npm - @geek-fun/serverlessinsight - Versions diffs - 0.4.0 → 0.5.0 - Mend

@geek-fun/serverlessinsight 0.4.0 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (160) hide show

package/.gitattributes +1 -0
package/README.md +108 -8
package/README.zh-CN.md +52 -8
package/dist/package.json +37 -35
package/dist/src/commands/deploy.js +17 -7
package/dist/src/commands/destroy.js +27 -4
package/dist/src/commands/forceUnlock.js +61 -0
package/dist/src/commands/index.js +86 -14
package/dist/src/commands/local.js +10 -1
package/dist/src/commands/plan.js +33 -0
package/dist/src/commands/template.js +3 -1
package/dist/src/commands/validate.js +2 -1
package/dist/src/common/aliyunClient/apigwOperations.js +652 -0
package/dist/src/common/aliyunClient/dnsOperations.js +90 -0
package/dist/src/common/aliyunClient/ecsOperations.js +141 -0
package/dist/src/common/aliyunClient/esOperations.js +219 -0
package/dist/src/common/aliyunClient/fc3Operations.js +270 -0
package/dist/src/common/aliyunClient/index.js +141 -0
package/dist/src/common/aliyunClient/nasOperations.js +233 -0
package/dist/src/common/aliyunClient/ossOperations.js +237 -0
package/dist/src/common/aliyunClient/ramOperations.js +205 -0
package/dist/src/common/aliyunClient/rdsOperations.js +206 -0
package/dist/src/common/aliyunClient/slsOperations.js +218 -0
package/dist/src/common/aliyunClient/tablestoreOperations.js +199 -0
package/dist/src/common/aliyunClient/types.js +2 -0
package/dist/src/common/constants.js +7 -1
package/dist/src/common/context.js +32 -14
package/dist/src/common/credentials.js +39 -0
package/dist/src/common/dependencyGraph/graph.js +280 -0
package/dist/src/common/dependencyGraph/index.js +18 -0
package/dist/src/common/dependencyGraph/types.js +2 -0
package/dist/src/common/fileUtils.js +16 -0
package/dist/src/common/hashUtils.js +121 -0
package/dist/src/common/iacHelper.js +25 -97
package/dist/src/common/imsClient.js +4 -0
package/dist/src/common/index.js +7 -2
package/dist/src/common/lockManager.js +212 -0
package/dist/src/common/logger.js +89 -6
package/dist/src/common/providerEnum.js +2 -3
package/dist/src/common/runtimeMapper.js +160 -0
package/dist/src/common/scfClient.js +84 -0
package/dist/src/common/stateManager.js +107 -0
package/dist/src/common/tencentClient/cosOperations.js +287 -0
package/dist/src/common/tencentClient/esOperations.js +156 -0
package/dist/src/common/tencentClient/index.js +116 -0
package/dist/src/common/tencentClient/scfOperations.js +141 -0
package/dist/src/common/tencentClient/tdsqlcOperations.js +211 -0
package/dist/src/common/tencentClient/types.js +17 -0
package/dist/src/lang/en.js +254 -0
package/dist/src/lang/index.js +28 -8
package/dist/src/lang/zh-CN.js +229 -0
package/dist/src/parser/bucketParser.js +25 -12
package/dist/src/parser/databaseParser.js +14 -10
package/dist/src/parser/functionParser.js +19 -6
package/dist/src/parser/parseUtils.js +74 -0
package/dist/src/parser/tableParser.js +19 -17
package/dist/src/stack/aliyunStack/apigwExecutor.js +84 -0
package/dist/src/stack/aliyunStack/apigwPlanner.js +118 -0
package/dist/src/stack/aliyunStack/apigwResource.js +339 -0
package/dist/src/stack/aliyunStack/apigwTypes.js +125 -0
package/dist/src/stack/aliyunStack/databaseExecutor.js +112 -0
package/dist/src/stack/aliyunStack/databasePlanner.js +128 -0
package/dist/src/stack/aliyunStack/databaseResource.js +228 -0
package/dist/src/stack/aliyunStack/deployer.js +133 -0
package/dist/src/stack/aliyunStack/destroyer.js +114 -0
package/dist/src/stack/aliyunStack/esServerlessTypes.js +141 -0
package/dist/src/stack/aliyunStack/fc3Executor.js +91 -0
package/dist/src/stack/aliyunStack/fc3Planner.js +77 -0
package/dist/src/stack/aliyunStack/fc3Resource.js +511 -0
package/dist/src/stack/aliyunStack/fc3Types.js +76 -0
package/dist/src/stack/aliyunStack/index.js +40 -0
package/dist/src/stack/aliyunStack/ossExecutor.js +91 -0
package/dist/src/stack/aliyunStack/ossPlanner.js +76 -0
package/dist/src/stack/aliyunStack/ossResource.js +196 -0
package/dist/src/stack/aliyunStack/ossTypes.js +50 -0
package/dist/src/stack/aliyunStack/planner.js +37 -0
package/dist/src/stack/aliyunStack/rdsTypes.js +217 -0
package/dist/src/stack/aliyunStack/tablestoreExecutor.js +92 -0
package/dist/src/stack/aliyunStack/tablestorePlanner.js +94 -0
package/dist/src/stack/aliyunStack/tablestoreResource.js +120 -0
package/dist/src/stack/aliyunStack/tablestoreTypes.js +77 -0
package/dist/src/stack/bucketTypes.js +17 -0
package/dist/src/stack/deploy.js +24 -77
package/dist/src/stack/localStack/bucket.js +11 -6
package/dist/src/stack/localStack/event.js +10 -5
package/dist/src/stack/localStack/function.js +13 -7
package/dist/src/stack/localStack/functionRunner.js +1 -1
package/dist/src/stack/localStack/localServer.js +7 -6
package/dist/src/stack/scfStack/cosExecutor.js +91 -0
package/dist/src/stack/scfStack/cosPlanner.js +76 -0
