@openhi/constructs 0.0.128 → 0.0.130

package/lib/index.d.mts

@@ -1142,6 +1142,23 @@ declare class StaticContent extends Construct {
  * OpenHiWebsiteService for fromConstruct() lookups.
  */
 declare const STATIC_HOSTING_SERVICE_TYPE = "website";
+/**
+ * Shared prefix for every per-PR preview hostname / S3 key
+ * (`admin-pr-<N>.<zone>`). Consumed by both the `StaticHosting`
+ * lifecycle rule (`prefixPattern`) and the per-PR deployment construct
+ * (`computeSubDomain` in `OpenHiWebsiteService`) so the two sides
+ * cannot drift — a unit test asserts they reference the same constant.
+ */
+declare const PER_BRANCH_PREVIEW_PREFIX = "admin-pr-";
+/**
+ * Default TTL applied to objects matching the `prefixPattern` lifecycle
+ * rule when `enablePreviewLifecycle` is `true` and `previewExpiration`
+ * is omitted. Per-PR preview content is small and short-lived; 14 days
+ * is long enough that a forgotten preview can still be opened during a
+ * code review and short enough that abandoned content does not
+ * accumulate.
+ */
+declare const DEFAULT_PREVIEW_EXPIRATION_DAYS = 14;
 /**
  * Props for the StaticHosting construct.
  */
@@ -1238,6 +1255,33 @@ interface StaticHostingProps {
             readonly maxTtl?: Duration;
         };
     };
+    /**
+     * S3 key prefix that the per-PR preview lifecycle rule matches. Must
+     * be the same value the per-PR deployment construct writes under
+     * (see `PER_BRANCH_PREVIEW_PREFIX`). Required even when
+     * `enablePreviewLifecycle` is `false` so the contract between the
+     * deployment side and the lifecycle side is single-sourced.
+     */
+    readonly prefixPattern: string;
+    /**
+     * When `true`, add an S3 lifecycle rule to the bucket that expires
+     * objects matching `prefixPattern` after `previewExpiration`. **No
+     * default** — every caller must make the stage decision explicitly
+     * because adding the rule in production could silently delete real
+     * content if the prefix ever overlapped with release content.
+     *
+     * Callers gate this against the stage (e.g.
+     * `ohEnv.ohStage.stageType !== OPEN_HI_STAGE.PROD`) before passing
+     * the prop.
+     */
+    readonly enablePreviewLifecycle: boolean;
+    /**
+     * TTL applied to objects under `prefixPattern` when the lifecycle
+     * rule is created.
+     *
+     * @default Duration.days(14)
+     */
+    readonly previewExpiration?: Duration;
 }
 /**
  * Static hosting: S3 bucket (private) + CloudFront distribution with Origin
@@ -1272,7 +1316,7 @@ declare class StaticHosting extends Construct {
     readonly bucket: IBucket;
     readonly distribution: Distribution;
     readonly viewerRequestHandler: NodejsFunction;
-    constructor(scope: Construct, id: string, props?: StaticHostingProps);
+    constructor(scope: Construct, id: string, props: StaticHostingProps);
     /**
      * Builds the `/api/*` and `/api/control/runtime-config` behaviors backed
      * by the REST API custom-domain origin. Returns `undefined` when no
@@ -1365,6 +1409,19 @@ declare class OpenHiAuthService extends OpenHiService {
      * Returns an IUserPoolDomain by looking up the Auth stack's User Pool Domain from SSM.
      */
     static userPoolDomainFromConstruct(scope: Construct): IUserPoolDomain;
+    /**
+     * Returns the full Cognito Hosted UI base URL (e.g.
+     * `https://auth-abc.auth.us-east-2.amazoncognito.com`) by looking up
+     * the Auth stack's User Pool Domain from SSM and composing it with the
+     * calling stack's region.
+     *
+     * Equivalent to `UserPoolDomain.baseUrl()` on the concrete construct,
+     * but works across stacks where the looked-up `IUserPoolDomain` is an
+     * `Import` and does not carry the `baseUrl()` method. Assumes the
+     * domain was created as a Cognito-managed prefix domain (the only
+     * variant `OpenHiAuthService.createUserPoolDomain` produces).
+     */
+    static userPoolDomainBaseUrlFromConstruct(scope: Construct): string;
     /**
      * Returns an IKey (KMS) by looking up the Auth stack's User Pool KMS Key ARN from SSM.
      */
@@ -2112,6 +2169,12 @@ declare class OpenHiGraphqlService extends OpenHiService {
     protected createRootGraphqlApi(): RootGraphqlApi;
 }
 
+/**
+ * Environment variable that supplies the PR number on non-release website
+ * deploys. Sibling of `GIT_BRANCH_NAME` used by `OpenHiService`. CI sets
+ * this from `github.event.pull_request.number`.
+ */
+declare const OPENHI_PR_NUMBER_ENV_VAR = "OPENHI_PR_NUMBER";
 /**
  * @see sites/www-docs/content/packages/@openhi/constructs/services/open-hi-website-service.md
  */
@@ -2178,6 +2241,18 @@ interface OpenHiWebsiteServiceProps extends OpenHiServiceProps {
      * @default false
      */
     readonly restApi?: boolean;
+    /**
+     * Pull-request number used to compute the per-PR preview hostname
+     * (`\<domainPrefix\>-pr-\<N\>.\<zone\>`). Falls back to the
+     * `OPENHI_PR_NUMBER` env var when omitted — CI workflows set the env
+     * var from `github.event.pull_request.number`.
+     *
+     * Required on non-release-branch deploys; ignored on release-branch
+     * deploys where the hostname is `\<domainPrefix\>.\<zone\>`.
