npm - @infoxchange/make-it-so-sst-v2 - Versions diffs - 1.0.0-internal-testing-disambiguate-release-id-bc6e5bb.1 - Mend

@infoxchange/make-it-so-sst-v2 1.0.0-internal-testing-disambiguate-release-id-bc6e5bb.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (99) hide show

package/.editorconfig +16 -0
package/LICENSE +21 -0
package/README.md +377 -0
package/commitlint.config.ts +14 -0
package/dist/cdk-constructs/IxApi.d.ts +12 -0
package/dist/cdk-constructs/IxApi.d.ts.map +1 -0
package/dist/cdk-constructs/IxApi.js +56 -0
package/dist/cdk-constructs/IxBucket.d.ts +9 -0
package/dist/cdk-constructs/IxBucket.d.ts.map +1 -0
package/dist/cdk-constructs/IxBucket.js +22 -0
package/dist/cdk-constructs/IxCertificate.d.ts +16 -0
package/dist/cdk-constructs/IxCertificate.d.ts.map +1 -0
package/dist/cdk-constructs/IxCertificate.js +26 -0
package/dist/cdk-constructs/IxDnsRecord.d.ts +23 -0
package/dist/cdk-constructs/IxDnsRecord.d.ts.map +1 -0
package/dist/cdk-constructs/IxDnsRecord.js +43 -0
package/dist/cdk-constructs/IxElasticache.d.ts +17 -0
package/dist/cdk-constructs/IxElasticache.d.ts.map +1 -0
package/dist/cdk-constructs/IxElasticache.js +70 -0
package/dist/cdk-constructs/IxNextjsSite.d.ts +16 -0
package/dist/cdk-constructs/IxNextjsSite.d.ts.map +1 -0
package/dist/cdk-constructs/IxNextjsSite.js +38 -0
package/dist/cdk-constructs/IxQuicksightWorkspace.d.ts +17 -0
package/dist/cdk-constructs/IxQuicksightWorkspace.d.ts.map +1 -0
package/dist/cdk-constructs/IxQuicksightWorkspace.js +29 -0
package/dist/cdk-constructs/IxSESIdentity.d.ts +12 -0
package/dist/cdk-constructs/IxSESIdentity.d.ts.map +1 -0
package/dist/cdk-constructs/IxSESIdentity.js +45 -0
package/dist/cdk-constructs/IxStaticSite.d.ts +17 -0
package/dist/cdk-constructs/IxStaticSite.d.ts.map +1 -0
package/dist/cdk-constructs/IxStaticSite.js +38 -0
package/dist/cdk-constructs/IxVpcDetails.d.ts +12 -0
package/dist/cdk-constructs/IxVpcDetails.d.ts.map +1 -0
package/dist/cdk-constructs/IxVpcDetails.js +26 -0
package/dist/cdk-constructs/IxWebsiteRedirect.d.ts +35 -0
package/dist/cdk-constructs/IxWebsiteRedirect.d.ts.map +1 -0
package/dist/cdk-constructs/IxWebsiteRedirect.js +72 -0
package/dist/cdk-constructs/SiteOidcAuth/auth-check-handler-body.d.ts +2 -0
package/dist/cdk-constructs/SiteOidcAuth/auth-check-handler-body.d.ts.map +1 -0
package/dist/cdk-constructs/SiteOidcAuth/auth-check-handler-body.js +130 -0
package/dist/cdk-constructs/SiteOidcAuth/auth-route.d.ts +2 -0
package/dist/cdk-constructs/SiteOidcAuth/auth-route.d.ts.map +1 -0
package/dist/cdk-constructs/SiteOidcAuth/auth-route.js +59 -0
package/dist/cdk-constructs/SiteOidcAuth/index.d.ts +197 -0
package/dist/cdk-constructs/SiteOidcAuth/index.d.ts.map +1 -0
package/dist/cdk-constructs/SiteOidcAuth/index.js +188 -0
package/dist/cdk-constructs/index.d.ts +11 -0
package/dist/cdk-constructs/index.d.ts.map +1 -0
package/dist/cdk-constructs/index.js +10 -0
package/dist/deployConfig.d.ts +72 -0
package/dist/deployConfig.d.ts.map +1 -0
package/dist/deployConfig.js +78 -0
package/dist/lib/auth/index.d.ts +2 -0
package/dist/lib/auth/index.d.ts.map +1 -0
package/dist/lib/auth/index.js +1 -0
package/dist/lib/auth/oidc.d.ts +26 -0
package/dist/lib/auth/oidc.d.ts.map +1 -0
package/dist/lib/auth/oidc.js +48 -0
package/dist/lib/proxy/fetch.d.ts +4 -0
package/dist/lib/proxy/fetch.d.ts.map +1 -0
package/dist/lib/proxy/fetch.js +31 -0
package/dist/lib/proxy/index.d.ts +2 -0
package/dist/lib/proxy/index.d.ts.map +1 -0
package/dist/lib/proxy/index.js +1 -0
package/dist/lib/site/support.d.ts +71 -0
package/dist/lib/site/support.d.ts.map +1 -0
package/dist/lib/site/support.js +262 -0
package/dist/lib/utils/hash.d.ts +2 -0
package/dist/lib/utils/hash.d.ts.map +1 -0
package/dist/lib/utils/hash.js +13 -0
package/dist/lib/utils/objects.d.ts +4 -0
package/dist/lib/utils/objects.d.ts.map +1 -0
package/dist/lib/utils/objects.js +7 -0
package/eslint.config.js +11 -0
package/package.json +66 -0
package/src/cdk-constructs/IxApi.ts +81 -0
package/src/cdk-constructs/IxBucket.ts +35 -0
package/src/cdk-constructs/IxCertificate.ts +54 -0
package/src/cdk-constructs/IxDnsRecord.ts +79 -0
package/src/cdk-constructs/IxElasticache.ts +106 -0
package/src/cdk-constructs/IxNextjsSite.ts +72 -0
package/src/cdk-constructs/IxQuicksightWorkspace.ts +54 -0
package/src/cdk-constructs/IxSESIdentity.ts +70 -0
package/src/cdk-constructs/IxStaticSite.ts +69 -0
package/src/cdk-constructs/IxVpcDetails.ts +38 -0
package/src/cdk-constructs/IxWebsiteRedirect.ts +133 -0
package/src/cdk-constructs/SiteOidcAuth/auth-check-handler-body.ts +168 -0
package/src/cdk-constructs/SiteOidcAuth/auth-route.ts +71 -0
package/src/cdk-constructs/SiteOidcAuth/index.ts +299 -0
package/src/cdk-constructs/index.ts +10 -0
package/src/deployConfig.ts +87 -0
package/src/lib/auth/index.ts +1 -0
package/src/lib/auth/oidc.ts +73 -0
package/src/lib/proxy/fetch.ts +41 -0
package/src/lib/proxy/index.ts +1 -0
package/src/lib/site/support.ts +439 -0
package/src/lib/utils/hash.ts +14 -0
package/src/lib/utils/objects.ts +19 -0
package/tsconfig.json +9 -0

