feat(gen2-migration): cfn drift detection#14303
Conversation
Resolves merge conflicts between drift detection functionality and gen2-migration branch. Key conflicts resolved: - drift.ts: Combined drift detection implementation with gen2-migration structure - package.json files: Merged dependency changes - gen2-migration files: Preserved gen2-migration functionality - yarn.lock: Resolved dependency conflicts
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| // Parse and format messages based on their content | ||
| if (msg.includes('Found') && msg.includes('nested')) { | ||
| // Extract indentation, count, and type | ||
| const indent = msg.match(/^(\s*)/)?.[1] || ''; |
Check notice
Code scanning / CodeQL
Unused variable, import, function or class Note
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 6 months ago
To fix the issue, we should remove the unused variable declaration at line 133 which reads the indentation from the incoming message string: const indent = msg.match(/^(\s*)/)?.[1] || '';. This statement is unnecessary and can be safely deleted. The rest of the block will continue to work correctly, as none of the output or logic depends on indent. Only this single variable declaration (the line itself) should be changed; all surrounding code should be left intact.
| @@ -130,7 +130,6 @@ | ||
| // Parse and format messages based on their content | ||
| if (msg.includes('Found') && msg.includes('nested')) { | ||
| // Extract indentation, count, and type | ||
| const indent = msg.match(/^(\s*)/)?.[1] || ''; | ||
| const count = msg.match(/Found (\d+)/)?.[1] || '0'; | ||
| const level = msg.match(/level (\d+)/)?.[1]; | ||
|
|
| // Extract indentation, count, and type | ||
| const indent = msg.match(/^(\s*)/)?.[1] || ''; | ||
| const count = msg.match(/Found (\d+)/)?.[1] || '0'; | ||
| const level = msg.match(/level (\d+)/)?.[1]; |
Check notice
Code scanning / CodeQL
Unused variable, import, function or class Note
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 6 months ago
To resolve the unused variable warning, delete the declaration and assignment of the level variable on line 135 within the createPrintObject function. Do not alter the rest of the logic: keep processing indent and count as before, since they are being used. Remove only level and its assignment, ensuring that indentation and code layout are preserved.
| @@ -132,7 +132,6 @@ | ||
| // Extract indentation, count, and type | ||
| const indent = msg.match(/^(\s*)/)?.[1] || ''; | ||
| const count = msg.match(/Found (\d+)/)?.[1] || '0'; | ||
| const level = msg.match(/level (\d+)/)?.[1]; | ||
|
|
||
| // Always show "Found X nested stack(s)" without indentation | ||
| printer.info(chalk.gray(`Found ${chalk.yellow(count)} nested stack(s)`)); |
| const exitCode = await detector.detect(options); | ||
|
|
||
| if (exitCode !== 0) { | ||
| process.exitCode = exitCode; |
There was a problem hiding this comment.
Prefer throwing an error (AmplifyError?) to make it clearer to the user the command failed
| }, | ||
| "packageManager": "yarn@3.5.0", | ||
| "resolutions": { | ||
| "@aws-sdk/client-cloudformation": "^3.624.0", |
| import chalk from 'chalk'; | ||
| import { detectStackDriftRecursive, type DriftDisplayFormat } from './drift-detection'; | ||
| import { CloudFormationService, AmplifyConfigService, FileService, DriftFormatter } from './drift-detection/services'; | ||
| import type { CloudFormationClient } from '@aws-sdk/client-cloudformation'; |
| import { $TSContext, AmplifyError } from '@aws-amplify/amplify-cli-core'; | ||
| import { printer } from '@aws-amplify/amplify-prompts'; | ||
| import chalk from 'chalk'; | ||
| import { detectStackDriftRecursive, type DriftDisplayFormat } from './drift-detection'; |
|
|
||
| // Display initial status | ||
| printer.info(''); | ||
| printer.info(chalk.cyan.bold(`Started Drift Detection for Project: ${projectName}`)); |
There was a problem hiding this comment.
We should also say which environment we are checking
| } | ||
| } | ||
| } catch (e) { | ||
| // If parsing fails, log and use the original value |
There was a problem hiding this comment.
If we are good with both a name and an ARN - why choose over the other?
|
|
||
| // Validate the extracted name | ||
| if (!nestedStackName || nestedStackName === nestedStack.PhysicalResourceId) { | ||
| logger.logInfo({ |
There was a problem hiding this comment.
Why validate if we are just logging?
| } | ||
|
|
||
| // Validate the extracted name | ||
| if (!nestedStackName || nestedStackName === nestedStack.PhysicalResourceId) { |
There was a problem hiding this comment.
Why not just use nestedStack.PhysicalResourceId and call it a day? what scenario are you trying to protect against?
| } | ||
| } | ||
|
|
||
| logger.logInfo({ |
There was a problem hiding this comment.
When are these being printed to screen? with --verbose?
| message: `detectStackDriftRecursive.nestedStack: ${nestedStack.LogicalResourceId}, ${nestedResults.rootStackDrifts.StackResourceDrifts?.length} direct resources, ${nestedResults.nestedStackDrifts.size} sub-stacks`, | ||
| }); | ||
| } catch (error: any) { | ||
| // Log error but continue checking other nested stacks |
There was a problem hiding this comment.
Yeah but again in the context of migration I would prefer this to fail - to be extra safe.
3 participants
Description of changes
Issue #, if available
Description of how you validated changes
Checklist
yarn testpassesBy submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.