+     *
+     * @default - parsed from `OPENHI_PR_NUMBER` env var when set
+     */
+    readonly prNumber?: number;
 }
 /**
  * SSM parameter name suffix for the website's full domain
@@ -2185,10 +2260,13 @@ interface OpenHiWebsiteServiceProps extends OpenHiServiceProps {
  */
 declare const SSM_PARAM_NAME_FULL_DOMAIN = "WEBSITE_FULL_DOMAIN";
 /**
- * Website service stack: composes StaticHosting (only on release-branch
- * deploys) and StaticContent (always) so feature branches can ship their
- * content to a per-branch sub-domain folder against the release-branch
- * bucket without provisioning duplicate infrastructure.
+ * Website service stack. Release-branch deploys compose `StaticHosting`
+ * (bucket + CloudFront distribution with a wildcard SAN for per-PR
+ * previews + Lambda@Edge + DNS) and `StaticContent` (content upload).
+ * Non-release-branch deploys compose `PerBranchHostname` (a per-PR
+ * Route53 alias aliased to the release distribution) and `StaticContent`
+ * (per-PR upload to the shared bucket) so feature branches publish
+ * previews without provisioning duplicate infrastructure.
  *
  * Resources are created in protected methods; subclasses may override to
  * customize.
@@ -2224,8 +2302,10 @@ declare class OpenHiWebsiteService extends OpenHiService {
     /** Override so this.props is typed with this service's options. */
     props: OpenHiWebsiteServiceProps;
     /**
-     * Full domain served by this website (e.g. www.example.com). Derived from
-     * `domainPrefix` and the child hosted zone name.
+     * Full domain served by this website. On the release branch this is
+     * `<domainPrefix>.<zone>` (e.g. `admin.dev.openhi.org`); on every
+     * other branch it is the per-PR preview hostname
+     * `<domainPrefix>-pr-<N>.<zone>` (e.g. `admin-pr-123.dev.openhi.org`).
      */
     readonly fullDomain: string;
     /**
@@ -2241,6 +2321,20 @@ declare class OpenHiWebsiteService extends OpenHiService {
      * shared static-hosting bucket has been written to SSM for the first time.
      */
     readonly staticContent?: StaticContent;
+    /**
+     * Per-PR alias record. Created on non-release-branch deploys (when
+     * `createHostingInfrastructure` is left at its default) so the PR
+     * hostname `<domainPrefix>-pr-<N>.<zone>` resolves to the
+     * release-branch CloudFront distribution. `undefined` on release-branch
+     * deploys and on bootstrap deploys that force hosting infra on.
+     */
+    readonly perBranchHostname?: PerBranchHostname;
+    /**
+     * Pull-request number resolved from props or `OPENHI_PR_NUMBER`.
+     * `undefined` on release-branch deploys (where the hostname is
+     * `<domainPrefix>.<zone>` and no PR number is needed).
+     */
+    readonly prNumber?: number;
     constructor(ohEnv: OpenHiEnvironment, props: OpenHiWebsiteServiceProps);
     /**
      * Validates that config required for the website stack is present.
@@ -2260,13 +2354,40 @@ declare class OpenHiWebsiteService extends OpenHiService {
      */
     protected createCertificate(): ICertificate;
     /**
-     * Computes the full website domain from `domainPrefix` and the child
-     * zone name.
+     * Resolves the PR number from props or the `OPENHI_PR_NUMBER` env var.
+     * Returns `undefined` on release-branch deploys where no PR number is
+     * needed.
+     */
+    protected resolvePrNumber(props: OpenHiWebsiteServiceProps): number | undefined;
+    /**
+     * Computes the full website domain from `domainPrefix`, the PR number,
+     * and the child zone name. Release-branch deploys serve at
+     * `\<domainPrefix\>.\<zone\>` (e.g. `admin.dev.openhi.org`); every other
+     * deploy serves a per-PR preview at `\<domainPrefix\>-pr-\<N\>.\<zone\>`
+     * (e.g. `admin-pr-123.dev.openhi.org`).
      */
     protected computeFullDomain(hostedZone: IHostedZone): string;
+    /**
+     * Returns the sub-domain label (left of the zone) for the current
+     * deploy. Used both for {@link fullDomain} and for the per-branch S3
+     * key prefix passed to {@link StaticContent} so the upload prefix
+     * always matches the served hostname.
+     *
+     * Non-release deploys compose the per-PR slug from
+     * {@link PER_BRANCH_PREVIEW_PREFIX} so the per-PR S3 key prefix
+     * matches what `StaticHosting`'s lifecycle rule expires.
+     */
+    protected computeSubDomain(): string;
     /**
      * Creates the StaticHosting infrastructure (bucket + distribution +
-     * Lambda@Edge + 4 SSM params + DNS).
+     * Lambda@Edge + 4 SSM params + DNS). The release-branch distribution
+     * adds `*.\<zone\>` as a wildcard alt-name on top of the canonical
+     * hostname so per-PR previews resolve via the same distribution.
+     *
+     * The bucket carries an S3 lifecycle rule that expires per-PR
+     * preview content (keys under {@link PER_BRANCH_PREVIEW_PREFIX})
+     * on non-production stages. PROD never gets the rule — see
+     * `enablePreviewLifecycle`.
      */
     protected createStaticHosting(deps: {
         certificate: ICertificate;
@@ -2293,8 +2414,21 @@ declare class OpenHiWebsiteService extends OpenHiService {
      * the release-branch deploy publishes to SSM, addressed against
      * {@link OpenHiService.releaseBranchHash}. See
      * {@link resolveStaticHostingBucket}.