package/dist/cdk-constructs/IxDnsRecord.js ADDED Viewed

@@ -0,0 +1,43 @@
+import { Construct } from "constructs";
+import { StringParameter } from "aws-cdk-lib/aws-ssm";
+import { CustomResource } from "aws-cdk-lib";
+import { remapKeys } from "../lib/utils/objects.js";
+export class IxDnsRecord extends Construct {
+    constructor(scope, id, props) {
+        super(scope, id);
+        this.createDnsRecord(scope, id, props);
+    }
+    createDnsRecord(scope, id, constructProps) {
+        const dnsRecordUpdaterLambdaArn = StringParameter.valueForStringParameter(scope, "/shared-services/route53/lambdaArn");
+        const keysMap = {
+            name: "RecordFQDN",
+            value: "RecordValue",
+            ttl: "RecordTTL",
+            hostedZoneId: "HostedZoneId",
+            type: "RecordType",
+            aliasZoneId: "AliasZoneId",
+        };
+        let lambdaProps;
+        if (constructProps.type === "TXT") {
+            lambdaProps = remapKeys({
+                ...constructProps,
+                value: `"${constructProps.value}"`,
+            }, keysMap);
+        }
+        else if (constructProps.type === "MX") {
+            const { priority, ...rest } = constructProps;
+            lambdaProps = remapKeys({
+                ...rest,
+                value: `${priority} ${rest.value}`,
+            }, keysMap);
+        }
+        else {
+            lambdaProps = remapKeys(constructProps, keysMap);
+        }
+        new CustomResource(scope, id + "-CertificateCustomResource", {
+            resourceType: "Custom::DNSRecordUpdaterLambda",
+            serviceToken: dnsRecordUpdaterLambdaArn,
+            properties: lambdaProps,
+        });
+    }
+}

package/dist/cdk-constructs/IxElasticache.d.ts ADDED Viewed

@@ -0,0 +1,17 @@
+import { Construct } from "constructs";
+import { CfnCacheCluster } from "aws-cdk-lib/aws-elasticache";
+import { IVpc } from "aws-cdk-lib/aws-ec2";
+type ConstructScope = ConstructorParameters<typeof Construct>[0];
+type ConstructId = ConstructorParameters<typeof Construct>[1];
+type CacheClusterProps = ConstructorParameters<typeof CfnCacheCluster>[2];
+type Props = CacheClusterProps & {
+    vpc?: IVpc;
+    vpcSubnetIds?: string[];
+};
+export declare class IxElasticache extends Construct {
+    cluster: CfnCacheCluster;
+    connectionString: string;
+    constructor(scope: ConstructScope, id: ConstructId, { vpc, vpcSubnetIds, ...elasticacheProps }: Props);
+}
+export {};
+//# sourceMappingURL=IxElasticache.d.ts.map

