@quiltdata/benchling-webhook 0.4.13 → 0.5.0-20251029T180511Z
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/bin/benchling-webhook.d.ts +50 -0
- package/dist/bin/benchling-webhook.d.ts.map +1 -0
- package/dist/bin/benchling-webhook.js +268 -0
- package/dist/bin/benchling-webhook.js.map +1 -0
- package/dist/bin/cli.d.ts +3 -0
- package/dist/bin/cli.d.ts.map +1 -0
- package/dist/bin/cli.js +83 -0
- package/dist/bin/cli.js.map +1 -0
- package/dist/bin/commands/deploy.d.ts +7 -0
- package/dist/bin/commands/deploy.d.ts.map +1 -0
- package/dist/bin/commands/deploy.js +154 -0
- package/dist/bin/commands/deploy.js.map +1 -0
- package/dist/bin/commands/init.d.ts +9 -0
- package/dist/bin/commands/init.d.ts.map +1 -0
- package/dist/bin/commands/init.js +155 -0
- package/dist/bin/commands/init.js.map +1 -0
- package/dist/bin/commands/validate.d.ts +5 -0
- package/dist/bin/commands/validate.d.ts.map +1 -0
- package/dist/bin/commands/validate.js +135 -0
- package/dist/bin/commands/validate.js.map +1 -0
- package/dist/bin/get-env.js +180 -0
- package/dist/bin/publish.js +327 -0
- package/{bin → dist/bin}/version.js +73 -37
- package/dist/lib/alb-api-gateway.d.ts +17 -0
- package/dist/lib/alb-api-gateway.d.ts.map +1 -0
- package/dist/lib/alb-api-gateway.js +191 -0
- package/dist/lib/alb-api-gateway.js.map +1 -0
- package/dist/lib/benchling-webhook-stack.d.ts +25 -0
- package/dist/lib/benchling-webhook-stack.d.ts.map +1 -0
- package/dist/lib/benchling-webhook-stack.js +165 -0
- package/dist/lib/benchling-webhook-stack.js.map +1 -0
- package/dist/lib/constants.d.ts +28 -0
- package/dist/lib/constants.d.ts.map +1 -0
- package/dist/lib/constants.js +31 -0
- package/dist/lib/constants.js.map +1 -0
- package/dist/lib/ecr-repository.d.ts +16 -0
- package/dist/lib/ecr-repository.d.ts.map +1 -0
- package/dist/lib/ecr-repository.js +90 -0
- package/dist/lib/ecr-repository.js.map +1 -0
- package/dist/lib/fargate-service.d.ts +32 -0
- package/dist/lib/fargate-service.d.ts.map +1 -0
- package/dist/lib/fargate-service.js +294 -0
- package/dist/lib/fargate-service.js.map +1 -0
- package/{lib/index.ts → dist/lib/index.d.ts} +5 -5
- package/dist/lib/index.d.ts.map +1 -0
- package/dist/lib/index.js +38 -0
- package/dist/lib/index.js.map +1 -0
- package/dist/lib/templates/base-template.d.ts +14 -0
- package/dist/lib/templates/base-template.d.ts.map +1 -0
- package/dist/lib/templates/base-template.js +68 -0
- package/dist/lib/templates/base-template.js.map +1 -0
- package/dist/lib/templates/readme.d.ts +11 -0
- package/dist/lib/templates/readme.d.ts.map +1 -0
- package/dist/lib/templates/readme.js +105 -0
- package/dist/lib/templates/readme.js.map +1 -0
- package/dist/lib/utils/config.d.ts +68 -0
- package/dist/lib/utils/config.d.ts.map +1 -0
- package/dist/lib/utils/config.js +195 -0
- package/dist/lib/utils/config.js.map +1 -0
- package/dist/lib/utils/stack-inference.d.ts +73 -0
- package/dist/lib/utils/stack-inference.d.ts.map +1 -0
- package/dist/lib/utils/stack-inference.js +410 -0
- package/dist/lib/utils/stack-inference.js.map +1 -0
- package/dist/package.json +90 -0
- package/package.json +31 -20
- package/AGENTS.md +0 -226
- package/CHANGELOG.md +0 -91
- package/bin/benchling-webhook.ts +0 -172
- package/bin/cli-auth.sh +0 -74
- package/bin/get-env.js +0 -564
- package/bin/publish-manual.js +0 -211
- package/bin/release-notes.sh +0 -82
- package/bin/sync-version.js +0 -72
- package/cdk.context.json +0 -58
- package/cdk.json +0 -85
- package/doc/NPM_OIDC_SETUP.md +0 -95
- package/doc/PARAMETERS.md +0 -203
- package/doc/RELEASE.md +0 -297
- package/doc/RELEASE_NOTES.md +0 -64
- package/jest.config.js +0 -14
- package/lib/README.md +0 -50
- package/lib/oauth-tester.json +0 -35
- package/tsconfig.json +0 -34
- /package/{bin → dist/bin}/check-logs.js +0 -0
- /package/{bin → dist/bin}/release.js +0 -0
- /package/{bin → dist/bin}/send-event.js +0 -0
- /package/{bin → dist/bin}/test-invalid-signature.js +0 -0
|
@@ -0,0 +1,191 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
19
|
+
var ownKeys = function(o) {
|
|
20
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
21
|
+
var ar = [];
|
|
22
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
23
|
+
return ar;
|
|
24
|
+
};
|
|
25
|
+
return ownKeys(o);
|
|
26
|
+
};
|
|
27
|
+
return function (mod) {
|
|
28
|
+
if (mod && mod.__esModule) return mod;
|
|
29
|
+
var result = {};
|
|
30
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
31
|
+
__setModuleDefault(result, mod);
|
|
32
|
+
return result;
|
|
33
|
+
};
|
|
34
|
+
})();
|
|
35
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
|
+
exports.AlbApiGateway = void 0;
|
|
37
|
+
const cdk = __importStar(require("aws-cdk-lib"));
|
|
38
|
+
const apigateway = __importStar(require("aws-cdk-lib/aws-apigateway"));
|
|
39
|
+
const iam = __importStar(require("aws-cdk-lib/aws-iam"));
|
|
40
|
+
const logs = __importStar(require("aws-cdk-lib/aws-logs"));
|
|
41
|
+
class AlbApiGateway {
|
|
42
|
+
constructor(scope, id, props) {
|
|
43
|
+
