@digitraffic/common 2023.5.22-1 → 2023.5.31-1

package/dist/aws/infra/api/response.d.ts

@@ -12,7 +12,7 @@ import { IModel } from "aws-cdk-lib/aws-apigateway/lib/model";
  * If fileName is set, then Content-Disposition-header will be set to use it
  * If timestamp is set, then ETag & Last-Modified headers will be set
  */
-export declare const RESPONSE_DEFAULT_LAMBDA = "#set($inputRoot = $input.path('$'))\n#if ($inputRoot.status != 200)\n#set ($context.responseOverride.status = $inputRoot.status)\n#set ($context.responseOverride.header.Content-Type = 'text/plain')\n#end\n#set ($context.responseOverride.header.Access-Control-Allow-Origin = '*')\n#if (\"$!inputRoot.timestamp\" != \"\")\n#set ($context.responseOverride.header.ETag = $inputRoot.timestamp)\n#set ($context.responseOverride.header.Last-Modified = $inputRoot.timestamp)\n#end\n#if (\"$!inputRoot.fileName\" != \"\")\n#set ($disposition = 'attachment; filename=\"FN\"')\n#set ($context.responseOverride.header.Content-Disposition = $disposition.replaceAll('FN', $inputRoot.fileName))\n#end\n$util.base64Decode($inputRoot.body)";
+export declare const RESPONSE_DEFAULT_LAMBDA = "#set($inputRoot = $input.path('$'))\n#if ($inputRoot.status != 200)\n#set ($context.responseOverride.status = $inputRoot.status)\n#set ($context.responseOverride.header.Content-Type = 'text/plain')\n#end\n#set ($context.responseOverride.header.Access-Control-Allow-Origin = '*')\n#if (\"$!inputRoot.timestamp\" != \"\")\n#set ($context.responseOverride.header.Last-Modified = $inputRoot.timestamp)\n#end\n#if (\"$!inputRoot.etag\" != \"\")\n#set ($context.responseOverride.header.ETag = $inputRoot.etag)\n#end\n#if (\"$!inputRoot.fileName\" != \"\")\n#set ($disposition = 'attachment; filename=\"FN\"')\n#set ($context.responseOverride.header.Content-Disposition = $disposition.replaceAll('FN', $inputRoot.fileName))\n#end\n$util.base64Decode($inputRoot.body)";
 /**
  * Use this for deprecated integrations.
  * Will add HTTP headers Deprecation and Sunset to response.

package/dist/aws/infra/api/response.js

@@ -22,9 +22,11 @@ exports.RESPONSE_DEFAULT_LAMBDA = `#set($inputRoot = $input.path('$'))
 #end
 #set ($context.responseOverride.header.Access-Control-Allow-Origin = '*')
 #if ("$!inputRoot.timestamp" != "")
-#set ($context.responseOverride.header.ETag = $inputRoot.timestamp)
 #set ($context.responseOverride.header.Last-Modified = $inputRoot.timestamp)
 #end
+#if ("$!inputRoot.etag" != "")
+#set ($context.responseOverride.header.ETag = $inputRoot.etag)
+#end
 #if ("$!inputRoot.fileName" != "")
 #set ($disposition = 'attachment; filename="FN"')
 #set ($context.responseOverride.header.Content-Disposition = $disposition.replaceAll('FN', $inputRoot.fileName))

package/dist/aws/infra/stacks/db-stack.d.ts

@@ -5,6 +5,9 @@ import { AuroraPostgresEngineVersion, DatabaseCluster, DatabaseClusterProps, IPa
 import { Construct } from "constructs";
 import { InfraStackConfiguration } from "./intra-stack-configuration";
 export interface DbConfiguration {
+    /** superuser username and password are fetched from this secret, using keys
+     * db.superuser and db.superuser.password
+     */
     readonly secretArn: string;
     readonly dbVersion: AuroraPostgresEngineVersion;
     readonly dbInstanceType: InstanceType;
@@ -12,6 +15,8 @@ export interface DbConfiguration {
     readonly instances: number;
     readonly customParameterGroup: boolean;
     readonly securityGroupId: string;
+    /** If this is not specified, import default vpc */
+    readonly vpcId?: string;
     readonly proxy: {
         readonly name?: string;
         readonly securityGroupId: string;

