@jaypie/constructs 1.1.50 → 1.1.52
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/JaypieGitHubDeployRole.d.ts +1 -2
- package/dist/cjs/JaypieHostedZone.d.ts +6 -1
- package/dist/cjs/JaypieSsoPermissions.d.ts +2 -1
- package/dist/cjs/index.cjs +51 -5
- package/dist/cjs/index.cjs.map +1 -1
- package/dist/esm/JaypieGitHubDeployRole.d.ts +1 -2
- package/dist/esm/JaypieHostedZone.d.ts +6 -1
- package/dist/esm/JaypieSsoPermissions.d.ts +2 -1
- package/dist/esm/index.js +55 -9
- package/dist/esm/index.js.map +1 -1
- package/package.json +2 -2
|
@@ -1,14 +1,13 @@
|
|
|
1
1
|
import { Role } from "aws-cdk-lib/aws-iam";
|
|
2
2
|
import { Construct } from "constructs";
|
|
3
3
|
export interface JaypieGitHubDeployRoleProps {
|
|
4
|
-
accountId: string;
|
|
5
4
|
oidcProviderArn?: string;
|
|
6
5
|
output?: boolean | string;
|
|
7
6
|
repoRestriction?: string;
|
|
8
7
|
}
|
|
9
8
|
export declare class JaypieGitHubDeployRole extends Construct {
|
|
10
9
|
private readonly _role;
|
|
11
|
-
constructor(scope: Construct, id
|
|
10
|
+
constructor(scope: Construct, id?: string, props?: JaypieGitHubDeployRoleProps);
|
|
12
11
|
get role(): Role;
|
|
13
12
|
get roleArn(): string;
|
|
14
13
|
get roleName(): string;
|
|
@@ -15,6 +15,11 @@ export interface JaypieHostedZoneRecordProps extends Omit<JaypieDnsRecordProps,
|
|
|
15
15
|
id?: string;
|
|
16
16
|
}
|
|
17
17
|
interface JaypieHostedZoneProps {
|
|
18
|
+
/**
|
|
19
|
+
* Optional construct ID
|
|
20
|
+
* @default `${zoneName}-HostedZone`
|
|
21
|
+
*/
|
|
22
|
+
id?: string;
|
|
18
23
|
/**
|
|
19
24
|
* The domain name for the hosted zone
|
|
20
25
|
*/
|
|
@@ -49,6 +54,6 @@ export declare class JaypieHostedZone extends Construct {
|
|
|
49
54
|
/**
|
|
50
55
|
* Create a new hosted zone with query logging and optional DNS records
|
|
51
56
|
*/
|
|
52
|
-
constructor(scope: Construct,
|
|
57
|
+
constructor(scope: Construct, idOrProps: string | JaypieHostedZoneProps, propsOrRecords?: JaypieHostedZoneProps | JaypieHostedZoneRecordProps[]);
|
|
53
58
|
}
|
|
54
59
|
export {};
|
|
@@ -14,7 +14,8 @@ export interface AccountAssignments {
|
|
|
14
14
|
export interface JaypieSsoPermissionsProps {
|
|
15
15
|
/**
|
|
16
16
|
* ARN of the IAM Identity Center instance
|
|
17
|
-
* If not provided,
|
|
17
|
+
* If not provided, falls back to CDK_ENV_IAM_IDENTITY_CENTER_ARN
|
|
18
|
+
* If neither is set, SSO setup will be skipped
|
|
18
19
|
*/
|
|
19
20
|
iamIdentityCenterArn?: string;
|
|
20
21
|
/**
|
package/dist/cjs/index.cjs
CHANGED
|
@@ -1352,9 +1352,11 @@ class JaypieDnsRecord extends constructs.Construct {
|
|
|
1352
1352
|
}
|
|
1353
1353
|
|
|
1354
1354
|
class JaypieGitHubDeployRole extends constructs.Construct {
|
|
1355
|
-
constructor(scope, id, props) {
|
|
1355
|
+
constructor(scope, id = "GitHubDeployRole", props = {}) {
|
|
1356
1356
|
super(scope, id);
|
|
1357
|
-
const {
|
|
1357
|
+
const { oidcProviderArn = cdk$1.Fn.importValue(cdk.CDK.IMPORT.OIDC_PROVIDER), output = true, repoRestriction: propsRepoRestriction, } = props;
|
|
1358
|
+
// Extract account ID from the scope
|
|
1359
|
+
const accountId = cdk$1.Stack.of(this).account;
|
|
1358
1360
|
// Resolve repoRestriction from props or environment variables
|
|
1359
1361
|
let repoRestriction = propsRepoRestriction;
|
|
1360
1362
|
if (!repoRestriction) {
|
|
@@ -1444,11 +1446,54 @@ class JaypieExpressLambda extends JaypieLambda {
|
|
|
1444
1446
|
const SERVICE = {
|
|
1445
1447
|
ROUTE53: "route53.amazonaws.com",
|
|
1446
1448
|
};
|
|
1449
|
+
/**
|
|
1450
|
+
* Check if a string is a valid hostname
|
|
1451
|
+
*/
|
|
1452
|
+
function isValidHostname(str) {
|
|
1453
|
+
// Check if it contains a dot and matches hostname pattern
|
|
1454
|
+
if (!str.includes("."))
