npm - @stacksjs/ts-cloud-core - Versions diffs - 0.1.1 - Mend

@stacksjs/ts-cloud-core 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (251) hide show

package/LICENSE.md +21 -0
package/README.md +321 -0
package/package.json +31 -0
package/src/advanced-features.test.ts +465 -0
package/src/aws/cloudformation.ts +421 -0
package/src/aws/cloudfront.ts +158 -0
package/src/aws/credentials.test.ts +132 -0
package/src/aws/credentials.ts +545 -0
package/src/aws/index.ts +87 -0
package/src/aws/s3.test.ts +188 -0
package/src/aws/s3.ts +1088 -0
package/src/aws/signature.test.ts +670 -0
package/src/aws/signature.ts +1155 -0
package/src/backup/disaster-recovery.test.ts +726 -0
package/src/backup/disaster-recovery.ts +500 -0
package/src/backup/index.ts +34 -0
package/src/backup/manager.test.ts +498 -0
package/src/backup/manager.ts +432 -0
package/src/cicd/circleci.ts +430 -0
package/src/cicd/github-actions.ts +424 -0
package/src/cicd/gitlab-ci.ts +255 -0
package/src/cicd/index.ts +8 -0
package/src/cli/history.ts +396 -0
package/src/cli/index.ts +10 -0
package/src/cli/progress.ts +458 -0
package/src/cli/repl.ts +454 -0
package/src/cli/suggestions.ts +327 -0
package/src/cli/table.test.ts +319 -0
package/src/cli/table.ts +332 -0
package/src/cloudformation/builder.test.ts +327 -0
package/src/cloudformation/builder.ts +378 -0
package/src/cloudformation/builders/api-gateway.ts +449 -0
package/src/cloudformation/builders/cache.ts +334 -0
package/src/cloudformation/builders/cdn.ts +278 -0
package/src/cloudformation/builders/compute.ts +485 -0
package/src/cloudformation/builders/database.ts +392 -0
package/src/cloudformation/builders/functions.ts +343 -0
package/src/cloudformation/builders/messaging.ts +140 -0
package/src/cloudformation/builders/monitoring.ts +300 -0
package/src/cloudformation/builders/network.ts +264 -0
package/src/cloudformation/builders/queue.ts +147 -0
package/src/cloudformation/builders/security.ts +399 -0
package/src/cloudformation/builders/storage.ts +285 -0
package/src/cloudformation/index.ts +30 -0
package/src/cloudformation/types.ts +173 -0
package/src/compliance/aws-config.ts +543 -0
package/src/compliance/cloudtrail.ts +376 -0
package/src/compliance/compliance.test.ts +423 -0
package/src/compliance/guardduty.ts +446 -0
package/src/compliance/index.ts +66 -0
package/src/compliance/security-hub.ts +456 -0
package/src/containers/build-optimization.ts +416 -0
package/src/containers/containers.test.ts +508 -0
package/src/containers/image-scanning.ts +360 -0
package/src/containers/index.ts +9 -0
package/src/containers/registry.ts +293 -0
package/src/containers/service-mesh.ts +520 -0
package/src/database/database.test.ts +762 -0
package/src/database/index.ts +9 -0
package/src/database/migrations.ts +444 -0
package/src/database/performance.ts +528 -0
package/src/database/replicas.ts +534 -0
package/src/database/users.ts +494 -0
package/src/dependency-graph.ts +143 -0
package/src/deployment/ab-testing.ts +582 -0
package/src/deployment/blue-green.ts +452 -0
package/src/deployment/canary.ts +500 -0
package/src/deployment/deployment.test.ts +526 -0
package/src/deployment/index.ts +61 -0
package/src/deployment/progressive.ts +62 -0
package/src/dns/dns.test.ts +641 -0
package/src/dns/dnssec.ts +315 -0
package/src/dns/index.ts +8 -0
package/src/dns/resolver.ts +496 -0
package/src/dns/routing.ts +593 -0
package/src/email/advanced/analytics.ts +445 -0
package/src/email/advanced/index.ts +11 -0
package/src/email/advanced/rules.ts +465 -0
package/src/email/advanced/scheduling.ts +352 -0
package/src/email/advanced/search.ts +412 -0
package/src/email/advanced/shared-mailboxes.ts +404 -0
package/src/email/advanced/templates.ts +455 -0
