@jaypie/constructs 1.1.50 → 1.1.52
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/JaypieGitHubDeployRole.d.ts +1 -2
- package/dist/cjs/JaypieHostedZone.d.ts +6 -1
- package/dist/cjs/JaypieSsoPermissions.d.ts +2 -1
- package/dist/cjs/index.cjs +51 -5
- package/dist/cjs/index.cjs.map +1 -1
- package/dist/esm/JaypieGitHubDeployRole.d.ts +1 -2
- package/dist/esm/JaypieHostedZone.d.ts +6 -1
- package/dist/esm/JaypieSsoPermissions.d.ts +2 -1
- package/dist/esm/index.js +55 -9
- package/dist/esm/index.js.map +1 -1
- package/package.json +2 -2
|
@@ -1,14 +1,13 @@
|
|
|
1
1
|
import { Role } from "aws-cdk-lib/aws-iam";
|
|
2
2
|
import { Construct } from "constructs";
|
|
3
3
|
export interface JaypieGitHubDeployRoleProps {
|
|
4
|
-
accountId: string;
|
|
5
4
|
oidcProviderArn?: string;
|
|
6
5
|
output?: boolean | string;
|
|
7
6
|
repoRestriction?: string;
|
|
8
7
|
}
|
|
9
8
|
export declare class JaypieGitHubDeployRole extends Construct {
|
|
10
9
|
private readonly _role;
|
|
11
|
-
constructor(scope: Construct, id
|
|
10
|
+
constructor(scope: Construct, id?: string, props?: JaypieGitHubDeployRoleProps);
|
|
12
11
|
get role(): Role;
|
|
13
12
|
get roleArn(): string;
|
|
14
13
|
get roleName(): string;
|
|
@@ -15,6 +15,11 @@ export interface JaypieHostedZoneRecordProps extends Omit<JaypieDnsRecordProps,
|
|
|
15
15
|
id?: string;
|
|
16
16
|
}
|
|
17
17
|
interface JaypieHostedZoneProps {
|
|
18
|
+
/**
|
|
19
|
+
* Optional construct ID
|
|
20
|
+
* @default `${zoneName}-HostedZone`
|
|
21
|
+
*/
|
|
22
|
+
id?: string;
|
|
18
23
|
/**
|
|
19
24
|
* The domain name for the hosted zone
|
|
20
25
|
*/
|
|
@@ -49,6 +54,6 @@ export declare class JaypieHostedZone extends Construct {
|
|
|
49
54
|
/**
|
|
50
55
|
* Create a new hosted zone with query logging and optional DNS records
|
|
51
56
|
*/
|
|
52
|
-
constructor(scope: Construct,
|
|
57
|
+
constructor(scope: Construct, idOrProps: string | JaypieHostedZoneProps, propsOrRecords?: JaypieHostedZoneProps | JaypieHostedZoneRecordProps[]);
|
|
53
58
|
}
|
|
54
59
|
export {};
|
|
@@ -14,7 +14,8 @@ export interface AccountAssignments {
|
|
|
14
14
|
export interface JaypieSsoPermissionsProps {
|
|
15
15
|
/**
|
|
16
16
|
* ARN of the IAM Identity Center instance
|
|
17
|
-
* If not provided,
|
|
17
|
+
* If not provided, falls back to CDK_ENV_IAM_IDENTITY_CENTER_ARN
|
|
18
|
+
* If neither is set, SSO setup will be skipped
|
|
18
19
|
*/
|
|
19
20
|
iamIdentityCenterArn?: string;
|
|
20
21
|
/**
|
package/dist/esm/index.js
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { CDK as CDK$2, ConfigurationError, mergeDomain, isValidSubdomain, isValidHostname } from '@jaypie/cdk';
|
|
1
|
+
import { CDK as CDK$2, ConfigurationError, mergeDomain, isValidSubdomain, isValidHostname as isValidHostname$1 } from '@jaypie/cdk';
|
|
2
2
|
export { CDK } from '@jaypie/cdk';
|
|
3
3
|
import { Construct } from 'constructs';
|
|
4
4
|
import * as cdk from 'aws-cdk-lib';
|
|
@@ -1321,9 +1321,11 @@ class JaypieDnsRecord extends Construct {
|
|
|
1321
1321
|
}
|
|
1322
1322
|
|
|
1323
1323
|
class JaypieGitHubDeployRole extends Construct {
