@friggframework/devtools 2.0.0-next.25 → 2.0.0-next.27
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -292,6 +292,13 @@ const createVPCInfrastructure = (AppDefinition) => {
|
|
|
292
292
|
CidrIp: '0.0.0.0/0',
|
|
293
293
|
Description: 'HTTP outbound'
|
|
294
294
|
},
|
|
295
|
+
{
|
|
296
|
+
IpProtocol: 'tcp',
|
|
297
|
+
FromPort: 27017,
|
|
298
|
+
ToPort: 27017,
|
|
299
|
+
CidrIp: '0.0.0.0/0',
|
|
300
|
+
Description: 'MongoDB Atlas TLS outbound'
|
|
301
|
+
},
|
|
295
302
|
{
|
|
296
303
|
IpProtocol: 'tcp',
|
|
297
304
|
FromPort: 53,
|
|
@@ -406,6 +413,14 @@ const createVPCInfrastructure = (AppDefinition) => {
|
|
|
406
413
|
};
|
|
407
414
|
|
|
408
415
|
const composeServerlessDefinition = (AppDefinition) => {
|
|
416
|
+
// Define CORS configuration to be used across all endpoints
|
|
417
|
+
const corsConfig = {
|
|
418
|
+
origin: '*',
|
|
419
|
+
headers: '*',
|
|
420
|
+
methods: ['ANY'],
|
|
421
|
+
allowCredentials: false,
|
|
422
|
+
};
|
|
423
|
+
|
|
409
424
|
const definition = {
|
|
410
425
|
frameworkVersion: '>=3.17.0',
|
|
411
426
|
service: AppDefinition.name || 'create-frigg-app',
|
|
@@ -510,21 +525,21 @@ const composeServerlessDefinition = (AppDefinition) => {
|
|
|
510
525
|
http: {
|
|
511
526
|
path: '/api/integrations',
|
|
512
527
|
method: 'ANY',
|
|
513
|
-
cors:
|
|
528
|
+
cors: corsConfig,
|
|
514
529
|
},
|
|
515
530
|
},
|
|
516
531
|
{
|
|
517
532
|
http: {
|
|
518
533
|
path: '/api/integrations/{proxy+}',
|
|
519
534
|
method: 'ANY',
|
|
520
|
-
cors:
|
|
535
|
+
cors: corsConfig,
|
|
521
536
|
},
|
|
522
537
|
},
|
|
523
538
|
{
|
|
524
539
|
http: {
|
|
525
540
|
path: '/api/authorize',
|
|
526
541
|
method: 'ANY',
|
|
527
|
-
cors:
|
|
542
|
+
cors: corsConfig,
|
|
528
543
|
},
|
|
529
544
|
},
|
|
530
545
|
],
|
|
@@ -536,7 +551,26 @@ const composeServerlessDefinition = (AppDefinition) => {
|
|
|
536
551
|
http: {
|
|
537
552
|
path: '/user/{proxy+}',
|
|
538
553
|
method: 'ANY',
|
|
539
|
-
cors:
|
|
554
|
+
cors: corsConfig,
|
|
555
|
+
},
|
|
556
|
+
},
|
|
557
|
+
],
|
|
558
|
+
},
|
|
559
|
+
health: {
|
|
560
|
+
handler: 'node_modules/@friggframework/core/handlers/routers/health.handler',
|
|
561
|
+
events: [
|
|
562
|
+
{
|
|
563
|
+
http: {
|
|
564
|
+
path: '/health',
|
|
565
|
+
method: 'GET',
|
|
566
|
+
cors: corsConfig,
|
|
567
|
+
},
|
|
568
|
+
},
|
|
569
|
+
{
|
|
570
|
+
http: {
|
|
571
|
+
path: '/health/{proxy+}',
|
|
572
|
+
method: 'GET',
|
|
573
|
+
cors: corsConfig,
|
|
540
574
|
},
|
|
541
575
|
},
|
|
542
576
|
],
|
|
@@ -632,28 +666,109 @@ const composeServerlessDefinition = (AppDefinition) => {
|
|
|
632
666
|
},
|
|
633
667
|
};
|
|
634
668
|
|
|
669
|
+
// Configure BASE_URL based on custom domain or API Gateway
|
|
670
|
+
if (process.env.CUSTOM_DOMAIN) {
|
|
671
|
+
|
|
672
|
+
// Configure custom domain
|
|
673
|
+
definition.custom.customDomain = {
|
|
674
|
+
domainName: process.env.CUSTOM_DOMAIN,
|
|
675
|
+
basePath: process.env.CUSTOM_BASE_PATH || '',
|
|
676
|
+
stage: '${self:provider.stage}',
|
|
677
|
+
