@friggframework/devtools 2.0.0--canary.461.ec909cf.0 → 2.0.0--canary.461.9483dbe.0

package/infrastructure/domains/shared/resource-discovery.js

@@ -0,0 +1,132 @@
+/**
+ * Resource Discovery Service
+ * 
+ * Domain Service - Hexagonal Architecture
+ * 
+ * Orchestrates discovery of cloud resources (VPC, databases, encryption keys, etc.)
+ * using the cloud provider abstraction layer and domain-specific discovery services.
+ * 
+ * This service is cloud-agnostic and delegates to provider-specific implementations.
+ */
+
+const { CloudProviderFactory } = require('./providers/provider-factory');
+const { VpcDiscovery } = require('../networking/vpc-discovery');
+const { KmsDiscovery } = require('../security/kms-discovery');
+const { AuroraDiscovery } = require('../database/aurora-discovery');
+const { SsmDiscovery } = require('../parameters/ssm-discovery');
+
+/**
+ * Determine if AWS discovery should run
+ * 
+ * @param {Object} appDefinition - Application definition
+ * @returns {boolean} True if discovery is needed
+ */
+function shouldRunDiscovery(appDefinition) {
+    console.log(
+        '⚙️  Checking FRIGG_SKIP_AWS_DISCOVERY:',
+        process.env.FRIGG_SKIP_AWS_DISCOVERY
+    );
+
+    if (process.env.FRIGG_SKIP_AWS_DISCOVERY === 'true') {
+        console.log(
+            '⚙️  Skipping AWS discovery because FRIGG_SKIP_AWS_DISCOVERY is set.'
+        );
+        return false;
+    }
+
+    return (
+        appDefinition.vpc?.enable === true ||
+        appDefinition.encryption?.fieldLevelEncryptionMethod === 'kms' ||
+        appDefinition.ssm?.enable === true ||
+        appDefinition.database?.postgres?.enable === true
+    );
+}
+
+/**
+ * Gather discovered cloud resources
+ * 
+ * Uses cloud provider abstraction to discover resources in a provider-agnostic way.
+ * 
+ * @param {Object} appDefinition - Application definition
+ * @returns {Promise<Object>} Discovered cloud resources
+ */
+async function gatherDiscoveredResources(appDefinition) {
+    if (!shouldRunDiscovery(appDefinition)) {
+        console.log('⚙️  Skipping cloud resource discovery (not required for this configuration)');
+        return {};
+    }
+
+    console.log('🔍 Running cloud resource discovery...');
+
+    try {
+        // Get cloud provider (defaults to AWS, can be overridden via env var)
+        const providerName = process.env.CLOUD_PROVIDER || appDefinition.provider || 'aws';
+        const region = process.env.AWS_REGION || 'us-east-1';
+
+        console.log(`   Provider: ${providerName}`);
+        console.log(`   Region: ${region}`);
+
+        // Create provider adapter
+        const provider = CloudProviderFactory.create(providerName, region);
+
+        // Create domain discovery services with provider
+        const vpcDiscovery = new VpcDiscovery(provider);
+        const kmsDiscovery = new KmsDiscovery(provider);
+        const auroraDiscovery = new AuroraDiscovery(provider);
+        const ssmDiscovery = new SsmDiscovery(provider);
+
+        // Build discovery configuration
+        const stage = process.env.SLS_STAGE || 'dev';
+        const config = {
+            serviceName: appDefinition.name || 'create-frigg-app',
+            stage,
+            vpcId: appDefinition.vpc?.vpcId,
+            databaseId: appDefinition.database?.postgres?.clusterId ||
+                appDefinition.database?.postgres?.instanceId,
+            keyAlias: appDefinition.encryption?.keyAlias,
+            includeSecrets: true,
+        };
+
+        // Run discoveries in parallel for better performance
+        const [vpcResources, kmsResources, dbResources, ssmResources] =
+            await Promise.all([
+                appDefinition.vpc?.enable ? vpcDiscovery.discover(config) : Promise.resolve({}),
+                appDefinition.encryption?.fieldLevelEncryptionMethod === 'kms'
+                    ? kmsDiscovery.discover(config)
+                    : Promise.resolve({}),
+                appDefinition.database?.postgres?.enable
+                    ? auroraDiscovery.discover(config)
+                    : Promise.resolve({}),
+                appDefinition.ssm?.enable
+                    ? ssmDiscovery.discover(config)
+                    : Promise.resolve({}),
+            ]);
+
+        // Aggregate results
+        const discoveredResources = {
+            ...vpcResources,
+            ...kmsResources,
+            ...dbResources,
+            ...ssmResources,
+        };
+
+        console.log('✅ Cloud resource discovery completed successfully!');
+
+        return discoveredResources;
+    } catch (error) {
+        console.error('❌ Cloud resource discovery failed:', error.message);
+        console.error('Stack:', error.stack);
+
+        // Don't fail the build - return empty resources and let validation handle it
+        console.warn(
+            '⚠️  Continuing with empty discovered resources. This may cause deployment issues if resources are required.'
