From bf498e4201a3cf80fb742e2121c7931ff67c1aaf Mon Sep 17 00:00:00 2001
From: akash1810 <akash1810@users.noreply.github.com>
Date: Thu, 25 Jan 2024 10:39:59 +0000
Subject: [PATCH] feat(cdk): Enable local CFN stack diffing
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

It is sometimes useful to see the delta between the current branch and the CODE CloudFormation stack.

This change allows us to run:

```bash
npm -w cdk run diff:code
```

to yield something like this:

```console
Stack ServiceCatalogue-CODE (deploy-CODE-service-catalogue)
Creating a change set, this may take a while...
IAM Policy Changes
┌───┬─────────────────────────────────────┬────────────────────────────────────────┐
│   │ Resource                            │ Managed Policy ARN                     │
├───┼─────────────────────────────────────┼────────────────────────────────────────┤
│ - │ ${steampipeTaskDefinition/TaskRole} │ arn:aws:iam::aws:policy/ReadOnlyAccess │
└───┴─────────────────────────────────────┴────────────────────────────────────────┘
(NOTE: There may be security-related changes not in this list. See https://github.com/aws/aws-cdk/issues/1299)

Resources
[~] AWS::IAM::Role steampipeTaskDefinition/TaskRole steampipeTaskDefinitionTaskRole8DC44379
 └─ [-] ManagedPolicyArns
     └─ ["arn:aws:iam::aws:policy/ReadOnlyAccess"]
[~] AWS::ECS::TaskDefinition steampipeTaskDefinition steampipeTaskDefinition767BA166 replace
 └─ [~] ContainerDefinitions (requires replacement)
     └─ @@ -11,7 +11,7 @@
        [ ]   "App": "service-catalogue"
        [ ] },
        [ ] "Essential": true,
        [-] "Image": "ghcr.io/guardian/service-catalogue/steampipe:2",
        [+] "Image": "ghcr.io/guardian/service-catalogue/steampipe:1",
        [ ] "LogConfiguration": {
        [ ]   "LogDriver": "awsfirelens",
        [ ]   "Options": {

✨  Number of stacks with differences: 1
```
---
 packages/cdk/bin/cdk.ts   | 2 ++
 packages/cdk/package.json | 3 ++-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/packages/cdk/bin/cdk.ts b/packages/cdk/bin/cdk.ts
index ca83e628c..0aaee6115 100644
--- a/packages/cdk/bin/cdk.ts
+++ b/packages/cdk/bin/cdk.ts
@@ -11,6 +11,7 @@ new ServiceCatalogue(app, 'ServiceCatalogue-PROD', {
 	stage: 'PROD',
 	env: { region: 'eu-west-1' },
 	steampipeDomainName: 'steampipe.gutools.co.uk',
+	cloudFormationStackName: 'deploy-PROD-service-catalogue',
 });
 
 new ServiceCatalogue(app, 'ServiceCatalogue-CODE', {
@@ -20,4 +21,5 @@ new ServiceCatalogue(app, 'ServiceCatalogue-CODE', {
 	schedule: Schedule.rate(Duration.days(30)),
 	rdsDeletionProtection: false,
 	steampipeDomainName: 'steampipe.code.dev-gutools.co.uk',
+	cloudFormationStackName: 'deploy-CODE-service-catalogue',
 });
diff --git a/packages/cdk/package.json b/packages/cdk/package.json
index fdeb527fd..f5b9ca758 100644
--- a/packages/cdk/package.json
+++ b/packages/cdk/package.json
@@ -3,7 +3,8 @@
   "version": "1.0.0",
   "scripts": {
     "test": "jest --detectOpenHandles --config ../../jest.config.js --selectProjects cdk",
-    "synth": "cdk synth --path-metadata false --version-reporting false"
+    "synth": "cdk synth --path-metadata false --version-reporting false",
+    "diff:code": "cdk diff --path-metadata false --version-reporting false --profile deployTools ServiceCatalogue-CODE"
   },
   "devDependencies": {
     "@guardian/cdk": "53.0.3",