package/src/email/advanced/threading.ts +281 -0
package/src/email/analytics.ts +467 -0
package/src/email/bounce-handling.ts +425 -0
package/src/email/email.test.ts +431 -0
package/src/email/handlers/__tests__/inbound.test.ts +38 -0
package/src/email/handlers/__tests__/outbound.test.ts +37 -0
package/src/email/handlers/converter.ts +227 -0
package/src/email/handlers/feedback.ts +228 -0
package/src/email/handlers/inbound.ts +169 -0
package/src/email/handlers/outbound.ts +178 -0
package/src/email/index.ts +15 -0
package/src/email/reputation.ts +303 -0
package/src/email/templates.ts +352 -0
package/src/errors/index.test.ts +434 -0
package/src/errors/index.ts +416 -0
package/src/health-checks/index.ts +40 -0
package/src/index.ts +360 -0
package/src/intrinsic-functions.ts +118 -0
package/src/lambda/concurrency.ts +330 -0
package/src/lambda/destinations.ts +345 -0
package/src/lambda/dlq.ts +425 -0
package/src/lambda/index.ts +11 -0
package/src/lambda/lambda.test.ts +840 -0
package/src/lambda/layers.ts +263 -0
package/src/lambda/versions.ts +376 -0
package/src/lambda/vpc.ts +399 -0
package/src/local/config.ts +114 -0
package/src/local/index.ts +6 -0
package/src/local/mock-aws.ts +351 -0
package/src/modules/ai.ts +340 -0
package/src/modules/api.ts +478 -0
package/src/modules/auth.ts +805 -0
package/src/modules/cache.ts +417 -0
package/src/modules/cdn.ts +1062 -0
package/src/modules/communication.ts +1094 -0
package/src/modules/compute.ts +3348 -0
package/src/modules/database.ts +554 -0
package/src/modules/deployment.ts +1079 -0
package/src/modules/dns.ts +337 -0
package/src/modules/email.ts +1538 -0
package/src/modules/filesystem.ts +515 -0
package/src/modules/index.ts +32 -0
package/src/modules/messaging.ts +486 -0
package/src/modules/monitoring.ts +2086 -0
package/src/modules/network.ts +664 -0
package/src/modules/parameter-store.ts +325 -0
package/src/modules/permissions.ts +1081 -0
package/src/modules/phone.ts +494 -0
package/src/modules/queue.ts +1260 -0
package/src/modules/redirects.ts +464 -0
package/src/modules/registry.ts +699 -0
package/src/modules/search.ts +401 -0
package/src/modules/secrets.ts +416 -0
package/src/modules/security.ts +731 -0
package/src/modules/sms.ts +389 -0
package/src/modules/storage.ts +1120 -0
package/src/modules/workflow.ts +680 -0
package/src/multi-account/config.ts +521 -0
package/src/multi-account/index.ts +7 -0
package/src/multi-account/manager.ts +427 -0
package/src/multi-region/cross-region.ts +410 -0
package/src/multi-region/index.ts +8 -0
package/src/multi-region/manager.ts +483 -0
package/src/multi-region/regions.ts +435 -0
package/src/network-security/index.ts +48 -0
package/src/observability/index.ts +9 -0
package/src/observability/logs.ts +522 -0
package/src/observability/metrics.ts +460 -0
package/src/observability/observability.test.ts +782 -0
package/src/observability/synthetics.ts +568 -0
package/src/observability/xray.ts +358 -0
package/src/phone/advanced/analytics.ts +349 -0
package/src/phone/advanced/callbacks.ts +428 -0
package/src/phone/advanced/index.ts +8 -0
package/src/phone/advanced/ivr-builder.ts +504 -0
package/src/phone/advanced/recording.ts +310 -0
package/src/phone/handlers/__tests__/incoming-call.test.ts +40 -0
package/src/phone/handlers/incoming-call.ts +117 -0
package/src/phone/handlers/missed-call.ts +116 -0
package/src/phone/handlers/voicemail.ts +179 -0
package/src/phone/index.ts +9 -0
package/src/presets/api-backend.ts +134 -0
package/src/presets/data-pipeline.ts +204 -0
package/src/presets/extend.test.ts +295 -0
package/src/presets/extend.ts +297 -0
package/src/presets/fullstack-app.ts +144 -0
package/src/presets/index.ts +27 -0
