@digitraffic/common 2024.1.24-3 → 2024.3.11-1

package/src/aws/infra/api/responses.mts

@@ -1,127 +0,0 @@
-import {
-    InternalServerErrorResponseTemplate,
-    XmlResponseTemplate,
-    NotFoundResponseTemplate,
-    BadRequestResponseTemplate,
-} from "./response.mjs";
-import {
-    LambdaIntegration,
-    MethodResponse,
-    IntegrationResponse,
-    PassthroughBehavior,
-  type IModel
-} from "aws-cdk-lib/aws-apigateway";
-import { Function as AWSFunction } from "aws-cdk-lib/aws-lambda";
-import {
-    BAD_REQUEST_MESSAGE,
-    ERROR_MESSAGE,
-    NOT_FOUND_MESSAGE,
-} from "../../types/errors.mjs";
-import { MediaType } from "../../types/mediatypes.mjs";
-
-/// @deprecated
-export const RESPONSE_200_OK: IntegrationResponse = {
-    statusCode: "200",
-};
-
-/// @deprecated
-export const RESPONSE_400_BAD_REQUEST: IntegrationResponse = {
-    statusCode: "400",
-    selectionPattern: BAD_REQUEST_MESSAGE,
-    responseTemplates: BadRequestResponseTemplate,
-};
-
-/// @deprecated
-export const RESPONSE_500_SERVER_ERROR: IntegrationResponse = {
-    statusCode: "500",
-    selectionPattern: ERROR_MESSAGE,
-    responseTemplates: InternalServerErrorResponseTemplate,
-};
-
-/// @deprecated
-const RESPONSE_XML = {
-    responseTemplates: XmlResponseTemplate,
-};
-
-/// @deprecated
-export const RESPONSE_CORS_INTEGRATION = {
-    responseParameters: {
-        "method.response.header.Access-Control-Allow-Origin": "'*'",
-    },
-};
-
-/// @deprecated
-export const RESPONSE_404_NOT_FOUND = {
-    statusCode: "404",
-    selectionPattern: NOT_FOUND_MESSAGE,
-    responseTemplates: NotFoundResponseTemplate,
-};
-
-/**
- * @deprecated Use DigitrafficMethodResponse
- */
-export function methodResponse(
-    status: string,
-    contentType: MediaType,
-    model: IModel,
-    parameters?: Record<string, boolean>
-): MethodResponse {
-    return {
-        statusCode: status,
-        responseModels: {
-            [contentType]: model,
-        },
-        responseParameters: parameters ?? {},
-    };
-}
-
-interface IntegrationOptions {
-    // eslint-disable-next-line @typescript-eslint/consistent-indexed-object-style
-    requestParameters?: { [dest: string]: string };
-    // eslint-disable-next-line @typescript-eslint/consistent-indexed-object-style
-    requestTemplates?: { [contentType: string]: string };
-    responses?: IntegrationResponse[];
-    disableCors?: boolean;
-    xml?: boolean;
-    passthroughBehavior?: PassthroughBehavior;
-}
-
-/**
- * Creates a default Lambda integration for a REST API resource _root_
- * @param lambdaFunction The Lambda function
- * @param options Options
- *
- * @deprecated Use DigitrafficIntegration
- */
-export function defaultIntegration(
-    lambdaFunction: AWSFunction,
-    options?: IntegrationOptions
-): LambdaIntegration {
-    return new LambdaIntegration(lambdaFunction, {
-        proxy: false,
-        integrationResponses: options?.responses ?? [
-            getResponse(RESPONSE_200_OK, options),
-            getResponse(RESPONSE_400_BAD_REQUEST, options),
-            getResponse(RESPONSE_404_NOT_FOUND, options),
-            getResponse(RESPONSE_500_SERVER_ERROR, options),
-        ],
-        requestParameters: options?.requestParameters ?? {},
-        requestTemplates: options?.requestTemplates ?? {},
-        passthroughBehavior:
-            options?.passthroughBehavior ?? PassthroughBehavior.WHEN_NO_MATCH,
-    });
-}
-
-export function getResponse(
-    response: IntegrationResponse,
-    options?: IntegrationOptions
-): IntegrationResponse {
-    if (options?.xml) {
-        response = { ...response, ...RESPONSE_XML };
-    }
-    if (!options?.disableCors) {
-        response = { ...response, ...RESPONSE_CORS_INTEGRATION };
-    }
-
-    return response;
-}

