@friggframework/devtools 2.0.0-next.26 → 2.0.0-next.28

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/infrastructure/serverless-template.js +115 -41
  2. package/package.json +5 -5
package/infrastructure/serverless-template.js CHANGED
@@ -292,6 +292,13 @@ const createVPCInfrastructure = (AppDefinition) => {
292
292
  CidrIp: '0.0.0.0/0',
293
293
  Description: 'HTTP outbound'
294
294
  },
295
+ {
296
+ IpProtocol: 'tcp',
297
+ FromPort: 27017,
298
+ ToPort: 27017,
299
+ CidrIp: '0.0.0.0/0',
300
+ Description: 'MongoDB Atlas TLS outbound'
301
+ },
295
302
  {
296
303
  IpProtocol: 'tcp',
297
304
  FromPort: 53,
@@ -419,9 +426,9 @@ const composeServerlessDefinition = (AppDefinition) => {
419
426
  runtime: 'nodejs20.x',
420
427
  timeout: 30,
421
428
  region: 'us-east-1',
422
- stage: '${opt:stage}',
429
+ stage: '${opt:stage, "dev"}',
423
430
  environment: {
424
- STAGE: '${opt:stage}',
431
+ STAGE: '${opt:stage, "dev"}',
425
432
  AWS_NODEJS_CONNECTION_REUSE_ENABLED: 1,
426
433
  },
427
434
  iamRoleStatements: [
@@ -455,6 +462,17 @@ const composeServerlessDefinition = (AppDefinition) => {
455
462
  ],
456
463
  }
457
464
  ],
465
+ httpApi: {
466
+ payload: '2.0',
467
+ cors: {
468
+ allowedOrigins: ['*'],
469
+ allowedHeaders: ['*'],
470
+ allowedMethods: ['*'],
471
+ allowCredentials: false,
472
+ },
473
+ name: '${opt:stage, "dev"}-${self:service}',
474
+ disableDefaultEndpoint: false,
475
+ }
458
476
  },
459
477
  plugins: [
460
478
  'serverless-jetpack',
@@ -507,24 +525,21 @@ const composeServerlessDefinition = (AppDefinition) => {
507
525
  handler: 'node_modules/@friggframework/core/handlers/routers/auth.handler',
508
526
  events: [
509
527
  {
510
- http: {
528
+ httpApi: {
511
529
  path: '/api/integrations',
512
530
  method: 'ANY',
513
- cors: true,
514
531
  },
515
532
  },
516
533
  {
517
- http: {
534
+ httpApi: {
518
535
  path: '/api/integrations/{proxy+}',
519
536
  method: 'ANY',
520
- cors: true,
521
537
  },
522
538
  },
523
539
  {
524
- http: {
540
+ httpApi: {
525
541
  path: '/api/authorize',
526
542
  method: 'ANY',
527
- cors: true,
528
543
  },
529
544
  },
530
545
  ],
@@ -533,10 +548,9 @@ const composeServerlessDefinition = (AppDefinition) => {
533
548
  handler: 'node_modules/@friggframework/core/handlers/routers/user.handler',
534
549
  events: [
535
550
  {
536
- http: {
551
+ httpApi: {
537
552
  path: '/user/{proxy+}',
538
553
  method: 'ANY',
539
- cors: true,
540
554
  },
541
555
  },
542
556
  ],
@@ -545,17 +559,15 @@ const composeServerlessDefinition = (AppDefinition) => {
545
559
  handler: 'node_modules/@friggframework/core/handlers/routers/health.handler',
546
560
  events: [
547
561
  {
548
- http: {
562
+ httpApi: {
549
563
  path: '/health',
550
564
  method: 'GET',
551
- cors: true,
552
565
  },
553
566
  },
554
567
  {
555
- http: {
568
+ httpApi: {
556
569
  path: '/health/{proxy+}',
557
570
  method: 'GET',
558
- cors: true,
559
571
  },
560
572
  },
561
573
  ],
@@ -633,16 +645,12 @@ const composeServerlessDefinition = (AppDefinition) => {
633
645
  AlarmActions: [{ Ref: 'InternalErrorBridgeTopic' }],
634
646
  Dimensions: [
635
647
  {
636
- Name: 'ApiName',
637
- Value: {
638
- 'Fn::Join': [
639
- '-',
640
- [
641
- '${self:provider.stage}',
642
- '${self:service}',
643
- ],
644
- ],
645
- },
648
+ Name: 'ApiId',
649
+ Value: { Ref: 'HttpApi' },
650
+ },
651
+ {
652
+ Name: 'Stage',
653
+ Value: '${self:provider.stage}',
646
654
  },
647
655
  ],
648
656
  },
@@ -651,28 +659,95 @@ const composeServerlessDefinition = (AppDefinition) => {
651
659
  },
652
660
  };
653
661
 