package/src/presets/jamstack.ts +135 -0
package/src/presets/microservices.ts +167 -0
package/src/presets/ml-api.ts +208 -0
package/src/presets/nodejs-server.ts +104 -0
package/src/presets/nodejs-serverless.ts +114 -0
package/src/presets/realtime-app.ts +184 -0
package/src/presets/static-site.ts +64 -0
package/src/presets/traditional-web-app.ts +339 -0
package/src/presets/wordpress.ts +138 -0
package/src/preview/github.test.ts +249 -0
package/src/preview/github.ts +297 -0
package/src/preview/index.ts +37 -0
package/src/preview/manager.test.ts +440 -0
package/src/preview/manager.ts +326 -0
package/src/preview/notifications.test.ts +582 -0
package/src/preview/notifications.ts +341 -0
package/src/queue/batch-processing.ts +402 -0
package/src/queue/dlq-monitoring.ts +402 -0
package/src/queue/fifo.ts +342 -0
package/src/queue/index.ts +9 -0
package/src/queue/management.ts +428 -0
package/src/queue/queue.test.ts +429 -0
package/src/resource-mgmt/index.ts +39 -0
package/src/resource-naming.ts +62 -0
package/src/s3/index.ts +523 -0
package/src/schema/cloud-config.schema.json +554 -0
package/src/schema/index.ts +68 -0
package/src/security/certificate-manager.ts +492 -0
package/src/security/index.ts +9 -0
package/src/security/scanning.ts +545 -0
package/src/security/secrets-manager.ts +476 -0
package/src/security/secrets-rotation.ts +456 -0
package/src/security/security.test.ts +738 -0
package/src/sms/advanced/ab-testing.ts +389 -0
package/src/sms/advanced/analytics.ts +336 -0
package/src/sms/advanced/campaigns.ts +523 -0
package/src/sms/advanced/chatbot.ts +224 -0
package/src/sms/advanced/index.ts +10 -0
package/src/sms/advanced/link-tracking.ts +248 -0
package/src/sms/advanced/mms.ts +308 -0
package/src/sms/handlers/__tests__/send.test.ts +40 -0
package/src/sms/handlers/delivery-status.ts +133 -0
package/src/sms/handlers/receive.ts +162 -0
package/src/sms/handlers/send.ts +174 -0
package/src/sms/index.ts +9 -0
package/src/stack-diff.ts +389 -0
package/src/static-site/index.ts +85 -0
package/src/template-builder.ts +110 -0
package/src/template-validator.ts +574 -0
package/src/utils/cache.ts +291 -0
package/src/utils/diff.ts +269 -0
package/src/utils/hash.ts +227 -0
package/src/utils/index.ts +8 -0
package/src/utils/parallel.ts +294 -0
package/src/validators/credentials.test.ts +274 -0
package/src/validators/credentials.ts +233 -0
package/src/validators/quotas.test.ts +434 -0
package/src/validators/quotas.ts +217 -0
package/test/ai.test.ts +327 -0
package/test/api.test.ts +511 -0
package/test/auth.test.ts +632 -0
package/test/cache.test.ts +406 -0
package/test/cdn.test.ts +247 -0
package/test/compute.test.ts +861 -0
package/test/database.test.ts +523 -0
package/test/deployment.test.ts +499 -0
package/test/dns.test.ts +270 -0
package/test/email.test.ts +439 -0
package/test/filesystem.test.ts +382 -0
package/test/integration.test.ts +350 -0
package/test/messaging.test.ts +514 -0
package/test/monitoring.test.ts +634 -0
package/test/network.test.ts +425 -0
package/test/permissions.test.ts +488 -0
package/test/queue.test.ts +484 -0
package/test/registry.test.ts +306 -0
package/test/security.test.ts +462 -0
package/test/storage.test.ts +463 -0
package/test/template-validator.test.ts +559 -0
package/test/workflow.test.ts +592 -0
package/tsconfig.json +16 -0
package/tsconfig.tsbuildinfo +1 -0

package/src/database/database.test.ts ADDED Viewed

@@ -0,0 +1,762 @@
+import { describe, expect, it, beforeEach } from 'bun:test'
+import {
+  MigrationManager,
+  migrationManager,
+  ReplicaManager,
+  replicaManager,
+  PerformanceManager,
+  performanceManager,
+  DatabaseUserManager,
+  databaseUserManager,
+} from '.'
