@friggframework/devtools 2.0.0--canary.454.e2a280d.0 → 2.0.0--canary.459.51231dd.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (15) hide show
  1. package/frigg-cli/__tests__/unit/commands/db-setup.test.js +1 -1
  2. package/frigg-cli/__tests__/unit/utils/prisma-runner.test.js +486 -0
  3. package/frigg-cli/db-setup-command/index.js +1 -1
  4. package/frigg-cli/utils/prisma-runner.js +280 -0
  5. package/infrastructure/README.md +0 -51
  6. package/infrastructure/aws-discovery.js +2 -504
  7. package/infrastructure/aws-discovery.test.js +1 -447
  8. package/infrastructure/serverless-template.js +636 -646
  9. package/infrastructure/serverless-template.test.js +0 -91
  10. package/management-ui/src/App.jsx +1 -85
  11. package/management-ui/src/hooks/useFrigg.jsx +1 -215
  12. package/package.json +6 -8
  13. package/infrastructure/POSTGRES-CONFIGURATION.md +0 -645
  14. package/infrastructure/__tests__/postgres-config.test.js +0 -914
  15. package/infrastructure/scripts/build-prisma-layer.js +0 -394
package/infrastructure/aws-discovery.js CHANGED
@@ -8,8 +8,6 @@ let EC2Client,
8
8
  DescribeInternetGatewaysCommand;
9
9
  let KMSClient, ListKeysCommand, DescribeKeyCommand;
10
10
  let STSClient, GetCallerIdentityCommand;
11
- let RDSClient, DescribeDBClustersCommand, DescribeDBSubnetGroupsCommand;
12
- let SecretsManagerClient, ListSecretsCommand, DescribeSecretCommand;
13
11
 
14
12
  function loadEC2() {
15
13
  if (!EC2Client) {
@@ -32,7 +30,6 @@ function loadKMS() {
32
30
  KMSClient,
33
31
  ListKeysCommand,
34
32
  DescribeKeyCommand,
35
- ListAliasesCommand,
36
33
  } = require('@aws-sdk/client-kms'));
37
34
  }
38
35
  }
@@ -46,121 +43,15 @@ function loadSTS() {
46
43
  }
47
44
  }
48
45
 
49
- function loadRDS() {
50
- if (!RDSClient) {
51
- ({
52
- RDSClient,
53
- DescribeDBClustersCommand,
54
- DescribeDBSubnetGroupsCommand,
55
- } = require('@aws-sdk/client-rds'));
56
- }
57
- }
58
-
59
- function loadSecretsManager() {
60
- if (!SecretsManagerClient) {
61
- ({
62
- SecretsManagerClient,
63
- ListSecretsCommand,
64
- DescribeSecretCommand,
65
- } = require('@aws-sdk/client-secrets-manager'));
66
- }
67
- }
68
-
69
46
  class AWSDiscovery {
70
47
  constructor(region = 'us-east-1') {
71
- console.log('[AWSDiscovery] Initializing AWSDiscovery...');
72
- console.log('[AWSDiscovery] Region:', region);
73
- console.log('[AWSDiscovery] System time:', new Date().toISOString());
74
- console.log('[AWSDiscovery] AWS_PROFILE:', process.env.AWS_PROFILE);
75
- console.log('[AWSDiscovery] AWS_ACCESS_KEY_ID:', process.env.AWS_ACCESS_KEY_ID ? 'SET (hidden)' : 'NOT SET');
76
- console.log('[AWSDiscovery] AWS_SECRET_ACCESS_KEY:', process.env.AWS_SECRET_ACCESS_KEY ? 'SET (hidden)' : 'NOT SET');
77
- console.log('[AWSDiscovery] NODE_TLS_REJECT_UNAUTHORIZED:', process.env.NODE_TLS_REJECT_UNAUTHORIZED);
78
-
79
48
  this.region = region;
80
49
  loadEC2();
81
50
  loadKMS();
82
51
  loadSTS();
83
- loadRDS();
84
- loadSecretsManager();
85
52
  this.ec2Client = new EC2Client({ region });
86
53
  this.kmsClient = new KMSClient({ region });
87
54
  this.stsClient = new STSClient({ region });
88
- this.rdsClient = new RDSClient({ region });
89