package/dist/aws/infra/stacks/db-stack.js

@@ -75,13 +75,20 @@ class DbStack extends aws_cdk_lib_1.Stack {
             },
             credentials: aws_rds_1.Credentials.fromPassword(secret.secretValueFromJson("db.superuser").unsafeUnwrap(), secret.secretValueFromJson("db.superuser.password")),
             parameterGroup,
+            storageEncrypted: true,
+            monitoringInterval: aws_cdk_lib_1.Duration.seconds(30),
         };
     }
     createAuroraCluster(isc, configuration) {
         const instanceName = isc.environmentName + "-db";
         const securityGroup = aws_ec2_1.SecurityGroup.fromSecurityGroupId(this, "securitygroup", configuration.securityGroupId);
         const parameterGroup = this.createParamaterGroup(configuration);
-        const parameters = this.createClusterParameters(configuration, instanceName, (0, import_util_1.importVpc)(this, isc.environmentName), securityGroup, parameterGroup);
+        const vpc = configuration.vpcId
+            ? aws_ec2_1.Vpc.fromLookup(this, "vpc", {
+                vpcId: configuration.vpcId,
+            })
+            : (0, import_util_1.importVpc)(this, isc.environmentName);
+        const parameters = this.createClusterParameters(configuration, instanceName, vpc, securityGroup, parameterGroup);
         // create cluster from the snapshot or from the scratch
         const cluster = configuration.snapshotIdentifier
             ? new aws_rds_1.DatabaseClusterFromSnapshot(this, instanceName, {

package/dist/aws/types/lambda-response.d.ts

@@ -3,6 +3,7 @@ export declare class LambdaResponse {
     readonly body: string;
     readonly fileName?: string;
     readonly timestamp?: string;
+    readonly etag: string;
     constructor(status: number, body: string, fileName?: string, timestamp?: Date);
     withTimestamp(timestamp: Date): LambdaResponse;
     /**

package/dist/aws/types/lambda-response.js

@@ -1,12 +1,17 @@
 "use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.LambdaResponse = void 0;
+const etag_1 = __importDefault(require("etag"));
 class LambdaResponse {
     constructor(status, body, fileName, timestamp) {
         this.status = status;
         this.body = body;
         this.fileName = fileName;
         this.timestamp = timestamp?.toUTCString();
+        this.etag = (0, etag_1.default)(body); // create strong etag by default
     }
     withTimestamp(timestamp) {
         return new LambdaResponse(this.status, this.body, this.fileName, timestamp);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@digitraffic/common",
-  "version": "2023.5.22-1",
+  "version": "2023.5.31-1",
   "description": "",
   "repository": {
     "type": "git",
@@ -24,6 +24,7 @@
     "axios": "^1.2.6",
     "change-case": "^4.1.2",
     "constructs": "^10.2.17",
+    "etag": "^1.8.1",
     "geojson-validation": "^1.0.2",
     "moment": "^2.29.4",
     "node-ttl": "^0.2.0",
@@ -34,11 +35,12 @@
     "@aws-cdk/aws-synthetics-alpha": "2.78.0-alpha.0",
     "@types/aws-lambda": "~8.10.115",
     "@types/geojson": "^7946.0.10",
+    "@types/etag": "^1.8.1",
     "@types/jest": "^29.5.1",
-    "@types/lodash": "^4.14.194",
+    "@types/lodash": "^4.14.195",
     "@types/node": "18.15.13",
     "@types/ramda": "~0.29.1",
-    "@types/sinon": "10.0.14",
+    "@types/sinon": "10.0.15",
     "@typescript-eslint/eslint-plugin": "~5.59.5",
     "@typescript-eslint/parser": "^5.59.5",
     "aws-cdk-lib": "~2.78.0",
@@ -49,19 +51,21 @@
     "eslint": "~8.40.0",
     "eslint-config-prettier": "^8.8.0",
     "eslint-plugin-deprecation": "~1.4.1",
+    "etag": "^1.8.1",
     "geojson-validation": "^1.0.2",
     "husky": "^8.0.3",
     "jest": "^29.5.0",
     "jest-junit": "^16.0.0",
     "lint-staged": "^13.2.2",
+    "lodash": "^4.17.21",
     "moment": "^2.29.4",
     "node-ttl": "^0.2.0",
     "pg-native": "^3.0.1",
     "pg-promise": "^11.4.3",
     "prettier": "^2.8.8",
     "ramda": "~0.29.0",
-    "rimraf": "^5.0.0",
-    "sinon": "15.0.4",
+    "rimraf": "^5.0.1",
+    "sinon": "15.1.0",
     "ts-jest": "^29.1.0",
     "typescript": "~4.9.5",
     "velocityjs": "2.0.6"
@@ -73,9 +77,6 @@
   "lint-staged": {
     "*.{js,ts,css,md,yml,yaml,json}": "prettier --write"
   },
-  "dependencies": {
-    "lodash": "^4.17.21"
-  },
   "scripts": {
     "build": "tsc",
     "lint": "eslint --cache .",