package/src/aws/infra/api/static-integration.mts

@@ -1,108 +0,0 @@
-import {
-    MethodResponse,
-    MockIntegration,
-    PassthroughBehavior,
-    Resource,
-} from "aws-cdk-lib/aws-apigateway";
-import { MediaType } from "../../types/mediatypes.mjs";
-import { RESPONSE_CORS_INTEGRATION } from "./responses.mjs";
-
-const INTEGRATION_RESPONSE_200 = `{
-    "statusCode": 200
-}`;
-
-const METHOD_RESPONSE_200 = {
-    statusCode: "200",
-};
-
-/**
- * Static integration, that returns the given response with given mediaType from given resource.
- *
- * @param resource
- * @param mediaType
- * @param response
- */
-export class DigitrafficStaticIntegration extends MockIntegration {
-    constructor(
-        resource: Resource,
-        mediaType: MediaType,
-        response: string,
-        enableCors = true,
-        apiKeyRequired = true
-    ) {
-        const integrationResponse =
-            DigitrafficStaticIntegration.createIntegrationResponse(
-                response,
-                mediaType,
-                enableCors
-            );
-
-        super({
-            passthroughBehavior: PassthroughBehavior.WHEN_NO_TEMPLATES,
-            requestTemplates: {
-                [mediaType]: INTEGRATION_RESPONSE_200,
-            },
-            integrationResponses: [integrationResponse],
-        });
-
-        ["GET", "HEAD"].forEach((httpMethod) => {
-            resource.addMethod(httpMethod, this, {
-                apiKeyRequired,
-                methodResponses: [
-                    DigitrafficStaticIntegration.createMethodResponse(
-                        enableCors
-                    ),
-                ],
-            });
-        });
-    }
-
-    static json<K>(
-        resource: Resource,
-        response: K,
-        enableCors = true,
-        apiKeyRequired = true
-    ) {
-        return new DigitrafficStaticIntegration(
-            resource,
-            MediaType.APPLICATION_JSON,
-            JSON.stringify(response),
-            enableCors,
-            apiKeyRequired
-        );
-    }
-
-    private static createIntegrationResponse(
-        response: string,
-        mediaType: MediaType,
-        enableCors: boolean
-    ) {
-        const integrationResponse = {
-            statusCode: "200",
-            responseTemplates: {
-                [mediaType]: response,
-            },
-        };
-
-        return enableCors
-            ? { ...integrationResponse, ...RESPONSE_CORS_INTEGRATION }
-            : integrationResponse;
-    }
-
-    private static createMethodResponse(enableCors: boolean) {
-        return enableCors
-            ? corsMethod(METHOD_RESPONSE_200)
-            : METHOD_RESPONSE_200;
-    }
-}
-
-function corsMethod(response: MethodResponse): MethodResponse {
-    return {
-        ...response,
-        ...{
-            responseParameters: {
-                "method.response.header.Access-Control-Allow-Origin": true,
-            },
-        },
-    };
-}

