@gradientedge/cdk-utils 10.1.0 → 10.3.0

package/src/lib/azure/common/construct.ts

@@ -1,8 +1,4 @@
-import { DataAzurermClientConfig } from '@cdktf/provider-azurerm/lib/data-azurerm-client-config/index.js'
-import { AzurermProvider } from '@cdktf/provider-azurerm/lib/provider/index.js'
-import { AzurermBackend, TerraformStack } from 'cdktf'
-import { Provider } from 'cdktf-local-exec'
-import { Construct } from 'constructs'
+import { ComponentResource, ComponentResourceOptions } from '@pulumi/pulumi'
 import { isDevStage, isPrdStage, isTestStage, isUatStage } from '../../common/index.js'
 import {
   AzureApiManagementManager,
@@ -14,19 +10,38 @@ import {
   AzureEventgridManager,
   AzureFunctionManager,
   AzureKeyVaultManager,
-  AzureLogAnalyticsWorkspaceManager,
+  AzureOperationalInsightsManager,
   AzureMonitorManager,
   AzureRedisManager,
   AzureResourceGroupManager,
   AzureServicebusManager,
   AzureStorageManager,
 } from '../services/index.js'
-import { AzureRemoteBackend } from './constants.js'
 import { AzureResourceNameFormatter } from './resource-name-formatter.js'
 import { CommonAzureStackProps } from './types.js'
 
-export class CommonAzureConstruct extends TerraformStack {
+/**
+ * @classdesc Common Azure construct to use as a base for all higher level constructs using Pulumi
+ * - Provides manager instances for all Azure services
+ * - Handles resource naming conventions
+ * - Manages common properties and utilities
+ * @example
+ * ```typescript
+ * import { CommonAzureConstruct } from '@gradientedge/cdk-utils'
+ *
+ * class CustomConstruct extends CommonAzureConstruct {
+ *   constructor(name: string, props: CommonAzureStackProps) {
+ *     super(name, props)
+ *     // provision resources using this.resourceGroupManager, etc.
+ *   }
+ * }
+ * ```
+ */
+export class CommonAzureConstruct extends ComponentResource {
   declare props: CommonAzureStackProps
+  declare options?: ComponentResourceOptions
+  id: string
+  fullyQualifiedDomainName: string
   apiManagementManager: AzureApiManagementManager
   appConfigurationManager: AzureAppConfigurationManager
   appServiceManager: AzureAppServiceManager
@@ -34,23 +49,21 @@ export class CommonAzureConstruct extends TerraformStack {
   cosmosDbManager: AzureCosmosDbManager
   dnsManager: AzureDnsManager
   eventgridManager: AzureEventgridManager
-  fullyQualifiedDomainName: string
-  functiontManager: AzureFunctionManager
-  id: string
+  functionManager: AzureFunctionManager
   keyVaultManager: AzureKeyVaultManager
-  logAnalyticsWorkspaceManager: AzureLogAnalyticsWorkspaceManager
+  operationalInsightsManager: AzureOperationalInsightsManager
   monitorManager: AzureMonitorManager
   redisManager: AzureRedisManager
   resourceGroupManager: AzureResourceGroupManager
   resourceNameFormatter: AzureResourceNameFormatter
   servicebusManager: AzureServicebusManager
   storageManager: AzureStorageManager
-  tenantId: string
 
-  constructor(scope: Construct, id: string, props: CommonAzureStackProps) {
-    super(scope, id)
+  constructor(name: string, props: CommonAzureStackProps, options?: ComponentResourceOptions) {
+    super(`custom:azure:Construct:${name}`, name, props, options)
     this.props = props
-    this.id = id
+    this.options = options
+    this.id = name
 
