@friggframework/devtools 2.0.0--canary.461.9483dbe.0 → 2.0.0--canary.461.637e5e4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/infrastructure/domains/database/aurora-builder.js +16 -0
- package/infrastructure/domains/database/aurora-builder.test.js +27 -0
- package/infrastructure/domains/database/aurora-discovery.js +6 -0
- package/infrastructure/domains/shared/providers/aws-provider-adapter.js +3 -0
- package/package.json +6 -6
|
@@ -281,6 +281,22 @@ class AuroraBuilder extends InfrastructureBuilder {
|
|
|
281
281
|
});
|
|
282
282
|
}
|
|
283
283
|
|
|
284
|
+
// Add security group ingress rule to allow Lambda to connect to Aurora
|
|
285
|
+
if (discoveredResources.auroraSecurityGroupId) {
|
|
286
|
+
result.resources.FriggAuroraIngressRule = {
|
|
287
|
+
Type: 'AWS::EC2::SecurityGroupIngress',
|
|
288
|
+
Properties: {
|
|
289
|
+
GroupId: discoveredResources.auroraSecurityGroupId,
|
|
290
|
+
IpProtocol: 'tcp',
|
|
291
|
+
FromPort: discoveredResources.auroraPort || 5432,
|
|
292
|
+
ToPort: discoveredResources.auroraPort || 5432,
|
|
293
|
+
SourceSecurityGroupId: { Ref: 'FriggLambdaSecurityGroup' },
|
|
294
|
+
Description: 'Allow Lambda functions to connect to Aurora PostgreSQL',
|
|
295
|
+
},
|
|
296
|
+
};
|
|
297
|
+
console.log(` ✅ Added security group ingress rule for Lambda → Aurora connectivity`);
|
|
298
|
+
}
|
|
299
|
+
|
|
284
300
|
console.log(` ✅ Discovered cluster configuration complete`);
|
|
285
301
|
}
|
|
286
302
|
|
|
@@ -316,6 +316,33 @@ describe('AuroraBuilder', () => {
|
|
|
316
316
|
expect(secretPermission).toBeDefined();
|
|
317
317
|
expect(secretPermission.Resource).toBe('arn:aws:secretsmanager:us-east-1:123:secret:db');
|
|
318
318
|
});
|
|
319
|
+
|
|
320
|
+
it('should add security group ingress rule for Lambda to Aurora connectivity', async () => {
|
|
321
|
+
const appDefinition = {
|
|
322
|
+
database: {
|
|
323
|
+
postgres: {
|
|
324
|
+
enable: true,
|
|
325
|
+
management: 'discover',
|
|
326
|
+
},
|
|
327
|
+
},
|
|
328
|
+
};
|
|
329
|
+
|
|
330
|
+
const discoveredResources = {
|
|
331
|
+
auroraClusterEndpoint: 'cluster.abc.us-east-1.rds.amazonaws.com',
|
|
332
|
+
auroraPort: 5432,
|
|
333
|
+
auroraSecurityGroupId: 'sg-aurora123',
|
|
334
|
+
};
|
|
335
|
+
|
|
336
|
+
const result = await auroraBuilder.build(appDefinition, discoveredResources);
|
|
337
|
+
|
|
338
|
+
expect(result.resources.FriggAuroraIngressRule).toBeDefined();
|
|
339
|
+
expect(result.resources.FriggAuroraIngressRule.Type).toBe('AWS::EC2::SecurityGroupIngress');
|
|
340
|
+
expect(result.resources.FriggAuroraIngressRule.Properties.GroupId).toBe('sg-aurora123');
|
|
341
|
+
expect(result.resources.FriggAuroraIngressRule.Properties.IpProtocol).toBe('tcp');
|
|
342
|
+
expect(result.resources.FriggAuroraIngressRule.Properties.FromPort).toBe(5432);
|
|
343
|
+
expect(result.resources.FriggAuroraIngressRule.Properties.ToPort).toBe(5432);
|
|
344
|
+
expect(result.resources.FriggAuroraIngressRule.Properties.SourceSecurityGroupId).toEqual({ Ref: 'FriggLambdaSecurityGroup' });
|
|
345
|
+
});
|
|
319
346
|
});
|
|
320
347
|
|
|
321
348
|
describe('build() - create-new mode', () => {
|
|
@@ -49,6 +49,12 @@ class AuroraDiscovery {
|
|
|
49
49
|
result.databasePort = rawResources.port || 5432;
|
|
50
50
|
