@digitraffic/common 2023.1.18-2 → 2023.1.23-2

package/src/aws/infra/api/response.ts

@@ -1,12 +1,6 @@
-import { MediaType } from "../../types/mediatypes";
-import {
-    JsonSchemaType,
-    JsonSchemaVersion,
-    JsonSchema,
-    MethodResponse,
-    Model,
-} from "aws-cdk-lib/aws-apigateway";
-import { IModel } from "aws-cdk-lib/aws-apigateway/lib/model";
+import {MediaType} from "../../types/mediatypes";
+import {JsonSchema, JsonSchemaType, JsonSchemaVersion, MethodResponse, Model,} from "aws-cdk-lib/aws-apigateway";
+import {IModel} from "aws-cdk-lib/aws-apigateway/lib/model";
 
 /**
  * This is velocity-script, that assumes the response to be LambdaResponse(status and body).
@@ -31,6 +25,12 @@ $util.base64Decode($inputRoot.body)
 #end
 `;
 
+export const getDeprecatedDefaultLambdaResponse = (sunset: string) => {
+    const setDeprecationHeaders = `#set ($context.responseOverride.header.Deprecation = 'true')
+#set ($context.responseOverride.header.Sunset = '${sunset}')`;
+    return RESPONSE_DEFAULT_LAMBDA.concat(setDeprecationHeaders);
+};
+
 const BODY_FROM_INPUT_PATH = "$input.path('$').body";
 
 /// @deprecated
@@ -100,19 +100,19 @@ export class DigitrafficMethodResponse {
         statusCode: string,
         model: IModel,
         mediaType: MediaType,
-        disableCors = false
+        disableCors = false,
+        deprecation = false
     ): MethodResponse {
         return {
             statusCode,
             responseModels: {
                 [mediaType]: model,
             },
-            responseParameters: disableCors
-                ? {}
-                : {
-                      "method.response.header.Access-Control-Allow-Origin":
-                          true,
-                  },
+            responseParameters: {
+                "method.response.header.Access-Control-Allow-Origin": !disableCors,
+                "method.response.header.Deprecation": deprecation,
+                "method.response.header.Sunset": deprecation,
+            },
         };
     }
 

package/src/aws/infra/canaries/canary-alarm.ts

@@ -1,31 +1,33 @@
-import {Construct} from "constructs";
-import {CanaryParameters} from "./canary-parameters";
-import {Alarm, ComparisonOperator} from "aws-cdk-lib/aws-cloudwatch";
-import {Canary} from "@aws-cdk/aws-synthetics-alpha";
-import {SnsAction} from "aws-cdk-lib/aws-cloudwatch-actions";
-import {Topic} from "aws-cdk-lib/aws-sns";
+import { Construct } from "constructs";
+import { CanaryParameters } from "./canary-parameters";
+import { Alarm, ComparisonOperator } from "aws-cdk-lib/aws-cloudwatch";
+import { Canary } from "@aws-cdk/aws-synthetics-alpha";
+import { SnsAction } from "aws-cdk-lib/aws-cloudwatch-actions";
+import { Topic } from "aws-cdk-lib/aws-sns";
 
 export class CanaryAlarm {
-    constructor(stack: Construct,
-        canary: Canary,
-        params: CanaryParameters) {
-        if (params.alarm ?? true) {
-            const alarmName = params.alarm?.alarmName ?? `${params.name}-alarm`;
+    constructor(stack: Construct, canary: Canary, params: CanaryParameters) {
+        const alarmName = params.alarm?.alarmName ?? `${params.name}-alarm`;
 
-            const alarm = new Alarm(stack, alarmName, {
-                alarmName,
-                alarmDescription: params.alarm?.description ?? '',
-                metric: canary.metricSuccessPercent(),
-                evaluationPeriods: params.alarm?.evalutionPeriods ?? 1,
-                threshold: params.alarm?.threshold ?? 100,
-                comparisonOperator: ComparisonOperator.LESS_THAN_THRESHOLD,
-            });
+        const alarm = new Alarm(stack, alarmName, {
+            alarmName,
+            alarmDescription: params.alarm?.description ?? "",
+            metric: canary.metricSuccessPercent(),
+            evaluationPeriods: params.alarm?.evalutionPeriods ?? 1,
+            threshold: params.alarm?.threshold ?? 100,
+            comparisonOperator: ComparisonOperator.LESS_THAN_THRESHOLD,
+        });
 