+describe('Migration Manager', () => {
+  let manager: MigrationManager
+  beforeEach(() => {
+    manager = new MigrationManager()
+  })
+  describe('Migration Creation', () => {
+    it('should create migration plan', () => {
+      const plan = manager.createPlan({
+        name: 'Initial Schema',
+        database: {
+          type: 'rds',
+          identifier: 'my-database',
+          engine: 'postgres',
+        },
+        migrations: [],
+        autoApply: false,
+      })
+      expect(plan.id).toContain('migration-plan')
+      expect(plan.name).toBe('Initial Schema')
+      expect(plan.database.type).toBe('rds')
+    })
+    it('should create schema migration', () => {
+      const migration = manager.createSchemaMigration({
+        version: '1.0.0',
+        name: 'Add user table',
+        tableName: 'users',
+        changes: [
+          {
+            type: 'add_column',
+            columnName: 'email',
+            columnType: 'VARCHAR(255)',
+            nullable: false,
+          },
+        ],
+      })
+      expect(migration.id).toContain('migration')
+      expect(migration.version).toBe('1.0.0')
+      expect(migration.up).toContain('ADD COLUMN')
+      expect(migration.down).toContain('DROP COLUMN')
+    })
+    it('should create data migration', () => {
+      const migration = manager.createDataMigration({
+        version: '1.0.1',
+        name: 'Seed initial data',
+        upSQL: "INSERT INTO users (name) VALUES ('Admin');",
+        downSQL: "DELETE FROM users WHERE name = 'Admin';",
+      })
+      expect(migration.version).toBe('1.0.1')
+      expect(migration.up).toContain('INSERT')
+      expect(migration.down).toContain('DELETE')
+    })
+  })
+  describe('Migration Execution', () => {
+    it('should execute migration plan in dry-run mode', async () => {
+      const plan = manager.createPlan({
+        name: 'Test Plan',
+        database: {
+          type: 'rds',
+          identifier: 'test-db',
+        },
+        migrations: [],
+      })
+      const migration = manager.createDataMigration({
+        version: '1.0.0',
+        name: 'Test migration',
+        upSQL: 'CREATE TABLE test (id INT);',
+        downSQL: 'DROP TABLE test;',
+      })
+      manager.addMigrationToPlan(plan.id, migration)
+      const result = await manager.executePlan(plan.id, true)
+      expect(result.success).toBe(true)
+      expect(result.appliedMigrations).toHaveLength(1)
+      expect(result.failedMigrations).toHaveLength(0)
+    })
+    it('should get migration status', () => {
+      const plan = manager.createPlan({
+        name: 'Test Plan',
+        database: { type: 'rds', identifier: 'test-db' },
+        migrations: [],
+      })
+      const status = manager.getMigrationStatus(plan.id)
+      expect(status.currentVersion).toBe('0.0.0')
+      expect(status.pendingMigrations).toHaveLength(0)
+      expect(status.appliedMigrations).toHaveLength(0)
+    })
+  })
+  describe('Migration Validation', () => {
+    it('should validate migration plan', () => {
+      const plan = manager.createPlan({
+        name: 'Test Plan',
+        database: { type: 'rds', identifier: 'test-db' },
+        migrations: [],
+      })
+      const migration = manager.createDataMigration({
+        version: '1.0.0',
+        name: 'Test',
+        upSQL: 'SELECT 1;',
+        downSQL: 'SELECT 0;',
+      })
+      manager.addMigrationToPlan(plan.id, migration)
+      const validation = manager.validatePlan(plan.id)
+      expect(validation.valid).toBe(true)
+      expect(validation.errors).toHaveLength(0)
+    })
+    it('should detect duplicate migration versions', () => {
+      const plan = manager.createPlan({
+        name: 'Test Plan',
+        database: { type: 'rds', identifier: 'test-db' },
+        migrations: [],
+      })
+      const migration1 = manager.createDataMigration({
+        version: '1.0.0',
+        name: 'First',
+        upSQL: 'SELECT 1;',
+        downSQL: '',
+      })
+      const migration2 = manager.createDataMigration({
+        version: '1.0.0',
+        name: 'Second',
+        upSQL: 'SELECT 2;',
+        downSQL: '',
+      })
+      manager.addMigrationToPlan(plan.id, migration1)
+      manager.addMigrationToPlan(plan.id, migration2)
+      const validation = manager.validatePlan(plan.id)
+      expect(validation.valid).toBe(false)
+      expect(validation.errors.some(e => e.includes('Duplicate'))).toBe(true)
+    })
+  })
+  it('should use global instance', () => {
+    expect(migrationManager).toBeInstanceOf(MigrationManager)
