@openhi/constructs 0.0.135 → 0.0.137

package/lib/index.mjs

@@ -358,12 +358,14 @@ import {
 } from "@codedrifters/utils";
 import { RemovalPolicy, Stack, Tags } from "aws-cdk-lib";
 import { paramCase } from "change-case";
+var DEFAULT_RELEASE_BRANCH = "main";
+var CHILD_ZONE_PREFIX_MAX_LENGTH = 56;
 var OPENHI_TAG_SUFFIX_REPO_NAME = "repo-name";
 var OPENHI_TAG_SUFFIX_BRANCH_NAME = "branch-name";
 var OPENHI_TAG_SUFFIX_SERVICE_TYPE = "service-type";
 var OPENHI_TAG_SUFFIX_STAGE_TYPE = "stage-type";
 var openHiTagKey = (appName, suffix) => `${appName}:${suffix}`;
-var OpenHiService = class extends Stack {
+var OpenHiService = class _OpenHiService extends Stack {
   /**
    * Creates a new OpenHI service stack.
    *
@@ -383,8 +385,12 @@ var OpenHiService = class extends Stack {
     }
     const appName = props.appName ?? ohEnv.ohStage.ohApp.appName ?? "openhi";
     const repoName = props.repoName ?? findGitRepoName();
-    const defaultReleaseBranch = props.defaultReleaseBranch ?? "main";
-    const branchName = props.branchName ?? (process.env.JEST_WORKER_ID ? "test-branch" : process.env.GIT_BRANCH_NAME?.trim() || (ohEnv.ohStage.stageType === import_config3.OPEN_HI_STAGE.DEV ? findGitBranch() : defaultReleaseBranch));
+    const { branchName, defaultReleaseBranch } = _OpenHiService.resolveBranchContext(ohEnv, {
+      ...props.branchName !== void 0 && { branchName: props.branchName },
+      ...props.defaultReleaseBranch !== void 0 && {
+        defaultReleaseBranch: props.defaultReleaseBranch
+      }
+    });
     const environmentHash = hashString2(
       [appName, ohEnv.deploymentTargetRole, account, region].join("-"),
       6
@@ -459,6 +465,50 @@ var OpenHiService = class extends Stack {
       ohEnv.ohStage.stageType.slice(0, 255)
     );
   }
+  /**
+   * Compose the full per-deploy domain for an OpenHI service.
+   *
+   * On the release branch (`branchName === defaultReleaseBranch`), the
+   * full domain is `<domainPrefix>.<zoneName>`. On every other branch
+   * the per-PR preview hostname is
+   * `<domainPrefix>-<childZonePrefix>.<zoneName>`.
+   *
+   * Pure helper — reads no environment state. Subclasses expose thin
+   * statics (`composeFullDomain`) that fill in `domainPrefix` from their
+   * own service constant and delegate here.
+   */
+  static composeServiceDomain(opts) {
+    const isRelease = opts.branchName === opts.defaultReleaseBranch;
+    const subDomain = isRelease ? opts.domainPrefix : `${opts.domainPrefix}-${opts.childZonePrefix}`;
+    return `${subDomain}.${opts.zoneName}`;
+  }
+  /**
+   * Compute the `childZonePrefix` segment for a given branch — kebab-cased
+   * and truncated to {@link CHILD_ZONE_PREFIX_MAX_LENGTH}. Matches the
+   * per-instance {@link OpenHiService.childZonePrefix} getter so consumers
+   * can compose hostnames identical to the service's own without
+   * instantiating it.
+   */
+  static computeChildZonePrefix(branchName) {
+    return paramCase(branchName).slice(0, CHILD_ZONE_PREFIX_MAX_LENGTH);
+  }
+  /**
+   * Resolve the branch context the service would compute internally given
+   * an environment and optional overrides. Mirrors the same defaulting
+   * (props override → JEST sentinel → `GIT_BRANCH_NAME` env → git
+   * detection on DEV → release branch on stage/prod) the
+   * {@link OpenHiService} constructor uses.
+   *
+   * Consumers (e.g. sibling stack entries) call this to predict the
+   * branch values a service will see at synth time so they can compose
+   * hostnames against the same inputs.
