npm - @friggframework/devtools - Versions diffs - 2.0.0-next.62 → 2.0.0-next.63 - Mend

@friggframework/devtools 2.0.0-next.62 → 2.0.0-next.63

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (165) hide show

package/infrastructure/domains/shared/providers/gcp-provider-adapter.stub.js ADDED Viewed

@@ -0,0 +1,82 @@
+/**
+ * FUTURE: Google Cloud Platform Provider Adapter
+ *
+ * This file serves as a placeholder for future GCP support.
+ *
+ * Implementation will use:
+ * - @google-cloud/compute for VPC/network discovery
+ * - @google-cloud/kms for encryption key management
+ * - @google-cloud/sql for Cloud SQL database discovery
+ * - @google-cloud/secret-manager for secrets management
+ *
+ * Resources:
+ * - GCP Node.js SDK: https://cloud.google.com/nodejs/docs/reference
+ * - Compute Engine API: https://cloud.google.com/compute/docs/reference/rest/v1
+ * - Cloud KMS API: https://cloud.google.com/kms/docs/reference/rest
+ * - Cloud SQL API: https://cloud.google.com/sql/docs/mysql/admin-api
+ *
+ * Architecture mapping:
+ * - AWS VPC → GCP VPC Network
+ * - AWS KMS → GCP Cloud KMS
+ * - AWS RDS Aurora → GCP Cloud SQL
+ * - AWS SSM Parameter Store → GCP Secret Manager
+ * - AWS Lambda → GCP Cloud Functions / Cloud Run
+ *
+ * Example structure:
+ *
+ * const { Compute } = require('@google-cloud/compute');
+ * const { KeyManagementServiceClient } = require('@google-cloud/kms');
+ * const { CloudProviderAdapter } = require('./cloud-provider-adapter');
+ *
+ * class GCPProviderAdapter extends CloudProviderAdapter {
+ *     constructor(region, credentials = {}) {
+ *         super();
+ *         this.region = region || 'us-central1';
+ *         this.projectId = credentials.projectId || process.env.GCP_PROJECT_ID;
+ *
+ *         this.compute = new Compute({ projectId: this.projectId });
+ *         this.kms = new KeyManagementServiceClient();
+ *     }
+ *
+ *     getName() {
+ *         return 'gcp';
+ *     }
+ *
+ *     getSupportedRegions() {
+ *         return [
+ *             'us-central1', 'us-east1', 'us-west1',
+ *             'europe-west1', 'asia-east1', 'asia-northeast1'
+ *         ];
+ *     }
+ *
+ *     async discoverVpc(config) {
+ *         // Discover GCP VPC networks
+ *         const [networks] = await this.compute.getNetworks();
+ *         // ... implementation
+ *     }
+ *
+ *     async discoverKmsKeys(config) {
+ *         // Discover GCP Cloud KMS keys
+ *         const [keyRings] = await this.kms.listKeyRings({
+ *             parent: `projects/${this.projectId}/locations/${this.region}`
+ *         });
+ *         // ... implementation
+ *     }
+ *
+ *     async discoverDatabase(config) {
+ *         // Discover GCP Cloud SQL instances
+ *         // ... implementation
+ *     }
+ *
+ *     async discoverParameters(config) {
+ *         // Discover GCP Secret Manager secrets
+ *         // ... implementation
+ *     }
+ * }
+ *
+ * module.exports = { GCPProviderAdapter };
+ */
+// Placeholder export to prevent import errors
+module.exports = {};