662
+ // Configure BASE_URL based on custom domain or API Gateway
663
+ if (process.env.CUSTOM_DOMAIN) {
664
+
665
+ // Configure custom domain
666
+ definition.custom.customDomain = {
667
+ domainName: process.env.CUSTOM_DOMAIN,
668
+ basePath: process.env.CUSTOM_BASE_PATH || '',
669
+ stage: '${opt:stage, "dev"}',
670
+ createRoute53Record: process.env.CREATE_ROUTE53_RECORD !== 'false', // Default true
671
+ certificateName: process.env.CERTIFICATE_NAME || process.env.CUSTOM_DOMAIN,
672
+ endpointType: process.env.ENDPOINT_TYPE || 'edge', // edge, regional, or private
673
+ securityPolicy: process.env.SECURITY_POLICY || 'tls_1_2',
674
+ apiType: 'http',
675
+ autoDomain: process.env.AUTO_DOMAIN === 'true', // Auto create domain if it doesn't exist
676
+ };
677
+
678
+ // Set BASE_URL to custom domain
679
+ definition.provider.environment.BASE_URL = `https://${process.env.CUSTOM_DOMAIN}`;
680
+ } else {
681
+ // Default BASE_URL using API Gateway generated URL
682
+ // For HTTP API, don't include stage as it uses $default behavior
683
+ definition.provider.environment.BASE_URL = {
684
+ 'Fn::GetAtt': ['HttpApi', 'ApiEndpoint']
685
+ };
686
+ }
687
+
688
+ // REDIRECT_PATH is required for OAuth integrations
689
+ if (!process.env.REDIRECT_PATH) {
690
+ throw new Error(
691
+ 'REDIRECT_PATH environment variable is required. ' +
692
+ 'Please set REDIRECT_PATH in your .env file (e.g., REDIRECT_PATH=/oauth/callback)'
693
+ );
694
+ }
695
+
696
+ // Set REDIRECT_URI based on domain configuration
697
+ if (process.env.CUSTOM_DOMAIN) {
698
+ definition.provider.environment.REDIRECT_URI = `https://${process.env.CUSTOM_DOMAIN}${process.env.REDIRECT_PATH}`;
699
+ } else {
700
+ definition.provider.environment.REDIRECT_URI = {
701
+ 'Fn::Join': [
702
+ '',
703
+ [
704
+ { 'Fn::GetAtt': ['HttpApi', 'ApiEndpoint'] },
705
+ process.env.REDIRECT_PATH,
706
+ ],
707
+ ],
708
+ };
709
+ }
710
+
711
+ // Add REDIRECT_URI to CloudFormation outputs
712
+ definition.resources.Outputs = {
713
+ RedirectURI: {
714
+ Description: 'OAuth Redirect URI to register with providers',
715
+ Value: definition.provider.environment.REDIRECT_URI,
716
+ },
717
+ };
718
+
654
719
  // KMS Configuration based on App Definition
655
720
  if (AppDefinition.encryption?.useDefaultKMSForFieldLevelEncryption === true) {
656
- // Add KMS IAM permissions
721
+ // Provision a dedicated KMS key and wire it automatically
722
+ definition.resources.Resources.FriggKMSKey = {
723
+ Type: 'AWS::KMS::Key',
724
+ Properties: {
725
+ EnableKeyRotation: true,
726
+ KeyPolicy: {
727
+ Version: '2012-10-17',
728
+ Statement: [
729
+ {
730
+ Sid: 'AllowRootAccountAdmin',
731
+ Effect: 'Allow',
732
+ Principal: { AWS: { 'Fn::Sub': 'arn:aws:iam::${AWS::AccountId}:root' } },
733
+ Action: 'kms:*',
734
+ Resource: '*'
735
+ }
736
+ ]
737
+ }
738
+ }
739
+ };
740
+
657
741
  definition.provider.iamRoleStatements.push({
658
742
  Effect: 'Allow',
659
- Action: [
660
- 'kms:GenerateDataKey',
661
- 'kms:Decrypt'
662
- ],
663
- Resource: ['${self:custom.kmsGrants.kmsKeyId}']
743
+ Action: ['kms:GenerateDataKey', 'kms:Decrypt'],
744
+ Resource: [{ 'Fn::GetAtt': ['FriggKMSKey', 'Arn'] }]
664
745
  });
665
746
 
