@quiltdata/benchling-webhook 0.9.7 → 0.10.0-20251224T233317Z

package/README.md

@@ -65,63 +65,6 @@ If the App Canvas is not already part of your standard notebook template, Benchl
 
 ![App Canvas - Insert](imgs/benchling-insert.png)
 
-## Architecture
-
-AWS CDK application with simple, reliable webhook processing:
-
-```text
-Benchling Webhook
-        |
-        | HTTPS POST
-        v
-REST API Gateway v1 + Resource Policy
-        | (optional IP filtering)
-        v
-VPC Link
-        |
-        v
-Network Load Balancer
-        | (internal)
-        v
-ECS Fargate (Gunicorn + FastAPI)
-        |
-        | Multi-worker ASGI server
-        | HMAC signature verification
-        | Process webhook payload
-        |
-        +---> NAT Gateway ---> Internet (Benchling API, ECR)
-        |
-        v
-S3 + SQS → Quilt Package
-```
-
-### Components
-
-- **REST API Gateway v1** - Public HTTPS endpoint with CloudWatch logging and resource policies
-- **Resource Policy** - Free IP allowlisting (applied when `webhookAllowList` configured)
-- **VPC Link** - Private connection between API Gateway and VPC
-- **Network Load Balancer** - Internal load balancer with health checks
-- **ECS Fargate** - Gunicorn + FastAPI application (4 workers, auto-scales 2-10 tasks) with HMAC verification
-- **NAT Gateway** - Enables ECS tasks to access external services (Benchling API, ECR, Secrets Manager)
-- **S3** - Payload and package storage
-- **SQS** - Quilt package creation queue
-- **Secrets Manager** - Benchling OAuth credentials
-- **CloudWatch** - Centralized logging and monitoring
-
-### Cost Analysis
-
-**Monthly Fixed Costs (us-east-1):**
-
-- REST API v1: $0.00
-- Resource Policy: $0.00 (free)
-- VPC Link: $0.00
-- Network Load Balancer: $16.20
-- ECS Fargate (2 tasks): $14.50
-- NAT Gateway: $32.40
-- **Total: $63.10/month**
-
-**Variable Costs:** ~$3.50 per million requests
-
 ### Security Features
 
 **Single Authentication Layer:**
@@ -133,8 +76,10 @@ S3 + SQS → Quilt Package
 **Optional Network Filtering:**
 
 - **Resource Policy IP Filtering** - Free alternative to AWS WAF ($7/month saved)
-- Blocks unknown IPs at API Gateway edge
-- Health endpoints always exempt from IP filtering
+- Blocks unknown IPs at API Gateway edge (applies to all endpoints)
+- **BREAKING CHANGE (v1.1.0+)**: Health endpoints NO LONGER exempt from IP filtering
+- External monitoring services must be added to allowlist or IP filtering disabled
+- NLB health checks unaffected (bypass API Gateway)
 - IP filtering does NOT replace authentication (it's defense-in-depth)
 
 **Infrastructure Security:**
@@ -256,78 +201,3 @@ npx @quiltdata/benchling-webhook@latest logs --profile sales
 # Destroy stack
 npx @quiltdata/benchling-webhook@latest destroy --profile sales
 ```
-
-### Migration from Single Stack
-
-Existing "default" profile deployments continue to use `BenchlingWebhookStack` with no changes required. New profiles automatically get unique stack names.
-
-## Monitoring
-
-### CloudWatch Logs
-
-- `/aws/apigateway/benchling-webhook-rest` - API Gateway access logs
-- `/ecs/benchling-webhook` - ECS container logs (includes HMAC verification)
-
-**Note**: Resource Policy filtering happens at the API Gateway edge and is visible in access logs (403 responses for blocked IPs).
