@friggframework/devtools 2.0.0-next.45 → 2.0.0-next.46

package/infrastructure/domains/shared/utilities/base-definition-factory.js.bak

@@ -0,0 +1,338 @@
+/**
+ * Base Serverless Definition Factory
+ * 
+ * Utility Layer - Hexagonal Architecture
+ * 
+ * Creates the base serverless.yml configuration with core functions,
+ * resources, plugins, and provider settings.
+ */
+
+const { buildEnvironment } = require('../environment-builder');
+
+/**
+ * Create base serverless definition with core functions and resources
+ * 
+ * This creates the foundation serverless configuration that all
+ * Frigg applications need, including:
+ * - Core Lambda functions (auth, user, health, dbMigrate)
+ * - Error handling infrastructure (SQS, SNS, CloudWatch)
+ * - Prisma Lambda Layer
+ * - Base plugins and esbuild configuration
+ * 
+ * @param {Object} AppDefinition - Application definition
+ * @param {Object} appEnvironmentVars - Environment variables from app definition
+ * @param {Object} discoveredResources - AWS resources discovered during build
+ * @returns {Object} Base serverless definition
+ */
+function createBaseDefinition(
+    AppDefinition,
+    appEnvironmentVars,
+    discoveredResources
+) {
+    const region = process.env.AWS_REGION || 'us-east-1';
+
+    // Function-level package config to exclude Prisma and AWS SDK
+    const functionPackageConfig = {
+        exclude: [
+            // Exclude AWS SDK (already in Lambda runtime or externalized by esbuild)
+            'node_modules/aws-sdk/**',
+            'node_modules/@aws-sdk/**',
+
+            // Exclude Prisma (provided via Lambda Layer)
+            'node_modules/@prisma/**',
+            'node_modules/.prisma/**',
+            'node_modules/prisma/**',
+            'node_modules/@friggframework/core/generated/**',
+
+            // Exclude nested node_modules from symlinked frigg packages (for npm link development)
+            'node_modules/@friggframework/core/node_modules/**',
+            'node_modules/@friggframework/devtools/node_modules/**',
+
+            // Exclude development/test files from backend project
+            'coverage/**',
+            'test/**',
+            'src/**',
+            'layers/**',
+            '**/*.test.js',
+            '**/*.spec.js',
+            '.git/**',
+            '.github/**',
+        ],
+    };
+
+    return {
+        frameworkVersion: '>=3.17.0',
+        service: AppDefinition.name || 'create-frigg-app',
+        package: {
+            individually: true,
+        },
+        useDotenv: true,
+        provider: {
+            name: AppDefinition.provider || 'aws',
+            ...(process.env.AWS_PROFILE && { profile: process.env.AWS_PROFILE }),
+            runtime: 'nodejs22.x',  // Node.js 22.x (latest Lambda runtime with AWS SDK v3)
+            timeout: 29,  // Set to 29s to give buffer before API Gateway's 30s timeout
+            region,
+            stage: '${opt:stage}',
+            environment: buildEnvironment(appEnvironmentVars, discoveredResources),
+            iamRoleStatements: [
+                {
+                    Effect: 'Allow',
+                    Action: ['sns:Publish'],
+                    Resource: { Ref: 'InternalErrorBridgeTopic' },
+                },
+                {
+                    Effect: 'Allow',
+                    Action: [
+                        'sqs:SendMessage',
+                        'sqs:SendMessageBatch',
+                        'sqs:GetQueueUrl',
+                        'sqs:GetQueueAttributes',
+                    ],
+                    Resource: [
+                        { 'Fn::GetAtt': ['InternalErrorQueue', 'Arn'] },
+                        {
+                            'Fn::Join': [
+                                ':',
+                                [
+                                    'arn:aws:sqs:${self:provider.region}:*:${self:service}--${self:provider.stage}-*Queue',
+                                ],
+                            ],
+                        },
+                    ],
+                },
+            ],
+            httpApi: {
+                payload: '2.0',
+                cors: {
+                    allowedOrigins: ['*'],
+                    allowedHeaders: ['*'],
+                    allowedMethods: ['*'],
+                    allowCredentials: false,
+                },
+                name: '${opt:stage, "dev"}-${self:service}',
+                disableDefaultEndpoint: false,
+            },
+        },
+        plugins: [
+            'serverless-esbuild',
+            'serverless-dotenv-plugin',
+            'serverless-offline-sqs',
+            'serverless-offline',
+            '@friggframework/serverless-plugin',
+        ],
+        custom: {
+            esbuild: {
+                bundle: true,
+                minify: true,
+                sourcemap: true,
+                target: 'node22',
+                platform: 'node',