|
|
1455
|
+
return false;
|
|
1456
|
+
// Basic hostname validation: alphanumeric, hyphens, dots
|
|
1457
|
+
// Each label must start and end with alphanumeric
|
|
1458
|
+
const hostnameRegex = /^([a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?\.)+[a-z]{2,}$/i;
|
|
1459
|
+
return hostnameRegex.test(str);
|
|
1460
|
+
}
|
|
1447
1461
|
class JaypieHostedZone extends constructs.Construct {
|
|
1448
1462
|
/**
|
|
1449
1463
|
* Create a new hosted zone with query logging and optional DNS records
|
|
1450
1464
|
*/
|
|
1451
|
-
constructor(scope,
|
|
1465
|
+
constructor(scope, idOrProps, propsOrRecords) {
|
|
1466
|
+
// Handle overloaded constructor signatures
|
|
1467
|
+
let props;
|
|
1468
|
+
let id;
|
|
1469
|
+
if (typeof idOrProps === "string") {
|
|
1470
|
+
// If it's a valid hostname, treat it as zoneName
|
|
1471
|
+
if (isValidHostname(idOrProps)) {
|
|
1472
|
+
// Third param can be props object or records array
|
|
1473
|
+
if (Array.isArray(propsOrRecords)) {
|
|
1474
|
+
props = { zoneName: idOrProps, records: propsOrRecords };
|
|
1475
|
+
}
|
|
1476
|
+
else {
|
|
1477
|
+
props = propsOrRecords || { zoneName: idOrProps };
|
|
1478
|
+
// Set zoneName if not already set
|
|
1479
|
+
if (!props.zoneName) {
|
|
1480
|
+
props = { ...props, zoneName: idOrProps };
|
|
1481
|
+
}
|
|
1482
|
+
}
|
|
1483
|
+
// Use id from props if provided, otherwise derive from zoneName
|
|
1484
|
+
id = props.id || `${idOrProps}-HostedZone`;
|
|
1485
|
+
}
|
|
1486
|
+
else {
|
|
1487
|
+
// Otherwise treat it as an explicit id
|
|
1488
|
+
props = propsOrRecords;
|
|
1489
|
+
id = idOrProps;
|
|
1490
|
+
}
|
|
1491
|
+
}
|
|
1492
|
+
else {
|
|
1493
|
+
// idOrProps is props
|
|
1494
|
+
props = idOrProps;
|
|
1495
|
+
id = props.id || `${props.zoneName}-HostedZone`;
|
|
1496
|
+
}
|
|
1452
1497
|
super(scope, id);
|
|
1453
1498
|
const { zoneName, project } = props;
|
|
1454
1499
|
const destination = props.destination ?? true;
|
|
@@ -1579,7 +1624,8 @@ class JaypieOpenAiSecret extends JaypieEnvSecret {
|
|
|
1579
1624
|
class JaypieSsoPermissions extends constructs.Construct {
|
|
1580
1625
|
constructor(scope, id, props) {
|
|
1581
1626
|
super(scope, id);
|
|
1582
|
-
const { iamIdentityCenterArn, administratorGroupId, analystGroupId, developerGroupId, administratorAccountAssignments, analystAccountAssignments, developerAccountAssignments, } = props;
|
|
1627
|
+
const { iamIdentityCenterArn: iamIdentityCenterArnProp, administratorGroupId, analystGroupId, developerGroupId, administratorAccountAssignments, analystAccountAssignments, developerAccountAssignments, } = props;
|
|
1628
|
+
const iamIdentityCenterArn = iamIdentityCenterArnProp || process.env.CDK_ENV_IAM_IDENTITY_CENTER_ARN;
|
|
1583
1629
|
if (!iamIdentityCenterArn) {
|
|
1584
1630
|
// If no IAM Identity Center ARN provided, skip SSO setup
|
|
1585
1631
|
return;
|
|
@@ -1831,7 +1877,7 @@ const DEFAULT_GOOGLE_GROUP_MATCH = "name:AWS*";
|
|
|
1831
1877
|
// Class
|
|
1832
1878
|
//
|
|
1833
1879
|
class JaypieSsoSyncApplication extends constructs.Construct {
|
|
1834
|
-
constructor(scope, id = "
|
|
1880
|
+
constructor(scope, id = "SsoSyncApplication", props = {}) {
|
|
1835
1881
|
super(scope, id);
|
|
1836
1882
|
const { googleAdminEmail, googleAdminEmailEnvKey = "CDK_ENV_SSOSYNC_GOOGLE_ADMIN_EMAIL", googleCredentials, googleCredentialsEnvKey = "CDK_ENV_SSOSYNC_GOOGLE_CREDENTIALS", googleGroupMatch, googleGroupMatchEnvKey = "CDK_ENV_SSOSYNC_GOOGLE_GROUP_MATCH", identityStoreId, identityStoreIdEnvKey = "CDK_ENV_SSOSYNC_IDENTITY_STORE_ID", scimEndpointAccessToken, scimEndpointAccessTokenEnvKey = "CDK_ENV_SCIM_ENDPOINT_ACCESS_TOKEN", scimEndpointUrl, scimEndpointUrlEnvKey = "CDK_ENV_SSOSYNC_SCIM_ENDPOINT_URL", semanticVersion, semanticVersionEnvKey = "CDK_ENV_SSOSYNC_SEMANTIC_VERSION", ssoSyncApplicationId = DEFAULT_APPLICATION_ID, tags, } = props;
|
|
1837
1883
|
// Resolve all values from props or environment variables
|