package/src/aws/infra/api/response.ts

@@ -27,9 +27,11 @@ export const RESPONSE_DEFAULT_LAMBDA = `#set($inputRoot = $input.path('$'))
 #end
 #set ($context.responseOverride.header.Access-Control-Allow-Origin = '*')
 #if ("$!inputRoot.timestamp" != "")
-#set ($context.responseOverride.header.ETag = $inputRoot.timestamp)
 #set ($context.responseOverride.header.Last-Modified = $inputRoot.timestamp)
 #end
+#if ("$!inputRoot.etag" != "")
+#set ($context.responseOverride.header.ETag = $inputRoot.etag)
+#end
 #if ("$!inputRoot.fileName" != "")
 #set ($disposition = 'attachment; filename="FN"')
 #set ($context.responseOverride.header.Content-Disposition = $disposition.replaceAll('FN', $inputRoot.fileName))

package/src/aws/infra/stacks/db-stack.ts

@@ -4,6 +4,7 @@ import {
     IVpc,
     SecurityGroup,
     SubnetType,
+    Vpc,
 } from "aws-cdk-lib/aws-ec2";
 import { ISecurityGroup } from "aws-cdk-lib/aws-ec2/lib/security-group";
 import {
@@ -24,6 +25,9 @@ import { InfraStackConfiguration } from "./intra-stack-configuration";
 import { exportValue, importVpc } from "../import-util";
 
 export interface DbConfiguration {
+    /** superuser username and password are fetched from this secret, using keys
+     * db.superuser and db.superuser.password
+     */
     readonly secretArn: string;
 
     readonly dbVersion: AuroraPostgresEngineVersion;
@@ -32,6 +36,8 @@ export interface DbConfiguration {
     readonly instances: number;
     readonly customParameterGroup: boolean;
     readonly securityGroupId: string;
+    /** If this is not specified, import default vpc */
+    readonly vpcId?: string;
 
     readonly proxy: {
         readonly name?: string;
@@ -163,6 +169,8 @@ export class DbStack extends Stack {
                 secret.secretValueFromJson("db.superuser.password")
             ),
             parameterGroup,
+            storageEncrypted: true,
+            monitoringInterval: Duration.seconds(30),
         };
     }
 
@@ -177,10 +185,16 @@ export class DbStack extends Stack {
             configuration.securityGroupId
         );
         const parameterGroup = this.createParamaterGroup(configuration);
+        const vpc = configuration.vpcId
+            ? Vpc.fromLookup(this, "vpc", {
+                  vpcId: configuration.vpcId,
+              })
+            : importVpc(this, isc.environmentName);
+
         const parameters = this.createClusterParameters(
             configuration,
             instanceName,
-            importVpc(this, isc.environmentName),
+            vpc,
             securityGroup,
             parameterGroup
         );

package/src/aws/types/lambda-response.ts

@@ -1,8 +1,11 @@
+import etag from "etag";
+
 export class LambdaResponse {
     readonly status: number;
     readonly body: string;
     readonly fileName?: string;
     readonly timestamp?: string;
+    readonly etag: string;
 
     constructor(
         status: number,
@@ -14,6 +17,7 @@ export class LambdaResponse {
         this.body = body;
         this.fileName = fileName;
         this.timestamp = timestamp?.toUTCString();
+        this.etag = etag(body); // create strong etag by default
     }
 
     withTimestamp(timestamp: Date) {

package/src/utils/date-utils.ts

@@ -35,6 +35,6 @@ export function dateFromIsoString(isoString: string): Date {
     return parsed;
 }
 
-function isValidDate(d: any) {
+function isValidDate(d: unknown) {
     return d instanceof Date && !isNaN(d.getTime());
 }