-
-### View Logs
-
-```bash
-# Via AWS CLI
-aws logs tail /aws/apigateway/benchling-webhook-rest --follow
-aws logs tail /ecs/benchling-webhook --follow
-
-# Via NPX (all logs combined)
-npx @quiltdata/benchling-webhook@latest logs --profile default
-```
-
-## Additional Commands
-
-```bash
-# Deploy without re-running setup
-npx @quiltdata/benchling-webhook@latest deploy [--profile <name>]
-
-# Check CloudFormation stack status
-npx @quiltdata/benchling-webhook@latest status [--profile <name>]
-
-# View CloudWatch logs
-npx @quiltdata/benchling-webhook@latest logs [--profile <name>]
-
-# Destroy stack
-npx @quiltdata/benchling-webhook@latest destroy [--profile <name>]
-
-# Show all available commands
-npx @quiltdata/benchling-webhook@latest --help
-```
-
-## Upgrading
-
-### From v1.0.0 (HTTP API v2 + Lambda Authorizer)
-
-Version 0.8.9+ uses REST API v1 + Resource Policy architecture instead of HTTP API v2. This is a **breaking change that requires stack recreation**.
-
-**Why the change?** REST API v1 + Resource Policy saves $5.10/month by eliminating AWS WAF costs while maintaining the same security model.
-
-**Quick migration:**
-
-```bash
-# 1. Backup configuration
-cp ~/.config/benchling-webhook/{profile}/config.json ~/backup-config.json
-
-# 2. Destroy old stack
-npx cdk destroy --profile {profile} --context stage={stage}
-
-# 3. Deploy new stack
-npm run deploy:{stage} -- --profile {profile} --yes
-
-# 4. Update webhook URL in Benchling (now includes stage prefix: /prod/webhook)
-
-# 5. Test
-npm run test:{stage} -- --profile {profile}
-```
-
-See [MIGRATION.md](./MIGRATION.md) for detailed upgrade instructions.
-
-## License
-
-Apache-2.0

package/dist/bin/benchling-webhook.d.ts

@@ -1,7 +1,7 @@
 #!/usr/bin/env node
 import * as cdk from "aws-cdk-lib";
 import { BenchlingWebhookStack } from "../lib/benchling-webhook-stack";
-import type { Config } from "../lib/utils/config";
+import type { StackConfig } from "../lib/types/stack-config";
 /**
  * Result of CDK bootstrap check
  */
@@ -28,9 +28,33 @@ export interface DeploymentResult {
 export declare function checkCdkBootstrap(account: string, region: string): Promise<BootstrapStatus>;
 /**
  * Create CDK app and stack (synthesis only, no deployment)
- * Accepts legacy Config for backward compatibility with existing deployment scripts.
- * v0.7.0: Uses ProfileConfig internally
- * v0.9.8: Supports profile-based stack names for multi-stack deployments
+ *
+ * v0.10.0: Clean library API - accepts minimal StackConfig interface
+ *
+ * This function is called directly by deploy.ts - no subprocess, no environment variables.
+ *
+ * @param config - Minimal stack configuration (transformed from ProfileConfig)
+ * @param options - Deployment options (account, region, profile name)
+ * @returns Deployment result with synthesized app and stack
+ *
+ * @example
+ * ```typescript
+ * import { createStack } from "@quiltdata/benchling-webhook";
+ * import { profileToStackConfig } from "./lib/utils/config-transform";
+ *
+ * const profile = XDGConfig.readProfile("default");
+ * const stackConfig = profileToStackConfig(profile);
+ *
+ * const result = createStack(stackConfig, {
+ *   account: "123456789012",
+ *   region: "us-east-1",
+ *   profileName: "default"
+ * });
+ * ```
  */
-export declare function createStack(config: Config): DeploymentResult;
+export declare function createStack(config: StackConfig, options: {