package/dist/src/stack/scfStack/cosResource.js +126 -0
package/dist/src/stack/scfStack/cosTypes.js +46 -0
package/dist/src/stack/scfStack/deployer.js +91 -0
package/dist/src/stack/scfStack/destroyer.js +88 -0
package/dist/src/stack/scfStack/esServerlessExecutor.js +105 -0
package/dist/src/stack/scfStack/esServerlessPlanner.js +86 -0
package/dist/src/stack/scfStack/esServerlessResource.js +94 -0
package/dist/src/stack/scfStack/esServerlessTypes.js +48 -0
package/dist/src/stack/scfStack/index.js +35 -0
package/dist/src/stack/scfStack/planner.js +91 -0
package/dist/src/stack/scfStack/scfExecutor.js +91 -0
package/dist/src/stack/scfStack/scfPlanner.js +78 -0
package/dist/src/stack/scfStack/scfResource.js +216 -0
package/dist/src/stack/scfStack/scfTypes.js +41 -0
package/dist/src/stack/scfStack/tdsqlcExecutor.js +105 -0
package/dist/src/stack/scfStack/tdsqlcPlanner.js +90 -0
package/dist/src/stack/scfStack/tdsqlcResource.js +146 -0
package/dist/src/stack/scfStack/tdsqlcTypes.js +59 -0
package/dist/src/types/domains/lock.js +2 -0
package/dist/src/types/domains/resolvable.js +2 -0
package/dist/src/types/domains/state.js +19 -0
package/dist/src/types/index.js +4 -0
package/dist/src/validator/bucketSchema.js +4 -10
package/dist/src/validator/databaseSchema.js +36 -36
package/dist/src/validator/eventSchema.js +3 -2
package/dist/src/validator/functionSchema.js +51 -46
package/dist/src/validator/iacSchema.js +52 -3
package/dist/src/validator/rootSchema.js +47 -1
package/dist/src/validator/tableschema.js +9 -8
package/dist/src/validator/templateRefSchema.js +23 -0
package/dist/tsconfig.tsbuildinfo +1 -1
package/package.json +37 -35
package/samples/README_TENCENT_COS.md +486 -0
package/samples/README_TENCENT_SCF.md +272 -0
package/samples/aliyun-poc-api.yml +1 -1
package/samples/aliyun-poc-bucket.yml +0 -1
package/samples/aliyun-poc-domain.yml +0 -1
package/samples/aliyun-poc-es.yml +14 -13
package/samples/aliyun-poc-rds.yml +0 -2
package/samples/aliyun-poc-table.yml +1 -3
package/samples/tencent-poc-cos.yml +20 -0
package/samples/tencent-poc-scf.yml +36 -0
package/dist/src/commands/index.d.ts +0 -2
package/dist/src/common/index.d.ts +0 -11
package/dist/src/common/rosAssets.js +0 -178
package/dist/src/common/rosClient.js +0 -198
package/dist/src/index.d.ts +0 -1
package/dist/src/lang/index.d.ts +0 -3
package/dist/src/parser/index.d.ts +0 -3
package/dist/src/stack/index.d.ts +0 -1
package/dist/src/stack/localStack/index.d.ts +0 -5
package/dist/src/stack/rfsStack/index.d.ts +0 -9
package/dist/src/stack/rosStack/bootstrap.js +0 -187
package/dist/src/stack/rosStack/bucket.js +0 -127
package/dist/src/stack/rosStack/database.js +0 -313
package/dist/src/stack/rosStack/event.js +0 -143
package/dist/src/stack/rosStack/function.js +0 -259
package/dist/src/stack/rosStack/index.d.ts +0 -7
package/dist/src/stack/rosStack/index.js +0 -75
package/dist/src/stack/rosStack/stage.js +0 -46
package/dist/src/stack/rosStack/table.js +0 -95
package/dist/src/stack/rosStack/tag.js +0 -11
package/dist/src/stack/rosStack/vars.js +0 -49
package/dist/src/types/index.d.ts +0 -55
package/dist/src/types/localStack/index.d.ts +0 -81
package/dist/src/validator/index.d.ts +0 -1
package/layers/si-bootstrap-sdk/Dockerfile-aliyuncli +0 -12
package/layers/si-bootstrap-sdk/README.md +0 -1
package/layers/si-bootstrap-sdk/package-lock.json +0 -875
package/layers/si-bootstrap-sdk/package.json +0 -33

package/dist/src/common/aliyunClient/apigwOperations.js ADDED Viewed

@@ -0,0 +1,652 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createApigwOperations = void 0;
+const cloudapi = __importStar(require("@alicloud/cloudapi20160714"));
+const dnsOperations_1 = require("./dnsOperations");
+const logger_1 = require("../logger");
+const lang_1 = require("../../lang");
+const stateManager_1 = require("../stateManager");
+const removeUndefined = (obj) => {
+    return Object.fromEntries(Object.entries(obj).filter(([, value]) => value !== undefined));
+};
+const sleep = (ms) => new Promise((resolve) => setTimeout(resolve, ms));
+const extractMainDomain = (domainName) => {
+    const parts = domainName.split('.');
+    if (parts.length <= 2) {
+        return domainName;
+    }
+    return parts.slice(-2).join('.');
+};
+const extractHostRecord = (fullDomain, mainDomain) => {
+    if (fullDomain === mainDomain) {
+        return '@'; // @ represents the root domain
+    }
+    const suffix = `.${mainDomain}`;
+    if (fullDomain.endsWith(suffix)) {
+        return fullDomain.slice(0, -suffix.length);
+    }
+    return fullDomain;
+};
+const createApigwOperations = (apigwClient, dnsClient, _context) => {
+    const dnsOps = (0, dnsOperations_1.createDnsOperations)(dnsClient);
+    const extractVerificationToken = (error, groupInfo) => {
+        try {
+            if (groupInfo?.subDomain) {