+     *
+     * The S3 key prefix is `\<sub-domain\>.\<zone\>/\<contentDest\>` so the
+     * upload location matches the Host-header-derived folder the Lambda@Edge
+     * viewer-request handler prepends. Passing the zone name (rather than
+     * `this.fullDomain`) for the `fullDomain` prop keeps the prefix flat
+     * — `admin-pr-123.dev.openhi.org/`, not `admin-pr-123.admin.dev.openhi.org/`.
      */
     protected createStaticContent(bucket: IBucket): StaticContent;
+    /**
+     * Creates the per-PR `PerBranchHostname` alias record on non-release
+     * branch deploys. The record points `\<domainPrefix\>-pr-\<N\>.\<zone\>`
+     * at the release-branch CloudFront distribution (resolved from SSM
+     * against {@link OpenHiService.releaseBranchHash}).
+     */
+    protected createPerBranchHostname(hostedZone: IHostedZone): PerBranchHostname;
     /**
      * Returns an {@link IBucket} pointing at the static-hosting bucket the
      * uploaders write to. On the release-branch deploy this is the bucket
@@ -2489,4 +2623,4 @@ declare class RenameCascadeWorkflow extends Construct {
     constructor(scope: Construct, props: RenameCascadeWorkflowProps);
 }
 
-export { type BuildParameterNameProps, ChildHostedZone, type ChildHostedZoneProps, CognitoUserPool, CognitoUserPoolClient, CognitoUserPoolDomain, CognitoUserPoolKmsKey, type ComputeBranchHashOptions, ControlEventBus, DATA_STORE_CHANGE_DETAIL_MAX_UTF8_BYTES, DATA_STORE_CHANGE_DETAIL_TYPE, DATA_STORE_CHANGE_EVENT_SOURCE, DEMO_DATA_PLANE_FIXTURES, DataEventBus, type DataEventBusOptions, DataStoreHistoricalArchive, type DataStoreHistoricalArchiveProps, DataStorePostgresReplica, type DataStorePostgresReplicaProps, type DemoWorkspaceDataPlaneFixtures, DiscoverableStringParameter, type DiscoverableStringParameterProps, DynamoDbDataStore, type DynamoDbDataStoreProps, type FhirCurrentResourceChangeDetail, type GrantConsumerOptions, HostingMode, OPENHI_TAG_SUFFIX_BRANCH_NAME, OPENHI_TAG_SUFFIX_REPO_NAME, OPENHI_TAG_SUFFIX_SERVICE_TYPE, OPENHI_TAG_SUFFIX_STAGE_TYPE, OpenHiApp, type OpenHiAppProps, OpenHiAuthService, type OpenHiAuthServiceProps, OpenHiDataService, type OpenHiDataServiceProps, OpenHiEnvironment, type OpenHiEnvironmentProps, OpenHiGlobalService, type OpenHiGlobalServiceProps, OpenHiGraphqlService, type OpenHiGraphqlServiceProps, type OpenHiRestApiRuntimeConfig, OpenHiRestApiService, type OpenHiRestApiServiceProps, OpenHiService, type OpenHiServiceProps, type OpenHiServiceType, OpenHiStage, type OpenHiStageProps, OpenHiWebsiteService, type OpenHiWebsiteServiceProps, OpsEventBus, OwningDeleteCascadeLambdas, type OwningDeleteCascadeLambdasProps, OwningDeleteCascadeWorkflow, type OwningDeleteCascadeWorkflowProps, POSTGRES_REPLICA_CLUSTER_ARN_SSM_NAME, POSTGRES_REPLICA_DATABASE_NAME_SSM_NAME, POSTGRES_REPLICA_SECRET_ARN_SSM_NAME, PerBranchHostname, type PerBranchHostnameProps, PlatformDeployBridge, PlatformDeployBridgeLambda, type PlatformDeployBridgeLambdaProps, type PlatformDeployBridgeProps, PostAuthenticationLambda, PostConfirmationLambda, type PostConfirmationLambdaProps, PreTokenGenerationLambda, type PreTokenGenerationLambdaProps, ProvisionDefaultWorkspaceLambda, type ProvisionDefaultWorkspaceLambdaProps, REST_API_BASE_URL_SSM_NAME, REST_API_DOMAIN_NAME_SSM_NAME, RenameCascadeLambdas, type RenameCascadeLambdasProps, RenameCascadeWorkflow, type RenameCascadeWorkflowProps, RootGraphqlApi, type RootGraphqlApiProps, RootHostedZone, RootHttpApi, type RootHttpApiProps, RootWildcardCertificate, SEED_SYSTEM_DATA_ACTOR_SYSTEM, SEED_SYSTEM_DATA_CONSUMER_NAME, SEED_SYSTEM_DATA_CONTROL_BUS_ENV_VAR, SSM_PARAM_NAME_FULL_DOMAIN, STATIC_HOSTING_SERVICE_TYPE, SeedDemoDataLambda, type SeedDemoDataLambdaProps, SeedDemoDataWorkflow, type SeedDemoDataWorkflowProps, SeedSystemDataLambda, type SeedSystemDataLambdaProps, SeedSystemDataWorkflow, type SeedSystemDataWorkflowProps, StaticContent, type StaticContentProps, StaticHosting, type StaticHostingProps, UserOnboardingWorkflow, type UserOnboardingWorkflowProps, WorkflowDedupConsumerNameInvalidError, WorkflowDedupTable, WorkflowDedupTableDuplicateError, type WorkflowDedupTableProps, buildFhirCurrentResourceChangeDetail, computeBranchHash, getDynamoDbDataStoreTableName, getPostgresReplicaSchemaName, getWorkflowDedupTableName, openHiTagKey };