package/src/aws/infra/canaries/Synthetics.d.mts

@@ -1,21 +0,0 @@
-declare module 'Synthetics' {
-  import {type RequestOptions} from "http";
-
-  interface SyntheticsConfiguration {
-    withIncludeRequestBody: (value: boolean) => SyntheticsConfiguration;
-    withIncludeRequestHeaders: (value: boolean) => SyntheticsConfiguration;
-    withIncludeResponseBody: (value: boolean) => SyntheticsConfiguration;
-    withIncludeResponseHeaders: (value: boolean) => SyntheticsConfiguration;
-    withFailedCanaryMetric: (value: boolean) => SyntheticsConfiguration;
-    disableRequestMetrics: () => SyntheticsConfiguration;
-  }
-
-    export function executeHttpStep<T>(
-      name: string,
-      requestOptions: RequestOptions,
-      callback: JsonCheckerFunction<T>
-    ): Promise<void>;
-    export function getConfiguration(): SyntheticsConfiguration;
-
-    export function executeStep(s: string, f: ()=>void, c: Record<string, boolean>)
-};

package/src/aws/infra/canaries/canary-alarm.mts

@@ -1,33 +0,0 @@
-import { Construct } from "constructs";
-import { CanaryParameters } from "./canary-parameters.mjs";
-import { Alarm, ComparisonOperator } from "aws-cdk-lib/aws-cloudwatch";
-import { Canary } from "aws-cdk-lib/aws-synthetics";
-import { SnsAction } from "aws-cdk-lib/aws-cloudwatch-actions";
-import { Topic } from "aws-cdk-lib/aws-sns";
-
-export class CanaryAlarm {
-    constructor(stack: Construct, canary: Canary, params: CanaryParameters) {
-        const alarmName = params.alarm?.alarmName ?? `${params.name}-alarm`;
-
-        const alarm = new Alarm(stack, alarmName, {
-            alarmName,
-            alarmDescription: params.alarm?.description ?? "",
-            metric: canary.metricSuccessPercent(),
-            evaluationPeriods: params.alarm?.evalutionPeriods ?? 1,
-            threshold: params.alarm?.threshold ?? 100,
-            comparisonOperator: ComparisonOperator.LESS_THAN_THRESHOLD,
-        });
-
-        if (params.alarm?.topicArn) {
-            alarm.addAlarmAction(
-                new SnsAction(
-                    Topic.fromTopicArn(
-                        stack,
-                        `${alarmName}-action`,
-                        params.alarm.topicArn
-                    )
-                )
-            );
-        }
-    }
-}

package/src/aws/infra/canaries/canary-keys.mts

@@ -1,3 +0,0 @@
-export const ENV_API_KEY = "apiKeyId";
-export const ENV_HOSTNAME = "hostname";
-export const ENV_SECRET = "secret";

package/src/aws/infra/canaries/canary-parameters.mts

@@ -1,19 +0,0 @@
-import { Schedule } from "aws-cdk-lib/aws-synthetics";
-
-/** Optional env parameters for canary */
-type CanaryEnv = Record<string, string>;
-
-export interface CanaryParameters {
-    readonly name: string;
-    readonly schedule?: Schedule;
-    readonly secret?: string;
-    readonly handler: string;
-    readonly alarm?: {
-        readonly alarmName?: string;
-        readonly description?: string;
-        readonly evalutionPeriods?: number;
-        readonly threshold?: number;
-        readonly topicArn?: string;
-    };
-    readonly canaryEnv?: CanaryEnv;
-}