+    account: string;
+    region: string;
+    profileName: string;
+}): DeploymentResult;
 //# sourceMappingURL=benchling-webhook.d.ts.map

package/dist/bin/benchling-webhook.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"benchling-webhook.d.ts","sourceRoot":"","sources":["../../bin/benchling-webhook.ts"],"names":[],"mappings":";AACA,OAAO,KAAK,GAAG,MAAM,aAAa,CAAC;AACnC,OAAO,EAAE,qBAAqB,EAAE,MAAM,gCAAgC,CAAC;AAEvE,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAIlD;;GAEG;AACH,MAAM,WAAW,eAAe;IAC5B,YAAY,EAAE,OAAO,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC7B,GAAG,EAAE,GAAG,CAAC,GAAG,CAAC;IACb,KAAK,EAAE,qBAAqB,CAAC;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;CACnB;AAED;;;GAGG;AACH,wBAAsB,iBAAiB,CACnC,OAAO,EAAE,MAAM,EACf,MAAM,EAAE,MAAM,GACf,OAAO,CAAC,eAAe,CAAC,CAsC1B;AAGD;;;;;GAKG;AACH,wBAAgB,WAAW,CAAC,MAAM,EAAE,MAAM,GAAG,gBAAgB,CAgE5D"}
+{"version":3,"file":"benchling-webhook.d.ts","sourceRoot":"","sources":["../../bin/benchling-webhook.ts"],"names":[],"mappings":";AACA,OAAO,KAAK,GAAG,MAAM,aAAa,CAAC;AACnC,OAAO,EAAE,qBAAqB,EAAE,MAAM,gCAAgC,CAAC;AAGvE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AAE7D;;GAEG;AACH,MAAM,WAAW,eAAe;IAC5B,YAAY,EAAE,OAAO,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC7B,GAAG,EAAE,GAAG,CAAC,GAAG,CAAC;IACb,KAAK,EAAE,qBAAqB,CAAC;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;CACnB;AAED;;;GAGG;AACH,wBAAsB,iBAAiB,CACnC,OAAO,EAAE,MAAM,EACf,MAAM,EAAE,MAAM,GACf,OAAO,CAAC,eAAe,CAAC,CAsC1B;AAGD;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,wBAAgB,WAAW,CACvB,MAAM,EAAE,WAAW,EACnB,OAAO,EAAE;IACL,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,MAAM,CAAC;CACvB,GACF,gBAAgB,CAoBlB"}

package/dist/bin/benchling-webhook.js

@@ -77,63 +77,40 @@ async function checkCdkBootstrap(account, region) {
 }
 /**
  * Create CDK app and stack (synthesis only, no deployment)
- * Accepts legacy Config for backward compatibility with existing deployment scripts.
- * v0.7.0: Uses ProfileConfig internally
- * v0.9.8: Supports profile-based stack names for multi-stack deployments
+ *
+ * v0.10.0: Clean library API - accepts minimal StackConfig interface
+ *
+ * This function is called directly by deploy.ts - no subprocess, no environment variables.
+ *
+ * @param config - Minimal stack configuration (transformed from ProfileConfig)
+ * @param options - Deployment options (account, region, profile name)
+ * @returns Deployment result with synthesized app and stack
+ *
+ * @example
+ * ```typescript
+ * import { createStack } from "@quiltdata/benchling-webhook";
+ * import { profileToStackConfig } from "./lib/utils/config-transform";
+ *
+ * const profile = XDGConfig.readProfile("default");
+ * const stackConfig = profileToStackConfig(profile);
+ *
+ * const result = createStack(stackConfig, {
+ *   account: "123456789012",
+ *   region: "us-east-1",
+ *   profileName: "default"
+ * });
+ * ```
  */
-function createStack(config) {
+function createStack(config, options) {
     const app = new cdk.App();
-    // Convert legacy config to ProfileConfig for backward compatibility
-    const profileConfig = {
-        quilt: {
-            stackArn: config.quiltStackArn || "",
-            catalog: config.quiltCatalog,
-            database: config.quiltDatabase,
-            queueUrl: config.queueUrl,
-            region: config.cdkRegion,
-        },
-        benchling: {
-            tenant: config.benchlingTenant,
