requested a review from a team January 30, 2025 15:25
@github-actions github-actions bot added the beginning-contributor [Pilot] contributed between 0-2 PRs to the CDK label Jan 30, 2025
aws-cdk-automation
aws-cdk-automation previously requested changes Jan 30, 2025
View reviewed changes
Copy link
Collaborator

@aws-cdk-automation aws-cdk-automation left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

(This review is outdated)

@aws-cdk-automation aws-cdk-automation dismissed their stale review January 30, 2025 18:08

✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.

@aripalo aripalo marked this pull request as ready for review January 30, 2025 18:41
@aripalo aripalo requested a review from a team as a code owner January 30, 2025 18:41
@aripalo aripalo mentioned this pull request Jan 30, 2025
Open
2 tasks
@aws-cdk-automation aws-cdk-automation added the pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member. label Jan 30, 2025
@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
  • Commit ID: 67387b0
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@github-actions github-actions bot mentioned this pull request Feb 1, 2025
Open
lpizzinidev
lpizzinidev suggested changes Feb 1, 2025
View reviewed changes
Copy link
Contributor

@lpizzinidev lpizzinidev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a new pull request, since the #31450 did not receive any activity/communication and had some CI quality gate check issues, so trying again if this time there's a change for getting this merged!

Sorry for that 😢 Left comments for minor adjustments. Otherwise LGTM!

packages/aws-cdk-lib/core/README.md
Comment on lines +1316 to +1322
You can also set termination protection via any parent stage and it will be inherit by all child stacks (unless overridden on stack level):
```ts
const stage = new Stage(app, 'StageName', {
terminationProtection: true,
});
const stack = new Stack(stage, 'StackName', {});
```
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
You can also set termination protection via any parent stage and it will be inherit by all child stacks (unless overridden on stack level):
```ts
const stage = new Stage(app, 'StageName', {
terminationProtection: true,
});
const stack = new Stack(stage, 'StackName', {});
```
You can also set termination protection via any parent stage and it will be inherited by all child stacks (unless overridden on stack level):
```ts
const stage = new Stage(app, 'StageName', {
terminationProtection: true,
});
const stack = new Stack(stage, 'StackName', {});

packages/aws-cdk-lib/core/lib/stage.ts
/**
* Whether to enable termination protection for stacks in this stage.
*
* @default - The termination protection should be configured on the `Stack`s.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
* @default - The termination protection should be configured on the `Stack`s.
* @default - The termination protection configured on the child `Stack`s.

packages/aws-cdk-lib/core/test/stage.test.ts
@@ -337,6 +337,64 @@ describe('stage', () => {
});
});

test('Stack inherits termination protection from Stage', () => {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you please move these to the describe('stage') section?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lpizzinidev lpizzinidev lpizzinidev requested changes

@aws-cdk-automation aws-cdk-automation aws-cdk-automation left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
beginning-contributor [Pilot] contributed between 0-2 PRs to the CDK effort/medium Medium work item – several days of effort feature-request A feature should be added or improved. p2 pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

(core): Ability to set Stack termination protection on Stage level (and inherit by Stacks within it)
3 participants
@aripalo @aws-cdk-automation @lpizzinidev