     this.apiManagementManager = new AzureApiManagementManager()
     this.appConfigurationManager = new AzureAppConfigurationManager()
@@ -59,22 +72,17 @@ export class CommonAzureConstruct extends TerraformStack {
     this.cosmosDbManager = new AzureCosmosDbManager()
     this.dnsManager = new AzureDnsManager()
     this.eventgridManager = new AzureEventgridManager()
-    this.functiontManager = new AzureFunctionManager()
+    this.functionManager = new AzureFunctionManager()
     this.keyVaultManager = new AzureKeyVaultManager()
-    this.logAnalyticsWorkspaceManager = new AzureLogAnalyticsWorkspaceManager()
+    this.operationalInsightsManager = new AzureOperationalInsightsManager()
     this.monitorManager = new AzureMonitorManager()
     this.redisManager = new AzureRedisManager()
     this.resourceGroupManager = new AzureResourceGroupManager()
-    this.resourceNameFormatter = new AzureResourceNameFormatter(this, `${id}-rnf`, props)
+    this.resourceNameFormatter = new AzureResourceNameFormatter(props)
     this.servicebusManager = new AzureServicebusManager()
     this.storageManager = new AzureStorageManager()
 
     this.determineFullyQualifiedDomain()
-    this.determineRemoteBackend()
-    this.determineTenantId()
-
-    new AzurermProvider(this, `${this.id}-provider`, this.props)
-    new Provider(this, `${this.id}-local-exec-provider`)
   }
 
   /**
@@ -86,30 +94,6 @@ export class CommonAzureConstruct extends TerraformStack {
       : this.props.domainName
   }
 
-  protected determineRemoteBackend() {
-    const debug = this.node.tryGetContext('debug')
-    switch (this.props.remoteBackend?.type) {
-      case AzureRemoteBackend.azurerm:
-        new AzurermBackend(this, {
-          storageAccountName: this.props.remoteBackend.storageAccountName,
-          containerName: this.props.remoteBackend.containerName,
-          key: `${this.id}`,
-          subscriptionId: this.props.subscriptionId,
-          resourceGroupName: this.props.remoteBackend.resourceGroupName,
-        })
-        break
-      case AzureRemoteBackend.local:
-        if (debug) console.debug(`Using local backend for ${this.id}`)
-        break
-      default:
-        break
-    }
-  }
-
-  protected determineTenantId() {
-    this.tenantId = new DataAzurermClientConfig(this, 'current', {}).tenantId
-  }
-
   /**
    * @summary Utility method to determine if the initialisation is in development (dev) stage
    * This is determined by the stage property injected via cdk context

package/src/lib/azure/common/resource-name-formatter.ts

@@ -1,11 +1,15 @@
-import { Construct } from 'constructs'
 import { AzureResourceNameFormatterProps, CommonAzureStackProps } from '../index.js'
 
-export class AzureResourceNameFormatter extends Construct {
+/**
+ * @classdesc Formats Azure resource names according to naming conventions
+ * - Applies global/resource prefixes and suffixes
+ * - Automatically appends stage to resource names
+ * - Supports per-resource customization via options
+ */
+export class AzureResourceNameFormatter {
   props: CommonAzureStackProps
 
-  constructor(parent: Construct, id: string, props: CommonAzureStackProps) {
-    super(parent, id)
+  constructor(props: CommonAzureStackProps) {
     this.props = props
   }
 
@@ -15,7 +19,7 @@ export class AzureResourceNameFormatter extends Construct {
    * @param options Options to control the formatting of the resource name
    * @returns The formatted Azure-compliant resource name
    */
-  public format(resourceName: string, options?: AzureResourceNameFormatterProps) {
+  public format(resourceName: string | undefined, options?: AzureResourceNameFormatterProps): string {
     const azureResourceNameElements = []
 
     if (!options?.exclude) {
@@ -23,7 +27,7 @@ export class AzureResourceNameFormatter extends Construct {
       azureResourceNameElements.push(options?.prefix ?? this.props.resourcePrefix)
     }
 
-    azureResourceNameElements.push(resourceName)
+    azureResourceNameElements.push(resourceName || '')
 
     if (!options?.exclude) {
       azureResourceNameElements.push(options?.suffix ?? this.props.resourceSuffix)

package/src/lib/azure/common/stack.ts

@@ -1,150 +1,150 @@
+import { ComponentResource, ComponentResourceOptions, Config } from '@pulumi/pulumi'
 import appRoot from 'app-root-path'
-import { Aspects, TerraformStack } from 'cdktf'
-import { Construct } from 'constructs'
 import fs from 'fs'
 import _ from 'lodash'
 import path from 'path'
 import { isDevStage } from '../../common/index.js'
 import { CommonAzureConstruct } from './construct.js'
-import { TagsAddingAspect } from './tagging.js'
+import { registerTagTransformation } from './tagging.js'
 import { CommonAzureStackProps } from './types.js'
 