+                const match = groupInfo.subDomain.match(/^([a-f0-9]+)-[^.]+\.alicloudapi\.com$/);
+                if (match) {
+                    return match[1];
+                }
+            }
+            const errorStr = String(error);
+            const cnameMatch = errorStr.match(/([a-f0-9]{32})-[^.]+\.alicloudapi\.com/);
+            if (cnameMatch) {
+                return cnameMatch[1];
+            }
+        }
+        catch {
+            // Ignore extraction errors
+        }
+        return null;
+    };
+    const pollDnsPropagation = async (mainDomain, verificationHost, verificationValue, shouldLoop = true) => {
+        const checkPropagation = async () => {
+            try {
+                const currentRecords = await dnsOps.describeDomainRecords(mainDomain, verificationHost);
+                return currentRecords.some((record) => record.rr === verificationHost &&
+                    record.type === 'CNAME' &&
+                    record.value === verificationValue &&
+                    record.status === 'ENABLE');
+            }
+            catch (checkError) {
+                logger_1.logger.warn(lang_1.lang.__('APIGW_DNS_CHECK_FAILED', { attempt: '1', error: String(checkError) }));
+                return false;
+            }
+        };
+        if (!shouldLoop) {
+            logger_1.logger.info('Checking DNS record status...');
+            return await checkPropagation();
+        }
+        logger_1.logger.info(lang_1.lang.__('APIGW_DNS_PROPAGATION_WAITING'));
+        const maxAttempts = 10;
+        const delayMs = 60000; // 1 minute
+        for (let attempt = 1; attempt <= maxAttempts; attempt++) {
+            logger_1.logger.info(lang_1.lang.__('APIGW_DNS_PROPAGATION_CHECK', {
+                attempt: String(attempt),
+                max: String(maxAttempts),
+            }));
+            await sleep(delayMs);
+            const propagated = await checkPropagation();
+            if (propagated) {
+                logger_1.logger.info(lang_1.lang.__('APIGW_DNS_VERIFIED', { minutes: String(attempt) }));
+                return true;
+            }
+        }
+        logger_1.logger.warn(lang_1.lang.__('APIGW_DNS_PROPAGATION_TIMEOUT'));
+        return false;
+    };
+    const addDomainVerificationRecord = async (domainName, verificationToken, groupSubdomain, region, state, eventLogicalId) => {
+        logger_1.logger.info(lang_1.lang.__('APIGW_DNS_ADDING_RECORD', { domain: domainName }));
+        const mainDomain = extractMainDomain(domainName);
+        const hostRecord = extractHostRecord(domainName, mainDomain);
+        // For CNAME verification: point the domain directly to the group subdomain
+        const verificationHost = domainName;
+        const verificationValue = groupSubdomain;
+        const dnsResourceId = `${eventLogicalId}.dns_verification`;
+        try {
+            // Check if DNS record is tracked in state
+            const existingDnsResource = (0, stateManager_1.getResource)(state, dnsResourceId);
+            const now = new Date();
+            const thirtyMinutesMs = 30 * 60 * 1000;
+            if (existingDnsResource) {
+                const createdAt = new Date(existingDnsResource.lastUpdated);
+                const ageMs = now.getTime() - createdAt.getTime();
+                if (ageMs < thirtyMinutesMs) {
+                    // Created within 30 minutes - poll for propagation
+                    logger_1.logger.info(lang_1.lang.__('APIGW_DNS_RECORD_EXISTS_POLLING', {
+                        minutes: String(Math.floor(ageMs / 60000)),
+                    }));
+                    await pollDnsPropagation(mainDomain, hostRecord, verificationValue, true);
+                    return state;
+                }
+                else {
+                    // Created more than 30 minutes ago - just check once
+                    logger_1.logger.info(lang_1.lang.__('APIGW_DNS_RECORD_EXISTS_CHECKING', {
+                        minutes: String(Math.floor(ageMs / 60000)),
+                    }));
+                    const propagated = await pollDnsPropagation(mainDomain, hostRecord, verificationValue, false);
+                    if (propagated) {
+                        logger_1.logger.info(lang_1.lang.__('APIGW_DNS_RECORD_ACTIVE'));
+                    }
+                    else {
+                        logger_1.logger.warn(lang_1.lang.__('APIGW_DNS_RECORD_MAY_NOT_PROPAGATED'));
+                    }
+                    return state;
+                }
+            }
+            // Check if record already exists in DNS (but not tracked in state)
+            const existingRecords = await dnsOps.describeDomainRecords(mainDomain, hostRecord);
+            const recordExists = existingRecords.some((record) => record.rr === hostRecord && record.type === 'CNAME' && record.value === verificationValue);
+            if (!recordExists) {
