feat(ecs): enable fault injection flag

[mazyu36]

Issue # (if applicable)

N/A

Reason for this change

Add a missing property.

Description of changes

Add enableFaultInjection property.

Describe any new or updated permissions being added

No

Description of how you validated changes

Add unit test and integ test

Checklist

• My code adheres to the CONTRIBUTING GUIDE and DESIGN GUIDELINES

---

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

[aws-cdk-automation]

The pull request linter has failed. See the aws-cdk-automation comment below for failure reasons. If you believe this pull request should receive an exemption, please comment and provide a justification.

A comment requesting an exemption should contain the text Exemption Request. Additionally, if clarification is needed add Clarification Request to a comment.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 81.52%. Comparing base (3606deb) to head (11b6572).

Additional details and impacted files

@@           Coverage Diff           @@
##             main   #32598   +/-   ##
=======================================
  Coverage   81.52%   81.52%           
=======================================
  Files         222      222           
  Lines       13715    13715           
  Branches     2417     2417           
=======================================
  Hits        11181    11181           
  Misses       2254     2254           
  Partials      280      280           

Flag	Coverage Δ
suite.unit	81.52% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Components	Coverage Δ
packages/aws-cdk	80.97% <ø> (ø)
packages/aws-cdk-lib/core	82.09% <ø> (ø)

✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.

[nmussy]

LGTM, mostly docs nits and additional integ coverage 👍

[nmussy]

Could you add assertions to a DescribeTaskDefinition API call? You should be able to retrieve the enableFaultInjection prop there

[mazyu36]

I'm struggling to add integration test assertions.

The enable fault injection was correctly set to true in the management console after deployment.

However, the assertions are failing.
I'm not yet sure of the root cause, but I might need to update the SDK version used in the integ tests.

test.assertions.awsApiCall('@aws-sdk/client-ecs', 'DescribeTaskDefinition', {
  taskDefinition: ec2TaskDefinition.taskDefinitionArn,
})
  .expect(ExpectedResult.objectLike({
    taskDefinition: {
      enableFaultInjection: true,
    },
  }));

  ASSERT     aws-ecs/test/integ.task-definition-enable-fault-injection-TaskDefinitionEnableFaultInjection/DefaultTest (undefined/us-east-1) 128.939s
      AssertionResultsAwsApiCallawssdkclientecsDescribeTaskDefinitionfd8b5aaee373c34a7ec063a10e6c89a0
{
  "tags": [],
  "taskDefinition": {
    "compatibilities": [ "EC2", "FARGATE" ],
    "containerDefinitions": [ { ... } ],
    "cpu": "256",
!!   Missing key 'enableFaultInjection'
    "enableFaultInjection": undefined,

[nmussy]

I don't think it's a SDK issue, but one with the API, or at least its docs, as DescribeTaskDefinition should return enableFaultInjection, whether or not it was set. I'm not getting the property from the CLI either with aws ecs describe-task-definition, with both the EC2 or the Fargate definition.

Checking the task definition JSON in the web console does indicate that enableFaultInjection is being properly set by your integration, but I don't think we can test it as is. You could try to raise this issue with the AWS support but it might be better if a CDK team member could forward this issue.

[mazyu36]

Thank you for the approval.
After updating the version in AWS CLI, I was able to retrieve it using describe-task-definition by AWS CLI.
Therefore, I think it might be an issue with a tool.

I'll investigate this further separately from this PR.​​​​​​​​​​​​​​​​

[nmussy]

You're absolutely right, I upgraded my CLI from 2.22.7 to 2.22.23 and the field now appears:

$ aws ecs describe-task-definition --task-definition <arn> | jq '.taskDefinition.enableFaultInjection'
true

I assumed the AWS API would do all the work with describe* commands, but I guess either the implementations map the results, or the API only returns certain fields after a certain version? Either way, kind of odd.

From what I can tell, since it's no longer documented, Node Lambdas ship with version 3.632.0 of the SDK (at least on us-east-1), so there's not much we can do about this as the assertions are ran on a custom resource. I don't think it's worth bundling and shipping the SDK for the version lag we're experiencing, even if this version is over 4 months old

[godwingrs22]

Thanks @mazyu36 for the contribution. LGTM overall. Just left two nit comments.

[godwingrs22]

nit: It would be good to mention the behaviour link also above this code as a comment.

[mazyu36]

Thanks. I've added the link.

[godwingrs22]

nit: since the enableFaultInjection is default false (as mentioned in jsdoc), it would be better we specify as false instead of leaving it as undefined. This ensures the default behavior is clear.

enableFaultInjection: props.enableFaultInjection ?? false

[mazyu36]

In my understanding, if default false is set, all existing templates will change, and it should be avoided.
I have fixed the JSDoc. Please correct me if I'm wrong.

[mergify]

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

[mergify]

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

[godwingrs22]

@Mergifyio update

[mergify]

update

✅ Branch has been successfully updated

[aws-cdk-automation]

AWS CodeBuild CI Report

• CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
• Commit ID: 11b6572
• Result: SUCCEEDED
• Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

[mergify]

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

[github-actions]

Comments on closed issues and PRs are hard for our team to see.
If you need help, please open a new issue that references this one.