createRoute53Record: process.env.CREATE_ROUTE53_RECORD !== 'false', // Default true
|
|
678
|
+
certificateName: process.env.CERTIFICATE_NAME || process.env.CUSTOM_DOMAIN,
|
|
679
|
+
endpointType: process.env.ENDPOINT_TYPE || 'edge', // edge, regional, or private
|
|
680
|
+
securityPolicy: process.env.SECURITY_POLICY || 'tls_1_2',
|
|
681
|
+
apiType: 'rest',
|
|
682
|
+
autoDomain: process.env.AUTO_DOMAIN === 'true', // Auto create domain if it doesn't exist
|
|
683
|
+
};
|
|
684
|
+
|
|
685
|
+
// Set BASE_URL to custom domain
|
|
686
|
+
definition.provider.environment.BASE_URL = `https://${process.env.CUSTOM_DOMAIN}`;
|
|
687
|
+
} else {
|
|
688
|
+
// Default BASE_URL using API Gateway generated URL
|
|
689
|
+
definition.provider.environment.BASE_URL = {
|
|
690
|
+
'Fn::Join': [
|
|
691
|
+
'',
|
|
692
|
+
[
|
|
693
|
+
'https://',
|
|
694
|
+
{ Ref: 'ApiGatewayRestApi' },
|
|
695
|
+
'.execute-api.',
|
|
696
|
+
{ Ref: 'AWS::Region' },
|
|
697
|
+
'.amazonaws.com/',
|
|
698
|
+
'${self:provider.stage}',
|
|
699
|
+
],
|
|
700
|
+
],
|
|
701
|
+
};
|
|
702
|
+
}
|
|
703
|
+
|
|
704
|
+
// REDIRECT_PATH is required for OAuth integrations
|
|
705
|
+
if (!process.env.REDIRECT_PATH) {
|
|
706
|
+
throw new Error(
|
|
707
|
+
'REDIRECT_PATH environment variable is required. ' +
|
|
708
|
+
'Please set REDIRECT_PATH in your .env file (e.g., REDIRECT_PATH=/oauth/callback)'
|
|
709
|
+
);
|
|
710
|
+
}
|
|
711
|
+
|
|
712
|
+
// Set REDIRECT_URI based on domain configuration
|
|
713
|
+
if (process.env.CUSTOM_DOMAIN) {
|
|
714
|
+
definition.provider.environment.REDIRECT_URI = `https://${process.env.CUSTOM_DOMAIN}${process.env.REDIRECT_PATH}`;
|
|
715
|
+
} else {
|
|
716
|
+
definition.provider.environment.REDIRECT_URI = {
|
|
717
|
+
'Fn::Join': [
|
|
718
|
+
'',
|
|
719
|
+
[
|
|
720
|
+
'https://',
|
|
721
|
+
{ Ref: 'ApiGatewayRestApi' },
|
|
722
|
+
'.execute-api.',
|
|
723
|
+
{ Ref: 'AWS::Region' },
|
|
724
|
+
'.amazonaws.com/',
|
|
725
|
+
'${self:provider.stage}',
|
|
726
|
+
process.env.REDIRECT_PATH,
|
|
727
|
+
],
|
|
728
|
+
],
|
|
729
|
+
};
|
|
730
|
+
}
|
|
731
|
+
|
|
732
|
+
// Add REDIRECT_URI to CloudFormation outputs
|
|
733
|
+
definition.resources.Outputs = {
|
|
734
|
+
RedirectURI: {
|
|
735
|
+
Description: 'OAuth Redirect URI to register with providers',
|
|
736
|
+
Value: definition.provider.environment.REDIRECT_URI,
|
|
737
|
+
},
|
|
738
|
+
};
|
|
739
|
+
|
|
635
740
|
// KMS Configuration based on App Definition
|
|
636
741
|
if (AppDefinition.encryption?.useDefaultKMSForFieldLevelEncryption === true) {
|
|
637
|
-
//
|
|
742
|
+
// Provision a dedicated KMS key and wire it automatically
|
|
743
|
+
definition.resources.Resources.FriggKMSKey = {
|
|
744
|
+
Type: 'AWS::KMS::Key',
|
|
745
|
+
Properties: {
|
|
746
|
+
EnableKeyRotation: true,
|
|
747
|
+
KeyPolicy: {
|
|
748
|
+
Version: '2012-10-17',
|
|
749
|
+
Statement: [
|
|
750
|
+
{
|
|
751
|
+
Sid: 'AllowRootAccountAdmin',
|
|
752
|
+
Effect: 'Allow',
|
|
753
|
+
Principal: { AWS: { 'Fn::Sub': 'arn:aws:iam::${AWS::AccountId}:root' } },