+                // Add the verification record
+                const recordId = await dnsOps.addDomainRecord({
+                    domainName: mainDomain,
+                    rr: hostRecord,
+                    type: 'CNAME',
+                    value: verificationValue,
+                    ttl: 600,
+                });
+                logger_1.logger.info(lang_1.lang.__('APIGW_DNS_RECORD_ADDED', {
+                    record: verificationHost,
+                    type: 'CNAME',
+                    value: verificationValue,
+                }));
+                // Track DNS record in state
+                const dnsResourceState = {
+                    mode: 'managed',
+                    region,
+                    definition: {
+                        domainName,
+                        mainDomain,
+                        verificationHost,
+                        verificationValue,
+                        verificationToken,
+                        groupSubdomain,
+                    },
+                    instances: [
+                        {
+                            arn: `arn:acs:alidns:${region}:dns-record/${recordId}`,
+                            id: recordId,
+                            type: 'CNAME',
+                            status: 'PENDING',
+                        },
+                    ],
+                    lastUpdated: now.toISOString(),
+                };
+                state = (0, stateManager_1.setResource)(state, dnsResourceId, dnsResourceState);
+            }
+            else {
+                logger_1.logger.info(lang_1.lang.__('APIGW_DNS_RECORD_ALREADY_EXISTS', { domain: domainName }));
+                // Track existing record in state
+                const dnsResourceState = {
+                    mode: 'managed',
+                    region,
+                    definition: {
+                        domainName,
+                        mainDomain,
+                        verificationHost,
+                        verificationValue,
+                        verificationToken,
+                        groupSubdomain,
+                    },
+                    instances: [
+                        {
+                            arn: `arn:acs:alidns:${region}:dns-record/existing`,
+                            id: 'existing',
+                            type: 'CNAME',
+                            status: 'EXISTING',
+                        },
+                    ],
+                    lastUpdated: now.toISOString(),
+                };
+                state = (0, stateManager_1.setResource)(state, dnsResourceId, dnsResourceState);
+            }
+            // Poll for DNS propagation
+            await pollDnsPropagation(mainDomain, hostRecord, verificationValue, true);
+            return state;
+        }
+        catch (error) {
+            logger_1.logger.error(lang_1.lang.__('APIGW_DNS_VERIFICATION_FAILED', { domain: domainName, error: String(error) }));
+            throw error;
+        }
+    };
+    const logVerificationInstructions = (domainName, verificationToken, groupSubdomain) => {
+        const separator = '='.repeat(80);
+        logger_1.logger.error(`\n${separator}\n${lang_1.lang.__('APIGW_VERIFICATION_HEADER')}\n${separator}\n${lang_1.lang.__('APIGW_VERIFICATION_DOMAIN', { domain: domainName })}\n\n${lang_1.lang.__('APIGW_VERIFICATION_INSTRUCTIONS')}\n\n${lang_1.lang.__('APIGW_VERIFICATION_RECORD_NAME', { name: domainName })}\n${lang_1.lang.__('APIGW_VERIFICATION_RECORD_TYPE', { type: 'CNAME' })}\n${lang_1.lang.__('APIGW_VERIFICATION_RECORD_VALUE', { value: groupSubdomain })}`);
+        logger_1.logger.error(`\n${separator}\n${lang_1.lang.__('APIGW_VERIFICATION_NEXT_STEPS')}\n${lang_1.lang.__('APIGW_VERIFICATION_STEP1')}\n${lang_1.lang.__('APIGW_VERIFICATION_STEP2')}\n${separator}\n`);
+    };
+    return {
+        /**
+         * Create an API Gateway group
+         */
+        createApiGroup: async (config) => {
+            const request = new cloudapi.CreateApiGroupRequest({
+                groupName: config.groupName,
+                description: config.description,
+                basePath: config.basePath,
+                instanceId: config.instanceId,
+                tag: config.tags?.map((t) => new cloudapi.CreateApiGroupRequestTag({ key: t.key, value: t.value })),
+            });
+            const response = await apigwClient.createApiGroup(request);
+            if (!response.body?.groupId) {
+                throw new Error('Failed to create API Gateway group: no groupId returned');
+            }
+            return response.body.groupId;
+        },
+        /**
+         * Get API Gateway group by group ID
+         */
+        getApiGroup: async (groupId) => {
+            try {
+                const request = new cloudapi.DescribeApiGroupRequest({