+        );
+        return {};
+    }
+}
+
+module.exports = {
+    shouldRunDiscovery,
+    gatherDiscoveredResources,
+};
+

package/infrastructure/domains/shared/resource-discovery.test.js

@@ -0,0 +1,410 @@
+/**
+ * Tests for Resource Discovery Service
+ * 
+ * Tests orchestration of cloud resource discovery
+ */
+
+const { shouldRunDiscovery, gatherDiscoveredResources } = require('./resource-discovery');
+
+// Mock the provider factory and discovery classes
+jest.mock('./providers/provider-factory');
+jest.mock('../networking/vpc-discovery');
+jest.mock('../security/kms-discovery');
+jest.mock('../database/aurora-discovery');
+jest.mock('../parameters/ssm-discovery');
+
+const { CloudProviderFactory } = require('./providers/provider-factory');
+const { VpcDiscovery } = require('../networking/vpc-discovery');
+const { KmsDiscovery } = require('../security/kms-discovery');
+const { AuroraDiscovery } = require('../database/aurora-discovery');
+const { SsmDiscovery } = require('../parameters/ssm-discovery');
+
+describe('Resource Discovery', () => {
+    let mockProvider;
+    let mockVpcDiscovery;
+    let mockKmsDiscovery;
+    let mockAuroraDiscovery;
+    let mockSsmDiscovery;
+
+    beforeEach(() => {
+        // Reset environment
+        delete process.env.FRIGG_SKIP_AWS_DISCOVERY;
+        delete process.env.CLOUD_PROVIDER;
+        delete process.env.AWS_REGION;
+
+        // Create mock provider
+        mockProvider = {
+            getName: jest.fn().mockReturnValue('aws'),
+        };
+
+        // Create mock discoveries with default responses
+        mockVpcDiscovery = {
+            discover: jest.fn().mockResolvedValue({
+                defaultVpcId: 'vpc-123',
+                privateSubnetId1: 'subnet-1',
+            }),
+        };
+
+        mockKmsDiscovery = {
+            discover: jest.fn().mockResolvedValue({
+                kmsKeyId: 'arn:aws:kms:us-east-1:123:key/abc',
+            }),
+        };
+
+        mockAuroraDiscovery = {
+            discover: jest.fn().mockResolvedValue({
+                auroraClusterEndpoint: 'db.example.com',
+            }),
+        };
+
+        mockSsmDiscovery = {
+            discover: jest.fn().mockResolvedValue({
+                parameters: [],
+            }),
+        };
+
+        // Mock factory and discovery constructors
+        CloudProviderFactory.create = jest.fn().mockReturnValue(mockProvider);
+        VpcDiscovery.mockImplementation(() => mockVpcDiscovery);
+        KmsDiscovery.mockImplementation(() => mockKmsDiscovery);
+        AuroraDiscovery.mockImplementation(() => mockAuroraDiscovery);
+        SsmDiscovery.mockImplementation(() => mockSsmDiscovery);
+    });
+
+    describe('shouldRunDiscovery()', () => {
+        it('should return false when FRIGG_SKIP_AWS_DISCOVERY is true', () => {
+            process.env.FRIGG_SKIP_AWS_DISCOVERY = 'true';
+
+            const result = shouldRunDiscovery({ vpc: { enable: true } });
+
+            expect(result).toBe(false);
+        });
+
+        it('should return true when VPC is enabled', () => {
+            const result = shouldRunDiscovery({ vpc: { enable: true } });
+
+            expect(result).toBe(true);
+        });
+
+        it('should return true when KMS encryption is enabled', () => {
+            const result = shouldRunDiscovery({
+                encryption: { fieldLevelEncryptionMethod: 'kms' },
+            });
+
+            expect(result).toBe(true);
+        });
+
+        it('should return true when SSM is enabled', () => {
+            const result = shouldRunDiscovery({ ssm: { enable: true } });
+
+            expect(result).toBe(true);
+        });
+
+        it('should return true when Postgres database is enabled', () => {
+            const result = shouldRunDiscovery({