package/dist/cdk-constructs/IxElasticache.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"IxElasticache.d.ts","sourceRoot":"","sources":["../../src/cdk-constructs/IxElasticache.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AACvC,OAAO,EAAE,eAAe,EAAkB,MAAM,6BAA6B,CAAC;AAC9E,OAAO,EAAE,IAAI,EAA6B,MAAM,qBAAqB,CAAC;AAMtE,KAAK,cAAc,GAAG,qBAAqB,CAAC,OAAO,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;AACjE,KAAK,WAAW,GAAG,qBAAqB,CAAC,OAAO,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;AAC9D,KAAK,iBAAiB,GAAG,qBAAqB,CAAC,OAAO,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC;AAE1E,KAAK,KAAK,GAAG,iBAAiB,GAAG;IAC/B,GAAG,CAAC,EAAE,IAAI,CAAC;IACX,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;CACzB,CAAC;AAEF,qBAAa,aAAc,SAAQ,SAAS;IAC1C,OAAO,EAAE,eAAe,CAAC;IAEzB,gBAAgB,EAAE,MAAM,CAAC;gBAGvB,KAAK,EAAE,cAAc,EACrB,EAAE,EAAE,WAAW,EACf,EAAE,GAAG,EAAE,YAAY,EAAE,GAAG,gBAAgB,EAAE,EAAE,KAAK;CAgFpD"}

package/dist/cdk-constructs/IxElasticache.js ADDED Viewed

@@ -0,0 +1,70 @@
+import { Construct } from "constructs";
+import { CfnCacheCluster, CfnSubnetGroup } from "aws-cdk-lib/aws-elasticache";
+import { SecurityGroup, Peer, Port } from "aws-cdk-lib/aws-ec2";
+import { StringParameter } from "aws-cdk-lib/aws-ssm";
+import { Stack } from "aws-cdk-lib";
+import { IxVpcDetails } from "./IxVpcDetails.js";
+import deployConfig from "../deployConfig.js";
+export class IxElasticache extends Construct {
+    cluster;
+    connectionString;
+    constructor(scope, id, { vpc, vpcSubnetIds, ...elasticacheProps }) {
+        super(scope, id);
+        // Setup cluster name
+        if (!elasticacheProps.clusterName && deployConfig.isIxDeploy) {
+            elasticacheProps.clusterName = `${Stack.of(this).stackName}`;
+        }
+        if (!elasticacheProps.cacheSubnetGroupName) {
+            // Setup VPC
+            if (!vpc && deployConfig.isIxDeploy) {
+                const vpcDetails = new IxVpcDetails(scope, id + "-IxVpcDetails");
+                vpc = vpcDetails.vpc;
+            }
+            // Setup VPC subnets
+            if (vpc && !vpcSubnetIds) {
+                if (deployConfig.isIxDeploy) {
+                    vpcSubnetIds = IxVpcDetails.getVpcSubnetIds(scope);
+                }
+                else {
+                    vpcSubnetIds = vpc.privateSubnets.map((subnet) => subnet.subnetId);
+                    if (!vpcSubnetIds.length) {
+                        throw Error(`The vpc ${vpc.vpcId} has no private subnets.`);
+                    }
+                }
+            }
+        }
+        // Setup cluster security group
+        if (vpc && vpcSubnetIds) {
+            const subnetGroup = new CfnSubnetGroup(scope, "ElasticacheSubnetGroup", {
+                subnetIds: vpcSubnetIds,
+                description: "Subnet group for redis",
+            });
+            elasticacheProps.cacheSubnetGroupName = subnetGroup.ref;
+            const namePrefix = elasticacheProps.clusterName
+                ? elasticacheProps.clusterName
+                : `${Stack.of(this).stackName}`;
+            const securityGroup = new SecurityGroup(scope, "ElasticacheSecurityGroup", {
+                vpc,
+                allowAllOutbound: true,
+                description: "Security group for Elasticache Cluster",
+                securityGroupName: `${namePrefix}-elasticache`,
+            });
+            for (const subnetIndex of [1, 2, 3]) {
+                const cidr = StringParameter.valueForStringParameter(scope, `/vpc/subnet/private-${deployConfig.workloadGroup}/${subnetIndex}/cidr`);
+                securityGroup.addIngressRule(Peer.ipv4(cidr), Port.tcp(6379), `Allow access to Elasticache cluster from private ${deployConfig.workloadGroup} subnet`);
+            }
+            elasticacheProps.vpcSecurityGroupIds = [securityGroup.securityGroupId];
+        }
+        // Create Redis Cluster
+        this.cluster = new CfnCacheCluster(scope, "RedisCluster", elasticacheProps);
+        if (elasticacheProps.engine === "redis") {
+            this.connectionString = `redis://${this.cluster.attrRedisEndpointAddress}:${this.cluster.attrRedisEndpointPort}`;
+        }
+        else if (elasticacheProps.engine === "memcached") {
+            this.connectionString = `${this.cluster.attrConfigurationEndpointAddress}:${this.cluster.attrConfigurationEndpointPort}`;
+        }
+        else {
+            throw Error(`Unsupported engine: ${elasticacheProps.engine}`);
+        }
+    }
+}

