@gradientedge/cdk-utils 9.89.0 → 10.1.0

package/src/lib/cloudflare/common/stack.ts

@@ -1,13 +1,11 @@
-import fs from 'fs'
-import { CommonCloudflareConstruct } from './construct.js'
-import { CommonCloudflareStackProps } from './types.js'
-
+import { ComponentResource, ComponentResourceOptions, Config } from '@pulumi/pulumi'
 import appRoot from 'app-root-path'
-import { TerraformStack } from 'cdktf'
-import { Construct } from 'constructs'
+import fs from 'fs'
 import _ from 'lodash'
 import path from 'path'
 import { isDevStage } from '../../common/index.js'
+import { CommonCloudflareConstruct } from './construct.js'
+import { CommonCloudflareStackProps } from './types.js'
 
 /**
  * @classdesc Common stack to use as a base for all higher level constructs.
@@ -21,57 +19,62 @@ import { isDevStage } from '../../common/index.js'
  *   }
  * }
  */
-export class CommonCloudflareStack extends TerraformStack {
+export class CommonCloudflareStack extends ComponentResource {
   construct: CommonCloudflareConstruct
   props: CommonCloudflareStackProps
+  config: Config
 
-  constructor(parent: Construct, name: string, props: CommonCloudflareStackProps) {
-    super(parent, name)
-
-    /* determine extra cdk contexts */
-    this.determineExtraContexts()
-
-    /* determine extra cdk stage contexts */
-    this.determineStageContexts()
+  constructor(name: string, props: CommonCloudflareStackProps, options?: ComponentResourceOptions) {
+    super(`custom:cloudflare:Stack:${name}`, name, props, options)
 
+    /* initialise config */
+    this.config = new Config()
     this.props = this.determineConstructProps(props)
   }
 
   /**
-   * @summary Method to determine the core CDK construct properties injected via context cdktf.json
+   * @summary Method to determine the core CDK construct properties injected via context
    * @param props The stack properties
    * @returns The stack properties
    */
   protected determineConstructProps(props: CommonCloudflareStackProps) {
-    const stage = this.node.tryGetContext('stage')
+    let projectProps: CommonCloudflareStackProps = props
+    if (!projectProps) {
+      const projectPropsPath = path.join(appRoot.path, 'pulumi.json')
+      if (!fs.existsSync(projectPropsPath)) throw `Context properties unavailable in path:${projectPropsPath}`
+
+      const projectPropsBuffer = fs.readFileSync(projectPropsPath)
+      projectProps = JSON.parse(projectPropsBuffer.toString('utf-8'))
+    }
+
     return {
-      accountId: this.node.tryGetContext('accountId'),
-      apiToken: this.node.tryGetContext('apiToken'),
-      domainName: this.node.tryGetContext('domainName'),
-      extraContexts: this.node.tryGetContext('extraContexts'),
-      features: this.node.tryGetContext('features'),
-      name: this.node.tryGetContext('resourceGroupName'),
-      skipStageForARecords: this.node.tryGetContext('skipStageForARecords'),
-      stage: stage,
-      subDomain: this.node.tryGetContext('subDomain'),
+      accountId: projectProps.accountId,
+      apiToken: projectProps.apiToken,
+      domainName: projectProps.domainName,
+      extraContexts: projectProps.extraContexts,
+      name: projectProps.resourceGroupName ?? projectProps.name,
+      skipStageForARecords: projectProps.skipStageForARecords,
+      stage: projectProps.stage,
+      stageContextPath: projectProps.stageContextPath,
+      subDomain: projectProps.subDomain,
+      ...this.determineExtraContexts(props),
+      ...this.determineStageContexts(props),
     }
   }
 
