@friggframework/devtools 2.0.0-next.26 → 2.0.0-next.27
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -292,6 +292,13 @@ const createVPCInfrastructure = (AppDefinition) => {
|
|
|
292
292
|
CidrIp: '0.0.0.0/0',
|
|
293
293
|
Description: 'HTTP outbound'
|
|
294
294
|
},
|
|
295
|
+
{
|
|
296
|
+
IpProtocol: 'tcp',
|
|
297
|
+
FromPort: 27017,
|
|
298
|
+
ToPort: 27017,
|
|
299
|
+
CidrIp: '0.0.0.0/0',
|
|
300
|
+
Description: 'MongoDB Atlas TLS outbound'
|
|
301
|
+
},
|
|
295
302
|
{
|
|
296
303
|
IpProtocol: 'tcp',
|
|
297
304
|
FromPort: 53,
|
|
@@ -406,6 +413,14 @@ const createVPCInfrastructure = (AppDefinition) => {
|
|
|
406
413
|
};
|
|
407
414
|
|
|
408
415
|
const composeServerlessDefinition = (AppDefinition) => {
|
|
416
|
+
// Define CORS configuration to be used across all endpoints
|
|
417
|
+
const corsConfig = {
|
|
418
|
+
origin: '*',
|
|
419
|
+
headers: '*',
|
|
420
|
+
methods: ['ANY'],
|
|
421
|
+
allowCredentials: false,
|
|
422
|
+
};
|
|
423
|
+
|
|
409
424
|
const definition = {
|
|
410
425
|
frameworkVersion: '>=3.17.0',
|
|
411
426
|
service: AppDefinition.name || 'create-frigg-app',
|
|
@@ -510,21 +525,21 @@ const composeServerlessDefinition = (AppDefinition) => {
|
|
|
510
525
|
http: {
|
|
511
526
|
path: '/api/integrations',
|
|
512
527
|
method: 'ANY',
|
|
513
|
-
cors:
|
|
528
|
+
cors: corsConfig,
|
|
514
529
|
},
|
|
515
530
|
},
|
|
516
531
|
{
|
|
517
532
|
http: {
|
|
518
533
|
path: '/api/integrations/{proxy+}',
|
|
519
534
|
method: 'ANY',
|
|
520
|
-
cors:
|
|
535
|
+
cors: corsConfig,
|
|
521
536
|
},
|
|
522
537
|
},
|
|
523
538
|
{
|
|
524
539
|
http: {
|
|
525
540
|
path: '/api/authorize',
|
|
526
541
|
method: 'ANY',
|
|
527
|
-
cors:
|
|
542
|
+
cors: corsConfig,
|
|
528
543
|
},
|
|
529
544
|
},
|
|
530
545
|
],
|
|
@@ -536,7 +551,7 @@ const composeServerlessDefinition = (AppDefinition) => {
|
|
|
536
551
|
http: {
|
|
537
552
|
path: '/user/{proxy+}',
|
|
538
553
|
method: 'ANY',
|
|
539
|
-
cors:
|
|
554
|
+
cors: corsConfig,
|
|
540
555
|
},
|
|
541
556
|
},
|
|
542
557
|
],
|
|
@@ -548,14 +563,14 @@ const composeServerlessDefinition = (AppDefinition) => {
|
|
|
548
563
|
http: {
|
|
549
564
|
path: '/health',
|
|
550
565
|
method: 'GET',
|
|
551
|
-
cors:
|
|
566
|
+
cors: corsConfig,
|
|
552
567
|
},
|
|
553
568
|
},
|
|
554
569
|
{
|
|
555
570
|
http: {
|
|
556
571
|
path: '/health/{proxy+}',
|
|
557
572
|
method: 'GET',
|
|
558
|
-
cors:
|
|
573
|
+
cors: corsConfig,
|
|
559
574
|
},
|
|
560
575
|
},
|
|
561
576
|
],
|
|
@@ -651,28 +666,109 @@ const composeServerlessDefinition = (AppDefinition) => {
|
|
|
651
666
|
},
|
|
652
667
|
};
|
|
653
668
|
|
|
669
|
+
// Configure BASE_URL based on custom domain or API Gateway
|
|
670
|
+
if (process.env.CUSTOM_DOMAIN) {
|
|
671
|
+
|
|
672
|
+
// Configure custom domain
|
|
673
|
+
definition.custom.customDomain = {
|
|
674
|
+
domainName: process.env.CUSTOM_DOMAIN,
|
|
675
|
+
basePath: process.env.CUSTOM_BASE_PATH || '',
|
|
676
|
+
stage: '${self:provider.stage}',
|
|
677
|
+