package/infrastructure/domains/shared/providers/provider-factory.js ADDED Viewed

@@ -0,0 +1,108 @@
+/**
+ * Cloud Provider Factory
+ *
+ * Factory Pattern - Hexagonal Architecture
+ *
+ * Creates appropriate cloud provider adapter instances based on configuration.
+ * This enables runtime provider selection and makes it easy to add new providers.
+ */
+const { CloudProviderAdapter } = require('./cloud-provider-adapter');
+const { AWSProviderAdapter } = require('./aws-provider-adapter');
+class CloudProviderFactory {
+    /**
+     * Create cloud provider adapter instance
+     *
+     * @param {string} providerName - Provider name ('aws', 'gcp', 'azure')
+     * @param {string} region - Provider region
+     * @param {Object} [credentials] - Optional credential configuration
+     * @returns {CloudProviderAdapter} Provider adapter instance
+     * @throws {Error} If provider is not supported
+     */
+    static create(providerName, region, credentials = {}) {
+        const normalizedProvider = (providerName || 'aws').toLowerCase();
+        switch (normalizedProvider) {
+            case 'aws':
+                return new AWSProviderAdapter(region, credentials);
+            case 'gcp':
+            case 'google':
+                throw new Error(
+                    'GCP provider not yet implemented. ' +
+                    'AWS is currently the only supported cloud provider. ' +
+                    'GCP support is planned for future releases.'
+                );
+            case 'azure':
+            case 'microsoft':
+                throw new Error(
+                    'Azure provider not yet implemented. ' +
+                    'AWS is currently the only supported cloud provider. ' +
+                    'Azure support is planned for future releases.'
+                );
+            default:
+                throw new Error(
+                    `Unknown cloud provider: "${providerName}". ` +
+                    `Supported providers: aws (gcp and azure coming soon)`
+                );
+        }
+    }
+    /**
+     * Get list of supported providers
+     *
+     * @returns {Array<Object>} List of provider metadata
+     */
+    static getSupportedProviders() {
+        return [
+            {
+                name: 'aws',
+                displayName: 'Amazon Web Services',
+                status: 'available',
+                description: 'AWS cloud provider with support for Lambda, VPC, RDS, KMS, etc.',
+            },
+            {
+                name: 'gcp',
+                displayName: 'Google Cloud Platform',
+                status: 'planned',
+                description: 'GCP cloud provider support coming soon',
+            },
+            {
+                name: 'azure',
+                displayName: 'Microsoft Azure',
+                status: 'planned',
+                description: 'Azure cloud provider support coming soon',
+            },
+        ];
+    }
+    /**
+     * Check if a provider is supported
+     *
+     * @param {string} providerName - Provider name to check
+     * @returns {boolean} True if provider is supported
+     */
+    static isSupported(providerName) {
+        const normalized = (providerName || '').toLowerCase();
+        return ['aws', 'gcp', 'google', 'azure', 'microsoft'].includes(normalized);
+    }
+    /**
+     * Check if a provider is available (implemented)
+     *
+     * @param {string} providerName - Provider name to check
+     * @returns {boolean} True if provider is implemented
+     */
+    static isAvailable(providerName) {
+        const normalized = (providerName || '').toLowerCase();
+        return normalized === 'aws';
+    }
+}
+module.exports = {
+    CloudProviderFactory,
+};

package/infrastructure/domains/shared/providers/provider-factory.test.js ADDED Viewed