-            if (params.alarm?.topicArn) {
-                alarm.addAlarmAction(new SnsAction(Topic.fromTopicArn(stack,
-                    `${alarmName}-action`,
-                    params.alarm.topicArn)));
-            }
+        if (params.alarm?.topicArn) {
+            alarm.addAlarmAction(
+                new SnsAction(
+                    Topic.fromTopicArn(
+                        stack,
+                        `${alarmName}-action`,
+                        params.alarm.topicArn
+                    )
+                )
+            );
         }
     }
 }

package/src/aws/infra/canaries/canary.ts

@@ -31,7 +31,7 @@ export class DigitrafficCanary extends Canary {
             }),
             environmentVariables: {
                 ...environmentVariables,
-                ...params?.canaryEnv,
+                ...params.canaryEnv,
             },
             canaryName,
             schedule: params.schedule ?? Schedule.rate(Duration.minutes(15)),
@@ -39,8 +39,6 @@ export class DigitrafficCanary extends Canary {
 
         this.artifactsBucket.grantWrite(role);
 
-        if (params.alarm ?? true) {
-            new CanaryAlarm(scope, this, params);
-        }
+        new CanaryAlarm(scope, this, params);
     }
 }

package/src/aws/infra/canaries/database-checker.ts

@@ -4,7 +4,7 @@ import { RdsHolder } from "../../runtime/secrets/rds-holder";
 import { getEnvVariable } from "../../../utils/utils";
 import { Countable } from "../../../database/models";
 
-// eslint-disable-next-line @typescript-eslint/no-var-requires
+// eslint-disable-next-line @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-unsafe-call, @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-var-requires
 const synthetics = require("Synthetics");
 
 abstract class DatabaseCheck<T> {
@@ -88,7 +88,9 @@ export class DatabaseCountChecker {
     private constructor(credentialsFunction: () => Promise<void>) {
         this.credentialsFunction = credentialsFunction;
 
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-unsafe-call
         synthetics.getConfiguration().disableRequestMetrics();
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-unsafe-call
         synthetics.getConfiguration().withFailedCanaryMetric(true);
     }
 
@@ -146,6 +148,7 @@ export class DatabaseCountChecker {
                     check.check(value);
                 };
 
+                // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-unsafe-call
                 synthetics.executeStep(check.name, checkFunction, stepConfig);
             }
         });

package/src/aws/infra/canaries/url-canary.ts

@@ -48,7 +48,8 @@ export class UrlCanary extends DigitrafficCanary {
     ): UrlCanary {
         return new UrlCanary(stack, role, {
             ...{
-                handler: `${params.name}.handler`,
+                // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
+                handler: `${params.name!}.handler`,
                 hostname: publicApi.hostname(),
                 apiKeyId: this.getApiKey(publicApi),
             },

package/src/aws/infra/canaries/url-checker.ts

@@ -1,7 +1,7 @@
 import { IncomingMessage, RequestOptions } from "http";
 import { Asserter } from "../../../test/asserter";
 
-// eslint-disable-next-line @typescript-eslint/no-var-requires
+// eslint-disable-next-line @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-unsafe-call, @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-var-requires
 const synthetics = require("Synthetics");
 import zlib = require("zlib");
 import { MediaType } from "../../types/mediatypes";
@@ -19,12 +19,12 @@ const baseHeaders = {
     Accept: "*/*",
 } as Record<string, string>;
 
-type CheckerFunction = (Res: IncomingMessage) => void;
+type CheckerFunction = (Res: IncomingMessage) => Promise<void>;
 type JsonCheckerFunction<T> = (
     json: T,
     body: string,
     message: IncomingMessage
-) => void;
+) => Promise<void>;
 
 export class UrlChecker {
     private readonly requestOptions: RequestOptions;
@@ -43,8 +43,10 @@ export class UrlChecker {
             headers,
         };
 
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-unsafe-call
         synthetics.getConfiguration().disableRequestMetrics();
 
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-unsafe-call
         synthetics
             .getConfiguration()
             .withIncludeRequestBody(false)
@@ -79,6 +81,7 @@ export class UrlChecker {
             },
         };
 
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-unsafe-call, @typescript-eslint/no-unsafe-return
         return synthetics.executeHttpStep(
             `Verify ${statusCode} for ${url.replace(/auth=.*/, "")}`,
             requestOptions,
@@ -109,6 +112,7 @@ export class UrlChecker {
             },
         };
 
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-unsafe-call, @typescript-eslint/no-unsafe-return
         return synthetics.executeHttpStep(
             `Verify 404 for ${url}`,
             requestOptions,
@@ -124,6 +128,7 @@ export class UrlChecker {
             },
         };
 