createRoute53Record: process.env.CREATE_ROUTE53_RECORD !== 'false', // Default true
|
|
678
|
+
certificateName: process.env.CERTIFICATE_NAME || process.env.CUSTOM_DOMAIN,
|
|
679
|
+
endpointType: process.env.ENDPOINT_TYPE || 'edge', // edge, regional, or private
|
|
680
|
+
securityPolicy: process.env.SECURITY_POLICY || 'tls_1_2',
|
|
681
|
+
apiType: 'rest',
|
|
682
|
+
autoDomain: process.env.AUTO_DOMAIN === 'true', // Auto create domain if it doesn't exist
|
|
683
|
+
};
|
|
684
|
+
|
|
685
|
+
// Set BASE_URL to custom domain
|
|
686
|
+
definition.provider.environment.BASE_URL = `https://${process.env.CUSTOM_DOMAIN}`;
|
|
687
|
+
} else {
|
|
688
|
+
// Default BASE_URL using API Gateway generated URL
|
|
689
|
+
definition.provider.environment.BASE_URL = {
|
|
690
|
+
'Fn::Join': [
|
|
691
|
+
'',
|
|
692
|
+
[
|
|
693
|
+
'https://',
|
|
694
|
+
{ Ref: 'ApiGatewayRestApi' },
|
|
695
|
+
'.execute-api.',
|
|
696
|
+
{ Ref: 'AWS::Region' },
|
|
697
|
+
'.amazonaws.com/',
|
|
698
|
+
'${self:provider.stage}',
|
|
699
|
+
],
|
|
700
|
+
],
|
|
701
|
+
};
|
|
702
|
+
}
|
|
703
|
+
|
|
704
|
+
// REDIRECT_PATH is required for OAuth integrations
|
|
705
|
+
if (!process.env.REDIRECT_PATH) {
|
|
706
|
+
throw new Error(
|
|
707
|
+
'REDIRECT_PATH environment variable is required. ' +
|
|
708
|
+
'Please set REDIRECT_PATH in your .env file (e.g., REDIRECT_PATH=/oauth/callback)'
|
|
709
|
+
);
|
|
710
|
+
}
|
|
711
|
+
|
|
712
|
+
// Set REDIRECT_URI based on domain configuration
|
|
713
|
+
if (process.env.CUSTOM_DOMAIN) {
|
|
714
|
+
definition.provider.environment.REDIRECT_URI = `https://${process.env.CUSTOM_DOMAIN}${process.env.REDIRECT_PATH}`;
|
|
715
|
+
} else {
|
|
716
|
+
definition.provider.environment.REDIRECT_URI = {
|
|
717
|
+
'Fn::Join': [
|
|
718
|
+
'',
|
|
719
|
+
[
|
|
720
|
+
'https://',
|
|
721
|
+
{ Ref: 'ApiGatewayRestApi' },
|
|
722
|
+
'.execute-api.',
|
|
723
|
+
{ Ref: 'AWS::Region' },
|
|
724
|
+
'.amazonaws.com/',
|
|
725
|
+
'${self:provider.stage}',
|
|
726
|
+
process.env.REDIRECT_PATH,
|
|
727
|
+
],
|
|
728
|
+
],
|
|
729
|
+
};
|
|
730
|
+
}
|
|
731
|
+
|
|
732
|
+
// Add REDIRECT_URI to CloudFormation outputs
|
|
733
|
+
definition.resources.Outputs = {
|
|
734
|
+
RedirectURI: {
|
|
735
|
+
Description: 'OAuth Redirect URI to register with providers',
|
|
736
|
+
Value: definition.provider.environment.REDIRECT_URI,
|
|
737
|
+
},
|
|
738
|
+
};
|
|
739
|
+
|
|
654
740
|
// KMS Configuration based on App Definition
|
|
655
741
|
if (AppDefinition.encryption?.useDefaultKMSForFieldLevelEncryption === true) {
|
|
656
|
-
//
|
|
742
|
+
// Provision a dedicated KMS key and wire it automatically
|
|
743
|
+
definition.resources.Resources.FriggKMSKey = {
|
|
744
|
+
Type: 'AWS::KMS::Key',
|
|
745
|
+
Properties: {
|
|
746
|
+
EnableKeyRotation: true,
|
|
747
|
+
KeyPolicy: {
|
|
748
|
+
Version: '2012-10-17',
|
|
749
|
+
Statement: [
|
|
750
|
+
{
|
|
751
|
+
Sid: 'AllowRootAccountAdmin',
|
|
752
|
+
Effect: 'Allow',
|
|
753
|
+
Principal: { AWS: { 'Fn::Sub': 'arn:aws:iam::${AWS::AccountId}:root' } },