+                    groupId,
+                });
+                const response = await apigwClient.describeApiGroup(request);
+                if (!response.body) {
+                    return null;
+                }
+                return {
+                    groupId: response.body.groupId,
+                    groupName: response.body.groupName,
+                    description: response.body.description,
+                    basePath: response.body.basePath,
+                    subDomain: response.body.subDomain,
+                    instanceId: response.body.instanceId,
+                    instanceType: response.body.instanceType,
+                    regionId: response.body.regionId,
+                    status: response.body.status,
+                    createdTime: response.body.createdTime,
+                    modifiedTime: response.body.modifiedTime,
+                    billingStatus: response.body.billingStatus,
+                    illegalStatus: response.body.illegalStatus,
+                    trafficLimit: response.body.trafficLimit,
+                };
+            }
+            catch (error) {
+                if (error &&
+                    typeof error === 'object' &&
+                    'code' in error &&
+                    (error.code === 'NotFoundApiGroup' || error.code === 'InvalidGroupId.NotFound')) {
+                    return null;
+                }
+                throw error;
+            }
+        },
+        /**
+         * Find API Gateway group by name
+         */
+        findApiGroupByName: async (groupName) => {
+            const request = new cloudapi.DescribeApiGroupsRequest({
+                groupName,
+                pageSize: 10,
+                pageNumber: 1,
+            });
+            const response = await apigwClient.describeApiGroups(request);
+            if (!response.body?.apiGroupAttributes?.apiGroupAttribute?.length) {
+                return null;
+            }
+            // Find exact match
+            const group = response.body.apiGroupAttributes.apiGroupAttribute.find((g) => g.groupName === groupName);
+            if (!group) {
+                return null;
+            }
+            return {
+                groupId: group.groupId,
+                groupName: group.groupName,
+                description: group.description,
+                basePath: group.basePath,
+                subDomain: group.subDomain,
+                instanceId: group.instanceId,
+                instanceType: group.instanceType,
+                regionId: group.regionId,
+                billingStatus: group.billingStatus,
+                illegalStatus: group.illegalStatus,
+                trafficLimit: group.trafficLimit,
+            };
+        },
+        /**
+         * Update API Gateway group
+         */
+        updateApiGroup: async (groupId, config) => {
+            const request = new cloudapi.ModifyApiGroupRequest({
+                groupId,
+                groupName: config.groupName,
+                description: config.description,
+                basePath: config.basePath,
+            });
+            await apigwClient.modifyApiGroup(request);
+        },
+        /**
+         * Delete API Gateway group
+         */
+        deleteApiGroup: async (groupId) => {
+            const request = new cloudapi.DeleteApiGroupRequest({
+                groupId,
+            });
+            await apigwClient.deleteApiGroup(request);
+        },
+        /**
+         * Create an API in API Gateway
+         */
+        createApi: async (config) => {
+            const requestConfig = JSON.stringify(removeUndefined({
+                RequestProtocol: config.requestConfig.requestProtocol,
+                RequestHttpMethod: config.requestConfig.requestHttpMethod,
+                RequestPath: config.requestConfig.requestPath,
+                RequestMode: config.requestConfig.requestMode,
+                BodyFormat: config.requestConfig.bodyFormat,
+            }));
+            const serviceConfigObj = {
+                ServiceProtocol: config.serviceConfig.serviceProtocol,
+                ServiceAddress: config.serviceConfig.serviceAddress,
+                ServiceHttpMethod: config.serviceConfig.serviceHttpMethod,
+                ServicePath: config.serviceConfig.servicePath,
+                ServiceTimeout: config.serviceConfig.serviceTimeout || 10000,
+                MockResult: config.serviceConfig.mockResult,
+            };
+            if (config.serviceConfig.functionComputeConfig) {
+                serviceConfigObj.FunctionComputeConfig = removeUndefined({
+                    FcRegionId: config.serviceConfig.functionComputeConfig.fcRegionId,
+                    FunctionName: config.serviceConfig.functionComputeConfig.functionName,
