@digitraffic/common 2022.10.14-1 → 2022.10.28-2

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@digitraffic/common",
-  "version": "2022.10.14-1",
+  "version": "2022.10.28-2",
   "description": "",
   "repository": {
     "type": "git",
@@ -10,23 +10,24 @@
     "node": ">=14 <17",
     "yarn": ">1.2 <2"
   },
-  "publishConfig": {
-    "@tmfg:registry": "https://npm.pkg.github.com"
-  },
   "scripts": {
     "build": "tsc",
-    "lint": "eslint **/*.ts test/**/*.ts --fix",
+    "lint": "eslint --cache .",
+    "eslint-report": "eslint . --format html",
+    "clean": "rimraf dist output",
     "test": "jest --detectOpenHandles --forceExit --coverage --coverageDirectory=output/coverage/jest",
-    "pub": "cp package.json README.md LICENSE dist/ && cd dist && yarn publish"
+    "prepare": "husky install",
+    "prepublishOnly": "yarn clean && yarn build && yarn test"
   },
-  "main": "index.js",
-  "types": "index.d.ts",
+  "license": "EUPL-1.2",
+  "private": false,
   "files": [
-    "."
+    "dist/**/*.js",
+    "src/**/*.ts"
   ],
   "dependencies": {
     "@aws-cdk/aws-synthetics-alpha": "2.46.0-alpha.0",
-    "@types/geojson": "^7946.0.7",
+    "@types/geojson": "^7946.0.10",
     "aws-cdk-lib": "2.46.0",
     "aws-sdk": "2.1232.0",
     "axios": "^0.21.1",
@@ -54,6 +55,7 @@
     "lint-staged": ">=10",
     "prettier": "^2.7.1",
     "ramda": "^0.28.0",
+    "rimraf": "^3.0.2",
     "sinon": "^14.0.0",
     "ts-jest": "^29.0.2",
     "typescript": "^4.8.4"

package/src/@types/geojson-validation/index.d.ts

@@ -0,0 +1,4 @@
+declare module "geojson-validation" {
+    export function valid(json): boolean;
+    export function isFeatureCollection(json): boolean;
+}

package/src/aws/infra/api/integration.ts

@@ -0,0 +1,73 @@
+import {IntegrationResponse, LambdaIntegration, PassthroughBehavior} from "aws-cdk-lib/aws-apigateway";
+import {IFunction} from "aws-cdk-lib/aws-lambda";
+import {MediaType} from "../../types/mediatypes";
+import {DigitrafficIntegrationResponse} from "../../runtime/digitraffic-integration-response";
+
+type ParameterType = 'path' | 'querystring';
+
+interface ApiParameter {
+    type: ParameterType
+    name: string
+}
+
+export class DigitrafficIntegration {
+    readonly lambda: IFunction;
+    readonly mediaType: MediaType;
+
+    readonly parameters: ApiParameter[] = [];
+
+    constructor(lambda: IFunction, mediaType = MediaType.TEXT_PLAIN) {
+        this.lambda = lambda;
+        this.mediaType = mediaType;
+    }
+
+    addPathParameter(...names: string[]): DigitrafficIntegration {
+        names.forEach(name => this.parameters.push({type: 'path', name}));
+
+        return this;
+    }
+
+    addQueryParameter(...names: string[]): DigitrafficIntegration {
+        names.forEach(name => this.parameters.push({type: 'querystring', name}));
+
+        return this;
+    }
+
+    build(): LambdaIntegration {
+        const integrationResponses = this.createResponses();
+
+        return new LambdaIntegration(this.lambda, {
+            proxy: false,
+            integrationResponses,
+            requestParameters: this.parameters.length == 0 ? undefined : this.createRequestParameters(),
+            requestTemplates: this.parameters.length == 0 ? undefined : this.createRequestTemplates(),
+            passthroughBehavior: PassthroughBehavior.WHEN_NO_MATCH,
+        });
+    }
+
+    createRequestParameters(): Record<string, string> {
+        const requestParameters: Record<string, string> = {};
+
+        this.parameters.forEach((parameter: ApiParameter) => {
+            requestParameters[`integration.request.${parameter.type}.${parameter.name}`] = `method.request.${parameter.type}.${parameter.name}`;
+        });
+
+        return requestParameters;
+    }
+
+    createRequestTemplates(): Record<string, string> {
+        const requestJson: Record<string, string> = {};
+
+        this.parameters.forEach((parameter: ApiParameter) => {
+            requestJson[parameter.name] = `$util.escapeJavaScript($input.params('${parameter.name}'))`;
+        });
+
+        return {
+            [MediaType.APPLICATION_JSON]: JSON.stringify(requestJson),
+        };
+    }
+
+    createResponses(): IntegrationResponse[] {
+        return [DigitrafficIntegrationResponse.ok(this.mediaType)];
+    }
+}

