@gradientedge/cdk-utils-azure 2.16.0 → 2.18.0

package/dist/src/common/construct.js

@@ -1,7 +1,7 @@
+import { isDevStage, isPrdStage, isTestStage, isUatStage } from '@gradientedge/cdk-utils-common';
 import { getWorkspaceOutput } from '@pulumi/azure-native/operationalinsights/index.js';
 import * as pulumi from '@pulumi/pulumi';
 import { ComponentResource } from '@pulumi/pulumi';
-import { isDevStage, isPrdStage, isTestStage, isUatStage } from '@gradientedge/cdk-utils-common';
 import { AzureAuthorisationManager } from '../services/authorisation/main.js';
 import { AzureApiManagementManager, AzureAppConfigurationManager, AzureApplicationInsightsManager, AzureAppServiceManager, AzureCosmosDbManager, AzureDnsManager, AzureEventgridManager, AzureFunctionManager, AzureKeyVaultManager, AzureMonitorManager, AzureOperationalInsightsManager, AzurePortalManager, AzureRedisManager, AzureResourceGroupManager, AzureSecurityCentermanager, AzureServiceBusManager, AzureStorageManager, } from '../services/index.js';
 import { AzureResourceNameFormatter } from './resource-name-formatter.js';
@@ -76,7 +76,9 @@ export class CommonAzureConstruct extends ComponentResource {
     resolveStack(stackName) {
         if (!stackName)
             throw new Error('Stack name undefined');
-        return new pulumi.StackReference(stackName);
+        return new pulumi.StackReference(stackName, {
+            name: stackName,
+        });
     }
     createResourceGroup() {
         if (this.resourceGroup)

package/dist/src/common/stack.d.ts

@@ -21,6 +21,7 @@ export declare class CommonAzureStack extends ComponentResource {
     construct: CommonAzureConstruct;
     props: CommonAzureStackProps;
     config: Config;
+    outputs?: Record<string, unknown>;
     constructor(name: string, props: CommonAzureStackProps, options?: ComponentResourceOptions);
     /**
      * @summary Method to determine the core construct properties injected via context
@@ -40,8 +41,12 @@ export declare class CommonAzureStack extends ComponentResource {
      * - Primary use is to have layered config for each environment which is injected into the context
      */
     protected determineStageContexts(): any;
+    protected createConstruct(): void;
+    protected registerOutputs(): void;
     /**
      * @summary Determine the fully qualified domain name based on domainName & subDomain
      */
     protected fullyQualifiedDomain(): string;
+    protected static determineEnvironmentProperty(): string;
+    protected static getEnvironmentProperty(property: string): any;
 }

package/dist/src/common/stack.js

@@ -1,9 +1,9 @@
-import fs from 'fs';
-import path from 'path';
+import fs, { readFileSync, statSync } from 'fs';
+import path, { dirname, join } from 'path';
+import { isDevStage } from '@gradientedge/cdk-utils-common';
 import { ComponentResource, Config } from '@pulumi/pulumi';
 import appRoot from 'app-root-path';
 import _ from 'lodash';
-import { isDevStage } from '@gradientedge/cdk-utils-common';
 import { registerTagTransformation } from './tagging.js';
 /**
  * Common stack to use as a base for all higher level constructs using Pulumi
@@ -25,6 +25,7 @@ export class CommonAzureStack extends ComponentResource {
     construct;
     props;
     config;
+    outputs;
     constructor(name, props, options) {
         super(`stack:${name}`, name, props, options);
         /* initialise config */
@@ -34,6 +35,8 @@ export class CommonAzureStack extends ComponentResource {
         if (this.props.defaultTags) {
             registerTagTransformation(this.props.defaultTags);
         }
+        this.createConstruct();
+        this.registerOutputs();
     }
     /**
      * @summary Method to determine the core construct properties injected via context
@@ -110,6 +113,16 @@ export class CommonAzureStack extends ComponentResource {
         /* parse as JSON properties */
         return JSON.parse(stageContextPropsBuffer.toString('utf-8'));
     }
+    createConstruct() { }
+    registerOutputs() {
+        if (this.construct && this.construct.resourceGroup) {
+            this.outputs = {
+                resourceGroupId: this.construct.resourceGroup.id,
+                resourceGroupName: this.construct.resourceGroup.name,
+            };
+            super.registerOutputs(this.outputs);
+        }
+    }
     /**
      * @summary Determine the fully qualified domain name based on domainName & subDomain
      */
@@ -118,4 +131,27 @@ export class CommonAzureStack extends ComponentResource {
         const subDomain = this.props.subDomain;
         return subDomain ? `${subDomain}.${domainName}` : domainName;
     }
+    static determineEnvironmentProperty() {
+        const config = new Config();
+        const stageContextPath = config.get('stageContextPath');
+        let dir = process.cwd();
+        for (let i = 0; i < 6; i++) {
+            try {
+                if (statSync(join(dir, `${stageContextPath}`)).isDirectory())
+                    return dir;
+            }
+            catch {
+                /* keep walking */
+            }
+            dir = dirname(dir);
+        }
+        throw new Error('Could not locate infrastructure root (pulumi-env/ not found)');
+    }
+    static getEnvironmentProperty(property) {
+        const config = new Config();
+        const stage = config.get('stage');
+        const stageContextPath = config.get('stageContextPath');
+        const envConfig = JSON.parse(readFileSync(join(this.determineEnvironmentProperty(), `${stageContextPath}`, `${stage}.json`), 'utf8'));
+        return envConfig[property];
+    }
 }