-            clientId: config.benchlingClientId,
-            clientSecret: config.benchlingClientSecret,
-            secretArn: config.benchlingSecret,
-            appDefinitionId: config.benchlingAppDefinitionId,
-        },
-        packages: {
-            bucket: config.quiltUserBucket,
-            prefix: config.pkgPrefix || "benchling",
-            metadataKey: config.pkgKey || "experiment_id",
-        },
-        deployment: {
-            region: config.cdkRegion,
-            account: config.cdkAccount,
-            ecrRepository: config.ecrRepositoryName || "quiltdata/benchling",
-            imageTag: config.imageTag || "latest",
-        },
-        logging: {
-            level: config.logLevel || "INFO",
-        },
-        security: {
-            webhookAllowList: config.webhookAllowList || "",
-            enableVerification: config.enableWebhookVerification !== "false",
-        },
-        _metadata: {
-            version: "0.7.0-migration",
-            createdAt: new Date().toISOString(),
-            updatedAt: new Date().toISOString(),
-            source: "cli",
-        },
-    };
     // Determine stack name: use profile-based naming with optional custom name
-    // For legacy compatibility, assume "default" profile unless specified in deployment config
-    const profile = "default";
-    const stackName = (0, config_1.getStackName)(profile, profileConfig.deployment?.stackName);
+    const stackName = (0, config_1.getStackName)(options.profileName, config.deployment.stackName);
     const stack = new benchling_webhook_stack_1.BenchlingWebhookStack(app, stackName, {
         env: {
-            account: config.cdkAccount,
-            region: config.cdkRegion,
+            account: options.account,
+            region: options.region,
         },
-        config: profileConfig,
+        config: config,
     });
     return {
         app,
@@ -142,85 +119,4 @@ function createStack(config) {
         stackId: stack.stackId,
     };
 }
-// Only run if called directly (not imported)
-// v0.7.0+: Uses ProfileConfig read from environment variables
-// This module is primarily used by CDK CLI (npx cdk deploy) which requires direct execution
-if (require.main === module) {
-    const app = new cdk.App();
-    // Minimal ProfileConfig from environment variables (for direct CDK usage)
-    // For destroy operations, provide placeholder values if SKIP_CONFIG_VALIDATION is set
-    const skipValidation = process.env.SKIP_CONFIG_VALIDATION === "true";
-    const profileConfig = {
-        quilt: {
-            stackArn: process.env.QUILT_STACK_ARN || (skipValidation ? "placeholder" : ""),
-            catalog: process.env.QUILT_CATALOG || "",
-            database: process.env.QUILT_DATABASE || "",
-            queueUrl: process.env.QUEUE_URL || "",
-            region: process.env.CDK_DEFAULT_REGION || "us-east-1",
-        },
-        benchling: {
-            tenant: process.env.BENCHLING_TENANT || "",
-            clientId: process.env.BENCHLING_CLIENT_ID || "",
-            secretArn: process.env.BENCHLING_SECRET || (skipValidation ? "placeholder" : undefined),
-            appDefinitionId: process.env.BENCHLING_APP_DEFINITION_ID || "",
-        },
-        packages: {
-            bucket: process.env.QUILT_USER_BUCKET || "",
-            prefix: process.env.PKG_PREFIX || "benchling",
-            metadataKey: process.env.PKG_KEY || "experiment_id",