+export { type BuildParameterNameProps, ChildHostedZone, type ChildHostedZoneProps, CognitoUserPool, CognitoUserPoolClient, CognitoUserPoolDomain, CognitoUserPoolKmsKey, type ComputeBranchHashOptions, ControlEventBus, DATA_STORE_CHANGE_DETAIL_MAX_UTF8_BYTES, DATA_STORE_CHANGE_DETAIL_TYPE, DATA_STORE_CHANGE_EVENT_SOURCE, DEFAULT_PREVIEW_EXPIRATION_DAYS, DEMO_DATA_PLANE_FIXTURES, DataEventBus, type DataEventBusOptions, DataStoreHistoricalArchive, type DataStoreHistoricalArchiveProps, DataStorePostgresReplica, type DataStorePostgresReplicaProps, type DemoWorkspaceDataPlaneFixtures, DiscoverableStringParameter, type DiscoverableStringParameterProps, DynamoDbDataStore, type DynamoDbDataStoreProps, type FhirCurrentResourceChangeDetail, type GrantConsumerOptions, HostingMode, OPENHI_PR_NUMBER_ENV_VAR, OPENHI_TAG_SUFFIX_BRANCH_NAME, OPENHI_TAG_SUFFIX_REPO_NAME, OPENHI_TAG_SUFFIX_SERVICE_TYPE, OPENHI_TAG_SUFFIX_STAGE_TYPE, OpenHiApp, type OpenHiAppProps, OpenHiAuthService, type OpenHiAuthServiceProps, OpenHiDataService, type OpenHiDataServiceProps, OpenHiEnvironment, type OpenHiEnvironmentProps, OpenHiGlobalService, type OpenHiGlobalServiceProps, OpenHiGraphqlService, type OpenHiGraphqlServiceProps, type OpenHiRestApiRuntimeConfig, OpenHiRestApiService, type OpenHiRestApiServiceProps, OpenHiService, type OpenHiServiceProps, type OpenHiServiceType, OpenHiStage, type OpenHiStageProps, OpenHiWebsiteService, type OpenHiWebsiteServiceProps, OpsEventBus, OwningDeleteCascadeLambdas, type OwningDeleteCascadeLambdasProps, OwningDeleteCascadeWorkflow, type OwningDeleteCascadeWorkflowProps, PER_BRANCH_PREVIEW_PREFIX, POSTGRES_REPLICA_CLUSTER_ARN_SSM_NAME, POSTGRES_REPLICA_DATABASE_NAME_SSM_NAME, POSTGRES_REPLICA_SECRET_ARN_SSM_NAME, PerBranchHostname, type PerBranchHostnameProps, PlatformDeployBridge, PlatformDeployBridgeLambda, type PlatformDeployBridgeLambdaProps, type PlatformDeployBridgeProps, PostAuthenticationLambda, PostConfirmationLambda, type PostConfirmationLambdaProps, PreTokenGenerationLambda, type PreTokenGenerationLambdaProps, ProvisionDefaultWorkspaceLambda, type ProvisionDefaultWorkspaceLambdaProps, REST_API_BASE_URL_SSM_NAME, REST_API_DOMAIN_NAME_SSM_NAME, RenameCascadeLambdas, type RenameCascadeLambdasProps, RenameCascadeWorkflow, type RenameCascadeWorkflowProps, RootGraphqlApi, type RootGraphqlApiProps, RootHostedZone, RootHttpApi, type RootHttpApiProps, RootWildcardCertificate, SEED_SYSTEM_DATA_ACTOR_SYSTEM, SEED_SYSTEM_DATA_CONSUMER_NAME, SEED_SYSTEM_DATA_CONTROL_BUS_ENV_VAR, SSM_PARAM_NAME_FULL_DOMAIN, STATIC_HOSTING_SERVICE_TYPE, SeedDemoDataLambda, type SeedDemoDataLambdaProps, SeedDemoDataWorkflow, type SeedDemoDataWorkflowProps, SeedSystemDataLambda, type SeedSystemDataLambdaProps, SeedSystemDataWorkflow, type SeedSystemDataWorkflowProps, StaticContent, type StaticContentProps, StaticHosting, type StaticHostingProps, UserOnboardingWorkflow, type UserOnboardingWorkflowProps, WorkflowDedupConsumerNameInvalidError, WorkflowDedupTable, WorkflowDedupTableDuplicateError, type WorkflowDedupTableProps, buildFhirCurrentResourceChangeDetail, computeBranchHash, getDynamoDbDataStoreTableName, getPostgresReplicaSchemaName, getWorkflowDedupTableName, openHiTagKey };

package/lib/index.d.ts

@@ -1779,6 +1779,23 @@ declare class StaticContent extends Construct {
  * OpenHiWebsiteService for fromConstruct() lookups.
  */
 declare const STATIC_HOSTING_SERVICE_TYPE = "website";
+/**
+ * Shared prefix for every per-PR preview hostname / S3 key
+ * (`admin-pr-<N>.<zone>`). Consumed by both the `StaticHosting`
+ * lifecycle rule (`prefixPattern`) and the per-PR deployment construct
+ * (`computeSubDomain` in `OpenHiWebsiteService`) so the two sides
+ * cannot drift — a unit test asserts they reference the same constant.
+ */
+declare const PER_BRANCH_PREVIEW_PREFIX = "admin-pr-";
+/**
+ * Default TTL applied to objects matching the `prefixPattern` lifecycle
+ * rule when `enablePreviewLifecycle` is `true` and `previewExpiration`
+ * is omitted. Per-PR preview content is small and short-lived; 14 days
+ * is long enough that a forgotten preview can still be opened during a
+ * code review and short enough that abandoned content does not
+ * accumulate.
