npm - @friggframework/devtools - Versions diffs - 2.0.0--canary.461.bb7fcba.0 → 2.0.0--canary.461.61382d8.0 - Mend

@friggframework/devtools 2.0.0--canary.461.bb7fcba.0 → 2.0.0--canary.461.61382d8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/infrastructure/domains/security/kms-builder.js CHANGED Viewed

@@ -88,12 +88,12 @@ class KmsBuilder extends InfrastructureBuilder {
             // Use discovered KMS key
             const kmsKeyId = discoveredResources.defaultKmsKeyId || '${env:AWS_DISCOVERY_KMS_KEY_ID}';
             console.log(`  Using ${discoveredResources.defaultKmsKeyId ? 'discovered' : 'environment variable'} KMS key`);
             // Format as ARN if it's just a key ID (for IAM policies)
-            const kmsArn = kmsKeyId.startsWith('arn:')
-                ? kmsKeyId
+            const kmsArn = kmsKeyId.startsWith('arn:')
+                ? kmsKeyId
                 : `arn:aws:kms:\${self:provider.region}:\${aws:accountId}:key/${kmsKeyId}`;
             result.environment.KMS_KEY_ARN = kmsArn;
         }

package/infrastructure/domains/shared/resource-discovery.js CHANGED Viewed

@@ -90,11 +90,22 @@ async function gatherDiscoveredResources(appDefinition) {
             return stackResources;
         }
-        // In isolated mode, ONLY use CloudFormation discovery for this stage's stack
-        // Do NOT fall back to AWS API discovery (which finds resources from other stages)
+        // In isolated mode, ONLY use CloudFormation discovery for VPC/Aurora
+        // But still discover KMS (encryption keys can be safely shared across stages)
         if (appDefinition.managementMode === 'managed' && appDefinition.vpcIsolation === 'isolated') {
-            console.log('  ℹ Isolated mode: only discovering resources from this stage\'s stack');
-            console.log('  ℹ No existing stack resources found - will create fresh infrastructure');
+            console.log('  ℹ Isolated mode: discovering KMS (shareable) but not VPC/Aurora (isolated)');
+            // Still run KMS discovery - encryption keys are safe to share
+            const kmsDiscovery = new KmsDiscovery(provider);
+            const kmsResult = await kmsDiscovery.discover();
+            if (kmsResult?.defaultKmsKeyId) {
+                console.log('  ✓ Found shared KMS key (can be reused across stages)');
+                console.log('✅ Cloud resource discovery completed successfully!');
+                return kmsResult;
+            }
+            console.log('  ℹ No existing resources found - will create fresh infrastructure');
             console.log('✅ Cloud resource discovery completed successfully!');
             return {};
         }

package/infrastructure/domains/shared/resource-discovery.test.js CHANGED Viewed

@@ -417,7 +417,7 @@ describe('Resource Discovery', () => {
             }));
         });
-        it('should return empty results for isolated mode (prevents cross-stage contamination)', async () => {
+        it('should discover KMS but not VPC/Aurora in isolated mode', async () => {
             const appDefinition = {
                 name: 'test-app',
                 managementMode: 'managed',
@@ -427,18 +427,26 @@ describe('Resource Discovery', () => {
             };
             process.env.SLS_STAGE = 'dev';
+            // Mock KMS discovery returning a shared key
+            mockKmsDiscovery.discover.mockResolvedValue({
+                defaultKmsKeyId: 'shared-kms-key-123',
+            });
             const result = await gatherDiscoveredResources(appDefinition);
-            // Should return empty (no discovery)
-            expect(result).toEqual({});
+            // Should return KMS (shareable) but not VPC/Aurora (isolated)
+            expect(result).toEqual({
+                defaultKmsKeyId: 'shared-kms-key-123',
+            });
-            // Should NOT call AWS API discovery
+            // Should call KMS discovery (shared) but NOT VPC/Aurora discovery (isolated)
+            expect(mockKmsDiscovery.discover).toHaveBeenCalled();
             expect(mockVpcDiscovery.discover).not.toHaveBeenCalled();
             expect(mockAuroraDiscovery.discover).not.toHaveBeenCalled();
         });
-        it('should return empty in isolated mode even if stack exists (fresh creation)', async () => {
+        it('should return empty if no KMS found in isolated mode (fresh infrastructure)', async () => {
             const { CloudFormationDiscovery } = require('./cloudformation-discovery');
             // Mock that CF stack exists but we still want fresh resources
@@ -454,14 +462,18 @@ describe('Resource Discovery', () => {
             };
             process.env.SLS_STAGE = 'dev';
+            // Mock KMS discovery finding nothing
+            mockKmsDiscovery.discover.mockResolvedValue({});
             const result = await gatherDiscoveredResources(appDefinition);
-            // In isolated mode, always return empty to force fresh creation
-            // This prevents any cross-stage resource reuse
+            // Should return empty (no VPC/Aurora, and KMS not found)
+            // This will trigger fresh KMS creation
             expect(result).toEqual({});
-            // Should NOT call AWS API discovery
+            // Should call KMS discovery but NOT VPC/Aurora
+            expect(mockKmsDiscovery.discover).toHaveBeenCalled();
             expect(mockVpcDiscovery.discover).not.toHaveBeenCalled();
         });

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "@friggframework/devtools",
   "prettier": "@friggframework/prettier-config",
-  "version": "2.0.0--canary.461.bb7fcba.0",
+  "version": "2.0.0--canary.461.61382d8.0",
   "dependencies": {
     "@aws-sdk/client-ec2": "^3.835.0",
     "@aws-sdk/client-kms": "^3.835.0",
@@ -11,8 +11,8 @@
     "@babel/eslint-parser": "^7.18.9",
     "@babel/parser": "^7.25.3",
     "@babel/traverse": "^7.25.3",
-    "@friggframework/schemas": "2.0.0--canary.461.bb7fcba.0",
-    "@friggframework/test": "2.0.0--canary.461.bb7fcba.0",
+    "@friggframework/schemas": "2.0.0--canary.461.61382d8.0",
+    "@friggframework/test": "2.0.0--canary.461.61382d8.0",
     "@hapi/boom": "^10.0.1",
     "@inquirer/prompts": "^5.3.8",
     "axios": "^1.7.2",
@@ -34,8 +34,8 @@
     "serverless-http": "^2.7.0"
   },
   "devDependencies": {
-    "@friggframework/eslint-config": "2.0.0--canary.461.bb7fcba.0",
-    "@friggframework/prettier-config": "2.0.0--canary.461.bb7fcba.0",
+    "@friggframework/eslint-config": "2.0.0--canary.461.61382d8.0",
+    "@friggframework/prettier-config": "2.0.0--canary.461.61382d8.0",
     "aws-sdk-client-mock": "^4.1.0",
     "aws-sdk-client-mock-jest": "^4.1.0",
     "jest": "^30.1.3",
@@ -70,5 +70,5 @@
   "publishConfig": {
     "access": "public"
   },
-  "gitHead": "bb7fcba0918b60051c89f78ce3e4076f7823c7ef"
+  "gitHead": "61382d8a96346ed9732fbaf38b977e13e0a4471d"
 }