package/src/aws/infra/api/response.ts

@@ -0,0 +1,67 @@
+import apigateway = require('aws-cdk-lib/aws-apigateway');
+import {MediaType} from "../../types/mediatypes";
+
+/**
+ * This is velocity-script, that assumes the response to be LambdaResponse(status and body).
+ * It will always return the body and status, but if status in something else than 200 OK the content-type
+ * will be overridden to text/plain. (it's assumed, that lambda will return error text).
+ *
+ * If fileName is set, then Content-Disposition-header will be set to use it
+ */
+export const RESPONSE_DEFAULT_LAMBDA = `#set($inputRoot = $input.path('$'))
+$inputRoot.body
+#if ($inputRoot.status != 200)
+#set ($context.responseOverride.status = $inputRoot.status)
+#set ($context.responseOverride.header.Content-Type = 'text/plain')
+#end
+#set ($context.responseOverride.header.Access-Control-Allow-Origin = '*')
+#if ("$!inputRoot.fileName" != "")
+#set ($disposition = 'attachment; filename="FN"')
+#set ($context.responseOverride.header.Content-Disposition = $disposition.replaceAll('FN', $inputRoot.fileName))
+#end
+`;
+
+const BODY_FROM_INPUT_PATH = "$input.path('$').body";
+
+// DEPRECATED
+const messageSchema: apigateway.JsonSchema = {
+    schema: apigateway.JsonSchemaVersion.DRAFT4,
+    type: apigateway.JsonSchemaType.OBJECT,
+    description: 'Response with message',
+    properties: {
+        message: {
+            type: apigateway.JsonSchemaType.STRING,
+            description: 'Response message',
+        },
+    },
+};
+
+// DEPRECATED
+export const MessageModel = {
+    contentType: MediaType.APPLICATION_JSON,
+    modelName: 'MessageResponseModel',
+    schema: messageSchema,
+};
+
+const NotFoundMessage = 'Not found';
+export const NotFoundResponse = JSON.stringify({message: NotFoundMessage});
+
+const InternalServerErrorMessage = 'Error';
+const InternalServerErrorResponse = JSON.stringify({message: InternalServerErrorMessage});
+
+const BadRequestMessage = 'Bad request';
+const BadRequestResponse = JSON.stringify({message: BadRequestMessage});
+
+export const BadRequestResponseTemplate = createResponses(MediaType.APPLICATION_JSON, BadRequestResponse);
+export const NotFoundResponseTemplate = createResponses(MediaType.APPLICATION_JSON, NotFoundResponse);
+export const XmlResponseTemplate = createResponses(MediaType.APPLICATION_XML, BODY_FROM_INPUT_PATH);
+export const SvgResponseTemplate = createResponses(MediaType.IMAGE_SVG, BODY_FROM_INPUT_PATH);
+export const InternalServerErrorResponseTemplate = createResponses(MediaType.APPLICATION_JSON, InternalServerErrorResponse);
+
+export function createResponses<T>(key: MediaType, value: T): Record<string, T> {
+    const map: Record<string, T> = {};
+
+    map[key] = value;
+
+    return map;
+}