+  })
+})
+describe('Replica Manager', () => {
+  let manager: ReplicaManager
+  beforeEach(() => {
+    manager = new ReplicaManager()
+  })
+  describe('Replica Creation', () => {
+    it('should create read replica', () => {
+      const replica = manager.createRDSReplica({
+        sourceDatabase: 'primary-db',
+        name: 'replica-1',
+        region: 'us-east-1',
+        instanceClass: 'db.t3.medium',
+      })
+      expect(replica.id).toContain('replica')
+      expect(replica.name).toBe('replica-1')
+      expect(replica.sourceDatabase).toBe('primary-db')
+      expect(replica.status).toBe('creating')
+    })
+    it('should create cross-region replica', () => {
+      const replica = manager.createCrossRegionReplica({
+        sourceDatabase: 'primary-db',
+        name: 'replica-eu',
+        targetRegion: 'eu-west-1',
+      })
+      expect(replica.region).toBe('eu-west-1')
+      expect(replica.multiAZ).toBe(true)
+    })
+    it('should create replication group with auto-scaling', () => {
+      const group = manager.createAutoScalingReplicationGroup({
+        name: 'production-replicas',
+        primaryDatabase: 'primary-db',
+        minReplicas: 2,
+        maxReplicas: 5,
+        targetCPU: 70,
+      })
+      expect(group.id).toContain('replication-group')
+      expect(group.autoScaling?.enabled).toBe(true)
+      expect(group.autoScaling?.minReplicas).toBe(2)
+      expect(group.autoScaling?.maxReplicas).toBe(5)
+    })
+  })
+  describe('RDS Proxy', () => {
+    it('should create connection pool proxy', () => {
+      const proxy = manager.createConnectionPoolProxy({
+        name: 'app-proxy',
+        engineFamily: 'POSTGRESQL',
+        targetDatabase: 'my-database',
+        vpcSubnetIds: ['subnet-1', 'subnet-2'],
+        securityGroupIds: ['sg-1'],
+        secretArn: 'arn:aws:secretsmanager:us-east-1:123456789012:secret:db-creds',
+      })
+      expect(proxy.id).toContain('rds-proxy')
+      expect(proxy.name).toBe('app-proxy')
+      expect(proxy.engineFamily).toBe('POSTGRESQL')
+      expect(proxy.requireTLS).toBe(true)
+    })
+    it('should create serverless proxy with optimized settings', () => {
+      const proxy = manager.createServerlessProxy({
+        name: 'lambda-proxy',
+        engineFamily: 'MYSQL',
+        targetDatabase: 'serverless-db',
+        vpcSubnetIds: ['subnet-1'],
+        securityGroupIds: ['sg-1'],
+        secretArn: 'arn:aws:secretsmanager:us-east-1:123456789012:secret:db-creds',
+      })
+      expect(proxy.maxIdleConnectionsPercent).toBe(10)
+      expect(proxy.connectionBorrowTimeout).toBe(60)
+      expect(proxy.idleClientTimeout).toBe(300)
+    })
+  })
+  describe('Replica Operations', () => {
+    it('should promote replica to primary', () => {
+      const replica = manager.createRDSReplica({
+        sourceDatabase: 'primary-db',
+        name: 'replica-1',
+      })
+      replica.replicationLag = 100 // Low lag
+      const result = manager.promoteReplica(replica.id)
+      expect(result.success).toBe(true)
+      expect(result.message).toContain('successfully')
+    })
+    it('should fail promotion with high replication lag', () => {
+      const replica = manager.createRDSReplica({
+        sourceDatabase: 'primary-db',
+        name: 'replica-1',
+      })
+      replica.replicationLag = 10000 // High lag
+      const result = manager.promoteReplica(replica.id)
+      expect(result.success).toBe(false)
+      expect(result.message).toContain('lag too high')
+    })
+    it('should get replication lag', () => {
+      const replica = manager.createRDSReplica({
+        sourceDatabase: 'primary-db',
+        name: 'replica-1',
+      })
+      const lag = manager.getReplicationLag(replica.id)
+      expect(typeof lag).toBe('number')
+      expect(lag).toBeGreaterThanOrEqual(0)
+    })
+  })
+  describe('CloudFormation Generation', () => {
+    it('should generate replica CloudFormation', () => {
+      const replica = manager.createRDSReplica({
+        sourceDatabase: 'primary-db',
+        name: 'replica-1',
+      })
+      const cf = manager.generateReplicaCF(replica)
+      expect(cf.Type).toBe('AWS::RDS::DBInstance')
+      expect(cf.Properties.SourceDBInstanceIdentifier).toBe('primary-db')
+      expect(cf.Properties.DBInstanceIdentifier).toBe('replica-1')
+    })
+    it('should generate proxy CloudFormation', () => {
+      const proxy = manager.createConnectionPoolProxy({
+        name: 'test-proxy',
+        engineFamily: 'POSTGRESQL',
+        targetDatabase: 'test-db',