+ */
+declare const DEFAULT_PREVIEW_EXPIRATION_DAYS = 14;
 /**
  * Props for the StaticHosting construct.
  */
@@ -1875,6 +1892,33 @@ interface StaticHostingProps {
             readonly maxTtl?: Duration;
         };
     };
+    /**
+     * S3 key prefix that the per-PR preview lifecycle rule matches. Must
+     * be the same value the per-PR deployment construct writes under
+     * (see `PER_BRANCH_PREVIEW_PREFIX`). Required even when
+     * `enablePreviewLifecycle` is `false` so the contract between the
+     * deployment side and the lifecycle side is single-sourced.
+     */
+    readonly prefixPattern: string;
+    /**
+     * When `true`, add an S3 lifecycle rule to the bucket that expires
+     * objects matching `prefixPattern` after `previewExpiration`. **No
+     * default** — every caller must make the stage decision explicitly
+     * because adding the rule in production could silently delete real
+     * content if the prefix ever overlapped with release content.
+     *
+     * Callers gate this against the stage (e.g.
+     * `ohEnv.ohStage.stageType !== OPEN_HI_STAGE.PROD`) before passing
+     * the prop.
+     */
+    readonly enablePreviewLifecycle: boolean;
+    /**
+     * TTL applied to objects under `prefixPattern` when the lifecycle
+     * rule is created.
+     *
+     * @default Duration.days(14)
+     */
+    readonly previewExpiration?: Duration;
 }
 /**
  * Static hosting: S3 bucket (private) + CloudFront distribution with Origin
@@ -1909,7 +1953,7 @@ declare class StaticHosting extends Construct {
     readonly bucket: IBucket;
     readonly distribution: Distribution;
     readonly viewerRequestHandler: NodejsFunction;
-    constructor(scope: Construct, id: string, props?: StaticHostingProps);
+    constructor(scope: Construct, id: string, props: StaticHostingProps);
     /**
      * Builds the `/api/*` and `/api/control/runtime-config` behaviors backed
      * by the REST API custom-domain origin. Returns `undefined` when no
@@ -2002,6 +2046,19 @@ declare class OpenHiAuthService extends OpenHiService {
      * Returns an IUserPoolDomain by looking up the Auth stack's User Pool Domain from SSM.
      */
     static userPoolDomainFromConstruct(scope: Construct): IUserPoolDomain;
+    /**
+     * Returns the full Cognito Hosted UI base URL (e.g.
+     * `https://auth-abc.auth.us-east-2.amazoncognito.com`) by looking up
+     * the Auth stack's User Pool Domain from SSM and composing it with the
+     * calling stack's region.
+     *
+     * Equivalent to `UserPoolDomain.baseUrl()` on the concrete construct,
+     * but works across stacks where the looked-up `IUserPoolDomain` is an
+     * `Import` and does not carry the `baseUrl()` method. Assumes the
+     * domain was created as a Cognito-managed prefix domain (the only
+     * variant `OpenHiAuthService.createUserPoolDomain` produces).
+     */
+    static userPoolDomainBaseUrlFromConstruct(scope: Construct): string;
     /**
      * Returns an IKey (KMS) by looking up the Auth stack's User Pool KMS Key ARN from SSM.
      */
@@ -2749,6 +2806,12 @@ declare class OpenHiGraphqlService extends OpenHiService {
     protected createRootGraphqlApi(): RootGraphqlApi;
 }
 
+/**
+ * Environment variable that supplies the PR number on non-release website
+ * deploys. Sibling of `GIT_BRANCH_NAME` used by `OpenHiService`. CI sets
+ * this from `github.event.pull_request.number`.
+ */
+declare const OPENHI_PR_NUMBER_ENV_VAR = "OPENHI_PR_NUMBER";
 /**
  * @see sites/www-docs/content/packages/@openhi/constructs/services/open-hi-website-service.md
  */
@@ -2815,6 +2878,18 @@ interface OpenHiWebsiteServiceProps extends OpenHiServiceProps {
      * @default false
      */
     readonly restApi?: boolean;
+    /**
+     * Pull-request number used to compute the per-PR preview hostname
+     * (`\<domainPrefix\>-pr-\<N\>.\<zone\>`). Falls back to the
+     * `OPENHI_PR_NUMBER` env var when omitted — CI workflows set the env
+     * var from `github.event.pull_request.number`.
+     *
+     * Required on non-release-branch deploys; ignored on release-branch
+     * deploys where the hostname is `\<domainPrefix\>.\<zone\>`.
+     *
+     * @default - parsed from `OPENHI_PR_NUMBER` env var when set
+     */
+    readonly prNumber?: number;
 }
 /**
  * SSM parameter name suffix for the website's full domain
@@ -2822,10 +2897,13 @@ interface OpenHiWebsiteServiceProps extends OpenHiServiceProps {
  */
 declare const SSM_PARAM_NAME_FULL_DOMAIN = "WEBSITE_FULL_DOMAIN";
 /**
- * Website service stack: composes StaticHosting (only on release-branch
- * deploys) and StaticContent (always) so feature branches can ship their
- * content to a per-branch sub-domain folder against the release-branch
- * bucket without provisioning duplicate infrastructure.
+ * Website service stack. Release-branch deploys compose `StaticHosting`
+ * (bucket + CloudFront distribution with a wildcard SAN for per-PR
+ * previews + Lambda@Edge + DNS) and `StaticContent` (content upload).
+ * Non-release-branch deploys compose `PerBranchHostname` (a per-PR
+ * Route53 alias aliased to the release distribution) and `StaticContent`
+ * (per-PR upload to the shared bucket) so feature branches publish
+ * previews without provisioning duplicate infrastructure.
  *
  * Resources are created in protected methods; subclasses may override to
  * customize.