+                format: 'cjs',
+                external: [
+                    '@aws-sdk/*',
+                    'aws-sdk',
+                    '@prisma/client',
+                    'prisma',
+                    '.prisma/*',
+                ],
+                packager: 'npm',
+                keepNames: true,
+                keepOutputDirectory: false,  // Clean up .esbuild directory after packaging
+                exclude: [
+                    'aws-sdk',
+                    '@aws-sdk/*',
+                    '@prisma/client',
+                    'prisma',
+                ],
+            },
+            'serverless-offline': {
+                httpPort: 3001,
+                lambdaPort: 4001,
+                websocketPort: 3002,
+                location: '.',  // Set base directory for handler resolution to current directory
+                skipCacheInvalidation: false,
+            },
+            'serverless-offline-sqs': {
+                autoCreate: false,
+                apiVersion: '2012-11-05',
+                endpoint: 'http://localhost:4566',
+                region,
+                accessKeyId: 'root',
+                secretAccessKey: 'root',
+                skipCacheInvalidation: false,
+            },
+        },
+        functions: {
+            auth: {
+                handler: 'node_modules/@friggframework/core/handlers/routers/auth.handler',
+                layers: [{ Ref: 'PrismaLambdaLayer' }],
+                skipEsbuild: true,  // Handlers in node_modules don't need bundling
+                package: functionPackageConfig,
+                events: [
+                    { httpApi: { path: '/api/integrations', method: 'ANY' } },
+                    {
+                        httpApi: {
+                            path: '/api/integrations/{proxy+}',
+                            method: 'ANY',
+                        },
+                    },
+                    { httpApi: { path: '/api/authorize', method: 'ANY' } },
+                ],
+            },
+            user: {
+                handler: 'node_modules/@friggframework/core/handlers/routers/user.handler',
+                layers: [{ Ref: 'PrismaLambdaLayer' }],
+                skipEsbuild: true,  // Handlers in node_modules don't need bundling
+                package: functionPackageConfig,
+                events: [{ httpApi: { path: '/user/{proxy+}', method: 'ANY' } }],
+            },
+            health: {
+                handler: 'node_modules/@friggframework/core/handlers/routers/health.handler',
+                layers: [{ Ref: 'PrismaLambdaLayer' }],
+                skipEsbuild: true,  // Handlers in node_modules don't need bundling
+                package: functionPackageConfig,
+                events: [
+                    { httpApi: { path: '/health', method: 'GET' } },
+                    { httpApi: { path: '/health/{proxy+}', method: 'GET' } },
+                ],
+            },
+            dbMigrate: {
+                handler: 'node_modules/@friggframework/core/handlers/database-migration-handler.handler',
+                // DO NOT use Prisma layer - this function includes Prisma CLI separately
+                skipEsbuild: true,  // Handlers in node_modules don't need bundling
+                timeout: 300,  // 5 minutes for long-running migrations
+                memorySize: 1024,  // Extra memory for Prisma CLI and migration operations
+                reservedConcurrency: 1,  // Prevent concurrent migrations (CRITICAL for data safety)
+                description: 'Runs database migrations via Prisma CLI (invoke manually from CI/CD or triggers). Prisma CLI bundled separately.',
+                package: {
+                    individually: true,
+                    patterns: [
+                        // Include handler
+                        'node_modules/@friggframework/core/handlers/database-migration-handler.js',
+
+                        // Include ONLY PostgreSQL Prisma client (exclude MongoDB)
+                        'node_modules/@friggframework/core/generated/prisma-postgresql/**',
+                        '!node_modules/@friggframework/core/generated/prisma-mongodb/**',  // Exclude MongoDB client entirely
+
+                        // Include Prisma runtime
+                        'node_modules/@prisma/client/**',
+                        'node_modules/.prisma/**',
+                        'node_modules/prisma/**',  // Prisma CLI
+
+                        // Exclude unnecessary engines and files
+                        '!node_modules/prisma/node_modules/**',
+                        '!**/query-engine-darwin*',  // Exclude macOS binaries (keep rhel for Lambda)
+                        '!**/runtime/*.wasm',  // WASM engines
+                        '!**/*.md',
+                        '!**/*.map',
+                        '!**/LICENSE*',
+                        '!**/*.d.ts',
+                        '!**/*.d.mts',