|
|
1324
|
-
constructor(scope, id, props) {
|
|
1324
|
+
constructor(scope, id = "GitHubDeployRole", props = {}) {
|
|
1325
1325
|
super(scope, id);
|
|
1326
|
-
const {
|
|
1326
|
+
const { oidcProviderArn = Fn.importValue(CDK$2.IMPORT.OIDC_PROVIDER), output = true, repoRestriction: propsRepoRestriction, } = props;
|
|
1327
|
+
// Extract account ID from the scope
|
|
1328
|
+
const accountId = Stack.of(this).account;
|
|
1327
1329
|
// Resolve repoRestriction from props or environment variables
|
|
1328
1330
|
let repoRestriction = propsRepoRestriction;
|
|
1329
1331
|
if (!repoRestriction) {
|
|
@@ -1413,11 +1415,54 @@ class JaypieExpressLambda extends JaypieLambda {
|
|
|
1413
1415
|
const SERVICE = {
|
|
1414
1416
|
ROUTE53: "route53.amazonaws.com",
|
|
1415
1417
|
};
|
|
1418
|
+
/**
|
|
1419
|
+
* Check if a string is a valid hostname
|
|
1420
|
+
*/
|
|
1421
|
+
function isValidHostname(str) {
|
|
1422
|
+
// Check if it contains a dot and matches hostname pattern
|
|
1423
|
+
if (!str.includes("."))
|
|
1424
|
+
return false;
|
|
1425
|
+
// Basic hostname validation: alphanumeric, hyphens, dots
|
|
1426
|
+
// Each label must start and end with alphanumeric
|
|
1427
|
+
const hostnameRegex = /^([a-z0-9]([a-z0-9-]{0,61}[a-z0-9])?\.)+[a-z]{2,}$/i;
|
|
1428
|
+
return hostnameRegex.test(str);
|
|
1429
|
+
}
|
|
1416
1430
|
class JaypieHostedZone extends Construct {
|
|
1417
1431
|
/**
|
|
1418
1432
|
* Create a new hosted zone with query logging and optional DNS records
|
|
1419
1433
|
*/
|
|
1420
|
-
constructor(scope,
|
|
1434
|
+
constructor(scope, idOrProps, propsOrRecords) {
|
|
1435
|
+
// Handle overloaded constructor signatures
|
|
1436
|
+
let props;
|
|
1437
|
+
let id;
|
|
1438
|
+
if (typeof idOrProps === "string") {
|
|
1439
|
+
// If it's a valid hostname, treat it as zoneName
|
|
1440
|
+
if (isValidHostname(idOrProps)) {
|
|
1441
|
+
// Third param can be props object or records array
|
|
1442
|
+
if (Array.isArray(propsOrRecords)) {
|
|
1443
|
+
props = { zoneName: idOrProps, records: propsOrRecords };
|
|
1444
|
+
}
|
|
1445
|
+
else {
|
|
1446
|
+
props = propsOrRecords || { zoneName: idOrProps };
|
|
1447
|
+
// Set zoneName if not already set
|
|
1448
|
+
if (!props.zoneName) {
|
|
1449
|
+
props = { ...props, zoneName: idOrProps };
|
|
1450
|
+
}
|
|
1451
|
+
}
|
|
1452
|
+
// Use id from props if provided, otherwise derive from zoneName
|
|
1453
|
+
id = props.id || `${idOrProps}-HostedZone`;
|
|
1454
|
+
}
|
|
1455
|
+
else {
|
|
1456
|
+
// Otherwise treat it as an explicit id
|
|
1457
|
+
props = propsOrRecords;
|
|
1458
|
+
id = idOrProps;
|
|
1459
|
+
}
|
|
1460
|
+
}
|
|
1461
|
+
else {
|
|
1462
|
+
// idOrProps is props
|
|
1463
|
+
props = idOrProps;
|
|
1464
|
+
id = props.id || `${props.zoneName}-HostedZone`;
|
|
1465
|
+
}
|
|
1421
1466
|
super(scope, id);
|
|
1422
1467
|
const { zoneName, project } = props;
|
|
1423
1468
|
const destination = props.destination ?? true;
|
|
@@ -1548,7 +1593,8 @@ class JaypieOpenAiSecret extends JaypieEnvSecret {
|
|
|
1548
1593
|
class JaypieSsoPermissions extends Construct {