package/src/aws/infra/api/responses.ts

@@ -0,0 +1,124 @@
+import {
+    InternalServerErrorResponseTemplate,
+    createResponses,
+    XmlResponseTemplate,
+    NotFoundResponseTemplate,
+    BadRequestResponseTemplate,
+} from "./response";
+import {
+    LambdaIntegration,
+    MethodResponse,
+    IntegrationResponse,
+    PassthroughBehavior,
+} from "aws-cdk-lib/aws-apigateway";
+import { Function as AWSFunction } from "aws-cdk-lib/aws-lambda";
+import { IModel } from "aws-cdk-lib/aws-apigateway/lib/model";
+import {
+    BAD_REQUEST_MESSAGE,
+    ERROR_MESSAGE,
+    NOT_FOUND_MESSAGE,
+} from "../../types/errors";
+import { MediaType } from "../../types/mediatypes";
+
+export const RESPONSE_200_OK: IntegrationResponse = {
+    statusCode: "200",
+};
+
+export const RESPONSE_400_BAD_REQUEST: IntegrationResponse = {
+    statusCode: "400",
+    selectionPattern: BAD_REQUEST_MESSAGE,
+    responseTemplates: BadRequestResponseTemplate,
+};
+
+export const RESPONSE_500_SERVER_ERROR: IntegrationResponse = {
+    statusCode: "500",
+    selectionPattern: ERROR_MESSAGE,
+    responseTemplates: InternalServerErrorResponseTemplate,
+};
+
+const RESPONSE_XML = {
+    responseTemplates: XmlResponseTemplate,
+};
+
+export const RESPONSE_CORS_INTEGRATION = {
+    responseParameters: {
+        "method.response.header.Access-Control-Allow-Origin": "'*'",
+    },
+};
+
+export const RESPONSE_404_NOT_FOUND = {
+    statusCode: "404",
+    selectionPattern: NOT_FOUND_MESSAGE,
+    responseTemplates: NotFoundResponseTemplate,
+};
+
+export function methodResponse(
+    status: string,
+    contentType: MediaType,
+    model: IModel,
+    parameters?: Record<string, boolean>
+): MethodResponse {
+    return {
+        statusCode: status,
+        responseModels: createResponses(contentType, model),
+        responseParameters: parameters || {},
+    };
+}
+
+export function corsMethod(response: MethodResponse): MethodResponse {
+    return {
+        ...response,
+        ...{
+            responseParameters: {
+                "method.response.header.Access-Control-Allow-Origin": true,
+            },
+        },
+    };
+}
+
+interface IntegrationOptions {
+    requestParameters?: { [dest: string]: string };
+    requestTemplates?: { [contentType: string]: string };
+    responses?: IntegrationResponse[];
+    disableCors?: boolean;
+    xml?: boolean;
+    passthroughBehavior?: PassthroughBehavior;
+}
+
+/**
+ * Creates a default Lambda integration for a REST API resource _root_
+ * @param lambdaFunction The Lambda function
+ * @param options Options
+ */
+export function defaultIntegration(
+    lambdaFunction: AWSFunction,
+    options?: IntegrationOptions
+): LambdaIntegration {
+    return new LambdaIntegration(lambdaFunction, {
+        proxy: false,
+        integrationResponses: options?.responses || [
+            getResponse(RESPONSE_200_OK, options),
+            getResponse(RESPONSE_400_BAD_REQUEST, options),
+            getResponse(RESPONSE_404_NOT_FOUND, options),
+            getResponse(RESPONSE_500_SERVER_ERROR, options),
+        ],
+        requestParameters: options?.requestParameters || {},
+        requestTemplates: options?.requestTemplates || {},
+        passthroughBehavior:
+            options?.passthroughBehavior ?? PassthroughBehavior.WHEN_NO_MATCH,
+    });
+}
+
+export function getResponse(
+    response: IntegrationResponse,
+    options?: IntegrationOptions
+): IntegrationResponse {
+    if (options?.xml) {
+        response = { ...response, ...RESPONSE_XML };
+    }
+    if (!options?.disableCors) {
+        response = { ...response, ...RESPONSE_CORS_INTEGRATION };
+    }
+
+    return response;
+}