- this.secretsManagerClient = new SecretsManagerClient({ region });
90
-
91
- console.log('[AWSDiscovery] AWS clients initialized successfully');
92
- }
93
-
94
- async validateCredentials() {
95
- console.log('[AWSDiscovery] Validating AWS credentials...');
96
-
97
- try {
98
- const command = new GetCallerIdentityCommand({});
99
- const startTime = Date.now();
100
- const response = await this.stsClient.send(command);
101
- const duration = Date.now() - startTime;
102
-
103
- console.log('[AWSDiscovery] ✅ Credentials are VALID');
104
- console.log('[AWSDiscovery] Account ID:', response.Account);
105
- console.log('[AWSDiscovery] User ARN:', response.Arn);
106
- console.log('[AWSDiscovery] User ID:', response.UserId);
107
- console.log('[AWSDiscovery] Validation took', duration, 'ms');
108
-
109
- return {
110
- valid: true,
111
- accountId: response.Account,
112
- arn: response.Arn,
113
- userId: response.UserId
114
- };
115
- } catch (error) {
116
- console.error('[AWSDiscovery] ❌ CREDENTIAL VALIDATION FAILED');
117
- console.error('[AWSDiscovery] Error:', error.message);
118
- console.error('[AWSDiscovery] Error Code:', error.Code || error.code);
119
-
120
- // Provide specific guidance based on error type
121
- if (error.Code === 'RequestExpired' || error.message.includes('expired')) {
122
- console.error('\n[AWSDiscovery] 🔍 DIAGNOSIS: Expired Credentials');
123
- console.error('[AWSDiscovery] Your AWS credentials have expired.');
124
- console.error('[AWSDiscovery] This commonly happens with:');
125
- console.error('[AWSDiscovery] - Temporary STS credentials (AWS_ACCESS_KEY_ID starting with "ASIA")');
126
- console.error('[AWSDiscovery] - AWS SSO sessions that have timed out');
127
- console.error('[AWSDiscovery] - Hardcoded credentials in .env files');
128
- console.error('\n[AWSDiscovery] 💡 SOLUTIONS:');
129
- if (process.env.AWS_ACCESS_KEY_ID?.startsWith('ASIA')) {
130
- console.error('[AWSDiscovery] 1. Comment out AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY in your .env file');
131
- console.error('[AWSDiscovery] 2. Use AWS_PROFILE instead: AWS_PROFILE=your-profile npm run deploy');
132
- } else if (process.env.AWS_PROFILE) {
133
- console.error('[AWSDiscovery] 1. Refresh your AWS SSO login: aws sso login --profile', process.env.AWS_PROFILE);
134
- console.error('[AWSDiscovery] 2. Or regenerate credentials if using IAM user');
135
- } else {
136
- console.error('[AWSDiscovery] 1. Set up AWS profile: aws configure --profile your-profile');
137
- console.error('[AWSDiscovery] 2. Or use AWS SSO: aws sso login');
138
- }
139
- } else if (error.Code === 'InvalidClientTokenId' || error.Code === 'SignatureDoesNotMatch') {
140
- console.error('\n[AWSDiscovery] 🔍 DIAGNOSIS: Invalid Credentials');
141
- console.error('[AWSDiscovery] Your AWS credentials are not recognized or incorrect.');
142
- console.error('\n[AWSDiscovery] 💡 SOLUTIONS:');
143
- console.error('[AWSDiscovery] 1. Check AWS credentials file: cat ~/.aws/credentials');
144
- console.error('[AWSDiscovery] 2. Verify profile exists: aws configure list-profiles');
145
- console.error('[AWSDiscovery] 3. Test credentials: aws sts get-caller-identity --profile', process.env.AWS_PROFILE || 'default');
146