this.logGroup = new logs.LogGroup(scope, "ApiGatewayAccessLogs", {
|
|
44
|
+
logGroupName: "/aws/apigateway/benchling-webhook",
|
|
45
|
+
retention: logs.RetentionDays.ONE_WEEK,
|
|
46
|
+
removalPolicy: cdk.RemovalPolicy.DESTROY,
|
|
47
|
+
});
|
|
48
|
+
this.createCloudWatchRole(scope);
|
|
49
|
+
// Parse IP allowlist for resource policy
|
|
50
|
+
let allowedIps = [];
|
|
51
|
+
if (props.webhookAllowList && props.webhookAllowList.trim() !== "") {
|
|
52
|
+
if (cdk.Token.isUnresolved(props.webhookAllowList)) {
|
|
53
|
+
allowedIps = cdk.Fn.split(",", props.webhookAllowList);
|
|
54
|
+
}
|
|
55
|
+
else {
|
|
56
|
+
allowedIps = props.webhookAllowList
|
|
57
|
+
.split(",")
|
|
58
|
+
.map(ip => ip.trim())
|
|
59
|
+
.filter(ip => ip.length > 0);
|
|
60
|
+
}
|
|
61
|
+
}
|
|
62
|
+
// Create resource policy for IP filtering at the edge
|
|
63
|
+
const policyDocument = this.createResourcePolicy(allowedIps);
|
|
64
|
+
this.api = new apigateway.RestApi(scope, "BenchlingWebhookAPI", {
|
|
65
|
+
restApiName: "BenchlingWebhookAPI",
|
|
66
|
+
policy: policyDocument,
|
|
67
|
+
deployOptions: {
|
|
68
|
+
stageName: "prod",
|
|
69
|
+
accessLogDestination: new apigateway.LogGroupLogDestination(this.logGroup),
|
|
70
|
+
methodOptions: {
|
|
71
|
+
"/*/*": {
|
|
72
|
+
loggingLevel: apigateway.MethodLoggingLevel.INFO,
|
|
73
|
+
dataTraceEnabled: true,
|
|
74
|
+
},
|
|
75
|
+
},
|
|
76
|
+
},
|
|
77
|
+
});
|
|
78
|
+
this.addWebhookEndpoints(props.loadBalancer);
|
|
79
|
+
// Output API Gateway ID for execution logs
|
|
80
|
+
new cdk.CfnOutput(scope, "ApiGatewayId", {
|
|
81
|
+
value: this.api.restApiId,
|
|
82
|
+
description: "API Gateway REST API ID",
|
|
83
|
+
});
|
|
84
|
+
// Output execution log group name
|
|
85
|
+
new cdk.CfnOutput(scope, "ApiGatewayExecutionLogGroup", {
|
|
86
|
+
value: `API-Gateway-Execution-Logs_${this.api.restApiId}/prod`,
|
|
87
|
+
description: "API Gateway execution log group for detailed request/response logs",
|
|
88
|
+
});
|
|
89
|
+
// Output ALB DNS for direct testing
|
|
90
|
+
new cdk.CfnOutput(scope, "LoadBalancerDNS", {
|
|
91
|
+
value: props.loadBalancer.loadBalancerDnsName,
|
|
92
|
+
description: "Application Load Balancer DNS name for direct testing",
|
|
93
|
+
});
|
|
94
|
+
}
|
|
95
|
+
createResourcePolicy(allowedIps) {
|
|
96
|
+
if (Array.isArray(allowedIps) && allowedIps.length === 0) {
|
|
97
|
+
return undefined;
|
|
98
|
+
}
|
|
99
|
+
if (!allowedIps) {
|
|
100
|
+
return undefined;
|
|
101
|
+
}
|
|
102
|
+
return new iam.PolicyDocument({
|
|
103
|
+
statements: [
|
|
104
|
+
new iam.PolicyStatement({
|
|
105
|
+
effect: iam.Effect.ALLOW,
|
|
106
|
+
principals: [new iam.AnyPrincipal()],
|
|
107
|
+
actions: ["execute-api:Invoke"],
|
|
108
|
+
resources: ["execute-api:/*"],
|
|
109
|
+
conditions: {
|
|
110
|
+
IpAddress: {
|
|
111
|
+
"aws:SourceIp": allowedIps,
|
|
112
|
+
},
|
|
113
|
+
},
|
|
114
|
+
}),
|
|
115
|
+
],
|
|
116
|
+
});
|
|
117
|
+
}
|
|
118
|
+
createCloudWatchRole(scope) {
|
|
119
|
+
const cloudWatchRole = new iam.Role(scope, "ApiGatewayCloudWatchRole", {
|
|
120
|
+
assumedBy: new iam.ServicePrincipal("apigateway.amazonaws.com"),
|
|
121
|
+
managedPolicies: [
|
|
122
|
+
iam.ManagedPolicy.fromAwsManagedPolicyName("service-role/AmazonAPIGatewayPushToCloudWatchLogs"),
|
|
123
|
+
],
|
|
124
|
+
});
|
|
125
|
+
new apigateway.CfnAccount(scope, "ApiGatewayAccount", {
|
|
126
|
+
cloudWatchRoleArn: cloudWatchRole.roleArn,
|
|
127
|
+
});
|
|
128
|
+
return cloudWatchRole;
|
|
129
|
+
}
|
|
130
|
+
addWebhookEndpoints(loadBalancer) {
|
|
131
|
+
// Create HTTP integration to ALB
|
|
132
|
+
const albIntegration = new apigateway.HttpIntegration(`http://${loadBalancer.loadBalancerDnsName}/{proxy}`, {
|
|
133
|
+
httpMethod: "ANY",
|
|
134
|
+
options: {
|
|
135
|
+
requestParameters: {
|
|
136
|
+
"integration.request.path.proxy": "method.request.path.proxy",
|
|
137
|
+
},
|
|
138
|
+
integrationResponses: [
|
|
139
|
+
{
|
|
140
|
+
statusCode: "200",
|
|
141
|
+
},
|
|
142
|
+
{
|
|
143
|
+
statusCode: "400",
|
|
144
|
+
selectionPattern: "4\\d{2}",
|
|
145
|
+
},
|
|
146
|
+
{
|
|
147
|
+
statusCode: "500",
|
|
148
|
+
selectionPattern: "5\\d{2}",
|
|
149
|
+
},
|
|
150
|
+
],
|
|
151
|
+
},
|
|
152
|
+
});
|
|
153
|
+
// Create proxy resource to forward all requests to ALB
|
|
154
|
+
const proxyResource = this.api.root.addResource("{proxy+}");
|
|
155
|
+
proxyResource.addMethod("ANY", albIntegration, {
|
|
156
|
+
requestParameters: {
|
|
157
|
+
"method.request.path.proxy": true,
|
|
158
|
+
},
|
|
159
|
+
methodResponses: [
|
|
160
|
+
{ statusCode: "200" },
|
|
161
|
+
{ statusCode: "400" },
|
|
162
|
+
{ statusCode: "500" },
|
|
163
|
+
],
|
|
164
|
+
});
|
|
165
|
+
// Also handle root path
|
|
166
|
+
this.api.root.addMethod("ANY", new apigateway.HttpIntegration(`http://${loadBalancer.loadBalancerDnsName}/`, {
|
|
167
|
+
httpMethod: "ANY",
|
|
168
|
+
options: {
|
|
169
|
+
integrationResponses: [
|
|
170
|
+
{ statusCode: "200" },