package/dist/cdk-constructs/IxNextjsSite.d.ts ADDED Viewed

@@ -0,0 +1,16 @@
+import { NextjsSite } from "sst/constructs";
+import { type ExtendedNextjsSiteProps } from "../lib/site/support.js";
+type ConstructScope = ConstructorParameters<typeof NextjsSite>[0];
+type ConstructId = ConstructorParameters<typeof NextjsSite>[1];
+type ConstructProps = ExtendedNextjsSiteProps;
+export declare class IxNextjsSite extends NextjsSite {
+    constructor(scope: ConstructScope, id: ConstructId, props?: ConstructProps);
+    get customDomains(): string[];
+    get primaryCustomDomain(): string | null;
+    get aliasDomain(): string | null;
+    get alternativeDomains(): string[];
+    get primaryDomain(): string | null;
+    get primaryOrigin(): string | null;
+}
+export {};
+//# sourceMappingURL=IxNextjsSite.d.ts.map

package/dist/cdk-constructs/IxNextjsSite.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"IxNextjsSite.d.ts","sourceRoot":"","sources":["../../src/cdk-constructs/IxNextjsSite.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AAE5C,OAAO,EACL,KAAK,uBAAuB,EAgB7B,MAAM,wBAAwB,CAAC;AAEhC,KAAK,cAAc,GAAG,qBAAqB,CAAC,OAAO,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;AAClE,KAAK,WAAW,GAAG,qBAAqB,CAAC,OAAO,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;AAC/D,KAAK,cAAc,GAAG,uBAAuB,CAAC;AAE9C,qBAAa,YAAa,SAAQ,UAAU;gBAExC,KAAK,EAAE,cAAc,EACrB,EAAE,EAAE,WAAW,EACf,KAAK,GAAE,cAAmB;IAmB5B,IAAW,aAAa,IAAI,MAAM,EAAE,CAEnC;IAED,IAAW,mBAAmB,IAAI,MAAM,GAAG,IAAI,CAE9C;IAED,IAAW,WAAW,IAAI,MAAM,GAAG,IAAI,CAEtC;IAED,IAAW,kBAAkB,IAAI,MAAM,EAAE,CAExC;IAED,IAAW,aAAa,IAAI,MAAM,GAAG,IAAI,CAExC;IAED,IAAW,aAAa,IAAI,MAAM,GAAG,IAAI,CAExC;CACF"}

package/dist/cdk-constructs/IxNextjsSite.js ADDED Viewed

@@ -0,0 +1,38 @@
+import { NextjsSite } from "sst/constructs";
+import ixDeployConfig from "../deployConfig.js";
+import { getAliasDomain, getAlternativeDomains, getCustomDomains, getPrimaryCustomDomain, getPrimaryDomain, getPrimaryOrigin, setupCertificate, setupCustomDomain, setupDnsRecords, setupDomainAliasRedirect, setupVpcDetails, setupDefaultEnvVars, applyConditionalEnvironmentVariables, parentCompatibleSsrProps, processAuthProps, } from "../lib/site/support.js";
+export class IxNextjsSite extends NextjsSite {
+    constructor(scope, id, props = {}) {
+        if (ixDeployConfig.isIxDeploy) {
+            props = setupVpcDetails(scope, id, props);
+            props = setupCustomDomain(scope, id, props);
+            props = setupCertificate(scope, id, props);
+            props = setupDomainAliasRedirect(scope, id, props);
+        }
+        props = processAuthProps(scope, id, "SsrSite", props);
+        props = setupDefaultEnvVars(scope, id, props);
+        props = applyConditionalEnvironmentVariables(scope, id, props);
+        super(scope, id, parentCompatibleSsrProps(props));
+        if (ixDeployConfig.isIxDeploy) {
+            setupDnsRecords(this, scope, id, props);
+        }
+    }
+    get customDomains() {
+        return getCustomDomains(this.props);
+    }
+    get primaryCustomDomain() {
+        return getPrimaryCustomDomain(this.props);
+    }
+    get aliasDomain() {
+        return getAliasDomain(this.props);
+    }
+    get alternativeDomains() {
+        return getAlternativeDomains(this.props);
+    }
+    get primaryDomain() {
+        return getPrimaryDomain(this, this.props);
+    }
+    get primaryOrigin() {
+        return getPrimaryOrigin(this, this.props);
+    }
+}

package/dist/cdk-constructs/IxQuicksightWorkspace.d.ts ADDED Viewed

@@ -0,0 +1,17 @@
+import { Construct } from "constructs";
+type ConstructScope = ConstructorParameters<typeof Construct>[0];
+type ConstructId = ConstructorParameters<typeof Construct>[1];
+type Props = {
+    appName: string;
+    dataBuckets: string[];
+};
+export declare class IxQuicksightWorkspace extends Construct {
+    workspaceBucketName: string;
+    athenaWorkgroupName: string;
+    serviceRoleArn: string;
+    glueDatabaseName: string;
+    quickSightDataSourceId: string;
+    constructor(scope: ConstructScope, id: ConstructId, props: Props);
+}
+export {};
+//# sourceMappingURL=IxQuicksightWorkspace.d.ts.map

