@friggframework/devtools 2.0.0--canary.461.ec909cf.0 → 2.0.0--canary.461.7b36f0f.0

package/infrastructure/domains/shared/environment-builder.test.js

@@ -0,0 +1,246 @@
+/**
+ * Tests for Environment Builder Service
+ * 
+ * Tests environment variable extraction and building
+ */
+
+const { getAppEnvironmentVars, buildEnvironment } = require('./environment-builder');
+
+describe('Environment Builder', () => {
+    describe('getAppEnvironmentVars()', () => {
+        it('should extract environment variables with value true', () => {
+            const appDefinition = {
+                environment: {
+                    API_KEY: true,
+                    DATABASE_URL: true,
+                    CUSTOM_VAR: true,
+                },
+            };
+
+            const result = getAppEnvironmentVars(appDefinition);
+
+            expect(result.API_KEY).toBe("${env:API_KEY, ''}");
+            expect(result.DATABASE_URL).toBe("${env:DATABASE_URL, ''}");
+            expect(result.CUSTOM_VAR).toBe("${env:CUSTOM_VAR, ''}");
+        });
+
+        it('should ignore environment variables with value false', () => {
+            const appDefinition = {
+                environment: {
+                    ENABLED_VAR: true,
+                    DISABLED_VAR: false,
+                },
+            };
+
+            const result = getAppEnvironmentVars(appDefinition);
+
+            expect(result.ENABLED_VAR).toBeDefined();
+            expect(result.DISABLED_VAR).toBeUndefined();
+        });
+
+        it('should ignore environment variables with non-boolean values', () => {
+            const appDefinition = {
+                environment: {
+                    VALID: true,
+                    STRING_VALUE: 'some-value',
+                    NUMBER_VALUE: 123,
+                },
+            };
+
+            const result = getAppEnvironmentVars(appDefinition);
+
+            expect(result.VALID).toBeDefined();
+            expect(result.STRING_VALUE).toBeUndefined();
+            expect(result.NUMBER_VALUE).toBeUndefined();
+        });
+
+        it('should skip reserved AWS Lambda variables', () => {
+            const appDefinition = {
+                environment: {
+                    CUSTOM_VAR: true,
+                    AWS_REGION: true,
+                    AWS_ACCESS_KEY_ID: true,
+                    AWS_SECRET_ACCESS_KEY: true,
+                    _HANDLER: true,
+                    AWS_LAMBDA_FUNCTION_NAME: true,
+                },
+            };
+
+            const result = getAppEnvironmentVars(appDefinition);
+
+            expect(result.CUSTOM_VAR).toBeDefined();
+            expect(result.AWS_REGION).toBeUndefined();
+            expect(result.AWS_ACCESS_KEY_ID).toBeUndefined();
+            expect(result.AWS_SECRET_ACCESS_KEY).toBeUndefined();
+            expect(result._HANDLER).toBeUndefined();
+            expect(result.AWS_LAMBDA_FUNCTION_NAME).toBeUndefined();
+        });
+
+        it('should return empty object if no environment defined', () => {
+            const appDefinition = {};
+
+            const result = getAppEnvironmentVars(appDefinition);
+
+            expect(result).toEqual({});
+        });
+
+        it('should handle empty environment object', () => {
+            const appDefinition = {
+                environment: {},
+            };
+
+            const result = getAppEnvironmentVars(appDefinition);
+
+            expect(result).toEqual({});
+        });
+
+        it('should create serverless variable references', () => {
+            const appDefinition = {
+                environment: {
+                    MY_VAR: true,
+                },
+            };
+
+            const result = getAppEnvironmentVars(appDefinition);
+
+            // Should use serverless variable syntax with empty string fallback
+            expect(result.MY_VAR).toBe("${env:MY_VAR, ''}");
+        });
+    });
+
+    describe('buildEnvironment()', () => {
+        it('should combine app vars with standard Frigg variables', () => {
+            const appEnvironmentVars = {
+                API_KEY: "${env:API_KEY, ''}",
+            };
+            const discoveredResources = {};
+
+            const result = buildEnvironment(appEnvironmentVars, discoveredResources);
+
+            expect(result.API_KEY).toBe("${env:API_KEY, ''}");
+            expect(result.FRIGG_STACK).toBe('${self:service}');
+            expect(result.FRIGG_STAGE).toBe('${self:provider.stage}');
+            expect(result.FRIGG_REGION).toBe('${self:provider.region}');
+        });