|
|
171
|
+
{
|
|
172
|
+
statusCode: "400",
|
|
173
|
+
selectionPattern: "4\\d{2}",
|
|
174
|
+
},
|
|
175
|
+
{
|
|
176
|
+
statusCode: "500",
|
|
177
|
+
selectionPattern: "5\\d{2}",
|
|
178
|
+
},
|
|
179
|
+
],
|
|
180
|
+
},
|
|
181
|
+
}), {
|
|
182
|
+
methodResponses: [
|
|
183
|
+
{ statusCode: "200" },
|
|
184
|
+
{ statusCode: "400" },
|
|
185
|
+
{ statusCode: "500" },
|
|
186
|
+
],
|
|
187
|
+
});
|
|
188
|
+
}
|
|
189
|
+
}
|
|
190
|
+
exports.AlbApiGateway = AlbApiGateway;
|
|
191
|
+
//# sourceMappingURL=alb-api-gateway.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"alb-api-gateway.js","sourceRoot":"","sources":["../../lib/alb-api-gateway.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,iDAAmC;AACnC,uEAAyD;AACzD,yDAA2C;AAC3C,2DAA6C;AAS7C,MAAa,aAAa;IAItB,YACI,KAAgB,EAChB,EAAU,EACV,KAAyB;QAEzB,IAAI,CAAC,QAAQ,GAAG,IAAI,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,sBAAsB,EAAE;YAC7D,YAAY,EAAE,mCAAmC;YACjD,SAAS,EAAE,IAAI,CAAC,aAAa,CAAC,QAAQ;YACtC,aAAa,EAAE,GAAG,CAAC,aAAa,CAAC,OAAO;SAC3C,CAAC,CAAC;QAEH,IAAI,CAAC,oBAAoB,CAAC,KAAK,CAAC,CAAC;QAEjC,yCAAyC;QACzC,IAAI,UAAU,GAAa,EAAE,CAAC;QAC9B,IAAI,KAAK,CAAC,gBAAgB,IAAI,KAAK,CAAC,gBAAgB,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YACjE,IAAI,GAAG,CAAC,KAAK,CAAC,YAAY,CAAC,KAAK,CAAC,gBAAgB,CAAC,EAAE,CAAC;gBACjD,UAAU,GAAG,GAAG,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,KAAK,CAAC,gBAAgB,CAAwB,CAAC;YAClF,CAAC;iBAAM,CAAC;gBACJ,UAAU,GAAG,KAAK,CAAC,gBAAgB;qBAC9B,KAAK,CAAC,GAAG,CAAC;qBACV,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC;qBACpB,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YACrC,CAAC;QACL,CAAC;QAED,sDAAsD;QACtD,MAAM,cAAc,GAAG,IAAI,CAAC,oBAAoB,CAAC,UAAU,CAAC,CAAC;QAE7D,IAAI,CAAC,GAAG,GAAG,IAAI,UAAU,CAAC,OAAO,CAAC,KAAK,EAAE,qBAAqB,EAAE;YAC5D,WAAW,EAAE,qBAAqB;YAClC,MAAM,EAAE,cAAc;YACtB,aAAa,EAAE;gBACX,SAAS,EAAE,MAAM;gBACjB,oBAAoB,EAAE,IAAI,UAAU,CAAC,sBAAsB,CAAC,IAAI,CAAC,QAAQ,CAAC;gBAC1E,aAAa,EAAE;oBACX,MAAM,EAAE;wBACJ,YAAY,EAAE,UAAU,CAAC,kBAAkB,CAAC,IAAI;wBAChD,gBAAgB,EAAE,IAAI;qBACzB;iBACJ;aACJ;SACJ,CAAC,CAAC;QAEH,IAAI,CAAC,mBAAmB,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;QAE7C,2CAA2C;QAC3C,IAAI,GAAG,CAAC,SAAS,CAAC,KAAK,EAAE,cAAc,EAAE;YACrC,KAAK,EAAE,IAAI,CAAC,GAAG,CAAC,SAAS;YACzB,WAAW,EAAE,yBAAyB;SACzC,CAAC,CAAC;QAEH,kCAAkC;QAClC,IAAI,GAAG,CAAC,SAAS,CAAC,KAAK,EAAE,6BAA6B,EAAE;YACpD,KAAK,EAAE,8BAA8B,IAAI,CAAC,GAAG,CAAC,SAAS,OAAO;YAC9D,WAAW,EAAE,oEAAoE;SACpF,CAAC,CAAC;QAEH,oCAAoC;QACpC,IAAI,GAAG,CAAC,SAAS,CAAC,KAAK,EAAE,iBAAiB,EAAE;YACxC,KAAK,EAAE,KAAK,CAAC,YAAY,CAAC,mBAAmB;YAC7C,WAAW,EAAE,uDAAuD;SACvE,CAAC,CAAC;IACP,CAAC;IAEO,oBAAoB,CAAC,UAA6B;QACtD,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvD,OAAO,SAAS,CAAC;QACrB,CAAC;QACD,IAAI,CAAC,UAAU,EAAE,CAAC;YACd,OAAO,SAAS,CAAC;QACrB,CAAC;QAED,OAAO,IAAI,GAAG,CAAC,cAAc,CAAC;YAC1B,UAAU,EAAE;gBACR,IAAI,GAAG,CAAC,eAAe,CAAC;oBACpB,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,KAAK;oBACxB,UAAU,EAAE,CAAC,IAAI,GAAG,CAAC,YAAY,EAAE,CAAC;oBACpC,OAAO,EAAE,CAAC,oBAAoB,CAAC;oBAC/B,SAAS,EAAE,CAAC,gBAAgB,CAAC;oBAC7B,UAAU,EAAE;wBACR,SAAS,EAAE;4BACP,cAAc,EAAE,UAAU;yBAC7B;qBACJ;iBACJ,CAAC;aACL;SACJ,CAAC,CAAC;IACP,CAAC;IAEO,oBAAoB,CAAC,KAAgB;QACzC,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,KAAK,EAAE,0BAA0B,EAAE;YACnE,SAAS,EAAE,IAAI,GAAG,CAAC,gBAAgB,CAAC,0BAA0B,CAAC;YAC/D,eAAe,EAAE;gBACb,GAAG,CAAC,aAAa,CAAC,wBAAwB,CACtC,mDAAmD,CACtD;aACJ;SACJ,CAAC,CAAC;QAEH,IAAI,UAAU,CAAC,UAAU,CAAC,KAAK,EAAE,mBAAmB,EAAE;YAClD,iBAAiB,EAAE,cAAc,CAAC,OAAO;SAC5C,CAAC,CAAC;QAEH,OAAO,cAAc,CAAC;IAC1B,CAAC;IAEO,mBAAmB,CACvB,YAA2C;QAE3C,iCAAiC;QACjC,MAAM,cAAc,GAAG,IAAI,UAAU,CAAC,eAAe,CACjD,UAAU,YAAY,CAAC,mBAAmB,UAAU,EACpD;YACI,UAAU,EAAE,KAAK;YACjB,OAAO,EAAE;gBACL,iBAAiB,EAAE;oBACf,gCAAgC,EAAE,2BAA2B;iBAChE;gBACD,oBAAoB,EAAE;oBAClB;wBACI,UAAU,EAAE,KAAK;qBACpB;oBACD;wBACI,UAAU,EAAE,KAAK;wBACjB,gBAAgB,EAAE,SAAS;qBAC9B;oBACD;wBACI,UAAU,EAAE,KAAK;wBACjB,gBAAgB,EAAE,SAAS;qBAC9B;iBACJ;aACJ;SACJ,CACJ,CAAC;QAEF,uDAAuD;QACvD,MAAM,aAAa,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;QAC5D,aAAa,CAAC,SAAS,CAAC,KAAK,EAAE,cAAc,EAAE;YAC3C,iBAAiB,EAAE;gBACf,2BAA2B,EAAE,IAAI;aACpC;YACD,eAAe,EAAE;gBACb,EAAE,UAAU,EAAE,KAAK,EAAE;gBACrB,EAAE,UAAU,EAAE,KAAK,EAAE;gBACrB,EAAE,UAAU,EAAE,KAAK,EAAE;aACxB;SACJ,CAAC,CAAC;QAEH,wBAAwB;QACxB,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,UAAU,CAAC,eAAe,CACzD,UAAU,YAAY,CAAC,mBAAmB,GAAG,EAC7C;YACI,UAAU,EAAE,KAAK;YACjB,OAAO,EAAE;gBACL,oBAAoB,EAAE;oBAClB,EAAE,UAAU,EAAE,KAAK,EAAE;oBACrB;wBACI,UAAU,EAAE,KAAK;wBACjB,gBAAgB,EAAE,SAAS;qBAC9B;oBACD;wBACI,UAAU,EAAE,KAAK;wBACjB,gBAAgB,EAAE,SAAS;qBAC9B;iBACJ;aACJ;SACJ,CACJ,EAAE;YACC,eAAe,EAAE;gBACb,EAAE,UAAU,EAAE,KAAK,EAAE;gBACrB,EAAE,UAAU,EAAE,KAAK,EAAE;gBACrB,EAAE,UAAU,EAAE,KAAK,EAAE;aACxB;SACJ,CAAC,CAAC;IACP,CAAC;CACJ;AApLD,sCAoLC"}
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
import * as cdk from "aws-cdk-lib";
|
|
2
|
+
import { Construct } from "constructs";
|
|
3
|
+
export interface BenchlingWebhookStackProps extends cdk.StackProps {
|
|
4
|
+
readonly bucketName: string;
|
|
5
|
+