package/dist/src/common/tagging.js

@@ -7,6 +7,13 @@ import { RESOURCES_TO_EXCLUDE_TAGS } from './constants.js';
  */
 /** @category Constant */
 export function isTaggableResource(resourceType) {
+    // Entire providers that don't support tags
+    if (resourceType.startsWith('azuread:'))
+        return false;
+    if (resourceType.startsWith('random:'))
+        return false;
+    if (resourceType.startsWith('pulumi:'))
+        return false;
     // Extract the resource name from the type (e.g., 'ResourceGroup' from 'azure-native:resources:ResourceGroup')
     const resourceName = resourceType.split(':').pop() || '';
     // Check if this resource is in the exclusion list

package/dist/src/construct/rest-api-function/main.js

@@ -266,6 +266,7 @@ export class AzureRestApiFunction extends AzureFunctionApp {
         <inbound>
           <base />
           ${this.api.corsPolicyXmlContent ?? ''}
+          ${this.api.validateJwtPolicyXmlContent ?? ''}
           <set-backend-service backend-id="${this.api.backend.name}" />
           <set-header name="traceparent" exists-action="override">
             <value>@(context.Request.Headers.GetValueOrDefault("traceparent", ""))</value>

package/dist/src/construct/rest-api-function/types.d.ts

@@ -23,11 +23,12 @@ export interface AzureRestApiFunctionProps extends AzureRestApiProps, AzureFunct
 }
 /** @category Interface */
 export interface AzureApiFunction extends AzureApi {
-    corsPolicyXmlContent?: string;
     apiOperations: {
         [operation: string]: ApiOperation;
     };
-    managementApi: Api;
     backend: Backend;
+    corsPolicyXmlContent?: string;
+    managementApi: Api;
     namedValue: NamedValue;
+    validateJwtPolicyXmlContent?: string;
 }

package/dist/src/services/storage/main.js

@@ -75,9 +75,7 @@ export class AzureStorageManager {
     createStorageContainer(id, scope, props, resourceOptions) {
         if (!props)
             throw new Error(`Props undefined for ${id}`);
-        const resourceGroupName = scope.props.resourceGroupName
-            ? scope.resourceNameFormatter.format(scope.props.resourceGroupName)
-            : `${props.resourceGroupName}`;
+        const resourceGroupName = props.resourceGroupName ?? scope.resourceNameFormatter.format(scope.props.resourceGroupName);
         return new BlobContainer(`${id}-sc`, {
             ...props,
             containerName: scope.resourceNameFormatter.format(props.containerName?.toString(), scope.props.resourceNameOptions?.storageContainer),
@@ -97,9 +95,7 @@ export class AzureStorageManager {
     createStorageBlob(id, scope, props, resourceOptions) {
         if (!props)
             throw new Error(`Props undefined for ${id}`);
-        const resourceGroupName = scope.props.resourceGroupName
-            ? scope.resourceNameFormatter.format(scope.props.resourceGroupName)
-            : `${props.resourceGroupName}`;
+        const resourceGroupName = props.resourceGroupName ?? scope.resourceNameFormatter.format(scope.props.resourceGroupName);
         return new Blob(`${id}-sb`, {
             ...props,
             blobName: scope.resourceNameFormatter.format(props.blobName?.toString(), scope.props.resourceNameOptions?.storageBlob),
@@ -126,9 +122,7 @@ export class AzureStorageManager {
      * @see https://www.pulumi.com/registry/packages/azure-native/api-docs/storage/liststorageaccountsas/
      */
     generateContainerSasToken(id, scope, props, storageAccount) {
-        const resourceGroupName = scope.props.resourceGroupName
-            ? scope.resourceNameFormatter.format(scope.props.resourceGroupName)
-            : `${props.resourceGroupName}`;
+        const resourceGroupName = props.resourceGroupName ?? scope.resourceNameFormatter.format(scope.props.resourceGroupName);
         return pulumi
             .all([storageAccount.name])
             .apply(([accountName]) => {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@gradientedge/cdk-utils-azure",
-  "version": "2.16.0",
+  "version": "2.18.0",
   "description": "Azure Pulumi utilities for @gradientedge/cdk-utils",
   "type": "module",
   "main": "dist/src/index.js",
@@ -16,6 +16,7 @@
   "dependencies": {
     "@pulumi/archive": "0.3.7",
     "@pulumi/azure-native": "3.16.0",
+    "@pulumi/azuread": "6.9.0",
     "@pulumi/pulumi": "3.230.0",
     "@types/lodash": "4.17.24",
     "app-root-path": "3.1.0",