package/src/aws/infra/api/static-integration.ts

@@ -0,0 +1,62 @@
+import {MockIntegration, PassthroughBehavior, Resource} from "aws-cdk-lib/aws-apigateway";
+import {MediaType} from "../../types/mediatypes";
+import {corsMethod, RESPONSE_CORS_INTEGRATION} from "./responses";
+
+const INTEGRATION_RESPONSE_200 = `{
+    "statusCode": 200
+}`;
+
+const METHOD_RESPONSE_200 = {
+    statusCode: '200',
+};
+
+/**
+ * Static integration, that returns the given response with given mediaType from given resource.
+ *
+ * @param resource
+ * @param mediaType
+ * @param response
+ */
+export class DigitrafficStaticIntegration extends MockIntegration {
+    constructor(
+        resource: Resource, mediaType: MediaType, response: string, enableCors = true, apiKeyRequired = true,
+    ) {
+        const integrationResponse = DigitrafficStaticIntegration.createIntegrationResponse(response, mediaType, enableCors);
+
+        super({
+            passthroughBehavior: PassthroughBehavior.WHEN_NO_TEMPLATES,
+            requestTemplates: {
+                [mediaType]: INTEGRATION_RESPONSE_200,
+            },
+            integrationResponses: [integrationResponse],
+        });
+
+        ['GET', 'HEAD'].forEach((httpMethod) => {
+            resource.addMethod(httpMethod, this, {
+                apiKeyRequired,
+                methodResponses: [DigitrafficStaticIntegration.createMethodResponse(enableCors)],
+            });
+        });
+    }
+
+    static json<K>(resource: Resource, response: K, enableCors = true, apiKeyRequired = true) {
+        return new DigitrafficStaticIntegration(
+            resource, MediaType.APPLICATION_JSON, JSON.stringify(response), enableCors, apiKeyRequired,
+        );
+    }
+
+    private static createIntegrationResponse(response: string, mediaType: MediaType, enableCors: boolean) {
+        const integrationResponse = {
+            statusCode: '200',
+            responseTemplates: {
+                [mediaType]: response,
+            },
+        };
+
+        return enableCors ? {...integrationResponse, ...RESPONSE_CORS_INTEGRATION} : integrationResponse;
+    }
+
+    private static createMethodResponse(enableCors: boolean) {
+        return enableCors ? corsMethod(METHOD_RESPONSE_200) : METHOD_RESPONSE_200;
+    }
+}

package/src/aws/infra/canaries/canary-alarm.ts

@@ -0,0 +1,31 @@
+import {Construct} from "constructs";
+import {CanaryParameters} from "./canary-parameters";
+import {Alarm, ComparisonOperator} from "aws-cdk-lib/aws-cloudwatch";
+import {Canary} from "@aws-cdk/aws-synthetics-alpha";
+import {SnsAction} from "aws-cdk-lib/aws-cloudwatch-actions";
+import {Topic} from "aws-cdk-lib/aws-sns";
+
+export class CanaryAlarm {
+    constructor(stack: Construct,
+        canary: Canary,
+        params: CanaryParameters) {
+        if (params.alarm ?? true) {
+            const alarmName = params.alarm?.alarmName ?? `${params.name}-alarm`;
+
+            const alarm = new Alarm(stack, alarmName, {
+                alarmName,
+                alarmDescription: params.alarm?.description ?? '',
+                metric: canary.metricSuccessPercent(),
+                evaluationPeriods: params.alarm?.evalutionPeriods ?? 1,
+                threshold: params.alarm?.threshold ?? 100,
+                comparisonOperator: ComparisonOperator.LESS_THAN_THRESHOLD,
+            });
+
+            if (params.alarm?.topicArn) {
+                alarm.addAlarmAction(new SnsAction(Topic.fromTopicArn(stack,
+                    `${alarmName}-action`,
+                    params.alarm.topicArn)));
+            }
+        }
+    }
+}