   /**
-   * @summary Method to determine extra cdk contexts apart from the main cdktf.json
+   * @summary Method to determine extra cdk contexts apart from the main context
    * - Sets the properties from the extra contexts into cdk node context
    * - Primary use is to have layered config in separate files to enable easier maintenance and readability
    */
-  protected determineExtraContexts() {
-    const extraContexts = this.node.tryGetContext('extraContexts')
-    const debug = this.node.tryGetContext('debug')
-
-    if (!extraContexts) {
-      if (debug) console.debug(`No additional contexts provided. Using default context properties from cdktf.json`)
-      return
+  protected determineExtraContexts(props: CommonCloudflareStackProps) {
+    if (!props.extraContexts) {
+      if (props.debug) console.debug(`No additional contexts provided. Using default context properties`)
+      return {}
     }
 
-    _.forEach(extraContexts, (context: string) => {
+    let extraContextProps: Record<string, any> = {}
+    _.forEach(props.extraContexts, (context: string) => {
       const extraContextPath = path.join(appRoot.path, context)
 
       /* scenario where extra context is configured in cdk.json but absent in file system */
@@ -79,65 +82,51 @@ export class CommonCloudflareStack extends TerraformStack {
 
       /* read the extra properties */
       const extraContextPropsBuffer = fs.readFileSync(extraContextPath)
-      if (debug) console.debug(`Adding additional contexts provided in ${extraContextPath}`)
+      if (props.debug) console.debug(`Adding additional contexts provided in ${extraContextPath}`)
 
       /* parse as JSON properties */
-      const extraContextProps = JSON.parse(extraContextPropsBuffer.toString('utf-8'))
-
-      /* set each of the property into the cdk node context */
-      _.keys(extraContextProps).forEach((propKey: any) => {
-        this.node.setContext(propKey, extraContextProps[propKey])
-      })
+      extraContextProps = {
+        ...extraContextProps,
+        ...JSON.parse(extraContextPropsBuffer.toString('utf-8')),
+      }
     })
+    return extraContextProps
   }
 
   /**
-   * @summary Method to determine extra cdk stage contexts apart from the main cdktf.json
+   * @summary Method to determine extra cdk stage contexts apart from the main context
    * - Sets the properties from the extra stage contexts into cdk node context
    * - Primary use is to have layered config for each environment which is injected into the context
    */
-  protected determineStageContexts() {
-    const stage = process.env.STAGE ?? this.node.tryGetContext('stage')
-    const stageContextPath = this.node.tryGetContext('stageContextPath') || 'cdkEnv'
-    const stageContextFilePath = path.join(appRoot.path, stageContextPath, `${stage}.json`)
-    const debug = this.node.tryGetContext('debug')
-
-    if (isDevStage(stage)) {
-      if (debug) console.debug(`Development stage. Using default stage context properties`)
+  protected determineStageContexts(props: CommonCloudflareStackProps) {
+    const stageContextFilePath = path.join(appRoot.path, props.stageContextPath ?? 'cdkEnv', `${props.stage}.json`)
+
+    if (isDevStage(props.stage)) {
+      if (props.debug) console.debug(`Development stage. Using default stage context properties`)
     }
 
     /* alert default context usage when extra stage config is missing */
     if (!fs.existsSync(stageContextFilePath)) {
-      if (debug) console.debug(`Stage specific context properties unavailable in path:${stageContextFilePath}`)
-      if (debug) console.debug(`Using default stage context properties for ${stage} stage`)
-      return
+      if (props.debug) console.debug(`Stage specific context properties unavailable in path:${stageContextFilePath}`)
+      if (props.debug) console.debug(`Using default stage context properties for ${props.stage} stage`)
+      return {}
     }
 
     /* read the extra properties */
     const stageContextPropsBuffer = fs.readFileSync(stageContextFilePath)
-    if (debug) console.debug(`Adding additional stage contexts provided in ${stageContextFilePath}`)
+    if (props.debug) console.debug(`Adding additional stage contexts provided in ${stageContextFilePath}`)
 
     /* parse as JSON properties */
-    const stageContextProps = JSON.parse(stageContextPropsBuffer.toString('utf-8'))
-
-    /* set each of the property into the cdk node context */
-    _.keys(stageContextProps).forEach((propKey: any) => {
-      /* handle object, array properties */
-      if (typeof stageContextProps[propKey] === 'object' && !Array.isArray(stageContextProps[propKey])) {
-        this.node.setContext(propKey, _.merge(this.node.tryGetContext(propKey), stageContextProps[propKey]))
-      } else {
-        /* handle all other primitive properties */
-        this.node.setContext(propKey, stageContextProps[propKey])
-      }
-    })
+    return JSON.parse(stageContextPropsBuffer.toString('utf-8'))
   }
 