 /**
- * @classdesc Common stack to use as a base for all higher level constructs.
+ * @classdesc Common stack to use as a base for all higher level constructs using Pulumi
  * @example
+ * ```typescript
  * import { CommonAzureStack } from '@gradientedge/cdk-utils'
  *
  * class CustomStack extends CommonAzureStack {
- *   constructor(parent: App, name: string, props: StackProps) {
- *     super(parent, name, props)
+ *   constructor(name: string, props: CommonAzureStackProps) {
+ *     super(name, props)
  *     // provision resources
  *   }
  * }
+ * ```
  */
-export class CommonAzureStack extends TerraformStack {
+export class CommonAzureStack extends ComponentResource {
   construct: CommonAzureConstruct
   props: CommonAzureStackProps
+  config: Config
 
-  constructor(parent: Construct, name: string, props: CommonAzureStackProps) {
-    super(parent, name)
-
-    /* determine extra cdk contexts */
-    this.determineExtraContexts()
-
-    /* determine extra cdk stage contexts */
-    this.determineStageContexts()
+  constructor(name: string, props: CommonAzureStackProps, options?: ComponentResourceOptions) {
+    super(`custom:azure:Stack:${name}`, name, props, options)
 
+    /* initialise config */
+    this.config = new Config()
     this.props = this.determineConstructProps(props)
 
-    Aspects.of(this).add(new TagsAddingAspect(this.props.defaultTags || {}))
+    /* register tag transformation for automatic tag application */
+    if (this.props.defaultTags) {
+      registerTagTransformation(this.props.defaultTags)
+    }
   }
 
   /**
-   * @summary Method to determine the core CDK construct properties injected via context cdktf.json
+   * @summary Method to determine the core construct properties injected via context
    * @param props The stack properties
    * @returns The stack properties
    */
   protected determineConstructProps(props: CommonAzureStackProps) {
+    let projectProps: CommonAzureStackProps = props
+    if (!projectProps) {
+      const projectPropsPath = path.join(appRoot.path, 'pulumi.json')
+      if (!fs.existsSync(projectPropsPath)) throw `Context properties unavailable in path:${projectPropsPath}`
+
+      const projectPropsBuffer = fs.readFileSync(projectPropsPath)
+      projectProps = JSON.parse(projectPropsBuffer.toString('utf-8'))
+    }
+
     return {
-      domainName: this.node.tryGetContext('domainName'),
-      extraContexts: this.node.tryGetContext('extraContexts'),
-      features: this.node.tryGetContext('features'),
-      location: this.node.tryGetContext('location'),
-      name: this.node.tryGetContext('resourceGroupName'),
-      resourceGroupName: this.node.tryGetContext('resourceGroupName'),
-      globalPrefix: this.node.tryGetContext('globalPrefix'),
-      globalSuffix: this.node.tryGetContext('globalSuffix'),
-      resourceNameOptions: this.node.tryGetContext('resourceNameOptions'),
-      resourcePrefix: this.node.tryGetContext('resourcePrefix'),
-      resourceSuffix: this.node.tryGetContext('resourceSuffix'),
-      skipStageForARecords: this.node.tryGetContext('skipStageForARecords'),
-      stage: this.node.tryGetContext('stage'),
-      subDomain: this.node.tryGetContext('subDomain'),
-      subscriptionId: this.node.tryGetContext('subscriptionId'),
+      domainName: projectProps.domainName,
+      extraContexts: projectProps.extraContexts,
+      location: projectProps.location,
+      name: projectProps.resourceGroupName ?? projectProps.name,
+      resourceGroupName: projectProps.resourceGroupName,
+      globalPrefix: projectProps.globalPrefix,
+      globalSuffix: projectProps.globalSuffix,
+      resourceNameOptions: projectProps.resourceNameOptions,
+      resourcePrefix: projectProps.resourcePrefix,
+      resourceSuffix: projectProps.resourceSuffix,
+      skipStageForARecords: projectProps.skipStageForARecords,
+      stage: projectProps.stage,
+      stageContextPath: projectProps.stageContextPath,
+      subDomain: projectProps.subDomain,
+      subscriptionId: projectProps.subscriptionId,
+      tenantId: projectProps.tenantId,
+      clientId: projectProps.clientId,
+      clientSecret: projectProps.clientSecret,
+      defaultTags: projectProps.defaultTags,
+      ...this.determineExtraContexts(props),
+      ...this.determineStageContexts(props),
     }
   }
 