+
+        it('should add KMS key ARN if discovered', () => {
+            const appEnvironmentVars = {};
+            const discoveredResources = {
+                kmsKeyId: 'arn:aws:kms:us-east-1:123456:key/abc-123',
+            };
+
+            const result = buildEnvironment(appEnvironmentVars, discoveredResources);
+
+            expect(result.KMS_KEY_ARN).toBe('arn:aws:kms:us-east-1:123456:key/abc-123');
+        });
+
+        it('should prefer kmsKeyId over kmsKeyArn if both present', () => {
+            const appEnvironmentVars = {};
+            const discoveredResources = {
+                kmsKeyId: 'arn:aws:kms:us-east-1:123456:key/primary',
+                kmsKeyArn: 'arn:aws:kms:us-east-1:123456:key/secondary',
+            };
+
+            const result = buildEnvironment(appEnvironmentVars, discoveredResources);
+
+            // Implementation uses if/else-if, so kmsKeyId takes priority
+            expect(result.KMS_KEY_ARN).toBe('arn:aws:kms:us-east-1:123456:key/primary');
+        });
+
+        it('should add database connection info if discovered', () => {
+            const appEnvironmentVars = {};
+            const discoveredResources = {
+                auroraClusterEndpoint: 'cluster.abc.us-east-1.rds.amazonaws.com',
+                auroraPort: 5432,
+            };
+
+            const result = buildEnvironment(appEnvironmentVars, discoveredResources);
+
+            expect(result.DATABASE_HOST).toBe('cluster.abc.us-east-1.rds.amazonaws.com');
+            expect(result.DATABASE_PORT).toBe('5432');
+        });
+
+        it('should default database port to 5432 if not specified', () => {
+            const appEnvironmentVars = {};
+            const discoveredResources = {
+                auroraClusterEndpoint: 'cluster.example.com',
+            };
+
+            const result = buildEnvironment(appEnvironmentVars, discoveredResources);
+
+            expect(result.DATABASE_HOST).toBe('cluster.example.com');
+            expect(result.DATABASE_PORT).toBe('5432');
+        });
+
+        it('should add database secret ARN if discovered', () => {
+            const appEnvironmentVars = {};
+            const discoveredResources = {
+                databaseSecretArn: 'arn:aws:secretsmanager:us-east-1:123456:secret:db-secret',
+            };
+
+            const result = buildEnvironment(appEnvironmentVars, discoveredResources);
+
+            expect(result.DATABASE_SECRET_ARN).toBe('arn:aws:secretsmanager:us-east-1:123456:secret:db-secret');
+        });
+
+        it('should combine all discovered resources', () => {
+            const appEnvironmentVars = {
+                CUSTOM_VAR: "${env:CUSTOM_VAR, ''}",
+            };
+            const discoveredResources = {
+                kmsKeyArn: 'arn:aws:kms:us-east-1:123456:key/abc',
+                auroraClusterEndpoint: 'db.example.com',
+                auroraPort: 3306,
+                databaseSecretArn: 'arn:aws:secretsmanager:us-east-1:123456:secret:db',
+            };
+
+            const result = buildEnvironment(appEnvironmentVars, discoveredResources);
+
+            expect(result.CUSTOM_VAR).toBe("${env:CUSTOM_VAR, ''}");
+            expect(result.FRIGG_STACK).toBe('${self:service}');
+            expect(result.FRIGG_STAGE).toBe('${self:provider.stage}');
+            expect(result.FRIGG_REGION).toBe('${self:provider.region}');
+            expect(result.KMS_KEY_ARN).toBe('arn:aws:kms:us-east-1:123456:key/abc');
+            expect(result.DATABASE_HOST).toBe('db.example.com');
+            expect(result.DATABASE_PORT).toBe('3306');
+            expect(result.DATABASE_SECRET_ARN).toBe('arn:aws:secretsmanager:us-east-1:123456:secret:db');
+        });
+
+        it('should handle empty discoveredResources', () => {
+            const appEnvironmentVars = {
+                API_KEY: "${env:API_KEY, ''}",
+            };
+            const discoveredResources = {};
+
+            const result = buildEnvironment(appEnvironmentVars, discoveredResources);
+
+            expect(result.API_KEY).toBe("${env:API_KEY, ''}");
+            expect(result.FRIGG_STACK).toBe('${self:service}');
+            expect(result.KMS_KEY_ARN).toBeUndefined();
+            expect(result.DATABASE_HOST).toBeUndefined();
+        });
+
+        it('should handle empty discoveredResources gracefully', () => {
+            const appEnvironmentVars = {};
+
+            const result = buildEnvironment(appEnvironmentVars, {});
+
+            expect(result.FRIGG_STACK).toBe('${self:service}');
