@jaypie/constructs 1.2.52 → 1.2.53

package/dist/cjs/JaypieWebDeploymentBucket.d.ts

@@ -1,4 +1,4 @@
-import { RemovalPolicy } from "aws-cdk-lib";
+import { CfnOutput, RemovalPolicy } from "aws-cdk-lib";
 import * as acm from "aws-cdk-lib/aws-certificatemanager";
 import * as cloudfront from "aws-cdk-lib/aws-cloudfront";
 import { AddToResourcePolicyResult, PolicyStatement } from "aws-cdk-lib/aws-iam";
@@ -123,6 +123,23 @@ export declare class JaypieWebDeploymentBucket extends Construct implements s3.I
     readonly wafLogBucket?: s3.IBucket;
     readonly webAcl?: wafv2.CfnWebACL;
     constructor(scope: Construct, id: string, props?: JaypieWebDeploymentBucketProps);
+    /**
+     * Emit stack-level CfnOutputs with stable, hash-free logical IDs so they can
+     * be read directly from `cdk-outputs.json` without prefix-matching. Skips
+     * outputs whose underlying resource is absent.
+     *
+     * Logical IDs (with optional `prefix`):
+     * - `${prefix}DestinationBucketName`
+     * - `${prefix}DestinationBucketDeployRoleArn` (when a deploy role exists)
+     * - `${prefix}DistributionId` (when a distribution exists)
+     * - `${prefix}CertificateArn` (when a certificate exists)
+     *
+     * @returns map of created outputs keyed by their logical ID
+     */
+    exportOutputs(options?: {
+        prefix?: string;
+        scope?: Construct;
+    }): Record<string, CfnOutput>;
     private resolveWafConfig;
     private isExportNameObject;
     private resolveLogBucket;

package/dist/cjs/helpers/__tests__/constructWafLogBucketName.spec.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/cjs/helpers/constructWafLogBucketName.d.ts

@@ -0,0 +1,8 @@
+/**
+ * Build a WAF log bucket name shaped like
+ * `aws-waf-logs-${env}-${key}-${name}-waf-${nonce}` (or `-waf-` only when
+ * `name` is empty). The `aws-waf-logs-` prefix is required by AWS WAF, and
+ * `-${PROJECT_NONCE}` is preserved verbatim for uniqueness; the middle is
+ * truncated when needed to fit S3's 63-char limit.
+ */
+export declare function constructWafLogBucketName(name?: string): string;

package/dist/cjs/helpers/index.d.ts

@@ -2,6 +2,7 @@ export { addDatadogLayers } from "./addDatadogLayers";
 export { constructEnvName } from "./constructEnvName";
 export { constructStackName } from "./constructStackName";
 export { constructTagger } from "./constructTagger";
+export { constructWafLogBucketName } from "./constructWafLogBucketName";
 export { envHostname, HostConfig } from "./envHostname";
 export { extendDatadogRole, ExtendDatadogRoleOptions, } from "./extendDatadogRole";
 export { clearAllCertificateCaches, clearCertificateCache, resolveCertificate, ResolveCertificateOptions, } from "./resolveCertificate";

package/dist/cjs/index.cjs

@@ -401,6 +401,29 @@ function constructTagger(construct, { name } = {}) {
     return true;
 }
 