+                database: { postgres: { enable: true } },
+            });
+
+            expect(result).toBe(true);
+        });
+
+        it('should return false when no features require discovery', () => {
+            const result = shouldRunDiscovery({
+                vpc: { enable: false },
+                encryption: { fieldLevelEncryptionMethod: 'aes' },
+                ssm: { enable: false },
+            });
+
+            expect(result).toBe(false);
+        });
+
+        it('should return false for empty app definition', () => {
+            const result = shouldRunDiscovery({});
+
+            expect(result).toBe(false);
+        });
+    });
+
+    describe('gatherDiscoveredResources()', () => {
+        it('should skip discovery when not needed', async () => {
+            const appDefinition = {
+                vpc: { enable: false },
+            };
+
+            const result = await gatherDiscoveredResources(appDefinition);
+
+            expect(result).toEqual({});
+            expect(CloudProviderFactory.create).not.toHaveBeenCalled();
+        });
+
+        it('should create AWS provider by default', async () => {
+            const appDefinition = {
+                vpc: { enable: true },
+            };
+
+            await gatherDiscoveredResources(appDefinition);
+
+            expect(CloudProviderFactory.create).toHaveBeenCalledWith('aws', 'us-east-1');
+        });
+
+        it('should respect CLOUD_PROVIDER environment variable', async () => {
+            process.env.CLOUD_PROVIDER = 'gcp';
+            process.env.AWS_REGION = 'us-central1';
+
+            const appDefinition = {
+                vpc: { enable: true },
+            };
+
+            await gatherDiscoveredResources(appDefinition);
+
+            expect(CloudProviderFactory.create).toHaveBeenCalledWith('gcp', 'us-central1');
+        });
+
+        it('should respect AWS_REGION environment variable', async () => {
+            process.env.AWS_REGION = 'eu-west-1';
+
+            const appDefinition = {
+                vpc: { enable: true },
+            };
+
+            await gatherDiscoveredResources(appDefinition);
+
+            expect(CloudProviderFactory.create).toHaveBeenCalledWith('aws', 'eu-west-1');
+        });
+
+        it('should create discovery services with provider', async () => {
+            const appDefinition = {
+                vpc: { enable: true },
+            };
+
+            await gatherDiscoveredResources(appDefinition);
+
+            expect(VpcDiscovery).toHaveBeenCalledWith(mockProvider);
+            expect(KmsDiscovery).toHaveBeenCalledWith(mockProvider);
+            expect(AuroraDiscovery).toHaveBeenCalledWith(mockProvider);
+            expect(SsmDiscovery).toHaveBeenCalledWith(mockProvider);
+        });
+
+        it('should run VPC discovery when enabled', async () => {
+            const appDefinition = {
+                name: 'test-app',
+                vpc: { enable: true },
+            };
+
+            await gatherDiscoveredResources(appDefinition);
+
+            expect(mockVpcDiscovery.discover).toHaveBeenCalledWith(
+                expect.objectContaining({
+                    serviceName: 'test-app',
+                })
+            );
+        });
+
+        it('should skip VPC discovery when disabled', async () => {
+            const appDefinition = {
+                vpc: { enable: false },
+                encryption: { fieldLevelEncryptionMethod: 'kms' },
+            };
+
+            await gatherDiscoveredResources(appDefinition);
+
+            expect(mockVpcDiscovery.discover).not.toHaveBeenCalled();
+        });
+
+        it('should run KMS discovery when encryption is kms', async () => {
+            const appDefinition = {