   /**
-   * @summary Method to determine extra cdk contexts apart from the main cdktf.json
-   * - Sets the properties from the extra contexts into cdk node context
+   * @summary Method to determine extra contexts apart from the main context
+   * - Sets the properties from the extra contexts
    * - Primary use is to have layered config in separate files to enable easier maintenance and readability
    */
-  protected determineExtraContexts() {
-    const extraContexts = this.node.tryGetContext('extraContexts')
-    const debug = this.node.tryGetContext('debug')
-
-    if (!extraContexts) {
-      if (debug) console.debug(`No additional contexts provided. Using default context properties from cdktf.json`)
-      return
+  protected determineExtraContexts(props: CommonAzureStackProps) {
+    if (!props.extraContexts) {
+      if (props.debug) console.debug(`No additional contexts provided. Using default context properties`)
+      return {}
     }
 
-    _.forEach(extraContexts, (context: string) => {
+    let extraContextProps: Record<string, any> = {}
+    _.forEach(props.extraContexts, (context: string) => {
       const extraContextPath = path.join(appRoot.path, context)
 
-      /* scenario where extra context is configured in cdk.json but absent in file system */
+      /* scenario where extra context is configured but absent in file system */
       if (!fs.existsSync(extraContextPath)) throw `Extra context properties unavailable in path:${extraContextPath}`
 
       /* read the extra properties */
       const extraContextPropsBuffer = fs.readFileSync(extraContextPath)
-      if (debug) console.debug(`Adding additional contexts provided in ${extraContextPath}`)
+      if (props.debug) console.debug(`Adding additional contexts provided in ${extraContextPath}`)
 
       /* parse as JSON properties */
-      const extraContextProps = JSON.parse(extraContextPropsBuffer.toString('utf-8'))
-
-      /* set each of the property into the cdk node context */
-      _.keys(extraContextProps).forEach((propKey: any) => {
-        this.node.setContext(propKey, extraContextProps[propKey])
-      })
+      extraContextProps = {
+        ...extraContextProps,
+        ...JSON.parse(extraContextPropsBuffer.toString('utf-8')),
+      }
     })
+    return extraContextProps
   }
 
   /**
-   * @summary Method to determine extra cdk stage contexts apart from the main cdktf.json
-   * - Sets the properties from the extra stage contexts into cdk node context
+   * @summary Method to determine extra stage contexts apart from the main context
+   * - Sets the properties from the extra stage contexts
    * - Primary use is to have layered config for each environment which is injected into the context
    */
-  protected determineStageContexts() {
-    const stage = process.env.STAGE ?? this.node.tryGetContext('stage')
-    const stageContextPath = this.node.tryGetContext('stageContextPath') || 'cdkEnv'
-    const stageContextFilePath = path.join(appRoot.path, stageContextPath, `${stage}.json`)
-    const debug = this.node.tryGetContext('debug')
-
-    if (isDevStage(stage)) {
-      if (debug) console.debug(`Development stage. Using default stage context properties`)
+  protected determineStageContexts(props: CommonAzureStackProps) {
+    const stageContextFilePath = path.join(appRoot.path, props.stageContextPath ?? 'env', `${props.stage}.json`)
+
+    if (isDevStage(props.stage)) {
+      if (props.debug) console.debug(`Development stage. Using default stage context properties`)
     }
 