+            expect(result.KMS_KEY_ARN).toBeUndefined();
+        });
+
+        it('should convert database port to string', () => {
+            const appEnvironmentVars = {};
+            const discoveredResources = {
+                auroraClusterEndpoint: 'db.example.com',
+                auroraPort: 3306, // Number
+            };
+
+            const result = buildEnvironment(appEnvironmentVars, discoveredResources);
+
+            expect(result.DATABASE_PORT).toBe('3306'); // String
+            expect(typeof result.DATABASE_PORT).toBe('string');
+        });
+    });
+});
+

package/infrastructure/domains/shared/providers/aws-provider-adapter.test.js

@@ -0,0 +1,366 @@
+/**
+ * Tests for AWS Provider Adapter
+ * 
+ * Tests AWS-specific cloud resource discovery
+ */
+
+const { AWSProviderAdapter } = require('./aws-provider-adapter');
+
+// Mock AWS SDK v3 clients
+jest.mock('@aws-sdk/client-ec2');
+jest.mock('@aws-sdk/client-kms');
+jest.mock('@aws-sdk/client-rds');
+jest.mock('@aws-sdk/client-ssm');
+jest.mock('@aws-sdk/client-secrets-manager');
+
+describe('AWSProviderAdapter', () => {
+    let provider;
+
+    beforeEach(() => {
+        jest.clearAllMocks();
+        delete process.env.AWS_REGION;
+    });
+
+    describe('constructor()', () => {
+        it('should initialize with provided region', () => {
+            provider = new AWSProviderAdapter('eu-west-1');
+
+            expect(provider.region).toBe('eu-west-1');
+        });
+
+        it('should default to us-east-1 if no region provided', () => {
+            provider = new AWSProviderAdapter();
+
+            expect(provider.region).toBe('us-east-1');
+        });
+
+        it('should use AWS_REGION environment variable', () => {
+            process.env.AWS_REGION = 'ap-southeast-1';
+            provider = new AWSProviderAdapter();
+
+            expect(provider.region).toBe('ap-southeast-1');
+        });
+
+        it('should prefer provided region over environment variable', () => {
+            process.env.AWS_REGION = 'us-west-2';
+            provider = new AWSProviderAdapter('eu-central-1');
+
+            expect(provider.region).toBe('eu-central-1');
+        });
+
+        it('should store credentials if provided', () => {
+            const credentials = {
+                accessKeyId: 'test-key',
+                secretAccessKey: 'test-secret',
+            };
+
+            provider = new AWSProviderAdapter('us-east-1', credentials);
+
+            expect(provider.credentials).toEqual(credentials);
+        });
+
+        it('should lazy-load clients (not instantiated on construction)', () => {
+            provider = new AWSProviderAdapter('us-east-1');
+
+            expect(provider.ec2).toBeNull();
+            expect(provider.kms).toBeNull();
+            expect(provider.rds).toBeNull();
+            expect(provider.ssm).toBeNull();
+            expect(provider.secretsManager).toBeNull();
+        });
+    });
+
+    describe('getName()', () => {
+        it('should return "aws"', () => {
+            provider = new AWSProviderAdapter();
+
+            expect(provider.getName()).toBe('aws');
+        });
+    });
+
+    describe('getSupportedRegions()', () => {
+        it('should return array of AWS regions', () => {
+            provider = new AWSProviderAdapter();
+
+            const regions = provider.getSupportedRegions();
+
+            expect(Array.isArray(regions)).toBe(true);
+            expect(regions.length).toBeGreaterThan(0);
+        });
+
+        it('should include common US regions', () => {
+            provider = new AWSProviderAdapter();
+
+            const regions = provider.getSupportedRegions();
+
+            expect(regions).toContain('us-east-1');
+            expect(regions).toContain('us-east-2');
+            expect(regions).toContain('us-west-1');
+            expect(regions).toContain('us-west-2');
+        });
+
+        it('should include common EU regions', () => {
+            provider = new AWSProviderAdapter();
+
+            const regions = provider.getSupportedRegions();
+
+            expect(regions).toContain('eu-west-1');
+            expect(regions).toContain('eu-central-1');
+        });
+
+        it('should include common APAC regions', () => {
+            provider = new AWSProviderAdapter();
+
+            const regions = provider.getSupportedRegions();
+
+            expect(regions).toContain('ap-southeast-1');
+            expect(regions).toContain('ap-northeast-1');
+        });
+    });
+
+    describe('Lazy loading clients', () => {
+        beforeEach(() => {