+                name: 'test-app',
+                encryption: { fieldLevelEncryptionMethod: 'kms' },
+            };
+
+            await gatherDiscoveredResources(appDefinition);
+
+            expect(mockKmsDiscovery.discover).toHaveBeenCalled();
+        });
+
+        it('should skip KMS discovery when encryption is not kms', async () => {
+            const appDefinition = {
+                encryption: { fieldLevelEncryptionMethod: 'aes' },
+                vpc: { enable: true },
+            };
+
+            await gatherDiscoveredResources(appDefinition);
+
+            expect(mockKmsDiscovery.discover).not.toHaveBeenCalled();
+        });
+
+        it('should run database discovery when postgres is enabled', async () => {
+            const appDefinition = {
+                database: { postgres: { enable: true } },
+            };
+
+            await gatherDiscoveredResources(appDefinition);
+
+            expect(mockAuroraDiscovery.discover).toHaveBeenCalled();
+        });
+
+        it('should skip database discovery when postgres is disabled', async () => {
+            const appDefinition = {
+                database: { postgres: { enable: false } },
+                vpc: { enable: true },
+            };
+
+            await gatherDiscoveredResources(appDefinition);
+
+            expect(mockAuroraDiscovery.discover).not.toHaveBeenCalled();
+        });
+
+        it('should run SSM discovery when enabled', async () => {
+            const appDefinition = {
+                ssm: { enable: true },
+            };
+
+            await gatherDiscoveredResources(appDefinition);
+
+            expect(mockSsmDiscovery.discover).toHaveBeenCalled();
+        });
+
+        it('should aggregate results from all discoveries', async () => {
+            mockVpcDiscovery.discover.mockResolvedValue({
+                defaultVpcId: 'vpc-123',
+                privateSubnetId1: 'subnet-1',
+            });
+
+            mockKmsDiscovery.discover.mockResolvedValue({
+                kmsKeyId: 'arn:aws:kms:key/abc',
+            });
+
+            mockAuroraDiscovery.discover.mockResolvedValue({
+                auroraClusterEndpoint: 'db.example.com',
+                auroraPort: 5432,
+            });
+
+            mockSsmDiscovery.discover.mockResolvedValue({
+                parameters: ['param1'],
+            });
+
+            const appDefinition = {
+                vpc: { enable: true },
+                encryption: { fieldLevelEncryptionMethod: 'kms' },
+                database: { postgres: { enable: true } },
+                ssm: { enable: true },
+            };
+
+            const result = await gatherDiscoveredResources(appDefinition);
+
+            expect(result).toEqual({
+                defaultVpcId: 'vpc-123',
+                privateSubnetId1: 'subnet-1',
+                kmsKeyId: 'arn:aws:kms:key/abc',
+                auroraClusterEndpoint: 'db.example.com',
+                auroraPort: 5432,
+                parameters: ['param1'],
+            });
+        });
+
+        it('should run discoveries in parallel for performance', async () => {
+            const appDefinition = {
+                vpc: { enable: true },
+                encryption: { fieldLevelEncryptionMethod: 'kms' },
+                database: { postgres: { enable: true } },
+                ssm: { enable: true },
+            };
+
+            await gatherDiscoveredResources(appDefinition);
+
+            // All should have been called (proving parallel execution)
+            expect(mockVpcDiscovery.discover).toHaveBeenCalled();
+            expect(mockKmsDiscovery.discover).toHaveBeenCalled();
+            expect(mockAuroraDiscovery.discover).toHaveBeenCalled();
+            expect(mockSsmDiscovery.discover).toHaveBeenCalled();