package/dist/cdk-constructs/IxQuicksightWorkspace.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"IxQuicksightWorkspace.d.ts","sourceRoot":"","sources":["../../src/cdk-constructs/IxQuicksightWorkspace.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAIvC,KAAK,cAAc,GAAG,qBAAqB,CAAC,OAAO,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;AACjE,KAAK,WAAW,GAAG,qBAAqB,CAAC,OAAO,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;AAE9D,KAAK,KAAK,GAAG;IACX,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,EAAE,CAAC;CACvB,CAAC;AAEF,qBAAa,qBAAsB,SAAQ,SAAS;IAClD,mBAAmB,EAAE,MAAM,CAAC;IAC5B,mBAAmB,EAAE,MAAM,CAAC;IAC5B,cAAc,EAAE,MAAM,CAAC;IACvB,gBAAgB,EAAE,MAAM,CAAC;IACzB,sBAAsB,EAAE,MAAM,CAAC;gBAEnB,KAAK,EAAE,cAAc,EAAE,EAAE,EAAE,WAAW,EAAE,KAAK,EAAE,KAAK;CAkCjE"}

package/dist/cdk-constructs/IxQuicksightWorkspace.js ADDED Viewed

@@ -0,0 +1,29 @@
+import { Construct } from "constructs";
+import { StringParameter } from "aws-cdk-lib/aws-ssm";
+import { CustomResource } from "aws-cdk-lib";
+export class IxQuicksightWorkspace extends Construct {
+    workspaceBucketName;
+    athenaWorkgroupName;
+    serviceRoleArn;
+    glueDatabaseName;
+    quickSightDataSourceId;
+    constructor(scope, id, props) {
+        super(scope, id);
+        const qsWorkspaceSetupLambdaArn = StringParameter.valueForStringParameter(scope, "/shared-services/quicksight-workspace/lambdaArn");
+        const quicksightWorkspaceLambda = new CustomResource(scope, id + "-CustomResource", {
+            resourceType: "Custom::QuicksightWorkspace",
+            serviceToken: qsWorkspaceSetupLambdaArn,
+            properties: {
+                app_name: props.appName,
+                data_buckets: props.dataBuckets,
+            },
+        });
+        this.workspaceBucketName = quicksightWorkspaceLambda.getAttString("WorkspaceBucketName");
+        this.athenaWorkgroupName = quicksightWorkspaceLambda.getAttString("AthenaWorkgroupName");
+        this.serviceRoleArn =
+            quicksightWorkspaceLambda.getAttString("ServiceRoleArn");
+        this.glueDatabaseName =
+            quicksightWorkspaceLambda.getAttString("GlueDatabaseName");
+        this.quickSightDataSourceId = quicksightWorkspaceLambda.getAttString("QuickSightDataSourceId");
+    }
+}

package/dist/cdk-constructs/IxSESIdentity.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import { Construct } from "constructs";
+type ConstructScope = ConstructorParameters<typeof Construct>[0];
+type ConstructId = ConstructorParameters<typeof Construct>[1];
+type Props = {
+    domain: string;
+    mailFromSubdomain?: string;
+};
+export declare class IxSESIdentity extends Construct {
+    constructor(scope: ConstructScope, id: ConstructId, props: Props);
+}
+export {};
+//# sourceMappingURL=IxSESIdentity.d.ts.map

package/dist/cdk-constructs/IxSESIdentity.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"IxSESIdentity.d.ts","sourceRoot":"","sources":["../../src/cdk-constructs/IxSESIdentity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAKvC,KAAK,cAAc,GAAG,qBAAqB,CAAC,OAAO,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;AACjE,KAAK,WAAW,GAAG,qBAAqB,CAAC,OAAO,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;AAE9D,KAAK,KAAK,GAAG;IACX,MAAM,EAAE,MAAM,CAAC;IACf,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B,CAAC;AAEF,qBAAa,aAAc,SAAQ,SAAS;gBAC9B,KAAK,EAAE,cAAc,EAAE,EAAE,EAAE,WAAW,EAAE,KAAK,EAAE,KAAK;CAuDjE"}