+            provider = new AWSProviderAdapter('us-east-1');
+        });
+
+        it('should lazy-load EC2 client', () => {
+            expect(provider.ec2).toBeNull();
+
+            const client = provider.getEC2Client();
+
+            expect(provider.ec2).not.toBeNull();
+            expect(client).toBe(provider.ec2);
+        });
+
+        it('should lazy-load KMS client', () => {
+            expect(provider.kms).toBeNull();
+
+            const client = provider.getKMSClient();
+
+            expect(provider.kms).not.toBeNull();
+            expect(client).toBe(provider.kms);
+        });
+
+        it('should lazy-load RDS client', () => {
+            expect(provider.rds).toBeNull();
+
+            const client = provider.getRDSClient();
+
+            expect(provider.rds).not.toBeNull();
+            expect(client).toBe(provider.rds);
+        });
+
+        it('should lazy-load SSM client', () => {
+            expect(provider.ssm).toBeNull();
+
+            const client = provider.getSSMClient();
+
+            expect(provider.ssm).not.toBeNull();
+            expect(client).toBe(provider.ssm);
+        });
+
+        it('should lazy-load Secrets Manager client', () => {
+            expect(provider.secretsManager).toBeNull();
+
+            const client = provider.getSecretsManagerClient();
+
+            expect(provider.secretsManager).not.toBeNull();
+            expect(client).toBe(provider.secretsManager);
+        });
+
+        it('should reuse client on subsequent calls', () => {
+            const client1 = provider.getEC2Client();
+            const client2 = provider.getEC2Client();
+
+            expect(client1).toBe(client2);
+        });
+    });
+
+    describe('discoverVpc()', () => {
+        beforeEach(() => {
+            provider = new AWSProviderAdapter('us-east-1');
+            const { EC2Client } = require('@aws-sdk/client-ec2');
+            EC2Client.mockImplementation(() => ({
+                send: jest.fn(),
+            }));
+        });
+
+        it('should return VPC discovery results', async () => {
+            const mockSend = jest.fn()
+                .mockResolvedValueOnce({ // VPCs
+                    Vpcs: [
+                        { VpcId: 'vpc-123', CidrBlock: '172.31.0.0/16' },
+                    ],
+                })
+                .mockResolvedValueOnce({ Subnets: [] }) // Subnets
+                .mockResolvedValueOnce({ SecurityGroups: [] }) // Security Groups
+                .mockResolvedValueOnce({ RouteTables: [] }) // Route Tables
+                .mockResolvedValueOnce({ NatGateways: [] }) // NAT Gateways
+                .mockResolvedValueOnce({ InternetGateways: [] }); // Internet Gateways
+
+            provider.getEC2Client = jest.fn().mockReturnValue({ send: mockSend });
+
+            const result = await provider.discoverVpc({});
+
+            expect(result.vpcId).toBe('vpc-123');
+            expect(result.vpcCidr).toBe('172.31.0.0/16');
+        });
+
+        it('should handle discovery errors', async () => {
+            provider.getEC2Client = jest.fn().mockReturnValue({
+                send: jest.fn().mockRejectedValue(new Error('EC2 API Error')),
+            });
+
+            await expect(provider.discoverVpc({})).rejects.toThrow('Failed to discover AWS VPC');
+        });
+
+        it('should discover default VPC when no vpcId specified', async () => {
+            const mockSend = jest.fn();
+            provider.getEC2Client = jest.fn().mockReturnValue({ send: mockSend });
+
+            await provider.discoverVpc({}).catch(() => { });
+
+            // First call should filter for default VPC
+            expect(mockSend).toHaveBeenCalled();
+        });
+    });
+
+    describe('discoverKmsKeys()', () => {
+        beforeEach(() => {
+            provider = new AWSProviderAdapter('us-east-1');
+            const { KMSClient } = require('@aws-sdk/client-kms');
+            KMSClient.mockImplementation(() => ({
+                send: jest.fn(),
+            }));
+        });
+
+        it('should return KMS discovery results', async () => {
+            const mockSend = jest.fn()
+                .mockResolvedValueOnce({ // ListKeys
+                    Keys: [{ KeyId: 'key-123' }],
+                })
+                .mockResolvedValueOnce({ // DescribeKey
+                    KeyMetadata: {
+                        KeyId: 'key-123',
+                        Arn: 'arn:aws:kms:us-east-1:123:key/abc',
+                        Enabled: true,
+                    },
