@friggframework/devtools 2.0.0--canary.461.068b32b.0 → 2.0.0--canary.461.9790ea9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -176,6 +176,7 @@ class AuroraBuilder extends InfrastructureBuilder {
|
|
|
176
176
|
Engine: 'aurora-postgresql',
|
|
177
177
|
EngineMode: 'provisioned',
|
|
178
178
|
EngineVersion: '15.5',
|
|
179
|
+
Port: 5432, // Explicitly set PostgreSQL port (AWS may not auto-detect)
|
|
179
180
|
DatabaseName: dbConfig.database || 'frigg',
|
|
180
181
|
MasterUsername: {
|
|
181
182
|
'Fn::Sub': '{{resolve:secretsmanager:${FriggDBSecret}:SecretString:username}}',
|
|
@@ -234,6 +235,20 @@ class AuroraBuilder extends InfrastructureBuilder {
|
|
|
234
235
|
Resource: { Ref: 'FriggDBSecret' },
|
|
235
236
|
});
|
|
236
237
|
|
|
238
|
+
// Add self-referencing security group ingress rule to allow Lambda to connect to Aurora
|
|
239
|
+
// Since both Lambda and Aurora share the same security group, we need to allow the SG to accept traffic from itself
|
|
240
|
+
result.resources.FriggAuroraIngressRule = {
|
|
241
|
+
Type: 'AWS::EC2::SecurityGroupIngress',
|
|
242
|
+
Properties: {
|
|
243
|
+
GroupId: { Ref: 'FriggLambdaSecurityGroup' },
|
|
244
|
+
IpProtocol: 'tcp',
|
|
245
|
+
FromPort: 5432,
|
|
246
|
+
ToPort: 5432,
|
|
247
|
+
SourceSecurityGroupId: { Ref: 'FriggLambdaSecurityGroup' },
|
|
248
|
+
Description: 'Allow Lambda functions to connect to Aurora PostgreSQL (self-referencing rule)',
|
|
249
|
+
},
|
|
250
|
+
};
|
|
251
|
+
|
|
237
252
|
console.log(' ✅ Aurora Serverless v2 cluster resources created');
|
|
238
253
|
}
|
|
239
254
|
|
|
@@ -628,6 +628,15 @@ describe('AuroraBuilder', () => {
|
|
|
628
628
|
|
|
629
629
|
// PubliclyAccessible is NOT supported on Aurora clusters (only on instances)
|
|
630
630
|
expect(result.resources.FriggAuroraCluster.Properties.PubliclyAccessible).toBeUndefined();
|
|
631
|
+
|
|
632
|
+
// Port should be explicitly set to PostgreSQL standard (5432)
|
|
633
|
+
expect(result.resources.FriggAuroraCluster.Properties.Port).toBe(5432);
|
|
634
|
+
|
|
635
|
+
// Should create self-referencing security group ingress rule
|
|
636
|
+
expect(result.resources.FriggAuroraIngressRule).toBeDefined();
|
|
637
|
+
expect(result.resources.FriggAuroraIngressRule.Type).toBe('AWS::EC2::SecurityGroupIngress');
|
|
638
|
+
expect(result.resources.FriggAuroraIngressRule.Properties.FromPort).toBe(5432);
|
|
639
|
+
expect(result.resources.FriggAuroraIngressRule.Properties.ToPort).toBe(5432);
|
|
631
640
|
});
|
|
632
641
|
|
|
633
642
|
it('should create database subnet group', async () => {
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@friggframework/devtools",
|
|
3
3
|
"prettier": "@friggframework/prettier-config",
|
|
4
|
-
"version": "2.0.0--canary.461.
|
|
4
|
+
"version": "2.0.0--canary.461.9790ea9.0",
|
|
5
5
|
"dependencies": {
|
|
6
6
|
"@aws-sdk/client-ec2": "^3.835.0",
|
|
7
7
|
"@aws-sdk/client-kms": "^3.835.0",
|
|
@@ -11,8 +11,8 @@
|
|
|
11
11
|
"@babel/eslint-parser": "^7.18.9",
|
|
12
12
|
"@babel/parser": "^7.25.3",
|
|
13
13
|
"@babel/traverse": "^7.25.3",
|
|
14
|
-
"@friggframework/schemas": "2.0.0--canary.461.
|
|
15
|
-
"@friggframework/test": "2.0.0--canary.461.
|
|
14
|
+
"@friggframework/schemas": "2.0.0--canary.461.9790ea9.0",
|
|
15
|
+
"@friggframework/test": "2.0.0--canary.461.9790ea9.0",
|
|
16
16
|
"@hapi/boom": "^10.0.1",
|
|
17
17
|
"@inquirer/prompts": "^5.3.8",
|
|
18
18
|
"axios": "^1.7.2",
|
|
@@ -34,8 +34,8 @@
|
|
|
34
34
|
"serverless-http": "^2.7.0"
|
|
35
35
|
},
|
|
36
36
|
"devDependencies": {
|
|
37
|
-
"@friggframework/eslint-config": "2.0.0--canary.461.
|
|
38
|
-
"@friggframework/prettier-config": "2.0.0--canary.461.
|
|
37
|
+
"@friggframework/eslint-config": "2.0.0--canary.461.9790ea9.0",
|
|
38
|
+
"@friggframework/prettier-config": "2.0.0--canary.461.9790ea9.0",
|
|
39
39
|
"aws-sdk-client-mock": "^4.1.0",
|
|
40
40
|
"aws-sdk-client-mock-jest": "^4.1.0",
|
|
41
41
|
"jest": "^30.1.3",
|
|
@@ -70,5 +70,5 @@
|
|
|
70
70
|
"publishConfig": {
|
|
71
71
|
"access": "public"
|
|
72
72
|
},
|
|
73
|
-
"gitHead": "
|
|
73
|
+
"gitHead": "9790ea94c86ae2433a4cffae83139e2bf5925f93"
|
|
74
74
|
}
|