@iacmp/cli 1.1.0

package/dist/commands/audit-improvements.js

@@ -0,0 +1,373 @@
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/commands/audit-improvements.ts
+var audit_improvements_exports = {};
+__export(audit_improvements_exports, {
+  default: () => AuditImprovements
+});
+module.exports = __toCommonJS(audit_improvements_exports);
+var import_core = require("@oclif/core");
+var import_chalk = __toESM(require("chalk"));
+
+// src/audit.ts
+var fs2 = __toESM(require("fs"));
+var path = __toESM(require("path"));
+
+// src/utils.ts
+var fs = __toESM(require("fs"));
+function readJsonFile(filePath) {
+  let content;
+  try {
+    content = fs.readFileSync(filePath, "utf-8");
+  } catch (e) {
+    throw new Error(`Falha ao ler '${filePath}': ${errMessage(e)}`);
+  }
+  try {
+    return JSON.parse(content);
+  } catch (e) {
+    throw new Error(`JSON inv\xE1lido em '${filePath}': ${errMessage(e)}`);
+  }
+}
+function errMessage(e) {
+  if (e instanceof Error) return e.message;
+  if (typeof e === "string") return e;
+  try {
+    return JSON.stringify(e);
+  } catch {
+    return String(e);
+  }
+}
+
+// src/audit.ts
+function readConfig(cwd) {
+  const configPath = path.join(cwd, "iacmp.json");
+  if (!fs2.existsSync(configPath)) throw new Error("iacmp.json n\xE3o encontrado. Rode: iacmp init");
+  const config = readJsonFile(configPath);
+  return {
+    name: config.name ?? path.basename(cwd),
+    provider: config.provider ?? "aws"
+  };
+}
+function resolveTsNode(projectDir) {
+  const dirs = [];
+  let dir = projectDir;
+  for (let i = 0; i < 5; i++) {
+    dirs.push(dir);
+    const parent = path.dirname(dir);
+    if (parent === dir) break;
+    dir = parent;
+  }
+  for (const d of dirs) {
+    const tsNodePath = path.join(d, "node_modules", "ts-node");
+    if (fs2.existsSync(tsNodePath)) return tsNodePath;
+  }
+  return null;
+}
+function findStackFiles(dir) {
+  const entries = fs2.readdirSync(dir, { withFileTypes: true });
+  const files = [];
+  for (const entry of entries) {
+    const full = path.join(dir, entry.name);
+    if (entry.isDirectory()) {
+      files.push(...findStackFiles(full));
+    } else if (entry.name.endsWith(".ts") || entry.name.endsWith(".js")) {
+      files.push(full);
+    }
+  }
+  return files;
+}
+function loadStacks(cwd) {
+  const stacksDir = path.join(cwd, "stacks");
+  if (!fs2.existsSync(stacksDir)) throw new Error("Diret\xF3rio stacks/ n\xE3o encontrado.");
+  const stackFiles = findStackFiles(stacksDir);
+  if (stackFiles.length === 0) throw new Error("Nenhuma stack encontrada em stacks/");
+  const tsNodePath = resolveTsNode(cwd);
+  if (tsNodePath) {
+    require(tsNodePath).register({
+      transpileOnly: true,
+      skipProject: true,
+      compilerOptions: {
+        target: "ES2022",
+        module: "commonjs",
+        moduleResolution: "node",
+        esModuleInterop: true,
+        strict: false,
+        skipLibCheck: true
+      }
+    });
+  }
+  const result = [];
+  for (const stackPath of stackFiles) {
+    const stackName = path.basename(stackPath).replace(/\.(ts|js)$/, "");
+    try {
+      const mod = require(stackPath);
+      const raw = mod.default ?? mod.stack ?? mod;
+      if (!raw || typeof raw !== "object" || !("constructs" in raw)) {
+        console.warn(`[audit] ${path.basename(stackPath)} n\xE3o exporta uma Stack v\xE1lida \u2014 ignorado.`);
+        continue;
+      }
+      result.push({ name: stackName, stack: raw });
+    } catch (err) {
+      console.warn(`[audit] falha ao carregar ${path.basename(stackPath)}: ${errMessage(err)}`);
+    }
+  }
+  return result;
+}
+function saveReport(cwd, commandName, content) {
+  const auditDir = path.join(cwd, "audit");
+  if (!fs2.existsSync(auditDir)) fs2.mkdirSync(auditDir, { recursive: true });
+  const date = (/* @__PURE__ */ new Date()).toISOString().split("T")[0];
+  const fileName = `${commandName}-${date}.md`;
+  const filePath = path.join(auditDir, fileName);
+  fs2.writeFileSync(filePath, content, "utf-8");
+  return path.join("audit", fileName);
+}
+function today() {