+                    ],
+                },
+                maximumEventAge: 60,
+                maximumRetryAttempts: 0,
+                tags: {
+                    Purpose: 'DatabaseMigration',
+                    ManagedBy: 'Frigg',
+                },
+                environment: {
+                    CI: '1',
+                    PRISMA_HIDE_UPDATE_MESSAGE: '1',
+                    PRISMA_MIGRATE_SKIP_SEED: '1',
+                },
+            },
+        },
+        layers: {
+            prisma: {
+                path: 'layers/prisma',
+                name: '${self:service}-prisma-${sls:stage}',
+                description: 'Prisma runtime client only (NO CLI) with rhel-openssl-3.0.x binaries (~10-15MB). CLI packaged separately in dbMigrate function.',
+                compatibleRuntimes: ['nodejs20.x', 'nodejs22.x'],
+                retain: false,
+            },
+        },
+        resources: {
+            Resources: {
+                InternalErrorQueue: {
+                    Type: 'AWS::SQS::Queue',
+                    Properties: {
+                        QueueName:
+                            '${self:service}-internal-error-queue-${self:provider.stage}',
+                        MessageRetentionPeriod: 300,
+                    },
+                },
+                InternalErrorBridgeTopic: {
+                    Type: 'AWS::SNS::Topic',
+                    Properties: {
+                        Subscription: [
+                            {
+                                Protocol: 'sqs',
+                                Endpoint: {
+                                    'Fn::GetAtt': ['InternalErrorQueue', 'Arn'],
+                                },
+                            },
+                        ],
+                    },
+                },
+                InternalErrorBridgePolicy: {
+                    Type: 'AWS::SQS::QueuePolicy',
+                    Properties: {
+                        Queues: [{ Ref: 'InternalErrorQueue' }],
+                        PolicyDocument: {
+                            Version: '2012-10-17',
+                            Statement: [
+                                {
+                                    Sid: 'Allow Dead Letter SNS to publish to SQS',
+                                    Effect: 'Allow',
+                                    Principal: { Service: 'sns.amazonaws.com' },
+                                    Resource: {
+                                        'Fn::GetAtt': [
+                                            'InternalErrorQueue',
+                                            'Arn',
+                                        ],
+                                    },
+                                    Action: [
+                                        'SQS:SendMessage',
+                                        'SQS:SendMessageBatch',
+                                    ],
+                                    Condition: {
+                                        ArnEquals: {
+                                            'aws:SourceArn': {
+                                                Ref: 'InternalErrorBridgeTopic',
+                                            },
+                                        },
+                                    },
+                                },
+                            ],
+                        },
+                    },
+                },
+                ApiGatewayAlarm5xx: {
+                    Type: 'AWS::CloudWatch::Alarm',
+                    Properties: {
+                        AlarmDescription: 'API Gateway 5xx Errors',
+                        Namespace: 'AWS/ApiGateway',
+                        MetricName: '5XXError',
+                        Statistic: 'Sum',
+                        Threshold: 0,
+                        ComparisonOperator: 'GreaterThanThreshold',
+                        EvaluationPeriods: 1,
+                        Period: 60,
+                        AlarmActions: [{ Ref: 'InternalErrorBridgeTopic' }],
+                        Dimensions: [
+                            { Name: 'ApiId', Value: { Ref: 'HttpApi' } },
+                            { Name: 'Stage', Value: '${self:provider.stage}' },
+                        ],
+                    },
+                },
+            },
+        },
+    };
+}
+
+module.exports = {
+    createBaseDefinition,
+};
+

package/infrastructure/domains/shared/utilities/base-definition-factory.test.js

@@ -0,0 +1,248 @@
+/**
+ * Tests for Base Definition Factory
+ * 
+ * Tests creation of base serverless configuration
+ */
+
+const { createBaseDefinition } = require('./base-definition-factory');
+
+describe('Base Definition Factory', () => {
+    beforeEach(() => {
+        delete process.env.AWS_REGION;
+        delete process.env.AWS_PROFILE;
+    });
+
+    describe('createBaseDefinition()', () => {