readonly environment: string;
|
|
6
|
+
readonly prefix: string;
|
|
7
|
+
readonly queueName: string;
|
|
8
|
+
readonly benchlingClientId: string;
|
|
9
|
+
readonly benchlingClientSecret: string;
|
|
10
|
+
readonly benchlingTenant: string;
|
|
11
|
+
readonly quiltCatalog?: string;
|
|
12
|
+
readonly quiltDatabase: string;
|
|
13
|
+
readonly webhookAllowList?: string;
|
|
14
|
+
readonly createEcrRepository?: boolean;
|
|
15
|
+
readonly ecrRepositoryName?: string;
|
|
16
|
+
readonly logLevel?: string;
|
|
17
|
+
}
|
|
18
|
+
export declare class BenchlingWebhookStack extends cdk.Stack {
|
|
19
|
+
private readonly bucket;
|
|
20
|
+
private readonly fargateService;
|
|
21
|
+
private readonly api;
|
|
22
|
+
readonly webhookEndpoint: string;
|
|
23
|
+
constructor(scope: Construct, id: string, props: BenchlingWebhookStackProps);
|
|
24
|
+
}
|
|
25
|
+
//# sourceMappingURL=benchling-webhook-stack.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"benchling-webhook-stack.d.ts","sourceRoot":"","sources":["../../lib/benchling-webhook-stack.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,GAAG,MAAM,aAAa,CAAC;AAInC,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAMvC,MAAM,WAAW,0BAA2B,SAAQ,GAAG,CAAC,UAAU;IAC9D,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,iBAAiB,EAAE,MAAM,CAAC;IACnC,QAAQ,CAAC,qBAAqB,EAAE,MAAM,CAAC;IACvC,QAAQ,CAAC,eAAe,EAAE,MAAM,CAAC;IACjC,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,gBAAgB,CAAC,EAAE,MAAM,CAAC;IACnC,QAAQ,CAAC,mBAAmB,CAAC,EAAE,OAAO,CAAC;IACvC,QAAQ,CAAC,iBAAiB,CAAC,EAAE,MAAM,CAAC;IACpC,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;CAC9B;AAED,qBAAa,qBAAsB,SAAQ,GAAG,CAAC,KAAK;IAChD,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAa;IACpC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAiB;IAChD,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAgB;IACpC,SAAgB,eAAe,EAAE,MAAM,CAAC;gBAGpC,KAAK,EAAE,SAAS,EAChB,EAAE,EAAE,MAAM,EACV,KAAK,EAAE,0BAA0B;CAsIxC"}
|
|
@@ -0,0 +1,165 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
19
|
+
var ownKeys = function(o) {
|
|
20
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
21
|
+
var ar = [];
|
|
22
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
23
|
+
return ar;
|
|
24
|
+
};
|
|
25
|
+
return ownKeys(o);
|
|
26
|
+
};
|
|
27
|
+
return function (mod) {
|
|
28
|
+
if (mod && mod.__esModule) return mod;
|
|
29
|
+
var result = {};
|
|
30
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
31
|
+
__setModuleDefault(result, mod);
|
|
32
|
+
return result;
|
|
33
|
+
};
|
|
34
|
+
})();
|
|
35
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
36
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
37
|
+
};
|
|
38
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
39
|
+
exports.BenchlingWebhookStack = void 0;
|
|
40
|
+
const cdk = __importStar(require("aws-cdk-lib"));
|
|
41
|
+
const s3 = __importStar(require("aws-cdk-lib/aws-s3"));
|
|
42
|
+
const ec2 = __importStar(require("aws-cdk-lib/aws-ec2"));
|
|
43
|
+
const ecr = __importStar(require("aws-cdk-lib/aws-ecr"));
|
|
44
|
+
const fargate_service_1 = require("./fargate-service");
|
|
45
|
+
const alb_api_gateway_1 = require("./alb-api-gateway");
|
|
46
|
+
const ecr_repository_1 = require("./ecr-repository");
|
|
47
|
+
const package_json_1 = __importDefault(require("../package.json"));
|
|
48
|
+
class BenchlingWebhookStack extends cdk.Stack {
|
|
49
|
+
constructor(scope, id, props) {
|
|
50
|
+
super(scope, id, props);
|
|
51
|
+
if (props.prefix.includes("/")) {
|
|
52
|
+
throw new Error("Prefix should not contain a '/' character.");
|
|
53
|
+
}
|
|
54
|
+
// Create CloudFormation parameters for runtime-configurable values
|
|
55
|
+
// Note: Use actual values from props during initial deployment to avoid empty string issues
|
|
56
|
+
// Parameters can be updated later via CloudFormation stack updates
|
|
57
|
+
// Security and configuration parameters
|
|
58
|
+
const webhookAllowListParam = new cdk.CfnParameter(this, "WebhookAllowList", {
|
|
59
|
+
type: "String",
|
|
60
|
+
description: "Comma-separated list of IP addresses allowed to send webhooks (leave empty to allow all IPs)",
|
|
61
|
+
default: props.webhookAllowList || "",
|
|
62
|
+
});
|
|
63
|
+
const quiltCatalogParam = new cdk.CfnParameter(this, "QuiltCatalog", {
|
|
64
|
+
type: "String",
|
|
65
|
+
description: "Quilt catalog URL for package links",
|
|
66
|
+
default: props.quiltCatalog || "open.quiltdata.com",
|
|
67
|
+
});
|
|
68
|
+
// Infrastructure parameters - these can be updated without redeploying
|
|
69
|
+
const bucketNameParam = new cdk.CfnParameter(this, "BucketName", {
|
|
70
|
+
type: "String",
|
|
71
|
+
description: "S3 bucket name for storing packages",
|
|
72
|
+
default: props.bucketName,
|
|
73
|
+
});
|
|
74
|
+
const prefixParam = new cdk.CfnParameter(this, "PackagePrefix", {
|
|
75
|
+
type: "String",
|
|
76
|
+
description: "Prefix for package names (no slashes)",
|
|
77
|
+
default: props.prefix,
|
|
78
|
+
});
|
|
79
|
+
