@friggframework/devtools 2.0.0-next.39 → 2.0.0-next.40

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. package/infrastructure/README.md +19 -8
  2. package/infrastructure/aws-discovery.js +951 -345
  3. package/infrastructure/aws-discovery.test.js +1031 -184
  4. package/infrastructure/build-time-discovery.test.js +3 -0
  5. package/infrastructure/iam-generator.js +46 -0
  6. package/infrastructure/iam-generator.test.js +7 -4
  7. package/infrastructure/serverless-template.js +1096 -813
  8. package/infrastructure/serverless-template.test.js +1036 -21
  9. package/package.json +8 -6
  10. package/infrastructure/AWS-DISCOVERY-TROUBLESHOOTING.md +0 -245
  11. package/infrastructure/AWS-IAM-CREDENTIAL-NEEDS.md +0 -627
  12. package/infrastructure/README-TESTING.md +0 -332
package/infrastructure/build-time-discovery.test.js CHANGED
@@ -56,6 +56,7 @@ describe('BuildTimeDiscovery', () => {
56
56
  describe('discoverAndCreateConfig', () => {
57
57
  const mockResources = {
58
58
  defaultVpcId: 'vpc-12345678',
59
+ vpcCidr: '172.31.0.0/16',
59
60
  defaultSecurityGroupId: 'sg-12345678',
60
61
  privateSubnetId1: 'subnet-1',
61
62
  privateSubnetId2: 'subnet-2',
@@ -100,6 +101,7 @@ describe('BuildTimeDiscovery', () => {
100
101
  describe('replaceTemplateVariables', () => {
101
102
  const mockResources = {
102
103
  defaultVpcId: 'vpc-12345678',
104
+ vpcCidr: '172.31.0.0/16',
103
105
  defaultSecurityGroupId: 'sg-12345678',
104
106
  privateSubnetId1: 'subnet-1',
105
107
  privateSubnetId2: 'subnet-2',
@@ -225,6 +227,7 @@ describe('BuildTimeDiscovery', () => {
225
227
  describe('preBuildHook', () => {
226
228
  const mockResources = {
227
229
  defaultVpcId: 'vpc-12345678',
230
+ vpcCidr: '172.31.0.0/16',
228
231
  defaultSecurityGroupId: 'sg-12345678',
229
232
  privateSubnetId1: 'subnet-1',
230
233
  privateSubnetId2: 'subnet-2',
package/infrastructure/iam-generator.js CHANGED
@@ -76,6 +76,18 @@ function generateIAMCloudFormation(appDefinition, options = {}) {
76
76
  Description:
77
77
  'Enable SSM Parameter Store permissions for Frigg applications',
78
78
  },
79
+ DeploymentKmsAliasName: {
80
+ Type: 'String',
81
+ Default: 'alias/frigg-deployment',
82
+ Description:
83
+ 'Alias name to create or manage for the deployment KMS key',
84
+ },
85
+ DeploymentKmsTargetKeyArn: {
86
+ Type: 'String',
87
+ Default: '',
88
+ Description:
89
+ 'Optional existing KMS key ARN that the deployment alias should reference',
90
+ },
79
91
  },
80
92
 
81
93
  Conditions: {
@@ -88,6 +100,23 @@ function generateIAMCloudFormation(appDefinition, options = {}) {
88
100
  CreateSSMPermissions: {
89
101
  'Fn::Equals': [{ Ref: 'EnableSSMSupport' }, 'true'],
90
102
  },
103
+ CreateKMSAlias: {
104
+ 'Fn::And': [
105
+ {
106
+ 'Fn::Equals': [{ Ref: 'EnableKMSSupport' }, 'true'],
107
+ },
108
+ {
109
+ 'Fn::Not': [
110
+ {
111
+ 'Fn::Equals': [
112
+ { Ref: 'DeploymentKmsTargetKeyArn' },
113
+ '',
114
+ ],
115
+ },
116
+ ],
117
+ },
118
+ ],
119
+ },
91
120
  },
92
121
 