|
|
754
|
+
Action: 'kms:*',
|
|
755
|
+
Resource: '*'
|
|
756
|
+
}
|
|
757
|
+
]
|
|
758
|
+
}
|
|
759
|
+
}
|
|
760
|
+
};
|
|
761
|
+
|
|
638
762
|
definition.provider.iamRoleStatements.push({
|
|
639
763
|
Effect: 'Allow',
|
|
640
|
-
Action: [
|
|
641
|
-
|
|
642
|
-
'kms:Decrypt'
|
|
643
|
-
],
|
|
644
|
-
Resource: ['${self:custom.kmsGrants.kmsKeyId}']
|
|
764
|
+
Action: ['kms:GenerateDataKey', 'kms:Decrypt'],
|
|
765
|
+
Resource: [{ 'Fn::GetAtt': ['FriggKMSKey', 'Arn'] }]
|
|
645
766
|
});
|
|
646
767
|
|
|
647
|
-
|
|
648
|
-
definition.provider.environment.KMS_KEY_ARN = '${self:custom.kmsGrants.kmsKeyId}';
|
|
768
|
+
definition.provider.environment.KMS_KEY_ARN = { 'Fn::GetAtt': ['FriggKMSKey', 'Arn'] };
|
|
649
769
|
|
|
650
|
-
// Add serverless-kms-grants plugin
|
|
651
770
|
definition.plugins.push('serverless-kms-grants');
|
|
652
|
-
|
|
653
|
-
// Configure KMS grants with default key
|
|
654
|
-
definition.custom.kmsGrants = {
|
|
655
|
-
kmsKeyId: '*'
|
|
656
|
-
};
|
|
771
|
+
definition.custom.kmsGrants = { kmsKeyId: { 'Fn::GetAtt': ['FriggKMSKey', 'Arn'] } };
|
|
657
772
|
}
|
|
658
773
|
|
|
659
774
|
// VPC Configuration based on App Definition
|
|
@@ -713,7 +828,7 @@ const composeServerlessDefinition = (AppDefinition) => {
|
|
|
713
828
|
http: {
|
|
714
829
|
path: `/api/${integrationName}-integration/{proxy+}`,
|
|
715
830
|
method: 'ANY',
|
|
716
|
-
cors:
|
|
831
|
+
cors: corsConfig,
|
|
717
832
|
},
|
|
718
833
|
},
|
|
719
834
|
],
|
|
@@ -773,4 +888,4 @@ const composeServerlessDefinition = (AppDefinition) => {
|
|
|
773
888
|
return definition;
|
|
774
889
|
};
|
|
775
890
|
|
|
776
|
-
module.exports = { composeServerlessDefinition };
|
|
891
|
+
module.exports = { composeServerlessDefinition };
|
package/package.json
CHANGED
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@friggframework/devtools",
|
|
3
3
|
"prettier": "@friggframework/prettier-config",
|
|
4
|
-
"version": "2.0.0-next.
|
|
4
|
+
"version": "2.0.0-next.27",
|
|
5
5
|
"dependencies": {
|
|
6
6
|
"@babel/eslint-parser": "^7.18.9",
|
|
7
7
|
"@babel/parser": "^7.25.3",
|
|
8
8
|
"@babel/traverse": "^7.25.3",
|
|
9
|
-
"@friggframework/test": "2.0.0-next.
|
|
9
|
+
"@friggframework/test": "2.0.0-next.27",
|
|
10
10
|
"@hapi/boom": "^10.0.1",
|
|
11
11
|
"@inquirer/prompts": "^5.3.8",
|
|
12
12
|
"axios": "^1.7.2",
|
|
@@ -27,8 +27,8 @@
|
|
|
27
27
|
"serverless-http": "^2.7.0"
|
|
28
28
|
},
|
|
29
29
|
"devDependencies": {
|
|
30
|
-
"@friggframework/eslint-config": "2.0.0-next.
|
|
31
|
-
"@friggframework/prettier-config": "2.0.0-next.
|
|
30
|
+
"@friggframework/eslint-config": "2.0.0-next.27",
|
|
31
|
+
"@friggframework/prettier-config": "2.0.0-next.27",
|
|
32
32
|
"prettier": "^2.7.1",
|
|
33
33
|
"serverless": "3.39.0",
|
|
34
34
|
"serverless-dotenv-plugin": "^6.0.0",
|
|
@@ -60,5 +60,5 @@
|
|
|
60
60
|
"publishConfig": {
|
|
61
61
|
"access": "public"
|
|
62
62
|
},
|
|
63
|
-
"gitHead": "
|
|
63
|
+
"gitHead": "82dec739e8d482b55f995eecf088ef05f7931188"
|
|
64
64
|
}
|