-        },
-        deployment: {
-            region: process.env.CDK_DEFAULT_REGION || "us-east-1",
-            account: process.env.CDK_DEFAULT_ACCOUNT,
-            ecrRepository: process.env.ECR_REPOSITORY_NAME || "quiltdata/benchling",
-            imageTag: process.env.IMAGE_TAG || "latest",
-            // Include VPC configuration if specified
-            ...(process.env.VPC_ID && {
-                vpc: {
-                    vpcId: process.env.VPC_ID,
-                    // Parse subnet arrays from JSON-encoded environment variables
-                    ...(process.env.VPC_PRIVATE_SUBNET_IDS && {
-                        privateSubnetIds: JSON.parse(process.env.VPC_PRIVATE_SUBNET_IDS),
-                    }),
-                    ...(process.env.VPC_PUBLIC_SUBNET_IDS && {
-                        publicSubnetIds: JSON.parse(process.env.VPC_PUBLIC_SUBNET_IDS),
-                    }),
-                    ...(process.env.VPC_AVAILABILITY_ZONES && {
-                        availabilityZones: JSON.parse(process.env.VPC_AVAILABILITY_ZONES),
-                    }),
-                    ...(process.env.VPC_CIDR_BLOCK && {
-                        vpcCidrBlock: process.env.VPC_CIDR_BLOCK,
-                    }),
-                },
-            }),
-            // Include custom stack name if specified
-            ...(process.env.STACK_NAME && {
-                stackName: process.env.STACK_NAME,
-            }),
-        },
-        logging: {
-            level: process.env.LOG_LEVEL || "INFO",
-        },
-        security: {
-            webhookAllowList: process.env.WEBHOOK_ALLOW_LIST || "",
-            enableVerification: process.env.ENABLE_WEBHOOK_VERIFICATION !== "false",
-        },
-        _metadata: {
-            version: "0.7.0",
-            createdAt: new Date().toISOString(),
-            updatedAt: new Date().toISOString(),
-            source: "cli",
-        },
-    };
-    // Determine stack name from environment or profile
-    const profile = process.env.PROFILE || "default";
-    const stackName = (0, config_1.getStackName)(profile, profileConfig.deployment.stackName);
-    new benchling_webhook_stack_1.BenchlingWebhookStack(app, stackName, {
-        env: {
-            account: process.env.CDK_DEFAULT_ACCOUNT,
-            region: process.env.CDK_DEFAULT_REGION,
-        },
-        config: profileConfig,
-    });
-}
 //# sourceMappingURL=benchling-webhook.js.map

package/dist/bin/benchling-webhook.js.map

@@ -1 +1 @@
-{"version":3,"file":"benchling-webhook.js","sourceRoot":"","sources":["../../bin/benchling-webhook.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAiCA,8CAyCC;AASD,kCAgEC;AAlJD,iDAAmC;AACnC,4EAAuE;AACvE,iDAAyC;AAGzC,gDAAmD;AAuBnD;;;GAGG;AACI,KAAK,UAAU,iBAAiB,CACnC,OAAe,EACf,MAAc;IAEd,IAAI,CAAC;QACD,MAAM,MAAM,GAAG,IAAA,wBAAQ,EACnB,+CAA+C,MAAM,6EAA6E,EAClI,EAAE,QAAQ,EAAE,OAAO,EAAE,CACxB,CAAC;QAEF,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC;QAElC,IACI,WAAW,CAAC,QAAQ,CAAC,gBAAgB,CAAC;YACtC,WAAW,CAAC,QAAQ,CAAC,iBAAiB,CAAC,EACzC,CAAC;YACC,OAAO;gBACH,YAAY,EAAE,KAAK;gBACnB,OAAO,EAAE,uCAAuC,OAAO,cAAc,MAAM,EAAE;gBAC7E,OAAO,EAAE,2BAA2B,OAAO,IAAI,MAAM,EAAE;aAC1D,CAAC;QACN,CAAC;QAED,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;YACpC,OAAO;gBACH,YAAY,EAAE,IAAI;gBAClB,MAAM,EAAE,WAAW;gBACnB,OAAO,EAAE,iCAAiC,WAAW,qCAAqC;aAC7F,CAAC;QACN,CAAC;QAED,OAAO;YACH,YAAY,EAAE,IAAI;YAClB,MAAM,EAAE,WAAW;SACtB,CAAC;IACN,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACb,OAAO;YACH,YAAY,EAAE,KAAK;YACnB,OAAO,EAAE,0CAA2C,KAAe,CAAC,OAAO,EAAE;SAChF,CAAC;IACN,CAAC;AACL,CAAC;AAGD;;;;;GAKG;AACH,SAAgB,WAAW,CAAC,MAAc;IACtC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,EAAE,CAAC;IAE1B,oEAAoE;IACpE,MAAM,aAAa,GAAkB;QACjC,KAAK,EAAE;YACH,QAAQ,EAAE,MAAM,CAAC,aAAa,IAAI,EAAE;YACpC,OAAO,EAAE,MAAM,CAAC,YAAY;YAC5B,QAAQ,EAAE,MAAM,CAAC,aAAa;YAC9B,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,MAAM,EAAE,MAAM,CAAC,SAAS;SAC3B;QACD,SAAS,EAAE;YACP,MAAM,EAAE,MAAM,CAAC,eAAe;YAC9B,QAAQ,EAAE,MAAM,CAAC,iBAAiB;YAClC,YAAY,EAAE,MAAM,CAAC,qBAAqB;YAC1C,SAAS,EAAE,MAAM,CAAC,eAAe;YACjC,eAAe,EAAE,MAAM,CAAC,wBAAwB;SACnD;QACD,QAAQ,EAAE;YACN,MAAM,EAAE,MAAM,CAAC,eAAe;YAC9B,MAAM,EAAE,MAAM,CAAC,SAAS,IAAI,WAAW;YACvC,WAAW,EAAE,MAAM,CAAC,MAAM,IAAI,eAAe;SAChD;QACD,UAAU,EAAE;YACR,MAAM,EAAE,MAAM,CAAC,SAAS;YACxB,OAAO,EAAE,MAAM,CAAC,UAAU;YAC1B,aAAa,EAAE,MAAM,CAAC,iBAAiB,IAAI,qBAAqB;YAChE,QAAQ,EAAE,MAAM,CAAC,QAAQ,IAAI,QAAQ;SACxC;QACD,OAAO,EAAE;YACL,KAAK,EAAG,MAAM,CAAC,QAAmD,IAAI,MAAM;SAC/E;QACD,QAAQ,EAAE;YACN,gBAAgB,EAAE,MAAM,CAAC,gBAAgB,IAAI,EAAE;YAC/C,kBAAkB,EAAE,MAAM,CAAC,yBAAyB,KAAK,OAAO;SACnE;QACD,SAAS,EAAE;YACP,OAAO,EAAE,iBAAiB;YAC1B,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,MAAM,EAAE,KAAK;SAChB;KACJ,CAAC;IAEF,2EAA2E;IAC3E,2FAA2F;IAC3F,MAAM,OAAO,GAAG,SAAS,CAAC;IAC1B,MAAM,SAAS,GAAG,IAAA,qBAAY,EAAC,OAAO,EAAE,aAAa,CAAC,UAAU,EAAE,SAAS,CAAC,CAAC;IAE7E,MAAM,KAAK,GAAG,IAAI,+CAAqB,CAAC,GAAG,EAAE,SAAS,EAAE;QACpD,GAAG,EAAE;YACD,OAAO,EAAE,MAAM,CAAC,UAAU;YAC1B,MAAM,EAAE,MAAM,CAAC,SAAS;SAC3B;QACD,MAAM,EAAE,aAAa;KACxB,CAAC,CAAC;IAEH,OAAO;QACH,GAAG;QACH,KAAK;QACL,SAAS,EAAE,KAAK,CAAC,SAAS;QAC1B,OAAO,EAAE,KAAK,CAAC,OAAO;KACzB,CAAC;AACN,CAAC;AAED,6CAA6C;AAC7C,8DAA8D;AAC9D,4FAA4F;AAC5F,IAAI,OAAO,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;IAC1B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,EAAE,CAAC;IAE1B,0EAA0E;IAC1E,sFAAsF;IACtF,MAAM,cAAc,GAAG,OAAO,CAAC,GAAG,CAAC,sBAAsB,KAAK,MAAM,CAAC;IACrE,MAAM,aAAa,GAAkB;QACjC,KAAK,EAAE;YACH,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,eAAe,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC;YAC9E,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,EAAE;YACxC,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,EAAE;YAC1C,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,EAAE;YACrC,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,kBAAkB,IAAI,WAAW;SACxD;QACD,SAAS,EAAE;YACP,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,EAAE;YAC1C,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,mBAAmB,IAAI,EAAE;YAC/C,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;YACvF,eAAe,EAAE,OAAO,CAAC,GAAG,CAAC,2BAA2B,IAAI,EAAE;SACjE;QACD,QAAQ,EAAE;YACN,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,iBAAiB,IAAI,EAAE;YAC3C,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,UAAU,IAAI,WAAW;YAC7C,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,eAAe;SACtD;QACD,UAAU,EAAE;YACR,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,kBAAkB,IAAI,WAAW;YACrD,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,mBAAmB;YACxC,aAAa,EAAE,OAAO,CAAC,GAAG,CAAC,mBAAmB,IAAI,qBAAqB;YACvE,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,QAAQ;YAC3C,yCAAyC;YACzC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,IAAI;gBACtB,GAAG,EAAE;oBACD,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,MAAM;oBACzB,8DAA8D;oBAC9D,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,sBAAsB,IAAI;wBACtC,gBAAgB,EAAE,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC;qBACnE,CAAC;oBACF,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,qBAAqB,IAAI;wBACrC,eAAe,EAAE,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC;qBACjE,CAAC;oBACF,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,sBAAsB,IAAI;wBACtC,iBAAiB,EAAE,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC;qBACpE,CAAC;oBACF,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI;wBAC9B,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc;qBAC3C,CAAC;iBACL;aACJ,CAAC;YACF,yCAAyC;YACzC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,UAAU,IAAI;gBAC1B,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,UAAU;aACpC,CAAC;SACL;QACD,OAAO,EAAE;YACL,KAAK,EAAG,OAAO,CAAC,GAAG,CAAC,SAAoD,IAAI,MAAM;SACrF;QACD,QAAQ,EAAE;YACN,gBAAgB,EAAE,OAAO,CAAC,GAAG,CAAC,kBAAkB,IAAI,EAAE;YACtD,kBAAkB,EAAE,OAAO,CAAC,GAAG,CAAC,2BAA2B,KAAK,OAAO;SAC1E;QACD,SAAS,EAAE;YACP,OAAO,EAAE,OAAO;YAChB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,MAAM,EAAE,KAAK;SAChB;KACJ,CAAC;IAEF,mDAAmD;IACnD,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,SAAS,CAAC;IACjD,MAAM,SAAS,GAAG,IAAA,qBAAY,EAAC,OAAO,EAAE,aAAa,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;IAE5E,IAAI,+CAAqB,CAAC,GAAG,EAAE,SAAS,EAAE;QACtC,GAAG,EAAE;YACD,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,mBAAmB;YACxC,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,kBAAkB;SACzC;QACD,MAAM,EAAE,aAAa;KACxB,CAAC,CAAC;AACP,CAAC"}
+{"version":3,"file":"benchling-webhook.js","sourceRoot":"","sources":["../../bin/benchling-webhook.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAgCA,8CAyCC;AA6BD,kCA2BC;AAhID,iDAAmC;AACnC,4EAAuE;AACvE,iDAAyC;AACzC,gDAAmD;AAwBnD;;;GAGG;AACI,KAAK,UAAU,iBAAiB,CACnC,OAAe,EACf,MAAc;IAEd,IAAI,CAAC;QACD,MAAM,MAAM,GAAG,IAAA,wBAAQ,EACnB,+CAA+C,MAAM,6EAA6E,EAClI,EAAE,QAAQ,EAAE,OAAO,EAAE,CACxB,CAAC;QAEF,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC;QAElC,IACI,WAAW,CAAC,QAAQ,CAAC,gBAAgB,CAAC;YACtC,WAAW,CAAC,QAAQ,CAAC,iBAAiB,CAAC,EACzC,CAAC;YACC,OAAO;gBACH,YAAY,EAAE,KAAK;gBACnB,OAAO,EAAE,uCAAuC,OAAO,cAAc,MAAM,EAAE;gBAC7E,OAAO,EAAE,2BAA2B,OAAO,IAAI,MAAM,EAAE;aAC1D,CAAC;QACN,CAAC;QAED,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;YACpC,OAAO;gBACH,YAAY,EAAE,IAAI;gBAClB,MAAM,EAAE,WAAW;gBACnB,OAAO,EAAE,iCAAiC,WAAW,qCAAqC;aAC7F,CAAC;QACN,CAAC;QAED,OAAO;YACH,YAAY,EAAE,IAAI;YAClB,MAAM,EAAE,WAAW;SACtB,CAAC;IACN,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACb,OAAO;YACH,YAAY,EAAE,KAAK;YACnB,OAAO,EAAE,0CAA2C,KAAe,CAAC,OAAO,EAAE;SAChF,CAAC;IACN,CAAC;AACL,CAAC;AAGD;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AACH,SAAgB,WAAW,CACvB,MAAmB,EACnB,OAIC;IAED,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,EAAE,CAAC;IAE1B,2EAA2E;IAC3E,MAAM,SAAS,GAAG,IAAA,qBAAY,EAAC,OAAO,CAAC,WAAW,EAAE,MAAM,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;IAEjF,MAAM,KAAK,GAAG,IAAI,+CAAqB,CAAC,GAAG,EAAE,SAAS,EAAE;QACpD,GAAG,EAAE;YACD,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,MAAM,EAAE,OAAO,CAAC,MAAM;SACzB;QACD,MAAM,EAAE,MAAM;KACjB,CAAC,CAAC;IAEH,OAAO;QACH,GAAG;QACH,KAAK;QACL,SAAS,EAAE,KAAK,CAAC,SAAS;QAC1B,OAAO,EAAE,KAAK,CAAC,OAAO;KACzB,CAAC;AACN,CAAC"}

package/dist/bin/commands/deploy.d.ts

@@ -5,8 +5,11 @@ import { ProfileConfig } from "../../lib/types/config";
  * Uses new profile-based configuration with deployment tracking.