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-unsafe-call, @typescript-eslint/no-unsafe-return
         return synthetics.executeHttpStep(
             `Verify 400 for ${url}`,
             requestOptions,
@@ -133,6 +138,7 @@ export class UrlChecker {
 
     expect403WithoutApiKey(url: string, mediaType?: MediaType): Promise<void> {
         if (
+            // eslint-disable-next-line @typescript-eslint/prefer-optional-chain
             !this.requestOptions.headers ||
             !this.requestOptions.headers[API_KEY_HEADER]
         ) {
@@ -147,6 +153,7 @@ export class UrlChecker {
             },
         };
 
+        // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-unsafe-call, @typescript-eslint/no-unsafe-return
         return synthetics.executeHttpStep(
             `Verify 403 for ${url}`,
             requestOptions,
@@ -202,12 +209,14 @@ function validateStatusCodeAndContentType(
     return (res: IncomingMessage) => {
         return new Promise((resolve) => {
             if (res.statusCode !== statusCode) {
-                throw new Error(`${res.statusCode} ${res.statusMessage}`);
+                // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
+                throw new Error(`${res.statusCode!} ${res.statusMessage!}`);
             }
 
             if (res.headers["content-type"] !== contentType) {
                 throw new Error(
-                    "Wrong content-type " + res.headers["content-type"]
+                    // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
+                    `Wrong content-type ${res.headers["content-type"]!}`
                 );
             }
 
@@ -251,7 +260,7 @@ export class ResponseChecker {
         fn: (json: T, body: string, res: IncomingMessage) => void
     ): CheckerFunction {
         return this.responseChecker((body: string, res: IncomingMessage) => {
-            fn(JSON.parse(body), body, res);
+            fn(JSON.parse(body) as unknown as T, body, res);
         });
     }
 
@@ -264,7 +273,8 @@ export class ResponseChecker {
             }
 
             if (res.statusCode < 200 || res.statusCode > 299) {
-                throw new Error(`${res.statusCode} ${res.statusMessage}`);
+                // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
+                throw new Error(`${res.statusCode} ${res.statusMessage!}`);
             }
 
             if (this.checkCors && !res.headers["access-control-allow-origin"]) {
@@ -273,7 +283,8 @@ export class ResponseChecker {
 
             if (res.headers["content-type"] !== this.contentType) {
                 throw new Error(
-                    "Wrong content-type " + res.headers["content-type"]
+                    // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
+                    `Wrong content-type ${res.headers["content-type"]!}`
                 );
             }
 
@@ -291,7 +302,7 @@ export class ContentChecker {
         return async (res: IncomingMessage): Promise<void> => {
             const body = await getResponseBody(res);
 
-            fn(JSON.parse(body), body, res);
+            fn(JSON.parse(body) as unknown as T, body, res);
         };
     }
 
@@ -314,7 +325,8 @@ export class ContentTypeChecker {
             }
 
             if (res.statusCode < 200 || res.statusCode > 299) {
-                throw new Error(`${res.statusCode} ${res.statusMessage}`);
+                // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
+                throw new Error(`${res.statusCode} ${res.statusMessage!}`);
             }
 
             if (!res.headers["access-control-allow-origin"]) {
@@ -323,7 +335,8 @@ export class ContentTypeChecker {
 
             if (res.headers["content-type"] !== contentType) {
                 throw new Error(
-                    "Wrong content-type " + res.headers["content-type"]
+                    // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
+                    `Wrong content-type ${res.headers["content-type"]!}`
                 );
             }
         };
@@ -353,6 +366,8 @@ export class HeaderChecker {
             if (!res.headers[headerName]) {
                 throw new Error("Missing header: " + headerName);
             }
+
+            return Promise.resolve();
         };
     }
 
@@ -361,6 +376,8 @@ export class HeaderChecker {
             if (res.headers[headerName]) {
                 throw new Error("Header should not exist: " + headerName);
             }
+
+            return Promise.resolve();
         };
     }
 }

package/src/aws/infra/sqs-integration.ts

@@ -1,9 +1,14 @@
-import {Aws} from "aws-cdk-lib";
-import {AwsIntegration, PassthroughBehavior, RequestValidator, Resource} from "aws-cdk-lib/aws-apigateway";
-import {Queue} from "aws-cdk-lib/aws-sqs";
-import {PolicyStatement, Role, ServicePrincipal} from "aws-cdk-lib/aws-iam";
-import {IModel} from "aws-cdk-lib/aws-apigateway/lib/model";
-import {Construct} from "constructs";
+import { Aws } from "aws-cdk-lib";
+import {
+    AwsIntegration,
+    PassthroughBehavior,
+    RequestValidator,
+    Resource,
+} from "aws-cdk-lib/aws-apigateway";
+import { Queue } from "aws-cdk-lib/aws-sqs";
+import { PolicyStatement, Role, ServicePrincipal } from "aws-cdk-lib/aws-iam";
+import { IModel } from "aws-cdk-lib/aws-apigateway/lib/model";
+import { Construct } from "constructs";
 