package/src/aws/infra/canaries/canary-role.mts

@@ -1,73 +0,0 @@
-import {
-    ManagedPolicy,
-    PolicyStatement,
-    PolicyStatementProps,
-    Role,
-    ServicePrincipal,
-} from "aws-cdk-lib/aws-iam";
-import { Construct } from "constructs";
-
-const BASE_POLICY_STATEMENT_PROPS: PolicyStatementProps = {
-    actions: [
-        "logs:CreateLogStream",
-        "logs:PutLogEvents",
-        "logs:CreateLogGroup",
-        "logs:DescribeLogGroups",
-        "logs:DescribeLogStreams",
-    ],
-    resources: ["*"],
-};
-
-const CLOUDWATCH_STATEMENT_PROPS: PolicyStatementProps = {
-    actions: ["cloudwatch:PutMetricData"],
-    resources: ["*"],
-    conditions: {
-        StringEquals: {
-            "cloudwatch:namespace": "CloudWatchSynthetics",
-        },
-    },
-};
-
-export class DigitrafficCanaryRole extends Role {
-    constructor(stack: Construct, canaryName: string) {
-        super(stack, "canary-role-" + canaryName, {
-            assumedBy: new ServicePrincipal("lambda.amazonaws.com"),
-            managedPolicies: [
-                ManagedPolicy.fromAwsManagedPolicyName(
-                    "CloudWatchSyntheticsFullAccess"
-                ),
-            ],
-        });
-
-        this.addToPolicy(new PolicyStatement(BASE_POLICY_STATEMENT_PROPS));
-        this.addToPolicy(new PolicyStatement(CLOUDWATCH_STATEMENT_PROPS));
-    }
-
-    /**
-     * Provides permissions to access resources within a VPC.
-     */
-    withDatabaseAccess(): this {
-        // Won't work :(
-        // this.addToPolicy(new PolicyStatement(DB_STATEMENT_PROPS));
-        // Works
-        this.addManagedPolicy(
-            ManagedPolicy.fromAwsManagedPolicyName(
-                "service-role/AWSLambdaVPCAccessExecutionRole"
-            )
-        );
-        return this;
-    }
-
-    /**
-     * Same as withDatabaseAccess() - renamed to avoid confusion if used with UrlCanary.
-     * A UrlCanary needs these permissions to e.g. access a private API Gateway endpoint in a VPC.
-     */
-    withVpcAccess(): this {
-        this.addManagedPolicy(
-            ManagedPolicy.fromAwsManagedPolicyName(
-                "service-role/AWSLambdaVPCAccessExecutionRole"
-            )
-        );
-        return this;
-    }
-}

package/src/aws/infra/canaries/canary.mts

@@ -1,44 +0,0 @@
-import { Duration } from "aws-cdk-lib";
-import {
-    AssetCode,
-    Canary,
-    Runtime,
-    Schedule,
-    Test,
-} from "aws-cdk-lib/aws-synthetics";
-import { Role } from "aws-cdk-lib/aws-iam";
-import { CanaryAlarm } from "./canary-alarm.mjs";
-import { CanaryParameters } from "./canary-parameters.mjs";
-import { Construct } from "constructs";
-import { LambdaEnvironment } from "../stack/lambda-configs.mjs";
-
-export class DigitrafficCanary extends Canary {
-    constructor(
-        scope: Construct,
-        canaryName: string,
-        role: Role,
-        params: CanaryParameters,
-        environmentVariables: LambdaEnvironment
-    ) {
-        super(scope, canaryName, {
-            runtime: Runtime.SYNTHETICS_NODEJS_PUPPETEER_4_0,
-            role,
-            test: Test.custom({
-                code: new AssetCode("dist", {
-                    exclude: ["lambda", "out", "canaries"],
-                }),
-                handler: params.handler,
-            }),
-            environmentVariables: {
-                ...environmentVariables,
-                ...params.canaryEnv,
-            },
-            canaryName,
-            schedule: params.schedule ?? Schedule.rate(Duration.minutes(15)),
-        });
-
-        this.artifactsBucket.grantWrite(role);
-
-        new CanaryAlarm(scope, this, params);
-    }
-}