package/src/aws/infra/canaries/canary-keys.ts

@@ -0,0 +1,3 @@
+export const ENV_API_KEY = "apiKeyId";
+export const ENV_HOSTNAME = "hostname";
+export const ENV_SECRET = "secret";

package/src/aws/infra/canaries/canary-parameters.ts

@@ -0,0 +1,19 @@
+import {Schedule} from "@aws-cdk/aws-synthetics-alpha";
+
+/** Optional env parameters for canary */
+type CanaryEnv = Record<string, string>;
+
+export type CanaryParameters = {
+    readonly name: string;
+    readonly schedule?: Schedule;
+    readonly secret?: string;
+    readonly handler: string;
+    readonly alarm?: {
+        readonly alarmName?: string;
+        readonly description?: string;
+        readonly evalutionPeriods?: number;
+        readonly threshold?: number;
+        readonly topicArn?: string;
+    }
+    readonly canaryEnv?: CanaryEnv;
+}

package/src/aws/infra/canaries/canary-role.ts

@@ -0,0 +1,47 @@
+import {ManagedPolicy, PolicyStatement, PolicyStatementProps, Role, ServicePrincipal} from "aws-cdk-lib/aws-iam";
+import {Construct} from "constructs";
+
+const BASE_POLICY_STATEMENT_PROPS: PolicyStatementProps = {
+    actions: [
+        "logs:CreateLogStream",
+        "logs:PutLogEvents",
+        "logs:CreateLogGroup",
+        "logs:DescribeLogGroups",
+        "logs:DescribeLogStreams",
+    ],
+    resources: ["*"],
+};
+
+const CLOUDWATCH_STATEMENT_PROPS: PolicyStatementProps = {
+    actions: [
+        "cloudwatch:PutMetricData",
+    ],
+    resources: ["*"],
+    conditions: {
+        "StringEquals": {
+            "cloudwatch:namespace": "CloudWatchSynthetics",
+        },
+    },
+};
+
+export class DigitrafficCanaryRole extends Role {
+    constructor(stack: Construct, canaryName: string) {
+        super(stack, 'canary-role-' + canaryName, {
+            assumedBy: new ServicePrincipal("lambda.amazonaws.com"),
+            managedPolicies: [
+                ManagedPolicy.fromAwsManagedPolicyName("CloudWatchSyntheticsFullAccess"),
+            ],
+        });
+
+        this.addToPolicy(new PolicyStatement(BASE_POLICY_STATEMENT_PROPS));
+        this.addToPolicy(new PolicyStatement(CLOUDWATCH_STATEMENT_PROPS));
+    }
+
+    withDatabaseAccess(): DigitrafficCanaryRole {
+        // Won't work :(
+        // this.addToPolicy(new PolicyStatement(DB_STATEMENT_PROPS));
+        // Works
+        this.addManagedPolicy(ManagedPolicy.fromAwsManagedPolicyName("service-role/AWSLambdaVPCAccessExecutionRole"));
+        return this;
+    }
+}

package/src/aws/infra/canaries/canary.ts

@@ -0,0 +1,46 @@
+import { Duration } from "aws-cdk-lib";
+import {
+    AssetCode,
+    Canary,
+    Runtime,
+    Schedule,
+    Test,
+} from "@aws-cdk/aws-synthetics-alpha";
+import { Role } from "aws-cdk-lib/aws-iam";
+import { CanaryAlarm } from "./canary-alarm";
+import { CanaryParameters } from "./canary-parameters";
+import { Construct } from "constructs";
+import { LambdaEnvironment } from "../stack/lambda-configs";
+
+export class DigitrafficCanary extends Canary {
+    constructor(
+        scope: Construct,
+        canaryName: string,
+        role: Role,
+        params: CanaryParameters,
+        environmentVariables: LambdaEnvironment
+    ) {
+        super(scope, canaryName, {
+            runtime: Runtime.SYNTHETICS_NODEJS_PUPPETEER_3_6,
+            role,
+            test: Test.custom({
+                code: new AssetCode("dist", {
+                    exclude: ["lambda", "out", "canaries"],
+                }),
+                handler: params.handler,
+            }),
+            environmentVariables: {
+                ...environmentVariables,
+                ...params?.canaryEnv,
+            },
+            canaryName,
+            schedule: params.schedule ?? Schedule.rate(Duration.minutes(15)),
+        });
+
+        this.artifactsBucket.grantWrite(role);
+
+        if (params.alarm ?? true) {
+            new CanaryAlarm(scope, this, params);
+        }
+    }
+}