+                    RoleArn: config.serviceConfig.functionComputeConfig.roleArn,
+                    FcVersion: config.serviceConfig.functionComputeConfig.fcVersion || '3.0',
+                    Method: config.serviceConfig.functionComputeConfig.method,
+                });
+            }
+            if (config.serviceConfig.vpcConfig) {
+                serviceConfigObj.VpcConfig = {
+                    VpcId: config.serviceConfig.vpcConfig.vpcId,
+                    InstanceId: config.serviceConfig.vpcConfig.instanceId,
+                    Port: config.serviceConfig.vpcConfig.port,
+                };
+            }
+            const serviceConfig = JSON.stringify(removeUndefined(serviceConfigObj));
+            const request = new cloudapi.CreateApiRequest({
+                groupId: config.groupId,
+                apiName: config.apiName,
+                description: config.description,
+                visibility: config.visibility,
+                authType: config.authType,
+                requestConfig,
+                serviceConfig,
+                resultType: config.resultType,
+                resultSample: config.resultSample,
+                failResultSample: config.failResultSample,
+                tag: config.tags?.map((t) => new cloudapi.CreateApiRequestTag({ key: t.key, value: t.value })),
+            });
+            const response = await apigwClient.createApi(request);
+            if (!response.body?.apiId) {
+                throw new Error('Failed to create API: no apiId returned');
+            }
+            return response.body.apiId;
+        },
+        /**
+         * Get API by API ID
+         */
+        getApi: async (groupId, apiId) => {
+            try {
+                const request = new cloudapi.DescribeApiRequest({
+                    groupId,
+                    apiId,
+                });
+                const response = await apigwClient.describeApi(request);
+                if (!response.body) {
+                    return null;
+                }
+                const body = response.body;
+                return {
+                    apiId: body.apiId,
+                    apiName: body.apiName,
+                    groupId: body.groupId,
+                    groupName: body.groupName,
+                    description: body.description,
+                    visibility: body.visibility,
+                    authType: body.authType,
+                    requestConfig: body.requestConfig
+                        ? {
+                            requestProtocol: body.requestConfig.requestProtocol,
+                            requestHttpMethod: body.requestConfig.requestHttpMethod,
+                            requestPath: body.requestConfig.requestPath,
+                            requestMode: body.requestConfig.requestMode,
+                            bodyFormat: body.requestConfig.bodyFormat,
+                        }
+                        : undefined,
+                    serviceConfig: body.serviceConfig
+                        ? {
+                            serviceProtocol: body.serviceConfig.serviceProtocol,
+                            serviceAddress: body.serviceConfig.serviceAddress,
+                            serviceHttpMethod: body.serviceConfig.serviceHttpMethod,
+                            servicePath: body.serviceConfig.servicePath,
+                            serviceTimeout: body.serviceConfig.serviceTimeout,
+                            functionComputeConfig: body.serviceConfig.functionComputeConfig
+                                ? {
+                                    fcRegionId: body.serviceConfig.functionComputeConfig.fcRegionId,
+                                    functionName: body.serviceConfig.functionComputeConfig.functionName,
+                                    roleArn: body.serviceConfig.functionComputeConfig.roleArn,
+                                    fcVersion: body.serviceConfig.functionComputeConfig.fcVersion,
+                                    method: body.serviceConfig.functionComputeConfig.method,
+                                }
+                                : undefined,
+                            mockResult: body.serviceConfig.mockResult,
+                        }
+                        : undefined,
+                    resultType: body.resultType,
+                    resultSample: body.resultSample,
+                    createdTime: body.createdTime,
+                    modifiedTime: body.modifiedTime,
+                    deployedInfos: body.deployedInfos?.deployedInfo?.map((info) => ({
+                        stageName: info.stageName,
+                        deployedStatus: info.deployedStatus,
+                        effectiveVersion: info.effectiveVersion,
+                    })),
+                };
+            }
+            catch (error) {
+                if (error &&