93
122
  Resources: {},
@@ -556,6 +585,7 @@ function generateIAMCloudFormation(appDefinition, options = {}) {
556
585
  'ec2:DescribeRouteTables',
557
586
  'ec2:CreateRoute',
558
587
  'ec2:DeleteRoute',
588
+ 'ec2:ReplaceRoute',
559
589
  'ec2:AssociateRouteTable',
560
590
  'ec2:DisassociateRouteTable',
561
591
  'ec2:CreateSecurityGroup',
@@ -615,6 +645,11 @@ function generateIAMCloudFormation(appDefinition, options = {}) {
615
645
  'kms:TagResource',
616
646
  'kms:UntagResource',
617
647
  'kms:ListResourceTags',
648
+ 'kms:CreateAlias',
649
+ 'kms:UpdateAlias',
650
+ 'kms:DeleteAlias',
651
+ 'kms:ListAliases',
652
+ 'kms:DescribeKey',
618
653
  ],
619
654
  Resource: '*',
620
655
  },
@@ -624,6 +659,17 @@ function generateIAMCloudFormation(appDefinition, options = {}) {
624
659
  };
625
660
  }
626
661
 
662
+ template.Resources.FriggKMSKeyAlias = {
663
+ Type: 'AWS::KMS::Alias',
664
+ Condition: 'CreateKMSAlias',
665
+ DeletionPolicy: 'Retain',
666
+ UpdateReplacePolicy: 'Retain',
667
+ Properties: {
668
+ AliasName: { Ref: 'DeploymentKmsAliasName' },
669
+ TargetKeyId: { Ref: 'DeploymentKmsTargetKeyArn' },
670
+ },
671
+ };
672
+
627
673
  if (features.ssm) {
628
674
  template.Resources.FriggSSMPolicy = {
629
675
  Type: 'AWS::IAM::ManagedPolicy',
package/infrastructure/iam-generator.test.js CHANGED
@@ -71,6 +71,7 @@ describe('IAM Generator', () => {
71
71
  expect(yaml).toContain('FriggVPCPolicy');
72
72
  expect(yaml).toContain('CreateVPCPermissions');
73
73
  expect(yaml).toContain('EnableVPCSupport');
74
+ expect(yaml).toContain('ec2:ReplaceRoute');
74
75
  });
75
76
 
76
77
  it('should include KMS policy when encryption is enabled', () => {
@@ -85,6 +86,8 @@ describe('IAM Generator', () => {
85
86
  expect(yaml).toContain('FriggKMSPolicy');
86
87
  expect(yaml).toContain('CreateKMSPermissions');
87
88
  expect(yaml).toContain('EnableKMSSupport');
89
+ expect(yaml).toContain('FriggKMSKeyAlias');
90
+ expect(yaml).toContain('kms:CreateAlias');
88
91
  });
89
92
 
90
93
  it('should include SSM policy when SSM is enabled', () => {
@@ -113,9 +116,9 @@ describe('IAM Generator', () => {
113
116
  const yaml = generateIAMCloudFormation(appDefinition);
114
117
 
115
118
  // Check parameter defaults match the enabled features
116
- expect(yaml).toContain('Default: true'); // VPC enabled
117
- expect(yaml).toContain('Default: false'); // KMS disabled
118
- // SSM should be true
119
+ expect(yaml).toContain("Default: 'true'"); // VPC enabled
120
+ expect(yaml).toContain("Default: 'false'"); // KMS disabled
121
+ expect(yaml).toContain('alias/frigg-deployment');
119
122
  });
120
123
 
121
124
  it('should include all core permissions', () => {
@@ -166,4 +169,4 @@ describe('IAM Generator', () => {
166
169
  expect(yaml).toContain('CredentialsSecretArn:');
167
170
  });
168
171
  });
169
- });
172
+ });