   /**
    * @summary Determine the fully qualified domain name based on domainName & subDomain
    */
   protected fullyQualifiedDomain() {
-    const domainName = this.node.tryGetContext('domainName')
-    const subDomain = this.node.tryGetContext('subDomain')
+    const domainName = this.props.domainName
+    const subDomain = this.props.subDomain
+
     return subDomain ? `${subDomain}.${domainName}` : domainName
   }
 }

package/src/lib/cloudflare/common/types.ts

@@ -1,23 +1,10 @@
-import { CloudflareProviderConfig } from '@cdktf/provider-cloudflare/lib/provider/index.js'
 import { BaseProps } from '../../common/index.js'
-import { RemoteBackend } from './constants.js'
-
-export interface RemoteBackendProps {
-  bucketName: string
-  region: string
-  tableName: string
-  type: RemoteBackend
-  storageAccountName: string
-  containerName: string
-  subscriptionId: string
-  resourceGroupName: string
-}
 
 /**
  */
-export interface CommonCloudflareStackProps extends BaseProps, CloudflareProviderConfig {
+export interface CommonCloudflareStackProps extends BaseProps {
   accountId: string
   apiToken: string
-  remoteBackend?: RemoteBackendProps
+  resourceGroupName?: string
   useExistingZone?: boolean
 }

package/src/lib/cloudflare/construct/pages-static-site/main.ts

@@ -1,18 +1,12 @@
-import { DataAwsSecretsmanagerSecretVersion } from '@cdktf/provider-aws/lib/data-aws-secretsmanager-secret-version/index.js'
-import { DataAwsSecretsmanagerSecret } from '@cdktf/provider-aws/lib/data-aws-secretsmanager-secret/index.js'
-import { DataAzurermKeyVaultSecret } from '@cdktf/provider-azurerm/lib/data-azurerm-key-vault-secret/index.js'
-import { DataAzurermKeyVault } from '@cdktf/provider-azurerm/lib/data-azurerm-key-vault/index.js'
-import { DataCloudflareZone } from '@cdktf/provider-cloudflare/lib/data-cloudflare-zone/index.js'
-import { DnsRecord } from '@cdktf/provider-cloudflare/lib/dns-record/index.js'
-import { PagesDomain } from '@cdktf/provider-cloudflare/lib/pages-domain/index.js'
+import * as aws from '@pulumi/aws'
+import * as azure from '@pulumi/azure-native'
+import { DnsRecord, PagesDomain, PagesProject, Zone } from '@pulumi/cloudflare'
 import {
-  PagesProject,
   PagesProjectDeploymentConfigsPreviewEnvVars,
   PagesProjectDeploymentConfigsProductionEnvVars,
-} from '@cdktf/provider-cloudflare/lib/pages-project/index.js'
-import { Zone } from '@cdktf/provider-cloudflare/lib/zone/index.js'
-import { Fn } from 'cdktf'
-import { Construct } from 'constructs'
+} from '@pulumi/cloudflare/types/input.js'
+import { ComponentResourceOptions } from '@pulumi/pulumi'
+import * as std from '@pulumi/std'
 import { CommonCloudflareConstruct } from '../../common/index.js'
 import { CloudflarePagesStaticSiteProps } from './types.js'
 
@@ -38,16 +32,17 @@ export class CloudflarePagesStaticSite extends CommonCloudflareConstruct {
   sitePagesCnameRecord: DnsRecord
   sitePagesDomain: PagesDomain
   sitePagesProject: PagesProject
-  siteZone: DataCloudflareZone | Zone
+  siteZone: Zone
   sitePagesEnvironmentVariables: { [key: string]: PagesProjectDeploymentConfigsProductionEnvVars }
   sitePagesPreviewEnvironmentVariables: { [key: string]: PagesProjectDeploymentConfigsPreviewEnvVars }
   sitePagesSecrets: { [key: string]: PagesProjectDeploymentConfigsProductionEnvVars }
   sitePagesPreviewSecrets: { [key: string]: PagesProjectDeploymentConfigsPreviewEnvVars }
   siteDeploymentDependsOn: any
 