package/dist/cdk-constructs/IxSESIdentity.js ADDED Viewed

@@ -0,0 +1,45 @@
+import { Construct } from "constructs";
+import { IxDnsRecord } from "./IxDnsRecord.js";
+import * as ses from "aws-cdk-lib/aws-ses";
+import * as cdk from "aws-cdk-lib";
+export class IxSESIdentity extends Construct {
+    constructor(scope, id, props) {
+        const domain = props.domain.includes("@")
+            ? props.domain.split("@")[1]
+            : props.domain;
+        const mailFromDomain = `${props.mailFromSubdomain ?? "mail"}.${domain}`;
+        super(scope, id);
+        const identity = new ses.EmailIdentity(scope, `${id}EmailIdentity`, {
+            identity: ses.Identity.domain(domain),
+            mailFromDomain,
+        });
+        // Based on https://github.com/aws/aws-cdk/blob/e2ef65a26c833ecb4a29c22e070c3c5f01c31995/packages/aws-cdk-lib/aws-ses/lib/email-identity.ts#L247
+        for (const i of [1, 2, 3]) {
+            new IxDnsRecord(scope, `${id}DkimDnsToken${i}`, {
+                type: "CNAME",
+                name: identity[`dkimDnsTokenName${i}`],
+                value: identity[`dkimDnsTokenValue${i}`],
+                ttl: 1800,
+            });
+        }
+        // Based on
+        // https://github.com/aws/aws-cdk/blob/e2ef65a26c833ecb4a29c22e070c3c5f01c31995/packages/aws-cdk-lib/aws-ses/lib/email-identity.ts#L512
+        new IxDnsRecord(scope, `${id}MailFromMxRecord`, {
+            type: "MX",
+            name: mailFromDomain,
+            value: `feedback-smtp.${cdk.Stack.of(scope).region}.amazonses.com`,
+            priority: 10,
+        });
+        new IxDnsRecord(scope, `${id}MailFromTxtRecord`, {
+            type: "TXT",
+            name: mailFromDomain,
+            value: "v=spf1 include:amazonses.com ~all",
+        });
+        // Set up DMARC record
+        new IxDnsRecord(scope, `${id}DMARC`, {
+            type: "TXT",
+            name: `_dmarc.${domain}`,
+            value: "v=DMARC1; p=none;",
+        });
+    }
+}

package/dist/cdk-constructs/IxStaticSite.d.ts ADDED Viewed

@@ -0,0 +1,17 @@
+import { StaticSite } from "sst/constructs";
+import { ExtendedStaticSiteProps } from "../lib/site/support.js";
+type ConstructScope = ConstructorParameters<typeof StaticSite>[0];
+type ConstructId = ConstructorParameters<typeof StaticSite>[1];
+type ConstructProps = ExtendedStaticSiteProps;
+export declare class IxStaticSite extends StaticSite {
+    private propsExtended;
+    constructor(scope: ConstructScope, id: ConstructId, props?: ConstructProps);
+    get customDomains(): string[];
+    get primaryCustomDomain(): string | null;
+    get aliasDomain(): string | null;
+    get alternativeDomains(): string[];
+    get primaryDomain(): string | null;
+    get primaryOrigin(): string | null;
+}
+export {};
+//# sourceMappingURL=IxStaticSite.d.ts.map

package/dist/cdk-constructs/IxStaticSite.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"IxStaticSite.d.ts","sourceRoot":"","sources":["../../src/cdk-constructs/IxStaticSite.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AAE5C,OAAO,EACL,uBAAuB,EAYxB,MAAM,wBAAwB,CAAC;AAEhC,KAAK,cAAc,GAAG,qBAAqB,CAAC,OAAO,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;AAClE,KAAK,WAAW,GAAG,qBAAqB,CAAC,OAAO,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;AAC/D,KAAK,cAAc,GAAG,uBAAuB,CAAC;AAE9C,qBAAa,YAAa,SAAQ,UAAU;IAE1C,OAAO,CAAC,aAAa,CAAiB;gBAGpC,KAAK,EAAE,cAAc,EACrB,EAAE,EAAE,WAAW,EACf,KAAK,GAAE,cAAmB;IAiB5B,IAAW,aAAa,IAAI,MAAM,EAAE,CAEnC;IAED,IAAW,mBAAmB,IAAI,MAAM,GAAG,IAAI,CAE9C;IAED,IAAW,WAAW,IAAI,MAAM,GAAG,IAAI,CAEtC;IAED,IAAW,kBAAkB,IAAI,MAAM,EAAE,CAExC;IAED,IAAW,aAAa,IAAI,MAAM,GAAG,IAAI,CAExC;IAED,IAAW,aAAa,IAAI,MAAM,GAAG,IAAI,CAExC;CACF"}

package/dist/cdk-constructs/IxStaticSite.js ADDED Viewed

@@ -0,0 +1,38 @@
+import { StaticSite } from "sst/constructs";
+import ixDeployConfig from "../deployConfig.js";
+import { getAliasDomain, getAlternativeDomains, getCustomDomains, getPrimaryCustomDomain, getPrimaryDomain, getPrimaryOrigin, processAuthProps, setupCertificate, setupCustomDomain, setupDnsRecords, setupDomainAliasRedirect, } from "../lib/site/support.js";
+export class IxStaticSite extends StaticSite {
+    // StaticSite's props are private, so we need to store them separately
+    propsExtended;
+    constructor(scope, id, props = {}) {
+        if (ixDeployConfig.isIxDeploy) {
+            props = setupCustomDomain(scope, id, props);
+            props = setupCertificate(scope, id, props);
+            props = setupDomainAliasRedirect(scope, id, props);
+        }
+        props = processAuthProps(scope, id, "StaticSite", props);
+        super(scope, id, props);
+        this.propsExtended = props;
+        if (ixDeployConfig.isIxDeploy) {
+            setupDnsRecords(this, scope, id, props);
+        }
+    }
+    get customDomains() {
+        return getCustomDomains(this.propsExtended);
+    }
+    get primaryCustomDomain() {
+        return getPrimaryCustomDomain(this.propsExtended);
+    }
+    get aliasDomain() {
+        return getAliasDomain(this.propsExtended);
+    }
+    get alternativeDomains() {
+        return getAlternativeDomains(this.propsExtended);
+    }
+    get primaryDomain() {
+        return getPrimaryDomain(this, this.propsExtended);
+    }
+    get primaryOrigin() {
+        return getPrimaryOrigin(this, this.propsExtended);
+    }
+}