     /* alert default context usage when extra stage config is missing */
     if (!fs.existsSync(stageContextFilePath)) {
-      if (debug) console.debug(`Stage specific context properties unavailable in path:${stageContextFilePath}`)
-      if (debug) console.debug(`Using default stage context properties for ${stage} stage`)
-      return
+      if (props.debug) console.debug(`Stage specific context properties unavailable in path:${stageContextFilePath}`)
+      if (props.debug) console.debug(`Using default stage context properties for ${props.stage} stage`)
+      return {}
     }
 
     /* read the extra properties */
     const stageContextPropsBuffer = fs.readFileSync(stageContextFilePath)
-    if (debug) console.debug(`Adding additional stage contexts provided in ${stageContextFilePath}`)
+    if (props.debug) console.debug(`Adding additional stage contexts provided in ${stageContextFilePath}`)
 
     /* parse as JSON properties */
-    const stageContextProps = JSON.parse(stageContextPropsBuffer.toString('utf-8'))
-
-    /* set each of the property into the cdk node context */
-    _.keys(stageContextProps).forEach((propKey: any) => {
-      /* handle object, array properties */
-      if (typeof stageContextProps[propKey] === 'object' && !Array.isArray(stageContextProps[propKey])) {
-        this.node.setContext(propKey, _.merge(this.node.tryGetContext(propKey), stageContextProps[propKey]))
-      } else {
-        /* handle all other primitive properties */
-        this.node.setContext(propKey, stageContextProps[propKey])
-      }
-    })
+    return JSON.parse(stageContextPropsBuffer.toString('utf-8'))
   }
 
   /**
    * @summary Determine the fully qualified domain name based on domainName & subDomain
    */
   protected fullyQualifiedDomain() {
-    const domainName = this.node.tryGetContext('domainName')
-    const subDomain = this.node.tryGetContext('subDomain')
+    const domainName = this.props.domainName
+    const subDomain = this.props.subDomain
+
     return subDomain ? `${subDomain}.${domainName}` : domainName
   }
 }

package/src/lib/azure/common/tagging.ts

@@ -1,42 +1,91 @@
-import { IAspect, TerraformResource } from 'cdktf'
-import { IConstruct } from 'constructs'
+import * as pulumi from '@pulumi/pulumi'
 import { RESOURCES_TO_EXCLUDE_TAGS } from './constants.js'
 
-type TaggableConstruct = IConstruct & {
-  tags?: { [key: string]: string } | string[]
-  tagsInput?: { [key: string]: string } | string[]
-}
+/**
+ * @summary Check if a resource type is taggable
+ * @param resourceType The Pulumi resource type (e.g., 'azure-native:resources:ResourceGroup')
+ * @returns True if the resource supports tags, false otherwise
+ */
+export function isTaggableResource(resourceType: string): boolean {
+  // Extract the resource name from the type (e.g., 'ResourceGroup' from 'azure-native:resources:ResourceGroup')
+  const resourceName = resourceType.split(':').pop() || ''
+
+  // Check if this resource is in the exclusion list
+  if (RESOURCES_TO_EXCLUDE_TAGS.has(resourceName)) {
+    return false
+  }
 
-function isTaggableConstruct(node: IConstruct): node is TaggableConstruct {
-  return 'tags' in node && 'tagsInput' in node
+  // Most Azure resources support tags, but we can add more specific checks here if needed
+  return true
 }
 
-export class TagsAddingAspect implements IAspect {
-  constructor(
-    private tagsToAdd: Record<string, string>,
-    private tagsToIgnore: string[] = []
-  ) {}
-
-  // This method is called on every Construct within the specified scope (resources, data sources, etc.).
-  visit(node: IConstruct) {
-    // We need to take the input value to not create a circular reference
-    if (!isTaggableConstruct(node)) {
-      return
+/**
+ * @summary Register a stack transformation to automatically apply tags to Azure resources
+ * @param defaultTags The default tags to apply to all resources
+ * @param tagsToIgnore Optional list of tag keys to ignore in lifecycle management
+ * @example
+ * ```typescript
+ * registerTagTransformation({ environment: 'production', team: 'platform' })
+ * ```
+ */
+export function registerTagTransformation(defaultTags: Record<string, string>, tagsToIgnore: string[] = []): void {
+  pulumi.runtime.registerStackTransformation((args: pulumi.ResourceTransformationArgs) => {
+    // Only process taggable resources
+    if (!isTaggableResource(args.type)) {
+      return undefined
     }
 