- } else if (error.message.includes('Could not load credentials')) {
147
- console.error('\n[AWSDiscovery] 🔍 DIAGNOSIS: No Credentials Found');
148
- console.error('[AWSDiscovery] AWS SDK cannot find any credentials.');
149
- console.error('\n[AWSDiscovery] 💡 SOLUTIONS:');
150
- console.error('[AWSDiscovery] 1. Set AWS_PROFILE: export AWS_PROFILE=your-profile');
151
- console.error('[AWSDiscovery] 2. Or configure default profile: aws configure');
152
- console.error('[AWSDiscovery] 3. Or use AWS SSO: aws sso login');
153
- } else {
154
- console.error('\n[AWSDiscovery] 💡 GENERAL TROUBLESHOOTING:');
155
- console.error('[AWSDiscovery] 1. Test credentials manually: aws sts get-caller-identity');
156
- console.error('[AWSDiscovery] 2. Check ~/.aws/credentials file exists');
157
- console.error('[AWSDiscovery] 3. Verify network connectivity to AWS');
158
- }
159
-
160
- console.error('\n[AWSDiscovery] ⛔ Cannot proceed with AWS discovery until credentials are valid.\n');
161
-
162
- throw new Error(`AWS credential validation failed: ${error.message}. See detailed guidance above.`);
163
- }
164
55
  }
165
56
 
166
57
  async getAccountId() {
@@ -176,10 +67,6 @@ class AWSDiscovery {
176
67
 
177
68
  async findDefaultVpc() {
178
69
  try {
179
- console.log('[AWSDiscovery.findDefaultVpc] Starting VPC discovery...');
180
- console.log('[AWSDiscovery.findDefaultVpc] Request timestamp:', new Date().toISOString());
181
- console.log('[AWSDiscovery.findDefaultVpc] Region:', this.region);
182
-
183
70
  const command = new DescribeVpcsCommand({
184
71
  Filters: [
185
72
  {
@@ -189,54 +76,23 @@ class AWSDiscovery {
189
76
  ],
190
77
  });
191
78
 
192
- console.log('[AWSDiscovery.findDefaultVpc] Sending DescribeVpcsCommand (default VPC)...');
193
- console.log('[AWSDiscovery.findDefaultVpc] Request time before send:', new Date().toISOString());
194
-
195
- const requestStart = Date.now();
196
79
  const response = await this.ec2Client.send(command);
197
- const requestDuration = Date.now() - requestStart;
198
-
199
- console.log('[AWSDiscovery.findDefaultVpc] Request completed in', requestDuration, 'ms');
200
- console.log('[AWSDiscovery.findDefaultVpc] Response time:', new Date().toISOString());
201
- console.log('[AWSDiscovery.findDefaultVpc] Found', response.Vpcs?.length || 0, 'default VPC(s)');
202
80
 
203
81
  if (response.Vpcs && response.Vpcs.length > 0) {
204
- console.log('[AWSDiscovery.findDefaultVpc] Using default VPC:', response.Vpcs[0].VpcId);
205
82
  return response.Vpcs[0];
206
83
  }
207
84
 
208
- console.log('[AWSDiscovery.findDefaultVpc] No default VPC found, fetching all VPCs...');
209
85
  const allVpcsCommand = new DescribeVpcsCommand({});
210
-
211
- console.log('[AWSDiscovery.findDefaultVpc] Sending DescribeVpcsCommand (all VPCs)...');
212
- const allVpcsRequestStart = Date.now();
213
86
  const allVpcsResponse = await this.ec2Client.send(allVpcsCommand);
214
- const allVpcsRequestDuration = Date.now() - allVpcsRequestStart;
215
-
216
- console.log('[AWSDiscovery.findDefaultVpc] All VPCs request completed in', allVpcsRequestDuration, 'ms');
217
- console.log('[AWSDiscovery.findDefaultVpc] Found', allVpcsResponse.Vpcs?.length || 0, 'VPC(s)');