@@ -0,0 +1,170 @@
+/**
+ * Tests for CloudProviderFactory
+ *
+ * Verifies provider instantiation, error handling, and factory patterns
+ */
+const { CloudProviderFactory } = require('./provider-factory');
+const { AWSProviderAdapter } = require('./aws-provider-adapter');
+describe('CloudProviderFactory', () => {
+    describe('create()', () => {
+        it('should create AWS provider when provider is "aws"', () => {
+            const provider = CloudProviderFactory.create('aws', 'us-east-1');
+            expect(provider).toBeInstanceOf(AWSProviderAdapter);
+            expect(provider.getName()).toBe('aws');
+            expect(provider.region).toBe('us-east-1');
+        });
+        it('should default to AWS provider when no provider specified', () => {
+            const provider = CloudProviderFactory.create(null, 'us-west-2');
+            expect(provider).toBeInstanceOf(AWSProviderAdapter);
+            expect(provider.region).toBe('us-west-2');
+        });
+        it('should be case-insensitive for provider names', () => {
+            const provider = CloudProviderFactory.create('AWS', 'eu-west-1');
+            expect(provider).toBeInstanceOf(AWSProviderAdapter);
+        });
+        it('should throw error for GCP (not yet implemented)', () => {
+            expect(() => {
+                CloudProviderFactory.create('gcp', 'us-central1');
+            }).toThrow('GCP provider not yet implemented');
+        });
+        it('should throw error for Azure (not yet implemented)', () => {
+            expect(() => {
+                CloudProviderFactory.create('azure', 'eastus');
+            }).toThrow('Azure provider not yet implemented');
+        });
+        it('should handle "google" alias for GCP', () => {
+            expect(() => {
+                CloudProviderFactory.create('google', 'us-central1');
+            }).toThrow('GCP provider not yet implemented');
+        });
+        it('should handle "microsoft" alias for Azure', () => {
+            expect(() => {
+                CloudProviderFactory.create('microsoft', 'eastus');
+            }).toThrow('Azure provider not yet implemented');
+        });
+        it('should throw error for unknown provider', () => {
+            expect(() => {
+                CloudProviderFactory.create('unknown-cloud', 'region-1');
+            }).toThrow('Unknown cloud provider: "unknown-cloud"');
+        });
+        it('should pass credentials to provider', () => {
+            const credentials = {
+                accessKeyId: 'test-key',
+                secretAccessKey: 'test-secret',
+            };
+            const provider = CloudProviderFactory.create('aws', 'us-east-1', credentials);
+            expect(provider.credentials).toEqual(credentials);
+        });
+    });
+    describe('getSupportedProviders()', () => {
+        it('should return list of supported providers', () => {
+            const providers = CloudProviderFactory.getSupportedProviders();
+            expect(Array.isArray(providers)).toBe(true);
+            expect(providers.length).toBeGreaterThanOrEqual(3);
+        });
+        it('should include AWS as available', () => {
+            const providers = CloudProviderFactory.getSupportedProviders();
+            const aws = providers.find(p => p.name === 'aws');
+            expect(aws).toBeDefined();
+            expect(aws.status).toBe('available');
+            expect(aws.displayName).toBe('Amazon Web Services');
+        });
+        it('should include GCP as planned', () => {
+            const providers = CloudProviderFactory.getSupportedProviders();
+            const gcp = providers.find(p => p.name === 'gcp');
+            expect(gcp).toBeDefined();
+            expect(gcp.status).toBe('planned');
+            expect(gcp.displayName).toBe('Google Cloud Platform');
+        });
+        it('should include Azure as planned', () => {
+            const providers = CloudProviderFactory.getSupportedProviders();
+            const azure = providers.find(p => p.name === 'azure');
+            expect(azure).toBeDefined();
+            expect(azure.status).toBe('planned');
+            expect(azure.displayName).toBe('Microsoft Azure');
+        });
+    });
+    describe('isSupported()', () => {
+        it('should return true for aws', () => {
+            expect(CloudProviderFactory.isSupported('aws')).toBe(true);
+        });
+        it('should return true for gcp', () => {
+            expect(CloudProviderFactory.isSupported('gcp')).toBe(true);
+        });
+        it('should return true for azure', () => {
+            expect(CloudProviderFactory.isSupported('azure')).toBe(true);
+        });
+        it('should return true for google (gcp alias)', () => {
+            expect(CloudProviderFactory.isSupported('google')).toBe(true);
+        });
+        it('should return true for microsoft (azure alias)', () => {
+            expect(CloudProviderFactory.isSupported('microsoft')).toBe(true);
+        });
+        it('should return false for unknown provider', () => {
+            expect(CloudProviderFactory.isSupported('unknown')).toBe(false);
+        });
+        it('should be case-insensitive', () => {
+            expect(CloudProviderFactory.isSupported('AWS')).toBe(true);
+            expect(CloudProviderFactory.isSupported('GCP')).toBe(true);
+        });
+        it('should handle null/undefined gracefully', () => {
+            expect(CloudProviderFactory.isSupported(null)).toBe(false);
+            expect(CloudProviderFactory.isSupported(undefined)).toBe(false);
+        });
+    });
+    describe('isAvailable()', () => {
+        it('should return true only for aws', () => {
+            expect(CloudProviderFactory.isAvailable('aws')).toBe(true);
+        });
+        it('should return false for gcp (not yet implemented)', () => {
+            expect(CloudProviderFactory.isAvailable('gcp')).toBe(false);
+        });
+        it('should return false for azure (not yet implemented)', () => {
+            expect(CloudProviderFactory.isAvailable('azure')).toBe(false);
+        });
+        it('should return false for unknown provider', () => {
+            expect(CloudProviderFactory.isAvailable('unknown')).toBe(false);
+        });
+        it('should be case-insensitive', () => {
+            expect(CloudProviderFactory.isAvailable('AWS')).toBe(true);
+            expect(CloudProviderFactory.isAvailable('GCP')).toBe(false);
+        });
+    });
+});

package/infrastructure/domains/shared/resource-discovery.enhanced.test.js ADDED Viewed