const queueNameParam = new cdk.CfnParameter(this, "QueueName", {
|
|
80
|
+
type: "String",
|
|
81
|
+
description: "SQS queue name for package notifications",
|
|
82
|
+
default: props.queueName,
|
|
83
|
+
});
|
|
84
|
+
// Use parameter values (which have props as defaults)
|
|
85
|
+
// This allows runtime updates via CloudFormation
|
|
86
|
+
const webhookAllowListValue = webhookAllowListParam.valueAsString;
|
|
87
|
+
const quiltCatalogValue = quiltCatalogParam.valueAsString;
|
|
88
|
+
const bucketNameValue = bucketNameParam.valueAsString;
|
|
89
|
+
const prefixValue = prefixParam.valueAsString;
|
|
90
|
+
const queueNameValue = queueNameParam.valueAsString;
|
|
91
|
+
this.bucket = s3.Bucket.fromBucketName(this, "BWBucket", bucketNameValue);
|
|
92
|
+
// Get the default VPC or create a new one
|
|
93
|
+
const vpc = ec2.Vpc.fromLookup(this, "DefaultVPC", {
|
|
94
|
+
isDefault: true,
|
|
95
|
+
});
|
|
96
|
+
// Get or create ECR repository
|
|
97
|
+
let ecrRepo;
|
|
98
|
+
let ecrImageUri;
|
|
99
|
+
if (props.createEcrRepository) {
|
|
100
|
+
const newRepo = new ecr_repository_1.EcrRepository(this, "EcrRepository", {
|
|
101
|
+
repositoryName: props.ecrRepositoryName || "quiltdata/benchling",
|
|
102
|
+
publicReadAccess: true,
|
|
103
|
+
});
|
|
104
|
+
ecrRepo = newRepo.repository;
|
|
105
|
+
ecrImageUri = `${newRepo.repositoryUri}:latest`;
|
|
106
|
+
}
|
|
107
|
+
else {
|
|
108
|
+
// Reference existing ECR repository
|
|
109
|
+
const repoName = props.ecrRepositoryName || "quiltdata/benchling";
|
|
110
|
+
ecrRepo = ecr.Repository.fromRepositoryName(this, "ExistingEcrRepository", repoName);
|
|
111
|
+
ecrImageUri = `${this.account}.dkr.ecr.${this.region}.amazonaws.com/${repoName}:latest`;
|
|
112
|
+
}
|
|
113
|
+
// Create the Fargate service
|
|
114
|
+
this.fargateService = new fargate_service_1.FargateService(this, "FargateService", {
|
|
115
|
+
vpc,
|
|
116
|
+
bucket: this.bucket,
|
|
117
|
+
queueName: queueNameValue,
|
|
118
|
+
region: this.region,
|
|
119
|
+
account: this.account,
|
|
120
|
+
prefix: prefixValue,
|
|
121
|
+
benchlingClientId: props.benchlingClientId,
|
|
122
|
+
benchlingClientSecret: props.benchlingClientSecret,
|
|
123
|
+
benchlingTenant: props.benchlingTenant,
|
|
124
|
+
quiltCatalog: quiltCatalogValue,
|
|
125
|
+
quiltDatabase: props.quiltDatabase,
|
|
126
|
+
webhookAllowList: webhookAllowListValue,
|
|
127
|
+
ecrRepository: ecrRepo,
|
|
128
|
+
imageTag: "latest",
|
|
129
|
+
logLevel: props.logLevel,
|
|
130
|
+
});
|
|
131
|
+
// Create API Gateway that routes to the ALB
|
|
132
|
+
this.api = new alb_api_gateway_1.AlbApiGateway(this, "ApiGateway", {
|
|
133
|
+
loadBalancer: this.fargateService.loadBalancer,
|
|
134
|
+
webhookAllowList: webhookAllowListValue,
|
|
135
|
+
});
|
|
136
|
+
// Store webhook endpoint for easy access
|
|
137
|
+
this.webhookEndpoint = this.api.api.url;
|
|
138
|
+
// Export webhook endpoint as a stack output
|
|
139
|
+
new cdk.CfnOutput(this, "WebhookEndpoint", {
|
|
140
|
+
value: this.webhookEndpoint,
|
|
141
|
+
description: "Webhook endpoint URL - use this in Benchling app configuration",
|
|
142
|
+
});
|
|
143
|
+
// Export Docker image information
|
|
144
|
+
new cdk.CfnOutput(this, "DockerImageUri", {
|
|
145
|
+
value: ecrImageUri,
|
|
146
|
+
description: "Docker image URI used for deployment",
|
|
147
|
+
});
|
|
148
|
+
// Export version information
|
|
149
|
+
new cdk.CfnOutput(this, "StackVersion", {
|
|
150
|
+
value: this.node.tryGetContext("version") || package_json_1.default.version,
|
|
151
|
+
description: "Stack version",
|
|
152
|
+
});
|
|
153
|
+
// Export CloudWatch log groups
|
|
154
|
+
new cdk.CfnOutput(this, "EcsLogGroup", {
|
|
155
|
+
value: this.fargateService.logGroup.logGroupName,
|
|
156
|
+
description: "CloudWatch log group for ECS container logs",
|
|
157
|
+
});
|
|
158
|
+
new cdk.CfnOutput(this, "ApiGatewayLogGroup", {
|
|
159
|
+
value: this.api.logGroup.logGroupName,
|
|
160
|
+
description: "CloudWatch log group for API Gateway access logs",
|
|
161
|
+
});
|
|
162
|
+
}
|
|
163
|
+
}
|
|
164
|
+
exports.BenchlingWebhookStack = BenchlingWebhookStack;
|
|
165
|
+
//# sourceMappingURL=benchling-webhook-stack.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"benchling-webhook-stack.js","sourceRoot":"","sources":["../../lib/benchling-webhook-stack.