+   */
+  static resolveBranchContext(ohEnv, overrides = {}) {
+    const defaultReleaseBranch = overrides.defaultReleaseBranch ?? DEFAULT_RELEASE_BRANCH;
+    const branchName = overrides.branchName ?? (process.env.JEST_WORKER_ID ? "test-branch" : process.env.GIT_BRANCH_NAME?.trim() || (ohEnv.ohStage.stageType === import_config3.OPEN_HI_STAGE.DEV ? findGitBranch() : defaultReleaseBranch));
+    const childZonePrefix = _OpenHiService.computeChildZonePrefix(branchName);
+    return { branchName, defaultReleaseBranch, childZonePrefix };
+  }
   /**
    * DNS prefix for this branche's child zone. Capped at 56 chars so
    * that a `<service>-<prefix>` hostname segment stays under the 63-byte
@@ -467,7 +517,7 @@ var OpenHiService = class extends Stack {
    * headroom on the longer side.
    */
   get childZonePrefix() {
-    return paramCase(this.branchName).slice(0, 56);
+    return _OpenHiService.computeChildZonePrefix(this.branchName);
   }
 };
 
@@ -1419,10 +1469,11 @@ var DataStorePostgresReplica = class extends Construct6 {
       bundling: {
         minify: true,
         sourceMap: false,
-        // pg has conditional/optional deps (pg-native, pg-cloudflare) that
-        // historically misbehave when bundled by esbuild; keep it as a real
-        // node_module in the Lambda zip instead.
-        nodeModules: ["pg"]
+        // pg's conditional optional deps (pg-native, pg-cloudflare) are
+        // marked external so esbuild does not try to resolve them — pg's
+        // runtime code wraps the requires in try/catch and falls back to
+        // the pure-JS client when they are not present.
+        externalModules: ["pg-native", "pg-cloudflare"]
       }
     });
     this.cluster.secret.grantRead(this.replicationFunction);
@@ -2880,6 +2931,7 @@ _OpenHiAuthService.SERVICE_TYPE = "auth";
 var OpenHiAuthService = _OpenHiAuthService;
 
 // src/services/open-hi-rest-api-service.ts
+var import_config5 = __toESM(require_lib2());
 import {
   CorsHttpMethod,
   DomainName,
@@ -2970,7 +3022,31 @@ var RestApiLambda = class extends Construct20 {
 // src/services/open-hi-rest-api-service.ts
 var REST_API_BASE_URL_SSM_NAME = "REST_API_BASE_URL";
 var REST_API_DOMAIN_NAME_SSM_NAME = "REST_API_DOMAIN_NAME";
+var DEV_CORS_ALLOW_ORIGINS = [
+  "http://localhost:3000",
+  "https://localhost:3000",
+  "http://localhost:5173",
+  "https://localhost:5173",
+  "http://127.0.0.1:3000",
+  "https://127.0.0.1:3000",
+  "http://127.0.0.1:5173",
+  "https://127.0.0.1:5173"
+];
 var _OpenHiRestApiService = class _OpenHiRestApiService extends OpenHiService {
+  /**
+   * Compose the REST API's full per-deploy domain. Thin wrapper over
+   * {@link OpenHiService.composeServiceDomain} that pins `domainPrefix`
+   * to {@link API_DOMAIN_PREFIX}.
+   *
+   * Use from sibling stacks that need to predict the API's hostname
+   * before the REST API stack is synthesised.
+   */
+  static composeFullDomain(opts) {
+    return OpenHiService.composeServiceDomain({
+      ...opts,
+      domainPrefix: _OpenHiRestApiService.API_DOMAIN_PREFIX
+    });
+  }
   /**
    * Returns an IHttpApi by looking up the REST API stack's HTTP API ID from SSM.
    */
@@ -3054,11 +3130,18 @@ var _OpenHiRestApiService = class _OpenHiRestApiService extends OpenHiService {
   }
   /**
    * Returns the API domain name string (e.g. api.example.com or api-\{prefix\}.example.com).
+   * Delegates to {@link OpenHiRestApiService.composeFullDomain} so the
+   * release-vs-feature composition stays in one place; picks up
+   * `this.defaultReleaseBranch` (not a hard-coded `"main"`).
    * Override to customize.
    */
   createApiDomainNameString(hostedZone) {
-    const apiPrefix = this.branchName === "main" ? `api` : `api-${this.childZonePrefix}`;
-    return [apiPrefix, hostedZone.zoneName].join(".");
+    return _OpenHiRestApiService.composeFullDomain({
+      branchName: this.branchName,
+      defaultReleaseBranch: this.defaultReleaseBranch,
+      childZonePrefix: this.childZonePrefix,
+      zoneName: hostedZone.zoneName
+    });
   }
   /**
    * Creates the SSM parameter for the REST API base URL.