+        vpcSubnetIds: ['subnet-1'],
+        securityGroupIds: ['sg-1'],
+        secretArn: 'arn:aws:secretsmanager:us-east-1:123456789012:secret:db-creds',
+      })
+      const cf = manager.generateProxyCF(proxy)
+      expect(cf.Type).toBe('AWS::RDS::DBProxy')
+      expect(cf.Properties.DBProxyName).toBe('test-proxy')
+      expect(cf.Properties.EngineFamily).toBe('POSTGRESQL')
+    })
+  })
+  it('should use global instance', () => {
+    expect(replicaManager).toBeInstanceOf(ReplicaManager)
+  })
+})
+describe('Performance Manager', () => {
+  let manager: PerformanceManager
+  beforeEach(() => {
+    manager = new PerformanceManager()
+  })
+  describe('Performance Insights', () => {
+    it('should enable performance insights', () => {
+      const insights = manager.enablePerformanceInsights({
+        name: 'production-insights',
+        databaseIdentifier: 'prod-db',
+        retentionPeriod: 7,
+      })
+      expect(insights.id).toContain('pi-')
+      expect(insights.enabled).toBe(true)
+      expect(insights.retentionPeriod).toBe(7)
+    })
+    it('should enable performance insights with encryption', () => {
+      const insights = manager.enablePerformanceInsights({
+        name: 'encrypted-insights',
+        databaseIdentifier: 'prod-db',
+        kmsKeyId: 'arn:aws:kms:us-east-1:123456789012:key/12345',
+      })
+      expect(insights.kmsKeyId).toBe('arn:aws:kms:us-east-1:123456789012:key/12345')
+    })
+  })
+  describe('Slow Query Logging', () => {
+    it('should enable slow query log to CloudWatch', () => {
+      const log = manager.enableSlowQueryLog({
+        name: 'slow-queries',
+        databaseIdentifier: 'prod-db',
+        logDestination: 'cloudwatch',
+        cloudwatchLogGroup: '/aws/rds/slow-queries',
+        minExecutionTime: 2000,
+      })
+      expect(log.id).toContain('slow-query')
+      expect(log.logDestination).toBe('cloudwatch')
+      expect(log.minExecutionTime).toBe(2000)
+    })
+    it('should enable slow query log to S3', () => {
+      const log = manager.enableSlowQueryLog({
+        name: 'slow-queries-s3',
+        databaseIdentifier: 'prod-db',
+        logDestination: 's3',
+        s3Bucket: 'my-logs-bucket',
+      })
+      expect(log.logDestination).toBe('s3')
+      expect(log.s3Bucket).toBe('my-logs-bucket')
+      expect(log.s3Prefix).toBe('slow-queries/')
+    })
+  })
+  describe('Query Metrics', () => {
+    it('should record query metric', () => {
+      const metric = manager.recordQueryMetric({
+        queryId: 'SELECT_USERS',
+        sql: 'SELECT * FROM users WHERE active = true',
+        executionCount: 100,
+        avgExecutionTime: 25,
+        maxExecutionTime: 150,
+        minExecutionTime: 10,
+        totalCPUTime: 2500,
+        totalIOWait: 500,
+        totalLockWait: 100,
+        rowsExamined: 1000,
+        rowsReturned: 100,
+      })
+      expect(metric.id).toContain('metric')
+      expect(metric.avgExecutionTime).toBe(25)
+      expect(metric.executionCount).toBe(100)
+    })
+  })
+  describe('Performance Reports', () => {
+    it('should generate daily performance report', () => {
+      const report = manager.generatePerformanceReport({
+        name: 'Daily Report',
+        databaseIdentifier: 'prod-db',
+        reportType: 'daily',
+      })
+      expect(report.id).toContain('report')
+      expect(report.reportType).toBe('daily')
+      expect(report.metrics).toBeDefined()
+      expect(report.recommendations).toBeDefined()
+    })
+    it('should include performance metrics', () => {
+      const report = manager.generatePerformanceReport({
+        name: 'Test Report',
+        databaseIdentifier: 'test-db',
+        reportType: 'weekly',
+      })
+      expect(report.metrics.avgCPU).toBeGreaterThan(0)
+      expect(report.metrics.avgConnections).toBeGreaterThan(0)
+      expect(report.metrics.cacheHitRatio).toBeGreaterThan(0)
+    })
+    it('should generate recommendations based on metrics', () => {
+      // Add slow query
+      manager.recordQueryMetric({
+        queryId: 'SLOW_QUERY',
+        sql: 'SELECT * FROM large_table',
+        executionCount: 10,
+        avgExecutionTime: 5000,
+        maxExecutionTime: 10000,
+        minExecutionTime: 2000,
+        totalCPUTime: 50000,
+        totalIOWait: 10000,
+        totalLockWait: 1000,
+        rowsExamined: 1000000,
+        rowsReturned: 100,
+      })
+      const report = manager.generatePerformanceReport({
+        name: 'Test Report',
+        databaseIdentifier: 'test-db',
+        reportType: 'daily',
+      })