@@ -2861,8 +2939,10 @@ declare class OpenHiWebsiteService extends OpenHiService {
     /** Override so this.props is typed with this service's options. */
     props: OpenHiWebsiteServiceProps;
     /**
-     * Full domain served by this website (e.g. www.example.com). Derived from
-     * `domainPrefix` and the child hosted zone name.
+     * Full domain served by this website. On the release branch this is
+     * `<domainPrefix>.<zone>` (e.g. `admin.dev.openhi.org`); on every
+     * other branch it is the per-PR preview hostname
+     * `<domainPrefix>-pr-<N>.<zone>` (e.g. `admin-pr-123.dev.openhi.org`).
      */
     readonly fullDomain: string;
     /**
@@ -2878,6 +2958,20 @@ declare class OpenHiWebsiteService extends OpenHiService {
      * shared static-hosting bucket has been written to SSM for the first time.
      */
     readonly staticContent?: StaticContent;
+    /**
+     * Per-PR alias record. Created on non-release-branch deploys (when
+     * `createHostingInfrastructure` is left at its default) so the PR
+     * hostname `<domainPrefix>-pr-<N>.<zone>` resolves to the
+     * release-branch CloudFront distribution. `undefined` on release-branch
+     * deploys and on bootstrap deploys that force hosting infra on.
+     */
+    readonly perBranchHostname?: PerBranchHostname;
+    /**
+     * Pull-request number resolved from props or `OPENHI_PR_NUMBER`.
+     * `undefined` on release-branch deploys (where the hostname is
+     * `<domainPrefix>.<zone>` and no PR number is needed).
+     */
+    readonly prNumber?: number;
     constructor(ohEnv: OpenHiEnvironment, props: OpenHiWebsiteServiceProps);
     /**
      * Validates that config required for the website stack is present.
@@ -2897,13 +2991,40 @@ declare class OpenHiWebsiteService extends OpenHiService {
      */
     protected createCertificate(): ICertificate;
     /**
-     * Computes the full website domain from `domainPrefix` and the child
-     * zone name.
+     * Resolves the PR number from props or the `OPENHI_PR_NUMBER` env var.
+     * Returns `undefined` on release-branch deploys where no PR number is
+     * needed.
+     */
+    protected resolvePrNumber(props: OpenHiWebsiteServiceProps): number | undefined;
+    /**
+     * Computes the full website domain from `domainPrefix`, the PR number,
+     * and the child zone name. Release-branch deploys serve at
+     * `\<domainPrefix\>.\<zone\>` (e.g. `admin.dev.openhi.org`); every other
+     * deploy serves a per-PR preview at `\<domainPrefix\>-pr-\<N\>.\<zone\>`
+     * (e.g. `admin-pr-123.dev.openhi.org`).
      */
     protected computeFullDomain(hostedZone: IHostedZone): string;
+    /**
+     * Returns the sub-domain label (left of the zone) for the current
+     * deploy. Used both for {@link fullDomain} and for the per-branch S3
+     * key prefix passed to {@link StaticContent} so the upload prefix
+     * always matches the served hostname.
+     *
+     * Non-release deploys compose the per-PR slug from
+     * {@link PER_BRANCH_PREVIEW_PREFIX} so the per-PR S3 key prefix
+     * matches what `StaticHosting`'s lifecycle rule expires.
+     */
+    protected computeSubDomain(): string;
     /**
      * Creates the StaticHosting infrastructure (bucket + distribution +
-     * Lambda@Edge + 4 SSM params + DNS).
+     * Lambda@Edge + 4 SSM params + DNS). The release-branch distribution
+     * adds `*.\<zone\>` as a wildcard alt-name on top of the canonical
+     * hostname so per-PR previews resolve via the same distribution.
+     *
+     * The bucket carries an S3 lifecycle rule that expires per-PR
+     * preview content (keys under {@link PER_BRANCH_PREVIEW_PREFIX})
+     * on non-production stages. PROD never gets the rule — see
+     * `enablePreviewLifecycle`.
      */
     protected createStaticHosting(deps: {
         certificate: ICertificate;
@@ -2930,8 +3051,21 @@ declare class OpenHiWebsiteService extends OpenHiService {
      * the release-branch deploy publishes to SSM, addressed against
      * {@link OpenHiService.releaseBranchHash}. See
      * {@link resolveStaticHostingBucket}.
+     *
+     * The S3 key prefix is `\<sub-domain\>.\<zone\>/\<contentDest\>` so the
+     * upload location matches the Host-header-derived folder the Lambda@Edge
+     * viewer-request handler prepends. Passing the zone name (rather than
+     * `this.fullDomain`) for the `fullDomain` prop keeps the prefix flat
+     * — `admin-pr-123.dev.openhi.org/`, not `admin-pr-123.admin.dev.openhi.org/`.
      */
     protected createStaticContent(bucket: IBucket): StaticContent;
+    /**
+     * Creates the per-PR `PerBranchHostname` alias record on non-release
+     * branch deploys. The record points `\<domainPrefix\>-pr-\<N\>.\<zone\>`
+     * at the release-branch CloudFront distribution (resolved from SSM
+     * against {@link OpenHiService.releaseBranchHash}).