+                    typeof error === 'object' &&
+                    'code' in error &&
+                    (error.code === 'NotFoundApi' || error.code === 'InvalidApiId.NotFound')) {
+                    return null;
+                }
+                throw error;
+            }
+        },
+        /**
+         * Update API
+         */
+        updateApi: async (apiId, config) => {
+            const requestConfig = JSON.stringify(removeUndefined({
+                RequestProtocol: config.requestConfig.requestProtocol,
+                RequestHttpMethod: config.requestConfig.requestHttpMethod,
+                RequestPath: config.requestConfig.requestPath,
+                RequestMode: config.requestConfig.requestMode,
+                BodyFormat: config.requestConfig.bodyFormat,
+            }));
+            const serviceConfigObj = {
+                ServiceProtocol: config.serviceConfig.serviceProtocol,
+                ServiceAddress: config.serviceConfig.serviceAddress,
+                ServiceHttpMethod: config.serviceConfig.serviceHttpMethod,
+                ServicePath: config.serviceConfig.servicePath,
+                ServiceTimeout: config.serviceConfig.serviceTimeout || 10000,
+                MockResult: config.serviceConfig.mockResult,
+            };
+            if (config.serviceConfig.functionComputeConfig) {
+                serviceConfigObj.FunctionComputeConfig = removeUndefined({
+                    FcRegionId: config.serviceConfig.functionComputeConfig.fcRegionId,
+                    FunctionName: config.serviceConfig.functionComputeConfig.functionName,
+                    RoleArn: config.serviceConfig.functionComputeConfig.roleArn,
+                    FcVersion: config.serviceConfig.functionComputeConfig.fcVersion || '3.0',
+                    Method: config.serviceConfig.functionComputeConfig.method,
+                });
+            }
+            const serviceConfig = JSON.stringify(removeUndefined(serviceConfigObj));
+            const request = new cloudapi.ModifyApiRequest({
+                groupId: config.groupId,
+                apiId,
+                apiName: config.apiName,
+                description: config.description,
+                visibility: config.visibility,
+                authType: config.authType,
+                requestConfig,
+                serviceConfig,
+                resultType: config.resultType,
+                resultSample: config.resultSample,
+                failResultSample: config.failResultSample,
+            });
+            await apigwClient.modifyApi(request);
+        },
+        /**
+         * Delete API
+         */
+        deleteApi: async (groupId, apiId) => {
+            const request = new cloudapi.DeleteApiRequest({
+                groupId,
+                apiId,
+            });
+            await apigwClient.deleteApi(request);
+        },
+        /**
+         * Deploy API to a stage
+         */
+        deployApi: async (config) => {
+            const request = new cloudapi.DeployApiRequest({
+                groupId: config.groupId,
+                apiId: config.apiId,
+                stageName: config.stageName,
+                description: config.description,
+            });
+            await apigwClient.deployApi(request);
+        },
+        /**
+         * Abolish (undeploy) API from a stage
+         */
+        abolishApi: async (groupId, apiId, stageName) => {
+            const request = new cloudapi.AbolishApiRequest({
+                groupId,
+                apiId,
+                stageName,
+            });
+            await apigwClient.abolishApi(request);
+        },
+        /**
+         * Bind custom domain to API group with automatic verification
+         */
+        bindCustomDomain: async (config, state, eventLogicalId) => {
+            logger_1.logger.info(lang_1.lang.__('APIGW_BINDING_DOMAIN', { domain: config.domainName }));
+            // Get the API group info to extract verification token from subDomain
+            const groupInfo = await apigwClient.describeApiGroup(new cloudapi.DescribeApiGroupRequest({ groupId: config.groupId }));
+            const region = groupInfo.body?.regionId || _context.region;
+            // Try to bind the domain first
+            try {
+                const request = new cloudapi.SetDomainRequest({
+                    groupId: config.groupId,
+                    domainName: config.domainName,
+                    bindStageName: config.bindStageName || 'RELEASE',
+                    customDomainType: config.customDomainType,
+                    isHttpRedirectToHttps: config.isHttpRedirectToHttps,
+                });
+                await apigwClient.setDomain(request);
+                // Set certificate if provided
+                if (config.certificateName && config.certificateBody && config.certificatePrivateKey) {