package/dist/cdk-constructs/IxVpcDetails.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import { Construct } from "constructs";
+import { IVpc } from "aws-cdk-lib/aws-ec2";
+type ConstructScope = ConstructorParameters<typeof Construct>[0];
+type ConstructId = ConstructorParameters<typeof Construct>[1];
+export declare class IxVpcDetails extends Construct {
+    vpc: IVpc;
+    constructor(scope: ConstructScope, id: ConstructId);
+    private getVpc;
+    static getVpcSubnetIds(scope: ConstructScope): Array<string>;
+}
+export {};
+//# sourceMappingURL=IxVpcDetails.d.ts.map

package/dist/cdk-constructs/IxVpcDetails.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"IxVpcDetails.d.ts","sourceRoot":"","sources":["../../src/cdk-constructs/IxVpcDetails.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAEvC,OAAO,EAAO,IAAI,EAAE,MAAM,qBAAqB,CAAC;AAGhD,KAAK,cAAc,GAAG,qBAAqB,CAAC,OAAO,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;AACjE,KAAK,WAAW,GAAG,qBAAqB,CAAC,OAAO,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;AAE9D,qBAAa,YAAa,SAAQ,SAAS;IAClC,GAAG,EAAE,IAAI,CAAC;gBAEL,KAAK,EAAE,cAAc,EAAE,EAAE,EAAE,WAAW;IAKlD,OAAO,CAAC,MAAM;IAad,MAAM,CAAC,eAAe,CAAC,KAAK,EAAE,cAAc,GAAG,KAAK,CAAC,MAAM,CAAC;CAQ7D"}

package/dist/cdk-constructs/IxVpcDetails.js ADDED Viewed

@@ -0,0 +1,26 @@
+import { Construct } from "constructs";
+import { StringParameter } from "aws-cdk-lib/aws-ssm";
+import { Vpc } from "aws-cdk-lib/aws-ec2";
+import ixDeployConfig from "../deployConfig.js";
+export class IxVpcDetails extends Construct {
+    vpc;
+    constructor(scope, id) {
+        super(scope, id);
+        this.vpc = this.getVpc(scope, id);
+    }
+    getVpc(scope, id) {
+        const vpcId = StringParameter.valueForStringParameter(scope, "/vpc/id");
+        return Vpc.fromVpcAttributes(this, id + "-Vpc", {
+            vpcId,
+            availabilityZones: [
+                "ap-southeast-2a",
+                "ap-southeast-2b",
+                "ap-southeast-2c",
+            ],
+            isolatedSubnetIds: IxVpcDetails.getVpcSubnetIds(scope),
+        });
+    }
+    static getVpcSubnetIds(scope) {
+        return [1, 2, 3].map((subnetNum) => StringParameter.valueForStringParameter(scope, `/vpc/subnet/private-${ixDeployConfig.workloadGroup}/${subnetNum}/id`));
+    }
+}

package/dist/cdk-constructs/IxWebsiteRedirect.d.ts ADDED Viewed

@@ -0,0 +1,35 @@
+import { ICertificate } from "aws-cdk-lib/aws-certificatemanager";
+import { Construct } from "constructs";
+/**
+ * Properties to configure an HTTPS Redirect
+ */
+export interface WebsiteRedirectProps {
+    /**
+     * The redirect target fully qualified domain name (FQDN). An alias record
+     * will be created that points to your CloudFront distribution. Root domain
+     * or sub-domain can be supplied.
+     */
+    readonly targetDomain: string;
+    /**
+     * The domain names that will redirect to `targetDomain`
+     *
+     * @default - the domain name of the hosted zone
+     */
+    readonly recordNames: string[];
+    /**
+     * The AWS Certificate Manager (ACM) certificate that will be associated with
+     * the CloudFront distribution that will be created. If provided, the certificate must be
+     * stored in us-east-1 (N. Virginia)
+     *
+     * @default - A new certificate is created in us-east-1 (N. Virginia)
+     */
+    readonly certificate?: ICertificate;
+}
+/**
+ * Allows creating a domainA -> domainB redirect using CloudFront and S3.
+ * You can specify multiple domains to be redirected.
+ */
+export declare class IxWebsiteRedirect extends Construct {
+    constructor(scope: Construct, id: string, props: WebsiteRedirectProps);
+}
+//# sourceMappingURL=IxWebsiteRedirect.d.ts.map