+     */
+    protected createPerBranchHostname(hostedZone: IHostedZone): PerBranchHostname;
     /**
      * Returns an {@link IBucket} pointing at the static-hosting bucket the
      * uploaders write to. On the release-branch deploy this is the bucket
@@ -3126,5 +3260,5 @@ declare class RenameCascadeWorkflow extends Construct {
     constructor(scope: Construct, props: RenameCascadeWorkflowProps);
 }
 
-export { BRIDGED_STATUSES, CLOUDFORMATION_EVENT_SOURCE, CLOUDFORMATION_STACK_STATUS_CHANGE_DETAIL_TYPE, CONTROL_EVENT_BUS_NAME_ENV_VAR, ChildHostedZone, CognitoUserPool, CognitoUserPoolClient, CognitoUserPoolDomain, CognitoUserPoolKmsKey, ControlEventBus, DATA_STORE_CHANGE_DETAIL_MAX_UTF8_BYTES, DATA_STORE_CHANGE_DETAIL_TYPE, DATA_STORE_CHANGE_EVENT_SOURCE, DEMO_DATA_PLANE_FIXTURES, DEMO_PERIOD, DEMO_TENANT_SPECS, DEMO_URN_SYSTEM, DEV_USERS, DataEventBus, DataStoreHistoricalArchive, DataStorePostgresReplica, DiscoverableStringParameter, DynamoDbDataStore, OPENHI_REPO_TAG_KEY_ENV_VAR, OPENHI_RESOURCE_URN_SYSTEM, OPENHI_TAG_KEY_PREFIX_ENV_VAR, OPENHI_TAG_SUFFIX_BRANCH_NAME, OPENHI_TAG_SUFFIX_REPO_NAME, OPENHI_TAG_SUFFIX_SERVICE_TYPE, OPENHI_TAG_SUFFIX_STAGE_TYPE, OWNING_DELETE_CASCADE_CONSUMER_NAME, OWNING_DELETE_CASCADE_DEFAULT_CONCURRENCY, OWNING_DELETE_CASCADE_STUCK_THRESHOLD_MINUTES, OWNING_DELETE_OPS_EVENT_BUS_ENV_VAR, OpenHiApp, OpenHiAuthService, OpenHiDataService, OpenHiEnvironment, OpenHiGlobalService, OpenHiGraphqlService, OpenHiRestApiService, OpenHiService, OpenHiStage, OpenHiWebsiteService, OpsEventBus, OwningDeleteCascadeLambdas, OwningDeleteCascadeWorkflow, PLACEHOLDER_TENANT_ID, PLACEHOLDER_WORKSPACE_ID, PLATFORM_DEPLOY_BRIDGE_ACTOR_SYSTEM, PLATFORM_SCOPE_TENANT_ID, POSTGRES_REPLICA_CLUSTER_ARN_SSM_NAME, POSTGRES_REPLICA_DATABASE_NAME_SSM_NAME, POSTGRES_REPLICA_SECRET_ARN_SSM_NAME, PROVISION_DEFAULT_WORKSPACE_DETAIL_TYPE, PerBranchHostname, PlatformDeployBridge, PlatformDeployBridgeLambda, PostAuthenticationLambda, PostConfirmationLambda, PreTokenGenerationLambda, ProvisionDefaultWorkspaceLambda, RENAME_CASCADE_CONSUMER_NAME, RENAME_CASCADE_DEFAULT_CONCURRENCY, RENAME_CASCADE_FAILED_THRESHOLD, RENAME_CASCADE_OPS_EVENT_BUS_ENV_VAR, RENAME_CASCADE_SLOW_THRESHOLD_SECONDS, REST_API_BASE_URL_SSM_NAME, REST_API_DOMAIN_NAME_SSM_NAME, RenameCascadeLambdas, RenameCascadeWorkflow, RootGraphqlApi, RootHostedZone, RootHttpApi, RootWildcardCertificate, SEED_DEMO_DATA_CONSUMER_NAME, SEED_SYSTEM_DATA_ACTOR_SYSTEM, SEED_SYSTEM_DATA_CONSUMER_NAME, SEED_SYSTEM_DATA_CONTROL_BUS_ENV_VAR, SSM_PARAM_NAME_FULL_DOMAIN, STATIC_HOSTING_SERVICE_TYPE, SeedDemoDataLambda, SeedDemoDataWorkflow, SeedSystemDataLambda, SeedSystemDataWorkflow, StaticContent, StaticHosting, USER_ONBOARDING_EVENT_SOURCE, UserOnboardingWorkflow, WorkflowDedupConsumerNameInvalidError, WorkflowDedupTable, WorkflowDedupTableDuplicateError, buildFhirCurrentResourceChangeDetail, buildProvisionDefaultWorkspaceRequestedDetail, computeBranchHash, demoMembershipId, demoRoleAssignmentId, demoRolesForUserInTenant, demoScenarioIdentifier, getDynamoDbDataStoreTableName, getPostgresReplicaSchemaName, getWorkflowDedupTableName, openHiTagKey, openhiResourceIdentifier };
+export { BRIDGED_STATUSES, CLOUDFORMATION_EVENT_SOURCE, CLOUDFORMATION_STACK_STATUS_CHANGE_DETAIL_TYPE, CONTROL_EVENT_BUS_NAME_ENV_VAR, ChildHostedZone, CognitoUserPool, CognitoUserPoolClient, CognitoUserPoolDomain, CognitoUserPoolKmsKey, ControlEventBus, DATA_STORE_CHANGE_DETAIL_MAX_UTF8_BYTES, DATA_STORE_CHANGE_DETAIL_TYPE, DATA_STORE_CHANGE_EVENT_SOURCE, DEFAULT_PREVIEW_EXPIRATION_DAYS, DEMO_DATA_PLANE_FIXTURES, DEMO_PERIOD, DEMO_TENANT_SPECS, DEMO_URN_SYSTEM, DEV_USERS, DataEventBus, DataStoreHistoricalArchive, DataStorePostgresReplica, DiscoverableStringParameter, DynamoDbDataStore, OPENHI_PR