+                    const certRequest = new cloudapi.SetDomainCertificateRequest({
+                        groupId: config.groupId,
+                        domainName: config.domainName,
+                        certificateName: config.certificateName,
+                        certificateBody: config.certificateBody,
+                        certificatePrivateKey: config.certificatePrivateKey,
+                    });
+                    await apigwClient.setDomainCertificate(certRequest);
+                }
+                logger_1.logger.info(lang_1.lang.__('APIGW_DOMAIN_BOUND_SUCCESS', { domain: config.domainName }));
+                return state;
+            }
+            catch (error) {
+                const err = error;
+                // Check if it's a domain ownership verification error
+                if (err.code === 'SingleDomainOwnershipCheckFail' || err.message?.includes('ownership')) {
+                    logger_1.logger.error(lang_1.lang.__('APIGW_DOMAIN_OWNERSHIP_FAILED', { domain: config.domainName }));
+                    const verificationToken = extractVerificationToken(error, groupInfo.body);
+                    if (verificationToken && groupInfo.body?.subDomain) {
+                        logger_1.logger.info(lang_1.lang.__('APIGW_ATTEMPTING_AUTO_VERIFICATION', { token: verificationToken }));
+                        try {
+                            // Try to add DNS verification record automatically and update state
+                            state = await addDomainVerificationRecord(config.domainName, verificationToken, groupInfo.body.subDomain, region, state, eventLogicalId);
+                            // Retry domain binding after DNS verification
+                            logger_1.logger.info(lang_1.lang.__('APIGW_RETRYING_DOMAIN_BINDING'));
+                            const retryRequest = new cloudapi.SetDomainRequest({
+                                groupId: config.groupId,
+                                domainName: config.domainName,
+                                bindStageName: config.bindStageName || 'RELEASE',
+                                customDomainType: config.customDomainType,
+                                isHttpRedirectToHttps: config.isHttpRedirectToHttps,
+                            });
+                            await apigwClient.setDomain(retryRequest);
+                            // Set certificate if provided
+                            if (config.certificateName &&
+                                config.certificateBody &&
+                                config.certificatePrivateKey) {
+                                const certRequest = new cloudapi.SetDomainCertificateRequest({
+                                    groupId: config.groupId,
+                                    domainName: config.domainName,
+                                    certificateName: config.certificateName,
+                                    certificateBody: config.certificateBody,
+                                    certificatePrivateKey: config.certificatePrivateKey,
+                                });
+                                await apigwClient.setDomainCertificate(certRequest);
+                            }
+                            logger_1.logger.info(lang_1.lang.__('APIGW_DOMAIN_BOUND_AFTER_VERIFICATION', { domain: config.domainName }));
+                            return state;
+                        }
+                        catch (retryError) {
+                            logger_1.logger.error(lang_1.lang.__('APIGW_AUTO_VERIFICATION_FAILED', { error: String(retryError) }));
+                            // Fall through to show manual instructions
+                        }
+                    }
+                    // Show manual verification instructions
+                    if (verificationToken && groupInfo.body?.subDomain) {
+                        logVerificationInstructions(config.domainName, verificationToken, groupInfo.body.subDomain);
+                    }
+                    else {
+                        logger_1.logger.error(lang_1.lang.__('APIGW_NO_VERIFICATION_TOKEN'));
+                        logger_1.logger.error(lang_1.lang.__('APIGW_MANUAL_VERIFICATION_REQUIRED'));
+                    }
+                }
+                // Re-throw the error to be handled by caller
+                throw error;
+            }
+        },
+        /**
+         * Unbind custom domain from API group
+         */
+        unbindCustomDomain: async (groupId, domainName) => {
+            const request = new cloudapi.DeleteDomainRequest({
+                groupId,
+                domainName,
+            });
+            await apigwClient.deleteDomain(request);
+        },
+    };
+};
+exports.createApigwOperations = createApigwOperations;