+        it('should create base serverless definition with minimal app definition', () => {
+            const appDefinition = {
+                name: 'test-app',
+            };
+            const appEnvironmentVars = {};
+            const discoveredResources = {};
+
+            const result = createBaseDefinition(appDefinition, appEnvironmentVars, discoveredResources);
+
+            expect(result.service).toBe('test-app');
+            expect(result.frameworkVersion).toBe('>=3.17.0');
+            expect(result.provider.name).toBe('aws');
+            expect(result.provider.runtime).toBe('nodejs22.x');
+            expect(result.provider.timeout).toBe(29);
+            expect(result.provider.stage).toBe('${opt:stage}');
+        });
+
+        it('should default service name to create-frigg-app', () => {
+            const result = createBaseDefinition({}, {}, {});
+
+            expect(result.service).toBe('create-frigg-app');
+        });
+
+        it('should use custom provider if specified', () => {
+            const appDefinition = {
+                provider: 'custom-provider',
+            };
+
+            const result = createBaseDefinition(appDefinition, {}, {});
+
+            expect(result.provider.name).toBe('custom-provider');
+        });
+
+        it('should use AWS_REGION environment variable', () => {
+            process.env.AWS_REGION = 'eu-west-1';
+
+            const result = createBaseDefinition({}, {}, {});
+
+            expect(result.provider.region).toBe('eu-west-1');
+            expect(result.custom['serverless-offline-sqs'].region).toBe('eu-west-1');
+        });
+
+        it('should default to us-east-1 region', () => {
+            delete process.env.AWS_REGION;
+
+            const result = createBaseDefinition({}, {}, {});
+
+            expect(result.provider.region).toBe('us-east-1');
+        });
+
+        it('should include AWS_PROFILE if set', () => {
+            process.env.AWS_PROFILE = 'my-profile';
+
+            const result = createBaseDefinition({}, {}, {});
+
+            expect(result.provider.profile).toBe('my-profile');
+        });
+
+        it('should not include AWS_PROFILE if not set', () => {
+            delete process.env.AWS_PROFILE;
+
+            const result = createBaseDefinition({}, {}, {});
+
+            expect(result.provider.profile).toBeUndefined();
+        });
+
+        it('should include core Lambda functions', () => {
+            const result = createBaseDefinition({}, {}, {});
+
+            expect(result.functions.auth).toBeDefined();
+            expect(result.functions.user).toBeDefined();
+            expect(result.functions.health).toBeDefined();
+            // dbMigrate removed - MigrationBuilder now handles migration infrastructure
+            expect(result.functions.dbMigrate).toBeUndefined();
+        });
+
+        it('should configure auth function correctly', () => {
+            const result = createBaseDefinition({}, {}, {});
+
+            expect(result.functions.auth.handler).toBe('node_modules/@friggframework/core/handlers/routers/auth.handler');
+            expect(result.functions.auth.layers).toEqual([{ Ref: 'PrismaLambdaLayer' }]);
+            expect(result.functions.auth.events).toHaveLength(3);
+        });
+
+        it('should NOT include legacy dbMigrate function', () => {
+            const result = createBaseDefinition({}, {}, {});
+
+            // dbMigrate is legacy - MigrationBuilder handles migration infrastructure
+            expect(result.functions.dbMigrate).toBeUndefined();
+        });
+
+        it('should include Prisma Lambda Layer', () => {
+            const result = createBaseDefinition({}, {}, {});
+
+            expect(result.layers.prisma).toBeDefined();
+            expect(result.layers.prisma.path).toBe('layers/prisma');
+            expect(result.layers.prisma.description).toContain('runtime client only');
+        });
+
+        it('should include error handling resources', () => {
+            const result = createBaseDefinition({}, {}, {});
+
+            expect(result.resources.Resources.InternalErrorQueue).toBeDefined();
+            expect(result.resources.Resources.InternalErrorBridgeTopic).toBeDefined();
+            expect(result.resources.Resources.InternalErrorBridgePolicy).toBeDefined();
+            expect(result.resources.Resources.ApiGatewayAlarm5xx).toBeDefined();
+        });
+
+        it('should include base IAM permissions', () => {
+            const result = createBaseDefinition({}, {}, {});
+
+            const snsPermission = result.provider.iamRoleStatements.find(
+                stmt => stmt.Action.includes('sns:Publish')
+            );
+            expect(snsPermission).toBeDefined();
+
+            const sqsPermission = result.provider.iamRoleStatements.find(
+                stmt => stmt.Action.includes('sqs:SendMessage')
+            );
+            expect(sqsPermission).toBeDefined();
+        });
+