+const AWS_WAF_LOGS_PREFIX = "aws-waf-logs-";
+const S3_BUCKET_NAME_MAX_LENGTH = 63;
+/**
+ * Build a WAF log bucket name shaped like
+ * `aws-waf-logs-${env}-${key}-${name}-waf-${nonce}` (or `-waf-` only when
+ * `name` is empty). The `aws-waf-logs-` prefix is required by AWS WAF, and
+ * `-${PROJECT_NONCE}` is preserved verbatim for uniqueness; the middle is
+ * truncated when needed to fit S3's 63-char limit.
+ */
+function constructWafLogBucketName(name) {
+    const nonce = (process.env.PROJECT_NONCE ?? "cfe2").toLowerCase();
+    const nonceSuffix = `-${nonce}`;
+    const innerName = name ? `${name}-waf` : "waf";
+    const middle = constructEnvName(innerName)
+        .toLowerCase()
+        .slice(0, -nonceSuffix.length);
+    const maxMiddleLength = S3_BUCKET_NAME_MAX_LENGTH - AWS_WAF_LOGS_PREFIX.length - nonceSuffix.length;
+    const truncated = middle.length > maxMiddleLength
+        ? middle.slice(0, maxMiddleLength).replace(/-+$/, "")
+        : middle;
+    return `${AWS_WAF_LOGS_PREFIX}${truncated}${nonceSuffix}`;
+}
+
 function envHostname({ component, domain, env, subdomain, } = {}) {
     const resolvedDomain = domain || process.env.CDK_ENV_DOMAIN || process.env.CDK_ENV_HOSTED_ZONE;
     if (!resolvedDomain) {
@@ -2765,9 +2788,7 @@ class JaypieDistribution extends constructs.Construct {
                 const wafLogBucketId = wafConfig.name
                     ? constructEnvName(`${wafConfig.name}-WafLogBucket`)
                     : constructEnvName("WafLogBucket");
-                const wafLogBucketName = wafConfig.name
-                    ? `aws-waf-logs-${constructEnvName(`${wafConfig.name}-waf`).toLowerCase()}`
-                    : `aws-waf-logs-${constructEnvName("waf").toLowerCase()}`;
+                const wafLogBucketName = constructWafLogBucketName(wafConfig.name);
                 const createdBucket = new s3__namespace.Bucket(this, wafLogBucketId, {
                     bucketName: wafLogBucketName,
                     lifecycleRules: [
@@ -4622,7 +4643,7 @@ class JaypieWebDeploymentBucket extends constructs.Construct {
                 let wafLogBucket;
                 if (wafLogBucketProp === true) {
                     const wafLogBucketId = constructEnvName(`${wafConfig.name}-WafLogBucket`);
-                    const wafLogBucketName = `aws-waf-logs-${constructEnvName(`${wafConfig.name}-waf`).toLowerCase()}`;
+                    const wafLogBucketName = constructWafLogBucketName(wafConfig.name);
                     const createdBucket = new s3__namespace.Bucket(this, wafLogBucketId, {
                         bucketName: wafLogBucketName,
                         lifecycleRules: [
@@ -4661,6 +4682,41 @@ class JaypieWebDeploymentBucket extends constructs.Construct {
             }
         }
     }
+    /**
+     * Emit stack-level CfnOutputs with stable, hash-free logical IDs so they can
+     * be read directly from `cdk-outputs.json` without prefix-matching. Skips
+     * outputs whose underlying resource is absent.
+     *
+     * Logical IDs (with optional `prefix`):
+     * - `${prefix}DestinationBucketName`
+     * - `${prefix}DestinationBucketDeployRoleArn` (when a deploy role exists)
+     * - `${prefix}DistributionId` (when a distribution exists)
+     * - `${prefix}CertificateArn` (when a certificate exists)
+     *
+     * @returns map of created outputs keyed by their logical ID
+     */
+    exportOutputs(options = {}) {
+        const { prefix = "", scope = cdk.Stack.of(this) } = options;
+        const outputs = {};
+        const create = (id, value) => {
+            const logicalId = `${prefix}${id}`;
+            const output = new cdk.CfnOutput(scope, `${logicalId}Export`, { value });
+            output.overrideLogicalId(logicalId);
+            outputs[logicalId] = output;
+            return output;
+        };
+        create("DestinationBucketName", this.bucket.bucketName);
+        if (this.deployRoleArn) {
+            create("DestinationBucketDeployRoleArn", this.deployRoleArn);
+        }
+        if (this.distribution) {
+            create("DistributionId", this.distribution.distributionId);
+        }
+        if (this.certificate) {
+            create("CertificateArn", this.certificate.certificateArn);
+        }
+        return outputs;
+    }
     resolveWafConfig(wafProp, defaultName) {
         if (wafProp === false)
             return undefined;
@@ -5238,6 +5294,7 @@ exports.clearSecretsCache = clearSecretsCache;
 exports.constructEnvName = constructEnvName;
 exports.constructStackName = constructStackName;
 exports.constructTagger = constructTagger;
+exports.constructWafLogBucketName = constructWafLogBucketName;
 exports.ensureRoute53QueryLoggingPolicy = ensureRoute53QueryLoggingPolicy;
 exports.envHostname = envHostname;
 exports.extendDatadogRole = extendDatadogRole;