 export function attachQueueToApiGatewayResource(
     stack: Construct,
@@ -12,89 +17,88 @@ export function attachQueueToApiGatewayResource(
     requestValidator: RequestValidator,
     resourceName: string,
     apiKeyRequired: boolean,
-    requestModels?: {[param: string]: IModel},
+    requestModels?: Record<string, IModel>
 ) {
     // role for API Gateway
     const apiGwRole = new Role(stack, `${resourceName}APIGatewayToSQSRole`, {
-        assumedBy: new ServicePrincipal('apigateway.amazonaws.com'),
+        assumedBy: new ServicePrincipal("apigateway.amazonaws.com"),
     });
     // grants API Gateway the right to send SQS messages
-    apiGwRole.addToPolicy(new PolicyStatement({
-        resources: [
-            queue.queueArn,
-        ],
-        actions: [
-            'sqs:SendMessage',
-        ],
-    }));
+    apiGwRole.addToPolicy(
+        new PolicyStatement({
+            resources: [queue.queueArn],
+            actions: ["sqs:SendMessage"],
+        })
+    );
     // grants API Gateway the right write CloudWatch Logs
-    apiGwRole.addToPolicy(new PolicyStatement({
-        resources: [
-            '*',
-        ],
-        actions: [
-            'logs:CreateLogGroup',
-            'logs:CreateLogStream',
-            'logs:DescribeLogGroups',
-            'logs:DescribeLogStreams',
-            'logs:PutLogEvents',
-            'logs:GetLogEvents',
-            'logs:FilterLogEvents',
-        ],
-    }));
+    apiGwRole.addToPolicy(
+        new PolicyStatement({
+            resources: ["*"],
+            actions: [
+                "logs:CreateLogGroup",
+                "logs:CreateLogStream",
+                "logs:DescribeLogGroups",
+                "logs:DescribeLogStreams",
+                "logs:PutLogEvents",
+                "logs:GetLogEvents",
+                "logs:FilterLogEvents",
+            ],
+        })
+    );
     // create an integration between API Gateway and an SQS queue
-    const fifoMessageGroupId = queue.fifo ? '&MessageGroupId=AlwaysSameFifoGroup' : '';
+    const fifoMessageGroupId = queue.fifo
+        ? "&MessageGroupId=AlwaysSameFifoGroup"
+        : "";
     const sqsIntegration = new AwsIntegration({
-        service: 'sqs',
-        integrationHttpMethod: 'POST',
+        service: "sqs",
+        integrationHttpMethod: "POST",
         options: {
             passthroughBehavior: PassthroughBehavior.NEVER,
             credentialsRole: apiGwRole,
             requestParameters: {
                 // SQS requires the Content-Type of the HTTP request to be application/x-www-form-urlencoded
-                'integration.request.header.Content-Type': "'application/x-www-form-urlencoded'",
+                "integration.request.header.Content-Type":
+                    "'application/x-www-form-urlencoded'",
             },
             requestTemplates: {
                 // map the JSON request to a form parameter, FIFO needs also MessageGroupId
                 // https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_SendMessage.html
-                'application/json': `Action=SendMessage${fifoMessageGroupId}&MessageBody=$util.urlEncode($input.body)`,
+                "application/json": `Action=SendMessage${fifoMessageGroupId}&MessageBody=$util.urlEncode($input.body)`,
             },
             // these are required by SQS
             integrationResponses: [
                 {
-                    statusCode: '200',
+                    statusCode: "200",
                     responseTemplates: {
-                        'text/html': 'Success',
+                        "text/html": "Success",
                     },
                 },
                 {
-                    statusCode: '500',
+                    statusCode: "500",
                     responseTemplates: {
-                        'text/html': 'Error',
+                        "text/html": "Error",
                     },
-                    selectionPattern: '500',
+                    selectionPattern: "500",
                 },
-
             ],
-
         },
         path: `${Aws.ACCOUNT_ID}/${queue.queueName}`,
     });
-    resource.addMethod('POST', sqsIntegration, {
+    resource.addMethod("POST", sqsIntegration, {
         requestValidator,
         apiKeyRequired,
         requestModels: requestModels ?? {},
         methodResponses: [
             {
-                statusCode: '200',
+                statusCode: "200",
                 responseParameters: {
-                    'method.response.header.Content-Type': true,
+                    "method.response.header.Content-Type": true,
                 },
             },
             {
-                statusCode: '500',
+                statusCode: "500",
                 responseParameters: {
-                    'method.response.header.Content-Type': true,
+                    "method.response.header.Content-Type": true,
                 },
             },
         ],