@@ -0,0 +1,306 @@
+/**
+ * AWS Discovery Configuration Tests
+ *
+ * Tests for AppDefinition-level discovery control options
+ * addressing GitHub Issue #481 - Issue 5
+ */
+const { shouldRunDiscovery, gatherDiscoveredResources } = require('./resource-discovery');
+// Mock dependencies
+jest.mock('./providers/provider-factory');
+jest.mock('./cloudformation-discovery');
+jest.mock('../networking/vpc-discovery');
+jest.mock('../security/kms-discovery');
+jest.mock('../database/aurora-discovery');
+jest.mock('../parameters/ssm-discovery');
+describe('AWS Discovery Configuration (Issue #481 - Issue 5)', () => {
+    beforeEach(() => {
+        delete process.env.FRIGG_SKIP_AWS_DISCOVERY;
+        jest.clearAllMocks();
+    });
+    describe('shouldRunDiscovery - Priority Order', () => {
+        it('should use AppDefinition.aws.discovery.enabled when explicitly set to true', () => {
+            const appDefinition = {
+                aws: { discovery: { enabled: true } },
+                vpc: { enable: false }, // Would normally skip
+            };
+            const result = shouldRunDiscovery(appDefinition);
+            expect(result).toBe(true);
+        });
+        it('should use AppDefinition.aws.discovery.enabled when explicitly set to false', () => {
+            const appDefinition = {
+                aws: { discovery: { enabled: false } },
+                vpc: { enable: true }, // Would normally run
+            };
+            const result = shouldRunDiscovery(appDefinition);
+            expect(result).toBe(false);
+        });
+        it('should fall back to env var when AppDefinition not set', () => {
+            process.env.FRIGG_SKIP_AWS_DISCOVERY = 'true';
+            const appDefinition = {
+                vpc: { enable: true }, // Would normally run
+            };
+            const result = shouldRunDiscovery(appDefinition);
+            expect(result).toBe(false);
+        });
+        it('should auto-detect when neither AppDefinition nor env var is set', () => {
+            const appDefinition = {
+                vpc: { enable: true },
+            };
+            const result = shouldRunDiscovery(appDefinition);
+            expect(result).toBe(true);
+        });
+        it('should prioritize AppDefinition over env var', () => {
+            process.env.FRIGG_SKIP_AWS_DISCOVERY = 'true';
+            const appDefinition = {
+                aws: { discovery: { enabled: true } }, // Explicit override
+            };
+            const result = shouldRunDiscovery(appDefinition);
+            expect(result).toBe(true); // AppDefinition wins
+        });
+    });
+    describe('AppDefinition.aws.discovery.enabled', () => {
+        it('should log when using AppDefinition configuration', () => {
+            const consoleSpy = jest.spyOn(console, 'log').mockImplementation();
+            const appDefinition = {
+                aws: { discovery: { enabled: true } },
+            };
+            shouldRunDiscovery(appDefinition);
+            expect(consoleSpy).toHaveBeenCalledWith(
+                expect.stringContaining('AppDefinition.aws.discovery.enabled: true')
+            );
+            consoleSpy.mockRestore();
+        });
+        it('should handle explicit false value', () => {
+            const appDefinition = {
+                aws: { discovery: { enabled: false } },
+                vpc: { enable: true },
+                encryption: { fieldLevelEncryptionMethod: 'kms' },
+            };
+            const result = shouldRunDiscovery(appDefinition);
+            expect(result).toBe(false);
+        });
+        it('should handle undefined correctly (fall through to next priority)', () => {
+            const appDefinition = {
+                aws: { discovery: { enabled: undefined } },
+                vpc: { enable: true },
+            };
+            const result = shouldRunDiscovery(appDefinition);
+            // Should skip when undefined (fall through to env var check)
+            expect(result).toBe(true); // Auto-detect kicks in
+        });
+    });
+    describe('Auto-detection based on features', () => {
+        it('should run discovery when VPC is enabled', () => {
+            const appDefinition = {
+                vpc: { enable: true },
+            };
+            expect(shouldRunDiscovery(appDefinition)).toBe(true);
+        });
+        it('should run discovery when KMS encryption is enabled', () => {
+            const appDefinition = {
+                encryption: { fieldLevelEncryptionMethod: 'kms' },
+            };
+            expect(shouldRunDiscovery(appDefinition)).toBe(true);
+        });
+        it('should run discovery when SSM is enabled', () => {
+            const appDefinition = {
+                ssm: { enable: true },
+            };
+            expect(shouldRunDiscovery(appDefinition)).toBe(true);
+        });
+        it('should run discovery when PostgreSQL is enabled', () => {
+            const appDefinition = {
+                database: { postgres: { enable: true } },
+            };
+            expect(shouldRunDiscovery(appDefinition)).toBe(true);