+  return (/* @__PURE__ */ new Date()).toLocaleDateString("pt-BR");
+}
+
+// src/commands/audit-improvements.ts
+function shouldFail(failOn, critical, warnings) {
+  if (failOn === "critical") return critical > 0;
+  if (failOn === "warning") return critical > 0 || warnings > 0;
+  return false;
+}
+function analyzeStack(stackName, stack) {
+  const constructs = stack.constructs;
+  const improvements = [];
+  const ok = [];
+  if (constructs.length === 0) {
+    improvements.push({
+      category: "CONFIGURATION",
+      constructId: stackName,
+      constructType: "Stack",
+      stackName,
+      title: `Stack '${stackName}' \u2014 empty`,
+      impact: "High",
+      current: "The stack has no constructs defined.",
+      suggestion: "Add constructs to the stack to make it functional.",
+      effort: "Varies by use case"
+    });
+    return { improvements, ok };
+  }
+  const instances = constructs.filter((c) => c.type === "Compute.Instance");
+  const buckets = constructs.filter((c) => c.type === "Storage.Bucket");
+  const dbs = constructs.filter((c) => c.type === "Database.SQL");
+  const lambdas = constructs.filter((c) => c.type === "Function.Lambda");
+  const vpcs = constructs.filter((c) => c.type === "Network.VPC");
+  for (const inst of instances) {
+    if (inst.props.instanceType === "small") {
+      improvements.push({
+        category: "PERFORMANCE",
+        constructId: inst.id,
+        constructType: inst.type,
+        stackName,
+        title: `Compute.Instance '${inst.id}' \u2014 small instance type`,
+        impact: "Medium",
+        current: `instanceType 'small' may be insufficient for production workloads.`,
+        suggestion: `Use 'medium' or 'large' for production. Consider adding auto-scaling.`,
+        effort: "Low (change 1 field in the stack)"
+      });
+    } else {
+      ok.push({ id: inst.id, type: inst.type, reason: "adequate instance type" });
+    }
+  }
+  if (instances.length > 1) {
+    improvements.push({
+      category: "ARCHITECTURE",
+      constructId: "stack",
+      constructType: "Stack",
+      stackName,
+      title: "Multiple instances without a load balancer",
+      impact: "High",
+      current: `${instances.length} compute instances detected with no load balancer defined.`,
+      suggestion: "Add a load balancer to distribute traffic and increase resilience. (future feature in iacmp)",
+      effort: "Medium (requires new resource in iacmp)"
+    });
+  }
+  for (const b of buckets) {
+    if (b.props.versioning !== true) {
+      improvements.push({
+        category: "DATA PROTECTION",
+        constructId: b.id,
+        constructType: b.type,
+        stackName,
+        title: `Storage.Bucket '${b.id}' \u2014 versioning disabled`,
+        impact: "Medium",
+        current: "Versioning is disabled. Deleted or overwritten objects are unrecoverable.",
+        suggestion: "Enable `versioning: true` to protect against accidental deletion.",
+        effort: "Low (change 1 field in the stack)"
+      });
+    } else {
+      ok.push({ id: b.id, type: b.type, reason: "versioning enabled" });
+    }
+  }
+  for (const db of dbs) {
+    if (db.props.multiAz !== true) {
+      improvements.push({
+        category: "AVAILABILITY",
+        constructId: db.id,
+        constructType: db.type,
+        stackName,
+        title: `Database.SQL '${db.id}' \u2014 no Multi-AZ or read replica`,
+        impact: "High",
+        current: "Single-AZ database with no read replica.",
+        suggestion: "Set `multiAz: true` and consider adding a read replica for query performance.",
+        effort: "Low (change 1 field; replica requires a new construct)"
+      });
+    } else {
+      ok.push({ id: db.id, type: db.type, reason: "Multi-AZ enabled" });
+    }
+  }
+  for (const vpc of vpcs) {
+    const maxAzs = vpc.props.maxAzs;
+    if (maxAzs === void 0 || maxAzs === null) {
+      improvements.push({
+        category: "ARCHITECTURE",
+        constructId: vpc.id,
+        constructType: vpc.type,
+        stackName,
+        title: `Network.VPC '${vpc.id}' \u2014 maxAzs not defined`,