666
- // Add KMS_KEY_ARN environment variable for Frigg Encrypt module
667
- definition.provider.environment.KMS_KEY_ARN = '${self:custom.kmsGrants.kmsKeyId}';
747
+ definition.provider.environment.KMS_KEY_ARN = { 'Fn::GetAtt': ['FriggKMSKey', 'Arn'] };
668
748
 
669
- // Add serverless-kms-grants plugin
670
749
  definition.plugins.push('serverless-kms-grants');
671
-
672
- // Configure KMS grants with default key
673
- definition.custom.kmsGrants = {
674
- kmsKeyId: '*'
675
- };
750
+ definition.custom.kmsGrants = { kmsKeyId: { 'Fn::GetAtt': ['FriggKMSKey', 'Arn'] } };
676
751
  }
677
752
 
678
753
  // VPC Configuration based on App Definition
@@ -729,10 +804,9 @@ const composeServerlessDefinition = (AppDefinition) => {
729
804
  handler: `node_modules/@friggframework/core/handlers/routers/integration-defined-routers.handlers.${integrationName}.handler`,
730
805
  events: [
731
806
  {
732
- http: {
807
+ httpApi: {
733
808
  path: `/api/${integrationName}-integration/{proxy+}`,
734
809
  method: 'ANY',
735
- cors: true,
736
810
  },
737
811
  },
738
812
  ],
@@ -792,4 +866,4 @@ const composeServerlessDefinition = (AppDefinition) => {
792
866
  return definition;
793
867
  };
794
868
 
795
- module.exports = { composeServerlessDefinition };
869
+ module.exports = { composeServerlessDefinition };
package/package.json CHANGED
@@ -1,12 +1,12 @@
1
1
  {
2
2
  "name": "@friggframework/devtools",
3
3
  "prettier": "@friggframework/prettier-config",
4
- "version": "2.0.0-next.26",
4
+ "version": "2.0.0-next.28",
5
5
  "dependencies": {
6
6
  "@babel/eslint-parser": "^7.18.9",
7
7
  "@babel/parser": "^7.25.3",
8
8
  "@babel/traverse": "^7.25.3",
9
- "@friggframework/test": "2.0.0-next.26",
9
+ "@friggframework/test": "2.0.0-next.28",
10
10
  "@hapi/boom": "^10.0.1",
11
11
  "@inquirer/prompts": "^5.3.8",
12
12
  "axios": "^1.7.2",
@@ -27,8 +27,8 @@
27
27
  "serverless-http": "^2.7.0"
28
28
  },
29
29
  "devDependencies": {
30
- "@friggframework/eslint-config": "2.0.0-next.26",
31
- "@friggframework/prettier-config": "2.0.0-next.26",
30
+ "@friggframework/eslint-config": "2.0.0-next.28",
31
+ "@friggframework/prettier-config": "2.0.0-next.28",
32
32
  "prettier": "^2.7.1",
33
33
  "serverless": "3.39.0",
34
34
  "serverless-dotenv-plugin": "^6.0.0",
@@ -60,5 +60,5 @@
60
60
  "publishConfig": {
61
61
  "access": "public"
62
62
  },
63
- "gitHead": "9b9a6cf25e458ec0033c7f4e4ee1f2128b81599e"
63
+ "gitHead": "3c830c9e559a1ed9b8a2b2de885cd5984649e2fb"
64
64
  }