+        });
+
+        it('should handle discovery errors gracefully', async () => {
+            mockVpcDiscovery.discover.mockRejectedValue(new Error('VPC API Error'));
+
+            const appDefinition = {
+                vpc: { enable: true },
+            };
+
+            const result = await gatherDiscoveredResources(appDefinition);
+
+            // Should return empty object instead of throwing
+            expect(result).toEqual({});
+        });
+
+        it('should pass configuration to discoveries', async () => {
+            const appDefinition = {
+                name: 'my-service',
+                vpc: {
+                    enable: true,
+                    vpcId: 'vpc-custom',
+                },
+                database: {
+                    postgres: {
+                        enable: true,
+                        clusterId: 'my-cluster',
+                    },
+                },
+                encryption: {
+                    fieldLevelEncryptionMethod: 'kms',
+                    keyAlias: 'alias/my-key',
+                },
+            };
+
+            process.env.SLS_STAGE = 'production';
+
+            await gatherDiscoveredResources(appDefinition);
+
+            expect(mockVpcDiscovery.discover).toHaveBeenCalledWith(
+                expect.objectContaining({
+                    serviceName: 'my-service',
+                    stage: 'production',
+                    vpcId: 'vpc-custom',
+                })
+            );
+
+            expect(mockAuroraDiscovery.discover).toHaveBeenCalledWith(
+                expect.objectContaining({
+                    databaseId: 'my-cluster',
+                })
+            );
+
+            expect(mockKmsDiscovery.discover).toHaveBeenCalledWith(
+                expect.objectContaining({
+                    keyAlias: 'alias/my-key',
+                })
+            );
+        });
+
+        it('should default stage to dev', async () => {
+            delete process.env.SLS_STAGE;
+
+            const appDefinition = {
+                vpc: { enable: true },
+            };
+
+            await gatherDiscoveredResources(appDefinition);
+
+            expect(mockVpcDiscovery.discover).toHaveBeenCalledWith(
+                expect.objectContaining({
+                    stage: 'dev',
+                })
+            );
+        });
+
+        it('should include secrets in SSM discovery by default', async () => {
+            const appDefinition = {
+                ssm: { enable: true },
+            };
+
+            await gatherDiscoveredResources(appDefinition);
+
+            expect(mockSsmDiscovery.discover).toHaveBeenCalledWith(
+                expect.objectContaining({
+                    includeSecrets: true,
+                })
+            );
+        });
+    });
+});
+

package/infrastructure/domains/shared/utilities/base-definition-factory.js

@@ -32,7 +32,7 @@ function createBaseDefinition(
     const region = process.env.AWS_REGION || 'us-east-1';
 
     // Package config for handlers that skip esbuild (need node_modules dependencies)
-    // Since Express and other deps are now in backend/node_modules, exclude only what's not needed
+    // Include backend src/ and index.js since handlers load the app definition
     const skipEsbuildPackageConfig = {
         exclude: [
             // Exclude Prisma (provided via Lambda Layer)
@@ -53,8 +53,7 @@ function createBaseDefinition(
             'node_modules/prettier/**',
             'node_modules/eslint/**',
             
-            // Exclude backend source and layers
-            'src/**',
+            // Exclude test files and layers (but keep src/ - needed for app definition)
             'test/**',
             'layers/**',
             'coverage/**',