-    // Determine if the resource excludes `tags`
-    if (RESOURCES_TO_EXCLUDE_TAGS.has(node.constructor.name)) {
-      node.tags = undefined // Completely remove tags for this resource
-      return
+    // Check if the resource has a tags property
+    if (!args.props || typeof args.props !== 'object') {
+      return undefined
     }
 
-    const currentTags = node.tagsInput || {}
-    node.tags = { ...this.tagsToAdd, ...currentTags }
+    // Merge default tags with resource-specific tags (resource tags take precedence)
+    const currentTags = (args.props as any).tags || {}
+    const mergedTags = { ...defaultTags, ...currentTags }
+
+    // Apply the merged tags
+    const newProps = {
+      ...args.props,
+      tags: mergedTags,
+    }
 
-    // Add ignore_changes overrides for selected tags
-    if (node instanceof TerraformResource && this.tagsToIgnore.length > 0) {
-      const ignoreList = this.tagsToIgnore.map(tag => `tags["${tag}"]`)
-      node.addOverride('lifecycle.ignore_changes', ignoreList)
+    // Handle tag ignores via Pulumi's ignoreChanges option
+    let newOpts = args.opts
+    if (tagsToIgnore.length > 0) {
+      const ignoreChanges = tagsToIgnore.map(tag => `tags.${tag}`)
+      newOpts = {
+        ...args.opts,
+        ignoreChanges: [...(args.opts?.ignoreChanges || []), ...ignoreChanges],
+      }
     }
+
+    return {
+      props: newProps,
+      opts: newOpts,
+    }
+  })
+}
+
+/**
+ * @summary Helper function to apply tags to a specific resource's properties
+ * @param props The resource properties
+ * @param defaultTags The default tags to merge with existing tags
+ * @returns The properties with merged tags
+ * @example
+ * ```typescript
+ * const resourceGroupProps = applyTags(props, { environment: 'dev' })
+ * ```
+ */
+export function applyTags<T extends { tags?: Record<string, string> }>(
+  props: T,
+  defaultTags: Record<string, string>
+): T {
+  return {
+    ...props,
+    tags: {
+      ...defaultTags,
+      ...(props.tags || {}),
+    },
   }
 }

package/src/lib/azure/common/types.ts

@@ -1,11 +1,11 @@
-import { AzurermProviderConfig } from '@cdktf/provider-azurerm/lib/provider/index.js'
-import { AzurermBackendConfig } from 'cdktf'
 import { BaseProps } from '../../common/index.js'
 import { AzureRemoteBackend } from './constants.js'
 
 /**
+ * @interface CommonAzureStackProps
+ * @description Common properties for Azure stack configuration using Pulumi
  */
-export interface CommonAzureStackProps extends BaseProps, AzurermProviderConfig {
+export interface CommonAzureStackProps extends BaseProps {
   resourceGroupName?: string
   remoteBackend?: AzureRemoteBackendProps
   globalPrefix?: string
@@ -15,10 +15,27 @@ export interface CommonAzureStackProps extends BaseProps, AzurermProviderConfig
   resourceNameOptions?: { [key: string]: AzureResourceNameFormatterProps }
   location?: string
   defaultTags?: { [key: string]: string }
+
+  // Azure Provider properties for Pulumi
+  subscriptionId?: string
+  tenantId?: string
+  clientId?: string
+  clientSecret?: string
+  environment?: string
+  useOidc?: boolean
+  oidcRequestToken?: string
+  oidcRequestUrl?: string
+  useMsi?: boolean
+  msiEndpoint?: string
 }
 
-export interface AzureRemoteBackendProps extends AzurermBackendConfig {
+export interface AzureRemoteBackendProps {
   type: AzureRemoteBackend
+  storageAccountName?: string
+  containerName?: string
+  resourceGroupName?: string
+  subscriptionId?: string
+  key?: string
 }
 
 export interface AzureResourceNameFormatterProps {