@@ -3117,7 +3200,7 @@ var _OpenHiRestApiService = class _OpenHiRestApiService extends OpenHiService {
       postgresSecretArn,
       postgresDatabase,
       postgresSchema,
-      ...extraEnvironment !== void 0 && { extraEnvironment }
+      extraEnvironment
     });
     lambda.addToRolePolicy(
       new PolicyStatement7({
@@ -3207,7 +3290,10 @@ var _OpenHiRestApiService = class _OpenHiRestApiService extends OpenHiService {
       routeKey: HttpRouteKey.with("/{proxy+}", HttpMethod.ANY),
       integration
     });
-    const apiPrefix = this.branchName === "main" ? `api` : `api-${this.childZonePrefix}`;
+    const apiPrefix = this.apiDomainName.slice(
+      0,
+      -(hostedZone.zoneName.length + 1)
+    );
     new ARecord3(this, `api-a-record-${apiPrefix}`, {
       zone: hostedZone,
       recordName: apiPrefix,
@@ -3233,27 +3319,10 @@ var _OpenHiRestApiService = class _OpenHiRestApiService extends OpenHiService {
       { userPoolClients: [userPoolClient] }
     );
     const { corsPreflight: cors, ...restRootHttpApiProps } = this.props.rootHttpApiProps ?? {};
-    const corsPreflight = cors !== void 0 ? {
-      allowOrigins: cors.allowOrigins,
-      allowMethods: cors.allowMethods ?? [
-        CorsHttpMethod.GET,
-        CorsHttpMethod.HEAD,
-        CorsHttpMethod.POST,
-        CorsHttpMethod.PUT,
-        CorsHttpMethod.PATCH,
-        CorsHttpMethod.DELETE,
-        CorsHttpMethod.OPTIONS
-      ],
-      allowHeaders: cors.allowHeaders ?? [
-        "Content-Type",
-        "Authorization"
-      ],
-      allowCredentials: cors.allowCredentials ?? true,
-      maxAge: cors.maxAge ?? Duration10.days(1),
-      ...cors.exposeHeaders !== void 0 && {
-        exposeHeaders: cors.exposeHeaders
-      }
-    } : void 0;
+    const isNonProd = this.ohEnv.ohStage.stageType !== import_config5.OPEN_HI_STAGE.PROD;
+    const callerOrigins = cors?.allowOrigins ?? [];
+    const mergedOrigins = isNonProd ? Array.from(/* @__PURE__ */ new Set([...callerOrigins, ...DEV_CORS_ALLOW_ORIGINS])) : callerOrigins;
+    const corsPreflight = cors !== void 0 || isNonProd ? this.buildCorsPreflightOptions(mergedOrigins, cors) : void 0;
     const rootHttpApi = new RootHttpApi(this, {
       ...restRootHttpApiProps,
       ...corsPreflight !== void 0 && { corsPreflight },
@@ -3270,21 +3339,43 @@ var _OpenHiRestApiService = class _OpenHiRestApiService extends OpenHiService {
     });
     return rootHttpApi;
   }
+  /**
+   * Builds the full `CorsPreflightOptions` from a merged origins array,
+   * filling defaults for `allowMethods`/`allowHeaders`/`allowCredentials`/
+   * `maxAge` from the caller-supplied block when present.
+   */
+  buildCorsPreflightOptions(allowOrigins, cors) {
+    return {
+      allowOrigins: [...allowOrigins],
+      allowMethods: cors?.allowMethods ?? [
+        CorsHttpMethod.GET,
+        CorsHttpMethod.HEAD,
+        CorsHttpMethod.POST,
+        CorsHttpMethod.PUT,
+        CorsHttpMethod.PATCH,
+        CorsHttpMethod.DELETE,
+        CorsHttpMethod.OPTIONS
+      ],
+      allowHeaders: cors?.allowHeaders ?? ["Content-Type", "Authorization"],
+      allowCredentials: cors?.allowCredentials ?? true,
+      maxAge: cors?.maxAge ?? Duration10.days(1),
+      ...cors?.exposeHeaders !== void 0 && {
+        exposeHeaders: cors.exposeHeaders
+      }
+    };
+  }
   /**
    * Builds the `OPENHI_RUNTIME_CONFIG_*` env-var map the REST API Lambda
-   * exposes through `GET /control/runtime-config`. Returns `undefined` when
-   * the `runtimeConfig` prop is omitted so no env vars are set.