_NUMBER_ENV_VAR, OPENHI_REPO_TAG_KEY_ENV_VAR, OPENHI_RESOURCE_URN_SYSTEM, OPENHI_TAG_KEY_PREFIX_ENV_VAR, OPENHI_TAG_SUFFIX_BRANCH_NAME, OPENHI_TAG_SUFFIX_REPO_NAME, OPENHI_TAG_SUFFIX_SERVICE_TYPE, OPENHI_TAG_SUFFIX_STAGE_TYPE, OWNING_DELETE_CASCADE_CONSUMER_NAME, OWNING_DELETE_CASCADE_DEFAULT_CONCURRENCY, OWNING_DELETE_CASCADE_STUCK_THRESHOLD_MINUTES, OWNING_DELETE_OPS_EVENT_BUS_ENV_VAR, OpenHiApp, OpenHiAuthService, OpenHiDataService, OpenHiEnvironment, OpenHiGlobalService, OpenHiGraphqlService, OpenHiRestApiService, OpenHiService, OpenHiStage, OpenHiWebsiteService, OpsEventBus, OwningDeleteCascadeLambdas, OwningDeleteCascadeWorkflow, PER_BRANCH_PREVIEW_PREFIX, PLACEHOLDER_TENANT_ID, PLACEHOLDER_WORKSPACE_ID, PLATFORM_DEPLOY_BRIDGE_ACTOR_SYSTEM, PLATFORM_SCOPE_TENANT_ID, POSTGRES_REPLICA_CLUSTER_ARN_SSM_NAME, POSTGRES_REPLICA_DATABASE_NAME_SSM_NAME, POSTGRES_REPLICA_SECRET_ARN_SSM_NAME, PROVISION_DEFAULT_WORKSPACE_DETAIL_TYPE, PerBranchHostname, PlatformDeployBridge, PlatformDeployBridgeLambda, PostAuthenticationLambda, PostConfirmationLambda, PreTokenGenerationLambda, ProvisionDefaultWorkspaceLambda, RENAME_CASCADE_CONSUMER_NAME, RENAME_CASCADE_DEFAULT_CONCURRENCY, RENAME_CASCADE_FAILED_THRESHOLD, RENAME_CASCADE_OPS_EVENT_BUS_ENV_VAR, RENAME_CASCADE_SLOW_THRESHOLD_SECONDS, REST_API_BASE_URL_SSM_NAME, REST_API_DOMAIN_NAME_SSM_NAME, RenameCascadeLambdas, RenameCascadeWorkflow, RootGraphqlApi, RootHostedZone, RootHttpApi, RootWildcardCertificate, SEED_DEMO_DATA_CONSUMER_NAME, SEED_SYSTEM_DATA_ACTOR_SYSTEM, SEED_SYSTEM_DATA_CONSUMER_NAME, SEED_SYSTEM_DATA_CONTROL_BUS_ENV_VAR, SSM_PARAM_NAME_FULL_DOMAIN, STATIC_HOSTING_SERVICE_TYPE, SeedDemoDataLambda, SeedDemoDataWorkflow, SeedSystemDataLambda, SeedSystemDataWorkflow, StaticContent, StaticHosting, USER_ONBOARDING_EVENT_SOURCE, UserOnboardingWorkflow, WorkflowDedupConsumerNameInvalidError, WorkflowDedupTable, WorkflowDedupTableDuplicateError, buildFhirCurrentResourceChangeDetail, buildProvisionDefaultWorkspaceRequestedDetail, computeBranchHash, demoMembershipId, demoRoleAssignmentId, demoRolesForUserInTenant, demoScenarioIdentifier, getDynamoDbDataStoreTableName, getPostgresReplicaSchemaName, getWorkflowDedupTableName, openHiTagKey, openhiResourceIdentifier };
 export type { BridgedStatus, BuildParameterNameProps, CascadeChunkInput, CascadeFinalizeInput, CascadeFinalizeOutput, CascadeListInput, CascadeListOutput, ChildHostedZoneProps, CloudFormationStackStatusChangeDetail, ComputeBranchHashOptions, DataEventBusOptions, DataStoreHistoricalArchiveProps, DataStorePostgresReplicaProps, DemoDevUser, DemoTenantSpec, DemoWorkspaceDataPlaneFixtures, DemoWorkspaceSpec, DiscoverableStringParameterProps, DynamoDbDataStoreProps, FhirCurrentResourceChangeDetail, GrantConsumerOptions, HostingMode, OpenHiAppProps, OpenHiAuthServiceProps, OpenHiDataServiceProps, OpenHiEnvironmentProps, OpenHiGlobalServiceProps, OpenHiGraphqlServiceProps, OpenHiRestApiRuntimeConfig, OpenHiRestApiServiceProps, OpenHiServiceProps, OpenHiServiceType, OpenHiStageProps, OpenHiWebsiteServiceProps, OwningDeleteCascadeLambdasProps, OwningDeleteCascadeWorkflowProps, PerBranchHostnameProps, PlatformDeployBridgeLambdaProps, PlatformDeployBridgeProps, PostConfirmationLambdaProps, PreTokenGenerationLambdaProps, ProvisionDefaultWorkspaceLambdaProps, ProvisionDefaultWorkspaceRequestedDetail, RenameCascadeChunkInput, RenameCascadeFinalizeInput, RenameCascadeFinalizeOutput, RenameCascadeLambdasProps, RenameCascadeListInput, RenameCascadeListOutput, RenameCascadeWorkflowProps, RootGraphqlApiProps, RootHttpApiProps, SeedDemoDataLambdaProps, SeedDemoDataWorkflowProps, SeedSystemDataLambdaProps, SeedSystemDataWorkflowProps, StaticContentProps, StaticHostingProps, UserOnboardingWorkflowProps, WorkflowDedupTableProps };