-  constructor(parent: Construct, id: string, props: CloudflarePagesStaticSiteProps) {
-    super(parent, id, props)
+  constructor(id: string, props: CloudflarePagesStaticSiteProps, options?: ComponentResourceOptions) {
+    super(id, props)
     this.props = props
+    this.options = options
     this.id = id
   }
 
@@ -116,14 +111,11 @@ export class CloudflarePagesStaticSite extends CommonCloudflareConstruct {
    * @returns the secret value
    */
   protected resolveSecretFromAWS(secretName: string, secretKey: string) {
-    if (!this.awsProvider) return
-    const secret = new DataAwsSecretsmanagerSecret(this, `${this.id}-${secretName}-${secretKey}`, { name: secretName })
-    const secretVersion = new DataAwsSecretsmanagerSecretVersion(this, `${this.id}-${secretName}-${secretKey}-ver`, {
-      provider: this.awsProvider,
-      secretId: secret.id,
-    })
+    if (this.config.require('secretsProvider') !== 'aws') return
+    const secret = aws.secretsmanager.getSecretOutput({ name: secretName })
+    const secretVersion = aws.secretsmanager.getSecretVersionOutput({ secretId: secret.id })
     if (!secretVersion) throw new Error(`Unable to resolve secret:${secretName}`)
-    return Fn.lookup(Fn.jsondecode(secretVersion.secretString), secretKey)
+    return std.jsondecodeOutput({ input: secretVersion.secretString })
   }
 
   /**
@@ -135,26 +127,14 @@ export class CloudflarePagesStaticSite extends CommonCloudflareConstruct {
    * @returns the secret value
    */
   protected resolveSecretFromAzure(resourceGroupName: string, keyVaultName: string, secretKey: string) {
-    const keyVaultData = new DataAzurermKeyVault(
-      this,
-      `${this.id}-${resourceGroupName}-${keyVaultName}-${secretKey}-vault`,
-      {
-        resourceGroupName: resourceGroupName,
-        name: keyVaultName,
-        provider: this.azurermProvider,
-      }
-    )
-    const secretValueData = new DataAzurermKeyVaultSecret(
-      this,
-      `${this.id}-${resourceGroupName}-${keyVaultName}-${secretKey}-secret`,
-      {
-        name: secretKey,
-        keyVaultId: keyVaultData.id,
-        provider: this.azurermProvider,
-      }
-    )
+    if (this.config.require('secretsProvider') !== 'azure') return
+    const secretValueData = azure.keyvault.getSecretOutput({
+      resourceGroupName,
+      secretName: secretKey,
+      vaultName: keyVaultName,
+    })
     if (!secretValueData) throw new Error(`Unable to resolve secret:${secretKey}`)
-    return secretValueData.value
+    return secretValueData.properties?.value
   }
 
   /**
@@ -201,7 +181,7 @@ export class CloudflarePagesStaticSite extends CommonCloudflareConstruct {
       branch: this.props.siteBranch ?? 'main',
       directory: this.props.siteAssetDir,
       message: this.props.siteDeployMessage,
-      projectName: this.sitePagesProject.name,
+      projectName: String(this.sitePagesProject.name),
       dependsOn: this.siteDeploymentDependsOn,
     })
   }