-   *
-   * The three Cognito IDs are resolved via SSM lookups against the auth
-   * stack from a dedicated sub-scope (`runtime-config`) so they don't
-   * collide with the user-pool / user-pool-client constructs already
-   * created in {@link createRootHttpApi}. `apiBaseUrl` is derived from
-   * this stack's own custom domain so callers don't have to hardcode it.
+   * exposes through `GET /control/runtime-config`. The four values are
+   * always populated — the three Cognito IDs are resolved via SSM lookups
+   * against the auth stack from a dedicated sub-scope (`runtime-config`)
+   * so they don't collide with the user-pool / user-pool-client constructs
+   * already created in {@link createRootHttpApi}, and `apiBaseUrl` is
+   * derived from this stack's own custom domain. The OAuth callback URL
+   * is no longer plumbed through the API — the admin-console derives it
+   * client-side from `window.location.origin`.
    */
   resolveRuntimeConfigEnvVars() {
-    if (this.props.runtimeConfig === void 0) {
-      return void 0;
-    }
     const cognitoScope = new Construct21(this, "runtime-config");
     const userPool = OpenHiAuthService.userPoolFromConstruct(cognitoScope);
     const userPoolClient = OpenHiAuthService.userPoolClientFromConstruct(cognitoScope);
@@ -3293,12 +3384,16 @@ var _OpenHiRestApiService = class _OpenHiRestApiService extends OpenHiService {
       OPENHI_RUNTIME_CONFIG_COGNITO_USER_POOL_ID: userPool.userPoolId,
       OPENHI_RUNTIME_CONFIG_COGNITO_USER_POOL_CLIENT_ID: userPoolClient.userPoolClientId,
       OPENHI_RUNTIME_CONFIG_COGNITO_DOMAIN_URL: cognitoDomainUrl,
-      OPENHI_RUNTIME_CONFIG_COGNITO_REDIRECT_URI: this.props.runtimeConfig.cognitoRedirectUri,
       OPENHI_RUNTIME_CONFIG_API_BASE_URL: `https://${this.apiDomainName}`
     };
   }
 };
 _OpenHiRestApiService.SERVICE_TYPE = "rest-api";
+/**
+ * Sub-domain prefix used by the REST API. Release-branch hostname is
+ * `api.<zone>`; per-PR preview hostname is `api-<childZonePrefix>.<zone>`.
+ */
+_OpenHiRestApiService.API_DOMAIN_PREFIX = "api";
 var OpenHiRestApiService = _OpenHiRestApiService;
 
 // src/services/open-hi-graphql-service.ts
@@ -3342,10 +3437,26 @@ _OpenHiGraphqlService.SERVICE_TYPE = "graphql-api";
 var OpenHiGraphqlService = _OpenHiGraphqlService;
 
 // src/services/open-hi-website-service.ts
-var import_config5 = __toESM(require_lib2());
+var import_config6 = __toESM(require_lib2());
 import { Bucket as Bucket3 } from "aws-cdk-lib/aws-s3";
 var SSM_PARAM_NAME_FULL_DOMAIN = "WEBSITE_FULL_DOMAIN";
+var ADMIN_DOMAIN_PREFIX = "admin";
 var _OpenHiWebsiteService = class _OpenHiWebsiteService extends OpenHiService {
+  /**
+   * Compose the website's full per-deploy domain. Thin wrapper over
+   * {@link OpenHiService.composeServiceDomain} that fills in
+   * {@link DEFAULT_DOMAIN_PREFIX} when `domainPrefix` is omitted.
+   *
+   * Use from sibling stacks that need to predict the website's hostname
+   * before the website stack is synthesised — e.g. the REST API stack
+   * computing its CORS `allowOrigins` for the admin-console.
+   */
+  static composeFullDomain(opts) {
+    return OpenHiService.composeServiceDomain({
+      ...opts,
+      domainPrefix: opts.domainPrefix ?? _OpenHiWebsiteService.DEFAULT_DOMAIN_PREFIX
+    });
+  }
   /**
    * Looks up the static-hosting bucket ARN published by the release-branch
    * deploy of this service.