package/src/aws/infra/canaries/database-canary.ts

@@ -0,0 +1,98 @@
+import { Role } from "aws-cdk-lib/aws-iam";
+import { ISecret } from "aws-cdk-lib/aws-secretsmanager";
+import { CfnCanary } from "aws-cdk-lib/aws-synthetics";
+import { Schedule } from "aws-cdk-lib/aws-events";
+import { Duration } from "aws-cdk-lib";
+
+import { CanaryParameters } from "./canary-parameters";
+import { DigitrafficCanary } from "./canary";
+import { DigitrafficStack } from "../stack/stack";
+
+export class DatabaseCanary extends DigitrafficCanary {
+    constructor(
+        stack: DigitrafficStack,
+        role: Role,
+        secret: ISecret,
+        params: CanaryParameters
+    ) {
+        const canaryName = `${params.name}-db`;
+        const environmentVariables = stack.createDefaultLambdaEnvironment(
+            `Synthetics-${canaryName}`
+        );
+
+        // the handler code is defined at the actual project using this
+        super(stack, canaryName, role, params, environmentVariables);
+
+        this.artifactsBucket.grantWrite(this.role);
+        secret.grantRead(this.role);
+
+        // need to override vpc and security group, can't do this with cdk
+        if (this.node.defaultChild instanceof CfnCanary) {
+            const subnetIds =
+                stack.vpc === undefined
+                    ? []
+                    : stack.vpc.privateSubnets.map((subnet) => subnet.subnetId);
+
+            const securityGroupIds =
+                stack.lambdaDbSg === undefined
+                    ? []
+                    : [stack.lambdaDbSg.securityGroupId];
+
+            this.node.defaultChild.vpcConfig = {
+                vpcId: stack.vpc?.vpcId,
+                securityGroupIds,
+                subnetIds,
+            };
+        }
+    }
+
+    static create(
+        stack: DigitrafficStack,
+        role: Role,
+        params: CanaryParameters
+    ): DatabaseCanary {
+        const secret = stack.getSecret();
+        return new DatabaseCanary(stack, role, secret, {
+            ...{
+                secret: stack.configuration.secretId,
+                schedule: Schedule.rate(Duration.hours(1)),
+                handler: `${params.name}.handler`,
+            },
+            ...params,
+        });
+    }
+
+    /**
+     *
+     * @param stack
+     * @param role
+     * @param name name of the typescipt file without -db -suffix. Max len is 10 char if @param canaryName is not given.
+     * @param params
+     * @param canaryName Optional name for canary if multiple canaries is made from same ${name}-db.ts canary file.
+     */
+    static createV2(
+        stack: DigitrafficStack,
+        role: Role,
+        name: string,
+        params: Partial<CanaryParameters> = {},
+        canaryName = name
+    ): DatabaseCanary {
+        const secret = stack.getSecret();
+        return new DatabaseCanary(stack, role, secret, {
+            ...{
+                secret: stack.configuration.secretId,
+                schedule: Schedule.rate(Duration.hours(1)),
+                handler: `${name}-db.handler`,
+                name: canaryName,
+                alarm: {
+                    alarmName:
+                        canaryName === name
+                            ? `${stack.configuration.shortName}-DB-Alarm`
+                            : `${canaryName}-DB-Alarm`,
+                    topicArn: stack.configuration.alarmTopicArn,
+                },
+            },
+            ...params,
+        });
+    }
+}