218
87
 
219
88
  if (allVpcsResponse.Vpcs && allVpcsResponse.Vpcs.length > 0) {
220
89
  console.log('No default VPC found, using first available VPC');
221
- console.log('[AWSDiscovery.findDefaultVpc] Using VPC:', allVpcsResponse.Vpcs[0].VpcId);
222
90
  return allVpcsResponse.Vpcs[0];
223
91
  }
224
92
 
225
93
  throw new Error('No VPC found in the account');
226
94
  } catch (error) {
227
- console.error('[AWSDiscovery.findDefaultVpc] ERROR occurred at:', new Date().toISOString());
228
- console.error('[AWSDiscovery.findDefaultVpc] Error type:', error.constructor.name);
229
- console.error('[AWSDiscovery.findDefaultVpc] Error code:', error.Code || error.code);
230
- console.error('[AWSDiscovery.findDefaultVpc] Error message:', error.message);
231
- console.error('[AWSDiscovery.findDefaultVpc] Error $fault:', error.$fault);
232
- console.error('[AWSDiscovery.findDefaultVpc] Error $metadata:', JSON.stringify(error.$metadata, null, 2));
233
-
234
- if (error.$response) {
235
- console.error('[AWSDiscovery.findDefaultVpc] Response status:', error.$response.statusCode);
236
- console.error('[AWSDiscovery.findDefaultVpc] Response headers:', JSON.stringify(error.$response.headers, null, 2));
237
- }
238
-
239
- console.error('[AWSDiscovery.findDefaultVpc] Full error object:', JSON.stringify(error, Object.getOwnPropertyNames(error), 2));
95
+ console.error('Error finding default VPC:', error.message);
240
96
  throw error;
241
97
  }
242
98
  }
@@ -654,338 +510,6 @@ class AWSDiscovery {
654
510
  }
655
511
  }
656
512
 
657
- async findKmsAlias(aliasName) {
658
- try {
659
- console.log(`[KMS Alias Discovery] Checking for alias: ${aliasName}`);
660
- const command = new ListAliasesCommand({});
661
- const response = await this.kmsClient.send(command);
662
-
663
- if (!response.Aliases || response.Aliases.length === 0) {
664
- console.log('[KMS Alias Discovery] No aliases found in account');
665
- return null;
666
- }
667
-
668
- const targetAlias = response.Aliases.find(
669
- alias => alias.AliasName === aliasName
670
- );
671
-
672
- if (targetAlias) {
673
- console.log(`[KMS Alias Discovery] ✅ Found existing alias: ${aliasName}`);
674
- console.log(`[KMS Alias Discovery] Target Key: ${targetAlias.TargetKeyId}`);
675
- return targetAlias;
676
- }
677
-
678
- console.log(`[KMS Alias Discovery] Alias ${aliasName} does not exist`);
679
- return null;
680
- } catch (error) {
681
- console.warn(
682
- `[KMS Alias Discovery] Error checking for alias ${aliasName}:`,
683
- error.message
684
- );
685
- return null;
686
- }
687
- }
688
-
689
- async findAuroraCluster(clusterIdentifier = null, serviceName = null, stage = null) {
690
- try {
691
- console.log('[AWSDiscovery.findAuroraCluster] Starting Aurora cluster discovery...');
692
-
693
- const command = new DescribeDBClustersCommand({});
694
- const response = await this.rdsClient.send(command);
695
-
696
- if (!response.DBClusters || response.DBClusters.length === 0) {
697
- console.log('[AWSDiscovery.findAuroraCluster] No Aurora clusters found');
698
- return null;
699
- }
700
-
701
- console.log(`[AWSDiscovery.findAuroraCluster] Found ${response.DBClusters.length} Aurora cluster(s)`);
702
-
703