package/src/aws/infra/canaries/database-canary.mts

@@ -1,98 +0,0 @@
-import { Role } from "aws-cdk-lib/aws-iam";
-import { ISecret } from "aws-cdk-lib/aws-secretsmanager";
-import { CfnCanary } from "aws-cdk-lib/aws-synthetics";
-import { Schedule } from "aws-cdk-lib/aws-events";
-import { Duration } from "aws-cdk-lib";
-
-import { CanaryParameters } from "./canary-parameters.mjs";
-import { DigitrafficCanary } from "./canary.mjs";
-import { DigitrafficStack } from "../stack/stack.mjs";
-
-export class DatabaseCanary extends DigitrafficCanary {
-    constructor(
-        stack: DigitrafficStack,
-        role: Role,
-        secret: ISecret,
-        params: CanaryParameters
-    ) {
-        const canaryName = `${params.name}-db`;
-        const environmentVariables = stack.createDefaultLambdaEnvironment(
-            `Synthetics-${canaryName}`
-        );
-
-        // the handler code is defined at the actual project using this
-        super(stack, canaryName, role, params, environmentVariables);
-
-        this.artifactsBucket.grantWrite(this.role);
-        secret.grantRead(this.role);
-
-        // need to override vpc and security group, can't do this with cdk
-        if (this.node.defaultChild instanceof CfnCanary) {
-            const subnetIds =
-                stack.vpc === undefined
-                    ? []
-                    : stack.vpc.privateSubnets.map((subnet) => subnet.subnetId);
-
-            const securityGroupIds =
-                stack.lambdaDbSg === undefined
-                    ? []
-                    : [stack.lambdaDbSg.securityGroupId];
-
-            this.node.defaultChild.vpcConfig = {
-                vpcId: stack.vpc?.vpcId,
-                securityGroupIds,
-                subnetIds,
-            };
-        }
-    }
-
-    static create(
-        stack: DigitrafficStack,
-        role: Role,
-        params: CanaryParameters
-    ): DatabaseCanary {
-        const secret = stack.getSecret();
-        return new DatabaseCanary(stack, role, secret, {
-            ...{
-                secret: stack.configuration.secretId,
-                schedule: Schedule.rate(Duration.hours(1)),
-                handler: `${params.name}.handler`,
-            },
-            ...params,
-        });
-    }
-
-    /**
-     *
-     * @param stack
-     * @param role
-     * @param name name of the typescipt file without -db -suffix. Max len is 10 char if @param canaryName is not given.
-     * @param params
-     * @param canaryName Optional name for canary if multiple canaries is made from same ${name}-db.ts canary file.
-     */
-    static createV2(
-        stack: DigitrafficStack,
-        role: Role,
-        name: string,
-        params: Partial<CanaryParameters> = {},
-        canaryName = name
-    ): DatabaseCanary {
-        const secret = stack.getSecret();
-        return new DatabaseCanary(stack, role, secret, {
-            ...{
-                secret: stack.configuration.secretId,
-                schedule: Schedule.rate(Duration.hours(1)),
-                handler: `${name}-db.handler`,
-                name: canaryName,
-                alarm: {
-                    alarmName:
-                        canaryName === name
-                            ? `${stack.configuration.shortName}-DB-Alarm`
-                            : `${canaryName}-DB-Alarm`,
-                    topicArn: stack.configuration.alarmTopicArn,
-                },
-            },
-            ...params,
-        });
-    }
-}