package/dist/cdk-constructs/IxWebsiteRedirect.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"IxWebsiteRedirect.d.ts","sourceRoot":"","sources":["../../src/cdk-constructs/IxWebsiteRedirect.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,YAAY,EAAE,MAAM,oCAAoC,CAAC;AAelE,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAKvC;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC;;;;OAIG;IACH,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAE9B;;;;OAIG;IACH,QAAQ,CAAC,WAAW,EAAE,MAAM,EAAE,CAAC;IAE/B;;;;;;OAMG;IACH,QAAQ,CAAC,WAAW,CAAC,EAAE,YAAY,CAAC;CACrC;AAED;;;GAGG;AACH,qBAAa,iBAAkB,SAAQ,SAAS;gBAClC,KAAK,EAAE,SAAS,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,oBAAoB;CA0EtE"}

package/dist/cdk-constructs/IxWebsiteRedirect.js ADDED Viewed

@@ -0,0 +1,72 @@
+// Based off https://github.com/sst/v2/blob/37578037ff80638e2f0eaf0dc59a83dae52e4e45/packages/sst/src/constructs/cdk/website-redirect.ts
+// Not quite sure why an s3 bucket is used for generating the redirect rather than a cloudfront edge lambda,
+// maybe it's cheaper? In any case it's what SST uses and those devs have put a lot more thought into
+// this that we have so I'm going to trust them on this one.
+import { CloudFrontWebDistribution, OriginProtocolPolicy, PriceClass, ViewerCertificate, ViewerProtocolPolicy, } from "aws-cdk-lib/aws-cloudfront";
+import { CloudFrontTarget } from "aws-cdk-lib/aws-route53-targets";
+import { BlockPublicAccess, Bucket, RedirectProtocol, } from "aws-cdk-lib/aws-s3";
+import { ArnFormat, RemovalPolicy, Stack, Token } from "aws-cdk-lib/core";
+import { Construct } from "constructs";
+import { convertToBase62Hash } from "../lib/utils/hash.js";
+import { IxDnsRecord } from "./IxDnsRecord.js";
+import { IxCertificate } from "./IxCertificate.js";
+/**
+ * Allows creating a domainA -> domainB redirect using CloudFront and S3.
+ * You can specify multiple domains to be redirected.
+ */
+export class IxWebsiteRedirect extends Construct {
+    constructor(scope, id, props) {
+        super(scope, id);
+        const domainNames = props.recordNames;
+        let redirectCert = props.certificate;
+        if (!redirectCert) {
+            const newCert = new IxCertificate(scope, id + "-IxRedirectCertificate", {
+                domainName: domainNames[0],
+                subjectAlternativeNames: domainNames.slice(1),
+                region: "us-east-1", // CloudFront will only use certificates in us-east-1
+            });
+            redirectCert = newCert.acmCertificate;
+        }
+        const certificateRegion = Stack.of(this).splitArn(redirectCert.certificateArn, ArnFormat.SLASH_RESOURCE_NAME).region;
+        if (!Token.isUnresolved(certificateRegion) &&
+            certificateRegion !== "us-east-1") {
+            throw new Error(`The certificate must be in the us-east-1 region and the certificate you provided is in ${certificateRegion}.`);
+        }
+        const redirectBucket = new Bucket(this, "RedirectBucket", {
+            websiteRedirect: {
+                hostName: props.targetDomain,
+                protocol: RedirectProtocol.HTTPS,
+            },
+            removalPolicy: RemovalPolicy.DESTROY,
+            blockPublicAccess: BlockPublicAccess.BLOCK_ALL,
+        });
+        const redirectDist = new CloudFrontWebDistribution(this, "RedirectDistribution", {
+            defaultRootObject: "",
+            originConfigs: [
+                {
+                    behaviors: [{ isDefaultBehavior: true }],
+                    customOriginSource: {
+                        domainName: redirectBucket.bucketWebsiteDomainName,
+                        originProtocolPolicy: OriginProtocolPolicy.HTTP_ONLY,
+                    },
+                },
+            ],
+            viewerCertificate: ViewerCertificate.fromAcmCertificate(redirectCert, {
+                aliases: domainNames,
+            }),
+            comment: `Redirect to ${props.targetDomain} from ${domainNames.join(", ")}`,
+            priceClass: PriceClass.PRICE_CLASS_ALL,
+            viewerProtocolPolicy: ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
+        });
+        for (const domainName of domainNames) {
+            const domainNameLogicalId = convertToBase62Hash(domainName);
+            new IxDnsRecord(scope, `DnsRecord-Redirect-${domainNameLogicalId}`, {
+                type: "ALIAS",
+                name: domainName,
+                value: redirectDist.distributionDomainName,
+                aliasZoneId: CloudFrontTarget.getHostedZoneId(scope),
+                ttl: 900,
+            });
+        }
+    }
+}

package/dist/cdk-constructs/SiteOidcAuth/auth-check-handler-body.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export {};
2	+ //# sourceMappingURL=auth-check-handler-body.d.ts.map

package/dist/cdk-constructs/SiteOidcAuth/auth-check-handler-body.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"auth-check-handler-body.d.ts","sourceRoot":"","sources":["../../../src/cdk-constructs/SiteOidcAuth/auth-check-handler-body.ts"],"names":[],"mappings":""}