@@ -3464,16 +3575,24 @@ var _OpenHiWebsiteService = class _OpenHiWebsiteService extends OpenHiService {
    * every other deploy serves a per-PR preview at
    * `\<domainPrefix\>-\<childZonePrefix\>.\<zone\>`
    * (e.g. `admin-feat-1093-patient-migration.dev.openhi.org`).
+   *
+   * Delegates to {@link OpenHiWebsiteService.composeFullDomain} so the
+   * release-vs-feature composition stays in one place.
    */
   computeFullDomain(hostedZone) {
-    const subDomain = this.computeSubDomain();
-    return [subDomain, hostedZone.zoneName].join(".");
+    return _OpenHiWebsiteService.composeFullDomain({
+      domainPrefix: this.props.domainPrefix,
+      branchName: this.branchName,
+      defaultReleaseBranch: this.defaultReleaseBranch,
+      childZonePrefix: this.childZonePrefix,
+      zoneName: hostedZone.zoneName
+    });
   }
   /**
    * Returns the sub-domain label (left of the zone) for the current
-   * deploy. Used both for {@link fullDomain} and for the per-branch S3
-   * key prefix passed to {@link StaticContent} so the upload prefix
-   * always matches the served hostname.
+   * deploy. Used for the per-branch S3 key prefix passed to
+   * {@link StaticContent} so the upload prefix always matches the
+   * served hostname.
    *
    * Non-release deploys compose the per-PR slug as
    * `\<domainPrefix\>-\<childZonePrefix\>`, mirroring the REST API's
@@ -3484,7 +3603,7 @@ var _OpenHiWebsiteService = class _OpenHiWebsiteService extends OpenHiService {
    */
   computeSubDomain() {
     const isReleaseBranch = this.branchName === this.defaultReleaseBranch;
-    const domainPrefix = this.props.domainPrefix ?? "www";
+    const domainPrefix = this.props.domainPrefix ?? _OpenHiWebsiteService.DEFAULT_DOMAIN_PREFIX;
     if (isReleaseBranch) {
       return domainPrefix;
     }
@@ -3511,7 +3630,7 @@ var _OpenHiWebsiteService = class _OpenHiWebsiteService extends OpenHiService {
       domainNames: [this.fullDomain, wildcardSan],
       description: `OpenHI website (${this.fullDomain})`,
       prefixPattern: PER_BRANCH_PREVIEW_PREFIX,
-      enablePreviewLifecycle: this.ohEnv.ohStage.stageType !== import_config5.OPEN_HI_STAGE.PROD,
+      enablePreviewLifecycle: this.ohEnv.ohStage.stageType !== import_config6.OPEN_HI_STAGE.PROD,
       ...restApi !== void 0 && { restApi }
     });
   }
@@ -3597,6 +3716,12 @@ var _OpenHiWebsiteService = class _OpenHiWebsiteService extends OpenHiService {
   }
 };
 _OpenHiWebsiteService.SERVICE_TYPE = "website";
+/**
+ * Default `domainPrefix` for this service when none is supplied.
+ * Release-branch hostname is `www.<zone>`; per-PR preview hostname is
+ * `www-<childZonePrefix>.<zone>`.
+ */
+_OpenHiWebsiteService.DEFAULT_DOMAIN_PREFIX = "www";
 var OpenHiWebsiteService = _OpenHiWebsiteService;
 
 // src/workflows/control-plane/owning-delete-cascade/owning-delete-cascade-lambdas.ts
@@ -4114,6 +4239,7 @@ var export_OWNING_ENTITY_TYPE = import_workflows3.OWNING_ENTITY_TYPE;
 var export_PlatformDeploymentCompletedV1 = import_workflows2.PlatformDeploymentCompletedV1;
 var export_RENAMABLE_ENTITY_TYPE = import_workflows4.RENAMABLE_ENTITY_TYPE;
 export {
+  ADMIN_DOMAIN_PREFIX,
   BRIDGED_STATUSES,
   CLOUDFORMATION_EVENT_SOURCE,
   CLOUDFORMATION_STACK_STATUS_CHANGE_DETAIL_TYPE,
@@ -4138,6 +4264,7 @@ export {
   DEMO_PERIOD,
   DEMO_TENANT_SPECS,
   DEMO_URN_SYSTEM,
+  DEV_CORS_ALLOW_ORIGINS,
   DEV_USERS,
   DataEventBus,
   DataStoreHistoricalArchive,