@friggframework/devtools 2.0.0--canary.474.ca45ad3.0 → 2.0.0--canary.474.3e895e3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -400,7 +400,7 @@ class AuroraBuilder extends InfrastructureBuilder {
|
|
|
400
400
|
Properties: {
|
|
401
401
|
Engine: 'aurora-postgresql',
|
|
402
402
|
EngineMode: 'provisioned',
|
|
403
|
-
EngineVersion: '15.
|
|
403
|
+
EngineVersion: dbConfig.engineVersion || '15.13', // Configurable, defaults to 15.13 (latest as of Oct 2025)
|
|
404
404
|
Port: 5432, // Explicitly set PostgreSQL port (AWS may not auto-detect)
|
|
405
405
|
DatabaseName: dbConfig.database || 'frigg',
|
|
406
406
|
MasterUsername: {
|
|
@@ -232,14 +232,32 @@ class KmsBuilder extends InfrastructureBuilder {
|
|
|
232
232
|
// Check for environment variable fallback flag (legacy behavior)
|
|
233
233
|
const useEnvVarFallback = appDefinition.encryption?._useEnvVarFallback;
|
|
234
234
|
|
|
235
|
+
// CRITICAL FIX: Check if KMS key exists OUTSIDE of stack (orphaned resource)
|
|
236
|
+
// If key exists but not in stack, we should use it as EXTERNAL, not try to create it
|
|
237
|
+
const externalKmsKey = discoveredResources?.defaultKmsKeyId ||
|
|
238
|
+
discoveredResources?.kmsKeyArn ||
|
|
239
|
+
discoveredResources?.kmsKeyId;
|
|
240
|
+
|
|
235
241
|
if (decisions.key.ownership === ResourceOwnership.STACK && decisions.key.physicalId) {
|
|
236
242
|
// Key exists in stack - add definitions (CloudFormation idempotency)
|
|
237
243
|
console.log(' → Adding KMS definitions to template (existing in stack)');
|
|
238
244
|
result.resources = this.createKmsKey(appDefinition);
|
|
239
245
|
result.environment.KMS_KEY_ARN = { 'Fn::GetAtt': ['FriggKMSKey', 'Arn'] };
|
|
240
246
|
console.log(' ✅ KMS key resources created');
|
|
247
|
+
} else if (decisions.key.ownership === ResourceOwnership.STACK && !decisions.key.physicalId && externalKmsKey) {
|
|
248
|
+
// ORPHANED KEY FIX: Key exists externally but not in stack
|
|
249
|
+
// Use it as external instead of trying to create (would fail with "already exists")
|
|
250
|
+
console.log(' ⚠️ KMS key exists externally but not in stack - using as external resource');
|
|
251
|
+
console.log(` → Using external KMS key: ${externalKmsKey}`);
|
|
252
|
+
|
|
253
|
+
// Format as ARN if it's just a key ID
|
|
254
|
+
const kmsArn = externalKmsKey.startsWith('arn:')
|
|
255
|
+
? externalKmsKey
|
|
256
|
+
: `arn:aws:kms:\${self:provider.region}:\${aws:accountId}:key/${externalKmsKey}`;
|
|
257
|
+
|
|
258
|
+
result.environment.KMS_KEY_ARN = kmsArn;
|
|
241
259
|
} else if (decisions.key.ownership === ResourceOwnership.STACK && !decisions.key.physicalId && !useEnvVarFallback) {
|
|
242
|
-
// Create new KMS key (only if not using env var fallback)
|
|
260
|
+
// Create new KMS key (only if not using env var fallback and no external key found)
|
|
243
261
|
console.log(' → Creating new KMS key in stack');
|
|
244
262
|
result.resources = this.createKmsKey(appDefinition);
|
|
245
263
|
result.environment.KMS_KEY_ARN = { 'Fn::GetAtt': ['FriggKMSKey', 'Arn'] };
|
package/package.json
CHANGED
|
@@ -1,18 +1,19 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@friggframework/devtools",
|
|
3
3
|
"prettier": "@friggframework/prettier-config",
|
|
4
|
-
"version": "2.0.0--canary.474.
|
|
4
|
+
"version": "2.0.0--canary.474.3e895e3.0",
|
|
5
5
|
"dependencies": {
|
|
6
6
|
"@aws-sdk/client-ec2": "^3.835.0",
|
|
7
7
|
"@aws-sdk/client-kms": "^3.835.0",
|
|
8
8
|
"@aws-sdk/client-rds": "^3.906.0",
|
|
9
|
+
"@aws-sdk/client-s3": "^3.917.0",
|
|
9
10
|
"@aws-sdk/client-secrets-manager": "^3.906.0",
|
|
10
11
|
"@aws-sdk/client-sts": "^3.835.0",
|
|
11
12
|
"@babel/eslint-parser": "^7.18.9",
|
|
12
13
|
"@babel/parser": "^7.25.3",
|
|
13
14
|
"@babel/traverse": "^7.25.3",
|
|
14
|
-
"@friggframework/schemas": "2.0.0--canary.474.
|
|
15
|
-
"@friggframework/test": "2.0.0--canary.474.
|
|
15
|
+
"@friggframework/schemas": "2.0.0--canary.474.3e895e3.0",
|
|
16
|
+
"@friggframework/test": "2.0.0--canary.474.3e895e3.0",
|
|
16
17
|
"@hapi/boom": "^10.0.1",
|
|
17
18
|
"@inquirer/prompts": "^5.3.8",
|
|
18
19
|
"axios": "^1.7.2",
|
|
@@ -34,8 +35,8 @@
|
|
|
34
35
|
"serverless-http": "^2.7.0"
|
|
35
36
|
},
|
|
36
37
|
"devDependencies": {
|
|
37
|
-
"@friggframework/eslint-config": "2.0.0--canary.474.
|
|
38
|
-
"@friggframework/prettier-config": "2.0.0--canary.474.
|
|
38
|
+
"@friggframework/eslint-config": "2.0.0--canary.474.3e895e3.0",
|
|
39
|
+
"@friggframework/prettier-config": "2.0.0--canary.474.3e895e3.0",
|
|
39
40
|
"aws-sdk-client-mock": "^4.1.0",
|
|
40
41
|
"aws-sdk-client-mock-jest": "^4.1.0",
|
|
41
42
|
"jest": "^30.1.3",
|
|
@@ -67,5 +68,5 @@
|
|
|
67
68
|
"publishConfig": {
|
|
68
69
|
"access": "public"
|
|
69
70
|
},
|
|
70
|
-
"gitHead": "
|
|
71
|
+
"gitHead": "3e895e3e7373e70c1a7aa4e1bf130f172be67311"
|
|
71
72
|
}
|