- // Filter for Aurora PostgreSQL clusters
704
- const postgresClusters = response.DBClusters.filter(
705
- cluster => cluster.Engine === 'aurora-postgresql' && cluster.Status === 'available'
706
- );
707
-
708
- if (postgresClusters.length === 0) {
709
- console.log('[AWSDiscovery.findAuroraCluster] No available Aurora PostgreSQL clusters found');
710
- return null;
711
- }
712
-
713
- // Priority 1: User-specified cluster identifier
714
- if (clusterIdentifier) {
715
- const targetCluster = postgresClusters.find(
716
- cluster => cluster.DBClusterIdentifier === clusterIdentifier
717
- );
718
- if (targetCluster) {
719
- console.log(`[AWSDiscovery.findAuroraCluster] Found specified cluster: ${clusterIdentifier}`);
720
- return this._formatAuroraCluster(targetCluster);
721
- }
722
- console.warn(`[AWSDiscovery.findAuroraCluster] Specified cluster ${clusterIdentifier} not found`);
723
- return null;
724
- }
725
-
726
- // Priority 2: Frigg-managed cluster with matching service and stage tags
727
- if (serviceName && stage) {
728
- const friggCluster = postgresClusters.find(cluster => {
729
- const tags = cluster.TagList || [];
730
- const isFrigg = this._isFriggManaged(tags);
731
- const matchesService = tags.some(tag => tag.Key === 'Service' && tag.Value === serviceName);
732
- const matchesStage = tags.some(tag => tag.Key === 'Stage' && tag.Value === stage);
733
- return isFrigg && matchesService && matchesStage;
734
- });
735
-
736
- if (friggCluster) {
737
- console.log(`[AWSDiscovery.findAuroraCluster] Found Frigg-managed cluster: ${friggCluster.DBClusterIdentifier}`);
738
- return this._formatAuroraCluster(friggCluster);
739
- }
740
- }
741
-
742
- // Priority 3: Any Frigg-managed cluster
743
- const anyFriggCluster = postgresClusters.find(cluster =>
744
- this._isFriggManaged(cluster.TagList || [])
745
- );
746
-
747
- if (anyFriggCluster) {
748
- console.log(`[AWSDiscovery.findAuroraCluster] Found Frigg-managed cluster: ${anyFriggCluster.DBClusterIdentifier}`);
749
- return this._formatAuroraCluster(anyFriggCluster);
750
- }
751
-
752
- // Priority 4: First available cluster
753
- console.log(`[AWSDiscovery.findAuroraCluster] Using first available cluster: ${postgresClusters[0].DBClusterIdentifier}`);
754
- return this._formatAuroraCluster(postgresClusters[0]);
755
-
756
- } catch (error) {
757
- console.error('[AWSDiscovery.findAuroraCluster] Error finding Aurora cluster:', error.message);
758
- return null;
759
- }
760
- }
761
-
762
- async findDBSubnetGroup(vpcId) {
763
- try {
764
- console.log(`[AWSDiscovery.findDBSubnetGroup] Looking for DB subnet groups in VPC ${vpcId}...`);
765
-
766
- const command = new DescribeDBSubnetGroupsCommand({});
767
- const response = await this.rdsClient.send(command);
768
-
769
- if (!response.DBSubnetGroups || response.DBSubnetGroups.length === 0) {
770
- console.log('[AWSDiscovery.findDBSubnetGroup] No DB subnet groups found');
771
- return null;
772
- }
773
-
774
- // Filter by VPC ID
775
- const vpcSubnetGroups = response.DBSubnetGroups.filter(
776
- group => group.VpcId === vpcId
777
- );
778
-
779
- if (vpcSubnetGroups.length === 0) {
780
- console.log(`[AWSDiscovery.findDBSubnetGroup] No DB subnet groups found in VPC ${vpcId}`);