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,iDAAmC;AACnC,uDAAyC;AACzC,yDAA2C;AAC3C,yDAA2C;AAE3C,uDAAmD;AACnD,uDAAkD;AAClD,qDAAiD;AACjD,mEAA0C;AAkB1C,MAAa,qBAAsB,SAAQ,GAAG,CAAC,KAAK;IAMhD,YACI,KAAgB,EAChB,EAAU,EACV,KAAiC;QAEjC,KAAK,CAAC,KAAK,EAAE,EAAE,EAAE,KAAK,CAAC,CAAC;QACxB,IAAI,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YAC7B,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;QAClE,CAAC;QAED,mEAAmE;QACnE,4FAA4F;QAC5F,mEAAmE;QAEnE,wCAAwC;QACxC,MAAM,qBAAqB,GAAG,IAAI,GAAG,CAAC,YAAY,CAAC,IAAI,EAAE,kBAAkB,EAAE;YACzE,IAAI,EAAE,QAAQ;YACd,WAAW,EAAE,8FAA8F;YAC3G,OAAO,EAAE,KAAK,CAAC,gBAAgB,IAAI,EAAE;SACxC,CAAC,CAAC;QAEH,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC,YAAY,CAAC,IAAI,EAAE,cAAc,EAAE;YACjE,IAAI,EAAE,QAAQ;YACd,WAAW,EAAE,qCAAqC;YAClD,OAAO,EAAE,KAAK,CAAC,YAAY,IAAI,oBAAoB;SACtD,CAAC,CAAC;QAEH,uEAAuE;QACvE,MAAM,eAAe,GAAG,IAAI,GAAG,CAAC,YAAY,CAAC,IAAI,EAAE,YAAY,EAAE;YAC7D,IAAI,EAAE,QAAQ;YACd,WAAW,EAAE,qCAAqC;YAClD,OAAO,EAAE,KAAK,CAAC,UAAU;SAC5B,CAAC,CAAC;QAEH,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,YAAY,CAAC,IAAI,EAAE,eAAe,EAAE;YAC5D,IAAI,EAAE,QAAQ;YACd,WAAW,EAAE,uCAAuC;YACpD,OAAO,EAAE,KAAK,CAAC,MAAM;SACxB,CAAC,CAAC;QAEH,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC,YAAY,CAAC,IAAI,EAAE,WAAW,EAAE;YAC3D,IAAI,EAAE,QAAQ;YACd,WAAW,EAAE,0CAA0C;YACvD,OAAO,EAAE,KAAK,CAAC,SAAS;SAC3B,CAAC,CAAC;QAEH,sDAAsD;QACtD,iDAAiD;QACjD,MAAM,qBAAqB,GAAG,qBAAqB,CAAC,aAAa,CAAC;QAClE,MAAM,iBAAiB,GAAG,iBAAiB,CAAC,aAAa,CAAC;QAC1D,MAAM,eAAe,GAAG,eAAe,CAAC,aAAa,CAAC;QACtD,MAAM,WAAW,GAAG,WAAW,CAAC,aAAa,CAAC;QAC9C,MAAM,cAAc,GAAG,cAAc,CAAC,aAAa,CAAC;QAEpD,IAAI,CAAC,MAAM,GAAG,EAAE,CAAC,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,UAAU,EAAE,eAAe,CAAC,CAAC;QAE1E,0CAA0C;QAC1C,MAAM,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,EAAE,YAAY,EAAE;YAC/C,SAAS,EAAE,IAAI;SAClB,CAAC,CAAC;QAEH,+BAA+B;QAC/B,IAAI,OAAwB,CAAC;QAC7B,IAAI,WAAmB,CAAC;QACxB,IAAI,KAAK,CAAC,mBAAmB,EAAE,CAAC;YAC5B,MAAM,OAAO,GAAG,IAAI,8BAAa,CAAC,IAAI,EAAE,eAAe,EAAE;gBACrD,cAAc,EAAE,KAAK,CAAC,iBAAiB,IAAI,qBAAqB;gBAChE,gBAAgB,EAAE,IAAI;aACzB,CAAC,CAAC;YACH,OAAO,GAAG,OAAO,CAAC,UAAU,CAAC;YAC7B,WAAW,GAAG,GAAG,OAAO,CAAC,aAAa,SAAS,CAAC;QACpD,CAAC;aAAM,CAAC;YACJ,oCAAoC;YACpC,MAAM,QAAQ,GAAG,KAAK,CAAC,iBAAiB,IAAI,qBAAqB,CAAC;YAClE,OAAO,GAAG,GAAG,CAAC,UAAU,CAAC,kBAAkB,CAAC,IAAI,EAAE,uBAAuB,EAAE,QAAQ,CAAC,CAAC;YACrF,WAAW,GAAG,GAAG,IAAI,CAAC,OAAO,YAAY,IAAI,CAAC,MAAM,kBAAkB,QAAQ,SAAS,CAAC;QAC5F,CAAC;QAED,6BAA6B;QAC7B,IAAI,CAAC,cAAc,GAAG,IAAI,gCAAc,CAAC,IAAI,EAAE,gBAAgB,EAAE;YAC7D,GAAG;YACH,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,SAAS,EAAE,cAAc;YACzB,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,MAAM,EAAE,WAAW;YACnB,iBAAiB,EAAE,KAAK,CAAC,iBAAiB;YAC1C,qBAAqB,EAAE,KAAK,CAAC,qBAAqB;YAClD,eAAe,EAAE,KAAK,CAAC,eAAe;YACtC,YAAY,EAAE,iBAAiB;YAC/B,aAAa,EAAE,KAAK,CAAC,aAAa;YAClC,gBAAgB,EAAE,qBAAqB;YACvC,aAAa,EAAE,OAAO;YACtB,QAAQ,EAAE,QAAQ;YAClB,QAAQ,EAAE,KAAK,CAAC,QAAQ;SAC3B,CAAC,CAAC;QAEH,4CAA4C;QAC5C,IAAI,CAAC,GAAG,GAAG,IAAI,+BAAa,CAAC,IAAI,EAAE,YAAY,EAAE;YAC7C,YAAY,EAAE,IAAI,CAAC,cAAc,CAAC,YAAY;YAC9C,gBAAgB,EAAE,qBAAqB;SAC1C,CAAC,CAAC;QAEH,yCAAyC;QACzC,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC;QAExC,4CAA4C;QAC5C,IAAI,GAAG,CAAC,SAAS,CAAC,IAAI,EAAE,iBAAiB,EAAE;YACvC,KAAK,EAAE,IAAI,CAAC,eAAe;YAC3B,WAAW,EAAE,gEAAgE;SAChF,CAAC,CAAC;QAEH,kCAAkC;QAClC,IAAI,GAAG,CAAC,SAAS,CAAC,IAAI,EAAE,gBAAgB,EAAE;YACtC,KAAK,EAAE,WAAW;YAClB,WAAW,EAAE,sCAAsC;SACtD,CAAC,CAAC;QAEH,6BAA6B;QAC7B,IAAI,GAAG,CAAC,SAAS,CAAC,IAAI,EAAE,cAAc,EAAE;YACpC,KAAK,EAAE,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,SAAS,CAAC,IAAI,sBAAW,CAAC,OAAO;YAChE,WAAW,EAAE,eAAe;SAC/B,CAAC,CAAC;QAEH,+BAA+B;QAC/B,IAAI,GAAG,CAAC,SAAS,CAAC,IAAI,EAAE,aAAa,EAAE;YACnC,KAAK,EAAE,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,YAAY;YAChD,WAAW,EAAE,6CAA6C;SAC7D,CAAC,CAAC;QAEH,IAAI,GAAG,CAAC,SAAS,CAAC,IAAI,EAAE,oBAAoB,EAAE;YAC1C,KAAK,EAAE,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,YAAY;YACrC,WAAW,EAAE,kDAAkD;SAClE,CAAC,CAAC;IACP,CAAC;CAGJ;AA/ID,sDA+IC"}
|
|
@@ -0,0 +1,28 @@
|
|
|
1
|
+
export declare const EXPORT_STATUS: {
|
|
2
|
+
readonly RUNNING: "RUNNING";
|
|
3
|
+
readonly SUCCEEDED: "SUCCEEDED";
|
|
4
|
+
readonly FAILED: "FAILED";
|
|
5
|
+
};
|
|
6
|
+
export declare const FILES: {
|
|
7
|
+
readonly ENTRY_JSON: "entry.json";
|
|
8
|
+
readonly INPUT_JSON: "input.json";
|
|
9
|
+
readonly README_MD: "README.md";
|
|
10
|
+
readonly ENTRY_MD: "entry.md";
|
|
11
|
+
};
|
|
12
|
+
export declare const MIME_TYPES: {
|
|
13
|
+
readonly HTML: "text/html";
|
|
14
|
+
readonly CSS: "text/css";
|
|
15
|
+
readonly JS: "application/javascript";
|
|
16
|
+
readonly JSON: "application/json";
|
|
17
|
+
readonly PNG: "image/png";
|
|
18
|
+
readonly JPEG: "image/jpeg";
|
|
19
|
+
readonly GIF: "image/gif";
|
|
20
|
+
readonly TXT: "text/plain";
|
|
21
|
+
readonly PDF: "application/pdf";
|
|
22
|
+
readonly MD: "text/markdown";
|
|
23
|
+
readonly ZIP: "application/zip";
|
|
24
|
+
readonly YAML: "application/yaml";
|
|
25
|
+
readonly YML: "application/yaml";
|
|
26
|
+
readonly DEFAULT: "application/octet-stream";
|
|
27
|
+
};
|
|
28
|
+
//# sourceMappingURL=constants.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../../lib/constants.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,aAAa;;;;CAIhB,CAAC;AAEX,eAAO,MAAM,KAAK;;;;;CAKR,CAAC;AAEX,eAAO,MAAM,UAAU;;;;;;;;;;;;;;;CAeb,CAAC"}
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.MIME_TYPES = exports.FILES = exports.EXPORT_STATUS = void 0;
|
|
4
|
+
exports.EXPORT_STATUS = {
|
|
5
|
+
RUNNING: "RUNNING",
|
|
6
|
+
SUCCEEDED: "SUCCEEDED",
|
|
7
|
+
FAILED: "FAILED",
|
|
8
|
+
};
|
|
9
|
+
exports.FILES = {
|
|
10
|
+
ENTRY_JSON: "entry.json",
|
|
11
|
+