  * Supports independent --profile and --stage options.
  *
+ * v0.10.0: Refactored to call createStack() directly instead of spawning subprocess.
+ * This eliminates environment variable IPC complexity and simplifies testing.
+ *
  * @module commands/deploy
- * @version 0.7.0
+ * @version 0.10.0
  */
 export declare function deployCommand(options: {
     yes?: boolean;
@@ -23,6 +26,9 @@ export declare function deployCommand(options: {
 }): Promise<void>;
 /**
  * Deploy the Benchling webhook stack
+ *
+ * v0.10.0: Refactored to call createStack() directly instead of using environment variable IPC.
+ * Configuration is passed programmatically through function calls, not subprocess environment.
  */
 export declare function deploy(stackArn: string, benchlingSecret: string, config: ProfileConfig, options: {
     yes?: boolean;

package/dist/bin/commands/deploy.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"deploy.d.ts","sourceRoot":"","sources":["../../../bin/commands/deploy.ts"],"names":[],"mappings":"AAaA,OAAO,EAAE,aAAa,EAAgB,MAAM,wBAAwB,CAAC;AAuNrE;;;;;;;;GAQG;AACH,wBAAsB,aAAa,CAAC,OAAO,EAAE;IACzC,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,KAAK,GAAG,MAAM,CAAC;IACvB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,OAAO,CAAC;CACnB,GAAG,OAAO,CAAC,IAAI,CAAC,CA8FhB;AAED;;GAEG;AACH,wBAAsB,MAAM,CACxB,QAAQ,EAAE,MAAM,EAChB,eAAe,EAAE,MAAM,EACvB,MAAM,EAAE,aAAa,EACrB,OAAO,EAAE;IACL,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,KAAK,EAAE,KAAK,GAAG,MAAM,CAAC;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,OAAO,CAAC;CACnB,GACF,OAAO,CAAC,IAAI,CAAC,CAuhBf"}
+{"version":3,"file":"deploy.d.ts","sourceRoot":"","sources":["../../../bin/commands/deploy.ts"],"names":[],"mappings":"AAaA,OAAO,EAAE,aAAa,EAAgB,MAAM,wBAAwB,CAAC;AA4GrE;;;;;;;;;;;GAWG;AACH,wBAAsB,aAAa,CAAC,OAAO,EAAE;IACzC,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,KAAK,GAAG,MAAM,CAAC;IACvB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,OAAO,CAAC;CACnB,GAAG,OAAO,CAAC,IAAI,CAAC,CA8FhB;AAED;;;;;GAKG;AACH,wBAAsB,MAAM,CACxB,QAAQ,EAAE,MAAM,EAChB,eAAe,EAAE,MAAM,EACvB,MAAM,EAAE,aAAa,EACrB,OAAO,EAAE;IACL,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,KAAK,EAAE,KAAK,GAAG,MAAM,CAAC;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,OAAO,CAAC;CACnB,GACF,OAAO,CAAC,IAAI,CAAC,CAqiBf"}