+        });
+        it('should not run discovery when no features are enabled', () => {
+            const appDefinition = {
+                vpc: { enable: false },
+                encryption: { fieldLevelEncryptionMethod: 'aes' },
+            };
+            expect(shouldRunDiscovery(appDefinition)).toBe(false);
+        });
+    });
+    describe('gatherDiscoveredResources - failOnError behavior', () => {
+        const { CloudProviderFactory } = require('./providers/provider-factory');
+        const { CloudFormationDiscovery } = require('./cloudformation-discovery');
+        beforeEach(() => {
+            const mockProvider = {
+                getVpcs: jest.fn(),
+                getKmsKeys: jest.fn(),
+            };
+            CloudProviderFactory.create = jest.fn().mockReturnValue(mockProvider);
+            // Mock CloudFormation discovery to throw error
+            CloudFormationDiscovery.mockImplementation(() => ({
+                discoverFromStack: jest.fn().mockRejectedValue(
+                    new Error('User is not authorized to perform: ec2:DescribeVpcs')
+                ),
+            }));
+        });
+        it('should throw error when failOnError is true', async () => {
+            const appDefinition = {
+                name: 'test-app',
+                vpc: { enable: true },
+                aws: {
+                    discovery: {
+                        enabled: true,
+                        failOnError: true,
+                    },
+                },
+            };
+            await expect(gatherDiscoveredResources(appDefinition)).rejects.toThrow(
+                'User is not authorized'
+            );
+        });
+        it('should return empty object when failOnError is false', async () => {
+            const appDefinition = {
+                name: 'test-app',
+                vpc: { enable: true },
+                aws: {
+                    discovery: {
+                        enabled: true,
+                        failOnError: false,
+                    },
+                },
+            };
+            const result = await gatherDiscoveredResources(appDefinition);
+            expect(result).toEqual({});
+        });
+        it('should default to false when failOnError is not set', async () => {
+            const appDefinition = {
+                name: 'test-app',
+                vpc: { enable: true },
+            };
+            const result = await gatherDiscoveredResources(appDefinition);
+            expect(result).toEqual({});
+        });
+        it('should log helpful message when failing gracefully', async () => {
+            const consoleWarnSpy = jest.spyOn(console, 'warn').mockImplementation();
+            const appDefinition = {
+                name: 'test-app',
+                vpc: { enable: true },
+                aws: { discovery: { failOnError: false } },
+            };
+            await gatherDiscoveredResources(appDefinition);
+            expect(consoleWarnSpy).toHaveBeenCalledWith(
+                expect.stringContaining('Set aws.discovery.failOnError = true')
+            );
+            consoleWarnSpy.mockRestore();
+        });
+    });
+    describe('Real-world scenarios', () => {
+        it('should handle restrictive IAM with explicit disable', () => {
+            const appDefinition = {
+                vpc: { enable: true },
+                aws: {
+                    discovery: {
+                        enabled: false, // Explicit disable for restrictive IAM
+                    },
+                },
+            };
+            const result = shouldRunDiscovery(appDefinition);
+            expect(result).toBe(false);
+        });
+        it('should allow strict mode for production deployments', async () => {
+            const { CloudProviderFactory } = require('./providers/provider-factory');
+            const { CloudFormationDiscovery } = require('./cloudformation-discovery');
+            CloudFormationDiscovery.mockImplementation(() => ({
+                discoverFromStack: jest.fn().mockRejectedValue(new Error('IAM error')),
+            }));
+            const appDefinition = {
+                name: 'prod-app',
+                vpc: { enable: true },
+                aws: {
+                    discovery: {
+                        enabled: true,
+                        failOnError: true, // Strict mode for production
+                    },
+                },
+            };
+            await expect(gatherDiscoveredResources(appDefinition)).rejects.toThrow();
+        });
+        it('should allow graceful degradation for dev environments', async () => {
+            const appDefinition = {
+                name: 'dev-app',
+                vpc: { enable: true },
+                aws: {
+                    discovery: {
+                        enabled: true,
+                        failOnError: false, // Graceful for dev
+                    },
+                },
+            };
+            const result = await gatherDiscoveredResources(appDefinition);
+            expect(result).toEqual({});
+        });
+    });
+});