github ministackorg/ministack v1.3.57
on GitHub

8 hours ago

What's Changed

New Contributors

[1.3.57] — 2026-06-03

Added

  • EC2 Fleet — CreateFleet + DescribeFleets — Tier-1 capacity allocation: parses TargetCapacitySpecification (incl. DefaultTargetCapacityType for spot vs on-demand), LaunchTemplateConfigs[*] with Overrides[*], and TagSpecifications. Type=instant launches synchronously and returns the populated Instances / Errors blocks; Type=maintain / request return FleetId alone with ActivityStatus=pending_fulfillment and FulfilledCapacity=0 per the AWS contract. Total capacity is round-robin distributed across every (config, override) slot, with one Instances[*] item per non-empty slot carrying its own LaunchTemplateAndOverrides. DescribeFleets on an unknown FleetId returns InvalidFleetId.NotFound (was silently empty). Unblocks Karpenter / Cluster Autoscaler local validation. Contributed by @b-rajesh.
  • EKS — OIDC Identity Provider ConfigAssociateIdentityProviderConfig, DescribeIdentityProviderConfig, DisassociateIdentityProviderConfig at /clusters/{name}/identity-provider-configs/{verb}. Required-field validation (oidc.identityProviderConfigName, issuerUrl, clientId); duplicate or any-second OIDC config rejected with ResourceInUseException (real AWS allows one OIDC IdP per cluster); IdP ARN arn:aws:eks:{region}:{account}:identityproviderconfig/{cluster}/oidc/{name}/{uuid} returned at associate time and stable across describes so Terraform / CDK / Pulumi don't see drift; tags wired through ListTagsForResource(resourceArn=idp_arn). Issuer URL + client ID + optional username/groups claims are forwarded to the k3s API server via --kube-apiserver-arg=oidc-* flags on restart. Cluster status stays ACTIVE throughout (the work is carried in the returned update record, not on the cluster). Contributed by @b-rajesh.
  • SQS — /_ministack/sqs/messages admin endpointGET returns every queue's messages grouped by account (MessageId, Body, MD5OfBody, SentTimestamp, VisibleAt, IsVisible, ReceiveCount, FirstReceiveTimestamp, MessageAttributes, Attributes, MessageGroupId, MessageDeduplicationId, SequenceNumber). Optional ?account=<12-digit> and ?QueueUrl=<url> filters. Pure introspection — does not mutate visible_at / receive_count / any field a concurrent ReceiveMessage touches. Mirrors the existing /_ministack/ses/messages pattern. Reported by @mbamber.
  • MINISTACK_RDS_PUBLIC_ENDPOINT env var — set 1 when ministack itself runs in Docker but RDS clients reach the engine from outside that Docker network (remote ministack host, CI runners, host-side clients). DescribeDBInstances then returns {MINISTACK_HOST, host_port} — the published host port — instead of the container-internal address that's invisible from outside the network. Off by default, so existing deployments (native, or in-Docker with apps on the same network) keep their current behavior byte-for-byte.