781
- return null;
782
- }
783
-
784
- // Priority 1: Frigg-managed subnet group
785
- const friggSubnetGroup = vpcSubnetGroups.find(group =>
786
- this._isFriggManaged(group.Tags || [])
787
- );
788
-
789
- if (friggSubnetGroup) {
790
- console.log(`[AWSDiscovery.findDBSubnetGroup] Found Frigg-managed subnet group: ${friggSubnetGroup.DBSubnetGroupName}`);
791
- return {
792
- name: friggSubnetGroup.DBSubnetGroupName,
793
- vpcId: friggSubnetGroup.VpcId,
794
- subnets: friggSubnetGroup.Subnets.map(s => s.SubnetIdentifier),
795
- description: friggSubnetGroup.DBSubnetGroupDescription
796
- };
797
- }
798
-
799
- // Priority 2: First available subnet group
800
- const subnetGroup = vpcSubnetGroups[0];
801
- console.log(`[AWSDiscovery.findDBSubnetGroup] Found subnet group: ${subnetGroup.DBSubnetGroupName}`);
802
- return {
803
- name: subnetGroup.DBSubnetGroupName,
804
- vpcId: subnetGroup.VpcId,
805
- subnets: subnetGroup.Subnets.map(s => s.SubnetIdentifier),
806
- description: subnetGroup.DBSubnetGroupDescription
807
- };
808
-
809
- } catch (error) {
810
- console.error('[AWSDiscovery.findDBSubnetGroup] Error finding DB subnet group:', error.message);
811
- return null;
812
- }
813
- }
814
-
815
- async findDatabaseSecret(serviceName, stage) {
816
- try {
817
- console.log(`[AWSDiscovery.findDatabaseSecret] Looking for database secret (service: ${serviceName}, stage: ${stage})...`);
818
-
819
- const command = new ListSecretsCommand({
820
- Filters: [
821
- {
822
- Key: 'tag-key',
823
- Values: ['ManagedBy']
824
- }
825
- ]
826
- });
827
- const response = await this.secretsManagerClient.send(command);
828
-
829
- if (!response.SecretList || response.SecretList.length === 0) {
830
- console.log('[AWSDiscovery.findDatabaseSecret] No secrets found');
831
- return null;
832
- }
833
-
834
- // Filter for Frigg-managed database secrets
835
- const friggSecrets = response.SecretList.filter(secret => {
836
- const tags = secret.Tags || [];
837
- const isFrigg = this._isFriggManaged(tags);
838
- const isDatabase = secret.Name?.includes('aurora') || secret.Name?.includes('database');
839
- return isFrigg && isDatabase;
840
- });
841
-
842
- if (friggSecrets.length === 0) {
843
- console.log('[AWSDiscovery.findDatabaseSecret] No Frigg-managed database secrets found');
844
- return null;
845
- }
846
-
847
- // Priority 1: Secret with matching service and stage tags
848
- if (serviceName && stage) {
849
- const matchingSecret = friggSecrets.find(secret => {
850
- const tags = secret.Tags || [];
851
- const matchesService = tags.some(tag => tag.Key === 'Service' && tag.Value === serviceName);
852
- const matchesStage = tags.some(tag => tag.Key === 'Stage' && tag.Value === stage);
853
- return matchesService && matchesStage;
854
- });
855
-
856
- if (matchingSecret) {
857
- console.log(`[AWSDiscovery.findDatabaseSecret] Found matching secret: ${matchingSecret.Name}`);
858
- return {
859
- arn: matchingSecret.ARN,
860
- name: matchingSecret.Name
861
- };
862
- }
863
- }
864
-
865
- // Priority 2: First Frigg-managed database secret
866
- const secret = friggSecrets[0];
867
- console.log(`[AWSDiscovery.findDatabaseSecret] Found Frigg-managed secret: ${secret.Name}`);