INPUT_JSON: "input.json",
|
|
12
|
+
README_MD: "README.md",
|
|
13
|
+
ENTRY_MD: "entry.md",
|
|
14
|
+
};
|
|
15
|
+
exports.MIME_TYPES = {
|
|
16
|
+
HTML: "text/html",
|
|
17
|
+
CSS: "text/css",
|
|
18
|
+
JS: "application/javascript",
|
|
19
|
+
JSON: "application/json",
|
|
20
|
+
PNG: "image/png",
|
|
21
|
+
JPEG: "image/jpeg",
|
|
22
|
+
GIF: "image/gif",
|
|
23
|
+
TXT: "text/plain",
|
|
24
|
+
PDF: "application/pdf",
|
|
25
|
+
MD: "text/markdown",
|
|
26
|
+
ZIP: "application/zip",
|
|
27
|
+
YAML: "application/yaml",
|
|
28
|
+
YML: "application/yaml",
|
|
29
|
+
DEFAULT: "application/octet-stream",
|
|
30
|
+
};
|
|
31
|
+
//# sourceMappingURL=constants.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"constants.js","sourceRoot":"","sources":["../../lib/constants.ts"],"names":[],"mappings":";;;AAAa,QAAA,aAAa,GAAG;IACzB,OAAO,EAAE,SAAS;IAClB,SAAS,EAAE,WAAW;IACtB,MAAM,EAAE,QAAQ;CACV,CAAC;AAEE,QAAA,KAAK,GAAG;IACjB,UAAU,EAAE,YAAY;IACxB,UAAU,EAAE,YAAY;IACxB,SAAS,EAAE,WAAW;IACtB,QAAQ,EAAE,UAAU;CACd,CAAC;AAEE,QAAA,UAAU,GAAG;IACtB,IAAI,EAAE,WAAW;IACjB,GAAG,EAAE,UAAU;IACf,EAAE,EAAE,wBAAwB;IAC5B,IAAI,EAAE,kBAAkB;IACxB,GAAG,EAAE,WAAW;IAChB,IAAI,EAAE,YAAY;IAClB,GAAG,EAAE,WAAW;IAChB,GAAG,EAAE,YAAY;IACjB,GAAG,EAAE,iBAAiB;IACtB,EAAE,EAAE,eAAe;IACnB,GAAG,EAAE,iBAAiB;IACtB,IAAI,EAAE,kBAAkB;IACxB,GAAG,EAAE,kBAAkB;IACvB,OAAO,EAAE,0BAA0B;CAC7B,CAAC"}
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
import * as ecr from "aws-cdk-lib/aws-ecr";
|
|
2
|
+
import { Construct } from "constructs";
|
|
3
|
+
export interface EcrRepositoryProps {
|
|
4
|
+
readonly repositoryName: string;
|
|
5
|
+
readonly publicReadAccess?: boolean;
|
|
6
|
+
}
|
|
7
|
+
/**
|
|
8
|
+
* ECR Repository construct for storing Docker images
|
|
9
|
+
* Supports both private and public access configurations
|
|
10
|
+
*/
|
|
11
|
+
export declare class EcrRepository extends Construct {
|
|
12
|
+
readonly repository: ecr.Repository;
|
|
13
|
+
readonly repositoryUri: string;
|
|
14
|
+
constructor(scope: Construct, id: string, props: EcrRepositoryProps);
|
|
15
|
+
}
|
|
16
|
+
//# sourceMappingURL=ecr-repository.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"ecr-repository.d.ts","sourceRoot":"","sources":["../../lib/ecr-repository.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,GAAG,MAAM,qBAAqB,CAAC;AAC3C,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAEvC,MAAM,WAAW,kBAAkB;IAC/B,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;IAChC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,OAAO,CAAC;CACvC;AAED;;;GAGG;AACH,qBAAa,aAAc,SAAQ,SAAS;IACxC,SAAgB,UAAU,EAAE,GAAG,CAAC,UAAU,CAAC;IAC3C,SAAgB,aAAa,EAAE,MAAM,CAAC;gBAE1B,KAAK,EAAE,SAAS,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,kBAAkB;CAkDtE"}
|
|
@@ -0,0 +1,90 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
19
|
+
var ownKeys = function(o) {
|
|
20
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
21
|
+
var ar = [];
|
|
22
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
23
|
+
return ar;
|
|
24
|
+
};
|
|
25
|
+
return ownKeys(o);
|
|
26
|
+
};
|
|
27
|
+
return function (mod) {
|
|
28
|
+
if (mod && mod.__esModule) return mod;
|
|
29
|
+
var result = {};
|
|
30
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
31
|
+
__setModuleDefault(result, mod);
|
|
32
|
+
return result;
|
|
33
|
+
};
|
|
34
|
+
})();
|
|
35
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
|
+
exports.EcrRepository = void 0;
|
|
37
|
+
const cdk = __importStar(require("aws-cdk-lib"));
|
|
38
|
+
const ecr = __importStar(require("aws-cdk-lib/aws-ecr"));
|
|
39
|
+
const constructs_1 = require("constructs");
|
|
40
|
+
/**
|
|
41
|
+
* ECR Repository construct for storing Docker images
|
|
42
|
+
* Supports both private and public access configurations
|
|
43
|
+
*/
|
|
44
|
+
class EcrRepository extends constructs_1.Construct {
|
|
45
|
+
constructor(scope, id, props) {
|
|
46
|
+
super(scope, id);
|
|
47
|
+
// Create ECR repository
|
|
48
|
+
this.repository = new ecr.Repository(this, "Repository", {
|
|
49
|
+
repositoryName: props.repositoryName,
|
|
50
|
+
// Keep images when stack is deleted
|
|
51
|
+
removalPolicy: cdk.RemovalPolicy.RETAIN,
|
|
52
|
+
// Automatically scan images on push for security vulnerabilities
|
|
53
|
+
imageScanOnPush: true,
|
|
54
|
+
// Lifecycle policy to keep last 10 images
|
|
55
|
+
lifecycleRules: [
|
|
56
|
+
{
|
|
57
|
+
description: "Keep last 10 images",
|
|
58
|
+
maxImageCount: 10,
|
|
59
|
+
rulePriority: 1,
|
|
60
|
+
},
|
|
61
|
+
],
|
|
62
|
+
});
|
|
63
|
+
// If public read access is enabled, add repository policy
|
|
64
|
+
if (props.publicReadAccess) {
|
|
65
|
+
this.repository.addToResourcePolicy(new cdk.aws_iam.PolicyStatement({
|
|
66
|
+
effect: cdk.aws_iam.Effect.ALLOW,
|
|
67
|
+
principals: [new cdk.aws_iam.AnyPrincipal()],
|
|
68
|
+
actions: [
|
|
69
|
+
"ecr:GetDownloadUrlForLayer",
|
|
70
|
+
"ecr:BatchGetImage",
|
|
71
|
+
"ecr:BatchCheckLayerAvailability",
|
|
72
|
+
],
|
|
73
|
+
}));
|
|
74
|
+
}
|
|
75
|
+