package/src/lib/cloudflare/construct/worker-site/main.ts

@@ -1,12 +1,10 @@
-import { DataAwsSecretsmanagerSecretVersion } from '@cdktf/provider-aws/lib/data-aws-secretsmanager-secret-version/index.js'
-import { DataAwsSecretsmanagerSecret } from '@cdktf/provider-aws/lib/data-aws-secretsmanager-secret/index.js'
-import { DataAzurermKeyVaultSecret } from '@cdktf/provider-azurerm/lib/data-azurerm-key-vault-secret/index.js'
-import { DataAzurermKeyVault } from '@cdktf/provider-azurerm/lib/data-azurerm-key-vault/index.js'
-import { DataCloudflareZone } from '@cdktf/provider-cloudflare/lib/data-cloudflare-zone/index.js'
-import { WorkersScript, WorkersScriptBindings } from '@cdktf/provider-cloudflare/lib/workers-script/index.js'
-import { Zone } from '@cdktf/provider-cloudflare/lib/zone/index.js'
-import { AssetType, Fn, TerraformAsset } from 'cdktf'
-import { Construct } from 'constructs'
+import * as aws from '@pulumi/aws'
+import * as azure from '@pulumi/azure-native'
+import { Ruleset, WorkersCustomDomain, WorkersScript, Zone, ZoneSetting } from '@pulumi/cloudflare'
+import { WorkersScriptBinding } from '@pulumi/cloudflare/types/input.js'
+import { ComponentResourceOptions } from '@pulumi/pulumi'
+import * as std from '@pulumi/std'
+import fs from 'fs'
 import { CommonCloudflareConstruct } from '../../common/index.js'
 import { CloudflareWorkerSiteProps } from './types.js'
 
@@ -29,14 +27,18 @@ export class CloudflareWorkerSite extends CommonCloudflareConstruct {
   declare props: CloudflareWorkerSiteProps
 
   /* worker site resources */
-  siteZone: DataCloudflareZone | Zone
+  siteZone: Zone
   siteWorkerScript: WorkersScript
-  workerPlainTextBindingEnvironmentVariables: WorkersScriptBindings[] = []
-  workerSecretTextBindingEnvironmentVariables: WorkersScriptBindings[] = []
+  siteWorkerDomain: WorkersCustomDomain
+  siteRuleSet: Ruleset
+  siteZoneSetting: ZoneSetting
+  workerPlainTextBindingEnvironmentVariables: WorkersScriptBinding[] = []
+  workerSecretTextBindingEnvironmentVariables: WorkersScriptBinding[] = []
 
-  constructor(parent: Construct, id: string, props: CloudflareWorkerSiteProps) {
-    super(parent, id, props)
+  constructor(id: string, props: CloudflareWorkerSiteProps, options?: ComponentResourceOptions) {
+    super(id, props)
     this.props = props
+    this.options = options
     this.id = id
   }
 
@@ -79,14 +81,10 @@ export class CloudflareWorkerSite extends CommonCloudflareConstruct {
    * @summary Create the worker
    */
   protected createWorker() {
-    const workerContent = new TerraformAsset(this, `${this.id}-worker-content`, {
-      path: this.props.siteWorkerAsset,
-      type: AssetType.FILE,
-    })
-
+    const workerContent = fs.readFileSync(this.props.siteWorkerAsset, 'utf-8')
     this.siteWorkerScript = this.workerManager.createWorkerScript(`${this.id}-worker-script`, this, {
       ...this.props.siteWorkerScript,
-      content: Fn.file(workerContent.path),
+      content: workerContent,
     })
   }
 