868
- return {
869
- arn: secret.ARN,
870
- name: secret.Name
871
- };
872
-
873
- } catch (error) {
874
- console.error('[AWSDiscovery.findDatabaseSecret] Error finding database secret:', error.message);
875
- return null;
876
- }
877
- }
878
-
879
- async discoverAuroraResources(options = {}) {
880
- try {
881
- console.log('\n🔍 Discovering Aurora PostgreSQL resources...');
882
- console.log('═'.repeat(60));
883
-
884
- const {
885
- vpcId,
886
- serviceName,
887
- stage,
888
- management = 'discover',
889
- clusterIdentifier = null
890
- } = options;
891
-
892
- const result = {
893
- clusterIdentifier: null,
894
- endpoint: null,
895
- port: null,
896
- engine: null,
897
- engineVersion: null,
898
- status: null,
899
- dbSubnetGroupName: null,
900
- secretArn: null,
901
- secretName: null,
902
- needsCreation: false
903
- };
904
-
905
- // For 'use-existing' mode, cluster identifier is required
906
- if (management === 'use-existing' && !clusterIdentifier) {
907
- throw new Error('clusterIdentifier is required when management mode is "use-existing"');
908
- }
909
-
910
- // For 'create-new' mode, skip discovery
911
- if (management === 'create-new') {
912
- console.log('💡 Management mode is "create-new" - will provision new Aurora cluster');
913
- result.needsCreation = true;
914
- return result;
915
- }
916
-
917
- // Discover Aurora cluster
918
- const cluster = await this.findAuroraCluster(clusterIdentifier, serviceName, stage);
919
-
920
- if (!cluster) {
921
- if (management === 'discover') {
922
- console.log('⚠️ No Aurora cluster found - will provision new cluster');
923
- result.needsCreation = true;
924
- return result;
925
- }
926
- throw new Error(`No Aurora cluster found with identifier: ${clusterIdentifier}`);
927
- }
928
-
929
- result.clusterIdentifier = cluster.identifier;
930
- result.endpoint = cluster.endpoint;
931
- result.port = cluster.port;
932
- result.engine = cluster.engine;
933
- result.engineVersion = cluster.engineVersion;
934
- result.status = cluster.status;
935
-
936
- console.log(`\n✅ Found Aurora Cluster: ${cluster.identifier}`);
937
- console.log(` Endpoint: ${cluster.endpoint}:${cluster.port}`);
938
- console.log(` Engine: ${cluster.engine} ${cluster.engineVersion}`);
939
- console.log(` Status: ${cluster.status}`);
940
-
941
- // Discover DB subnet group
942
- const subnetGroup = await this.findDBSubnetGroup(vpcId);
943
- if (subnetGroup) {
944
- result.dbSubnetGroupName = subnetGroup.name;
945
- console.log(`\n✅ Found DB Subnet Group: ${subnetGroup.name}`);
946
- console.log(` Subnets: ${subnetGroup.subnets.join(', ')}`);
947
- }
948
-
949
- // Discover database secret
950
- const secret = await this.findDatabaseSecret(serviceName, stage);
951
- if (secret) {
952
- result.secretArn = secret.arn;
953
- result.secretName = secret.name;
954
- console.log(`\n✅ Found Database Secret: ${secret.name}`);
955
- }
956
-
957
- console.log(`\n${'═'.repeat(60)}`);
958
- console.log('📋 Aurora Discovery Summary:');
959
- console.log(` Cluster: ${result.clusterIdentifier || 'Not found'}`);
960
- console.log(` Subnet Group: ${result.dbSubnetGroupName || 'Not found'}`);
961
- console.log(` Secret: ${result.secretName || 'Not found'}`);