+        impact: "Medium",
+        current: "maxAzs not defined. The provider may default to 1 AZ.",
+        suggestion: "Set `maxAzs: 3` for production with high availability.",
+        effort: "Low (change 1 field in the stack)"
+      });
+    } else {
+      ok.push({ id: vpc.id, type: vpc.type, reason: `${maxAzs} AZs configured` });
+    }
+  }
+  if (lambdas.length === 0 && instances.length > 0) {
+    improvements.push({
+      category: "ARCHITECTURE",
+      constructId: "stack",
+      constructType: "Stack",
+      stackName,
+      title: "No serverless functions detected",
+      impact: "Low",
+      current: `Stack has ${instances.length} compute instance(s) but no Function.Lambda.`,
+      suggestion: "For event-driven tasks, scheduled jobs, or webhooks, consider Function.Lambda instead of always-on instances.",
+      effort: "Medium (requires partial logic refactoring)"
+    });
+  }
+  for (const fn of lambdas) {
+    ok.push({ id: fn.id, type: fn.type, reason: "serverless \u2014 cost-efficient by nature" });
+  }
+  return { improvements, ok };
+}
+var AuditImprovements = class _AuditImprovements extends import_core.Command {
+  static description = "Suggest architecture and performance improvements for stacks";
+  static examples = [
+    "$ iacmp audit-improvements",
+    "$ iacmp audit-improvements --fail-on=critical"
+  ];
+  static flags = {
+    "fail-on": import_core.Flags.string({
+      description: "Sai com exit 1 quando h\xE1 melhorias no n\xEDvel indicado (critical = High impact, warning = qualquer)",
+      options: ["critical", "warning", "none"],
+      default: "none"
+    })
+  };
+  async run() {
+    const { flags } = await this.parse(_AuditImprovements);
+    const failOn = flags["fail-on"];
+    const cwd = process.cwd();
+    let config;
+    try {
+      config = readConfig(cwd);
+    } catch (err) {
+      this.error(err.message);
+    }
+    let stacks;
+    try {
+      stacks = loadStacks(cwd);
+    } catch (err) {
+      this.error(err.message);
+    }
+    const allImprovements = [];
+    const allOk = [];
+    for (const { name, stack } of stacks) {
+      const { improvements, ok } = analyzeStack(name, stack);
+      allImprovements.push(...improvements);
+      for (const o of ok) allOk.push({ ...o, stackName: name });
+    }
+    this.log(import_chalk.default.bold("\nImprovements Audit"));
+    this.log("\u2500".repeat(40));
+    this.log(`Improvements found: ${allImprovements.length > 0 ? import_chalk.default.yellow(allImprovements.length) : import_chalk.default.green(0)}`);
+    this.log("");
+    for (const m of allImprovements) {
+      const impactColor = m.impact === "High" ? import_chalk.default.red : m.impact === "Medium" ? import_chalk.default.yellow : import_chalk.default.cyan;
+      this.log(`${import_chalk.default.yellow("\u26A0")} [${m.category}] ${m.title} \u2014 Impact: ${impactColor(m.impact)}`);
+    }
+    for (const o of allOk) {
+      this.log(`${import_chalk.default.green("\u2713")} ${o.type} '${o.id}' \u2014 ${o.reason}`);
+    }
+    let md = `# Improvements Audit Report \u2014 ${config.name}
+`;
+    md += `Date: ${today()}
+
+`;
+    md += `## Improvements found: ${allImprovements.length}
+
+`;
+    for (const m of allImprovements) {
+      md += `### [${m.category}] ${m.title}
+`;
+      md += `Impact: ${m.impact}
+`;
+      md += `Stack: ${m.stackName}
+`;
+      md += `Current situation: ${m.current}
+`;
+      md += `Suggestion: ${m.suggestion}
+`;
+      md += `Estimated effort: ${m.effort}
+
+`;
+    }
+    if (allOk.length > 0) {
+      md += `## No suggestions
+`;
+      for (const o of allOk) {
+        md += `- ${o.type} '${o.id}' \u2014 ${o.reason}
+`;
+      }
+      md += "\n";
+    }
+    const relPath = saveReport(cwd, "improvements", md);
+    this.log(`
+Report saved to ${relPath}`);
+    const highImpact = allImprovements.filter((m) => m.impact === "High").length;
+    const otherImpact = allImprovements.length - highImpact;
+    if (shouldFail(failOn, highImpact, otherImpact)) {
+      this.exit(1);
+    }
+  }
+};