package/src/aws/infra/canaries/database-checker.mts

@@ -1,163 +0,0 @@
-import { DTDatabase, inDatabaseReadonly } from "../../../database/database.mjs";
-import { ProxyHolder } from "../../runtime/secrets/proxy-holder.mjs";
-import { RdsHolder } from "../../runtime/secrets/rds-holder.mjs";
-import { getEnvVariable } from "../../../utils/utils.mjs";
-import { Countable } from "../../../database/models.mjs";
-import { logger } from "../../runtime/dt-logger-default.mjs";
-
-import synthetics from "Synthetics";
-
-abstract class DatabaseCheck<T> {
-    readonly name: string;
-    readonly sql: string;
-    failed: boolean;
-
-    protected constructor(name: string, sql: string) {
-        this.name = name;
-        this.sql = sql;
-        this.failed = false;
-    }
-
-    abstract check(value: T): void;
-}
-
-class CountDatabaseCheck extends DatabaseCheck<Countable> {
-    readonly minCount: number | null;
-    readonly maxCount: number | null;
-
-    constructor(
-        name: string,
-        sql: string,
-        minCount: number | null,
-        maxCount: number | null
-    ) {
-        super(name, sql);
-
-        if (
-            !sql.toLowerCase().includes("select") ||
-            !sql.toLowerCase().includes("count")
-        ) {
-            throw new Error("sql must contain select count(*)");
-        }
-
-        if (minCount == null && maxCount == null) {
-            throw new Error("no max or min given");
-        }
-
-        this.minCount = minCount;
-        this.maxCount = maxCount;
-    }
-
-    check(value: Countable) {
-        if ("count" in value) {
-            if (this.minCount && value.count < this.minCount) {
-                this.failed = true;
-                throw new Error(
-                    `count was ${value.count}, minimum is ${this.minCount}`
-                );
-            }
-            if (this.maxCount && value.count > this.maxCount) {
-                this.failed = true;
-                throw new Error(
-                    `count was ${value.count}, max is ${this.maxCount}`
-                );
-            }
-        } else {
-            this.failed = true;
-
-            throw new Error("no count available");
-        }
-    }
-}
-
-const stepConfig = {
-    continueOnStepFailure: true,
-    screenshotOnStepStart: false,
-    screenshotOnStepSuccess: false,
-    screenshotOnStepFailure: false,
-};
-
-/**
- * Checker for sql that checks the count.  Meaning that the
- * sql must be structured as "select count(*) from <table> where <something>".
- */
-export class DatabaseCountChecker {
-    readonly credentialsFunction: () => Promise<void>;
-    readonly checks: DatabaseCheck<Countable>[] = [];
-
-    private constructor(credentialsFunction: () => Promise<void>) {
-        this.credentialsFunction = credentialsFunction;
-        // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-unsafe-call
-        synthetics.getConfiguration().disableRequestMetrics();
-        // eslint-disable-next-line @typescript-eslint/no-unsafe-member-access, @typescript-eslint/no-unsafe-call
-        synthetics.getConfiguration().withFailedCanaryMetric(true);
-    }
-
-    static createForProxy() {
-        return new DatabaseCountChecker(() =>
-            new ProxyHolder(getEnvVariable("SECRET_ID")).setCredentials()
-        );
-    }
-
-    static createForRds() {
-        return new DatabaseCountChecker(() =>
-            new RdsHolder(getEnvVariable("SECRET_ID")).setCredentials()
-        );
-    }
-
-    /**
-     * Expect that the count is 1
-     */
-    expectOne(name: string, sql: string) {
-        this.checks.push(new CountDatabaseCheck(name, sql, 1, 1));
-
-        return this;
-    }
-
-    /**
-     * Expect that the count is 0
-     */
-    expectZero(name: string, sql: string) {
-        this.checks.push(new CountDatabaseCheck(name, sql, null, 0));
-
-        return this;
-    }
-
-    /**
-     * Expect that the count is 1 or more
-     */
-    expectOneOrMore(name: string, sql: string) {
-        this.checks.push(new CountDatabaseCheck(name, sql, 1, null));
-
-        return this;
-    }
-
-    async expect() {
-        if (!this.checks.length) {
-            throw new Error("No checks");
-        }
-
-        await this.credentialsFunction();
-        await inDatabaseReadonly(async (db: DTDatabase) => {
-            for (const check of this.checks) {
-                logger.info({
-                    method: "DatabaseCountChecker.expect",
-                    message: "Running sql: " + check.sql,
-                });
-
-                const value = await db.one<Countable>(check.sql);
-                const checkFunction = () => {
-                    check.check(value);
-                };
-
-                synthetics.executeStep(check.name, checkFunction, stepConfig);
-            }
-        });
-
-        if (this.checks.some((check) => check.failed)) {
-            throw new Error("Failed");
-        }
-
-        return "OK";
-    }
-}