|
|
754
|
+
Action: 'kms:*',
|
|
755
|
+
Resource: '*'
|
|
756
|
+
}
|
|
757
|
+
]
|
|
758
|
+
}
|
|
759
|
+
}
|
|
760
|
+
};
|
|
761
|
+
|
|
657
762
|
definition.provider.iamRoleStatements.push({
|
|
658
763
|
Effect: 'Allow',
|
|
659
|
-
Action: [
|
|
660
|
-
|
|
661
|
-
'kms:Decrypt'
|
|
662
|
-
],
|
|
663
|
-
Resource: ['${self:custom.kmsGrants.kmsKeyId}']
|
|
764
|
+
Action: ['kms:GenerateDataKey', 'kms:Decrypt'],
|
|
765
|
+
Resource: [{ 'Fn::GetAtt': ['FriggKMSKey', 'Arn'] }]
|
|
664
766
|
});
|
|
665
767
|
|
|
666
|
-
|
|
667
|
-
definition.provider.environment.KMS_KEY_ARN = '${self:custom.kmsGrants.kmsKeyId}';
|
|
768
|
+
definition.provider.environment.KMS_KEY_ARN = { 'Fn::GetAtt': ['FriggKMSKey', 'Arn'] };
|
|
668
769
|
|
|
669
|
-
// Add serverless-kms-grants plugin
|
|
670
770
|
definition.plugins.push('serverless-kms-grants');
|
|
671
|
-
|
|
672
|
-
// Configure KMS grants with default key
|
|
673
|
-
definition.custom.kmsGrants = {
|
|
674
|
-
kmsKeyId: '*'
|
|
675
|
-
};
|
|
771
|
+
definition.custom.kmsGrants = { kmsKeyId: { 'Fn::GetAtt': ['FriggKMSKey', 'Arn'] } };
|
|
676
772
|
}
|
|
677
773
|
|
|
678
774
|
// VPC Configuration based on App Definition
|
|
@@ -732,7 +828,7 @@ const composeServerlessDefinition = (AppDefinition) => {
|
|
|
732
828
|
http: {
|
|
733
829
|
path: `/api/${integrationName}-integration/{proxy+}`,
|
|
734
830
|
method: 'ANY',
|
|
735
|
-
cors:
|
|
831
|
+
cors: corsConfig,
|
|
736
832
|
},
|
|
737
833
|
},
|
|
738
834
|
],
|
|
@@ -792,4 +888,4 @@ const composeServerlessDefinition = (AppDefinition) => {
|
|
|
792
888
|
return definition;
|
|
793
889
|
};
|
|
794
890
|
|
|
795
|
-
module.exports = { composeServerlessDefinition };
|
|
891
|
+
module.exports = { composeServerlessDefinition };
|
package/package.json
CHANGED
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@friggframework/devtools",
|
|
3
3
|
"prettier": "@friggframework/prettier-config",
|
|
4
|
-
"version": "2.0.0-next.
|
|
4
|
+
"version": "2.0.0-next.27",
|
|
5
5
|
"dependencies": {
|
|
6
6
|
"@babel/eslint-parser": "^7.18.9",
|
|
7
7
|
"@babel/parser": "^7.25.3",
|
|
8
8
|
"@babel/traverse": "^7.25.3",
|
|
9
|
-
"@friggframework/test": "2.0.0-next.
|
|
9
|
+
"@friggframework/test": "2.0.0-next.27",
|
|
10
10
|
"@hapi/boom": "^10.0.1",
|
|
11
11
|
"@inquirer/prompts": "^5.3.8",
|
|
12
12
|
"axios": "^1.7.2",
|
|
@@ -27,8 +27,8 @@
|
|
|
27
27
|
"serverless-http": "^2.7.0"
|
|
28
28
|
},
|
|
29
29
|
"devDependencies": {
|
|
30
|
-
"@friggframework/eslint-config": "2.0.0-next.
|
|
31
|
-
"@friggframework/prettier-config": "2.0.0-next.
|
|
30
|
+
"@friggframework/eslint-config": "2.0.0-next.27",
|
|
31
|
+
"@friggframework/prettier-config": "2.0.0-next.27",
|
|
32
32
|
"prettier": "^2.7.1",
|
|
33
33
|
"serverless": "3.39.0",
|
|
34
34
|
"serverless-dotenv-plugin": "^6.0.0",
|
|
@@ -60,5 +60,5 @@
|
|
|
60
60
|
"publishConfig": {
|
|
61
61
|
"access": "public"
|
|
62
62
|
},
|
|
63
|
-
"gitHead": "
|
|
63
|
+
"gitHead": "82dec739e8d482b55f995eecf088ef05f7931188"
|
|
64
64
|
}
|