+      expect(report.recommendations.length).toBeGreaterThan(0)
+    })
+  })
+  describe('Query Analysis', () => {
+    it('should analyze query', () => {
+      const analysis = manager.analyzeQuery('SELECT * FROM users WHERE email = "test@example.com"')
+      expect(analysis.id).toBeDefined()
+      expect(analysis.sql).toContain('SELECT')
+      expect(analysis.executionPlan).toBeDefined()
+      expect(analysis.bottlenecks).toBeDefined()
+      expect(analysis.recommendations).toBeDefined()
+    })
+    it('should detect full table scan', () => {
+      const analysis = manager.analyzeQuery('SELECT * FROM users')
+      expect(analysis.bottlenecks.some(b => b.type === 'full_table_scan')).toBe(true)
+    })
+    it('should recommend index', () => {
+      const recommendation = manager.recommendIndex({
+        tableName: 'users',
+        columns: ['email', 'active'],
+        reason: 'Frequently queried together in WHERE clause',
+        estimatedImprovement: 75,
+      })
+      expect(recommendation.id).toContain('index-rec')
+      expect(recommendation.createSQL).toContain('CREATE INDEX')
+      expect(recommendation.estimatedImprovement).toBe(75)
+    })
+  })
+  describe('CloudFormation Generation', () => {
+    it('should generate performance insights-cloudFormation', () => {
+      const insights = manager.enablePerformanceInsights({
+        name: 'test-insights',
+        databaseIdentifier: 'test-db',
+      })
+      const cf = manager.generatePerformanceInsightsCF(insights)
+      expect(cf.EnablePerformanceInsights).toBe(true)
+      expect(cf.PerformanceInsightsRetentionPeriod).toBe(7)
+    })
+    it('should generate slow query alarm', () => {
+      const cf = manager.generateSlowQueryAlarmCF({
+        alarmName: 'HighSlowQueries',
+        logGroupName: '/aws/rds/slow-queries',
+        threshold: 10,
+      })
+      expect(cf.Type).toBe('AWS::CloudWatch::Alarm')
+      expect(cf.Properties.AlarmName).toBe('HighSlowQueries')
+      expect(cf.Properties.Threshold).toBe(10)
+    })
+  })
+  it('should use global instance', () => {
+    expect(performanceManager).toBeInstanceOf(PerformanceManager)
+  })
+})
+describe('Database User Manager', () => {
+  let manager: DatabaseUserManager
+  beforeEach(() => {
+    manager = new DatabaseUserManager()
+  })
+  describe('User Creation', () => {
+    it('should create read-only user', () => {
+      const user = manager.createReadOnlyUser({
+        username: 'readonly',
+        database: 'production',
+        passwordSecretArn: 'arn:aws:secretsmanager:us-east-1:123456789012:secret:readonly',
+      })
+      expect(user.id).toContain('db-user')
+      expect(user.username).toBe('readonly')
+      expect(user.privileges).toHaveLength(1)
+      expect(user.privileges[0].privileges).toContain('SELECT')
+      expect(user.rotationEnabled).toBe(true)
+    })
+    it('should create read-write user', () => {
+      const user = manager.createReadWriteUser({
+        username: 'appuser',
+        database: 'production',
+      })
+      expect(user.privileges[0].privileges).toContain('SELECT')
+      expect(user.privileges[0].privileges).toContain('INSERT')
+      expect(user.privileges[0].privileges).toContain('UPDATE')
+      expect(user.privileges[0].privileges).toContain('DELETE')
+    })
+    it('should create admin user', () => {
+      const user = manager.createAdminUser({
+        username: 'admin',
+        database: 'production',
+      })
+      expect(user.privileges[0].privileges).toContain('ALL')
+    })
+    it('should create application user with specific tables', () => {
+      const user = manager.createApplicationUser({
+        username: 'api',
+        database: 'production',
+        tables: [
+          { name: 'users', privileges: ['SELECT', 'INSERT', 'UPDATE'] },
+          { name: 'sessions', privileges: ['SELECT', 'INSERT', 'DELETE'] },
+        ],
+      })
+      expect(user.privileges).toHaveLength(2)
+      expect(user.privileges[0].table).toBe('users')
+      expect(user.privileges[1].table).toBe('sessions')
+    })
+  })
+  describe('Roles', () => {
+    it('should create user role', () => {
+      const role = manager.createRole({
+        name: 'Developer',
+        description: 'Developer access to test databases',
+        privileges: [
+          {
+            database: 'test',
+            privileges: ['SELECT', 'INSERT', 'UPDATE', 'DELETE'],
+          },
+        ],
+      })
+      expect(role.id).toContain('role')
+      expect(role.name).toBe('Developer')
