fix(core): implicit Aspect applications do not override custom Aspect applications #34132
Conversation
… applications Some CDK methods apply mutatinhg Aspects on behalf of users. Since #32333, these Aspects have a priority of `MUTATING` to classify their behavior. If a user-applied Aspect (priority `DEFAULT`) now configures the same property as an implicitly added Aspect: * Before that change, the relative execution order depended on the location of the Aspects in the construct tree. * After that change, the user Aspect always "wins" (executes last) because its priority is higher. In this change, we introduce a feature flag which gives the Aspects introduced in #32333 that users are likely to override a priority only if the feature flag is enabled. This change does not affect users have given their own Aspects a `MUTATING` priority as well since 2.172.0. Did not touch the following Aspects: - In `integ-tests-alpha`: overriding logical IDs in assertions stacks does not affect production infrastructure. - Tags: tags are exclusively manipulated through the official APIs, so there no conflict between custom and implicit Aspects. - CDK Pipelines: there cannot be a conflict because the customer can't create a default pipeline before the implicit Aspect.
rix0rrr
added
the
pr-linter/exempt-integ-test
aws-cdk-automation
dismissed
their stale review
✅ Updated pull request passes all PRLinter validations. Dismissing previous PRLinter review.
aws-cdk-automation
added
the
pr/needs-maintainer-review
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
There was a problem hiding this comment.
What about:
Also, you mention:
Tags: tags are exclusively manipulated through the official APIs, so there no conflict between custom and implicit Aspects
Can you elaborate? is it not possible that both Tags and a user defined aspect look at the same .tags property of construct?
packages/@aws-cdk/aws-servicecatalogappregistry-alpha/lib/application-associator.ts
Show resolved
Hide resolved
| @@ -1464,6 +1469,39 @@ export const FLAGS: Record<string, FlagInfo> = { | |||
| }, | |||
|
|
|||
| ////////////////////////////////////////////////////////////////////// | |||
| [ASPECT_PRIORITIES_MUTATING]: { | |||
| type: FlagType.ApiDefault, | |||
| summary: 'When set to true, Aspects added by the construct library on your behalf will be given a priority of MUTATING.', | |||
There was a problem hiding this comment.
All aspects will be given MUTATING, or just ones that actually mutate?
There was a problem hiding this comment.
I don't think we add any non-mutating aspects.
There was a problem hiding this comment.
Well this only affects pre-2.172.0 aspects anyway. Aspects added in the future don't have backwards compatibility concerns.
packages/aws-cdk-lib/custom-resources/lib/custom-resource-config/custom-resource-config.ts
Outdated
Show resolved
Hide resolved
|
This pull request has been removed from the queue for the following reason: Pull request #34132 has been dequeued, merge conditions unmatch:
You should look at the reason for the failure and decide if the pull request needs to be fixed or if you want to requeue it. |
Co-authored-by: Eli Polonsky <[email protected]>
aws-cdk-automation
removed
the
pr/needs-maintainer-review
|
Re: RemovalPolicies and Tags.
The reason I didn't do those initially was "blast radius reduction". It is of course possible that a user defined aspect touches those values, but there are well-established and well-known APIs for manipulating them. Since we are protecting solely against the case where a custom aspect picks a default value, and relies on a built-in API to override that default... I figured it is just just unlikely that people would do that, plus they are so widely-used that I considered changing them (again) a little scary. On the other hand, given that we changed their behavior months ago and we haven't heard anyone complain about it, it should be equally safe to change that behavior back for consistency's sake. Guess I'll do that. |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
|
Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
|
Comments on closed issues and PRs are hard for our team to see. |
Some CDK methods apply mutating Aspects on behalf of users. Since #32333, these Aspects have a priority of
MUTATINGto classify their behavior.If a user-applied Aspect (priority
DEFAULT) now configures the same property as an implicitly added Aspect:In this change, we roll back to the behavior from pre-2.172.0, and introduce a feature flag which gives the Aspects a priority only if the feature flag is enabled. This introduces the feature flag:
{ "context": { "@aws-cdk/core:aspectPrioritiesMutating": true } }Which sets the priority of Aspects added on your behalf a priority of
MUTATING(200) (instead of the defaultDEFAULT, 500).MUTATINGalready to make sure it can get overridden by another Aspect of priorityMUTATING, this current change will not affect you (either with or without feature flag).Did not touch the following Aspects:
integ-tests-alpha: overriding logical IDs in assertions stacks does not affect production infrastructure.This PR also introduces some slight rendering and documentation changes to the feature flags to improve clarity of the purpose of certain fields and the produced report.