@friggframework/core 2.0.0--canary.424.a864ff6.0 → 2.0.0--canary.419.daed467.0

package/database/mongo.js

@@ -5,10 +5,29 @@
 const { Encrypt } = require('../encrypt');
 const { mongoose } = require('./mongoose');
 const { debug, flushDebugLog } = require('../logs');
+const { findNearestBackendPackageJson } = require('../utils');
+const path = require('path');
+const fs = require('fs');
 
 mongoose.plugin(Encrypt);
 mongoose.set('applyPluginsToDiscriminators', true); // Needed for LHEncrypt
 
+// Load app definition to check for DocumentDB configuration
+let appDefinition = {};
+try {
+    const backendPath = findNearestBackendPackageJson();
+    if (backendPath) {
+        const backendDir = path.dirname(backendPath);
+        const backendFilePath = path.join(backendDir, 'index.js');
+        if (fs.existsSync(backendFilePath)) {
+            const backendJsFile = require(backendFilePath);
+            appDefinition = backendJsFile.Definition || {};
+        }
+    }
+} catch (error) {
+    debug('Could not load app definition for DocumentDB configuration:', error.message);
+}
+
 // Buffering means mongoose will queue up operations if it gets
 // With serverless, better to fail fast if not connected.
 // disconnected from MongoDB and send them when it reconnects.
@@ -20,6 +39,65 @@ const mongoConfig = {
     serverSelectionTimeoutMS: 5000,
 };
 
+// Add DocumentDB TLS configuration if enabled
+if (appDefinition.database?.documentDB?.enable === true) {
+    console.log('📄 DocumentDB configuration detected, enabling TLS');
+    console.log('📁 Current working directory:', process.cwd());
+    console.log('📋 App definition database config:', JSON.stringify(appDefinition.database, null, 2));
+    
+    mongoConfig.tls = true;
+    
+    // Set TLS CA file path if specified
+    if (appDefinition.database.documentDB.tlsCAFile) {
+        const tlsCAFile = appDefinition.database.documentDB.tlsCAFile;
+        
+        // Basic safety: reject obviously dangerous paths
+        if (tlsCAFile.includes('..') || path.isAbsolute(tlsCAFile)) {
+            console.warn('⚠️  Rejecting potentially unsafe tlsCAFile path:', tlsCAFile);
+        } else {
+            const tlsCAFilePath = path.resolve(process.cwd(), tlsCAFile);
+            
+            console.log('📄 DocumentDB TLS CA file configured:');
+            console.log('   📎 Original path:', tlsCAFile);
+            console.log('   📎 Resolved path:', tlsCAFilePath);
+            console.log('   📄 File exists:', fs.existsSync(tlsCAFilePath));
+            
+            // Only set tlsCAFile if the file actually exists
+            if (fs.existsSync(tlsCAFilePath)) {
+                mongoConfig.tlsCAFile = tlsCAFilePath;
+                console.log('✅ TLS CA file configured successfully');
+            } else {
+                console.error('❌ TLS CA file not found, continuing without certificate');
+            }
+            
+            // Debug directory listing (only in development)
+            if (process.env.NODE_ENV !== 'production') {
+                try {
+                    console.log('📁 Current directory contents:');
+                    fs.readdirSync(process.cwd()).forEach(item => {
+                        const stats = fs.statSync(path.join(process.cwd(), item));
+                        console.log(`   ${stats.isDirectory() ? '📁' : '📄'} ${item}`);
+                    });
+                    
+                    const securityDir = path.join(process.cwd(), 'security');
+                    if (fs.existsSync(securityDir)) {
+                        console.log('📁 Security directory contents:');
+                        fs.readdirSync(securityDir).forEach(item => {
+                            console.log(`   📄 ${item}`);
+                        });
+                    } else {
+                        console.log('❌ Security directory does not exist at:', securityDir);
+                    }
+                } catch (error) {
+                    console.log('❌ Error listing directory contents:', error.message);
+                }
+            }
+        }
+    }
+} else {
+    console.log('📄 DocumentDB not enabled, using standard MongoDB configuration');
+}
+
 const checkIsConnected = () => mongoose.connection?.readyState > 0;
 
 const connectToDatabase = async () => {
@@ -28,6 +106,10 @@ const connectToDatabase = async () => {
         return;
     }
 
+    console.log('🔗 Connecting to database...');
+    console.log('🔗 MongoDB URI:', process.env.MONGO_URI ? 'SET' : 'NOT SET');
+    console.log('🔧 Final mongoConfig:', JSON.stringify(mongoConfig, null, 2));
+    
     debug('=> using new database connection');
     await mongoose.connect(process.env.MONGO_URI, mongoConfig);
     debug('Connection state:',  mongoose.STATES[mongoose.connection.readyState]);

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@friggframework/core",
   "prettier": "@friggframework/prettier-config",
-  "version": "2.0.0--canary.424.a864ff6.0",
+  "version": "2.0.0--canary.419.daed467.0",
   "dependencies": {
     "@hapi/boom": "^10.0.1",
     "aws-sdk": "^2.1200.0",
@@ -22,9 +22,9 @@
     "uuid": "^9.0.1"
   },
   "devDependencies": {
-    "@friggframework/eslint-config": "2.0.0--canary.424.a864ff6.0",
-    "@friggframework/prettier-config": "2.0.0--canary.424.a864ff6.0",
-    "@friggframework/test": "2.0.0--canary.424.a864ff6.0",
+    "@friggframework/eslint-config": "2.0.0--canary.419.daed467.0",
+    "@friggframework/prettier-config": "2.0.0--canary.419.daed467.0",
+    "@friggframework/test": "2.0.0--canary.419.daed467.0",
     "@types/lodash": "4.17.15",
     "@typescript-eslint/eslint-plugin": "^8.0.0",
     "chai": "^4.3.6",
@@ -56,5 +56,5 @@
   "publishConfig": {
     "access": "public"
   },
-  "gitHead": "a864ff67f2327f9b02568dffb499fcd51c567af5"
+  "gitHead": "daed467862dc5acc37b4dd9e48ea62444da598be"
 }