+        it('should include required plugins', () => {
+            const result = createBaseDefinition({}, {}, {});
+
+            expect(result.plugins).toContain('serverless-esbuild');
+            // serverless-dotenv-plugin is conditionally loaded only in offline mode
+            expect(result.plugins).toContain('serverless-offline-sqs');
+            expect(result.plugins).toContain('serverless-offline');
+            expect(result.plugins).toContain('@friggframework/serverless-plugin');
+        });
+
+        it('should configure esbuild correctly', () => {
+            const result = createBaseDefinition({}, {}, {});
+
+            expect(result.custom.esbuild.bundle).toBe(true);
+            expect(result.custom.esbuild.minify).toBe(true);
+            expect(result.custom.esbuild.target).toBe('node22');
+            expect(result.custom.esbuild.external).toContain('@aws-sdk/*');
+            expect(result.custom.esbuild.external).toContain('@prisma/client');
+        });
+
+        it('should configure CORS for HTTP API', () => {
+            const result = createBaseDefinition({}, {}, {});
+
+            expect(result.provider.httpApi.cors.allowedOrigins).toEqual(['*']);
+            expect(result.provider.httpApi.cors.allowedMethods).toEqual(['*']);
+        });
+
+        it('should merge app environment variables', () => {
+            const appEnvironmentVars = {
+                API_KEY: "${env:API_KEY, ''}",
+                CUSTOM_VAR: "${env:CUSTOM_VAR, ''}",
+            };
+
+            const result = createBaseDefinition({}, appEnvironmentVars, {});
+
+            expect(result.provider.environment.API_KEY).toBe("${env:API_KEY, ''}");
+            expect(result.provider.environment.CUSTOM_VAR).toBe("${env:CUSTOM_VAR, ''}");
+        });
+
+        it('should add standard Frigg environment variables', () => {
+            const result = createBaseDefinition({}, {}, {});
+
+            expect(result.provider.environment.FRIGG_STACK).toBe('${self:service}');
+            expect(result.provider.environment.FRIGG_STAGE).toBe('${self:provider.stage}');
+            expect(result.provider.environment.FRIGG_REGION).toBe('${self:provider.region}');
+        });
+
+        it('should add KMS key ARN from discovered resources', () => {
+            const discoveredResources = {
+                kmsKeyId: 'arn:aws:kms:us-east-1:123:key/abc',
+            };
+
+            const result = createBaseDefinition({}, {}, discoveredResources);
+
+            expect(result.provider.environment.KMS_KEY_ARN).toBe('arn:aws:kms:us-east-1:123:key/abc');
+        });
+
+        it('should add database connection info from discovered resources', () => {
+            const discoveredResources = {
+                auroraClusterEndpoint: 'db.example.com',
+                auroraPort: 5432,
+            };
+
+            const result = createBaseDefinition({}, {}, discoveredResources);
+
+            expect(result.provider.environment.DATABASE_HOST).toBe('db.example.com');
+            expect(result.provider.environment.DATABASE_PORT).toBe('5432');
+        });
+
+        it('should add database secret ARN from discovered resources', () => {
+            const discoveredResources = {
+                databaseSecretArn: 'arn:aws:secretsmanager:us-east-1:123:secret:db',
+            };
+
+            const result = createBaseDefinition({}, {}, discoveredResources);
+
+            expect(result.provider.environment.DATABASE_SECRET_ARN).toBe('arn:aws:secretsmanager:us-east-1:123:secret:db');
+        });
+
+        it('should configure serverless-offline ports', () => {
+            const result = createBaseDefinition({}, {}, {});
+
+            expect(result.custom['serverless-offline'].httpPort).toBe(3001);
+            expect(result.custom['serverless-offline'].lambdaPort).toBe(4001);
+            expect(result.custom['serverless-offline'].websocketPort).toBe(3002);
+        });
+
+        it('should configure serverless-offline-sqs for LocalStack', () => {
+            const result = createBaseDefinition({}, {}, {});
+
+            expect(result.custom['serverless-offline-sqs'].endpoint).toBe('http://localhost:4566');
+            expect(result.custom['serverless-offline-sqs'].accessKeyId).toBe('root');
+            expect(result.custom['serverless-offline-sqs'].secretAccessKey).toBe('root');
+        });
+
+        it('should set package.individually to true', () => {
+            const result = createBaseDefinition({}, {}, {});
+
+            expect(result.package.individually).toBe(true);
+        });
+
+        it('should enable dotenv only in offline mode', () => {
+            const result = createBaseDefinition({}, {}, {});
+
+            // useDotenv is conditional - only true when process.argv includes 'offline'
+            expect(result.useDotenv).toBeDefined();
+            expect(typeof result.useDotenv).toBe('boolean');
+        });
+    });
+});
+