result.auroraEngine = rawResources.engine || 'aurora-postgresql';
|
|
51
51
|
result.databaseEngine = rawResources.engine || 'aurora-postgresql';
|
|
52
|
+
|
|
53
|
+
// Capture security group IDs
|
|
54
|
+
if (rawResources.securityGroupIds && rawResources.securityGroupIds.length > 0) {
|
|
55
|
+
result.auroraSecurityGroupId = rawResources.securityGroupIds[0]; // Use first security group
|
|
56
|
+
console.log(` ✓ Found security group: ${result.auroraSecurityGroupId}`);
|
|
57
|
+
}
|
|
52
58
|
|
|
53
59
|
console.log(` ✓ Found database: ${result.auroraClusterEndpoint}:${result.auroraPort}`);
|
|
54
60
|
console.log(` ✓ Engine: ${result.auroraEngine}`);
|
|
@@ -343,6 +343,7 @@ class AWSProviderAdapter extends CloudProviderAdapter {
|
|
|
343
343
|
endpoint: null,
|
|
344
344
|
port: null,
|
|
345
345
|
engine: null,
|
|
346
|
+
securityGroupIds: [],
|
|
346
347
|
};
|
|
347
348
|
|
|
348
349
|
try {
|
|
@@ -361,6 +362,7 @@ class AWSProviderAdapter extends CloudProviderAdapter {
|
|
|
361
362
|
result.endpoint = cluster.Endpoint;
|
|
362
363
|
result.port = cluster.Port;
|
|
363
364
|
result.engine = cluster.Engine;
|
|
365
|
+
result.securityGroupIds = (cluster.VpcSecurityGroups || []).map(sg => sg.VpcSecurityGroupId);
|
|
364
366
|
}
|
|
365
367
|
} else if (result.clusters.length > 0) {
|
|
366
368
|
// Use first available cluster
|
|
@@ -368,6 +370,7 @@ class AWSProviderAdapter extends CloudProviderAdapter {
|
|
|
368
370
|
result.endpoint = cluster.Endpoint;
|
|
369
371
|
result.port = cluster.Port;
|
|
370
372
|
result.engine = cluster.Engine;
|
|
373
|
+
result.securityGroupIds = (cluster.VpcSecurityGroups || []).map(sg => sg.VpcSecurityGroupId);
|
|
371
374
|
}
|
|
372
375
|
}
|
|
373
376
|
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@friggframework/devtools",
|
|
3
3
|
"prettier": "@friggframework/prettier-config",
|
|
4
|
-
"version": "2.0.0--canary.461.
|
|
4
|
+
"version": "2.0.0--canary.461.637e5e4.0",
|
|
5
5
|
"dependencies": {
|
|
6
6
|
"@aws-sdk/client-ec2": "^3.835.0",
|
|
7
7
|
"@aws-sdk/client-kms": "^3.835.0",
|
|
@@ -11,8 +11,8 @@
|
|
|
11
11
|
"@babel/eslint-parser": "^7.18.9",
|
|
12
12
|
"@babel/parser": "^7.25.3",
|
|
13
13
|
"@babel/traverse": "^7.25.3",
|
|
14
|
-
"@friggframework/schemas": "2.0.0--canary.461.
|
|
15
|
-
"@friggframework/test": "2.0.0--canary.461.
|
|
14
|
+
"@friggframework/schemas": "2.0.0--canary.461.637e5e4.0",
|
|
15
|
+
"@friggframework/test": "2.0.0--canary.461.637e5e4.0",
|
|
16
16
|
"@hapi/boom": "^10.0.1",
|
|
17
17
|
"@inquirer/prompts": "^5.3.8",
|
|
18
18
|
"axios": "^1.7.2",
|
|
@@ -34,8 +34,8 @@
|
|
|
34
34
|
"serverless-http": "^2.7.0"
|
|
35
35
|
},
|
|
36
36
|
"devDependencies": {
|
|
37
|
-
"@friggframework/eslint-config": "2.0.0--canary.461.
|
|
38
|
-
"@friggframework/prettier-config": "2.0.0--canary.461.
|
|
37
|
+
"@friggframework/eslint-config": "2.0.0--canary.461.637e5e4.0",
|
|
38
|
+
"@friggframework/prettier-config": "2.0.0--canary.461.637e5e4.0",
|
|
39
39
|
"aws-sdk-client-mock": "^4.1.0",
|
|
40
40
|
"aws-sdk-client-mock-jest": "^4.1.0",
|
|
41
41
|
"jest": "^30.1.3",
|
|
@@ -70,5 +70,5 @@
|
|
|
70
70
|
"publishConfig": {
|
|
71
71
|
"access": "public"
|
|
72
72
|
},
|
|
73
|
-
"gitHead": "
|
|
73
|
+
"gitHead": "637e5e421b5de0794ae99dc8a6578726dfd97f27"
|
|
74
74
|
}
|