+      expect(role.users).toHaveLength(0)
+    })
+    it('should assign user to role', () => {
+      const user = manager.createReadOnlyUser({
+        username: 'dev1',
+        database: 'test',
+      })
+      const role = manager.createRole({
+        name: 'Developer',
+        privileges: [
+          {
+            database: 'test',
+            privileges: ['INSERT', 'UPDATE'],
+          },
+        ],
+      })
+      manager.assignUserToRole(user.id, role.id)
+      expect(role.users).toContain(user.id)
+      // User should now have merged privileges
+      expect(user.privileges[0].privileges).toContain('SELECT')
+      expect(user.privileges[0].privileges).toContain('INSERT')
+    })
+  })
+  describe('Privilege Management', () => {
+    it('should grant privileges', () => {
+      const user = manager.createReadOnlyUser({
+        username: 'user1',
+        database: 'production',
+      })
+      const result = manager.grantPrivileges(user.id, [
+        {
+          database: 'production',
+          privileges: ['INSERT', 'UPDATE'],
+        },
+      ])
+      expect(result.success).toBe(true)
+      expect(user.privileges[0].privileges).toContain('INSERT')
+      expect(user.privileges[0].privileges).toContain('UPDATE')
+    })
+    it('should revoke privileges', () => {
+      const user = manager.createReadWriteUser({
+        username: 'user1',
+        database: 'production',
+      })
+      const result = manager.revokePrivileges(user.id, [
+        {
+          database: 'production',
+          privileges: ['DELETE'],
+        },
+      ])
+      expect(result.success).toBe(true)
+      expect(user.privileges[0].privileges).not.toContain('DELETE')
+    })
+  })
+  describe('Password Rotation', () => {
+    it('should rotate password', () => {
+      const user = manager.createReadOnlyUser({
+        username: 'user1',
+        database: 'production',
+      })
+      const result = manager.rotatePassword(user.id)
+      expect(result.success).toBe(true)
+      expect(result.newSecretArn).toContain('arn:aws:secretsmanager')
+      expect(user.lastRotated).toBeDefined()
+    })
+    it('should check if password rotation needed', () => {
+      const user = manager.createReadOnlyUser({
+        username: 'user1',
+        database: 'production',
+      })
+      user.lastRotated = new Date(Date.now() - 100 * 24 * 60 * 60 * 1000) // 100 days ago
+      const needsRotation = manager.needsPasswordRotation(user.id)
+      expect(needsRotation).toBe(true)
+    })
+  })
+  describe('Access Auditing', () => {
+    it('should audit access', () => {
+      const audit = manager.auditAccess({
+        username: 'user1',
+        action: 'LOGIN',
+        success: true,
+        ipAddress: '192.168.1.1',
+      })
+      expect(audit.id).toContain('audit')
+      expect(audit.username).toBe('user1')
+      expect(audit.action).toBe('LOGIN')
+    })
+    it('should get user access history', () => {
+      manager.auditAccess({ username: 'user1', action: 'LOGIN', success: true })
+      manager.auditAccess({ username: 'user1', action: 'QUERY', success: true })
+      const history = manager.getUserAccessHistory('user1')
+      expect(history).toHaveLength(2)
+    })
+    it('should get failed login attempts', () => {
+      manager.auditAccess({ username: 'user1', action: 'LOGIN', success: false })
+      manager.auditAccess({ username: 'user1', action: 'LOGIN', success: false })
+      manager.auditAccess({ username: 'user1', action: 'LOGIN', success: true })
+      const failedAttempts = manager.getFailedLoginAttempts('user1')
+      expect(failedAttempts).toHaveLength(2)
+    })
+  })
+  describe('SQL Generation', () => {
+    it('should generate PostgreSQL user creation SQL', () => {
+      const user = manager.createReadWriteUser({
+        username: 'testuser',
+        database: 'production',
+      })
+      const sql = manager.generateCreateUserSQL(user, 'postgres')
+      expect(sql).toContain('CREATE USER testuser')
+      expect(sql).toContain('GRANT')
+    })
+    it('should generate MySQL user creation SQL', () => {
+      const user = manager.createReadOnlyUser({
+        username: 'testuser',
+        database: 'production',
+      })
+      const sql = manager.generateCreateUserSQL(user, 'mysql')
+      expect(sql).toContain("CREATE USER 'testuser'")
+      expect(sql).toContain('GRANT')
+      expect(sql).toContain('FLUSH PRIVILEGES')
+    })
+  })
+  it('should use global instance', () => {
+    expect(databaseUserManager).toBeInstanceOf(DatabaseUserManager)
+  })
+})