+                })
+                .mockResolvedValueOnce({ // ListAliases
+                    Aliases: [
+                        { AliasName: 'alias/my-key', TargetKeyId: 'key-123' },
+                    ],
+                });
+
+            provider.getKMSClient = jest.fn().mockReturnValue({ send: mockSend });
+
+            const result = await provider.discoverKmsKeys({});
+
+            expect(result.keys.length).toBeGreaterThan(0);
+            expect(result.defaultKey).toBeDefined();
+        });
+
+        it('should handle discovery errors', async () => {
+            provider.getKMSClient = jest.fn().mockReturnValue({
+                send: jest.fn().mockRejectedValue(new Error('KMS API Error')),
+            });
+
+            await expect(provider.discoverKmsKeys({})).rejects.toThrow('Failed to discover AWS KMS keys');
+        });
+    });
+
+    describe('discoverDatabase()', () => {
+        beforeEach(() => {
+            provider = new AWSProviderAdapter('us-east-1');
+            const { RDSClient } = require('@aws-sdk/client-rds');
+            RDSClient.mockImplementation(() => ({
+                send: jest.fn(),
+            }));
+        });
+
+        it('should return database discovery results', async () => {
+            const mockSend = jest.fn()
+                .mockResolvedValueOnce({ // Clusters
+                    DBClusters: [
+                        {
+                            DBClusterIdentifier: 'cluster-1',
+                            Endpoint: 'cluster-1.example.com',
+                            Port: 5432,
+                            Engine: 'aurora-postgresql',
+                        },
+                    ],
+                })
+                .mockResolvedValueOnce({ DBInstances: [] }); // Instances
+
+            provider.getRDSClient = jest.fn().mockReturnValue({ send: mockSend });
+
+            const result = await provider.discoverDatabase({});
+
+            expect(result.endpoint).toBe('cluster-1.example.com');
+            expect(result.port).toBe(5432);
+            expect(result.engine).toBe('aurora-postgresql');
+        });
+
+        it('should handle discovery errors', async () => {
+            provider.getRDSClient = jest.fn().mockReturnValue({
+                send: jest.fn().mockRejectedValue(new Error('RDS API Error')),
+            });
+
+            await expect(provider.discoverDatabase({})).rejects.toThrow('Failed to discover AWS databases');
+        });
+    });
+
+    describe('discoverParameters()', () => {
+        beforeEach(() => {
+            provider = new AWSProviderAdapter('us-east-1');
+        });
+
+        it('should return parameter discovery results', async () => {
+            const mockSSMSend = jest.fn().mockResolvedValue({
+                Parameters: [
+                    { Name: '/my-app/api-key', Value: 'encrypted' },
+                ],
+            });
+
+            const mockSMSend = jest.fn().mockResolvedValue({
+                SecretList: [
+                    { Name: 'my-app/secret', ARN: 'arn:aws:secretsmanager:us-east-1:123:secret:my-app/secret' },
+                ],
+            });
+
+            provider.getSSMClient = jest.fn().mockReturnValue({ send: mockSSMSend });
+            provider.getSecretsManagerClient = jest.fn().mockReturnValue({ send: mockSMSend });
+
+            const result = await provider.discoverParameters({
+                parameterPath: '/my-app',
+                includeSecrets: true,
+            });
+
+            expect(result.parameters).toHaveLength(1);
+            expect(result.secrets).toHaveLength(1);
+        });
+
+        it('should handle discovery errors', async () => {
+            provider.getSSMClient = jest.fn().mockReturnValue({
+                send: jest.fn().mockRejectedValue(new Error('SSM API Error')),
+            });
+
+            await expect(provider.discoverParameters({})).rejects.toThrow('Failed to discover AWS parameters');
+        });
+
+        it('should skip secrets when includeSecrets is false', async () => {
+            const mockSSMSend = jest.fn().mockResolvedValue({ Parameters: [] });
+
+            provider.getSSMClient = jest.fn().mockReturnValue({ send: mockSSMSend });
+
+            const result = await provider.discoverParameters({
+                includeSecrets: false,
+            });
+
+            expect(result.parameters).toEqual([]);
+            expect(result.secrets).toEqual([]);
+            expect(provider.getSecretsManagerClient).not.toHaveBeenCalled();
+        });
+    });
+});
+