@@ -94,7 +92,7 @@ export class CloudflareWorkerSite extends CommonCloudflareConstruct {
    * @summary Create the worker domain
    */
   protected createWorkerDomain() {
-    this.workerManager.createWorkerDomain(`${this.id}-worker-domain`, this, {
+    this.siteWorkerDomain = this.workerManager.createWorkerDomain(`${this.id}-worker-domain`, this, {
       ...this.props.siteWorkerDomain,
       environment: this.props.siteWorkerDomain.environment ?? 'production',
       hostname: `${this.props.siteSubDomain}.${this.props.domainName}`,
@@ -108,23 +106,12 @@ export class CloudflareWorkerSite extends CommonCloudflareConstruct {
    * @param secretKey the secret key
    * @returns the secret value
    */
-  protected resolveSecretFromAWS(secretName: string, secretKey: string, id?: string) {
-    if (!this.awsProvider) {
-      throw new Error(`Unable to resolve secret:${secretKey}. AWS provider not found`)
-    }
-    const secret = new DataAwsSecretsmanagerSecret(this, id ?? `${this.id}-${secretName}-${secretKey}`, {
-      name: secretName,
-    })
-    const secretVersion = new DataAwsSecretsmanagerSecretVersion(
-      this,
-      id ? `${id}-ver` : `${this.id}-${secretName}-${secretKey}-ver`,
-      {
-        provider: this.awsProvider,
-        secretId: secret.id,
-      }
-    )
+  protected resolveSecretFromAWS(secretName: string, secretKey: string) {
+    if (this.config.require('secretsProvider') !== 'aws') return
+    const secret = aws.secretsmanager.getSecretOutput({ name: secretName })
+    const secretVersion = aws.secretsmanager.getSecretVersionOutput({ secretId: secret.id })
     if (!secretVersion) throw new Error(`Unable to resolve secret:${secretName}`)
-    return Fn.lookup(Fn.jsondecode(secretVersion.secretString), secretKey)
+    return std.jsondecodeOutput({ input: secretVersion.secretString })
   }
 
   /**
@@ -135,30 +122,15 @@ export class CloudflareWorkerSite extends CommonCloudflareConstruct {
    * @param secretKey the secret key
    * @returns the secret value
    */
-  protected resolveSecretFromAzure(resourceGroupName: string, keyVaultName: string, secretKey: string, id?: string) {
-    if (!this.azurermProvider) {
-      throw new Error(`Unable to resolve secret:${secretKey}. Azurerm provider not found`)
-    }
-    const keyVaultData = new DataAzurermKeyVault(
-      this,
-      id ? `${id}-vault` : `${this.id}-${resourceGroupName}-${keyVaultName}-${secretKey}-vault`,
-      {
-        resourceGroupName: resourceGroupName,
-        name: keyVaultName,
-        provider: this.azurermProvider,
-      }
-    )
-    const secretValueData = new DataAzurermKeyVaultSecret(
-      this,
-      id ? `${id}-secret` : `${this.id}-${resourceGroupName}-${keyVaultName}-${secretKey}-secret`,
-      {
-        name: secretKey,
-        keyVaultId: keyVaultData.id,
-        provider: this.azurermProvider,
-      }
-    )
+  protected resolveSecretFromAzure(resourceGroupName: string, keyVaultName: string, secretKey: string) {
+    if (this.config.require('secretsProvider') !== 'azure') return
+    const secretValueData = azure.keyvault.getSecretOutput({
+      resourceGroupName,
+      secretName: secretKey,
+      vaultName: keyVaultName,
+    })
     if (!secretValueData) throw new Error(`Unable to resolve secret:${secretKey}`)
-    return secretValueData.value
+    return secretValueData.properties?.value
   }
 
   /**
@@ -166,7 +138,7 @@ export class CloudflareWorkerSite extends CommonCloudflareConstruct {
    */
   protected createRuleset() {
     if (!this.props.siteRuleSet) return
-    this.ruleSetManager.createRuleSet(`${this.id}-rule`, this, this.props.siteRuleSet)
+    this.siteRuleSet = this.ruleSetManager.createRuleSet(`${this.id}-rule`, this, this.props.siteRuleSet)
   }
 
   /**
@@ -174,6 +146,10 @@ export class CloudflareWorkerSite extends CommonCloudflareConstruct {
    */
   protected createZoneSetting() {
     if (!this.props.siteZoneSetting) return
-    this.zoneManager.createZoneSetting(`${this.id}-zone-setting`, this, this.props.siteZoneSetting)
+    this.siteZoneSetting = this.zoneManager.createZoneSetting(
+      `${this.id}-zone-setting`,
+      this,
+      this.props.siteZoneSetting
+    )
   }
 }

package/src/lib/cloudflare/index.ts

@@ -2,4 +2,3 @@ export * from './common/index.js'
 export * from './construct/index.js'
 export * from './services/index.js'
 export * from './types/index.js'
-export * from './utils/index.js'