962
- console.log(`${'═'.repeat(60)}\n`);
963
-
964
- return result;
965
-
966
- } catch (error) {
967
- console.error('❌ Aurora resource discovery failed:', error.message);
968
- throw error;
969
- }
970
- }
971
-
972
- _formatAuroraCluster(cluster) {
973
- return {
974
- identifier: cluster.DBClusterIdentifier,
975
- endpoint: cluster.Endpoint,
976
- readerEndpoint: cluster.ReaderEndpoint,
977
- port: cluster.Port,
978
- engine: cluster.Engine,
979
- engineVersion: cluster.EngineVersion,
980
- status: cluster.Status,
981
- masterUsername: cluster.MasterUsername,
982
- databaseName: cluster.DatabaseName,
983
- vpcSecurityGroups: (cluster.VpcSecurityGroups || []).map(sg => sg.VpcSecurityGroupId),
984
- dbSubnetGroup: cluster.DBSubnetGroup,
985
- arn: cluster.DBClusterArn
986
- };
987
- }
988
-
989
513
  async detectMisconfiguredResources(vpcId) {
990
514
  try {
991
515
  const misconfigurations = {
@@ -1125,14 +649,10 @@ class AWSDiscovery {
1125
649
  );
1126
650
  console.log('═'.repeat(60));
1127
651
 
1128
- // Validate credentials before attempting any AWS operations
1129
- await this.validateCredentials();
1130
- console.log(''); // Add spacing after validation
1131
-
1132
652
  const vpc = await this.findDefaultVpc();
1133
653
  console.log(`\n✅ Found VPC: ${vpc.VpcId}`);
1134
654
 
1135
- const autoConvert = options.vpc?.selfHeal || false;
655
+ const autoConvert = options.selfHeal || false;
1136
656
 
1137
657
  const privateSubnets = await this.findPrivateSubnets(
1138
658
  vpc.VpcId,
@@ -1170,26 +690,6 @@ class AWSDiscovery {
1170
690
  console.log('ℹ️ No KMS key found');
1171
691
  }
1172
692
 
1173
- // Check if KMS alias already exists
1174
- let kmsAliasExists = false;
1175
- if (options.serviceName && options.stage) {
1176
- const aliasName = `alias/${options.serviceName}-${options.stage}-frigg-kms`;
1177
- const existingAlias = await this.findKmsAlias(aliasName);
1178
- kmsAliasExists = existingAlias !== null;
1179
- }
1180
-
1181
- // Discover Aurora PostgreSQL resources if enabled
1182
- let auroraResources = {};
1183
- if (options.database?.postgres?.enable) {
1184
- auroraResources = await this.discoverAuroraResources({
1185
- vpcId: vpc.VpcId,
1186
- serviceName: options.serviceName,
1187
- stage: options.stage,
1188
- management: options.database.postgres.management,
1189
- clusterIdentifier: options.database.postgres.clusterIdentifier,
1190
- });
1191
- }
1192
-
1193
693
  const existingNatGateway = await this.findExistingNatGateway(
1194
694
  vpc.VpcId
1195
695
  );
@@ -1289,7 +789,6 @@ class AWSDiscovery {
1289
789
  publicSubnetId: publicSubnet?.SubnetId || null,
1290
790
  privateRouteTableId: routeTable.RouteTableId,
1291
791
  defaultKmsKeyId: kmsKeyArn,
1292
- kmsAliasExists: kmsAliasExists,
1293
792
  existingNatGatewayId: natGatewayId,
1294
793
  existingElasticIpAllocationId: elasticIpAllocationId,
1295
794
  natGatewayInPrivateSubnet: natGatewayInPrivateSubnet,
@@ -1310,7 +809,6 @@ class AWSDiscovery {
1310
809
  }
1311
810
  return wrongRoutes;
1312
811
  })(),
1313
- aurora: auroraResources,
1314
812
  };
1315
813
  } catch (error) {
1316
814
  console.error('Error discovering AWS resources:', error);