Fixed

  • AppConfigData — StartConfigurationSession accepts identifier by ID or nameApplicationIdentifier, EnvironmentIdentifier, and ConfigurationProfileIdentifier are documented in service-2.json as accepting either form; ministack previously treated them as IDs only, so passing names (a perfectly valid AWS pattern) produced a session token that referred to a non-resolvable triple. Each identifier is now resolved through ID-first / name-fallback lookups; unresolved → ResourceNotFoundException 404. Contributed by @LiamMacP.
  • DynamoDB — ExportTableToPointInTime returns IN_PROGRESS at submit, COMPLETED only after the grace window — the handler previously set IN_PROGRESS then overwrote it to COMPLETED on the very next DescribeExport call, so callers never observed an in-progress export. Submit now returns IN_PROGRESS and the flip happens in _describe_export only after MINISTACK_DDB_EXPORT_COMPLETE_AFTER_SEC (default 1s) has elapsed — matching real AWS, which always reports IN_PROGRESS at submit time. Reported by @hicksy. Contributed by @HarrisonTCodes.
  • DynamoDB — ImportTable returns IN_PROGRESS at submit, COMPLETED only after the grace window — same fix shape: ImportTable was building the response with ImportStatus=COMPLETED synchronously, never giving callers a chance to observe the in-progress state real AWS guarantees. Now starts IN_PROGRESS with no EndTime; DescribeImport flips to COMPLETED and stamps EndTime after MINISTACK_DDB_IMPORT_COMPLETE_AFTER_SEC (default 1s). Reported by @hicksy.
  • DynamoDB PartiQL — UPDATE / DELETE with a false non-key predicate now returns ConditionalCheckFailedExceptionUPDATE "t" SET n=9 WHERE pk='x' AND name='beta' against an item with name='alpha' previously silently no-op'd (PartiQL handlers iterated all rows and matched none). AWS treats the non-key clauses as a conditional check on the PK-targeted item: if the targeted item doesn't exist or any non-PK predicate fails, the request must surface ConditionalCheckFailedException and leave the item unchanged. Also: UPDATE / DELETE without an = clause on every primary-key attribute now returns ValidationException up front instead of falling through to the table scan. Reported by @hicksy.
  • EKS — IdP changes no longer mutate cluster statusAssociateIdentityProviderConfig / DisassociateIdentityProviderConfig previously flipped cluster.status to UPDATING during the k3s restart, then back to ACTIVE. Real AWS keeps the cluster ACTIVE throughout — the work is carried in the returned Update record, not on the cluster shape. Only cfg.status is mutated now. The destructive k3s restart that wipes in-cluster workloads on associate/disassociate (a local-emulator limitation — k3s can't hot-swap kube-apiserver flags) is logged as a warning so the side effect is surfaced.
  • EC2 CreateFleet — shape parity restoredInstances and Errors are now emitted only when Type=instant (the AWS-documented constraint); for maintain / request the response is <fleetId> alone, instances launch asynchronously, FulfilledCapacity=0, ActivityStatus=pending_fulfillment. DefaultTargetCapacityType (not Type) drives Lifecycle / SpotTargetCapacity / OnDemandTargetCapacity — the previous code compared fleet_type == "spot", which is dead since the FleetType enum is {request, maintain, instant} and never contains "spot". Multi-config × multi-override distribution: every LaunchTemplateConfigs[*].Overrides[*] slot now receives its share of TotalTargetCapacity (round-robin) and renders its own Instances[*] item with the correct LaunchTemplateAndOverrides. Tag-spec parser also accepts the AWS plural TagSpecifications[*].Tags[*] shape alongside the previous singular.
  • EC2 DescribeFleets with an unknown FleetIdInvalidFleetId.NotFound — previously dropped silently from the fleet set, so callers had no signal that a typo'd ID hadn't matched anything. Real EC2 returns the error envelope (HTTP 400); known IDs are preserved in the requested order alongside.

Changed

  • MINISTACK_HOST honored consistently across servicesecs._discover_poll_endpoint, elasticache._spawn_redis_container, opensearch._spawn_dataplane, lambda_svc._execute_function_local (subprocess AWS_ENDPOINT_URL) and several response-URL builders previously had "localhost" hardcoded and ignored MINISTACK_HOST. They now resolve through a module-level _MINISTACK_HOST = os.environ.get("MINISTACK_HOST", "localhost"), so a ministack running on a different host can be reached over the network with the standard describe-... commands (set MINISTACK_HOST=<remote-ip> at boot). Default behavior unchanged for existing localhost deployments. Contributed by @neriyaco.
Check out latest releases or
releases around ministackorg/ministack v1.3.57

Don't miss a new ministack release

NewReleases is sending notifications on new releases.

Get notifications