this.repositoryUri = this.repository.repositoryUri;
|
|
76
|
+
// Output the repository information
|
|
77
|
+
new cdk.CfnOutput(this, "RepositoryUri", {
|
|
78
|
+
value: this.repository.repositoryUri,
|
|
79
|
+
description: "ECR Repository URI",
|
|
80
|
+
exportName: `${props.repositoryName}-RepositoryUri`,
|
|
81
|
+
});
|
|
82
|
+
new cdk.CfnOutput(this, "RepositoryArn", {
|
|
83
|
+
value: this.repository.repositoryArn,
|
|
84
|
+
description: "ECR Repository ARN",
|
|
85
|
+
exportName: `${props.repositoryName}-RepositoryArn`,
|
|
86
|
+
});
|
|
87
|
+
}
|
|
88
|
+
}
|
|
89
|
+
exports.EcrRepository = EcrRepository;
|
|
90
|
+
//# sourceMappingURL=ecr-repository.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"ecr-repository.js","sourceRoot":"","sources":["../../lib/ecr-repository.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,iDAAmC;AACnC,yDAA2C;AAC3C,2CAAuC;AAOvC;;;GAGG;AACH,MAAa,aAAc,SAAQ,sBAAS;IAIxC,YAAY,KAAgB,EAAE,EAAU,EAAE,KAAyB;QAC/D,KAAK,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAEjB,wBAAwB;QACxB,IAAI,CAAC,UAAU,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,EAAE,YAAY,EAAE;YACrD,cAAc,EAAE,KAAK,CAAC,cAAc;YACpC,oCAAoC;YACpC,aAAa,EAAE,GAAG,CAAC,aAAa,CAAC,MAAM;YACvC,iEAAiE;YACjE,eAAe,EAAE,IAAI;YACrB,0CAA0C;YAC1C,cAAc,EAAE;gBACZ;oBACI,WAAW,EAAE,qBAAqB;oBAClC,aAAa,EAAE,EAAE;oBACjB,YAAY,EAAE,CAAC;iBAClB;aACJ;SACJ,CAAC,CAAC;QAEH,0DAA0D;QAC1D,IAAI,KAAK,CAAC,gBAAgB,EAAE,CAAC;YACzB,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAC/B,IAAI,GAAG,CAAC,OAAO,CAAC,eAAe,CAAC;gBAC5B,MAAM,EAAE,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK;gBAChC,UAAU,EAAE,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC;gBAC5C,OAAO,EAAE;oBACL,4BAA4B;oBAC5B,mBAAmB;oBACnB,iCAAiC;iBACpC;aACJ,CAAC,CACL,CAAC;QACN,CAAC;QAED,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,UAAU,CAAC,aAAa,CAAC;QAEnD,oCAAoC;QACpC,IAAI,GAAG,CAAC,SAAS,CAAC,IAAI,EAAE,eAAe,EAAE;YACrC,KAAK,EAAE,IAAI,CAAC,UAAU,CAAC,aAAa;YACpC,WAAW,EAAE,oBAAoB;YACjC,UAAU,EAAE,GAAG,KAAK,CAAC,cAAc,gBAAgB;SACtD,CAAC,CAAC;QAEH,IAAI,GAAG,CAAC,SAAS,CAAC,IAAI,EAAE,eAAe,EAAE;YACrC,KAAK,EAAE,IAAI,CAAC,UAAU,CAAC,aAAa;YACpC,WAAW,EAAE,oBAAoB;YACjC,UAAU,EAAE,GAAG,KAAK,CAAC,cAAc,gBAAgB;SACtD,CAAC,CAAC;IACP,CAAC;CACJ;AAtDD,sCAsDC"}
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
import * as ec2 from "aws-cdk-lib/aws-ec2";
|
|
2
|
+
import * as ecr from "aws-cdk-lib/aws-ecr";
|
|
3
|
+
import * as ecs from "aws-cdk-lib/aws-ecs";
|
|
4
|
+
import * as elbv2 from "aws-cdk-lib/aws-elasticloadbalancingv2";
|
|
5
|
+
import * as logs from "aws-cdk-lib/aws-logs";
|
|
6
|
+
import * as s3 from "aws-cdk-lib/aws-s3";
|
|
7
|
+
import { Construct } from "constructs";
|
|
8
|
+
export interface FargateServiceProps {
|
|
9
|
+
readonly vpc: ec2.IVpc;
|
|
10
|
+
readonly bucket: s3.IBucket;
|
|
11
|
+
readonly queueName: string;
|
|
12
|
+
readonly region: string;
|
|
13
|
+
readonly account: string;
|
|
14
|
+
readonly prefix: string;
|
|
15
|
+
readonly benchlingClientId: string;
|
|
16
|
+
readonly benchlingClientSecret: string;
|
|
17
|
+
readonly benchlingTenant: string;
|
|
18
|
+
readonly quiltCatalog: string;
|
|
19
|
+
readonly quiltDatabase: string;
|
|
20
|
+
readonly webhookAllowList: string;
|
|
21
|
+
readonly ecrRepository: ecr.IRepository;
|
|
22
|
+
readonly imageTag?: string;
|
|
23
|
+
readonly logLevel?: string;
|
|
24
|
+
}
|
|
25
|
+
export declare class FargateService extends Construct {
|
|
26
|
+
readonly service: ecs.FargateService;
|
|
27
|
+
readonly loadBalancer: elbv2.ApplicationLoadBalancer;
|
|
28
|
+
readonly cluster: ecs.Cluster;
|
|
29
|
+
readonly logGroup: logs.ILogGroup;
|
|
30
|
+
constructor(scope: Construct, id: string, props: FargateServiceProps);
|
|
31
|
+
}
|
|
32
|
+
//# sourceMappingURL=fargate-service.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"fargate-service.d.ts","sourceRoot":"","sources":["../../lib/fargate-service.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,GAAG,MAAM,qBAAqB,CAAC;AAC3C,OAAO,KAAK,GAAG,MAAM,qBAAqB,CAAC;AAC3C,OAAO,KAAK,GAAG,MAAM,qBAAqB,CAAC;AAC3C,OAAO,KAAK,KAAK,MAAM,wCAAwC,CAAC;AAEhE,OAAO,KAAK,IAAI,MAAM,sBAAsB,CAAC;AAE7C,OAAO,KAAK,EAAE,MAAM,oBAAoB,CAAC;AACzC,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAEvC,MAAM,WAAW,mBAAmB;IAChC,QAAQ,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC;IACvB,QAAQ,CAAC,MAAM,EAAE,EAAE,CAAC,OAAO,CAAC;IAC5B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,iBAAiB,EAAE,MAAM,CAAC;IACnC,QAAQ,CAAC,qBAAqB,EAAE,MAAM,CAAC;IACvC,QAAQ,CAAC,eAAe,EAAE,MAAM,CAAC;IACjC,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,gBAAgB,EAAE,MAAM,CAAC;IAClC,QAAQ,CAAC,aAAa,EAAE,GAAG,CAAC,WAAW,CAAC;IACxC,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;CAC9B;AAED,qBAAa,cAAe,SAAQ,SAAS;IACzC,SAAgB,OAAO,EAAE,GAAG,CAAC,cAAc,CAAC;IAC5C,SAAgB,YAAY,EAAE,KAAK,CAAC,uBAAuB,CAAC;IAC5D,SAAgB,OAAO,EAAE,GAAG,CAAC,OAAO,CAAC;IACrC,SAAgB,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC;gBAE7B,KAAK,EAAE,SAAS,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,mBAAmB;CA2SvE"}
|