|
|
1549
1594
|
constructor(scope, id, props) {
|
|
1550
1595
|
super(scope, id);
|
|
1551
|
-
const { iamIdentityCenterArn, administratorGroupId, analystGroupId, developerGroupId, administratorAccountAssignments, analystAccountAssignments, developerAccountAssignments, } = props;
|
|
1596
|
+
const { iamIdentityCenterArn: iamIdentityCenterArnProp, administratorGroupId, analystGroupId, developerGroupId, administratorAccountAssignments, analystAccountAssignments, developerAccountAssignments, } = props;
|
|
1597
|
+
const iamIdentityCenterArn = iamIdentityCenterArnProp || process.env.CDK_ENV_IAM_IDENTITY_CENTER_ARN;
|
|
1552
1598
|
if (!iamIdentityCenterArn) {
|
|
1553
1599
|
// If no IAM Identity Center ARN provided, skip SSO setup
|
|
1554
1600
|
return;
|
|
@@ -1800,7 +1846,7 @@ const DEFAULT_GOOGLE_GROUP_MATCH = "name:AWS*";
|
|
|
1800
1846
|
// Class
|
|
1801
1847
|
//
|
|
1802
1848
|
class JaypieSsoSyncApplication extends Construct {
|
|
1803
|
-
constructor(scope, id = "
|
|
1849
|
+
constructor(scope, id = "SsoSyncApplication", props = {}) {
|
|
1804
1850
|
super(scope, id);
|
|
1805
1851
|
const { googleAdminEmail, googleAdminEmailEnvKey = "CDK_ENV_SSOSYNC_GOOGLE_ADMIN_EMAIL", googleCredentials, googleCredentialsEnvKey = "CDK_ENV_SSOSYNC_GOOGLE_CREDENTIALS", googleGroupMatch, googleGroupMatchEnvKey = "CDK_ENV_SSOSYNC_GOOGLE_GROUP_MATCH", identityStoreId, identityStoreIdEnvKey = "CDK_ENV_SSOSYNC_IDENTITY_STORE_ID", scimEndpointAccessToken, scimEndpointAccessTokenEnvKey = "CDK_ENV_SCIM_ENDPOINT_ACCESS_TOKEN", scimEndpointUrl, scimEndpointUrlEnvKey = "CDK_ENV_SSOSYNC_SCIM_ENDPOINT_URL", semanticVersion, semanticVersionEnvKey = "CDK_ENV_SSOSYNC_SEMANTIC_VERSION", ssoSyncApplicationId = DEFAULT_APPLICATION_ID, tags, } = props;
|
|
1806
1852
|
// Resolve all values from props or environment variables
|
|
@@ -1888,11 +1934,11 @@ class JaypieWebDeploymentBucket extends Construct {
|
|
|
1888
1934
|
throw new ConfigurationError("CDK_ENV_WEB_SUBDOMAIN is not a valid subdomain");
|
|
1889
1935
|
}
|
|
1890
1936
|
if (process.env.CDK_ENV_WEB_HOSTED_ZONE &&
|
|
1891
|
-
!isValidHostname(process.env.CDK_ENV_WEB_HOSTED_ZONE)) {
|
|
1937
|
+
!isValidHostname$1(process.env.CDK_ENV_WEB_HOSTED_ZONE)) {
|
|
1892
1938
|
throw new ConfigurationError("CDK_ENV_WEB_HOSTED_ZONE is not a valid hostname");
|
|
1893
1939
|
}
|
|
1894
1940
|
if (process.env.CDK_ENV_HOSTED_ZONE &&
|
|
1895
|
-
!isValidHostname(process.env.CDK_ENV_HOSTED_ZONE)) {
|
|
1941
|
+
!isValidHostname$1(process.env.CDK_ENV_HOSTED_ZONE)) {
|
|
1896
1942
|
throw new ConfigurationError("CDK_ENV_HOSTED_ZONE is not a valid hostname");
|
|
1897
1943
|
}
|
|
1898
1944
|
// Determine host from props or environment
|
|
@@ -1909,7 +1955,7 @@ class JaypieWebDeploymentBucket extends Construct {
|
|
|
1909
1955
|
host = undefined;
|
|
1910
1956
|
}
|
|
1911
1957
|
}
|
|
1912
|
-
if (host && !isValidHostname(host)) {
|
|
1958
|
+
if (host && !isValidHostname$1(host)) {
|
|
1913
1959
|
throw new ConfigurationError("Host is not a valid hostname");
|
|
1914
1960
|
}
|
|
1915
1961
|
// Determine zone from props or environment
|